Reliability Engineering and System Safety 99 (2012) 33–44

Contents lists available at SciVerse ScienceDirect

Reliability Engineering and System Safety

journal homepage: www.elsevier.com/locate/ress

The risk concept—historical and recent development trends

Terje Aven
University of Stavanger, Ullandhaug, Stavanger, Norway

article info abstract

Article history: This paper reviews the definition and meaning of the concept of risk. The review has a historical and development trend
Received 1 September 2011 perspective, also covering recent years. It is questioned if, and to what extent, it is possible to identify some underlying
Received in revised form 3 patterns in the way risk has been, and is being understood today. The analysis is based on a new categorisation of risk
November 2011
definitions and an assessment of these categories in relation to a set of critical issues, including how these risk definitions
Accepted 19 November 2011 Available
online 28 November 2011
match typical daily-life phrases about risk. The paper presents a set of constructed development paths for the risk concept and
concludes that over the last 15–20 years we have seen a shift from rather narrow perspectives based on probabilities to ways of
Keywords: thinking which highlight events, consequences and uncertainties. However, some of the more narrow perspectives (like
Risk concept expected values and probability-based perspectives) are still strongly influencing the risk field, although arguments can be
Historical perspective
provided against their use. The implications of this situation for risk assessment and risk management are also discussed.
Development trends
Semantic analysis

& 2011 Elsevier Ltd. All rights reserved.

1. Introduction Studying the concept of risk using a historical and develop-ment trend
perspective is considered important for risk assess-ment, risk management
There is no agreed definition of the concept of risk. If we study the and risk communication, as it could provide a strengthening of the
literature we find a number of different ways of understanding the risk understanding of the foundational pillars of these fields. Such a strengthening
concept. Some definitions are based on probability, chance or expected is considered impera-tive as the present situation is characterised by many
values, some on undesirable events or danger, and others on uncertainties. weakly justified and inconsistent concepts about risk [8,13,18]. An inter-
Some consider risk as subjective and epistemic, dependent on the available esting question to ask is to what extent the risk field is going in the right
knowledge, whereas others grant risk an ontological status independent of the direction. Are the inadequate perspectives wiped out or are they still
assessors. influencing the risk field? The present paper also seeks to answer these
These definitions, their rationale, strengths and weaknesses, have been questions.
thoroughly discussed in the literature; see e.g. Aven and Renn [15] and Aven
et al. [18]. However, an interesting aspect of these definitions, not addressed The discussion is based on two important premises. The first one states
by these references, is the time dimension. Is it possible to identify some that risk should be defined in such a way that it can be distinguished between
development trends in these and other definitions of risk? An initial risk per se and how risk is managed. There exist perspectives on risk in which
hypothesis formu-lated for the present work was that there has been a gradual this distinction is not made. One illustrating example is Beck [19]. When
change from rather narrow risk perspectives based on probabil-ities and Beck states that ‘‘Risk may be defined as a systematic way of dealing with
expected values, to broader not-probability-based defi-nitions with a sharp hazards and insecurities introduced by modernisation itself’’ ([19], p. 21), he
distinction between risk as a concept and how this concept is measured. The is adopting a way of thinking that is not in line with this premise. I do not
purpose of this paper is to study this issue in more depth and the validity of think many researchers on risk would argue against this premise. To use the
this hypothesis in particular. Many of the definitions studied are from the last words of Campbell and Currie [25], p. 151, in their analysis of Beck’s work
30–40 years, but some definitions are also from the first part of the 20th on risk:
Century, and some even earlier, like de Moivre’s defini-tion of risk from
1711. The risk definitions of the last 30–40 years have appeared along with
the development of the scientific field of risk analysis (see e.g. [73]).
It is hard to think of a less adequate definition: risk is not a way of dealing
with things y Beck’s definition would make it impossible to ask: How are
we responding to this risk?, as the response and the risk would be the same
thing. Secondly, risk should not be so defined that it applies only to
‘moderniza-tion’, for there were of course risks before industrial society.
E-mail address: [email protected]

0951-8320/$ - see front matter & 2011 Elsevier Ltd. All rights reserved.
doi:10.1016/j.ress.2011.11.006
34 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44

The second premise expresses that risk should be defined in such a way defined and understood. These disciplines and areas may have different needs,
that it can be distinguished between risk per se and how risk is perceived. The and this has contributed to the many different views on risk that exist out
perception notion includes personal feelings and affections (for example there.
dread) about the possible events, the con-sequences of these events and about It is obvious that the different disciplines and areas have and need to have
the uncertainties and probabil-ities, but such feelings and affections should different methods for assessing and managing risk. For example, business
not be a part of the risk concept when this is used in professional/scientific needs a different set of risk procedures and models than, for example,
contexts. If risk perception also includes judgments of risk acceptability, the medicine and engineering. But does this mean that these disciplines and areas
argu-ments for this premise become even stronger, as the risk concept should should have completely different perspectives on what risk is as a concept? Is
not cover risk treatment/management (refer to the first premise). This premise not the basic challenge the same—to conceptualise that an activity in the
is not in line with cultural theory and constructivism, which argue for the future could lead to some events/consequences/outcomes that in some way
thesis that risk is the same as risk perception ([47], critical comments in [67]). are not desired or planned? As we will see later, the answers are very much
Risk coincides with the perceptions of it (e.g. [32,81]). Beck [19] p. 55 dependent on the issues raised in our initial hypothesis: is the concept of risk
concludes that ‘‘because risks are risks in knowledge, perceptions of risks and inseparable from the risk descriptions or is there a sharp distinction between
risk are not different things, but one and the same.’’ See Aven and Renn [15] risk as a concept and how this concept is measured?
for a more detailed discussion of this thesis.

