Consequence – outcome of an event affecting objectives.
An event can lead to a range of consequences.
A consequence can be certain or uncertain and in the context of information security is usually negative.
Consequences can be expressed qualitatively or quantitatively.
Initial consequences can escalate through knock-on effects.
ISO 27000 2.14