Risk is the possibility of losing something of value. Values (such as physical health, social status, emotional well-being, or financial wealth) can be gained or lost when taking risk resulting from a given action or inaction, foreseen or unforeseen (planned or not planned). Risk can also be defined as the intentional interaction with uncertainty.Uncertainty is a potential, unpredictable, and uncontrollable outcome; risk is a consequence of action taken in spite of uncertainty.
Social status is the relative level of respect, honor, assumed competence, and deference accorded to people, groups, and organizations in a society. Some writers have also referred to a socially valued role or category a person occupies as a "status". Status is based in beliefs about who members of a society believe holds comparatively more or less social value. By definition, these beliefs are broadly shared among members of a society. As such, people use status hierarchies to allocate resources, leadership positions, and other forms of power. In so doing, these shared cultural beliefs make unequal distributions of resources and power appear natural and fair, supporting systems of social stratification. Status hierarchies appear to be universal across human societies, affording valued benefits to those who occupy the higher rungs, such as better health, social approval, resources, influence, and freedom.
Uncertainty refers to epistemic situations involving imperfect or unknown information. It applies to predictions of future events, to physical measurements that are already made, or to the unknown. Uncertainty arises in partially observable and/or stochastic environments, as well as due to ignorance, indolence, or both. It arises in any number of fields, including insurance, philosophy, physics, statistics, economics, finance, psychology, sociology, engineering, metrology, meteorology, ecology and information science.
Risk perception is the subjective judgment people make about the severity and probability of a risk, and may vary person to person. Any human endeavour carries some risk, but some are much riskier than others.
Risk perception is the subjective judgement that people make about the characteristics and severity of a risk. The phrase is most commonly used in reference to natural hazards and threats to the environment or health, such as nuclear power. Several theories have been proposed to explain why different people make different estimates of the dangerousness of risks. Three major families of theory have been developed: psychology approaches, anthropology/sociology approaches and interdisciplinary approaches.
The Oxford English Dictionary cites the earliest use of the word in English (in the spelling of risque from its from French original, 'risque' ) as of 1621, and the spelling as risk from 1655. It defines risk as:
The Oxford English Dictionary (OED) is the principal historical dictionary of the English language, published by Oxford University Press. It traces the historical development of the English language, providing a comprehensive resource to scholars and academic researchers, as well as describing usage in its many variations throughout the world. The second edition, comprising 21,728 pages in 20 volumes, was published in 1989.
(Exposure to) the possibility of loss, injury, or other adverse or unwelcome circumstance; a chance or situation involving such a possibility.
The International Organization for Standardization publication ISO 31000 (2009) / ISO Guide 73:2002 definition of risk is the 'effect of uncertainty on objectives'. In this definition, uncertainties include events (which may or may not happen) and uncertainties caused by ambiguity or a lack of information. It also includes both negative and positive impacts on objectives. Many definitions of risk exist in common usage, however this definition was developed by an international committee representing over 30 countries and is based on the input of several thousand subject matter experts.
The International Organization for Standardization is an international standard-setting body composed of representatives from various national standards organizations.
ISO 31000 is a family of standards relating to risk management codified by the International Organization for Standardization. The purpose of ISO 31000:2009 is to provide principles and generic guidelines on risk management. ISO 31000 seeks to provide a universally recognised paradigm for practitioners and companies employing risk management processes to replace the myriad of existing standards, methodologies and paradigms that differed between industries, subject matters and regions.
Very different approaches to risk management are taken in different fields, e.g. "Risk is the unwanted subset of a set of uncertain outcomes" (Cornelius Keating).
Risk is ubiquitous in all areas of life and risk management is something that we all must do, whether we are managing a major organisation or simply crossing the road. When describing risk however, it is convenient to consider that risk practitioners operate in some specific practice areas.
Risk management is the identification, evaluation, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.
Economic risks can be manifested in lower incomes or higher expenditures than expected. The causes can be many, for instance, the hike in the price for raw materials, the lapsing of deadlines for construction of a new operating facility, disruptions in a production process, emergence of a serious competitor on the market, the loss of key personnel, the change of a political regime, or natural disasters.
Risks in personal health may be reduced by primary prevention actions that decrease early causes of illness or by secondary prevention actions after a person has clearly measured clinical signs or symptoms recognised as risk factors. Tertiary prevention reduces the negative impact of an already established disease by restoring function and reducing disease-related complications. Ethical medical practice requires careful discussion of risk factors with individual patients to obtain informed consent for secondary and tertiary prevention efforts, whereas public health efforts in primary prevention require education of the entire population at risk. In each case, careful communication about risk factors, likely outcomes and certainty must distinguish between causal events that must be decreased and associated events that may be merely consequences rather than causes.