Many risk definitions are based on modelling, in particular probability

When it comes to risk assessment, we cannot so easily define a similar models reflecting variation in populations (also referred to as aleatory
premise, as many common risk definitions are closely linked to the way risk uncertainties) for example when consider-ing risk definitions based on
is described using a risk assessment. This issue will be thoroughly discussed frequentist probabilities (a frequen-tist probability expresses a fraction of
in the present paper. ‘‘successes’’ if the situation studied is repeated over and over again infinitely).
Many perspectives on risk are developed and used for specific disciplines When studying the development trends, such definitions of risk will be
and areas; see reviews by, for example, Renn [65] (adjusted slightly in Aven studied, but also risk definitions based on knowledge-based or epistemic
and Renn [16]) and Althaus [3]. Renn interpretations of probability.
[65] distinguishes between the following disciplines/perspectives: statistical
analysis (including the actuarial approach), toxicology/ epidemiology, The paper is organised as follows. Section 2 provides some general
probabilistic risk analysis, economics of risk, psy-chology of risk, social reflections about the risk concept, particularly addressing the origin of the
theories of risk and cultural theory of risk, whereas Althaus [3] distinguishes word ‘risk’ and how this concept is used in everyday language. Section 3
between logic and mathematics, science and medicine, social sciences reviews ideas and definitions of risk adopted in the professional/scientific
(anthropology, sociology, economics, law, psychology, linguistics), history context. A new way of classifying the various types of risk definitions is
and humanities (history, the arts), religion and philosophy. The classification presented, and, using this classification, an analysis is conducted of how the
systems specify a view on risk for each discipline/area. For example, various definitions perform in relation to a set of issues raised. These issues
according to the classification system of Althaus [3], risk is viewed as a cover questions like the following: is the risk concept balancing different
calculable phenomenon in logic and mathematics, an objective reality in attributes (e.g. consequences and likelihood)? and is the risk concept based on
science and medicine, as a societal phenomenon in sociology and as a concept expert modelling? Also an evaluation of the match between these definitions
in linguistics. and the phrases presented in Section 2 is carried out, to see to what extent
these definitions are in line with the typical daily risk language. Section 4
This is a classification which simplifies how different disci-plines and discusses the findings of the previous sections and the initial hypothesis of the
areas look at risk. However, for many disciplines and areas, using just one paper, that there has been a gradual change from rather narrow risk
category to describe the ruling thinking needs to be replaced by several views, perspectives based on probabilities and expected values, to broader not-
for example, in science, subjective perspectives (Bayesian frameworks) are probability-based definitions with a sharp distinction between risk as a
also com-monly adopted. For the purpose of the present paper we find these concept and how this concept is measured. For this purpose, a set of thought-
discipline classifications of risk to lack precision—we need to have a higher constructed development paths are defined and studied, starting from de
level of specification, not only characterisations like ‘‘objective reality’’ or Moivre’s risk definition based on expected values in 1711 and ending up now
‘‘societal phenomenon’’. in 2011. For the sake of readability, some of the arguments referred to are
summarised in the appendix. Finally, Section 5 provides some conclusions
This does not mean of course that such characterisations are not important and closing remarks.
and will not be addressed in the coming discussion. To meet the paper’s
objective of searching for development trends in the way risk is defined and
understood, it is necessary to give due attention to the distinction between The discussion in this paper is based on my assessments, and it is obvious
conceptualisations of risk that see risk as an objective property of the world that my underlying views on what is the best way of defining and
and conceptualisations that are based on judgments and knowledge of a understanding risk affects my analysis. Through other recent publications my
person (i.e. are epistemological). We remember the well-known phrases used view should be well-know. How-ever, the main part of this paper provides a
by Immanuel Kant (1724–1804), ‘‘Das Ding an sich’’ and ‘‘Das Ding fur general analysis that can be appreciated whether the reader agrees with my
mich’’. Risk (and probability) can be viewed as both a ‘‘an sich’’ property of final conclusions or not. What is important in the paper are the arguments
the world and a ‘‘fur mich’’ concept (see also [74]). used, their validity. I hope the paper can stimulate further discussions on the
meaning and understanding of the concept of risk, as such discussion is
However, to be able to meaningfully discuss this issue, we need to link considered very important for the development of the risk fields as mentioned
these ideas to specific definitions with clear inter-pretations. As we will see in above.
the coming sections, many of these definitions and interpretations are closely
related to different understandings of a probability.

The concept of risk (addressing the term and its meaning) is of course not 2. About the risk concept – its origin and daily use
only relevant for linguistics (refer to the classification system of Althaus [3]),
but also an issue in other disciplines and areas. All disciplines and areas need Althaus [3] gives a thorough review of the origin of the word ‘risk’. She
to clarify how risk is to be underlines that the origin of the word ‘risk’ is disputed
 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44 35

in the literature and this is also apparent when reading the detailed analysis in ancient sailors to warn the helmsman that rocks might be near.
the Oxford English Dictionary [62]. Here are some of the explanations
provided by the Oxford English Dic-tionary [62] (these are to a large extent in – Giddens [37] suggests the word came to English from the Portuguese or
line with those mentioned by Althaus): Spanish where it was used to refer to sailing into uncharted waters;
Chambers Twentieth Century Dictionary [26] explains the Spanish risco
refers to ‘‘a rock’’; Giddens [37] says that one root of the term ‘risk’ in the
– French risque´: danger or inconvenience, predictable or other-wise (1578 in original Portuguese means ‘‘to dare’’.
Middle French as a feminine noun, 1633 as a masculine noun; 1690 as a
legal term) – Ewald argues that the notion of risk first appeared in the Middle Ages,
– Italian risco (first half of the 14th cent.), variant of rischio (1292; 13th cent. related to maritime insurance and was used to designate the perils that
as reisego), risico (1367), both in sense ‘possibility of harm, an unpleasant could compromise a voyage [76].
consequence, etc.’ – The British Medical Association [22] suggests that the word is derived
– Post-classical Latin resicum, risicum (both mid 12th cent. in Italian from the Greek word rhiza, which refers to the ‘‘hazards of sailing too
sources; also mid 12th cent. in a document from Constantinople), risigum, near to the cliffs: contrary winds, turbulent downdraughts, swirling tides.’’
resigum, resegum (1227–8 in Occita-nian sources), rischium, rischum,
riscum, risecum (second half of the 13th cent. in Italian sources), all in
commercial contexts in sense ‘hazard, danger’
The daily use today of the word ‘risk’ to a large extent reflects these
– Middle French (Walloon) resicq, risicq: possibility of damage to or loss of explanations. Using the Oxford English Dictionary [62], we find three main
merchandise (second half of the 15th cent.) categories of definitional perspectives to risk (see also [3]):
– Old Occitan rezegue: possibility of damage to merchandise when
transported by sea (1200; 1301 as reseque)
– Catalan risc, reec: danger, risk, possibility of damage to mer-chandise when (1) (Exposure to) the possibility of loss, damage, injury, or other adverse or
transported by sea (13th cent.) unwelcome circumstance; a chance or situation involving such a
– Spanish riesgo: conflict, disagreement (1300), possibility of harm or possibility.
unpleasant consequences (16th cent.) (2) A hazardous journey, undertaking, or course of action; a venture.
– Portuguese risco (15th cent.)
– Dutch risico (1525) and resicq (1563), risicque (1602), both recorded in the (3) A person or thing regarded as likely to produce a good or bad outcome in
Spanish Netherlands in the sense ‘possibility of damage to merchandise’ a particular respect; a person or thing regarded as a threat or source of
danger.
– German Risiko (1507)
– Post-classical Latin rixicum (1458 in a British source)
– Medieval Greek rizikon (1160) From these perspectives we see that the term ‘risk’ can be considered
– Arabic rizq (in Maghribi Arabic also rezq¯), which has a number of senses: something that is positive or negative, and it could be both a noun (taking
‘provision, lot, portion allotted by God to each man’, ‘livelihood, risks) and a verb (to risk losses).
sustenance’, hence ‘boon, blessing (given by God)’, ‘property, wealth’, In the coming sections we will study how the risk concept used in
‘income, wages’, and finally ‘fortune, luck, destiny, chance’ professional and scientific settings matches these usages, and we will have a
special focus on possible development trends. To provide a basis for this
study, we will investigate in somewhat more detail the daily use of the risk
According to the Oxford English Dictionary [62] it is widely suggested term—exploring these three perspectives using some examples of typical
that the post-classical Latin resicum, risicum, etc. in the sense ‘danger, statements involving risk, also capturing some more recent applications (for
hazard’ originated from the post-classical Latin noun resecum, a proposed example terrorism risk). The examples are partly taken from the Oxford
derivative of classical Latin resecare¯ meaning ‘that which cuts’ and hence English Dictionary [62] (when a year is indicated) and partly from Merkelson
‘rock, crag, reef’ (compare Spanish risco in this sense from the 13th cent.), (2011) (some adjustments are made for some of the examples) who performs
with allusion to the hazards of travel or transport by sea. The Oxford English an interesting semantic analysis of the concepts of risk, danger, chance and
Dictionary [62] states that this argument fits with the maritime context of hazard using different sentences that describe a scenario in which a couple is
many early uses of the word in English and the Romance languages, but it placed under a boulder that may or may not dislodge from a ledge and hit the
involves a number of steps, which are not supported by documentary couple (this example is also studied in, for example, Rosa
evidence.

