Risk

Core Body of Knowledge for the

Generalist OHS Professional

Second Edition, 2019

31.1

February 2019
Copyright notice and licence terms
Copyright (2019) Australian Institute of Health and Safety (AIHS), Tullamarine, Victoria,
Australia

This work is copyright and has been published by the Australian Institute of Health and
Safety (AIHS). Except as may be expressly provided by law and subject to the conditions
prescribed in the Copyright Act 1968 (Commonwealth of Australia), or as expressly
permitted below, no part of the work may in any form or by any means (electronic,
mechanical, microcopying, digital scanning, photocopying, recording or otherwise) be
reproduced, stored in a retrieval system or transmitted without prior written permission of the
AIHS.

You are free to reproduce the material for reasonable personal, or in-house, non-commercial
use for the purposes of workplace health and safety as long as you attribute the work using
the citation guidelines below and do not charge fees directly or indirectly for use of the
material. You must not change any part of the work or remove any part of this copyright
notice, licence terms and disclaimer below.

A further licence will be required and may be granted by the AIHS for use of the materials if
you wish to:
• reproduce multiple copies of the work or any part of it
• charge others directly or indirectly for access to the materials
• include all or part of the materials in advertising of a product or services or in a
product for sale
• modify the materials in any form, or
• publish the materials.
Enquiries regarding the licence or further use of the works are welcome and should be
addressed to:
The Manager, OHS Body of Knowledge
Australian Institute of Health and Safety, PO Box 2078, Gladstone Park, Victoria,
Australia, 3043
[email protected]

Disclaimer
This material is supplied on the terms and understanding that the Australian Institute of
Health and Safety (AIHS) and its respective employees, officers and agents, the editor, or
chapter authors and peer reviewers shall not be responsible or liable for any loss, damage,
personal injury or death suffered by any person, howsoever caused and whether or not due
to negligence, arising from the use of or reliance on any information, data or advice provided
or referred to in this publication. Before relying on the material, users should carefully make
their own assessment as to its accuracy, currency, completeness and relevance for their
purposes, and should obtain any appropriate professional advice relevant to their particular
circumstances.

31.1 Risk December 2019

Acknowledgements

The Australian Institute of Health and Safety (AIHS)

financially and materially supports the OHS Body of
Knowledge as a key requirement of the profession.

The OHS Body of Knowledge forms the basis of the

AIHS OHS capability agenda and informs the other
platforms of the agenda: education assurance through
accreditation; role clarity, capability assurance through
individual certification and continuing professional
development.

Thus, the OHS Body of Knowledge is strategically

important to the AIHS and vital for the profession.
(www.aihs.org.au).

The OHS Body of Knowledge provides a framework

for OHS professional education and continuing
professional development. As the body managing
accreditation of OHS professional education, the
Australian OHS Education Accreditation Board
influences, supports and monitors the OHS Body of
Knowledge, and has a major role in the development
and review of individual chapters to ensure that the
quality and evidence base reflects current OHS
research and leading-edge thinking, and so provides a
suitable standard for OHS education and professional
development.
www.ohseducationaccreditation.org.au

31.1 Risk December 2019

Bibliography
ISBN 978-0-9808743-2-7

First published in 2012

Author
Professor Jean Cross, Emeritus Professor Risk and Safety Sciences, University of
New South Wales

Peer reviewers
Dr Keith Adam, Senior Occupational Physician, Medibank Health Solutions,
Queensland
Sally Bennett, Director, Enhance Solutions; Sessional Lecturer, Deakin University;
President, Victorian Chapter, Risk Management Institute of Australia.
Associate Professor Andrew Morrell, Minerals Industry Risk Management, Minerals
Industry Safety and Health Centre, University of Queensland

Second Edition published in 2019

Chapter updated to reflect changes resulting from a new ISO standard and to include
other recent references.

Author
Professor Jean Cross, Emeritus Professor Risk and Safety Sciences, University of
New South Wales

Citation of the whole OHS Body of Knowledge should be as:

AIHS (Australian Institute of Health and Safety). (2019). The Core Body of
Knowledge for Generalist OHS Professionals. 2nd Ed. Tullamarine, VIC: Australian
Institute of Health and Safety.

Citation of this chapter should be as:

Cross, J. (2019). Risk. In The Core Body of Knowledge for Generalist OHS
Professionals. 2nd Ed. Tullamarine, VIC: Australian Institute of Health and Safety.

31.1 Risk December 2019

 Risk

Professor Jean Cross Bsc PhD FIE Aust MAIRM.FSIA(Hon)

Emeritus Professor Risk and Safety Sciences, University of New South Wales

Email: [email protected]

Professor Cross has a degree and PhD in physics obtained in the UK. She was involved in research
and consulting work in the fields of electrostatics (hazards and applications), dust explosions and air
pollution control before taking up an appointment as chair of Safety Engineering at University of NSW
in 1988 where she taught safety risk management for 20 years. She has also been involved in
standards development in the field of risk management and reliability. She was chair of the Australian
standards committee that developed AS4360 Risk Management from 1992 until 2004 She retired
from UNSW in 2008 but continues to work on standards development in the area of risk assessment.

31.1 Risk December 2019

 Core Body of Knowledge for the Generalist OHS Professional

Risk

Abstract
The purpose of this chapter is to discuss the meaning of risk in its broader organisational
and societal context and the implications this has for managing occupational health and
safety (OHS) risks. Risk is a complex concept, but we often try to describe a risk in only a
few words and represent its magnitude as a single value. The validity of the assumptions
normally made in recording and assessing risks are explored with a quantitative example
used to explain some of the problems. The most important part of managing risks in the
workplace is not to measure it (qualitatively or quantitatively) but to understand the nature of
risks, their causes and consequences and to use this information to control risks. This
chapter aims to explore terminology issues, discuss the concept of risk and how risk is
assessed then consider how to apply a risk management process in a safety context.

Keywords
Occupational Health and Safety, OHS, risk, uncertainty, likelihood, consequence, risk
assessment, risk analysis, level of risk, risk management

Contextual reading
Readers should refer to 1 Preliminaries for a full list of chapters and authors and a synopsis of the
OHS Body of Knowledge. Chapter 2, Introduction describes the background and development
process while Chapter 3, The OHS Professional provides a context by describing the role and
professional environment.

Terminology
Depending on the jurisdiction and the organisation, Australian terminology refers to ‘Occupational
Health and Safety’ (OHS), ‘Occupational Safety and Health (OSH) or ‘Work Health and Safety’
(WHS). In line with international practice this publication uses OHS with the exception of specific
reference to the Work Health and Safety (WHS) Act and related legislation.

Jurisdictional application
This chapter includes a short section referring to the Australian model work health and safety
legislation. This is in line with the Australian national application of the OHS Body of Knowledge.
Readers working in other legal jurisdictions should consider these references as examples and refer
to the relevant legislation in their jurisdiction of operation.

31.1 Risk December 2019

Table of contents

1 Introduction ...................................................................................................................1
1.1 Hazards and Risks .......................................................................................................1

2 Definitions of Risk .........................................................................................................2

2.1 Risk as a description ....................................................................................................3
2.2.1 Components of risk................................................................................................4
2.2 Risk as a measure .......................................................................................................8

3 Estimating a level of risk ..............................................................................................9

3.1 Introduction ..................................................................................................................9
3.2 The value of consequences .......................................................................................10
3.3 Issues with defining likelihood ....................................................................................11
3.4 How consequence and likelihood are combined.........................................................12
3.5 Risks with multiple possible values of consequence ..................................................12
3.6 Risks with multiple types of consequence ..................................................................14
3.7 Risks with gradual or time delayed consequences .....................................................15
3.8 Qualitative considerations ..........................................................................................16

4 Risk and decisions ......................................................................................................16

4.1 Defining Acceptable level of risk ................................................................................17
4.1.1 Legislated criteria ................................................................................................17
4.1.2 Criteria in Organisations ......................................................................................21
4.1.3 Individual perception of acceptable risk ...............................................................22

5 Implications for practice .............................................................................................24

5.1 Definitions of risk........................................................................................................24
5.2 Risk management ......................................................................................................25
5.3 Risk assessment ........................................................................................................30
5.4 Risk treatment............................................................................................................37

6 Summary......................................................................................................................37

References .........................................................................................................................38

31.1 Risk December 2019

List of Figures

Figure 1 A simple representation of a safety risk ……………………………………….. 4

Figure 2 Bow tie model of risk …………………………………………………………….. 6
Figure 3 Sample distribution of loss data from an organisation ……………………….. 13
Figure 4 Levels of Risk and ALARP ……………………………………………………… 19
Figure 5 Societal risk criteria ……………………………………………………………… 20
Figure 6 Risk management process ……………………………………………………… 27
Figure 7 FAO risk analysis process ………………………………………………………. 28
Figure 8 USEPA risk analysis process …………………………………………………… 28
Figure 9 Example of a consequence-likelihood matrix …………………………………. 34

List of Tables

Table 1 Components of the bow tie model of risk ……………………………………….. 6

Table 2 Some frequencies of death by different causes ………………………………… 11
Table 3 Individual fatality risk criteria ……………………………………………………… 20
Table 4 Perceived risks …………………………………………………………………….. 22

31.1 Risk December 2019

1 Introduction
The national model Work Health and Safety Act (WHSA) (SWA, 2016) requires that people
with management control ensure so far as is reasonably practicable that the workplace is
without risks to the health and safety of people. Model Regulations (SWA, 2019) also require
that duty holders identify hazards and assess risks. This chapter discusses the meaning of
the terms ‘hazard’ and ‘risk’ and how risks can be assessed to develop information for their
control.

Managing risks to people’s health and safety in the workplace and communicating about
them is made more difficult by the complexity of the concepts surrounding risk and its
measurement, by the use of confusing and inconsistent terminology, and by differences in
perceptions about risks. To communicate clearly and unambiguously a single language is
needed with each concept referred to by a different word and that word not also used for
other quite different concepts. ISO Guide 73 (ISO, 2009) attempts to achieve this but many
safety standards predate this Guide and do not follow its definitions. This chapter follows the
terminology used in Guide 73 [also used in ISO: 31000 Risk Management (ISO, 2018)1] but
also demonstrates how this fits with other ways of expressing the same concepts.

1.1 Hazards and Risks

The term hazard is defined in ISO standards as the source of potential harm (ISO, 2009).
However this can be interpreted narrowly as a source of damaging energy (Haddon, 1973)
or very broadly such as in Makin and Winder (2009), where it is argued that hazards should
include ‘managerial hazards’ where risk is associated with their absence. Viner points out
that the energy definition does not correspond to colloquial use:

Colloquially a brick on the floor or a stationary unlit truck at the side of the road are regarded as
hazards. However if the brick trips a person up it is not the brick’s energy that results in
damage but rather the gravitational potential energy of the body of the person who was tripped.
(Viner, 1991)

To the engineer for whom energy, by definition means something which has the ability to do
work, the concept of energy cannot be applied to toxic materials or psychological hazards.

