As we have seen in the previous lecture set, acknowledging and identifying risks that come with our technologies is an important part of RI. In the introduction of this lecture set, we have seen how CBA is used as a means to quantify risks/rewards of various alternatives, as a means to objectively compare and choose which implementation is economically preferable. Other than economic viability, risk mitigation also has a technical dimension, and there are some ways in which these can be quantified and communicated.

In this first of two related web lectures by Prof. Frank Guldenmund, we will cover basic definitions that help to cystallize common notions related to risk, such as safety, security, hazards etc. These will serve as a foundation to basic criteria in risk based decision analysis, which is of most interest to decision makers. These criteria include individual risk vs group risk, internal safety vs external safety, localised risk vs societal risk and so on.

Having identified the basic criteria for managing risks and implementing safety measures in the previous section, we will now look at different frameworks to systematically list and mitigate risks.

Quick guide to Risk Analysis

Step 1: The first step (covered in the previous lecture) is to define the context and criteria.
Step 2: Identify the system boundaries, these boundaries will dictate the extent of responsibility.
Step 3: Identify potential hazards in that system.
Step 4: Quantify the risks: calculate the probability of hazardous outcomes, and their impact.
Step 5: Anticipate risk scenarios. What are the actions/events that are most likely to precipitate hazardous outcomes.
Step 6: Assess the risks, using for example risk matrices.
Step 7: Implement safeguards and stopgaps to prevent or mitigate these hazards.
Step 8: Risk assessment is never complete, always ongoing. Monitor the system vigilantly, adding or modifying measures if need be.

In accordance with this flow, some techniques that are routinely used include Fault Tree Analysis for constructing quantitative probability trees for hazardous outcomes, the Bow-Tie model for a diagrammatic representation of the causes and consequences of hazards, and risk matrices for quick action heuristics. All these and more will be detailed in the lecture.