- RT: risk
n. ~ Adverse effects, damages, or injuries.
- NIST 2010 (†710 p. 3-1): Harm means any adverse effects that would be experienced by an individual whose PII was the subject of a loss of confidentiality, as well as any adverse effects experienced by the organization that maintains the PII. Harm to an individual includes any negative or unwanted effects (i.e., that may be socially, physically, or financially damaging). Examples of types of harm to individuals include, but are not limited to, the potential for blackmail, identity theft, physical harm, discrimination, or emotional distress. Organizations may also experience harm as a result of a loss of confidentiality of PII maintained by the organization, including but not limited to administrative burden, financial losses, loss of public reputation and public confidence, and legal liability. (†1627)
- NIST 2013 (†734 p. F-10): Harm includes potential adverse impacts to organizational operations and assets, individuals, other organizations, or the Nation. (†1837)