On the other hand the very broad definition of Makin and Winder is useful when identifying
risks but can lead to problems when trying to estimate the level of risks (as will be discussed
later). In this chapter the word hazard is used to mean something which has the direct
property of being harmful; something which is a source of energy or causes stress to the

1
Adopted by Australia as AS/ISO: 31000 Risk Management – Guidelines.

December 2019
31.1 Risk Page 1 of 42
body. The brick and unlit truck are included but the causes for why they are in a dangerous
position are not. The fundamental test for whether something is a hazard is that if it is
eliminated there is no risk. For example lack of training is not a hazard because the source
of harm (for which training is a control) is still there. There is still a need for a way of referring
to other problems, tangible and intangible that give rise to risk. In this chapter the term
‘source of risk’ will be used. Whatever the precise interpretation of the word hazard, it is a
source of harm rather than some expression of its effect, which is the risk.

2 Definitions of Risk
Risk is a complex concept difficult to define in a single sentence, According to Friedrichsen
in the Shorter Oxford English Dictionary (3rd Edition, 1973) the word ‘risk’ was first used in
the English language in the 17th century and probably evolved from the Italian or French
word meaning to run into danger. Early usage of the word as a noun is in the sense of
exposure to mischance or peril, or the chance of loss. This dictionary also records early
usage of the verb ‘to risk’ as to venture upon, or to take the chance of. Today the word risk is
used in multiple ways in the English language; (e.g. Hamilton, Adolphs & Nerlich 2007).
Often in common usage the words risk, danger and hazard are used synonymously. In
technical and safety publications more precision is needed.

Hansson (2004) identified five common uses of the word in technical publications:

• Risk as an unwanted event which may or may not occur.

• Risk as the cause of an unwanted event which may or may not occur. (This is also a
definition of a hazard.)
• Risk as the probability of an unwanted event which may or may not occur.
• Risk as the statistical expectation value of unwanted events which may or may not
occur. [A statistical expectation value is the sum of the values of each possible
outcomes multiplied by its probability].
• Risk as the fact that a decision is made under conditions of known probabilities
(“decision under risk”).

Hansson illustrated these uses of the word risk using the example of lung cancer where one
may talk about the risk of getting lung cancer (an event); the risk of cigarette smoke (a cause
or a hazard); the risk of having one’s life shortened by smoking as at least 50% (a
probability); or that the total risk from smoking is higher than from any other cause (the
statistical expectation value); and the decision to smoke knowing the risks can be
considered a decision under risk.

December 2019
31.1 Risk Page 2 of 42
In addition to Hansson’s meanings, the word risk is used to mean a consequence when we
talk about the risk being death. ‘Taking a risk’ means undertaking an activity to seek benefit
where there is a chance of a negative outcome. Finally, in the financial arena, risk can be a
measure of the level of uncertainty. Thus a high-risk stock is a volatile stock where the
variance or fluctuations from the mean value are high.

There are two distinct meanings in the list of usages of the word provided above:

• A description of something that is uncertain and may not be an event or an outcome

(it might be both or it might be an exposure)
• A measure to which a number or rank can be ascribed related to the extent to which
potential outcomes are of concern to us.

These two meanings are reflected in different standards and regulations. Whereas business
and engineering applications (e.g. COSO, 2017; ISO, 2018; IEC, 2019) define risk as a
description of what might happen, environmental, food safety, bio-security and World Health
Organization (WHO) standards and regulations define risk only as a measure, using the
word hazard for uncertain events and outcomes as well as for sources of risk. Occupational
health and safety (OHS) regulations and standards are mixed in their definitions and often
apply both meanings to the word, regardless of the stated definition. This lack of agreement
on whether risk is a description of what might happen or a measure adds to the confusion
surrounding an already complex concept.

2.1 Risk as a description

Although dictionaries still define risk as a negative concept, in the field of risk management
most modern definitions associate risk with uncertainty and allow for the outcome to be
either positive or negative. For example definitions include:

“a situation or event where something of human value (including humans themselves) has been
put at stake and where the outcome is uncertain (Rosa, 1998, p. 28)

“the chance of something happening that will have an impact on objectives” (SA/SNZ, 2004)

“the effect of uncertainty on objectives” (SA/SNZ, 2009)

“exposure to a proposition that is uncertain” (Holton, 2004, p. 22).

These definitions recognise that the purpose of risk management is not to reduce loss at all
costs, but to achieve objectives as effectively as possible. In OHS, as in other areas,
managers should be actively seeking to take advantage of things that might happen to
achieve OHS objectives, as well as looking for things that might go wrong.

December 2019
31.1 Risk Page 3 of 42
Also common to the four example definitions is the element of uncertainty. They differ as to
whether the uncertainty relates to an outcome, an exposure, a situation, or an event. Three
of the definitions relate the outcome of uncertainty to objectives, which ties the meaning of
risk to human values. This idea is explored further in section 4.

In practice, focusing on events, exposures or outcomes provides a language shortcut.

Regardless of the formal definition of the word, to describe a risk to those who are exposed
to a risk or must manage it, all the information covered by these definitions is needed. The
information that there is a risk of death is uninformative without a description that includes
who or what is affected and the circumstances that might give rise to the death.

There was a change in the definition of risk in Australian standards between AS/NZ 4360
(SA/SNZ, 2004) Risk Management and AS/NZSISO 31000 Risk Management – Principles
and Guidelines (SA/SNZ/ISO 2009). The shift in emphasis from an event to an effect, and in
particular the effect on objectives, makes it clearer that managing risk is directed to
achieving objectives and clarifies the fact that not all uncertain consequences arise from
discrete events. (Uncertain outcomes can arise from continuing situations or chronic
exposures with no discrete event.) The focus on effects on objectives and on outcomes is
also better suited to how risk is measured, i.e. a combination of the likelihood and magnitude
of specified consequences (not the likelihood of an event and its consequences)

2.2.1 Components of risk

A simple model of the components of risk that derives from Haddon (1973) and is often used
in OHS is depicted in Figure 1.

Figure 1: A simple representation of a safety risk

December 2019
31.1 Risk Page 4 of 42
This model starts with the presence of a hazard. An event (or gradual exposure) occurs
where control of the hazard is lost, and energy (defined very broadly) is released and
impinges on a person causing injury (Haddon, 1973; Viner, 1991). This assumes that there
is one hazard and one event leading to one consequence. While this can be useful in some
contexts, it is an oversimplification that can lead to problems when risks are recorded. There
are few hazards that have only one possible outcome and the same outcome may arise from
multiple different hazards or events. As well as pain and suffering of individuals there are
impacts on an organisation’s OHS, financial and legal objectives. Barriers may control one
or many hazards or may mitigate one or many consequences. There may be domino or
‘knock-on’ effects.

A rather more sophisticated, model of a risk is the bow-tie model (Figure 2). This first
appeared in internal training materials in the petrochemical industry and is normally
attributed to Shell. The starting point is still the hazard, which, as a result of one or more
mechanisms, leads to a critical event where control is lost. A range of different
consequences may follow the event affecting different stakeholders and different objectives.
The bow-tie model recognises that there may be multiple pathways to a critical event (the
left side of the bow) and that the event may lead to a variety of consequences with several
different areas of impact (the right side of the bow). Preventative controls are separated from
controls that change consequences after the critical event has occurred. The model also
incorporates influencing factors and control failures2. Table 1 explains the model
components in more detail.

2
See also OHS BoK: 32 Models of Causation: Safety

December 2019
31.1 Risk Page 5 of 42
 Figure 2: Bow-tie model of risk (modified from Hudson & Guchelar, 2003)

Table 1: Components of the bow-tie model of risk

Component Explanation
Hazard In some situations, a distinct hazard can be identified, in others, this is not
applicable or useful. For example, in road safety the hazard is nearly always
the moving car and it is more useful to focus on the different mechanisms by
which the critical event (e.g. a collision) may occur.
Mechanisms Discrete events, changes, or ongoing situations that lead to the critical event
occurring.
Critical event (also The point at which control is lost and controls change from prevention to
called ‘top event’) mitigation.
Consequences The different types of outcome that might occur.
Areas of impact The people, facilities and objectives affected.
Controls to change Controls that reduce the likelihood of the source of risk being present, the
likelihood mechanism occurring or the mechanism leading to the critical event.
Controls which change Controls that prevent consequences following the event or reduce the
consequences consequences
Management support It is useful to distinguish between controls that directly change likelihood or
functions that enable consequence and management functions that facilitate controls (Hale et al.,
controls 2007). For example, a procedure may change the likelihood of an event
occurring so is a control. Training in itself does not; rather it supports the
procedure, so is a support function rather than a control.
Influencing factors Traditionally, these are factors that may lead to changes in the effectiveness of
controls and may also be used to include factors which may influence the
probability of a mechanism occurring.

December 2019
31.1 Risk Page 6 of 42
The bow-tie model of risk can be used in several ways:

• To support effective visual communication about a particular hazard or critical event,

showing multiple mechanisms and outcomes
• To check that each mechanism has a control and that the controls for each
mechanism are effective
• To help illustrate what is and is not a valid description of a risk; for example the
failure of a control is a different concept than a risk. The importance of a control
failure cannot be found by estimating a level of risk, because the importance of a
control depends on the level of risk associated with the mechanism or critical event it
controls and the effectiveness of other controls in the pathway
• As a basis for recording data about risks. For example, Hale et al., (2007)
demonstrated how this model can be used to classify incident data using the
components of the bow tie as data fields.

While a more sophisticated and versatile conception of risk than the model depicted in
Figure 1, the bow-tie model is still simplistic in that:

• It assumes that mechanisms and consequences are independent, whereas for some
types of risk the consequence depends on which mechanism occurs
• It does not adequately consider events that result from a combination of mechanisms
or from causal chains, or consequences that arise from a combination of events
• It assumes that consequences follow a discrete event (although it can be adapted to
suit a situation where consequences arise from continuous exposure to a set of
circumstances, such as ongoing exposure to chemicals).
• In its usual form it does not cover chains of events, although it is possible to cascade
bow ties by making the mechanism, of one bow tie the critical event of the next to
further explore causes.
• It does not include a model of causation so implies that risks can always be dealt with
by barriers rather than by seeking and addressing root causes.

To fully understand a risk the causes of the bow-tie elements and the relationships between
them should be explored in more detail. The bow-tie model can be considered to be a
simplification of more detailed methods of analysing a risk where the left hand side of the
bow-tie is a simplified fault tree and the right hand side an event tree, with the whole
representing a cause-consequence analysis.3

3
See OHS BoK 32 Models of Causation: Safety.

December 2019
31.1 Risk Page 7 of 42
So far the discussion has been limited to consideration of individual risks that can be
described in terms of a source of risk, an event and its consequences. A second important
concept in OHS management is that of ‘riskiness.’ Investigations of many incidents reveal
that, rather than the failure of a single barrier, incidents result from one or more underlying
problems within the management of the organisation, such as lack of staff, run-down
equipment, or issues with priorities and decision making. Rasmussen (1997) discussed the
weaknesses of simple models of risk and incident causation, and considered incidents to
result from “a general migration towards the boundaries of acceptable risk”. Commissions of
inquiry have uncovered a host of problems within an organisation and sometimes outside it,
which resulted in the failure, or absence, of appropriate controls (Hopkins, 2005). These
underlying issues cannot be specified as particular events and consequences and allocated
a priority in a risk register because no specific consequences can be defined. They are not
even failures in a safety management system. They are decisions made within the general
management activities that lead to an increase in the level of risk across all risks in a way
that is not quantifiable. Dealing with these factors is referred to as “resilience engineering”
(Hollnagel, Woods & Leveson, 2006) or mindfulness’ (see for example Weick & Roberts,
1993; Hopkins, 2005).

