Risk is the possibility of something bad happening, comprising a level of uncertainty about the effects and implications of an activity, particularly negative and undesirable consequences.

Risk theory, assessment, and management are applied but substantially differ in different practice areas, such as business, economics, environment, finance, information technology, health, insurance, safety, security, and privacy. The international standard for risk management, ISO 31000, provides general guidelines and principles on managing risks faced by organizations.

The Oxford English Dictionary (OED) cites the earliest use of the word in English (in the spelling of risque from its French original, 'risque') as of 1621, and the spelling as risk from 1655. While including several other definitions, the OED 3rd edition defines risk as "(Exposure to) the possibility of loss, injury, or other adverse or unwelcome circumstance; a chance or situation involving such a possibility". The Cambridge Advanced Learner's Dictionary defines risk as "the possibility of something bad happening". Some have argued that the definition of risk is subjective and context-specific. The International Organization for Standardization (ISO) 31073 defines risk as:

effect of uncertainty on objectives

Note 1: An effect is a deviation from the expected. It can be positive, negative or both, and can address, create or result in opportunities and threats.

Note 2: Objectives can have different aspects and categories, and can be applied at different levels.

Note 3: Risk is usually expressed in terms of risk sources, potential events, their consequences and their likelihood.

Other general definitions include: