Risk Analysis
Risk Perception Knowledge
The basic idea of the approach is to identify the main factors that influence the perception of hazards and risks. Research shows that for many types of hazards, the higher the perceived benefit, the lower the perceived risk, and vice versa. More knowledge about a hazard may influence the risk perception strongly. Trust and affect are important factors to explain risk perception. Risk Perception covers: the risk concept, description of risk, risk assessment, risk management
cautionary principle
The cautionary principle is a principle that says that if the consequences of an activity could be serious and subject to uncertainties, then cautionary measures should be taken, or the activity should not be carried out. Protection is supported by the cautionary and precautionary principles and related measures that can improve the robustness and resilience of relevant systems.
vulnerability
The consequences C of the activity and associated uncertainties U, given an event A (risk source) (C,U|A)
Risk (Definition) 2 - The risk concept
The consequences of the activity and associated uncertainties (A,C,U) we often use the notation (A,C,U), where A refers to an event (or a set of events) and C then refers to the consequences or effects given that A has occurred
Cost-benefit analysis, Cost-effectiveness analysis, Multi-Attribute Analysis
All of these approaches and methods are to be seen as decision support tools, not prescriptions for actions. A management review and judgment is always needed.
The difference between applied risk analysis and generic risk analysis
1.Applied Risk Analysis: Specific and tailored to a particular activity, project, or issue. Addresses risks associated with real-world, practical situations. Aims to provide insights and solutions for specific, practical challenges. 2. Generic Risk Analysis: Broad and general, applicable across various contexts or industries. Deals with common risk principles and concepts that are not tied to a specific application. Establishes foundational understanding of risk management principles.
Black Swan
A black swan is a surprising extreme event relative to one's knowledge. The Black swan metaphor improves risk analysis by putting more focus on the knowledge supporting the risk description. A key point is that the knowledge could be wrong.
ALARP (As Low As Reasonably Practicable)
ALARP (As Low As Reasonably Practicable) means that safety measures should generally be implemented. Only if it's proven that the costs significantly outweigh the benefits can one consider not implementing them. The ALARP principle prioritizes protection and safety, advocating for measures that enhance them
Different modes of thinking: System 1 and System 2
Affect and other heuristics are examples of what is referred to in risk perception research as System 1 thinking. It operates automatically and quickly, instinctively and emotionally, in contrast to System 2, which is slower, more logical and more deliberative. Risk perception is often strongly influenced by System 1, whereas professional risk judgments are based on System 2 thinking.
Event tree analysis
Assess possible outcomes, with associated probabilities, given an initiating fire
Fault tree analysis
Assess the probability of failure in a safety barrier, e.g. a sprinkler system
Risk Matrices
Based on expected values- does not reflect the potential for extreme outcomes
Difference between precautionary principles and cautionary principles
Cautionary Principle suggests avoiding actions when risks are uncertain while Precautionary Principle recommends taking preventive measures to address potential harm, even without complete scientific certainty.
Cost-benefit analysis
Cost-benefit analysis calculates the expected net value of a project by comparing all its benefits and costs, usually in terms of money. If the result is positive, it means the project is recommended. A cost-benefit analysis computes E[NPV]. If this value is positive, the project is recommended
Cost-effectiveness analysis
Cost-effectiveness analysis helps assess how effective a measure is, like a safety improvement or a business investment. It calculates the expected cost of the measure divided by the expected gains it brings. Cost-effectiveness analysis evaluates the ratio E[cost]/E[benefits]
Decision analysis
Decision analysis covers the following basic elements: 1) identify the problem and develop goals; 2) generate decision alternatives, assess these using a decision analysis method and rank the decision alternatives; and 3) perform a management review and judgment and make a decision. There are different decision analysis methods: multi-attribute analysis, cost-effectiveness analysis, cost-benefit analysis and expected utility theory.
