Suchergebnisse

Risk science is increasingly important as businesses, policymakers and public sector leaders are tasked with decision-making and investment using varying levels of knowledge and information. This book explores the theory and practice of risk science, providing concepts and tools for understanding and acting under uncertain conditions.

"Risk is the single most prevalent and enduring factor that influences every individual, organization, and society. People often seek protection from negative risk events, but also seek to take advantage of opportunities arising from positive risk events. We may feel overwhelmed by messages encountered in daily interactions with media and society, contributing to a sense of ambiguity over how to act in response to risk-related information and misinformation. We seek to leverage evidence and reason to find our own balance between both positive and negative outcomes in an uncertain world. This ground-breaking book delivers practical concepts and tools that empower readers to leverage innovations in risk science to improve their abilities to interpret, assess, communicate, and handle risk. It provides a practical non-quantitative approach to understanding risk and to making better decisions involving risk. Think RISK covers several key themes in risk science: a) The main goals and strategies for understanding and managing risk b) How readers can inform their risk stances by considering their own individual values and mission c) The difference between risk and safety, and how that difference is critical for managing risk d) The role of psychological factors when understanding and managing risk e) The role of communication when understanding and managing risk, and f) The general importance and incentives for effectively understanding and managing risk. Written for business professionals in all private and public sectors, this book will also be relevant to non-business professionals such as medical practitioners and policymakers and would be an ideal fit for executive education and seminar-style courses in universities, corporate books clubs and training seminars. Because it's based on foundational and scientifically accepted ideas and principles, the book should remain relevant for many years"--

Risk is the single most prevalent and enduring factor that influences every individual, organization, and society. People often seek protection from negative risk events, but also seek to take advantage of opportunities arising from positive risk events. We may feel overwhelmed by messages encountered in daily interactions with media and society, contributing to a sense of ambiguity over how to act in response to risk-related information and misinformation. We seek to leverage evidence and reason to find our own balance between both positive and negative outcomes in an uncertain world. This groundbreaking book delivers practical concepts and tools that empower readers to leverage innovations in risk science to improve their abilities to interpret, assess, communicate, and handle risk. It provides a practical non-quantitative approach to understanding the risk and making better decisions involving risk. Think RISK covers several key themes in risk science: a) the main goals and strategies for understanding and managing risk; b) how readers can inform their risk stances by considering their own individual values and mission; c) the difference between risk and safety, and how that difference is critical for managing the risk; d) the role of psychological factors when understanding and managing the risk; e) the role of communication when understanding and managing the risk; and f) the general importance and incentives for effectively understanding and managing the risk. Written for business professionals in all private and public sectors, this book will also be relevant to non-business professionals such as medical practitioners and policymakers and would be an ideal fit for executive education and seminar-style courses in universities, corporate book clubs, and training seminars. Because it's based on foundational and scientifically accepted ideas and principles, the book should remain relevant for many years.

Risk is the single most prevalent and enduring factor that influences every individual, organization, and society. People often seek protection from negative risk events, but also seek to take advantage of opportunities arising from positive risk events. We may feel overwhelmed by messages encountered in daily interactions with media and society, contributing to a sense of ambiguity over how to act in response to risk-related information and misinformation. We seek to leverage evidence and reason to find our own balance between both positive and negative outcomes in an uncertain world. This groundbreaking book delivers practical concepts and tools that empower readers to leverage innovations in risk science to improve their abilities to interpret, assess, communicate, and handle risk. It provides a practical non-quantitative approach to understanding the risk and making better decisions involving risk. Think RISK covers several key themes in risk science: a) the main goals and strategies for understanding and managing risk; b) how readers can inform their risk stances by considering their own individual values and mission; c) the difference between risk and safety, and how that difference is critical for managing the risk; d) the role of psychological factors when understanding and managing the risk; e) the role of communication when understanding and managing the risk; and f) the general importance and incentives for effectively understanding and managing the risk. Written for business professionals in all private and public sectors, this book will also be relevant to non-business professionals such as medical practitioners and policymakers and would be an ideal fit for executive education and seminar-style courses in universities, corporate book clubs, and training seminars. Because it's based on foundational and scientifically accepted ideas and principles, the book should remain relevant for many years.

AbstractCybersecurity events can cause business disruptions, health and safety repercussions, financial costs, and negative publicity for large firms, and executives rank cybersecurity as a top operational concern. Although cybersecurity may be the most publicized information systems (IS) risk, large firms face a range of IS risks. Over the past three decades, researchers developed frameworks to categorize and evaluate IS risks. However, there have been few updates to these frameworks despite numerous technological advances, and we are not aware of any research that uses empirical data to map actual IS risks cited by large firms to these frameworks. To address this gap, we coded and analyzed text data from Item 1A (Risk Factors) of the fiscal year 2020 Securities and Exchange Commission Forms 10‐K for all Fortune 1000 firms. We build on prior research to develop a framework that places 25 IS risks into four quadrants and 10 categories, and we record the number and type of IS risks cited by each firm. The risk of cyberattack is cited by virtually all Fortune 1000 firms, and the risk of software/hardware failure is cited by 90% of Fortune 1000 firms. Risks associated with data privacy law compliance are cited by 70% of Fortune 1000 firms, and risks associated with internet/telecommunications/power outage, human error, and natural disasters/terrorism are cited by 60% of Fortune 1000 firms. We perform additional analysis to identify differences in risk citation based on industry and financial measures.

