IT-related risk

IT-related risk is "the net mission/business impact considering

trigger, a particular information system vulnerability, and
 * 1) the likelihood that a particular threat source will exploit, or
 * 1) the resulting impact if this should occur. IT-related risks arise from legal liability or mission/business loss due to, but not limited to:
 * Unauthorized (malicious, non-malicious, or accidental) disclosure, modification, or destruction of information.
 * Non-malicious errors and omissions.
 * IT disruptions due to natural or man-made disasters.
 * Failure to exercise due care and diligence in the implementation and operation of the IT.