Riskiness, cultural issues and weaknesses in controls are sources of risk that lead to poor
safety outcomes. They need to be recognised and dealt with even though one cannot
attribute a particular consequence or level of risk to them.

2.2 Risk as a measure

The concept of measuring risk by combining consequences and likelihood is attributed to
Pascal in the 17th century who, in discussing the risk of being struck by lightning stated that
“our fear of some harm ought to be proportional not only to the magnitude of the harm, but
also to the probability of the event” (Arnauld in Buroker, 1996, pp. 274-275).

More recent definitions of risk as a measure include:

• A function of the probability of an adverse health effect and the severity of that effect,
consequential to a hazard(s) in food (FAO/WHO, 2011)
• The probability that a particular adverse event occurs during a stated period of time,
or results from a particular challenge” (Royal Society, 1983).
• The probability of adverse effects resulting from exposure to an environmental agent
or mixture of agents” (USEPA, 2011).
• To an investor risk is volatility or the variability in the returns from an investment.

The Royal Society (1983) definition appears to define level of risk as the probability of an
event combined with its consequence. However the definition is accompanied by a clear
description, which specifies:

December 2019
31.1 Risk Page 8 of 42
 a) identification of the outcomes; (b) the estimation of the magnitude of the associated
consequence of these outcomes; and (c) the estimation of the probabilities of these
outcomes.

The level of risk attributed to a disease does not relate to how often one contracts the
disease but how often one dies from it. The level of risk then is some function of
consequence and the likelihood it will occur. This may not be a simple product, particularly
where consequences can have a distribution of values.

3 Estimating a level of risk

3.1 Introduction
For clarity and to distinguish ‘risk’ the description from ‘risk’ the measure, in the rest of this
chapter the term risk will be reserved for its descriptive meaning and the measure will be
referred to as ‘level of risk’. This is in accordance with the definitions in ISO 31000 Risk
Management Principles and Guidelines (ISO, 2018)4 and the ISO Guide 73 Risk
Management Vocabulary (ISO, 2009).

Much effort and attention is often given to estimating a level of risk as a basis for making
decisions about risk. This section discusses some of the theoretical problems with producing
a meaningful value for level of risk that is compatible with the descriptive understanding of
the concept of risk described in section 2. In practice, although it is useful to know the
magnitude of risk so that one can highlight important issues and keep others informed. The
use that will be made of the level of risk and the level of confidence that can be placed on its
value needs to be considered before too much time and effort is expended.

Representing the magnitude of a risk as the product of consequence and their likelihood has
the following issues:

• It assumes a specified consequence has a unique value which is the same to all
people
• Probabilities are difficult to comprehend and estimate– particularly for low likelihoods
• It assumes that likelihood and consequences are of equal importance and are
combined as a simple product
• It assumes that a single representative consequence and likelihood can represent a
risk

• It does not consider uncertainties in the estimates of consequence and likelihood as

part of the definition of risk.

4
ISO 31000 2018:Risk Management Principles and Guidelines adopted by Australia as AS/ISO
31000 2018:Risk Management Principles and Guidelines.

December 2019
31.1 Risk Page 9 of 42
3.2 The value of consequences
The 17th century assertion that risk is about our fear of harm (Arnauld in Bukoker, 1996)
demonstrates that risk is about our individual appreciation of the consequence. For example,
assume there are two individuals, one is poor and only has $100; the other is rich with
millions in the bank; and there is an equal probability that each will lose $100. The level of
this risk for the poor person is greater because $100 is of more value to them. This is in line
with the definition of risk in ISO 31000 (ISO, 2018) where risk is the effect of uncertainty on
objectives. (It is assumed $100 will have more effect on a poor person’s objectives than a
rich). A level of risk can be calculated by combining a measure of consequence with the
likelihood it will occur but the importance of this risk has no intrinsic value outside of the
particular context and each individual’s objectives.

The probability of death is often used as a measure of risk in health and safety; however
even this does not produce a unique measure of consequence. For example death can be
measured as years of living lost (which attributes more value to the young than to the old) or
as number of fatalities (which gives equal weight to both, but treats an immediate fatality as
equivalent to a fatality that may occur after a latent time period) (Slovic, 1999).

Economic theory provides a method of dealing with differing values placed on consequences
by relating the consequences to a utility scale.5 Using a utility scale to represent the value of
consequences:

• Better represents the fact that risk is about the importance of the consequence in the
context
• Takes account of the different values that different stakeholders assign to a
consequence
• Allows for a disproportionately high (or low) value to be given to higher
consequences (Ben-Asher, 2008)
• Allows risks where consequences have different units to be combined.

In practice establishing a valid utility scale is time consuming and unlikely to be practicable
in most situations relevant to OHS, although they are used in the public health and
environmental context. (see, for example, Hofstetter & Hammit, 2001)

5
Utility can be defined as: “Pleasure or satisfaction (value for money) derived by a person from the
consumption of a good or service or from being in a particular place, and for the maximization of
which all economic actions are motivated. It is the subjective or psychic return which cannot be
measured in absolute or objective terms” (Business Dictionary,
http://www.businessdictionary.com/definition/utility.html)

December 2019
31.1 Risk Page 10 of 42
3.3 Issues with defining likelihood
While consequences, even when known precisely, may have different values to different
people, likelihood should be factual and based on data. The practical issue with estimating
likelihood is lack of data concerning events that have not happened yet, or happen only
rarely. In the absence of such data, estimates of level of risk usually rely on perceived
likelihoods, but experts and non-experts alike have a poor perception of the likelihood of low-
probability events and a poor appreciation of what low probability values mean in practice,
(see Desalles, 2006, Haluik 2016). There is evidence that the perception of likelihood varies
depending on how the statistical data is presented. For example, Bonner and Newell’s
(2008) investigation of how the numerical framing of statistical information can influence risk
perception found that risk ratings were higher for a ‘year’ than a ‘day’ format, i.e. ‘36,500
people die from cancer every year’ was judged more risky than ‘100 people die from cancer
every day.’

While many people may perceive a frequency of 1 in 100 years to be a low likelihood Table
2 shows that in an OHS context this frequency is many orders of magnitude higher than the
actual frequency shown by data.

Table 2: Some frequencies of death by different causes

Frequency Source
-4
Death all causes aged 20- 5 10 /year US Social Security Admin
25 (5 in 10,000 people / year) (2011)

Death in accident at work all 2.6 10-5 /year Safe Work Australia (2018))
causes 2017 (1.5 in 100,000 people / year)
Killed by lightning 2.5 – 5 10-7/year Bureau of Meteorology (2011)
(Australia) (Between 2.5 and 5 in 10 million
people / year

Not only are estimates of absolute probabilities notoriously poor, but perceptions of relative
probabilities do not tally with data. There is, for example, evidence that individuals
overestimate the probability of low-probability risks and underestimate high-probability risks
(Gonzales, 1999; Tversky & Khaneman, 1974). (Both Gonzales and Tversky and Khaneman
mostly dealt with probabilities rather higher than the ranges relevant to personal safety)
Tversky and Kahneman also showed that at very low probabilities, probability is given zero
weight in personal decisions.

December 2019
31.1 Risk Page 11 of 42
3.4 How consequence and likelihood are combined
Often, the level of a risk is taken to be the product of a consequence and its likelihood;
however, there is no reason why consequence and likelihood should be combined by this
simple formula and it is questionable whether the formula properly represents what is meant
by the magnitude of a risk. A simple product of consequence and likelihood means, for
example, that a 1% chance of losing $10,000 is the same risk as a 100% chance of losing
$100, which few would agree to be the case. Intuitively, a high-consequence, low-likelihood
loss seems to be more important than a high probability of a low loss and does have a
greater effect on organisations. This is not an irrational misperception of risk with the formula
consequences x likelihood giving the ‘correct’ value, but an indication that the true function
for combining consequence and likelihood to represent the effect of uncertainty on
objectives is not linear.

A simple product matches the conceptual understanding of the magnitude of a risk for
moderate consequences and probabilities, but fails for low probability situations which are
often those of highest consequence.

3.5 Risks with multiple possible values of consequence

A further complication in finding a simple estimate for level of risk by combining a
consequence and its likelihood is that the outcome of an event (or of chronic exposure to a
hazard) is often very variable. A fire may result in anything from no injury to multiple deaths
and it is difficult to find a single consequence and likelihood pair to represent this situation.

The extent of this problem can be illustrated by considering a quantitative example where
there is a single type of consequence with a range of different outcomes such as the
distribution of insurable financial losses experienced by an organisation in a year as shown
in Figure 3. The column labelled ‘More’ includes a single loss of $225,000, 24 losses
between $10,000 and $100,000, and 250 losses of less than $1000. There is the possibility
of a maximum loss of $10 million, but this has not happened in the past so there is no
means of assessing the probability of it occurring in the future. This type of distribution with
many low losses and progressively fewer higher value losses is typical of several types of
loss and can be compared with Bird’s Triangle in OHS (see Bird & Germain, 1985). The
objective is to try to represent this distribution of losses with a single number representing
the level of risk.

December 2019
31.1 Risk Page 12 of 42
 Figure 3: Sample distribution of loss data from an organisation

The level of risk could be taken to be the sum of the products of the frequency of each
consequence up to the theoretical maximum loss. This is the expectation value and can be
shown to be equivalent to the mean loss multiplied by the total probability of a loss
occurring.

However in many situations it is not the mean loss that is of most concern but the possibility
of a very high loss. There are a number of options when there is a distribution of
consequences as follows:

• Take the most probable loss (the mode of the distribution) and multiply by its
probability. With a skewed distribution typical of a safety situation this is clearly a
very significant underestimate.
• Take the most serious consequences experienced and multiply by the likelihood of
this consequence occurring. This requires likelihood to be estimated without good
statistical evidence because this type of event occurs infrequently. It will also
underestimate the total risk because both lower losses and losses that have not yet
occurred are ignored. (In fact, for the dataset in Figure 3 it turns out that over the
years this approximation gives just under 50% of the total annual loss value.)
• Take the highest credible loss and multiply by its probability of occurrence for which
there is no supporting data. This can never be more than a guess.
• Take the standard deviation of the distribution. This will be higher if losses vary
significantly from the mean. Although the shape of the distribution is not known there
may be sufficient data to obtain summary statistics from which a mean and standard
deviation (or other measure of dispersion) can be found. This measure is used
frequently in finance where there may be either a gain or a loss. It is not used in

December 2019
31.1 Risk Page 13 of 42
 OHS, but it does represent a measure of risk that can be useful to decision makers.
Routine losses can be obtained from the mean of data and the standard deviation
provides a measure of the probability that something much more serious might
occur. This is the only proxy value that allows for a finite probability of loss beyond
historical data, but it does intrinsically make an assumption about the shape of the
tail of the distribution which is unlikely to reflect the true shape.
• Take the consequence of the highest possible loss and multiply it by the probability of
any loss occurring. This would grossly over estimate the level of risk since the
majority of losses are low consequence.

