# Risk in Information Systems (IS)

## What is risk?

The possibility of having **negative** impact.

## Why do we take risk?

Thinking of having **positive** impact.

## Elements of risk

### Threats

Types of threats are:

* Natural disaster
* Man-made threats
  * Internal
  * External

{% hint style="info" %}
Internal threats have the possibility of being of higher impact to the organization.
{% endhint %}

* Technical

### Impact

Measure of damage.

Quality measures can be:

1. Negligible
2. Minor
3. Moderate
4. Serious
5. Major

### Probabilities

Likelihood of having risk:

1. Very unlikely
2. Unlikely
3. Possible
4. Likely
5. Probable