Explain IT Risks

IT risk management is the application of the principles of risk management to an Information Technology organization in order to manage the risks associated with the field also aims to manage the risks that come with the ownership, involvement, operation, influence, adoption and use of IT as part of a larger enterprise.

Others, IT risk management is a component of a larger enterprise risk management system. This encompasses not only the risks and negative effects of service and operations that can degrade organizational value, but it also takes the potential benefits of risky ventures into account.

IT risk management is a process done by IT managers to allow them to balance economic and operational costs related to using protective measures to achieve nominal gains in capability brought about by protecting the data and information systems that support an organization’s operations.

Source : http://www.bobsguide.com

 Information security means protecting information and information system from an authorized access, use disclosure, disruption, modification, or destruction. (through implemetation of ISMS example implementation of controls as policies and procedures. Also the CIA aspect confidentiality, integrity, and availability).
A threat is any circumstance or event with the potential to harm an information system through unauthorized access, destruction, disclosure, modification of data, and/or denial of service. Threats can be natural, human, deliberate or accidental.