In epidemiology, the lifetime risk of an effect is the cumulative incidence , also called incidence proportion over an entire lifetime.
In terms of occupational health & safety management, the term 'risk' may be defined as the most likely consequence of a hazard, combined with the likelihood or probability of it occurring.
Health, safety, and environment (HSE) are separate practice areas; however, they are often linked. The reason for this is typically to do with organizational management structures; however, there are strong links among these disciplines. One of the strongest links between these is that a single risk event may have impacts in all three areas, albeit over differing timescales. For example, the uncontrolled release of radiation or a toxic chemical may have immediate short-term safety consequences, more protracted health impacts, and much longer-term environmental impacts. Events such as Chernobyl, for example, caused immediate deaths, and in the longer term, deaths from cancers, and left a lasting environmental impact leading to birth defects, impacts on wildlife, etc.
Over time, a form of risk analysis called environmental risk analysis has developed. Environmental risk analysis is a field of study that attempts to understand events and activities that bring risk to human health or the environment.
Human health and environmental risk is the likelihood of an adverse outcome (See adverse outcome pathway). As such, risk is a function of hazard and exposure. Hazard is the intrinsic danger or harm that is posed, e.g. the toxicity of a chemical compound. Exposure is the likely contact with that hazard. Therefore, the risk of even a very hazardous substance approaches zero as the exposure nears zero, given a person's (or other organism's) biological makeup, activities and location (See exposome).Another example of health risks are when certain behaviours, such as risky sexual behaviours, increase the likelihood of contracting HIV.
Information technology risk, or IT risk, IT-related risk, is a risk related to information technology. This relatively new term was developed as a result of an increasing awareness that information security is simply one facet of a multitude of risks that are relevant to IT and the real world processes it supports.
The increasing dependencies of modern society on information and computers networks (both in private and public sectors, including military)has led to new terms like IT risk and Cyberwarfare.
Information security means protecting information and information systems from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
Information security has grown to information assurance (IA) i.e. is the practice of managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes.
While focused dominantly on information in digital form, the full range of IA encompasses not only digital but also analogue or physical form.
Information assurance is interdisciplinary and draws from multiple fields, including accounting, fraud examination, forensic science, management science, systems engineering, security engineering, and criminology, in addition to computer science.
So, IT risk is narrowly focused on computer security, while information security extends to risks related to other forms of information (paper, microfilm). Information assurance risks include the ones related to the consistency of the business information stored in IT systems and the information stored by other means and the relevant business consequences.
Insurance is a risk treatment option which involves risk sharing. It can be considered as a form of contingent capital and is akin to purchasing an option in which the buyer pays a small premium to be protected from a potential large loss.
Insurance risk is often taken by insurance companies, who then bear a pool of risks including market risk, credit risk, operational risk, interest rate risk, mortality risk, longevity risks, etc.
Means of assessing risk vary widely between professions. Indeed, they may define these professions; for example, a doctor manages medical risk, while a civil engineer manages risk of structural failure. A professional code of ethics is usually focused on risk assessment and mitigation (by the professional on behalf of client, public, society or life in general).
In the workplace, incidental and inherent risks exist. Incidental risks are those that occur naturally in the business but are not part of the core of the business. Inherent risks have a negative effect on the operating profit of the business.
The experience of many people who rely on human services for support is that 'risk' is often used as a reason to prevent them from gaining further independence or fully accessing the community, and that these services are often unnecessarily risk averse."People's autonomy used to be compromised by institution walls, now it's too often our risk management practices", according to John O'Brien. Michael Fischer and Ewan Ferlie (2013) find that contradictions between formal risk controls and the role of subjective factors in human services (such as the role of emotions and ideology) can undermine service values, so producing tensions and even intractable and 'heated' conflict.
A high reliability organisation (HRO) is an organisation that has succeeded in avoiding catastrophes in an environment where normal accidents can be expected due to risk factors and complexity. Most studies of HROs involve areas such as nuclear aircraft carriers, air traffic control, aerospace and nuclear power stations. Organizations such as these share in common the ability to consistently operate safely in complex, interconnected environments where a single failure in one component could lead to catastrophe. Essentially, they are organisations which appear to operate 'in spite' of an enormous range of risks.
Some of these industries manage risk in a highly quantified and enumerated way. These include the nuclear power and aircraft industries, where the possible failure of a complex series of engineered systems could result in highly undesirable outcomes. The usual measure of risk for a class of events is then: R = probability of the event × the severity of the consequence.
The total risk is then the sum of the individual class-risks; see below.
