‘Residual Risk’

The residual risk is the risk or danger of an action or an event, a method or a (technical) process that, although being abreast with science, still conceives these dangers, even if all theoretically possible safety measures would be applied (scientifically conceivable measures); in other words, the amount of risk left over after natural or inherent risks have been reduced by risk controls. One approach to scoring residual risk is to apply subjective judgement without applying any mathematical relationship between the inherent risk and the level of control effectiveness. A second method is to apply a mathematical approach.

The general formula to calculate residual risk is

{\displaystyle {\text{residual risk}}=({\text{inherent risk}})-({\text{impact of risk controls}})}{\displaystyle {\text{residual risk}}=({\text{inherent risk}})-({\text{impact of risk controls}})}
where the general concept of risk is (threats × vulnerability) or, alternatively, (severity × probability).

Leave a Reply

Your email address will not be published.