Risk appetite and risk tolerance

Do you know the difference between risk appetite and risk tolerance? They are often used interchangeably, but they are not the same thing.

In this video, Tom Callaghan defines risk appetite and risk tolerance. Risk appetite is a business decision that is part of a business strategy and an organisation's business objectives. This is most useful as a financial measurement; and the CFO is the person best-equipped to define an organisation's risk appetite. You will see how the CRQ helps defining the risk appetite.

Chapters:

00:00 Introduction

00:30 Definition of risk appetite

01:03 Definition of risk tolerance

01:40 Financial measurement of risk appetite

02:08 The role of the CFO

02:50 What the risk appetite it is useful for?

03:40 Conclusion

‍

On the same topic:

Read our use case: Choose an Efficient Risk Reduction Strategy

‍

Follow Us:

If you would like to read more on cybersecurity risk analysis, visit our blog.

If you liked this video and would like to see more, subscribe to our channel.

Follow us on LinkedIn.

Related videos

C-Risk video - Reducinng the cost of cyber incidents

Reducing the cost of cyber incidents using risk quantification and loss chains

Understand how to reduce the cost of cyber incidents using risk quantification (CRQ) and the loss chain concept.

C-Risk youtube video - risk scenario scoping

Risk Scenario Scoping

Understand what a risk scenario is and how to build a measurable risk scenario thanks to the FAIR Standard risk definition.

C-Risk Youtube video - Value Chains to identify Cyber Scenario

Using Value Chains to Identify Cyber Scenarios and Digital Assets

Understand how C-Risk develops generic value chain models for each industry and then uses these value chains to help define an organization's risk scenarios.