Again, following the Oxford English Dictionary [62], this explana-tion [67] and Aven et al. [18]).
and one expressing that the post-classical Latin resicum, risicum, etc. is Oxford English Dictionary [62]:
derived from the specific senses ‘fortune, luck, destiny, chance’ of Arabic Category (1)
rizq, assume that that medieval Greek rizikon was borrowed from post-
classical Latin risicum, but it is also possible that the borrowing went the 1699 They must run the risque of the falling of the price.
other way: both words are first attested at about the same time. See the 1718 He that runs the risque deserves the fair.
Oxford English Dictionary 1808 Little he loves such risques, I know.
[62] for some possible ways of explaining the origin of the Greek word (one 1880 Fire insurance as a business consists in undertaking a certain risk in
is the Arabic rizq). return for a comparatively small sum, called the premium.
Clearly, the etymology of the concept of risk is inconclusive. To further
illustrate the many views on the origin of the word ‘risk’, consider the 1889 Sugar is very difficult to ship; rum and tafia can be handled with
following statements from various sources (the last three are from Althaus less risk.
[3]): 1908 The plan was rather a hazardous one, but she was prepared to take
risks.
– According to Bernstein [21], the word ‘risk’ derives from the early Italian 1934 Particular districts may be open to the risk of flooding arising from
risicare, which means ‘‘to dare’’. It was used by heavy rainfall or the thawing of snow.
36 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44

2003 In Colorado, about 1.3 million people live in the red zone, areas at 3. The couple takes (a) risk by placing themselves under the boulder.
great risk of wildfire.
4. The couple placed under the boulder is in a risky situation.
Category (2) 5. The couple risk getting hit by the boulder.

1679 Unto far distant Orbs, she takes her flight, and wanders, without And I add
Keeper, out of sight. Return, return, to thy imprison’d shrine; and
shamefully repent, this risque of thine. 6 The couple face risk – the boulder may dislodge from the ledge and hit
them.
1692 An insolent despiser of Discipline, nurtur’d into Impu-dence by a 7 The risk that the couple face (is exposed to) is small. Some other
long Risque of Licence and Rebellion.
sentences, addressing some current issues:
Category (3)
8. There is risk associated with the operation of a nuclear power
plant.
1867 Married men are usually the most desirable risks.
9. Emergent risks have become an issue.
1867 Gasworks are esteemed a fire risk of special hazard.
10. The terrorism risk is high.
2001 Customers of other Citigroup companies who agreed to
buy Travelers’ insurance tended to be poor risks.
2002 The boy, who is considered a risk to himself and others, is As highlighted by Althaus [3], by its very semantics, the conceptual
currently being housed in a £3,500-a-week secure unit in Leeds. understanding of risk conveys risk to be something that is open to a multitude
of converse possibilities and interpretations.

At risk, in risk Althaus [3] makes some interesting reflections concerning the variability
in use of the word ‘risk’ across time, society and region. Althaus refers to
Bernstein [21] and Gigerenzer et al. [38] who to a large extent align the
1796 The reputation of the whole fraternity would be at risk by
irregularity on this occasion. concepts of chance and probability with risk, and argue that the notion of fate
was replaced with belief in the ability of humanity to master uncertainty using
1937 Hundreds of Irishmen were glad to put their necks in risk of
England’s halter. the tool probability. Following this idea any distinction between risk and
uncertainty/chance today has been linguistically lost.
1994 Researchers worldwide have raced to identify more of the genes
that put individuals at high risk of developing the disease, also
known as juvenile diabetes. However, at the same time, risk is a very loose term in everyday parlance,
and issues of calculable probability are not necessarily important to the
At a person’s risk colloquial use of risk [56]. As will be seen from our coming analysis, many
risk perspectives have a sharp distinction between uncertainty/chance and
risk.
1852 If a part of the property insured was sold, it ceased thereby to be at
Althaus [3] concludes that the older entrepreneurial concept of risk as a
the risk of the underwriters.
venture has blurred since the beginning of the 19th century [56]. In
1922 The goods were carried at the owner’s risk.
contemporary times the word ‘risk’ in everyday language has increasingly
1970 He therefore should be at risk where the car causes damage.
come to refer to something negative [76]. These changes – the resistance
against fate, the merging of risk with uncertainty, and the contemporary
emphasis on risk linked to undesirable consequences or outcomes – in the
At the risk of
mean-ings and use of risk, are associated with the emergence of modernity,
beginning in the 17th century and gathering force in the 18th century [56,37].
1815 Ay, at the risk of all our own necks—we could do that without you.
1816 He ran down to the cellar at the risk of breaking his neck.
If we look at the various historical definitions and compare them with the
1874 You thought you could save him at the risk of your health. current three interpretations, I see the following similar features:

2003 In science as in normal life, there are some clochards who, at the For an activity, different consequences are possible; one or more are
risk of being ridiculed, explore unpopular territories. negative (undesirable) and the main focus is on these—the consequences are
not known.
Risk is either the possibility/uncertainty/chance that the activ-ity will have
At risk to some undesirable consequences, or the activity (person, gasworks) itself, that
which is often also referred to as a risk source or a threat. To me the origin
1905 The bravery of eight men of the regiment who, at risk to their lives, and historical use match very well current everyday use.
snatched from the zone of fire a popular young officer.

