The Difference: Inherent Risk vs. Residual Risk (Quick Explanation)

The Difference: Inherent Risk vs. Residual Risk (Quick Explanation)

Edward Kost
Edward Kost
updated Sep 10, 2021

What’s the Difference Between Inherent Risk and Residual Risk?

Inherent risks include all risks that are present without any security controls. Residual risks are the risks that remain after security controls are implemented.

inherent risk vs. residual risk

Residual risks are inevitable. Even with an abundance of security controls, vestiges of residual risks will remain that could expose your sensitive data to cyber attacks. This is because the proliferation of digital transformation expands the digital landscape, creating more attack vectors.

Ironically, sometimes security controls introduce additional residual risks, known as secondary risks.

Because residual risks are inexorable, their effective management involves the pursuit of the optimal balance between acceptable and unacceptable risks. 

risk appetite

The lower boundary of the Impact vs. Frequency curve is known as the risk appetite. Risk appetite is the maximum level of acceptable risk before mitigation efforts are implemented. 

This curve should, ideally, be as depressed as possible, to widen the reach between cybercriminals and sensitive resources.

Learn more about residual risks.

Learn more about inherent risks.

Mitigate Residual Risks with UpGuard

UpGuard monitors both the internal and third-party attack surface to minimize the residual risks exposing sensitive data.

UpGuard also supports compliance across a myriad of security frameworks, including the new requirements set by Biden's Cybersecurity Executive Order.

Test the resilience of your website, CLICK HERE for your FREE security score now!


UpGuard logo in white
UpGuard free resources available for download
Learn more

Download our free ebooks and whitepapers

Insights on cybersecurity and vendor risk management.
UpGuard logo in white
eBooks, Reports & Whitepapers
UpGuard free resources available for download
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.
Abstract shapeAbstract shape

Related posts

Learn more about the latest issues in cybersecurity.
Deliver icon

Sign up to our newsletter

Get the latest curated cybersecurity news, breaches, events and updates in your inbox every week.
Abstract shapeAbstract shape
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan ratingAbstract shape