Risiko COPY COPY Flashcards
What is risk?
Risk = combination of consequences and associated uncertainties
What are the risk concept and its denotation
(C, U) = Consequences with respect to something of value
OR
(A, C, U) = Consequences with respect to something of value, given the event A
What is the general risk description and what is Risk described by?
Risk description = (A’, C’, P, SoK, K)
Risk is described by = (C’, Q, K) and (A’ C’, Q, K)
What do the different variables mean?
A’ = Specified events
C’ = Specified consequences
Q = Uncertainty measure describing uncertainties related to A’ and C’. Commonly represented by (P, Sok).
P = Probability
SoK = Strength of knowledge
K = Knowledge that Q and (A’, C’) are based on.
Describe some common risk metrics
E[C’] = Expected value
Ef[C] = Average value of return if one runs a project an infinite (or large) amount of times.
VaR = Value at Risk
PLL = Potential loss of lives in a period of one year
FAR = Fatal accident rate. Expected number of fatalities per 100 million exposed hours.
What are the formulas for PLL and FAR?
PLL = n * IR
n = number of equally exposed individuals
IR = probability that a specific person is killed in a year
FAR = Fatalities pr. exposed hour * 100 million
OR
FAR = (PLL / Number of exposed hours) * 100 million
Define a frequentist probability
Pf(A) = Number of times A would occur when repeating situations over and over nearing infinite.
Define subjective/knowledge-based probability
A probability expresses a person’s uncertainty or degree of belief that an event will occur. The person compares the uncertainty or belief related to event A.
What is a crucial assumption related to the underlying value in frequentist probabilities?
The value needs to be estimated as the underlying true value is generally not known.
Define Resilience
The ability of a system to sustain or restore its basic functionality following an event (risk source).
Define Vulnerability
Vulnerability is essentially risk conditioned on the occurrence of an event A.
What is the description of vulnerability?
Vulnerability = (C, U|A)
What is the connection between Resilience and Vulnerability?
Resilience reflect an aspect of vulnerability by focusing on the systems ability to recover after an event A.
Define Reliability
A system’s ability to work as intended
In what way is safety the antonym of risk?
High safety = Low Risk
Low Safety = High Risk
What does the term “Safe and secure” mean in practice?
The term “Safe and Secure” means that the risk is acceptable/tolerable
What is a Risk matrix? And, what are some of its common limitations?
Risk matrix:
Matrix that illustrates risk by different events, using the probability of the event ( P(A’) ), and conditional expected value ( E[C’|A] ).
Limitations:
*Does not reflect the spectre of consequences and lacks considerations of the SoK
*Often, are events poorly plotted and not well defined
*Colour schemes should generally be avoided as they are potentially misleading
*Consequences of an event are not properly represented by one point in the matrix.
*Two events could have same location in matrix, but have vastly different supporting knowledge and consequences.
What is a Risk assessment?
Methods and approaches for improving our understanding of risks and supporting decision-makers.
What is the benefit of a risk assessment?
Risk assessments can help identify what may go wrong, why and how, what are the consequences and how bad are they.
What are the different stages in a Risk assessment?
- Planning - Establishing context
- Risk analysis & Risk Evaluation
- Utilization of risk assessment
Explain what the term “management review and judgement” (MRJ) is
MRJ is the process between a risk assessment and consequent decision-making.
The MRJ process considers the limitations of the risk assessment. One summarises, interprets and deliberate the risk assessment results such that the results are prepared for decision makers.
What is a model-based risk assessment? What is their purpose?
Model-based risk assessments are used to understand how a given system functions.
They aim to increase risk understanding by allowing us to change input quantities and measure the effect of risk-reducing measures.
List the different examples of model based risk assessments
- Event trees - Assess possible outcomes, associated probabilities
- Fault trees - Assess the probability of failure in a safety barrier.
- Block diagram
- SWIFT - Identify the events leading up to a later event
- FMEA - Identify and rank failure modes for a system
What are the basic symbols in a fault tree, and what is their meaning?