In the nuclear industry, consequence is often measured in terms of off-site radiological release, and this is often banded into five or six-decade-wide bands.[ clarification needed ]
The risks are evaluated using fault tree/event tree techniques (see safety engineering). Where these risks are low, they are normally considered to be "broadly acceptable". A higher level of risk (typically up to 10 to 100 times what is considered broadly acceptable) has to be justified against the costs of reducing it further and the possible benefits that make it tolerable—these risks are described as "Tolerable if ALARP", where ALARP stands for "as low as reasonably practicable". Risks beyond this level are classified as "intolerable".
The level of risk deemed broadly acceptable has been considered by regulatory bodies in various countries—an early attempt by UK government regulator and academic F. R. Farmer used the example of hill-walking and similar activities, which have definable risks that people appear to find acceptable. This resulted in the so-called Farmer Curve of acceptable probability of an event versus its consequence.
The technique as a whole is usually referred to as probabilistic risk assessment (PRA) (or probabilistic safety assessment, PSA). See WASH-1400 for an example of this approach.
In finance, risk is the chance that the return achieved on an investment will be different from that expected, and also takes into account the size of the difference. This includes the possibility of losing some or all of the original investment. In a view advocated by Damodaran, risk includes not only "downside risk" but also "upside risk" (returns that exceed expectations).Some regard the standard deviation of the historical returns or average returns of a specific investment as providing some historical measure of risk; see modern portfolio theory. Financial risk may be market-dependent, determined by numerous market factors, or operational, resulting from fraudulent behaviour (e.g. Bernard Madoff).
A fundamental idea in finance is the relationship between risk and return (see modern portfolio theory). The greater the potential return one might seek, the greater the risk that one generally assumes. A free market reflects this principle in the pricing of an instrument: strong demand for a safer instrument drives its price higher (and its return correspondingly lower) while weak demand for a riskier instrument drives its price lower (and its potential return thereby higher). For example, a US Treasury bond is considered to be one of the safest investments. In comparison to an investment or speculative grade corporate bond, US Treasury notes and bonds yield lower rates of return. The reason for this is that a corporation is more likely to default on debt than the US government. Because the risk of investing in a corporate bond is higher, investors are offered a correspondingly higher rate of return.
A popular risk measure is Value-at-Risk (VaR).
There are different types of VaR: long term VaR, marginal VaR, factor VaR and shock VaR. The latter is used in measuring risk during the extreme market stress conditions.
In finance, risk has no single definition.
Artzner et al.write "we call risk the investor's future net worth". In Novak "risk is a possibility of an undesirable event".
In financial markets, one may need to measure credit risk, information timing and source risk, probability model risk, operational risk and legal risk if there are regulatory or civil actions taken as a result of "investor's regret".
With the advent of automation in financial markets, the concept of "real-time risk" has gained a lot of attention. Aldridge and Krawciwdefine real-time risk as the probability of instantaneous or near-instantaneous loss, and can be due to flash crashes, other market crises, malicious activity by selected market participants and other events. A well-cited example of real-time risk was a US $440 million loss incurred within 30 minutes by Knight Capital Group (KCG) on 1 August 2012; the culprit was a poorly-tested runaway algorithm deployed by the firm. Regulators have taken notice of real-time risk as well. Basel III requires real-time risk management framework for bank stability.
It is not always obvious if financial instruments are "hedging" (purchasing/selling a financial instrument specifically to reduce or cancel out the risk in another investment) or "speculation" (increasing measurable risk and exposing the investor to catastrophic loss in pursuit of very high windfalls that increase expected value).
Some people may be "risk seeking", i.e. their utility function's second derivative is positive. Such an individual willingly pays a premium to assume risk (e.g. buys a lottery ticket).
The financial audit risk model expresses the risk of an auditor providing an inappropriate opinion (or material misstatement) of a commercial entity's financial statements. It can be analytically expressed as
where AR is audit risk, IR is inherent risk , CR is control risk and DR is detection risk.
Note: As defined, audit risk does not consider the impact of an auditor misstatement and so is stated as a simple probability. The impact of misstatement must be considered when determining an acceptable audit risk.
Security risk management involves protection of assets from harm caused by deliberate acts. A more detailed definition is: "A security risk is any event that could result in the compromise of organizational assets i.e. the unauthorized use, loss, damage, disclosure or modification of organizational assets for the profit, personal interest or political interests of individuals, groups or other entities constitutes a compromise of the asset, and includes the risk of harm to people. Compromise of organizational assets may adversely affect the enterprise, its business units and their clients. As such, consideration of security risk is a vital component of risk management."
One of the growing areas of focus in risk management is the field of human factors where behavioural and organizational psychology underpin our understanding of risk based decision making. This field considers questions such as "how do we make risk based decisions?", "why are we irrationally more scared of sharks and terrorists than we are of motor vehicles and medications?"
In decision theory, regret (and anticipation of regret) can play a significant part in decision-making, distinct from risk aversion(preferring the status quo in case one becomes worse off).
