In information security, risk factor is a collective name for circumstances affecting the likelihood or impact of a security risk.