Any of these measures can be useful in particular situations but there is no single correct
value. The fact that individuals may take varying approaches adds to the difficulty of
obtaining a consistent estimate of level of risk

The extent to which any of the above proxy values for level of risk is a fair indication of the
total level of risk represented by the distribution depends on the shape of the distribution.
For a set of risks with different distributions, ranked by level of risk, the order could be
expected to change depending on the choice of proxy measure.

3.6 Risks with multiple types of consequence

In most situations, as well as varying values of consequence, there are varying types of
consequence. For example, a building fire may result in death or injury of people, destruction
of property and hence financial loss, disruption of the organisation’s business, pollution to
the environment and injury to fire fighters. There may also be situations where different
types of consequence are relevant to different stakeholders. When a major hazards facility is
built local residents may face a risk that their property values will decrease. This risk does
not apply to other stakeholders. In theory, the total level of risk is the sum of the probabilities
of each consequence across all stakeholders; however consequences are usually measured
in different units so risks will also have different units and cannot be added unless they are
related to a common utility scale as discussed in section 3.2.

It is also possible to use principles of cost-benefit analysis to assign a dollar value to all
consequences even when they are intangibles. Some of the difficulties of this approach,
particularly in an OHS context are illustrated by the wide range of estimates for the dollar
value placed on a life, which can be obtained by different methods and which are used by

December 2019
31.1 Risk Page 14 of 42
different government agencies (Bellavance, Dionne & Lebeau, 2009; Viscusi & Aldy, 2003,
Robinson & Hammitt, 2015). 6

A common way of dealing with multiple types and values of consequence in practice is to
focus on a single consequence of particular significance and express the risk as the
probability of that outcome occurring, ignoring other possible outcomes. This will only be
valid for decision-making if that one particular consequence far outweighs the importance of
all other possible consequences.

3.7 Risks with gradual or time delayed consequences7

Some consequences such as those which arise from chronic exposures to a hazard may be
delayed or have a gradual onset. The estimated level of risk needs to take into account that,
in most cases, people perceive delayed consequences as preferable to immediate harm.

One example of a chronic risk in OHS is exposure to a chemical where the likelihood of a
particular consequence depends on the dose received. The level of risk of a particular
exposure can be expressed as the probability of experiencing the specific chemical-related
disease within a normal life span. This measure for level of risk relies on various
assumptions about the shape of a dose-response curve and the validity of rats or other test
species as a model for humans. For chemicals, where there is accumulation in the body, the
time dependence of the level of risk differs from that of chemicals which do not accumulate.
Manual handling and noise present similar issues. The injury occurs over time, the extent of
injury depends on dose (or its equivalent) and the exposure levels may change with time.

Picking a single consequence-likelihood pair for any chronic exposure where onset is time-
delayed or gradual is problematic, making comparisons of these risks with risks with more
immediate consequence difficult and a matter of judgment rather than a formula.

6
See also OHS BOK 38.3 Ethics and Professional Practice for a comment on ethical issues
associated with cost-benefit analysis.
7
See also OHS BoK 33 Models of Causation – Health Determinants.

December 2019
31.1 Risk Page 15 of 42
3.8 Qualitative considerations
The problems of representing level of risk by combining a single consequence and its
likelihood, which has been illustrated above with quantitative examples (section 3.4), also
apply when a level of risk is estimated qualitatively or semi-quantitatively. Any ranking based
on a combination of a consequence and its likelihood will depend on which particular
consequence/ likelihood pair is selected. There is no one right answer for this choice.
Estimates of consequence and likelihood in particular situations rely on various conventions,
models and judgments. In all cases, to arrive at a single level of risk a complex situation is
simplified and assumptions are made. Many real situations are too complex to be
adequately represented by a single consequence-likelihood pair and there are many equally
valid choices that could be made about how to do this if an estimate is required.

Risks may have multiple consequences but different types of consequence cannot be
aggregated unless they are measured quantitatively and in the same units. Using ordinal
rating scales, to rate different risks then adding them is not valid, and provides very
misleading results. Holton (2004) argued that there is no such thing as a true level of risk
because one must always ask “risk to whom”. He concluded: “It is meaningless to ask if a
risk metric captures risk. Instead, ask if it is useful” (p. 24).

4 Risk and decisions

The main potential use for levels of risk is to provide information for decisions so that
objectives can be achieved with an ‘acceptable’ level of risk.

Decisions involving risk may concern how to deal with a risk (e.g. whether to spend more on
treatment) or may concern some choice between options where there are different costs,
benefits and uncertainties and hence different risks associated with each option (for example
whether to purchase new equipment or expand into new areas).

Decisions made by organisations and by individuals take account of risk in different ways.
Organisations need to be able to define decision criteria that will result in consistent
decisions across the organisation, that match with organisational policy and attitude to risk.
Decisions need to be as objective as possible and justifiable on logical grounds. It is likely
that organisational decisions about whether a risk needs action will rely on criteria that are
formula based and depend as little as possible on perceptions. For many types of risk
organisations may choose to use either the severity of consequences or a consequence-
likelihood pair as a first level decision criteria because they can be easily understood and
universally applied. However the organisation still needs to understand the full extent of a
risk to manage it effectively.

December 2019
31.1 Risk Page 16 of 42
Individuals, on the other hand, are able to be more subjective in the way they reach a
decision. They can take into account their personal perceptions of consequences and
likelihood and do not need to rely on a universally agreed value for these. These perceptions
are likely to be based on personal experience rather than external data. They can consider
potential positives and negatives and take these into account in complex subjective ways in
reaching their decision. Generally, the outcome is referred to as a perceived level of risk;
however, when individuals make a decision, risk is incorporated into overall thinking with a
variety of other factors and may not be the primary basis for decision making. In dealing with
the public on community health and safety issues, communicating about risks to individuals
or judging worker perception of workplace risks, OHS professionals must be finely attuned to
the way individuals think about risks and potentially risky situations.

4.1 Defining Acceptable level of risk

4.1.1 Legislated criteria

Health and safety legislation in Australia does not take the approach of defining an
acceptable level of risk.

For some hazards, legislation or standards do set acceptable levels of exposure through
prescriptive limits that relate indirectly to risk. For example a noise dose of 85dbA per 8 hour
day is set on the basis that the percentage of the population that will suffer industrial
deafness at that level is acceptable, but there is an overarching absolute requirement to
ensure health and safety to the extent reasonably practicable.

The legislation (SWA, 2016) (WHSA s 17) refers to risk in the following terms:

A duty imposed on a person to ensure health and safety requires the person:
(a) to eliminate risks to health and safety, so far as is reasonably practicable; and
(b) if it is not reasonably practicable to eliminate risks to health and safety, to minimise
those risks so far as is reasonably practicable.

Reasonably practicable is defined in the WHSA (s 18) as:

In this Act, reasonably practicable, in relation to a duty to ensure health and safety, means
that which is, or was at a particular time, reasonably able to be done in relation to ensuring
health and safety, taking into account and weighing up all relevant matters including:
(a) the likelihood of the hazard or the risk concerned occurring; and
(b) the degree of harm that might result from the hazard or the risk; and
(c) what the person concerned knows, or ought reasonably to know, about:
(i) the hazard or the risk; and
(ii) ways of eliminating or minimising the risk; and
(d) the availability and suitability of ways to eliminate or minimise the risk; and
(e) after assessing the extent of the risk and the available ways of eliminating or minimising
the risk, the cost associated with available ways of eliminating or minimising the risk,
including whether the cost is grossly disproportionate to the risk.

December 2019
31.1 Risk Page 17 of 42
This indicates that the test for acceptability is not the level of risk that is achieved, but what
more it is reasonably practicable to do.8 The first question is what further controls are
possible, then whether they are practicable. The level of risk is not considered unless the
argument is being made that further control is not practicable. In this case the duty holder is
required to take into account the likelihood of harm occurring and the degree of harm and
the extent of the risk, but not necessarily to define a ‘level of risk’. (Extent of risk is undefined
but the word would normally have a broader interpretation than magnitude of risk).

The UK Health and Safety Executive (HSE) explained the meaning of reasonably practicable
(in the context of both the terms ‘as low as reasonably practicable’ and ‘so far as reasonably
practicable’) as follows:

“In most situations, deciding whether the risks are ALARP involves a comparison between the
control measures a duty-holder has in place or is proposing and the measures we would
normally expect to see in such circumstances i.e. relevant good practice” (HSE, 2019)

Although in Australia there is no acceptable level of risk to people's health and safety, an
indication of levels generally considered acceptable can be taken from historical
explanations of ALARP and from jurisdictions in other countries. Generally two levels can be
defined: a lower, broadly acceptable level of risk, where there is no need for detailed work to
demonstrate that risks are as low as reasonably practicable and an upper intolerable level
beyond which risk cannot be justified except in extraordinary circumstances (Figure 4).
Between these levels a case must be made to justify that risks have been reduced so far as
is reasonably practicable.

8
See also OHS BoK 9.2 Work Health and Safety Legislation in Australia.

December 2019
31.1 Risk Page 18 of 42
 Figure 4: Levels of Risk and ALARP (modified from HSE, 1988)

This idea was first developed by the UK HSE in the context of the tolerability of risk from
nuclear power stations (HSE, 1988). The principle also includes the idea of a sliding scale
for how much it is reasonable to spend improving safety. Close to the broadly acceptable
level a strict cost benefit comparison is permitted. Close to the unacceptable level it is
expected that a risk will only be accepted if the cost of further control is grossly
disproportionate to the improvement gained. The HSE now only refers to this diagram in the
context of major hazards regulation where it sets an upper level of tolerable risk as 1 in 1000
fatalities per year for a worker and 1 in 10,000 fatalities per year for a member of the public
and a lower boundary of 1 in 1 million for all (HSE, 2011).

Departments of planning across Australia have picked up this principle. For example the
NSW Department of Infrastructure and Planning sets the limits defined in Table 3.

December 2019
31.1 Risk Page 19 of 42
Table 3 Individual fatality risk criteria (NSW Government, 2011)

Land use Suggested criteria

Level of risk to an individual of
death/year
Hospitals, schools, child-care facilities, old age housing 0.5 x 10-6
Residential, hotels, motels, tourist resorts 1 x 10-6
Commercial developments including retail centres, offices and 5 x 10-6
entertainment centre
Sporting complexes and open space 10 x 10-6
Industrial 50 x 10-6

Hazardous facilities have the possibility of killing more than one individual and society tends
to have a greater concern about scenarios where there are multiple fatalities or injuries.
Criteria which apply to this situation are referred to as societal risk criteria. A graph can be
drawn with probability against number of fatalities with two lines drawn to represent the
lower and upper bounds of acceptability. (See, for example, Figure 5).

Figure 5: Societal risk criteria (modified from NSW Government, 2011).