Framingis a fundamental problem with all forms of risk assessment. In particular, because of bounded rationality (our brains get overloaded, so we take mental shortcuts), the risk of extreme events is discounted because the probability is too low to evaluate intuitively. As an example, one of the leading causes of death is road accidents caused by drunk driving – partly because any given driver frames the problem by largely or totally ignoring the risk of a serious or fatal accident.
For instance, an extremely disturbing event (an attack by hijacking, or moral hazards) may be ignored in analysis despite the fact it has occurred and has a nonzero probability. Or, an event that everyone agrees is inevitable may be ruled out of analysis due to greed or an unwillingness to admit that it is believed to be inevitable. These human tendencies for error and wishful thinking often affect even the most rigorous applications of the scientific method and are a major concern of the philosophy of science.
All decision-making under uncertainty must consider cognitive bias, cultural bias, and notational bias: No group of people assessing risk is immune to "groupthink": acceptance of obviously wrong answers simply because it is socially painful to disagree, where there are conflicts of interest.
Framing involves other information that affects the outcome of a risky decision. The right prefrontal cortex has been shown to take a more global perspectivewhile greater left prefrontal activity relates to local or focal processing.
From the Theory of Leaky ModulesMcElroy and Seta proposed that they could predictably alter the framing effect by the selective manipulation of regional prefrontal activity with finger tapping or monaural listening. The result was as expected. Rightward tapping or listening had the effect of narrowing attention such that the frame was ignored. This is a practical way of manipulating regional cortical activation to affect risky decisions, especially because directed tapping or listening is easily done.
A growing area of research has been to examine various psychological aspects of risk taking. Researchers typically run randomised experiments with a treatment and control group to ascertain the effect of different psychological factors that may be associated with risk taking. Thus, positive and negative feedback about past risk taking can affect future risk taking. In an experiment, people who were led to believe they are very competent at decision making saw more opportunities in a risky choice and took more risks, while those led to believe they were not very competent saw more threats and took fewer risks.
The concept of risk-based maintenance is an advanced form of Reliability centred maintenance. In case of chemical industries, apart from probability of failure, consequences of failure is also very important. Therefore, the selection of maintenance policies should be based on risk, instead of reliability. Risk-based maintenance methodology acts as a tool for maintenance planning and decision making to reduce the probability of failure and its consequences. In risk-based maintenance decision making, the maintenance resources can be used optimally based on the risk class (high, medium, or low) of equipment or machines, to achieve tolerable risk criteria.
Closely related to information assurance and security risk, cybersecurity is the application of system security engineeringin order to address the compromise of company cyber-assets required for business or mission purposes. In order to address cyber-risk, cybersecurity applies security to the supply chain, the design and production environment for a product or service, and the product itself in order to provide efficient and appropriate security commensurate with the value of the asset to the mission or business process.
Since risk assessment and management is essential in security management, both are tightly related. Security assessment methodologies like CRAMM contain risk assessment modules as an important part of the first steps of the methodology. On the other hand, risk assessment methodologies like Mehari evolved to become security assessment methodologies. An ISO standard on risk management (Principles and guidelines on implementation) was published under code ISO 31000 on 13 November 2009.
There are many formal methods used to "measure" risk.
Often the probability of a negative event is estimated by using the frequency of past similar events. Probabilities for rare failures may be difficult to estimate. This makes risk assessment difficult in hazardous industries, for example nuclear energy, where the frequency of failures is rare, while harmful consequences of failure are severe.
Statistical methods may also require the use of a cost function, which in turn may require the calculation of the cost of loss of a human life. This is a difficult problem. One approach is to ask what people are willing to pay to insure against death [ citation needed ] but as the answers depend very strongly on the circumstances it is not clear that this approach is effective.or radiological release (e.g. GBq of radio-iodine),
Risk is often measured as the expected value of an undesirable outcome. This combines the probabilities of various possible events and some assessment of the corresponding harm into a single value. See also Expected utility. The simplest case is a binary possibility of Accident or No accident. The associated formula for calculating risk is then:
For example, if performing activity X has a probability of 0.01 of suffering an accident of A, with a loss of 1000, then total risk is a loss of 10, the product of 0.01 and 1000.
Situations are sometimes more complex than the simple binary possibility case. In a situation with several possible accidents, total risk is the sum of the risks for each different accident, provided that the outcomes are comparable:
For example, if performing activity X has a probability of 0.01 of suffering an accident of A, with a loss of 1000, and a probability of 0.000001 of suffering an accident of type B, with a loss of 2,000,000, then total loss expectancy is 12, which is equal to a loss of 10 from an accident of type A and 2 from an accident of type B.