AbstractRisk analysis has existed for thousands of years and will continue to grow in importance across professions and industries. Of special importance is the need to understand and manage risk when there is low knowledge and high uncertainties. Even with pristine and high‐quality risk analysis in these situations, integrity and credibility can be questioned, and risk events can happen. Although these issues do not prove some shortcoming in risk analysis and risk management, they can directly impact the risk analyst and decision‐makers. The risk literature has addressed the issues of defining and promoting integrity and credibility for risk studies, but there is little existing guidance for the analyst when handling the commonly encountered low knowledge and high uncertainty contexts. In this article, we explore the implications of low knowledge and high uncertainty in risk studies to understand how the risk analyst can acknowledge those features in a risk study, with recognition that those features may be questioned later. The topic of this article will be of interest to risk managers, professionals, and analysts in general who are tasked with analyzing and communicating with studies.

AbstractMajor risk events in history are often labeled as black swans or as unforeseeable given the risk policies and procedures existing at the time. Hindsight suggests that many of these events could have been foreseeable. This article explores past risk events, (1) analyzes how risk science principles apply to those events, and (2) studies gaps and opportunities for risk science using the lenses of consequences, uncertainty, and knowledge as they relate to evidence used for risk assessment prior to the risk event. New insights are obtained, relating to general foundational risk science issues and a classification system for characterizing the integrity and quality of evidence in risk studies. The analysis results are used to identify how risk science approaches contribute to the overall management of risk and societal safety, and where improvements can be obtained.

AbstractRisk management requires a balance between knowledge and values. Knowledge consists of justified beliefs and evidence, with evidence including data, assumptions, and models. While quality and integrity of evidence are valued in the sciences, risk science involves uncertainty, which suggests that evidence can be incomplete or imperfect. The use of inappropriate evidence can invalidate risk studies and contribute to misinformation and poor risk management decisions. Additionally, the interpretation of quality and integrity of evidence may vary by the risk study mission, decision‐maker values, and stakeholder needs. While risk science has developed standards for risk studies, there remains a lack of clarity for how to demonstrate quality and integrity of evidence, recognizing that evidence can be presented in many formats (e.g., data, ideas, and theories), be leveraged at various stages of a risk study (e.g., hypotheses, analyses, and communication), and involve differing expectations across stakeholders. This study develops and presents a classification system to evaluate quality and integrity of evidence that is based on current risk science guidance, best practices from non‐risk disciplines, and lessons learned from recent risk events. The classification system is demonstrated on a cyber‐security application. This study will be of interest to risk researchers, risk professionals, and data analysts.

AbstractThe role of the risk analyst is critical in understanding and managing uncertainty. However, there is another type of uncertainty that is rarely discussed: The legal, social, and reputational liabilities of the risk analyst. Recent events have shown that professionals participating in risk analysis can be held personally liable. It is timely and important to ask: How can risk science guide risk analysis with consideration of those liabilities, particularly in response to emerging and unprecedented risk. This paper studies this topic by: (1) Categorizing how professionals with risk analysis responsibilities have historically been held liable, and (2) developing a framework to address uncertainty related to those potential liabilities. The result of this framework will enable individual analysts and organizations to investigate and manage the expectations of risk analysts and others as they apply risk principles and methods. This paper will be of interest to risk researchers, risk professionals, and industry professionals who seek maturity within their risk programs.

AbstractRisk and uncertainty are critical elements for decision making across fields, such as business, policy, engineering, and healthcare. As universities maintain and adapt curriculums to ensure their graduates are prepared for risk‐related roles, there is momentum for risk science to be included in the curriculum. The study of risk science can be observed in programs devoted to risk fundamentals (for example on basic concepts like risk and probability) and risk assessment, risk perception and communication, and risk management and governance. Additionally, selected concepts related to risk science, such as safety and resilience analysis and management, are increasingly being embedded into a broader range of university curriculums. The present article presents a structure for classifying these programs, by distinguishing between generic (fundamental) risk science and applied risk science, with subcategories reflecting both subject (topic) and domain (application area). An overall evaluation of the broad offerings in risk science through devoted curriculums and selected topics within other specialized fields is conducted on the basis of the study programs currently offered. Perspectives are also provided on how to further enhance risk science studies at our universities and colleges.

AbstractAdvancements in the risk literature and recent events have highlighted the need for recognizing and managing system vulnerabilities. However, established definitions of vulnerability typically involve only static concepts that are limited to measurement of system characteristics. Advancements in risk modeling, combined with the dynamic nature of data availability, and processing call for the need to understand the various dimensions and time‐dependent properties of vulnerability within risk‐informed decision making. There is need to: (1) Understand and classify aspects of vulnerability that exist in various systems, such as related to engineering, business, and healthcare, while recognizing both properties of the system and associated knowledge, (2) reconcile these definitions of vulnerabilities with existing concepts, such as sensitivity analysis and fragility, and (3) explore the implications of various types of vulnerability on risk management decisions. The main contributions of this work include classifying dynamic characteristics of system vulnerability and leveraging information about the multidimensional properties of vulnerability within risk management decisions that apply to a collection of risk events. As a proof of concept, we illustrate the vulnerability classification on the COVID‐19 pandemic. This article will be of interest to both risk researchers and practitioners.

AbstractIt is critical for complex systems to effectively recover, adapt, and reorganize after system disruptions. Common approaches for evaluating system resilience typically study single measures of performance at one time, such as with a single resilience curve. However, multiple measures of performance are needed for complex systems that involve many components, functions, and noncommensurate valuations of performance. Hence, this article presents a framework for: (1) modeling resilience for complex systems with competing measures of performance, and (2) modeling decision making for investing in these systems using multiple stakeholder perspectives and multicriteria decision analysis. This resilience framework, which is described and demonstrated in this article via a real‐world case study, will be of interest to managers of complex systems, such as supply chains and large‐scale infrastructure networks.