In this figure the lower, broadly acceptable level of risk for 1 person is about 20 in a million
not 1 in a million and the upper bound is about 2 x 10-3 or 1 in 500. Generally it is

December 2019
31.1 Risk Page 20 of 42
considered that the acceptable probability for 10 deaths in a single event should be more
than 10 times lower than the acceptable probability for a single death. However there is
much debate about how much lower (HSE, 2001). In the NSW Department of Planning
example (Figure 5) the acceptable probability of death is 20 in a million for 1 fatality and 1 in
a million for 10 fatalities.

Another way of looking at perceptions of an acceptable risk to life is to see what is

considered to be a reasonably practicable amount to spend to reduce risk (OBPR, 2008). In
the case of loss of life, Australian guidance suggests a value of about $4.9 million (at 2014
dollar value) (Office of Prime Minister and Cabinet 2018). Disabilities can also be costed in
this way by weighting injuries as fractions of the value of life (Mathers, Voss & Stevenson,
1999).

4.1.2 Criteria in Organisations

Management in organisations set risk criteria explicitly and implicitly in a number of ways:

• Through policy and risk statements (such as a zero accidents policy)

• By complying with prescriptive acceptable levels of a hazard or risk such as threshold
limit values or occupational exposure standards
• By the organisational culture which defines how people behave when faced with
decisions involving risk
• Through levels of delegation and responsibility (who can make decisions about risks
in what circumstances)
• Through risk assessment tools such as a consequence-likelihood matrix which is
associated with decision rules for required actions at different risk levels.

In general risk management there is a concept of ‘risk appetite’. The amount of risk an entity
is willing to accept in pursuit of value ( Rittenberg & Martens, 2012). This implies that more
risk can be taken if the value achieved by taking the risk is higher. For example an
organisation with a high appetite for risk might choose to innovate even though this results in
more financial risk. In OHS legislation, and in theory, the benefit gained by taking a risk to
health is not a consideration in deciding what is reasonably practicable. In practice, benefit
may be included in deciding the upper limit of acceptable risk or the intolerability level. For
example the defence forces will have a higher level for intolerability during combat than
during exercises and will have a higher level of risk before work must stop than many other
organisations because of the need to train people for very dangerous situations. Similarly,
risk to safety of students during field trips could be eliminated by eliminating field trips, but
the loss in educational benefit would in most cases outweigh the small residual risk once
proper controls were in place.

December 2019
31.1 Risk Page 21 of 42
If managers and employees are to make consistent decisions in line with policy, guidance is
needed for the ALARP limits, i.e. when to stop work immediately because the risk is
intolerable and when risks need no explicit justification that controls are as good as
practicable. In the region between these two, legislation requires that risks are eliminated or
minimised so far as is reasonably practicable and justification of reasonably practicable
concerns the availability and suitability and effectiveness of controls rather than an argument
that any particular level of risk is acceptable.

4.1.3 Individual perception of acceptable risk

Generally there is not a clear distinction in the risk literature between an abstract
determination of perceived level of risk and the extent to which the risk is deemed to be
acceptable. The way that risk is perceived by individuals depends on the nature of the risk
(including the potential benefits) and a range of demographic, cultural and socio-economic
determinants (Whyte, 1983; Sandman, 1993; Slovic, Fischoff & Lichtenstein, 1979; Douglas
& Wildavsky, 1982). Kasperson et al., (2003) referred to this as the “social amplification of
risk.” There is a large body of work that addresses how the context in which risk arises
affects how risky it is perceived to be. Some of the components or modifiers to level of risk
identified by different authors are listed in Table 4 (Covello et al., 1984; Griffiths, 1981;
Slovic et al., 1979; Wilson & Crouch, 2001).

Table 4: Perceived risks

Perceived Higher Risk Perceived Lower Risk

Involuntary/coerced Voluntary
Industrial Natural
Exotic Familiar
Immediate effect Delayed effect
Memorable Not memorable
Dreaded Not dreaded
Not understood Understood
Catastrophic Chronic
Controlled by others Controlled by self
Unfair Fair
Widespread Only affects a few

Slovic (1993, 1999) identified trust in the analyst as an important component of how a level
of risk is perceived and demonstrated the “differential impact of trust-increasing and trust-
decreasing events” (Slovic, 1993). Wilson and Crouch (2001) point out that the way trust is
lost is not always consistent. For example, people retain a trust in air travel despite

December 2019
31.1 Risk Page 22 of 42
accidents; however, the Three Mile Island incident that caused no deaths and an
insignificant radiation leak resulted in a loss of trust in nuclear power (see, for example,
Holzman, 2003).

In addition to factors related to the nature of the risk, there are cognitive factors that affect
how individuals perceive risks, such as how they obtain information about risks, how they
decide which information to select from the various sources they have access to and how
they process that information (Renn & Swanton, 1985). Tversky & Kahneman (1974)
discussed three ways that information is processed cognitively resulting in bias in the
interpretation of levels of risk:

• Representativeness: i.e. a tendency to assume that a small sample within one’s

experience represents the whole
• Availability: i.e. a tendency to assess probability by the ease of recollection of events
• Adjustment from an anchor: i.e. a tendency to use first estimates of a numerical value
(possibly based on little data) to define the psychological range within which
subsequent estimates will fall.

They showed that the way people respond to a question about risk depends on the way the
question is posed. For example, choices are affected by whether the alternatives are framed
as losses (people dying of a disease) or gains (people being cured). (Tversky & Kahneman,
1981).

Both Whyte (1983) and Sandman (1993) proposed dealing with perceptions by modifying
the simple equation for level of risk (level of risk = consequences x likelihood) by a
perception factor. For Whyte, this involved multiplying the product of consequence and
likelihood by a factor ‘n’ representing social values and, for Sandman, it involved the addition
of an ‘outrage factor.’ However, Wilson and Crouch (2001) argued that such factors
introduce an excessive degree of subjectivity on the part of the analyst, and that where
decisions involve public perceptions of risk the analyst should present an objective view,
detailing where assumptions and judgments have been made and allow the decision maker
to then incorporate the views of the public in a qualitative way.

It is unlikely that any simple formula that tries to take account of perception could adequately
represent the complex thought processes involved when individuals make choices about
risks. Furthermore, such an approach ignores the weaknesses inherent in the basic formula
for level of risk discussed above and may well over emphasise the extent to which
consequences and likelihood can or should play a part in an individual’s decision about
risks.

December 2019
31.1 Risk Page 23 of 42
Much of the work on risk perception has focused on risks to which the public are exposed
involuntarily, for little benefit and where they have very little perceived control, e.g. risks from
major hazards facilities. There has been less work on perception of risk in a work context.
Perception of risk is often considered to be part of a measure of safety climate (presuming
that a higher appreciation of risk produces a better safety climate). However, there is
research which demonstrates little or no correlation between safety behaviours and
perceived risk (Arcury, Quandt & Russell, 2002; Meliá et al., 2008). In an investigation of
optimism bias in OHS, Caponecchia (2010) found that “people tend to think hazardous
events at work are less likely to happen to themselves compared to others doing the same
job.” This may be a manifestation of perceived control, which makes things appear less risky
(see Table 4), or that personal experience of a hazard with no immediate consequences
lowers the perceived level of risk.

5 Implications for practice

In practice the main role of an OHS professional is to understand OHS hazards and
associated risks, their causes and their consequences and possible means of control. They
then need to communicate this information and facilitate effective management of the risk.
The responsibility and accountability for managing risks lies with managers. The OHS
professional is the technical expert and facilitator who helps provide the framework for
managing risk and provides technical advice on risks and risk management while being
aware of the broader organisational context. This section reviews how the theoretical
consideration of the earlier sections influences these roles.

5.1 Definitions of risk

Confusion surrounding the definitions of hazard, risk and risk assessment leads to poor
communication about risks and how to manage them. A particular practical problem occurs
where the word hazard is used to mean a source of harm and risk is used to mean the
measure of level of risk. The legal requirement to identify hazards and assess risks with this
usage does not explicitly require the nature of harm and how it occurs to be identified
(although this is clearly intended by the detail of regulations and codes). This leads to the
poor practice of identifying a hazard and then labelling the risk as high, medium or low, but
not saying what harm occurs or why. This provides no information on the nature of the
problem to either those who must manage risk or those exposed to it. ISO 31000 solves this
problem by using the word ‘risk’ for the description of hazards, events, causes and
consequences and ‘level of risk’ for its measure.9

9
However this can create further confusion in the OHS context. See BoK 15 Hazard as a concept.

December 2019
31.1 Risk Page 24 of 42
As described in section 2, modern definitions of risk take a neutral view and do not assume
that the word relates only to loss. The idea of risk as potentially positive is at first thought
anathema to OHS, implying that taking a risk where the possible outcome is harm to people
can be a good thing; however, this is not what is meant. In finance an event such as a
change in the relative value of a currency can result in loss or gain. In OHS there is no
concept of a positive consequence only reduction in the negative outcome, so strictly there
is no concept of upside risk. However there is the possibility that an event or a change can
result in an improvement in safety or in people's health and well-being and this needs to be
recognised and managed.

This uncertainty in the OHS context can have the potential for a positive outcome even
though this is really a reduction in a negative. One practical advantage of considering both
positive and negative outcomes is that it recognises that decisions about whether a risk is
acceptable is not made in isolation from the benefits, which may arise from taking the risk.
Inevitable trade-offs are made explicit. For example, purchasing new equipment to automate
an industrial process will introduce new risks to both production and health and safety, but it
also has the potential to remove the possibility of some risks and to provide other direct
benefits. The decision-making process must consider all the expected costs and benefits
and the less-expected, but possible, positive and negative outcomes.10

5.2 Risk management

Risk is managed within the general management systems which an organisation sets up to
achieve its objectives. ISO 31000 refers to a risk management framework as the elements of
a management system needed to manage risk effectively. These involve defining
accountabilities, responsibilities, budgets and resources and establishing training and
communication mechanisms so that everyone knows their role in managing risks and is able
to fulfil them. Risks should be managed as an integral part of the way business is done and
not as a separate system (ISO 31000, s 4) so requirements for managing risk are
incorporated into the general management system requirements.

Application of the risk management process is sometimes seen as one element of a Safety
Management System (SMS) but it can also be argued that the SMS should be tailored to an
organisation’s risks. This is the approach taken in preparing a safety report (or safety case)
for major hazards facilities, where the primary aim is to demonstrate to the regulator that the
organisation understands its risks and has the technical and management systems in place
to control them.

10
See also OHS BoK 31.2 OHS Risk and decision-making.

December 2019
31.1 Risk Page 25 of 42
Risks are managed at different levels in an organisation and on different occasions following
a standard risk management process. There are many formulations of this process with
slightly different terminology. All involve a standard decision-making process such as
outlined by Harrison (1995):

• Set objectives
• Search for alternatives through scanning the internal and external environment of the
organisation for informatio
• Compare and evaluate the alternatives by formal and informal means.
• Practice the art of choice
• Implement the decision when the choice is transformed from an abstraction into an
operational reality.
• Follow up and control to ensure that the implemented decision results in an outcome
in keeping with the objectives set in the first stage. 11

Three different diagrams representing the process are used in standards relevant to health
and safety; the risk management process described by ISO 31000 (Figure 6); the process
used in food safety standards and some standards on chemicals safety (Figure 7); and the
USEPA process (Figure 8).

