The risk assessment report
The risk assessment report / security assessment report results provide decision makers (system owners & authorization officers) with some idea of the risks that will be imposed upon the organization, asset, individuals in the organization, associates of the organization and in some cases the Nation.
“The process of identifying risks to agency operations (including mission, functions, image, or reputation), agency assets, or individuals by determining the probability of occurrence, the resulting impact, and additional security controls that would mitigate this impact.” — NIST SP 800-18. Form more see NIST SP 800-30, Guide for Conducting Risk Assessments.