One of the first major uses of this concept was for the planning of the Delta Works in 1953, a flood protection program in the Netherlands, with the aid of the mathematician David van Dantzig.The kind of risk analysis pioneered there has become common today in fields like nuclear power, aerospace and the chemical industry.
In statistical decision theory, the risk function is defined as the expected value of a given loss function as a function of the decision rule used to make decisions in the face of uncertainty.
People may rely on their fear and hesitation to keep them out of the most profoundly unknown circumstances. Fear is a response to perceived danger. Risk could be said to be the way we collectively measure and share this "true fear"—a fusion of rational doubt, irrational fear, and a set of unquantified biases from our own experience.
The field of behavioural finance focuses on human risk-aversion, asymmetric regret, and other ways that human financial behaviour varies from what analysts call "rational". Risk in that case is the degree of uncertainty associated with a return on an asset. Recognizing and respecting the irrational influences on human decision making may do much to reduce disasters caused by naive risk assessments that presume rationality but in fact merely fuse many shared biases.
According to one set of definitions, fear is a fleeting emotion ascribed to a particular object, while anxiety is a trait of fear (this is referring to "trait anxiety", as distinct from how the term "anxiety" is generally used) that lasts longer and is not attributed to a specific stimulus (these particular definitions are not used by all authors cited on this page).Some studies show a link between anxious behaviour and risk (the chance that an outcome will have an unfavorable result). Joseph Forgas introduced valence based research where emotions are grouped as either positive or negative (Lerner and Keltner, 2000). Positive emotions, such as happiness, are believed to have more optimistic risk assessments and negative emotions, such as anger, have pessimistic risk assessments. As an emotion with a negative valence, fear, and therefore anxiety, has long been associated with negative risk perceptions. Under the more recent appraisal tendency framework of Jennifer Lerner et al., which refutes Forgas' notion of valence and promotes the idea that specific emotions have distinctive influences on judgments, fear is still related to pessimistic expectations.
Psychologists have demonstrated that increases in anxiety and increases in risk perception are related and people who are habituated to anxiety experience this awareness of risk more intensely than normal individuals.In decision-making, anxiety promotes the use of biases and quick thinking to evaluate risk. This is referred to as affect-as-information according to Clore, 1983. However, the accuracy of these risk perceptions when making choices is not known.
Experimental studies show that brief surges in anxiety are correlated with surges in general risk perception.Anxiety exists when the presence of threat is perceived (Maner and Schmidt, 2006). As risk perception increases, it stays related to the particular source impacting the mood change as opposed to spreading to unrelated risk factors. This increased awareness of a threat is significantly more emphasised in people who are conditioned to anxiety. For example, anxious individuals who are predisposed to generating reasons for negative results tend to exhibit pessimism. Also, findings suggest that the perception of a lack of control and a lower inclination to participate in risky decision-making (across various behavioural circumstances) is associated with individuals experiencing relatively high levels of trait anxiety. In the previous instance, there is supporting clinical research that links emotional evaluation (of control), the anxiety that is felt and the option of risk avoidance.
There are various views presented that anxious/fearful emotions cause people to access involuntary responses and judgments when making decisions that involve risk. Joshua A. Hemmerich et al. probes deeper into anxiety and its impact on choices by exploring "risk-as-feelings" which are quick, automatic, and natural reactions to danger that are based on emotions. This notion is supported by an experiment that engages physicians in a simulated perilous surgical procedure. It was demonstrated that a measurable amount of the participants' anxiety about patient outcomes was related to previous (experimentally created) regret and worry and ultimately caused the physicians to be led by their feelings over any information or guidelines provided during the mock surgery. Additionally, their emotional levels, adjusted along with the simulated patient status, suggest that anxiety level and the respective decision made are correlated with the type of bad outcome that was experienced in the earlier part of the experiment.Similarly, another view of anxiety and decision-making is dispositional anxiety where emotional states, or moods, are cognitive and provide information about future pitfalls and rewards (Maner and Schmidt, 2006). When experiencing anxiety, individuals draw from personal judgments referred to as pessimistic outcome appraisals. These emotions promote biases for risk avoidance and promote risk tolerance in decision-making.
It is common for people to dread some risks but not others: They tend to be very afraid of epidemic diseases, nuclear power plant failures, and plane accidents but are relatively unconcerned about some highly frequent and deadly events, such as traffic crashes, household accidents, and medical errors. One key distinction of dreadful risks seems to be their potential for catastrophic consequences,threatening to kill a large number of people within a short period of time. For example, immediately after the 11 September attacks, many Americans were afraid to fly and took their car instead, a decision that led to a significant increase in the number of fatal crashes in the time period following the 9/11 event compared with the same time period before the attacks.