1969 Increasing numbers of townsmen were engaged in forming

politically oriented professional unions at con-siderable risk to the 3. The risk concept used in a professional/scientific context
individuals involved.
It is impossible to present and discuss all definitions of the risk concept
Merkelson (2011) suggested and used in the scientific risk fields. Quite many definitions can be
found in for example Wood [80], Crowe and Horn [27], DFI [28], Aven and
1. The couple placed under the boulder is exposed to (a) risk.
Renn [15] and Aven et al. [18],
but there are many more. However,
2. There is a risk that the boulder will hit the couple.
by structuring and classifying
 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44 37

the risk definitions according to some specific features as shown below, it is 6) Risk¼Probability and scenarios/Consequences/severity of con-sequences
possible to cover a large number of definitions. (R¼P&C)
a) Risk is a combination of hazards measured by probability; a state of
the world rather than a state of mind [63].
3.1. Classification system for risk definitions b) Risk is a measure of the probability and severity of adverse effects
[55].
To my best knowledge, the references in the parentheses specify the c) Risk is equal to the triplet (si, pi, ci), where si is the ith scenario, pi is
sources of the relevant definitions except for (1b), (1d), (2b) and (6d) where the probability of that scenario, and ci is the
the references simply provide exam-ples of work in which the relevant consequence of the ith scenario, i ¼1,2, yN; i.e. risk captures: What
definitions are used or referred to. can happen? How likely is that to happen? If it does happen, what are
the consequences? [48].
d) Risk is the combination of probability and extent of consequences [2].
1) Risk¼Expected value (loss) (R¼E)
a) The risk of losing any sum is the reverse of Expectation, and the true 7) Risk¼Event or consequence (R¼C)
measure of it is, the product of the sum adventured multiplied by the a) Risk is a situation or event where something of human value
probability of the loss [30]. (including humans themselves) is at stake and where the outcome is
b) Risk equals the expected loss [75,78]. uncertain [67,68].
c) Risk equals the product of the probability and utility of some future b) Risk is an uncertain consequence of an event or an activity with
event [1]. respect to something that humans value [44].
d) Risk equals the expected disutility [24]. 8) Risk¼Consequences/damage/severity of theseþUncertainty (R¼C&U)
2) Risk¼Probability of an (undesirable) event (R¼P)
a) Risk is the chance of damage or loss [41]. a) Risk¼UncertaintyþDamage [48].
b) Risk equals the probability of an undesirable event [24]. b) Risk is equal to the two-dimensional combination of events/
c) Risk means the likelihood of a specific effect originating from a consequences (of an activity) and associated uncertainties [6,9].
certain hazard occurring within a specified period or in specified
circumstances [49]. c) Risk is uncertainty about and severity of the consequences (or
3) Risk¼Objective Uncertainty (R¼OU) outcomes) of an activity with respect to something that humans value
a) Risk is the objective correlative of the subjective uncer-tainty; (Aven and Renn 2009a).
uncertainty considered as embodied in the course of events in the d) Risk is the deviations from a reference level (ideal states, planned
external world [77]. values, expected values, objectives) and associated uncertainties [14].
b) Risk is measurable uncertainty, i.e., uncertainty where the distribution
of the outcome in a group of instances is known (either through 9) Risk is the effect of uncertainty on objectives [45,46] (R¼ISO).
calculation a priori or from statistics of past experience) [50].

4) Risk¼Uncertainty (R¼U) [4,60] To characterise these definitions, or rather these categories of definitions,
a) in regard to cost, loss or damage [40]. a set of issues are addressed for each of these categories; see Table 1. Most of
b) about a loss [58]. the assignments in Table 1 are straightforward, but others need some
c) of the happening of an unfavourable contingency [57]. comments.
d) of outcome, of actions and events [23]. Firstly, for the definitions that are based on probabilities and expected
5) Risk¼Potential/possibility of a loss (R¼PO) values, we need to explain what we mean by these terms as they can be
a) Risk is the possibility of an unfortunate occurrence [64]. interpreted in different ways. The most general interpretation is simply to say
b) Risk is the possibility of an unfavourable deviation from expectations that a probability is a measure for representing or expressing uncertainty,
[5]. following the rules of probability calculus [10]. However, this is not
c) Risk is the potential for realisation of unwanted, negative sufficiently precise, as the measure is not defined, and, depending on the
consequences of an event [69].

Table 1
Characterisations of different risk definition categories (x: yes, blank: no, x?: answer depending on the meaning of P and E).

Definition 1 2 3 4 5 6 7 8 9
Issue R¼E R¼P R¼OU R¼U R¼PO R¼P&C R¼C R¼C&U R¼ISO

Risk is a quantitative measure x x x x

Risk is a qualitative concept x x x x x
Risk exists objectively (broad inter-subjectively) x x x x x x
Risk is based on a (technical) model concept x? x? x x?
Risk is defined through events/consequences/outcomes/severity of these x x x
Risk is defined through uncertainties x x x
Risk is based on a probability (considered a measure for representing or expressing uncertainty, x x x
following the rules of probability)
Risk balances different attributes (e.g. consequences and likelihood) x
Risk relates to negative/undesirable consequences/outcomes only x x
The definition allows for a distinction between the concept of risk and how to measure/describe x x x x x
risk
Origin after 1970 x x x x
Focused last 10–15 years x x x x x x

R¼Risk, E ¼Expected value (loss), P ¼Probability (of an undesirable event), OU¼objective uncertainty, U ¼Uncertainty, C¼event/consequence, Po¼Potential/possibility (of a loss), ISO¼ [45,46]
definition of risk.
38 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44

measure, we would evaluate the various definitions in Table 1 differently. In Table 1, risk relates to negative/undesirable consequences/ outcomes
Basically, as noted for example by Aven et al. [18], there are two alternative only for the definition categories 2 and 5, but also for the categories 1 and 6
interpretations that could be used; a probability of an event A is either: the consequences are often restricted to loss (damage, etc.).

If the definitions are based on probabilities, Table 1 specifies that the

i) a frequentist probability, expressing the fraction of times the event A definitions do not allow for a distinction between the concept of risk and how
occurs when considering an infinite population of to measure/describe risk. This is certainly true if subjective probabilities
similar situations or scenarios to the one analysed. We denote this provide the basis for the definitions as the concept of risk is then the same as
probability by Pf(A). This concept is a model concept (a parameter of a the measurement of the risk as was indicated above. If, on the other hand, risk
probability model), and as Pf(A) is unknown is based on frequentist probabilities we may obtain a distinction between the
– it has to be estimated. Hence we get a distinction between the concept of risk – which is based on the underlying true frequen-tist
underlying concept Pf(A) and its estimate Pf(A)* (say), or probability – and the measurement/description of risk, which is based on
ii) a subjective (knowledge-based, judgmental) probability, expressing the estimation of these probabilities. However, in this case the risk concept is
assessor’s uncertainty (degree of belief) of the occurrence of event A. We based on modelling, and this modelling will only be justified in some cases of
denote this probability by P, or P(A9K) to show that this probability is repeatability, making this distinction generally non-existent. We will return to
conditional on some background knowledge, K. A common interpretation this issue in the next section.
is the uncertainty
standard: the probability P(A)¼0.1 (say) means that the asses-sor
compares his/her uncertainty (degree of belief) about the occurrence of When risk is defined by consequences and uncertainties (R ¼C&U) (and
the event A with the standard of drawing at random a specific ball from an also when R¼C) a risk description is obtained by specifying the
urn that contains 10 balls. events/consequences C and using a description (measure) of uncertainty Q.
Specifying the events/consequences means to identify a set of
0
events/quantities of interest C that characterize the events/consequences C.
0
The expected value of an unknown quantity (for example the loss An example of C is the number of fatalities. Depending on the principles laid
associated with an activity) is the centre of gravity of the probability down for specifying C and the choice of Q we obtain different perspectives on
distribution of this quantity. When using frequentist probabilities, we can how to describe/measure risk. As a general description of risk we can write
interpret the expected value as the arith-metic mean of the quantities 0
(C ,Q,K), where K is the knowledge that Q is based on. The most common
generated by considering an infinite population of similar situations or tool for describing the uncertainties U is probability P, but there exist also
scenarios to the one analysed. others including imprecise (interval) probability and representations based on
Hence, if probability is understood as a frequentist probability, the the theories of evidence (belief functions) and possibility [34,17], as well as
definition categories (1), (2) and (6) are based on a model concept. If, on the qualitative methods as for example described in Aven [9] (see comment on
other hand, probability is a subjective prob-ability these definitions would this type of methods in the last section of the paper).
represent the judgements – degree of belief – of the assessors.

