Professional Documents
Culture Documents
Contents
1Definitions
o 1.1International Organization for Standardization
o 1.2Other
2Practice areas
o 2.1Economic risk
o 2.2Health
o 2.3Health, safety, and environment
o 2.4Information technology and information security
o 2.5Insurance
o 2.6Business and management
o 2.7In human services
o 2.8High reliability organisations (HROs)
o 2.9Finance
o 2.10Financial auditing
o 2.11Security
o 2.12Human factors
o 2.13Psychology of risk taking
o 2.14Maintenance
o 2.15Cybersecurity[41]
3Risk assessment and analysis
o 3.1Quantitative analysis
o 3.2Fear as intuitive risk assessment
4Anxiety, risk and decision making
o 4.1Fear, anxiety and risk
o 4.2Consequences of anxiety
o 4.3Dread risk
o 4.4Anxiety and judgmental accuracy
5Other considerations
o 5.1Risk and uncertainty
o 5.2Risk attitude, appetite and tolerance
o 5.3Risk as a vector quantity
6List of related books
7See also
8References
9Bibliography
o 9.1Referred literature
o 9.2Books
o 9.3Articles and papers
10External links
Definitions[edit]
Firefighters at work
The Oxford English Dictionary cites the earliest use of the word in English (in the spelling
of risque from its from French original, 'risque' ) as of 1621, and the spelling as risk from 1655.
It defines risk as:
(Exposure to) the possibility of loss, injury, or other adverse or unwelcome circumstance; a
chance or situation involving such a possibility.[3]
Other[edit]
Very different approaches to risk management are taken in different fields, e.g. "Risk is the
unwanted subset of a set of uncertain outcomes" (Cornelius Keating).
Risk can be seen as relating to the probability of uncertain future events.[7] For
example, according to Factor Analysis of Information Risk, risk is:[7] the probable
frequency and probable magnitude of future loss. In computer science this definition is
used by The Open Group.[8]
OHSAS (Occupational Health & Safety Advisory Services) defines risk as the
combination of the probability of a hazard resulting in an adverse event, and the
severity of the event.[9]
In information security risk is defined as "the potential that a given threat will
exploit vulnerabilities of an asset or group of assets and thereby cause harm to the
organization".[10]
Financial risk is often defined as the unpredictable variability or volatility of returns, and
this would include both potential better-than-expected and worse-than-expected
returns. References to negative risk below should be read as also applying to positive
impacts or opportunity (e.g. for "loss" read "loss or gain") unless the context precludes
this interpretation.
The related terms "threat" and "hazard" are often used to mean something that could
cause harm.
Practice areas[edit]
Risk is ubiquitous in all areas of life and risk management is something
that we all must do, whether we are managing a major organisation or
simply crossing the road. When describing risk however, it is convenient
to consider that risk practitioners operate in some specific practice areas.
Economic risk[edit]
Economic risks can be manifested in lower incomes or higher
expenditures than expected. The causes can be many, for instance, the
hike in the price for raw materials, the lapsing of deadlines for construction
of a new operating facility, disruptions in a production process, emergence
of a serious competitor on the market, the loss of key personnel, the
change of a political regime, or natural disasters.
Health[edit]
Risks in personal health may be reduced by primary prevention actions
that decrease early causes of illness or by secondary prevention actions
after a person has clearly measured clinical signs or symptoms
recognised as risk factors. Tertiary prevention reduces the negative
impact of an already established disease by restoring function and
reducing disease-related complications. Ethical medical practice requires
careful discussion of risk factors with individual patients to obtain informed
consent for secondary and tertiary prevention efforts, whereas public
health efforts in primary prevention require education of the entire
population at risk. In each case, careful communication about risk factors,
likely outcomes and certainty must distinguish between causal events that
must be decreased and associated events that may be merely
consequences rather than causes.
In epidemiology, the lifetime risk of an effect is the cumulative incidence,
also called incidence proportion over an entire lifetime.[11]