Measure of risk that errors exceeding a tolerable amount will not be prevented or detected by an entity's internal controls.