Risiko

Question 1

What is risk?

Answer 1

Risk = combination of consequences and associated uncertainties

Question 2

What are the risk concept and its denotation

Answer 2

(C, U) = Consequences with respect to something of value
OR
(C, U|A) = Consequences with respect to something of value, given the event A

Question 3

What is the general risk description and what is Risk described by?

Answer 3

Risk description = (A’, C’, P, SoK, K)
Risk is described by = (C’, Q, K) and (A’ C’, Q, K)

Question 4

What do the different variables mean?

Answer 4

A’ = Specified events
C’ = Specified consequences
Q = Uncertainty measure describing uncertainties related to A’ and C’. Commonly represented by (P, Sok).
P = Probability
SoK = Strength of knowledge
K = Knowledge that Q and (A’, C’) are based on.

Question 5

Describe some common risk metrics

Answer 5

E[C’] = Expected value
Ef[C] = Average value of return if one runs a project an infinite (or large) amount of times.
VaR = Value at Risk
PLL = Potential loss of lives in a period of one year
FAR = Fatal accident rate. Expected number of fatalities per 100 million exposed hours.

Question 6

What are the formulas for PLL and FAR?

Answer 6

PLL = n * IR
n = number of equally exposed individuals
IR = probability that a specific person is killed in a year

FAR = Fatalities pr. exposed hour * 100 million
OR
FAR = (PLL / Number of exposed hours) * 100 million

Question 7

Define a frequentist probability

Answer 7

Pf(A) = Number of times A would occur when repeating situations over and over nearing infinite.

Question 8

Define subjective/knowledge-based probability

Answer 8

A probability expresses a person’s uncertainty or degree of belief that an event will occur. The person compares the uncertainty or belief related to event A.

Question 9

What is a crucial assumption related to the underlying value in frequentist probabilities?

Answer 9

The value needs to be estimated as the underlying true value is generally not known.

Question 10

Define Resilience

Answer 10

The ability of a system to sustain or restore its basic functionality following an event (risk source).

Question 11

Define Vulnerability

Answer 11

Vulnerability is essentially risk conditioned on the occurrence of an event A.

Question 12

What is the description of vulnerability?

Answer 12

Vulnerability = (C, U|A)

Question 13

What is the connection between Resilience and Vulnerability?

Answer 13

Resilience reflect an aspect of vulnerability by focusing on the systems ability to recover after an event A.

Question 14

Define Reliability

Answer 14

A system’s ability to work as intended

Question 15

In what way is safety the antonym of risk?

Answer 15

High safety = Low Risk
Low Safety = High Risk

Question 16

What does the term “Safe and secure” mean in practice?

Answer 16

The term “Safe and Secure” means that the risk is acceptable/tolerable

Question 17

What is a Risk matrix? And, what are some of its common limitations?

Answer 17

Risk matrix:
Matrix that illustrates risk by different events, using the probability of the event ( P(A’) ), and conditional expected value ( E[C’|A] ).

Limitations:
*Does not reflect the spectre of consequences and lacks considerations of the SoK
*Often, are events poorly plotted and not well defined
*Colour schemes should generally be avoided as they are potentially misleading
*Consequences of an event are not properly represented by one point in the matrix.
*Two events could have same location in matrix, but have vastly different supporting knowledge and consequences.

Question 18

What is a Risk assessment?

Answer 18

Methods and approaches for improving our understanding of risks and supporting decision-makers.

Question 19

What is the benefit of a risk assessment?

Answer 19

Risk assessments can help identify what may go wrong, why and how, what are the consequences and how bad are they.

Question 20

What are the different stages in a Risk assessment?

Answer 20

1. Planning - Establishing context
2. Risk analysis & Risk Evaluation
3. Utilization of risk assessment

Question 21

Explain what the term “management review and judgement” (MRJ) is

Answer 21

MRJ is the process between a risk assessment and consequent decision-making.
The MRJ process considers the limitations of the risk assessment. One summarises, interprets and deliberate the risk assessment results such that the results are prepared for decision makers.

Question 22

What is a model-based risk assessment? What is their purpose?

Answer 22

Model-based risk assessments are used to understand how a given system functions.
They aim to increase risk understanding by allowing us to change input quantities and measure the effect of risk-reducing measures.

Question 23

List the different examples of model based risk assessments

Answer 23

• Event trees - Assess possible outcomes, associated probabilities
• Fault trees - Assess the probability of failure in a safety barrier.
• Block diagram
• SWIFT - Identify the events leading up to a later event
• FMEA - Identify and rank failure modes for a system

Question 24

What are the basic symbols in a fault tree, and what is their meaning?