Different hypotheses have been proposed to explain why people fear dread risks. First, the psychometric paradigmsuggests that high lack of control, high catastrophic potential, and severe consequences account for the increased risk perception and anxiety associated with dread risks. Second, because people estimate the frequency of a risk by recalling instances of its occurrence from their social circle or the media, they may overvalue relatively rare but dramatic risks because of their overpresence and undervalue frequent, less dramatic risks. Third, according to the preparedness hypothesis, people are prone to fear events that have been particularly threatening to survival in human evolutionary history. Given that in most of human evolutionary history people lived in relatively small groups, rarely exceeding 100 people, a dread risk, which kills many people at once, could potentially wipe out one's whole group. Indeed, research found that people's fear peaks for risks killing around 100 people but does not increase if larger groups are killed. Fourth, fearing dread risks can be an ecologically rational strategy. Besides killing a large number of people at a single point in time, dread risks reduce the number of children and young adults who would have potentially produced offspring. Accordingly, people are more concerned about risks killing younger, and hence more fertile, groups.
The relationship between higher levels of risk perception and "judgmental accuracy" in anxious individuals remains unclear (Joseph I. Constans, 2001). There is a chance that "judgmental accuracy" is correlated with heightened anxiety. Constans conducted a study to examine how worry propensity (and current mood and trait anxiety) might influence college student's estimation of their performance on an upcoming exam, and the study found that worry propensity predicted subjective risk bias (errors in their risk assessments), even after variance attributable to current mood and trait anxiety had been removed.Another experiment suggests that trait anxiety is associated with pessimistic risk appraisals (heightened perceptions of the probability and degree of suffering associated with a negative experience), while controlling for depression.
In his seminal work Risk, Uncertainty, and Profit, Frank Knight (1921) established the distinction between risk and uncertainty.
... Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. The term "risk," as loosely used in everyday speech and in economic discussion, really covers two things which, functionally at least, in their causal relations to the phenomena of economic organization, are categorically different. ... The essential fact is that "risk" means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomenon depending on which of the two is really present and operating. ... It will appear that a measurable uncertainty, or "risk" proper, as we shall use the term, is so far different from an unmeasurable one that it is not in effect an uncertainty at all. We ... accordingly restrict the term "uncertainty" to cases of the non-quantitive type.:
Thus, Knightian uncertainty is immeasurable, not possible to calculate, while in the Knightian sense risk is measurable.
Another distinction between risk and uncertainty is proposed by Douglas Hubbard:
In this sense, one may have uncertainty without risk but not risk without uncertainty. We can be uncertain about the winner of a contest, but unless we have some personal stake in it, we have no risk. If we bet money on the outcome of the contest, then we have a risk. In both cases there are more than one outcome. The measure of uncertainty refers only to the probabilities assigned to outcomes, while the measure of risk requires both probabilities for outcomes and losses quantified for outcomes.
The terms risk attitude, appetite, and tolerance are often used similarly to describe an organisation's or individual's attitude towards risk-taking. One's attitude may be described as risk-averse, risk-neutral, or risk-seeking. Risk tolerance looks at acceptable/unacceptable deviations from what is expected.[ clarification needed ] Risk appetite looks at how much risk one is willing to accept. There can still be deviations that are within a risk appetite. For example, recent research finds that insured individuals are significantly likely to divest from risky asset holdings in response to a decline in health, controlling for variables such as income, age, and out-of-pocket medical expenses.
Gambling is a risk-increasing investment, wherein money on hand is risked for a possible large return, but with the possibility of losing it all. Purchasing a lottery ticket is a very risky investment with a high chance of no return and a small chance of a very high return. In contrast, putting money in a bank at a defined rate of interest is a risk-averse action that gives a guaranteed return of a small gain and precludes other investments with possibly higher gain. The possibility of getting no return on an investment is also known as the rate of ruin.
Hubbard also argues that defining risk as the product of impact and probability presumes, unrealistically, that decision-makers are risk-neutral. million exactly as desirable as getting a certain $200,000. However, most decision-makers are not actually risk-neutral and would not consider these equivalent choices. This gave rise to prospect theory and cumulative prospect theory. Hubbard proposes to instead describe risk as a vector quantity that distinguishes the probability and magnitude of a risk. Risks are simply described as a set or function[ vague ] of possible payoffs (gains or losses) with their associated probabilities. This array is collapsed into a scalar value according to a decision-maker's risk tolerance.A risk-neutral person's utility is proportional to the expected value of the payoff. For example, a risk-neutral person would consider 20% chance of winning $1
This is a list of books about risk issues.
