Risk is the possibility of losing something of value.

Values (such as physical health, social

status, emotional well-being, or financial wealth) can be gained or lost when taking risk
resulting from a given action or inaction, foreseen or unforeseen (planned or not planned). Risk
can also be defined as the intentional interaction with uncertainty.[1] Uncertainty is a potential,
unpredictable, and uncontrollable outcome; risk is a consequence of action taken in spite of
uncertainty.
Risk perception is the subjective judgment people make about the severity and probability of a
risk, and may vary person to person. Any human endeavour carries some risk, but some are
much riskier than others.[2]

Contents

 1Definitions
o 1.1International Organization for Standardization
o 1.2Other
 2Practice areas
o 2.1Economic risk
o 2.2Health
o 2.3Health, safety, and environment
o 2.4Information technology and information security
o 2.5Insurance
o 2.6Business and management
o 2.7In human services
o 2.8High reliability organisations (HROs)
o 2.9Finance
o 2.10Financial auditing
o 2.11Security
o 2.12Human factors
o 2.13Psychology of risk taking
o 2.14Maintenance
o 2.15Cybersecurity[41]
 3Risk assessment and analysis
o 3.1Quantitative analysis
o 3.2Fear as intuitive risk assessment
 4Anxiety, risk and decision making
o 4.1Fear, anxiety and risk
o 4.2Consequences of anxiety
o 4.3Dread risk
o 4.4Anxiety and judgmental accuracy
 5Other considerations
o 5.1Risk and uncertainty
o 5.2Risk attitude, appetite and tolerance
o 5.3Risk as a vector quantity
 6List of related books
 7See also
 8References
 9Bibliography
o 9.1Referred literature
 o 9.2Books
o 9.3Articles and papers
 10External links

Definitions[edit]

Firefighters at work

The Oxford English Dictionary cites the earliest use of the word in English (in the spelling
of risque from its from French original, 'risque' ) as of 1621, and the spelling as risk from 1655.
It defines risk as:
(Exposure to) the possibility of loss, injury, or other adverse or unwelcome circumstance; a
chance or situation involving such a possibility.[3]

1. Risk is an influence affecting strategy caused by an incentive or condition that inhibits

transformation to quality excellence.[4]
2. Risk is an uncertain event or condition that, if it occurs, has an effect on at least one
[project] objective. (This definition, using project terminology, is easily made universal
by removing references to projects).[5]
3. The probability of something happening multiplied by the resulting cost or benefit if it
does. (This concept is more properly known as the 'Expectation Value' or 'Risk Factor'
and is used to compare levels of risk)
4. The probability or threat of quantifiable damage, injury, liability, loss, or any other
negative occurrence that is caused by external or internal vulnerabilities, and that may
be avoided through preemptive action.
5. Finance: The possibility that an actual return on an investment will be lower than the
expected return.
6. Insurance: A situation where the probability of a variable (such as burning down of a
building) is known but when a mode of occurrence or the actual value of the
occurrence (whether the fire will occur at a particular property) is not.[6] A risk is not an
uncertainty (where neither the probability nor the mode of occurrence is known), a peril
(cause of loss), or a hazard (something that makes the occurrence of a peril more
likely or more severe).
7. Securities trading: The probability of a loss or drop in value. Trading risk is divided into
two general categories: (1) Systematic risk affects all securities in the same class and
is linked to the overall capital-market system and therefore cannot be eliminated by
diversification. Also called market risk. (2) Non-systematic risk is any risk that isn't
market-related. Also called non-market risk, extra-market risk or diversifiable risk.
8. Workplace: Product of the consequence and probability of a hazardous event or
phenomenon. For example, the risk of developing cancer is estimated as the
 incremental probability of developing cancer over a lifetime as a result of exposure to
potential carcinogens (cancer-causing substances).
International Organization for Standardization[edit]
The International Organization for Standardization publication ISO 31000 (2009) / ISO Guide
73:2002 definition of risk is the 'effect of uncertainty on objectives'. In this definition,
uncertainties include events (which may or may not happen) and uncertainties caused by
ambiguity or a lack of information. It also includes both negative and positive impacts on
objectives. Many definitions of risk exist in common usage, however this definition was
developed by an international committee representing over 30 countries and is based on the
input of several thousand subject matter experts.

