|
Risk is the potential that a chosen action or activity (including the choice of inaction) will lead to a loss (an undesirable outcome). The notion implies that a choice having an influence on the outcome exists (or existed). Potential losses themselves may also be called "risks". Almost any human endeavour carries some risk, but some are much more risky then others. 
In activities such as rock climbing, participants are consciously taking risk. Historical background For the sociologist Niklas Luhmann the term ’risk’ is a neologism that appeared with the transition from traditional to modern society. "In the Middle Ages the term risicum was used in highly specific contexts, above all sea trade and its ensuing legal problems of loss and damage." In the vernacular languages of the 16th century the words rischio and riezgo were used. This was introduced to continental Europe, through interaction with Middle Eastern and North African Arab traders. In the English language the term risk appeared only in the 17th century, and "seems to be imported from continental Europe." When the terminology of risk took ground, it replaced the older notion that thought "in terms of good and bad fortune." Niklas Luhmann (1996) seeks to explain this transition: "Perhaps, this was simply a loss of plausibility of the old rhetorics of Fortuna as an allegorical figure of religious content and of prudentia as a (noble) virtue in the emerging commercial society." Scenario analysis matured during Cold War confrontations between major powers, notably the United States and the Soviet Union. It became widespread in insurance circles in the 1970s when major oil tanker disasters forced a more comprehensive foresight. The scientific approach to risk entered finance in the 1960s with the advent of the capital asset pricing model and became increasingly important in the 1980s when financial derivatives proliferated. It reached general professions in the 1990s when the power of personal computing allowed for widespread data collection and numbers crunching. Governments are using it, for example, to set standards for environmental regulation, e.g. "pathway analysis" as practiced by the United States Environmental Protection Agency. There are different definitions of risk for each of several applications. The widely inconsistent and ambiguous use of the word is one of several current criticisms of the methods to manage risk. In one definition, "risks" are simply future issues that can be avoided or mitigated, rather than present problems that must be immediately addressed. The simple fact is that risk is always a probability issue. Possibility is a binary condition – either something is possible, or it’s not – 100% or 0%. Probability reflects the continuum between absolute certainty and impossibility. The key thing to keep in mind is that establishing probabilities is not the same thing as foretelling the future. According to Factor Analysis of Information Risk, risk is:
This definition was accepted by The Open Group. In risk management, the term "hazard" is used to mean an event that could cause harm and the term "risk" is used to mean simply the probability of something happening. OHSAS (Occupational Health & Safety Advisory Services) defines risk as the product of the probability of a hazard resulting in an adverse event, times the severity of the event. There are many formal methods used to assess or to "measure" risk, which many consider to be a critical factor in human decision making. Some of these quantitative definitions of risk are well-grounded in sound statistics theory. However, these measurements of risk rely on failure occurrence data which may be sparse. This makes risk assessment difficult in hazardous industries such as nuclear energy where the frequency of failures is rare and harmful consequences of failure are astronomical. The dangerous harmful consequences often necessitate actions to reduce the probability of failure to infinitesimally small values which are hard to measure and corroborate with empirical evidence. Often, the probability of a negative event is estimated by using the frequency of past similar events or by event-tree methods, but probabilities for rare failures may be difficult to estimate if an event tree cannot be formulated. Methods to calculate the cost of the loss of human life vary depending on the purpose of the calculation. Specific methods include what people are willing to pay to insure against death, and radiological release (e.g., GBq of radio-iodine). Financial risk is often defined as the unexpected variability or volatility of returns and thus includes both potential worse-than-expected as well as better-than-expected returns. References to negative risk below should be read as applying to positive impacts or opportunity (e.g., for "loss" read "loss or gain") unless the context precludes this interpretation. In information security risk is defined as
an example being: Our desktop computers (asset) can be compromised by malware (threat) entering the environment as an email attachment (vulnerability). The risk is then assessed as a function of three variables:
The two probabilities are sometimes combined and are also known as likelihood. If any of these variables approaches zero, the overall risk approaches zero.
From Wikipedia, the free encyclopedia : Risk and damage evaluation |
