Answer Description

Residual risk is the risk that remains after security controls have been implemented. There will always be leftover risk unless the risk is completely avoided.

Wikipedia

The residual risk is the amount of risk or danger associated with an action or event remaining after natural or inherent risks have been reduced by risk controls.The general formula to calculate residual risk is residual risk = ( inherent risk ) − ( impact of risk controls ) {\displaystyle {\text{residual risk}}=({\text{inherent risk}})-({\text{impact of risk controls}})} where the general concept of risk is (threats × vulnerability) or, alternatively, (severity × probability). An example of residual risk is given by the use of automotive seat-belts. Installation and use of seat-belts reduces the overall severity and probability of injury in an automotive accident; however, probability of injury remains when in use, that is, a remainder of residual risk. In the economic context, residual means “the quantity left over at the end of a process; a remainder”In the property rights