RA - Risk Assessment (Level 2)

In CMMC 2.0 the l2_ra entry defines the Level 2 risk-assessment practice, requiring organizations to perform formal assessments of threats, vulnerabilities and potential impacts, determine residual risk, and use the results to guide security planning and mitigation.