What is the term for the severity of an uncontrolled risk?

Inherent risk refers to the level of risk that exists in the absence of any controls or mitigations. It indicates the severity of risk factors that are naturally present in a given situation or environment before any actions are taken to manage or mitigate them. Essentially, inherent risk assesses the potential impact of risks if no risk management strategies are implemented.

This term is especially relevant in risk management as it helps organizations identify the baseline level of risk they face. By understanding inherent risks, organizations can develop strategies to either accept, mitigate, or transfer these risks effectively. It highlights the need for a proactive approach to addressing risks before they can lead to adverse outcomes.

Other terms like residual risk, accepted risk, and managed risk pertain to different aspects of the risk management process, focusing primarily on the risks that remain after mitigation efforts or the risks that an organization decides to accept. However, inherent risk specifically captures the initial severity and likelihood of risks that have not yet been addressed.