The risk that remains after controls and mitigations have been applied — as opposed to inherent risk, which is the risk before any mitigation.
Risk assessments typically score a risk twice: inherent risk (how bad it would be with no controls at all) and residual risk (how bad it still is after your actual controls are accounted for). Residual risk is what risk registers track and prioritize, since it reflects the real exposure your organization carries today.
Looking for another term or the full list?