Answer 24

Circle - Basic event - Event at the lowest level in the model
Bowed square - And gate - The output event (above) occurs if all outputs (below) occur.
Bowed Triangle - Or gate - The output event (above) occurs if at least one of the input events (below) occurs.
Triangle - Transfer symbol - Used when the same branch occurs at several places in the tree, and when the tree must be drawn on several pages.
Rectangle - Description of event/state - Placed above gates and basic events.

Question 25

What is the connection between a fault tree and a block diagram in terms of reliability and unreliability?

Answer 25

Fault tree perspective: What does it take for the system to fail (Top event to occur?)

Reliability block perspective:
Unreliability - What does it take for the system to fail? (Cannot move from left point to right point)
Reliability - What does it take for the system to work (Get from left point to right point)

Question 26

What is the denotation used for the reliability and unreliability of a component?

Answer 26

pi = Probability of a component i working (reliability of component i)

qi = Probability of a component i not working (the unreliability of component i)

Question 27

What is the purpose of a event tree analysis?

Answer 27

Event tree analyses are used to study the consequences of initiating events.
Can be used qualitatively and quantitatively.

Question 28

Explain the term risk perception

Answer 28

Risk perception is a person’s subjective judgement of risk, considering social, cultural and psychological factors.

Risk perception relates to feelings, including fear, but can also cover conscious judgements related to risk.

Question 29

Describe the model used to describe the level of general trust and level of scepticism.
Also, describe the content in the model.

Answer 29

The model ranks the level of “general trust” and “Level of Scepticism” as high or low.

Low general trust / Low scepticism - Distrust
Low general trust / High scepticism - Rejection (Cynicism)

High general trust / Low scepticism - Acceptance (Trust)
High general trust / High scepticism - Critical trust

Question 30

What is risk communication, and what is its purpose?

Answer 30

Risk communication relates to communicating, exchanging or sharing risk-related information with different groups.

Risk communication aims at improving risk understanding to make appropriate risk-related judgements and decisions.
Also, it has the following functions:
* Enlightenment
* Right-to-know
* Attitude change
* Legitimation
* Risk reduction
* Behavioural change
* Emergency preparedness
* Involvement
* Participation

Question 31

What does the abbreviation “SARF” mean?

Answer 31

SARF = Social amplification and attenuation of risk

(Social Amplification of Risk Framework?)

Question 32

What is SARF?

Answer 32

SARF is a framework that includes both technical risk assessments with psychological, cultural and institutional perspectives.

Question 33

Define risk management

Answer 33

Risk Management = All activities used to address risk

Question 34

Deliberate on the main strategies for managing risk

Answer 34

The strategies should be used in accordance with the relevant context
1. Being risk-informed
2. Acting in accordance with the Cautionary/Precautionary principles
3. Discursive strategies

Question 35

Explain the cautionary principle

Answer 35

If an activity’s consequences are potentially severe and subject to uncertainties, cautionary measures should be implemented; otherwise, the activity should not be carried out.

Question 36

Explain the precautionary principle

Answer 36

If an activity’s consequences are potentially severe and subject to scientific uncertainties, then precautionary measures should be taken, or the activity should not be carried out.

Question 37

What is a Cost-Benefit Analysis (CBA), and what is the main drawback of this analysis?

Answer 37

A CBA is a type of analysis used to calculate the expected net present value of a measure.

Question 38

Name and explain the various figures closely related to a CBA?

Answer 38

Expected Net Present Value:
E[NPV] = Expected benefits - Expected costs
OR
E[NPV] = Expected number of lives saved * VSL - Expected cost

VSL = Value of a statistical life - The max value we are willing to pay to reduce the expected number of fatalities by 1

E[NPV] Rules:
E[NPV] > 0 = Implement measure
E[NPV] < 0 = Don’t implement measure

Question 39

Explain what a Cost-effectiveness analysis is

Answer 39

A analysis used to calculate the effectiveness of a measure (Often risk reducing measure)

Question 40

What is the formula for determining a cost-effectiveness ratio, and what what is ICAF?

Answer 40

Cost-effectiveness ratio (ICAF) = E[expected cost of measure) / E[expected benefit)

(Implied Cost of Averting a Fatality?)

Question 41

Define Risk Science

Answer 41

Risk Science = The most justified (best) knowledge (and practice of acquiring knowledge) related to risk assessment, communication, and handling.

Question 42

Risk science is divided into two sub-categories. Name and explain the two sub-categories.

Answer 42

Applied Risk Science:
This relates to supporting risk knowledge generation in relation to specific activities and handling specific risk problems

Generic Risk Science:
Generic risk science relates to generic risk concepts, principles, approaches and methods on how to understand, assess, characterize, communicate, manage and govern risk.