11
See BoK: 37 A Problem-solving Model of OHS Practice.

December 2019
31.1 Risk Page 26 of 42
 Figure 6: Risk management process (ISO 31000, 2018, p. 9)
Reproduced with the permission of Standards Australia Limited on behalf of ISO © ISO 2018 – All
rights reserved

December 2019
31.1 Risk Page 27 of 42
Figure 7: FAO risk analysis process (Modified from FAO/WHO, 1997)

Figure 8: USEPA risk analysis process (Modified from Brown, 1998)

December 2019
31.1 Risk Page 28 of 42
The most notable difference between Figure 6 and Figures 7 and 8 is that in the food safety
and USEPA terminology the whole process is called risk analysis and the term risk
management is used for making decisions about risk. In ISO 31000 the whole process is
called risk management and risk analysis is one part of risk assessment.

5.2.1 Communication and Consultation

Communication and consultation are an essential part of managing risk and involve seeking
views and informing people of decisions. All discussions of the risk management process
recognise this central role. Consultation is a legislative requirement in OHS but it also makes
good sense. A wide range of views and expertise is needed to identify risks effectively and
people are more likely to accept new treatments/controls if they have been part of deciding
the need and the treatment. Communication is also important in convincing managers and
employees about the importance of OHS risks12. In both cases the mere assurance by an
OHS professional that a risk is high is unlikely to be convincing.

5.2.2 Establish the Context

Another significant difference is inclusion of a context step in Figure 6. In ISO 31000,
‘Establish the context’ includes:

• Articulating the objectives of the organisation, the activity to which the process is
being applied and the purpose of applying the risk management process
• Understanding the internal and external environment13
• Defining the scope, and planning the risk management activities that are to occur
• Defining the criteria which will be used to evaluate the significance of risks
• Defining and describing the subject of the assessment, the particular conditions
relating to it and how the assessment is to be done.

With risk defined as “the effect of uncertainty on objectives” (ISO, 2018), explicit articulation
of all relevant objectives is required. Otherwise, risks may not be identified and
treatments/controls may not be effective, or may control one risk at the expense of another.
The external and internal environments of the organisation are important because they are a
source of much of the uncertainty. For example, if the economic climate has a negative
effect on a manufacturing company’s sales, staff may be cut and maintenance standards
may slip; alternatively, during an upturn the opportunity may be taken to improve OHS
through expenditure on new safer equipment. Knowledge of the organisation’s weaknesses
or biases also provides an understanding of sources of risk that are the root cause of many

12
See OHS BoK: 8 series of chapters on The Human and psychology.
13
This is called environmental analysis in most strategic planning texts.

December 2019
31.1 Risk Page 29 of 42
failures and knowledge of an organisation’s strengths and values can help provide
persuasive arguments for improvements.

At the more detailed level, a context statement describing who was involved in a risk
assessment, its scope and how it was done is needed so the assessment can be audited
monitored and reviewed. By describing the subject of the assessment and background
information any changes in circumstance that might affect the assessment can be
recognised and the implications assessed.

5.3 Risk assessment

The three risk management process examples (Figures 6, 7 and 8) all use the term ‘risk
assessment’ to include identifying risks and analysing them. ISO 31000 also includes risk
evaluation (i.e. judging the significance of risks) within risk assessment. The processes
depicted in Figures 7 and 8 place evaluation within the management/response step. OHS
texts and regulations often define risk assessment as the combination of risk analysis and
evaluation (e.g. Commonwealth of Australia, 2008). Common usage often interprets risk
assessment only to involve determining a level of risk. For example the wikepedia definition
is:

the determination of quantitative or qualitative value of risk related to a concrete situation and a
recognized threat (also called hazard).

This confusion means it is difficult for people to understand what they are required to do
when asked to ‘assess risks’ and OHS professionals should be careful how they use the
term.

In particular a focus on determining a level of risk distracts from the primary aim of risk
assessment which is to understand the risk and the effectiveness of its controls sufficiently
to determine whether more can be done to control them.

5.3.1 Identifying risks

Risks are identified so that resources can be allocated to managing uncertainties and threats
so that objectives can be achieved without unwanted outcomes. Proactive consideration of
what might happen takes time and resources but overall is more effective than dealing with
problems when they arise. New opportunities to improve health and safety are likely to be
missed if there is no active process to recognise them.

December 2019
31.1 Risk Page 30 of 42
The model Work Health and Safety Act (WHSA) (SWA, 2016) requires hazards/risks to be
identified but does not define these terms. The food safety and environmental standards
also require risks to be identified because the term “hazard characterisation” includes
describing the nature of the adverse health effects.

Identifying risk involves identifying:

• Sources of risk
• Areas of impacts
• Events (including changes in circumstances)
• Their causes
• Their potential consequences.

In the context of OHS, sources of risk include hazards and hazardous situations and can
also be interpreted to include root causes of failures, such as organisational behaviours and
other factors that lead to risk. Investigation of incidents, particularly incidents with very
serious consequences, invariably reveal multiple organisational problems as contributory
causes (e.g. Hopkins 2005, 2012.) Proactive risk management needs to include processes
to identify these sources of risk, as well as hazards, even though no specific level of risk can
be assigned to them.

Checklists, inspections and brainstorming can be used to identify common OHS risks at the
workplace level; however more in depth procedures are needed to challenge assumptions
and think imaginatively about risks. Formal identification procedures generally involve
breaking the subject of the assessment into smaller components, each of which is
considered in turn, using a combination of research, and imagination. Thinking prompts and
guide words can be helpful as long as they encourage broad and imaginative thinking. Tools
such as failure mode and effect analysis, fishbone diagrams and fault trees 14 can be useful
ways of thinking through possible failures and their causes in a logical but imaginative way.
(see IEC 31010: Risk Management – Risk Assessment Techniques, IEC, 2019). Fishbone
diagrams and success trees (Clemens & Simmons 1998) can also be used to seek
opportunities to improve health and safety outcomes. Other techniques can be found in IEC
31010.

Risks are usually recorded in a register of risks. At an organisational level this is increasingly
a data base rather than paper system. Its purpose is to inform stakeholders (including those
affected by risk and those who must manage it) about the risks and how they are controlled.
The risk register, or a linked risk treatment plan, also tracks actions where improvements in
controls are required. As new treatments are implemented the data base is updated to

14
See also OHS BoK 13 Managing Process Safety and OHS BoK 32 Models of Causation: Safety.

December 2019
31.1 Risk Page 31 of 42
reflect the new controls. It is also useful to record why the controls are deemed to be the
best reasonably practicable. This avoids unnecessary duplication of effort when the risk
register is reviewed as well as demonstrating that the issue of reasonably practicable has
been considered for compliance purposes.

Section 3 outlined the range of information that may be needed to fully describe a risk. The
way in which this information is best recorded and communicated, and how much of this
information should be in a register of risks will depend on the context.

In addition to risk registers, which are primarily management information tools, there may be
simpler more focused registers relating to particular hazardous activities (such as confined
space entry or a particular construction task) or to items of equipment. These risks may be
referred to in general terms in a high level risk register with the detailed assessment used to
define the specific controls. The nature of information required may differ depending on the
purpose of the assessment. For example, where the aim of a risk assessment is for a
contractor to demonstrate that they understand the risks of their task and have appropriate
controls, the task may be broken down into detailed steps but for each step it may be
sufficient to record the hazard, how the hazard might cause harm, the nature of the harm
and how the risk is to be minimised. When a risk assessment is required to set priorities for
improving health and safety across an organisation such activities may be treated as a
whole rather than step-by-step, but more information might be required, with most of the
fields of the bow-tie diagram populated. In all cases information on the nature of the harm,
who or what is harmed, and how such harm might occur is critical.

It is important that information is stored in the correct fields (or under the correct headings in
a paper based system) and that sources of risk, risks and control failures are not confused.15
This enables information to be sorted and reported more effectively and helps ensure that
any estimates of level of risk are valid.

5.3.2 Analysing risks

In all three processes the second part of risk assessment is developing an understanding of
the risks. This is described in more detail for the particular case of toxic chemicals and food
contaminants in Figure 7 and Figure 8 than it is in Figure 6. Risk analysis is about
understanding the risks and their possible causes and consequences in more detail than
was ascertained when the risks were identified. It also involves analysing the effectiveness
of existing controls (including checking that they are as high up the hierarchy of controls as
practicable and that they work) and considering other factors that might affect consequences

15
See also OHS BoK: 15 Hazard as a Concept.

December 2019
31.1 Risk Page 32 of 42
or their likelihood. A full analysis of a risk would involve considering all aspects of the bow-tie
diagram of Figure 2, and extending it to analyse underlying causes. This is generally not
practicable for all risks so an initial ranking may take place such that attention is focused on
the most important risks. Where a ranking is applied it is essential apples are compared with
apples; i.e. weak controls or systemic problems need to be controlled but they should not be
ranked against risks arising from traditional hazards.

Risk analysis may be qualitative resulting in a descriptive report with such data as is
available incorporated as appropriate, or may be quantitative including modelling
consequences and calculating probabilities. Qualitative analysis involves obtaining a good
qualitative understanding of risks and should not be confused with allocating a single
qualitative descriptor to consequence and/or likelihood and so risk.

Risk analysis may involve determining a level of risk by combining consequences and
likelihood, however, section 3.2 demonstrated the difficulty of attempting to do this in a
meaningful way, and it may be more useful to provide information about consequences and
likelihood separately using a combination of data and descriptive information. One problem
with an excessive focus on defining a level of risk is that systemic organisational issues
cannot be usefully analysed by considering consequences and likelihood, so they tend to be
overlooked. Underlying organisational problems are not in themselves risks; they are
sources of risk and causes of control failures. Organisational weaknesses cannot be
allocated a single consequence and likelihood pair. They act to make all other risks higher.
Analysing control failures and organisational issues are an important part of risk
assessment. They can be recognised from a risk register as commonly appearing causes or
sources of risk but then they must be analysed in detail rather than treated as separate risks
with a single level of risk.

All standards make it clear that risk analysis is about data and evidence and not guesswork.
Although a level of risk may be produced as one outcome of analysis, the important output
of the step is understanding a risk and its causes so that it can be treated appropriately. The
guiding principle for how risk is analysed is that the output of the analysis should provide the
information needed to make the decisions which are required.

5.3.3 Risk evaluation and decisions about risk

Although it is sometimes assumed that the level of risk is the primary criteria for decisions
this is in fact not the case. One does not need to know the magnitude of a risk to consider
whether further treatment is reasonably practicable, nor to decide how best to control the
risk. An estimated level of risk may not even be the best way to decide priorities for
treatment. For example, one may set priorities by considering consequences alone or by
considering the extent to which the level of risk can be reduced by the proposed controls.

December 2019
31.1 Risk Page 33 of 42
There is little point pouring more resources into a high risk which is already reduced as far
as is reasonably practicable even though it remains high. Priorities also of necessity involve
practical considerations such as the ease with which the change can be made.

Because risk is essentially a subjective concept, decisions about risk will take into account
factors other than estimates of consequence and likelihood. In general, decisions about
acceptability of risk and priorities depend on:

• Legal considerations: i.e. what are the legal requirements?