The ontological status of many types of risk definitions are studied in Table 2 presents an evaluation of the match between some of the daily
Aven et al. [18], and it is referred to this paper for the argumentation for the language phrases presented in the previous section and the different risk
assignments made in Table 1 on this issue. definition categories. In the following, some comments to the assignments are
Risk exists objectively, meaning in the sense of broad inter-subjectively, given.
when risk is for example uncertainty or a potential. The point made is that Firstly, we see from Table 2 that the risk definition ‘‘Risk¼Objec-tive
there should be no discussion in advance when studying an activity, that we Uncertainty’’, which includes Frank Knight’s famous risk defini-tion from
do not know what will be the consequences, different events/outcomes are 1921, basically saying that risk is an objective probability distribution, is not
thinkable, they could occur. The subjectivity enters the scene when we try to consistent in general with any of the risk phrases. The reason is of course
measure this uncertainty or potential; see discussion in Aven et al. [18]. obvious as few situations in life are characterised by objective probability
distributions, and, hence,

Table 2
Evaluation of the match between daily language phrases and different risk definition categories. x: the phrase makes sense following this risk definition category.

Definition 1 2 3 4 5 6 7 8 9
Phrase R ¼E R¼P R¼OU R ¼U R¼PO R¼P&C R¼C R¼C&U R¼ISO

(a) They must run the risk of the falling of the price. x x x x x
(b) The plan was rather a hazardous one, but she was prepared to take risks. x x x x x x x x
(c) In Colorado, about 1.3 million people live in the red zone, areas at great risk of wildfire. x x x x x x x
(d) Married men are usually the most desirable risks. x x x x x
(e) The goods were carried at the owner’s risk. x x x x x x x
(f) He ran down to the cellar at the risk of breaking his neck. x x x x x x x
(g) The couple placed under the boulder is exposed to (a) risk x x x x x x x x
(h) There is a risk that the boulder will hit the couple.
(i) The couple takes (a) risk by placing themselves under the boulder. x x x x x x x x
(j) The couple placed under the boulder is in a risky situation. x x x x x x x x
(k) The couple risk getting hit by the boulder.
(l) The couple face risk—the boulder may dislodge from the ledge and hit them. x x x x x x x x
(m) The risk that the couple face (is exposed to) is small. x x x x x x
(n) There is risk associated with the operation of a nuclear power plant. x x x x x x x x
(o) Emergent risks have become an issue. x x x x x x x x
(p) The terrorism risk is high. x x x x x x x

R¼Risk, E ¼Expected value (loss), P ¼Probability (of an undesirable event), OU¼objective uncertainty, U ¼Uncertainty, C ¼event/consequence, Po¼Potential/possibility (of a loss), ISO¼ [45,46]

definition of risk.
 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44 39

adopting this definition would mean to contradict the daily use of the term there is a distinction between risk per se and how risk is perceived. This is
‘risk’. true for all the risk definitions discussed above, and in a professional risk
Secondly, we see that the phrases (h) and (k) expressing that ‘‘there is a assessment context also the risk description should be separated from the risk
risk that the boulder will hit the couple’’ and ‘‘the couple risk getting hit by perception. The analysts’ fear for a type of event should not influence their
the boulder’’, respectively, have no match with the risk definitions 1–9. If the judgment on how large the risk is. Of course, there could be cases when such
phrase (h) is rewritten as ‘‘there is a probability that the boulder will hit the influence is present, but that would not be the normal situation for a
couple’’, ‘‘there is a possibility that the boulder will hit the couple’’, ‘‘there professional analyst team. However, if we look at the layman’s risk
are uncertainties about the boulder hitting the couple’’ etc., we obtain matches description, things could be different. Consider as an example the assessment
with some risk categories, for example ‘‘there is a probability that the boulder of terrorism risk. Here the concept of risk as well as its description, could be
will hit the couple’’ will be an example of risk definition category 2. strongly influenced by feelings and affections.

