Back in the time when businesses were predominantly “local” and to a large extent insulated from each others operations, it really didn’t matter very much how we defined the Business Impact of Information Risks, for we knew what we meant in each business and we didn’t have much need to share that meaning with others.  Collaboration and the business need for it back then was not a significant imperative for most businesses in a global or even national context, and certainly was not a requirement at the frequency and set-up speed that collaborations are demanded today. Today, parties in a collaboration need more clarity over the controls that apply in their relationship.  With the increased importance of collaboration, it is becoming more important to be able to share the implications of a risk in terms of the potential business impact.  We need to do so in a manner that is universally understood.  This paper recognises that there is no such commonly agreed scale available to communicate with sufficient granularity the impact of information risk on businesses