• Ethical considerations: i.e. what is the right thing to do?
• Equity considerations: i.e. who will gain and who will lose?
• Financial considerations: i.e. what is the most cost effective thing to do?
• Risk-based considerations (usually both the maximum credible consequence, and the
level of risk).16

5.3.4 Ranking risks: The consequence-likelihood matrix

In many fields of risk management, risks are compared qualitatively using a consequence-
likelihood matrix such as the example in Figure 9. The qualitative level of risk produced
provides one input to decisions about priorities and can help draw attention to risks that are
perceived to be the most important to inform more senior management or to help to exclude
trivial risks from further attention.

E = Extreme, H = high, S = Significant, L = Low

Figure 9: Example of a consequence-likelihood matrix

16
For an in-depth examination of the factors influencing decisions related to risk see OHS BoK 31.2
OHS risk and decision-making.

December 2019
31.1 Risk Page 34 of 42
This example is colour-coded as in the ALARP diagram of Figure 4 and lines could be drawn
to delineate the intolerable and broadly acceptable levels of risk, with the central area
representing the area where it is required to justify that risks are reduced so far as is
reasonably practicable. The example also shows labels in the boxes which give an
alternative indication of level of risk where consequences are given a higher weight than
likelihood. Clearly the importance of the risk, whether represented by the colour or the letter,
will depend on how the consequence and likelihood scales are defined which need to be
tailored for a particular organisation and its risks. The matrix is a way for management to
indicate whether they wish action to be taken or to be kept informed for any particular
consequence-likelihood pair, so scales must be carefully defined and unambiguously stated
to give a common understanding of what is required.

Although risk matrices have serious limitations that dictate they should be used with caution
(Cox, 2008; IEC, 2019), they can indicate a general ranking based on a selected
consequence-likelihood pair. The priorities are very subjective and will depend on the way in
which the matrix is designed which is largely arbitrary.

Consequence and likelihood can also be represented on numerical rating scales which are
then combined by some formula. Often the numbers are multiplied, but it could be argued
that the scales represent logarithmic values of consequence and likelihood, and that an
additive formula is more appropriate.

A clear distinction must be drawn between ordinal numbers that represent rank as used in
semi-quantitative analysis and the numbers from ratio scales which represent true values
based on data as used in quantitative analysis. The numbers chosen for rating scales are
arbitrary and do not bear any true relationship to the actual values of consequence or
likelihood. Mathematical expressions applied to such scales have no mathematical meaning;
for example two consequences allocated level 1 do not correspond to one consequence of
level 2. Even the rank order obtained by combining semi-quantitative scales depends on the
way the scales are set up and how they are combined.

Semi-quantitative methods have little value over qualitative scales for combining two values.
They can be useful when level of risk can be related to several factors (such as separating
likelihood into components representing the intrinsic danger of the hazard and the level of
exposure). However the fundamental limitations of semi-quantitative scales remain, so such
systems should always be tested with a range of examples to check their validity.

With semi-quantitative scales one cannot assume that a percentage decrease in

consequence or likelihood represents that percentage decrease in risk and one cannot

December 2019
31.1 Risk Page 35 of 42
aggregate risks by combining their ratings. When software is used for ranking risks care
should be taken that the underlying algorithms for how the ranking is done are valid and
appropriate.

Defining a scale in terms of a percentage or a cost does not make the scale quantitative
rather than semi-quantitative, unless those numbers have units and can be justified by data.
A particular example is where a rating scale for likelihood has as its lowest value a value
such as < 1%. This is meaningless unless it is stated what the percentage refers to, e.g.
does it mean 1% of workers over the life of a project, or 1% of years for a stated population,
or 1% of workers each year? Comparison with the data in Table 2 for fatality risks and Table
3 for acceptable risk criteria shows that in fact a fatality rate of 1% of people per year is 10
times higher than the intolerable level and 10,000 times higher than the generally accepted
lower acceptable limit of 1 in one million person years, i.e. a lower limit of 1% does not fit
with data and cannot be used as a quantitative scale relevant to health and safety.

Basing decisions on the result of combining a consequence-likelihood pair is problematic

because:

• A single likelihood consequence pair is a proxy measure which does not represent the
full picture. (This was discussed in detail in section 2). In particular, where there are
multiple consequences, basing priorities on only one may give quite different priorities
to that estimated when the full range of consequences is included.
• Many decisions about risk do not depend on level of risk. For example, in deciding
which risks to treat first, rationally the relevant criteria is the amount of risk reduction
that can be achieved rather than the initial level of risk.
• Subjective issues such as perceptions of risk and equity considerations concerning
who bears the risk are relevant and should not be excluded from decision making.
• Most risk registers will contain risks with differing degrees of detail and disaggregation
that cannot be validly compared.
• A level of risk can only be used for true risks where one particular consequence
directly arises from a hazard or hazardous situation. It cannot be used to rank control
failures because the resulting risk depends also on the probability of the hazard
existing and the event occurring, and the effectiveness of other controls. Also, it
cannot be used to rank weaknesses in the management system, such as poor
training, because these increase the level of multiple risks rather than representing a
single risk in themselves.
• Where the risk analysis concerns decision about a choice of actions, such as which
item of equipment to buy, the relevant evaluation is a comparison of the risks and
opportunities that each option represents. A consequence-likelihood matrix is of no
value because what is required is a cost-benefit analysis that combines and compares
risks and opportunities and not a ranking of risks for each option.

December 2019
31.1 Risk Page 36 of 42
Cross and Trethewy (2002) sum the issue up as follows

“Current practice in risk assessment is highly unreliable.... a simple qualitative description of

magnitude of risk does not perform the function (of requiring mangers to understand and take
responsibility for the risks in their workplace)... Legislation requires employers to eliminate
hazards and minimise all risks to health and safety. Ranking risks is an administrative
convenience to allow a sensible consideration of where to start when a range of actions are
required, but it has become the core of OHS risk management activity....”

The purpose of a ranking tool is to draw attention to the most important risks and to risks
that might need more detailed analysis. Ranking is a starting point for analysis not the end
result.

5.4 Risk treatment

ISO 31000 uses the term risk treatment to refer to actions which are required to improve
controls. Risk controls are covered in another chapter of the OHS Body of Knowledge17
however it is important to note here that recommending treatment is not the end of the
process. Treatments may introduce new risks which need to be identified, analysed,
evaluated and controlled. Unless hazards have been eliminated there is nearly always some
residual risk after treatment so there needs to be a new evaluation that these risks are now
acceptable and an updating of the risk register to reflect the changes. Completed treatments
become existing controls.

6 Summary
This chapter has reviewed how definitions and terminology relating to risk and its
management are used, particularly in standards and legislation relevant to OHS. The
concept of risk as a description of effects of uncertainty was discussed. In theory this
concept is able to be given a value or level of risk based on consequence and their
likelihood, but there are problems with trying to define a single level of risk for real risks that
have multiple consequences and causes. In most cases there is no true single value for
level of risk and one of several proxy values is used in decision making.

The way in which acceptable risk is defined in legislation, by organisations and perceived by
individuals was introduced. There is a vast literature on individual risk perception and how
people make choices that involve risks which could only be touched upon here. Implications
for practice primarily focused on the risk management process and particularly the risk
assessment process within it. Risk assessment involves understanding risks and how well

17
See OHS BoK 34.1 Prevention and Intervention.

December 2019
31.1 Risk Page 37 of 42
they are controlled and deciding what to do about them. Finding a level of risk is in all cases
problematic and often highly subjective. Qualitative or semiquantaitive ranking may be useful
to highlight serious risks, or exclude minor risks from attention and can provide one input to
deciding priorities but should be a minor part of the risk assessment process.

References
Arcury, T., Quandt, S., & Russell, G. (2002). Pesticide safety among farm workers:
Perceived risk and perceived control as factors reflecting environmental justice.
Environmental Health Perspectives, 110 (Suppl. 2), 233–240. Retrieved from
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC1241168/pdf/ehp110s-000233.pdf

Ben-Asher, J. (2008). Development program risk assessment based on utility theory. Risk
Management, 10(4), 285–299.

Bellavance, F., Dionne, G., & Lebeau, M. (2008). The value of a statistical life: A meta-
analysis with a mixed effects regression model. Journal of Health Economics, 28(2),
444–464.

Bird, F., & Germain, G. (1985). Practical loss control leadership. Atlanta, Georgia:
International Loss Control Institute.

Bonner, C., & Newell, B. (2008). How to make a risk seem riskier: The ratio bias versus
construal level theory. Judgement & Decision Making, 3(5), 411–416.

Brown, D. (1998). Characterizing risk at metal finishing facilities. USEPA. Retrieved from
http://www.epa.gov/ncer/publications/archive/csidoc.html

Bureau of Meterology. (2011). Severe thunderstorms. http://www.bom.gov.au/info/thunder/.

Buroker, J. (Ed.). (1996). Antoine Arnauld and Pierre Nicole: Logic or the Art of Thinking.
Cambridge, MA: Cambridge University Press.

Caponecchia, C. (2010). It won't happen to me: An investigation of optimism bias in

occupational health and safety. Journal of Applied Social Psychology, 40(3), 601–617.

Clemens P. & Simmons R., System Safety and Risk Management – A guide for Engineering
Educators. NIOSH Instruction module. CDC, US Dept Health and Human Services
VIII-1 –VIII-8.

Commonwealth of Australia. (2008). Occupational Health and Safety Code of Practice

(under the Occupational Health and Safety Act (Cwlth) 1991).

COSO (Committee of Sponsoring Organizations of the Treadway Commission). (2017).

Enterprise Risk Management:—Integrating with Strategy and Performance. New York,
NY: Committee of Sponsoring Organizations of the Treadway Commission.Covello, V.
T., Flamm, W., Rodricks, J., & Tardiff, R. (Eds.). (1984). The analysis of actual versus
perceived risks. New York, NY: Plenum Publishing.

Covello, V. T., Flamm, W. G., Rodricks, J. V., & Tardiff, R. G. (Eds.). (1984). The analysis of
actual versus perceived risks. New York, NY: Plenum Publishing.

December 2019
31.1 Risk Page 38 of 42
Cox, L. (2008). What's wrong with risk matrices? Risk Analysis, 28(2), 497–512.

Cross J., & Trethewy R., (2002) Influences on risk assessment decision making. Paper
presented at the Safety in Action Conference, Melbourne.

Desalles J., (2006). A structural Model of Intuitive Probability. In: D. Fum, F. Del Missier & A.
Stocco (Eds), Proceedings of the seventh International Conference on Cognitive
Modeling. Trieste, IT: Edizioni Goliardiche, 86-91.
http://www.dessalles.fr/papers/Dessalles_06020601.pdf

Douglas, M., & Wildavsky, A. (1982). Risk and culture: An essay on the selection of
technical and environmental dangers. Berkeley, CA: University of California Press.

FAO/WHO (Food and Agriculture Organization/World Health Organization). (1997). Risk

Management and Food Safety (Report of a Joint FAO/WHO Consultation). Rome,
Italy: FAO. Retrieved from ftp://ftp.fao.org/docrep/fao/w4982e/w4982e00.pdf

FAO/WHO (Food and Agriculture Organization/World Health Organization). (2011). Guide

for application of risk analysis principles and procedures during food safety
emergencies. Retrieved from http://www.fao.org/3/ba0092e/ba0092e00.pdf.

