BAR07-21 ERM

The 3 types of risks to consider in COSO ERM risk assessments.

1. Inherent risk. The risk in the absence of efforts to address it.
2. Target residual risk. The desired amount of risk after actions to address it.
3. Actual residual risk. The realized risk after taking actions to address it.