inherent risk [English]

Other Languages

Syndetic Relationships

InterPARES Definition

n. ~ A level of risk that exists before factoring in efforts to reduce its likelihood and impact through risk mitigation.


  • Information Security Handbook 2009. (†485 ): The risk that an activity would pose if no controls or other mitigating factors were in place (the gross risk or risk before controls). . . Inherent Risk = Cost × Threat (†735)
  • ISACA Glossary (†743 s.v. inherent risk): The risk level or exposure without taking into account the actions that management has taken or might take (e.g., implementing controls). (†1782)
  • Wikipedia (†387 s.v. inherent risk): Measures the auditor's assessment of the likelihood that there are material misstatements due to error or fraud in segment before considering the effectiveness of internal control. If the auditor concludes that a high likelihood exist, the auditor will conclude that inherent risk is high. (†1233)