Risk is defined as activity of threats finding weakness and methods and obtaining access to destroy assets.
It is defined as a gap or weakness in security system that can be helpful to find threats and gain access to unintended people. It can be used by cyber hackers to get access for content in a system of an organization even though they are not authorized to do so.
Threats can be anything which is present within the system or exterior, whether happens coincidentally or in an accident manner and may destroy organization security.
Access control and its relation to the above defined factors:-