One of the reviewers of the original version of this paper made the remark
that it is common among economists to refer to risk of positive (and I would
4. Discussion
add, also negative) outcomes (in relation to some reference values), but it
would be better to use the term probability or chance of positive (negative)
Looking at the nine categories of risk definitions, it is possible to draw
outcomes – it is not the risk that is positive (negative). This is an example of a
several development paths. I have identified six, all starting from de Moivre’s
statement like (h) and (k), and yes, risk here could be replaced by
the expected value (loss); see Fig. 1. These paths are thought-constructed
probability/chance, or alternatively possibility or uncertainties depending on
schemes reflecting some main type of prevailing risk perspectives today with
the preferred risk definition.
plausible development paths ending up with this current perspective. Think
about a person that today argues for the use of the C&P perspective (D2 in
Similarly, we can rephrase (k) to obtain for example ‘‘the couple could be
Fig. 1). If he/she had lived some x years back in time, what would have been
hit by the boulder’’, which corresponds well with the risk definition
his/her stand? The scheme says that if x had been about 30–110 years, the
categories 4, 5 and 8.
person is likely to have been ruled by the ‘‘Risk¼Prob-ability of a loss’’
Thirdly, for the phrases (b), (g), (i) and (j), ‘‘risk/risks’’ are interpreted in
perspective, etc. Alternatively, we may think of a set of six different
Table 2 as ‘‘high risk/risks’’, for example phrase (b) is read as ‘‘The plan was
categories of people, with members in each category being defined as
rather a hazardous one, but she was prepared to take high risks’’. This is in
‘‘similar’’ in some meaningful sense even though they live in different time
line with for example risk definition 1 (risk¼expected value (loss)), reading
periods. One way of defining similarity is to refer to the same training or
the sentence as ‘‘The plan was rather a hazardous one, but she was prepared
occupation, for example engineers or economists. It is stressed that this is a
to take high risks in the form of a high expected loss’’.
highly simplified scheme based on mental simulation with the purpose of
illustrating some overall lines of potential development. The figure is not to
Fourthly, as we see from Table 2, the assignments are quite similar for be read as an accurate timetable for specific events.
most risk definitions. We see that for (a) and (d) the probability-based
definitions and 7 do not match, whereas they do for the others (except risk
definition 7 for phrase (c)). Take for example phrase (a), ‘‘They must run the
The six development paths D1–D6 (the parentheses include typical
risk of the falling of the price’’. It is immediately clear that this statement is
categories of advocators of this perspective):
consistent with for example the risk definition saying that risk is uncertainty
(category 4) or risk is the possibility (category 5), but not if risk is the
1. Since de Moivre, risk has been considered an expected value (loss) E. No
probability of a loss, as it does not make sense to say that they must run the
changes in views (decision analysts and economists)
probability (of a loss) of the falling of the price. For the phrase (c) ‘‘In
2. The concept of risk has developed from the E stand, to P and finally C&P
Colorado, about 1.3 million people live in the red zone, areas at great risk of
which now prevails (engineers, health personnel)
wildfire’’, there is no match with risk definition 7 (risk¼event/consequence)
3. The path is the same as D2, but C&P is recently replaced by C&U
as it is not meaningful to talk about great events/consequences in this context.
(engineering based-scientists)
As noted by Aven and Renn [15], the use of this type of risk definition
4. The risk concept changed early from the E perspective to U and has not
requires a rewriting of the commonly used risk language (we cannot write that
changed since then (business)
risk is high or low, that risk is acceptable, or that risk should be reduced etc.).
Check for example phrase (m) ‘‘The risk that the couple face (is exposed to) 5. The risk concept changed early from the E perspective to OP and has not
changed since then (economists)
is small’’. We see that this statement has no meaning if we adopt the
definition (7) as the issue is not about the event/consequence being small or 6. The concept of risk has developed from the E stand, to covering both U
not. and P, then all three U, Po and C&P, and finally all of C, C&U and ISO
(people with a holistic perspective)
Fifthly, we see from Table 2 that the risk definition categories
(8) and (9) have the same assignments. The reason for this is that Within these perspectives we have interpretations based both on
(9) has been interpreted to be in line with (8). This interpretation is, however, frequentist probabilities and subjective (judgemental, knowl-edge-based)
not obvious, as discussed in Aven [10]. An inter-pretation more in line with probabilities.
category (7) is also reasonable and then the assignment of (9) becomes as for In the following, a brief description and evaluation of these paths will be
(7). given. Some of the argumentation used for justifying or rejecting the various
Sixthly and finally, it has to be noted that the probability-based definitions risk definitions is well known from other publications (e.g. [8,11,18]), but for
would all work based on the subjective prob- the sake of completeness and readability some text from these references is
ability interpretation for the phrases (b), (c), (e), y, (p). The degree to which included.
the frequentist interpretation would make sense depends on the setting, but for
some phrases it is clear that such an interpretation is not applicable as the
situation considered cannot be meaningfully repeated under similar conditions 4.1. Development path D1
(e.g. p) the terrorism risk is high.
Following this development, risk is the same as an expected value, which
Some comments are also in place concerning the issue of risk perception. basically means either
Premise 2 as defined in the introduction states that Risk¼expected loss or Risk¼expected (dis)utility
40 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44

Risk = U R=U, R=C,

R= Po D6
Risk = P C&U, ISO
Risk = C&P
D5
Risk = OU

Risk = U D4

Risk = P Risk = C&P R= D3

C&U

Risk = P Risk = C & P D2

Risk = E
Risk = E D1

1900 1980
1700 Now

Time

Fig. 1. Six thought-constructed development paths for the risk concept.

The difference is important, as the second interpretation allows for should also cover this aspect, and the intention of the C&P definitions is to
weighing the loss (outcomes) depending on the assessor’s preferences. meet this critique, as they address the full spectre of consequences that could
occur.
Both interpretations mean that some integration is made between the Following this path, probability theory is considered the appropriate
severity of the different outcomes and the corre-sponding probabilities. The mathematical structure for the representation of uncertainty and no other is
simplicity of having just one number to relate to is considered an attractive needed [54,79,61].
property of this perspec-tive. The expected loss version is motivated by the Critique can also be raised against these perspectives. Appendix B
law of large numbers which says that the average of a number of similar provides a summary of the main points made. This critique is leading up to
independent, identically distributed random variables converges to the the development perspective D3.
expected value of one specific random variable.
4.3. Development path D3
The utility perspective reflects the need for seeing beyond expected values
in risk management by incorporating the deci-sion maker’s risk aversion or The development path for D3 is as for D2, with an extension of the C&P
risk-seeking attitude in the utility (loss) function used. Risk aversion means risk perspective to C&U in recent years. Hence, different types of tools for
that the decision maker’s certainty equivalent is less than the expected value; measuring the uncertainties can be incorporated for the risk descriptions. The
the certainty equivalent is the amount of payoff (e.g. money or utility) that the C&U perspective facilitates a clear distinction between the risk concept and
decision maker has to receive to be indifferent between that payoff and the how it is measured.
actual ‘‘gamble’’. A risk-seeking attitude means that the decision maker’s Thus probability enters the scene when we would like to describe or
certainty equivalent is higher than the expected value [53]. Only in the case measure the uncertainties and thus risk. Probability is not a part of the risk
that the decision maker is risk neutral, expected values can replace the concept per se.
information provided by the whole probability distributions. The risk descriptions are often based on modelling, for example using
probability models and frequentist probabilities. Probability models and
frequentist probabilities do not exist in general – they are model concepts that
Strong arguments can be raised against these perspectives. In Appendix A are meaningful only in some situations of repeatability, as highlighted also
a summary of the main points are presented. earlier in this paper.
The Kaplan and Garrick definition from 1981 can be viewed as a founding
4.2. Development path D2 pillar of the C&P perspective. In their famous 1981 paper
[48] they also refer to risk as qualitatively defined as ‘‘uncertain-
Now risk becomes the probability of a loss. It is not difficult to find tiesþdamage’’, which can be seen as a version of the C&U type of definitions.
situations where this definition makes sense: consider, for example, the The ‘‘uncertaintiesþdamage’’ perspective is, however, not included in D3 for
probability of getting a specific disease, for example cancer. In health care it that time as it was not given much attention then, and no unified framework
is common to talk about cancer risk, understood as the probability of getting for integrating C&U and C&P was presented. Recently, however, several such
cancer. frameworks have been developed, as seen from the examples of C&U
Both frequentist and subjective probabilities are used, depend-ing on definitions in Section 3.
which probabilistic/statistical framework is preferred, a traditional statistical
one or a Bayesian one. See Section 3. 4.4. Development path D4
However, the probability of loss dimension alone fails as a general
definition of risk. In one case, the consequences of getting cancer could be The risk¼uncertainty perspective is mainly linked to the
rather small, in other cases life-threatening. Risk
economic field, and investment analysis in particular. The
 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44 41

