Definition Edit

Acceptable risk is

[t]he risk level that an individual or group considers reasonable for the perceived benefit of an activity.[1]
[the] level of risk at which, given costs and benefits associated with reduction measures, no action is deemed to be warranted at a given point in time.[2]

References Edit

  1. IT Security Essential Body of Knowledge (EBK): A Competency and Functional Framework, App. B, Glossary.
  2. DHS Lexicon Terms and Definitions, at 5.

See also Edit