Circle - Basic event - Event at the lowest level in the model
Bowed square - And gate - The output event (above) occurs if all outputs (below) occur.
Bowed Triangle - Or gate - The output event (above) occurs if at least one of the input events (below) occurs.
Triangle - Transfer symbol - Used when the same branch occurs at several places in the tree, and when the tree must be drawn on several pages.
Rectangle - Description of event/state - Placed above gates and basic events.
What is the connection between a fault tree and a block diagram in terms of reliability and unreliability?
Fault tree perspective: What does it take for the system to fail (Top event to occur?)
Reliability block perspective:
Unreliability - What does it take for the system to fail? (Cannot move from left point to right point)
Reliability - What does it take for the system to work (Get from left point to right point)
What is the denotation used for the reliability and unreliability of a component?
pi = Probability of a component i working (reliability of component i)
qi = Probability of a component i not working (the unreliability of component i)
What is the purpose of a event tree analysis?
Event tree analyses are used to study the consequences of initiating events.
Can be used qualitatively and quantitatively.
Explain the term risk perception
Risk perception is a person’s subjective judgement of risk, considering social, cultural and psychological factors.
Risk perception relates to feelings, including fear, but can also cover conscious judgements related to risk.
Describe the model used to describe the level of general trust and level of scepticism.
Also, describe the content in the model.
The model ranks the level of “general trust” and “Level of Scepticism” as high or low.
Low general trust / Low scepticism - Distrust
Low general trust / High scepticism - Rejection (Cynicism)
High general trust / Low scepticism - Acceptance (Trust)
High general trust / High scepticism - Critical trust
What is risk communication, and what is its purpose?
Risk communication relates to communicating, exchanging or sharing risk-related information with different groups.
Risk communication aims at improving risk understanding to make appropriate risk-related judgements and decisions.
Also, it has the following functions:
* Enlightenment
* Right-to-know
* Attitude change
* Legitimation
* Risk reduction
* Behavioural change
* Emergency preparedness
* Involvement
* Participation
What does the abbreviation “SARF” mean?
SARF = Social amplification and attenuation of risk
What is SARF?
SARF is a framework that includes both technical risk assessments with psychological, cultural and institutional perspectives.
Define risk management
Risk Management = All activities used to address risk
Deliberate on the main strategies for managing risk
The strategies should be used in accordance with the relevant context
1. Being risk-informed
2. Acting in accordance with the Cautionary/Precautionary principles
3. Discursive strategies
Explain the cautionary principle
If an activity’s consequences are potentially severe and subject to uncertainties, cautionary principles are appropriate; otherwise, the activity should not be carried out.
Explain the precautionary principle
If an activity’s consequences are potentially severe and subject to scientific uncertainties, then precautionary measures should be taken, or the activity should not be carried out.
What is a Cost-Benefit Analysis (CBA), and what is the main drawback of this analysis?
A CBA is a type of analysis used to calculate the expected net present value of a measure.
Name and explain the various figures closely related to a CBA?
Expected Net Present Value:
E[NPV] = Expected benefits - Expected costs
OR
E[NPV] = Expected number of lives saved * VSL - Expected cost
VSL = Value of a statistical life - The max value we are willing to pay to reduce the expected number of fatalities by 1
E[NPV] Rules:
E[NPV] > 0 = Implement measure
E[NPV] < 0 = Don’t implement measure
Explain what a Cost-effectiveness analysis is
A analysis used to calculate the effectiveness of a measure (Often risk reducing measure)
What is the formula for determining a cost-effectiveness ratio, and what what is ICAF?
Cost-effectiveness ratio (ICAF) = E[expected cost of measure) / E[expected benefit)
Define Risk Science
Risk Science = The most justified (best) knowledge (and practice of acquiring knowledge) related to risk assessment, communication, and handling.
Risk science is divided into two sub-categories. Name and explain the two sub-categories.
Applied Risk Science:
This relates to supporting risk knowledge generation in relation to specific activities and handling specific risk problems
Generic Risk Science:
Generic risk science relates to generic risk concepts, principles, approaches and methods on how to understand, assess, characterize, communicate, manage and govern risk.