qualitative term is uncertainty, and variance is a common tool for measuring scientific risk fields cannot be based on a terminology that simply restricts
the uncertainties. Thus the perspective allows for the same type of dichotomy itself to a set of more or less trivial situations and excludes the majority of
as the C&U perspective – the clear distinction between the qualitative concept cases.
of risk and how it is measured. The idea that risk equals uncertainty seems to
be based on the assumption that the expected value is the point of reference 4.6. Development path D6
and that it is known or fixed. The uncertainty is seen in relation to, for
example, an historical average value for similar investments. Risk captures This development path is characterised by the acceptance of different
the deviation and surprise dimension compared to this level. perspectives on risk. The first part of the 20th century covers both the P and U
risk definitions, whereas the last part includes U, Po and C&P. Recently the C,
C&U and ISO definitions have been adopted. The underlying thinking for this
Without such a reference level, the ‘‘risk¼uncertainty thesis’’ does not development path is a pragmatic view regarding which risk perspective is the
work. Uncertainty seen in isolation from the conse-quences and the severity most suitable one. The changes from one period to the other are motivated by
of the consequences cannot be used as a general definition of risk. Large the same type of arguments as presented above in Sections 4.2–4.5.
uncertainties need attention only if the potential outcomes are large/severe in
some respect. Look at the following example ([8], p. 52): the activity
considered can result in only two outcomes, ‘‘0 and 1’’, corresponding to 0 A comment is in place for the ‘‘Risk¼Potential/possibility of a loss’’
and 1 fatality, and the decision alternatives are A and B, having uncertainty definition. Basically this definition says that a loss may or may not happen (or
(probability) distributions (0.5, 0.5), and (0.0001, 0.9999), respectively. loss of different magnitude may occur) which is not far from saying that there
Hence, for alternative A there is a higher degree of uncertainty than for is uncertainty about the loss (U), i.e. what will be the outcome, or perhaps
alternative B, meaning that risk according to this definition is higher for even more accurately, that risk is C&U as the potential/possibility relates to
alternative A than for B. However, considering both dimensions, both different outcomes. It is also common to relate potential/possibility to
uncertainty and the consequences, we would, of course, judge alternative B to probability – in some cases the word may be used in the same meaning, but a
have the highest risk as the negative outcome 1 is nearly certain to occur. perhaps more reasonable interpretation is to relate these words to ‘‘thinkable’’
– an interpretation that seems also more in line with the use of the term
‘possibility’ in possibility theory to measure uncertainty [33].

The expected values for the two alternatives are 0.5 and 0.9999,
respectively, whereas the variances are 0.25 and 0.0001, respectively. The According to one of the main definitions of the C category, risk is a
example is related to safety, but the conclusion is general and it also applies to situation or event where something of human value (includ-ing humans
investment problems. It does not make sense to say that there is negligible themselves) is at stake and where the outcome is uncertain [67,68]. The Rosa
risk if we can predict with high confidence that the loss will be $10 billion. definition and the related ones [44] are thoroughly discussed by Aven and
The uncertainties would be small, but it is misleading to use the term ‘risk’ for Renn [15] and also commented on in Section 3. The conclusion is that
the uncertainties as such. ‘‘The consequences dimension must also be taken compared to common terminology, the Rosa definition leads to conceptual
into account’’. difficulties that are incompatible with the everyday use of risk in most
applications, as is also seen from the semantic analysis in Section 3. By
considering risk as an event, we cannot conclude, for example, about the risk
4.5. Development path D5 being high or low, or compare different options with respect to risk.

This fifth path is as the fourth path, but the last 100 years have been ruled
by the objective probability definition of risk and not uncertainty. The According to the [45,46], risk is the effect of uncertainty on objectives.
perspective is to a large extent founded on Frank Knight’s work from 1921 But what does this mean? Risk relates to uncertainty, but is it the effect of
and his idea that we have risk in the case that an objective probability uncertainty? And risk is linked to objectives, but what if objectives are not
distribution can be obtained (and uncertainty otherwise). This thinking has defined? Then we have no risk? Challenging experts on risk, there is no doubt
strongly influenced the risk field, and in particular the economic risk area. that they would produce numerous different interpretations. The definition is
The idea has been thoroughly discussed in the literature; see for example not sufficiently precise, and there are also reasons to question its rationale as
LeRoy and Singell [52], Holton [43], Langlois and Cosgel [51], Taylor [72], indicated. The ISO definition is thoroughly discussed in Aven [10]. An
Runde [70] and Aven [8]. It is, however, difficult to find any good argument interpretation in line with both the C perspective and with the C&U
for using this terminology. The above analysis shows that it is not in line with perspective is possible.
the common risk language. Referring to risk only when we have objective
distribu-tions would mean we exclude the risk concept from most situations
of interest. As stated by Aven [8], p. 75, ‘‘if we adopt the subjective or
Bayesian perspective on probability, Knight’s definition of risk becomes 5. Conclusions and final remarks
empty. There are no objective prob-abilities’’. Given these observations, it is
hard to understand that this definition is still being used. In my view we If we use the newest risk perspective from each of the six development
should leave the Knight nomenclature once and for all ([8], p. 75). However, paths we end up with
few things indicate that my wish will soon be met. I cannot see any trend in E, C&P, C&U, U, OU and (C, C&U and ISO).
its use. Economist and others continue to refer to this definition despite the These are what I would call the main categories of risk perspectives today.
strong arguments against it. They seem to see Knight’s words as some These perspectives have developed in different ways, some go back over 100
established terminology. years (300 for E), others have been presented more recently. The different
definitions can to some extent be traced back to different environments—
economy, engi-neering, etc., but we see a tendency now that more overall
general, holistic concepts are developed to be able to capture the needs for
Of course, one may argue that the Knightian risk-uncertainty dichotomy is assessing and managing decision problems, crossing traditional scientific
not so important as long as it does not affect the assessment and management disciplines and areas and opening up for new ways of describing/measuring
of the totality of risk/uncertainty. The dichotomy is just a classification. This uncertainties other than probability.
is true; however, the
42 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44