|Acceptable Risk||Baruch Fischhoff, Sarah Lichtenstein, Paul Slovic, Steven L. Derby, and Ralph Keeney||1984|
|Against the Gods: The Remarkable Story of Risk||Peter L. Bernstein||1996|
|At risk: Natural hazards, people's vulnerability and disasters||Piers Blaikie, Terry Cannon, Ian Davis, and Ben Wisner||1994|
|Building Safer Communities. Risk Governance, Spatial Planning and Responses to Natural Hazards||Urbano Fra Paleo||2009|
|Dangerous Earth: An introduction to geologic hazards||Barbara W. Murck, Brian J. Skinner, Stephen C. Porter||1998|
|Disasters and Democracy||Rutherford H. Platt||1999|
|Earth Shock: Hurricanes, volcanoes, earthquakes, tornadoes and other forces of nature||W. Andrew Robinson||1993|
|Human System Response to Disaster: An Inventory of Sociological Findings||Thomas E. Drabek||1986|
|Judgment Under Uncertainty: heuristics and biases||Daniel Kahneman, Paul Slovic, and Amos Tversky||1982|
|Mapping Vulnerability: disasters, development, and people||Greg Bankoff, Georg Frerks, and Dorothea Hilhorst||2004|
|Man and Society in Calamity: The Effects of War, Revolution, Famine, Pestilence upon Human Mind, Behavior, Social Organization and Cultural Life||Pitirim Sorokin||1942|
|Mitigation of Hazardous Comets and Asteroids||Michael J.S. Belton, Thomas H. Morgan, Nalin H. Samarasinha, Donald K. Yeomans||2005|
|Natural Disaster Hotspots: a global risk analysis||Maxx Dilley||2005|
|Natural Hazard Mitigation: Recasting disaster policy and planning||David Godschalk, Timothy Beatley, Philip Berke, David Brower, and Edward J. Kaiser||1999|
|Natural Hazards: Earth’s processes as hazards, disasters, and catastrophes||Edward A. Keller, and Robert H. Blodgett||2006|
|Normal Accidents. Living with high-risk technologies||Charles Perrow||1984|
|Paying the Price: The status and role of insurance against natural disasters in the United States||Howard Kunreuther, and Richard J. Roth||1998|
|Planning for Earthquakes: Risks, politics, and policy||Philip R. Berke, and Timothy Beatley||1992|
|Practical Project Risk Management: The ATOM Methodology||David Hillson and Peter Simon||2012|
|Reduction and Predictability of Natural Disasters||John B. Rundle, William Klein, Don L. Turcotte||1996|
|Regions of Risk: A geographical introduction to disasters||Kenneth Hewitt||1997|
|Risk Analysis: a quantitative guide||David Vose||2008|
|Risk: An introduction ( ISBN 978-0-415-49089-4)||Bernardus Ale||2009|
|Risk and Culture: An essay on the selection of technical and environmental dangers||Mary Douglas, and Aaron Wildavsky||1982|
|Socially Responsible Engineering: Justice in Risk Management ( ISBN 978-0-471-78707-5)||Daniel A. Vallero, and P. Aarne Vesilind||2006|
|Swimming with Crocodiles: The Culture of Extreme Drinking||Marjana Martinic and Fiona Measham (eds.)||2008|
|The Challenger Launch Decision: Risky Technology, Culture and Deviance at NASA||Diane Vaughan||1997|
|The Environment as Hazard||Ian Burton, Robert Kates, and Gilbert F. White||1978|
|The Social Amplification of Risk||Nick Pidgeon, Roger E. Kasperson, and Paul Slovic||2003|
|What is a Disaster? New answers to old questions||Ronald W. Perry, and Enrico Quarantelli||2005|
|Floods: From Risk to Opportunity (IAHS Red Book Series)||Ali Chavoshian, and Kuniyoshi Takeuchi||2013|
|The Risk Factor: Why Every Organization Needs Big Bets, Bold Characters, and the Occasional Spectacular Failure||Deborah Perry Piscione||2014|
Broadly speaking, a risk assessment is the combined effort of 1. identifying and analyzing potential (future) events that may negatively impact individuals, assets, and/or the environment ; and 2. making judgments "on the tolerability of the risk on the basis of a risk analysis" while considering influencing factors. Put in simpler terms, a risk assessment analyzes what can go wrong, how likely it is to happen, what the potential consequences are, and how tolerable the identified risk is. As part of this process, the resulting determination of risk may be expressed in a quantitative or qualitative fashion. The risk assessment is an inherent part of an overall risk management strategy, which attempts to, after a risk assessment, "introduce control measures to eliminate or reduce" any potential risk-related consequences.
In the case of uncertainty, expectation is what is considered the most likely to happen. An expectation, which is a belief that is centered on the future, may or may not be realistic. A less advantageous result gives rise to the emotion of disappointment. If something happens that is not at all expected, it is a surprise. An expectation about the behavior or performance of another person, expressed to that person, may have the nature of a strong request, or an order; this kind of expectation is called a social norm. The degree to which something is expected to be true can be expressed using fuzzy logic.
