What is Risk Tolerance?

Press ESC to close or Enter to search

Live Security Feed

Your IPDetecting...

NCSCUK organisations urged to strengthen cyber defences ALERTPhishing attacks targeting Microsoft 365 users on the rise CISACritical vulnerabilities identified in popular software NEWSRansomware groups increasingly targeting SME businesses NCSCNew guidance released for securing remote workers ALERTBusiness email compromise attacks cost UK firms millions CISAZero-day exploits require immediate patching attention NEWSAI-powered threats becoming more sophisticated in 2025 NCSCUK organisations urged to strengthen cyber defences ALERTPhishing attacks targeting Microsoft 365 users on the rise CISACritical vulnerabilities identified in popular software NEWSRansomware groups increasingly targeting SME businesses NCSCNew guidance released for securing remote workers ALERTBusiness email compromise attacks cost UK firms millions CISAZero-day exploits require immediate patching attention NEWSAI-powered threats becoming more sophisticated in 2025

View Dashboard

Risk Tolerance

GRC

The acceptable variation from risk appetite—the boundaries of acceptable risk.

Risk tolerance defines the acceptable boundaries around risk appetite—how much deviation from target risk levels is acceptable before action is required. While risk appetite is the overall level of risk an organisation seeks, tolerance is the acceptable range. Tolerance might be expressed as thresholds (escalate risks above X), triggers (review if probability exceeds Y%), or qualitative boundaries. Tolerance helps operationalise risk appetite into actionable guidance.

Why It Matters

The DSC Perspective:

Risk tolerance turns appetite into practical guidance. Clear tolerances enable consistent escalation and treatment decisions across the organisation.

Risk Tolerance

Why It Matters

Related Terms