The Answer: Risk: The potential for harm or loss to an information system or network; the probability that a threat will materialize. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Pages 16, 32.