| Risk Category | Risk Description |
| Legal | Potential for loss due to violations of, or non-conformance with laws, regulations, rules, or prescribed practices. |
| Operational | Potential for loss due to significant deficiencies in process or system confidentiality, integrity, or availability. |
| Financial | Potential for financial loss due to significant deficiencies in process or system reliability or integrity. |
| Reputation | Risk that results from actions that create a lasting negative public image of the agency’s operations. |