In mathematical optimization, statistics, econometrics, decision theory, machine learning and computational neuroscience, a loss function or cost function is a function that maps an event or values of one or more variables onto a real number intuitively representing some "cost" associated with the event. An optimization problem seeks to minimize a loss function. An objective function is either a loss function or its negative, in which case it is to be maximized.
A crisis is any event that is going to lead to an unstable and dangerous situation affecting an individual, group, community, or whole society. Crises are deemed to be negative changes in the security, economic, political, societal, or environmental affairs, especially when they occur abruptly, with little or no warning. More loosely, it is a term meaning "a testing time" or an "emergency event".
Value of information is the amount a decision maker would be willing to pay for information prior to making a decision.
The Ellsberg paradox is a paradox in decision theory in which people's choices violate the postulates of subjective expected utility. It is generally taken to be evidence for ambiguity aversion. The paradox was popularized by Daniel Ellsberg, although a version of it was noted considerably earlier by John Maynard Keynes.
Probabilistic risk assessment (PRA) is a systematic and comprehensive methodology to evaluate risks associated with a complex engineered technological entity or the effects of stressors on the environment for example.
Financial risk is any of various types of risk associated with financing, including financial transactions that include company loans in risk of default. Often it is understood to include only downside risk, meaning the potential for financial loss and uncertainty about its extent.
The neglect of probability, a type of cognitive bias, is the tendency to disregard probability when making a decision under uncertainty and is one simple way in which people regularly violate the normative rules for decision making. Small risks are typically either neglected entirely or hugely overrated. The continuum between the extremes is ignored. The term probability neglect was coined by Cass Sunstein.
In decision theory and economics, ambiguity aversion is a preference for known risks over unknown risks. An ambiguity-averse individual would rather choose an alternative where the probability distribution of the outcomes is known over one where the probabilities are unknown. This behavior was first introduced through the Ellsberg paradox.
Fear appeal is a term used in psychology, sociology and marketing. It generally describes a strategy for motivating people to take a particular action, endorse a particular policy, or buy a particular product, by arousing fear. A well-known example in television advertising was a commercial employing the musical jingle: "Never pick up a stranger, pick up Prestone anti-freeze." This was accompanied by images of shadowy strangers (hitchhikers) who would presumably do one harm if picked up. The commercial's main appeal was not to the positive features of Prestone anti-freeze, but to the fear of what a "strange" brand might do.
Disappointment is the feeling of dissatisfaction that follows the failure of expectations or hopes to manifest. Similar to regret, it differs in that a person who feels regret focuses primarily on the personal choices that contributed to a poor outcome, while a person feeling disappointment focuses on the outcome itself. It is a source of psychological stress. The study of disappointment—its causes, impact, and the degree to which individual decisions are motivated by a desire to avoid it—is a focus in the field of decision analysis, as disappointment is, along with regret, one of two primary emotions involved in decision-making.
In economics and finance, a Taleb distribution is the statistical profile of an investment which normally provides a payoff of small positive returns, while carrying a small but significant risk of catastrophic losses. The term was coined by journalist Martin Wolf and economist John Kay to describe investments with a "high probability of a modest gain and a low probability of huge losses in any period."
IT risk management is the application of risk management methods to information technology in order to manage IT risk, i.e.:
Theory of Motivated Information Management or TMIM, is a social-psychological framework that examines the relationship between information management and uncertainty. The theory posits that individuals are “motivated to manage their uncertainty levels when they perceive a discrepancy between the level of uncertainty they have about an important issue and the level of uncertainty they want”. In other words, someone may be uncertain about an important issue but decides not to engage or seek information because they are comfortable with that state.
Event tree analysis (ETA) is a forward, bottom up, logical modeling technique for both success and failure that explores responses through a single initiating event and lays a path for assessing probabilities of the outcomes and overall system analysis. This analysis technique is used to analyze the effects of functioning or failed systems given that an event has occurred. ETA is a powerful tool that will identify all consequences of a system that have a probability of occurring after an initiating event that can be applied to a wide range of systems including: nuclear power plants, spacecraft, and chemical plants. This technique may be applied to a system early in the design process to identify potential issues that may arise, rather than correcting the issues after they occur. With this forward logic process, use of ETA as a tool in risk assessment can help to prevent negative outcomes from occurring, by providing a risk assessor with the probability of occurrence. ETA uses a type of modeling technique called event tree, which branches events from one single event using Boolean logic.
Risk aversion is a preference for a sure outcome over a gamble with higher or equal expected value. Conversely, the rejection of a sure thing in favor of a gamble of lower or equal expected value is known as risk-seeking behavior.