PLL (Potential Loss of lives)
Defined as the expected number of fatalities in a period of one year. It has limitations in the way risk is reflected. Hence, it should not be used as a sole criterion for accepting the risk. There could be large deviations from the expected value
Frequentist probability Pf(A)
Frequentist probability represents the fraction of time the event considered occurs if the situation can be repeated under similar conditions infinitely. In writing, we refer in general to a frequentist probability as Pf and its estimate as (Pf)*. P* is the analyst's best estimate of p, and as such, is not a measure of the analyst's uncertainty Application: Classical probability and statistical methods often follow a frequentist approach, emphasizing the observed frequencies in data
Generic risk analysis
Generic risk analysis covers generic concepts, principles, approaches, methods and models for understanding, assessing, characterizing, communicating, managing and governing risk. Research aiming at improving the way we should describe uncertainties in risk assessments is an example of generic risk knowledge generation
Multi-Attribute Analysis
In a multi-attribute analysis, the consequences of different decision options are shown separately for various factors. The decision-maker then needs to consider and balance these different factors
Main risk handling strategies and policies
In practice, the three major strategies, 1) risk-informed, using risk assessments; 2) cautionary/precautionary; and 3) discursive strategies for handling risk, are combined; the appropriate strategy is a mixture of these three main strategies
Knowledge-based probability (Subjective) P(A)
Knowledge-based (subjective) probabilities express uncertainties Knowledge-based probability expressing the analyst's degree of belief. Supplemented with strength of knowledge considerations, such probabilities can convey insights about risk even when data is scarce P(A): the assigner has the same uncertainty and degree of belief for the event A to occur as randomly selecting a red ball out of an urn containing P(A) · 100 % red balls Application: Bayesian probability is a common framework for knowledge-based probability, incorporating prior beliefs and updating them as new evidence becomes available
Biases and Heuristic
People often rely on mental shortcuts, called heuristics, like availability and representativeness, when assessing risks. However, these shortcuts can sometimes lead to inaccurate judgments and a limited understanding of risk. When estimating probabilities, individuals tend to use simple cognitive techniques, or heuristics, which can unintentionally place excessive emphasis on certain factors.
Risk Assessment process
Planning --> Risk Analysis --> Risk Evaluation
Purpose of Management Review and Judgment in Risk Analysis
The goal of management review and judgment is to tackle the shortcomings of risk analysis. This involves looking at factors like scope, assumptions, and perspectives not covered. Decision makers need to think about these factors, along with their own knowledge, to spot potential unexpected events (black swans).
Probability
Probability is used to reflect uncertainty, imprecision and variation
Risk Assessment
Risk Assessment = Risk Analysis + Risk Evaluation Systematic process to understand the risk sources, threats, hazards, and opportunities. The assessments can help us identify what might go wrong (or what can give positive outcomes), why and how; what the consequences are and how bad (good) they are. Risk assessment informs decision-makers. There is a leap between risk assessment and decision-making. It is referred to as the management review and judgment
The Risk Analysis
Risk analysis involves several key steps: 1. Identifying Events: Recognizing potential events like risks, threats, hazards, or opportunities (A'). 2. Cause Analysis: Examining how these events might happen. 3. Consequence Analysis: Studying the effects (C') of these events. 4.Characterizing the Risk: Describing the risk comprehensively (A',C',Q,K). Summarizing the identified events, their consequences, the level of uncertainty (Q), and the knowledge base (K). 5. Studying Alternatives and Measures: Exploring different options or actions to modify the identified risks. There are different types of risk analysis, including descriptive, causal, predictive, prescriptive and learning.
Risk Communication
Risk communication covers exchange or sharing of risk-related data, information and knowledge between and among different target groups such as analysts, experts, decision-makers, regulators, consumers, media and the general public. The main goal of risk communication is improving the understanding of the risks in order to make appropriate judgments and decisions
Risk Description (C',Q,K) and (A',C',Q,K)
Risk is typically expressed as (C', Q, K) and (A', C', Q, K), where A' represents specific events, C' refers to specified consequences, Q is a measure or description of uncertainties, and K is the knowledge supporting Q and (A', C'). The measurement or description of uncertainties, Q, is often represented as (P, SoK), where SoK represents judgments about the strength of the knowledge supporting the probabilities P.
