Risk management - Chapter 8-9

Question 1

What is risk management/handling?

Answer 1

Key strategies, principals and methods for risk management and decision making

Risk management refers to all activities used to address risk. Such as avoiding, reducing, sharing and accepting risk. It often includes trade-offs between costs and benefits of risk reduction and choice of a level of tolerable risk.

How can risk assessments and other analyses be used to support decision-making??

Question 2

What are the main strategies/policies for handling risk?

Answer 2

Being risk informed
Treatment of risk (avoiding risk, reducing risk, transferring risk, retaining risk) by the use of risk assessments.
Is used when the phenomena and processes considered are well understood and accurate predictions can be made.

Giving weight to the cautionary and precautionary principles.
Focus on vulnerability and resilience management. Gives weight to uncertainties and surprises by highlighting features like containment, redundancy in designing safety devices, diversification, design of systems with flexible response options etc.
Is used when there is uncertainty. Accurate predictions cannot be made, for example, as a result of lack of understanding of underlying phenomena or complexity

Discursive strategies.
Using measures to build confidence and trustworthiness through the reduction of uncertainties and ambiguities, clarification of facts, involvement of affected people, deliberation and accountability.
Is used when there is ambiguity. Different views related to the relevant values.

Strategy depends on the context - what problems are we dealing with? Sometimes it is a combination. Risk assessments and other analyses can be used for support.

Question 3

What is risk governance?

Answer 3

Risk governance refers to the application of governance principles for the handling of risk. Such principles include aspects like participation, accountability, effectiveness, coherence, proportionality and subsidiarity.

Question 4

How to decide on the most appropriate strategies and policies to handle risk?

Answer 4

Do we value protection (avoiding losses, accidents and disasters) or development (Exploring opportunities, taking or accepting some risk in pursuit of values) more?

Different tools, principles and strategies give different weight to these two main concerns

Question 5

What is risk prevention?

Answer 5

Risk prevention is commonly understood to mean avoidance of relevant risk sources (for example, eliminating dangerous viruses) or interception of the risk source pathway to undesirable consequences such that none of the targets is affected by the risk sources (for example, early containment of dangerous viruses). More generally and using the terminology of Chapters 2 and 3, risk prevention is about reducing the risk contribution as defined by (A,U), for example, by eliminating some events A’ or reducing probabilities P(A’) for some identified events A’

Question 6

What is risk mitigation?

Answer 6

Risk mitigation refers to the reduction of vulnerability given an event A.

Question 7

When using and evalutating a risk assessment, what do you need to focus on?

Answer 7

1. Acknowledge the limitations of the risk assessment
- What are the key assumptions that the assessment is based on?
- Has the analysts’ competence level been assessed and accounted for?
- Has independent critique of the risk analysis been performed, to identify potential surprises?

2. Include other aspects of risk that are important for decision making
- What about ethical concerns
- Political aspects
- Strategic considerations
- Factors influencing reputation and public view?

To do this we can do an MRJ.

Question 8

Cost benefit analysis (CBA)

Answer 8

An approach used to calculate the expected net present value of a measure.

E[NPV] > 0 - implement measure
E[NPV] < 0 - measure is not justified

Question 9

Cost-effectiveness analysis

Answer 9

An approach used to calculate the effectiveness of a measure (typically risk reducing measures)

Question 10

ICAF

Answer 10

We normally define ICAF between the ratio of expected cost and expected benefit (number of saved lives) for a measure.

Question 11

VSL

Answer 11

VSL: The maximum one is willing to pay to reduce the expected number of saved lives by 1.

In CBA we calculate expected values, and the contributions from reducing the expected number
of saved lives by EN, is thus VSL ⸱ EN.

Question 12

What is the link between ICAF and VSL?

Answer 12

ICAF is the Implied Cost of Averting a Fatality, and is derived by computing the expected cost of the measure considered per expected lives saved.

For example, a measure may have an ICAF = 100 million NOK. Then if VSL = 30 million NOK, it is clear that the measure cannot be justified as 30 is the maximum one is willing to pay to reduce the expected number of lives by 1. Hence if ICAF > VSL, not implement measure, if ICAF ≤ VSL, implement measure.

Question 13

Multi-attribute analysis

Answer 13

An approach where the goal is not to transform all various concerns into one dimension (typically monetary values), but to provide judgments on each attribute separately, using a combination of quantitative and qualitative assessments

Question 14

What are the pros and cons of CBA, CEA and multi-attribute analysis?

Answer 14

CBA/CEA has simple calculations and is easy to compare. But we use expected values that have limitations in regards to reflecting risks and uncertainties

Multi-attribute does not need to transform the attributes to one scale. Easier to reflect risks and uncertainties that cannot be captured with E[X]. It is more demanding to compare the options. People need to make conscious judgements on how to weigh the attributes

Question 15

Cautionary and precautionary principles

Answer 15

The cautionary principle is a principle that says that if the consequences of an activity could be serious and subject to uncertainties, then cautionary measures should be taken, or the activity should not be carried out

Precautionary principle expressing that if the consequences of an activity could be serious and subject to scientific uncertainties, then precautionary measures should be taken, or the activity should not
be carried out

Question 16

Does the cautionary principle support protection or development?

Answer 16

Following the principle means that when facing uncertainty caution should be the ruling principle. Accordingly, we can implement risk reducing measures even if they are seen as inefficient seen from a purely economic standpoint (or in the more extreme cases, not starting the activity considered at all). Hence, we go beyond the expected benefits of the risk reducing measures, meaning that protection is highlighted rather than development

Question 17

Risk acceptance

Answer 17

Risk assessments are commonly used together with some risk acceptance criteria or tolerability limits.By using RAC the idea is to ensure max risk level for values such as lives and health which need protection. The criteria can contribute to transparancy by being explicit about risk so that comparisons can be made or consistency.

Problems:
- The risk metric used can to varying degrees be informative for describing risk
- The risk assessments are to varying degrees taking into account uncertainties and limitations in the supporting knowlegde
- Quantitative RAC often lead to “mechanistic” decisionmaking - the need for MRJ is undermined
- It is often difficult to see the implications of a spesific criterion before having analyzed the activity
- Quantitative criteria often result in unfortunate adaptations

Question 18

ALARP

Answer 18

The ALARP principle says that the risk should be reduced to a level as low as reasonably practicable. A measure that can be improve safety should be implemented unless it can be demonstrated that the costs are in gross disproportion to the benefits gained.
As such it can be said to favor protection and safety as the rule is to implement measures that support this. It is a reverse burden of proof. Only in the ‘extreme’ case that you are able to demonstrate that the costs are ‘extreme’ you are ‘allowed’ to not implement the measure.

If cost-benefit analysis is used to verify ALARP (which is often the case in practice), the principle gives more weight to development, as this type of analysis is based on expected values.

Question 19

Scientists argues that it is important to stress that the decision-making should be ‘risk-informed’ and not ‘risk-based’. Present the argumentation provided for this statement.

Answer 19

The key is that the risk assessment results should not prescribe what to do, as risk assessments have limitations in capturing all aspects of risks and uncertainties, and there are also different values (we may all agree on the risks, but disagree on what to do as we have different values, what is important, how much weight to give to uncertainties, how to balance protection and development)

Question 20

Define MRJ (managerial review and judgement)

Answer 20

Process of summarizing, interpreting and deliberating over the results of risk assessments and other assessments, as well as of other relevant issues (not covered by the assessments) in order to make a decision.

The managerial review and judgment is the process between risk assessment and the decision-making.