About Risk
Risk is the
possibility
of experiencing
harm or loss.
Risks have to do with
exposure
to uncertain changes. A change is always a risk. This is the
reason in compliance we always authorize, test and document
changes.
People take risks for a good reason: To profit, to change their
life, to try another approach that is more promising. They take
risks in the hope of a favorable outcome.
The four stages of the Risk Process
1. Risk Identification
2. Risk
Analysis
3. Risk Planning (selection and implementation of countermeasures,
when the risks are above our risk appetite)
4.
Implementation of countermeasures,
monitoring, reporting and reviewing Risk Management actions
against objectives
According to the Stanford Encyclopedia of Philosophy,
in non-technical contexts,
the word risk refers, often rather vaguely, to
situations in which it is possible but not certain
that some undesirable event will occur.
In technical contexts,
the word has several more specialized uses and meanings.
Five of these are particularly important since they are widely
used across disciplines:
1. risk =
an unwanted event which may or may not occur.
An example of this usage is: “Lung cancer is one of the major
risks that affect smokers.”
2. risk =
the cause of an unwanted event which may or may not occur.
An example of this usage is: “Smoking is by far the most important
health risk in industrialized countries.” (The unwanted event
implicitly referred to here is a disease caused by smoking.) Both
(1) and (2) are
qualitative
senses of risk. The word also has
quantitative
senses, of which the following is the oldest one:
3. risk =
the probability of an unwanted event which may or may not occur.
This usage is exemplified by the following statement: “The risk
that a smoker's life is shortened by a smoking-related disease is
about 50%.”
4. risk =
the statistical expectation value of an unwanted event which may
or may not occur.
The expectation value of a possible negative event is the product
of its probability and some measure of its severity. It is common
to use the number of killed persons as a measure of the severity
of an accident. With this measure of severity, the “risk” (in
sense 4) associated with a potential accident is equal to the
statistically expected number of deaths. Other measures of
severity give rise to other measures of risk.
Although expectation values have been calculated since the 17th
century, the use of the term “risk” in this sense is relatively
new. Today
it is the standard technical meaning of the term “risk” in many
disciplines. It is regarded by some risk analysts as the only
correct usage of the term.
5. risk =
the fact that a decision is made under conditions of known
probabilities (“decision under risk” as opposed to “decision under
uncertainty”)
Free
E-book: 100 Job Descriptions in Risk and Compliance Management
|