Other[edit]
Very different approaches to risk management are taken in different fields, e.g. "Risk is the
unwanted subset of a set of uncertain outcomes" (Cornelius Keating).
Risk can be seen as relating to the probability of uncertain future events.[7] For
example, according to Factor Analysis of Information Risk, risk is:[7] the probable
frequency and probable magnitude of future loss. In computer science this definition is
used by The Open Group.[8]
OHSAS (Occupational Health & Safety Advisory Services) defines risk as the
combination of the probability of a hazard resulting in an adverse event, and the
severity of the event.[9]
In information security risk is defined as "the potential that a given threat will
exploit vulnerabilities of an asset or group of assets and thereby cause harm to the
organization".[10]
Financial risk is often defined as the unpredictable variability or volatility of returns, and
this would include both potential better-than-expected and worse-than-expected
returns. References to negative risk below should be read as also applying to positive
impacts or opportunity (e.g. for "loss" read "loss or gain") unless the context precludes
this interpretation.
The related terms "threat" and "hazard" are often used to mean something that could
cause harm.

Practice areas[edit]
Risk is ubiquitous in all areas of life and risk management is something
that we all must do, whether we are managing a major organisation or
simply crossing the road. When describing risk however, it is convenient
to consider that risk practitioners operate in some specific practice areas.

Economic risk[edit]
Economic risks can be manifested in lower incomes or higher
expenditures than expected. The causes can be many, for instance, the
hike in the price for raw materials, the lapsing of deadlines for construction
of a new operating facility, disruptions in a production process, emergence
of a serious competitor on the market, the loss of key personnel, the
change of a political regime, or natural disasters.

Health[edit]
Risks in personal health may be reduced by primary prevention actions
that decrease early causes of illness or by secondary prevention actions
after a person has clearly measured clinical signs or symptoms
recognised as risk factors. Tertiary prevention reduces the negative
impact of an already established disease by restoring function and
reducing disease-related complications. Ethical medical practice requires
careful discussion of risk factors with individual patients to obtain informed
consent for secondary and tertiary prevention efforts, whereas public
health efforts in primary prevention require education of the entire
population at risk. In each case, careful communication about risk factors,
likely outcomes and certainty must distinguish between causal events that
must be decreased and associated events that may be merely
consequences rather than causes.
In epidemiology, the lifetime risk of an effect is the cumulative incidence,
also called incidence proportion over an entire lifetime.[11]

Health, safety, and environment[edit]

In terms of occupational health & safety management, the term 'risk' may
be defined as the most likely consequence of a hazard, combined with the
likelihood or probability of it occurring.
Health, safety, and environment (HSE) are separate practice areas;
however, they are often linked. The reason for this is typically to do with
organizational management structures; however, there are strong links
among these disciplines. One of the strongest links between these is that
a single risk event may have impacts in all three areas, albeit over
differing timescales. For example, the uncontrolled release of radiation or
a toxic chemical may have immediate short-term safety consequences,
more protracted health impacts, and much longer-term environmental
impacts. Events such as Chernobyl, for example, caused immediate
deaths, and in the longer term, deaths from cancers, and left a lasting
environmental impact leading to birth defects, impacts on wildlife, etc.
Over time, a form of risk analysis called environmental risk analysis has
developed. Environmental risk analysis is a field of study that attempts to
understand events and activities that bring risk to human health or the
environment.[12]
Human health and environmental risk is the likelihood of an adverse
outcome (See adverse outcome pathway). As such, risk is a function of
hazard and exposure. Hazard is the intrinsic danger or harm that is posed,
e.g. the toxicity of a chemical compound. Exposure is the likely contact
with that hazard. Therefore, the risk of even a very hazardous substance
approaches zero as the exposure nears zero, given a person's (or other
organism's) biological makeup, activities and location
(See exposome).[13] Another example of health risks are when certain
behaviours, such as risky sexual behaviours, increase the likelihood of
contracting HIV.[14]