Risk Management
Risk management refers to all activities used to address risk, such as avoiding, reducing, sharing and accepting risk. Risk management is to a large extent about finding the proper balance between development and protection. Protection is supported by the cautionary and precautionary principles and related measures that can improve the robustness and resilience of relevant systems Development, on the other hand, is promoted by cost-benefit type of analysis, as these tools are expected to be value based and, hence, give little weight to uncertainties and risks.
Risk Mitigation
Risk mitigation refers to the reduction of vulnerability given an event A
The Difference Between Professional Risk Judgments and Risk Perception
Risk perception refers to an individual's personal assessment of risk, considering social, cultural, and psychological factors. Unlike risk perception, professional judgments about risk should exclude emotions or feelings and not draw conclusions about the acceptability or unacceptability of risk
Risk Perception
Risk perception refers to an individual's personal evaluation of risk, considering social, cultural, and psychological factors such as emotions, trust, and acceptability. People's risk perception is influenced by factors like fear and dread, as well as their own judgments of uncertainties and risks that may not align with professional assessments
Risk prevention
Risk prevention is about reducing the risk contribution as defined by (A,U), for example, by eliminating some events A' or reducing probabilities P(A') for some identified events A'.
Risk Science
Risk science is the field that gives us the most reliable and justified information on a particular subject. It covers fundamental concepts, risk assessment, risk perception and communication, as well as risk management and governance. It provides the latest and most credible knowledge on these aspects. A distinction is made between generic, fundamental risk analysis (B) and applied risk analysis (A)
Risk Informed strategies
Risk-informed strategies involve identifying possible events, evaluating the uncertainties, making judgments about the strength of knowledge, and considering unexpected events (black swans). All of this is done to provide decision-makers with valuable insights into the associated risks
Risk (Definition)- The risk concept
The potential for undesirable consequences of the activity. (C,U). We denote by C the actual consequences of the activity and U the associated uncertainties. Simplified, we write risk as (C,U).
Precautionary Principle
The precautionary principle is an approach to decision-making that recommends taking preventive action when faced with uncertain risks. Protection is supported by the cautionary and precautionary principles and related measures that can improve the robustness and resilience of relevant systems.
Risk Evaluation
The risk evaluation part makes judgments about the significance of the risk
Applied risk analysis
The use of methods, models and approaches for risk understanding, characterization, assessment, perception, communication management and governance for specific activities. Applied risk analysis helps us understand and communicate risks tied to specific activities or issues.
Value of statistical life
The value of a statistical life is defined as the maximum value the decision-maker is willing to pay to reduce the expected number of fatalities by 1
Types of Risk Assessments
There are different ways to categorize risk assessments. One common classification includes: Quantitative Risk Assessment: Uses probabilities and expected values to quantify risk. Qualitative Risk Assessment: Describes risk without using numbers; it's more about qualities than quantities. Semi-Quantitative Risk Assessment: Combines quantitative elements with qualitative judgments for a balanced assessment. Note: A full risk characterization (A',C',Q,K) is considered semi-quantitative or qualitative by definition. Another way to classify risk assessment is by: Data-Driven Risk Assessment Methods: Rely on available data for risk analysis. Model-Based Methods: Leverage models to assess and understand risks
The main benefits of differentiation between Risk Description and Risk Concept
This allows for different descriptions of risk to be used depending on the situation at hand. It also stimulate discussion and reflections what is a good description of risk
Discursive Strategy
This strategy involves open discussion and dialogue about risks. It emphasizes communication, debate, and considering diverse perspectives to collectively address and manage risks
Difference between Vulnerability and resilience
Vulnerability and resilience are not the same. Vulnerability, represented by (C,U|A), is a broader concept. Resilience - how fast a system recovers - is an aspect of the vulnerability concept.
Expected values
a center of gravity of the probabilities Does not reflect the potential for extreme outcomes Does not reflect the strength of the supporting knowledge
Resilience
system's ability to sustain and restore its functionality given some disruption, threat, hazard and/or opportunity
Reliability
the ability of the system to work as intended
