Describe the overall level of risk
(e.g., very low, low, moderate, high, or very high) to the system, considering all
individual
risks, mitigating factors, environment, architecture, system's security categorization,
historical evidence, etc.
Source: CNSSI-1254 appendix C RAR Data elements #20, NIST SP 800-30