Griffiths, R. (Ed.). (1981). Dealing with risk: The planning, management and acceptability of
technological risk. Manchester, UK: Manchester University Press.

Gonzales, R., (1999). On the shape of the probability weighting function. Cognitive
Psychology 38 129-166

Hale, A., Ale, B., Goossens, L., Heijer, T., Bellamy, L., Mud, M., Roelen, A., Baksteen, H.,
Post, J., Papazoglou, I., Bloemhoff, A., & Oh, J. (2007). Modeling accidents for
prioritizing prevention. Reliability Engineering & System Safety, 92(12), 1701–1715.

Haddon, W., (1973). Energy damage and the 10 countermeasures strategies. J Trauma.
13(4) 321- 331

Haluik, A., (2016) Risk perception and decision making in hazard analysis: improving safety
for the next generation of electrical workers 2016 IEEE IAS Electrical Safety Workshop
(ESW)

Hamilton, C., Adolphs, S., & Nerlich, B., (2007). The meanings of 'risk': A view from corpus
linguistics. Discourse and Society, 18(2): 163–81

Hansson, S. (2004). Philosophical perspectives on risk. Techné: Research in Philosophy &

Technology, 8(1). Retrieved from
http://scholar.lib.vt.edu/ejournals/SPT/v8n1/hansson.html

Harrell, A. (1990). Perceived risk of occupational injury: Control over pace of work and blue-
collar versus white-collar work. Perceptual & Motor Skills, 70(3, Pt 2), 1351–1359.

Harrison, F. (1995). The managerial decision-making process. Boston:Houghton Miffin

company.

Hofstetter, P., Hammit J. (2001). Human Health Metrics for Environmental Decision Support
Tools. US EPA Office of Research and Development: Lessons from Health Economics
and Decision Analysis. US Environment Protection Agency.

Hollnagel, E., Woods, D., & Leveson, N. (Eds.). (2006). Resilience engineering: Concepts
and precepts. Aldershot, UK: Ashgate Publishing.

December 2019
31.1 Risk Page 39 of 42
Holton, G. (2004). Defining risk. Financial Analysts Journal, 60(6), 19–25.

Hopkins, A. (2005). Safety, culture and risk: The organisational causes of disasters. Sydney,
NSW: CCH Australia.

Hopkins, A 2012, Disastrous Decisions: The Human and Organisational Causes of the Gulf
of Mexico Blowout, CCH Australia Ltd, Australia.

Holzman, D. (2003). Cancer and Three Mile Island: No significant increase in five-mile
radius. Environmental Health Perspectives, 111(3), 111-a166b. Retrieved from
http://ehp03.niehs.nih.gov/article/info%3Adoi%2F10.1289%2Fehp.111-a166b

HSE (Health and Safety Executive). (1988). Tolerability of risk in Nuclear Power Stations.
HMSO London http://www.hse.gov.uk/nuclear/tolerability.pdf

HSE (Health and Safety Executive). (2001). Reducing Risk Protecting people. (R2P2).
HMSO London

HSE (Health and Safety Executive). (2011). Guidance on ALARP decisions in COMAH
(http://www.hse.gov.uk/foi/internalops/hid/spc/spcperm37/index.htm)

HSE (Health and Safety Executive). (2019). ALARP at a Glance retrieved from:
http://www.hse.gov.uk/risk/theory/alarpglance.htm Sept 2019

Hudson, P., & Guchelaar, H. (2003). Risk assessment in clinical pharmacy, Pharm World
Sci, Kluwer Academic Publishers; 25(3):98–103.

IEC (International Organization for Standardization/International Electrotechnical

Commission). (2019). IEC 31010:2019 Risk Management – Risk Assessment
Techniques.

ISO (International Organization for Standardization). (2009). ISO Guide 73:2009 Risk
Management – Vocabulary. International Organization for Standardization; Geneva.

ISO (International Organization for Standardization). (2018), ISO 31000 Risk Management
Principles and Guidelines. International Organization for Standardization, Geneva.

Kahneman, D., Tversky, A. (1979). Prospect theory: An analysis of decision under risk.
Econometrica, 47(2), 263–292.

Kasperson, R., Renn, O., Slovic, P., Brown, H., Emel, J., Goble, R., Kasperson, J., & Ratick,
S. (1988). The social amplification of risk: A conceptual framework. Risk Analysis, 8(2),
177–187.

Kasperson J., Kasperson, R., Slovic, P., Pigeon N. (2003). The Social Amplification of risk
Assessing 15 years of research and theory In Social Amplification of Risk Pigeon N.,
Kasperson R., and Slovic. Pp. 13-47. Cambridge University Press.

Makin, A-M., Winder, C. (2009) Managing hazards in the workplace using organisational
safety management systems: a safe place, safe person, safe systems approach. J Risk
Research 12 329-343.

Mathers C., Vos T., & Stevenson C. (1999). The burden of disease and injury in Australia,
AIHW cat. no. PHE 17, AIHW, pp186-202. Canberra.

Meliá, J., Mearns, K., Silva, S., & Lima, M. (2008). Safety climate responses and the
perceived risk of accidents in the construction industry. Safety Science, 46(6), 949–958.

December 2019
31.1 Risk Page 40 of 42
NSW Government. (2011, January). Risk Criteria for Land Use: Safety Planning (Hazardous
Industry Planning Advisory Paper No 4). Sydney, NSW: State of New South Wales.
Retrieved September 7, 2011, from
http://www.planning.nsw.gov.au/LinkClick.aspx?fileticket=yW6xA6MNVNc%3D&tabid=1
68&language=en-AU.

OBPR (Office of Best Practice Regulation). (2008, November). Best Practice Regulation
Guidance Note: Value of Statistical Life. Australian Government Department of Finance
and Deregulation. Retrieved September 7, 2011, from
www.finance.gov.au/obpr/docs/ValuingStatisticalLife.rtfRasmussen, J. (1997). Risk
management in a dynamic society: A modelling problem. Safety Science, 27(2–3), 183–
213.

Office of Prime Minister and Cabinet 2018) Best Practice Regulation Guidance Note Value
of statistical life. Retrieved from https://www.pmc.gov.au/resource-
centre/regulation/best-practice-regulation-guidance-note-value-statistical-life.

Rassmussen, J. (1997). Risk management in a dynamic society: A modelling problem.

Safety Science, 27(2-3), 183-213..

Renn, O., Swaton, E. (1985). Attitude studies by the IAEA/IIASA risk assessment group. In
V. T. Covello, J. L. Mumpower, P. Stallen & V. Uppuluri (Eds.), Environmental impact
assessment, technology assessment, and risk analysis (NATO ASI Series, Vol. G4).
New York, NY: Springer-Verlag.

Rittenberg, L. and Martens, F. (2012) Understanding and Communicating Risk Appetite

COSO (Committee of Sponsoring Organizations of the Treadway Commission).

Robinson, L., Hammitt, J., (2015) Research Synthesis and the Value per Statistical Life. Risk
Analysis: 35 (6) 1086-1100

Rosa, E. (1998). Metatheoretical foundations for post-normal risk. Journal of Risk Research,
1(1), 15-44.

Rosa, E. (2003). The logical structure of the social amplification of risk framework (SARF):
Metatheoretical foundations and policy implications. In N. Pidgeon, R. E. Kasperson &
P. Slovic (Eds.), The social amplification of risk. Cambridge, UK: Cambridge University
Press.

Royal Society. (1983). Risk Assessment: Report of a Royal Society Study Group. London:
The Royal Society.

Sandman, P. (1993). Responding to community outrage: Strategies for effective risk

communication. Fairfax, VA: American Industrial Hygiene Association.

SA/SNZ (Standards Australia/Standards New Zealand). (2001) AS/NZ 4801 Occupational

health and safety management systems - Specification with guidance for use.
Standards Australia/Standards New Zealand: Sydney/Wellington.

SA/SNZ (Standards Australia/Standards New Zealand). (2004). AS/NZS 4360:2004 Risk

Management. Sydney/Wellington

SA/SNZ (Standards Australia/Standards New Zealand). (2009). AS/NZS ISO 31000:Risk

Management – Principles and Guidelines. Standards Australia/Standards New Zealand:
Sydney/Wellington.

December 2019
31.1 Risk Page 41 of 42
SWA (Safe Work Australia). (2016). Model Work Health and Safety Bill (31/3/16). Canberra,
ACT: Safe Work Australia. Retrieved from
https://www.safeworkaustralia.gov.au/doc/model-work-health-and-safety-act.

SWA (Safe Work Australia). (2018). Work-related traumatic injury fatalities in Australia,
2013-2017. Retrieved from
https://www.safeworkaustralia.gov.au/system/files/documents/1908/number-and-
incidence-rate-of-injury-related-fatalities-by-occupation-2013-2017.pdf.

SWA (Safe Work Australia). (2019). Model Work Health and Safety Regulations (Revised as
at 15/01/19). Canberra, ACT: Safe Work Australia. Retrieved from
https://www.safeworkaustralia.gov.au/doc/model-work-health-and-safety-regulations.

Slovic, P., Fischoff, B., & Lichtenstein, S. (1979). Rating the risks. Environment, 21(3), 14-
20, 36–39.

Slovic, P. (1993). Perceived risk, trust, and democracy: A systems perspective. Risk
Analysis, 13(6), 675–682.

Slovic, P. (1999). Trust, emotion, sex, politics, and science: Surveying the risk-assessment
battlefield. Risk Analysis, 19(4), 689–701.

Tversky, A., Kahneman, D. (1974). Judgment under uncertainty: Heuristics and biases.
Science, 185(4157), 1124–1131.

Tversky, A., Kahneman, D. (1981). The framing of decisions and the psychology of choice.
Science, 211(4481), 453–458.

USEPA (United States Environmental Protection Agency). (2011). Integrated Risk

Information System (IRIS). Retrieved March, 2011, from
http://www.epa.gov/iris/help_gloss.htm.

US Social Security Administration. (2011). Actuarial life table Social security on line
accessed Aug 2011 http://www.ssa.gov/oact/STATS/table4c6.html

Viner, D. (1991). Accident analysis and risk control.Melbourne, VIC: Derek Viner Pty Ltd.

Viscusi, W., Aldy, J. (2003). The value of a statistical life: A critical review of market
estimates throughout the world. Journal of Risk & Uncertainty, 27(1), 5–76.

Weick, K., Roberts, K. (1993). Collective Mind in Organizations: Heedful Interrelating on

Flight Decks. Administrative Science Quarterly, 38, 357-381.

Whyte, A. (1983). Probabilities, consequences and values in the perception of risk. In Risk:
Proceedings of a Symposium on the Assessment and Perception of Risk to Human
Health in Canada (pp. 121-134). Ottawa: Royal Society of Canada.

Wilson, R., Crouch, E. (2001). Risk-benefit analysis (2nd ed.). Cambridge, MA: Harvard
University Press.

December 2019
31.1 Risk Page 42 of 42