Threat sources are the other risk factors that must be taken into consideration when analysing risk. A threat source is characterized as: (i) the intent and method targeted at the exploitation of a vulnerability; or (ii) a situation and method that may accidentally exploit a vulnerability.
Some examples of threat sources are: an individual, an organization, a customer, hack activist, a user, a privileged user/administrator, failure of a storage device, failure of a temperature control, failure of an operating system, fire. Keep in mind that the list of threat sources is quite large.