Risk evaluation is a process in which judgments are made on the tolerability of the risk based on risk analysis and taking into account factors such as socioeconomic and environmental aspects (Rausand M., 2013, p. 1.2.2).
Risk evaluation relies on comparing the estimated risk levels with the defined risk criteria to determine the importance of the level and type of risk. It is based on the combination of estimated consequences and probability. It also uses information from the hazard/risk identification and risk analysis phases to make recommendations for decision-makers. These decisions may include avoiding the hazard, further controls, other forms of risk treatment or operation all together. Supplementary inputs to the decision-making process include financial, legal, ethical, and other considerations. If there is a possibility that more than one action could be feasible this process may also be used to prioritize possible actions (Popov G., Lyon B. K., Hollcroft B., 2016, p. 60).
Management's omission of analysts who have produced risk analysis can cause communication errors and erroneous conclusions, so it is therefore recommended to involve analysts in the evaluation (Rausand M., 2013, p. 1.2.2).
The risk evaluation will sometimes include a comparison of the results from the risk analysis with some risk acceptance criteria. Methods for defining risk criteria can spread from a level that does not require treatment, through a single level dividing risks that require treatment to multiple levels of risk demanding graduated degrees of actions. Decisions concerning treating a risk will probably depend on the costs and benefits of risk and the costs and benefits of enforcing improved controls. The ALARP ('as low as reasonably practicable') criteria is used to ascertain when the cost of further reduction is disproportionate to the benefits gained in the risk reduction and safety (Popov G., Lyon B. K., Hollcroft B., 2016, p. 60).
Risk assessment is an overall process of risk analysis and risk evaluation (Rausand M., 2013, p. 1.2.3).
The UK Health and Safety Executive has published a simple and informative introduction to risk assessment called Five steps to risk assessment. The five steps are (Rausand M., 2013, p. 1.2.3):
- Identify the hazard.
- Decide who might be disadvantaged and how.
- Evaluate the risks and decide on precautions.
- Record your findings and implement them.
- Review your assessment and update if necessary.
According to definition presented by Marvin Rausand risk management is a continuous management process with the purpose of which is to identify, analyze, and assess potential hazards in a system or related to an activity, and to identify and introduce risk control measures to eliminate or reduce potential harms to people, the environment, or other assets (Rausand M., 2013, p. 1.2.4).
Risk assessment is the combined effort of risk analysis and risk evaluation. This in turn combined with risk control creates risk management.
Risk is the probability of an unwanted event that results in negative consequences (Ostrom L. T., Wilhelmsen C. A., 2019, p. 5).
- Covello V. T., Menkes J., Mumpower J. L. (2012), Risk Evaluation and Management, Springer Science & Business Media
- Ostrom L. T., Wilhelmsen C. A. (2019), Risk Assessment: Tools, Techniques, and Their Applications, John Wiley & Sons
- Popov G., Lyon B. K., Hollcroft B., (2016), Risk Assessment: A Practical Guide to Assessing Operational Risks, John Wiley & Sons
- Rausand M. (2013), Risk Assessment: Theory, Methods, and Applications, John Wiley & Sons
- Tsudikman V., Izraylevich S., Balishyan A. (2011), Risk Evaluation and Financial Crises: Review of New Approaches to Risk Evaluation: VaR Criticism, Alternatives and Modifications, Pearson Education
Author: Natalia Supernak