In my view the above argumentation in Sections 2–4 has led to C&U for different methods. I share this view. I believe that in many cases a
being the most appropriate type of risk definition as also argued for in earlier combination of quantitative analysis and qualitative analysis would provide
publications [12,18]. A short summary of the arguments used follows: the best way of supporting the decision making. As noted in Section 2,
0 0
following the C&U risk perspective, risk is described as (C ,Q,K), where C
The restriction of risk to objective uncertainties (OU) would mean an is a specification of the events/consequences C, Q is a measure of the
extremely narrow view on what risk is and is therefore rejected. The ISO uncertainties U, and K is the background knowledge that Q is based on.
definition is not sufficiently precise, but with reasonable interpretations it can Probability P is the common tool for Q, but as discussed in Appendix B there
be considered a special case of C&U or C. Seeing risk as uncertainty can be is a need for seeing beyond probability. In addition to the alternative
considered a special case of C&U. The expected loss is rejected as a general approaches mentioned in Section 3, I would like to draw attention to the
risk concept as it does not adequately reflect the uncertainties. Expected ‘‘Q¼(P,UF)’’ approach. Here UF covers qualitative assess-ments of the
(dis)utility is difficult to apply and mix uncertainty characterisa-tions and importance of uncertainty factors which reflect key assumptions that the
value judgments which is considered unfortunate for practical risk probabilities are based on [9,36]. Following this scheme, knowledge-based
management. Using the C concept would mean that we have to change the 0
probabilities are used to assess uncertainties about C , and the uncertainty
language of risk compared to everyday use. What remain then are the C&P factor analysis cap-tures the ‘‘beyond probability part’’. The approach is
and C&U categories of definitions. However, as argued in Appendix B, the based on judgments of sensitivity as well as uncertainty. Independent of the
C&P perspective can be criticised for not taking into account that probability approach taken, it is essential that that the risk description captures both
is not a perfect tool, and the solution is to replace P by U to get C&U. Risk as subjective judgments and hard data. The frame-work here recommended
a concept should not be founded on one specific measurement tool. In this supports such a view.
way we obtain a sharp distinction between risk as a concept, and risk
descriptions (assessments) which could be based on models.
As the above analysis demonstrates, the C&U risk perspectives (and also
the majority of the others) are to a large extent in line with everyday language
on risk and the etymology of the word ‘risk’. The consequence dimension
Risk definitions based on probability models (as frequentist probabilities) relates to something that humans value (health, the environment, assets, etc.).
are rejected as such models make sense only in cases of repeatability (refer to The defini-tion does not distinguish between positive and negative conse-
Appendix B). For unique events, such models cannot be justified. However, quences (desirable and undesirable consequences), the point being that the
such models may play an important role in describing risk by supporting the activity results in some consequences (whatever they are). However, in
assign-ments of subjective probabilities. practice there are always some outcomes of C that are judged as undesirable.
The activity runs, and there is a possibility of undesirable consequences, but
Following this view, it is hoped that the argumentation presented would the consequences could also be positive. When taking risk, we balance these
lead to a more widespread adoption of the C&U type of definitions in the concerns.
future. However, having said this, it is considered highly likely that all the
perspectives E, C&P, C&U, U, OU (and C, C&U and ISO) will have a
position in the risk field as founding pillars for a long time. For a specific It would have been possible to restrict C to undesirable consequences.
context a particular risk perspective may work fine, and generalisations and However, by doing this we need to determine what is undesirable, and for
more universal frameworks are not seen as attractive or necessary whom? An outcome could be positive for some stakeholders and negative for
replacements. For the actual risk assessment or risk management, it may be others. It may not be worth the effort and energy discussing whether an
argued that how we theoretically define risk is not so important as long as we outcome is classified in the right category, and therefore most general risk
are precise on what we describe when performing a risk assessment, there is definitions allow for both positive and negative consequences (Aven and
consistency in terminology, and we are aware of and able to point to the Renn 2009a).
limitations of the perspective adopted.

My response to this comment is that the risk perspective chosen strongly

influences the way risk is analysed and hence it may have serious Acknowledgments
implications for the risk management and decision making. Just being precise
and consistent in terminology and aware of the boundaries and limitations of The author is grateful to three anonymous reviewers for their useful
the tools that are used for the risk assessment, are not enough. Some of the comments and suggestions to the original version of the paper.
perspectives need to be wiped out as they are simply misguiding the decision
maker in many cases. The best example is the use of expected loss as a
general concept of risk (see Section 4.1 and Appendix A). I would also
include the pure probability-based perspectives, as the uncertainties are not Appendix A. Critique of the D1 perspectives leading up to the other
sufficiently revealed for these perspectives (see Appendix B). By starting development perspectives
from the overall, qualitative risk concept, we acknowledge that any tool we
use needs to be treated as a tool. It always has limitations and these must be The use of expected values in risk management can seriously misguide
given due attention. By this distinction we will more easily look for what is decision makers in practice; we seldom have a huge number of similar
missing between the overall concept and the tool. Without a proper activities with known variations as the law of large numbers presumes. And if
framework clarifying the difference between the overall risk concept, and we cannot apply the law of large number there is no proper justification: two
how it is being measured, it is difficult to know what to look for and make probability distribu-tions may have the same expected values, one with mass
improvements in these tools. centred around its expected value, the other having high probabilities for
severe outcomes, and clearly the risk management should be different. For the
latter probability distribution, there are ‘‘high’’ probabilities for ‘‘extreme
There is and should be a continuous discussion in the scientific outcomes’’ and cautionary measures like emergency
environments and application areas on how to best measure/ describe risk.
Most analysts would probably see the need for both quantitative methods and preparedness are normally required to meet these if one of
qualitative methods. Different situa-tions (for example with respect to the them should in fact occur. For the former probability
degree of uncertainties) call distribution, such measures are not needed to the same
extent.
 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44 43

From this line of argument we have to conclude that expected values While probabilities can always be assigned, the origin and amount of
(loss) cannot be adopted as a general definition of risk, but of course it can be information supporting the assignments are not reflected by the numbers
used as a risk index or metric, and depending on the situation it can be more produced. One may, for example, subjectively assess that two different
or less informative and useful as such. Yet we frequently see this definition situations have probabilities equal to 0.6 (say), but in one case the assignment
used in practice, and it is also often referred to in scientific papers (see [8], is supported by a substantial amount of relevant data, whereas in the other by
chapter 1). Some researchers and analysts still use this definition and although effectively no data at all. This is a main argument in the critique of the
there are strong arguments against it, the expected value also has to be probability-based approach to risk and uncertainties.
acknowl-edged as a common perspective on risk in 2011.
Another important argument relates to the decision setting: in a risk
The risk¼expected dis(utility) meets the critique raised against the assessment context there are often many stakeholders, and they may not be
expected loss, but is rejected by many for other reasons ([8], p. 66): Assigning satisfied with a probability-based assessment expressing the subjective
a proper utility function is not easy, and whose utility function should be judgments of the analysis group; a broader risk description is sought [17].
used? For many situations there are a number of stakeholders, and they may
have completely different judgments about the importance of (say) an Again referring to Aven and Zio [17]: ‘‘Probability models constitute a
environmental damage. Some may also be reluctant to reveal their utility pillar of the probabilistic approach, an essential tool for assessing
function as this would reduce their flexibility in negotiations and political uncertainties and drawing useful insights [42,79]. The probability models
processes. A decision maker may prefer to base his/her decision on a coherently and mechanically facilitate the assignment and updating of
professional characterisation of uncertainties and likelihoods about events and probabilities. However, for many types of applications these models cannot be
consequences together with a more informal value judgment process. The justified, the consequence being that the probability-based approach to risk
point made is that risk should also be possible to define and describe in cases and uncertainty becomes difficult to implement. A probability model
where the decision maker is not able or willing to define his/her utility presumes some sort of model stability; populations of similar units need to be
function. constructed (in the Bayesian context, formally an infinite set of exchangeable
random variables). But such stability is often not fulfilled [20]. Consider the
The need for making a distinction between analysis (evidence) and values definition of a chance (frequentist probability). In the case of a die, we would
has been discussed thoroughly in the literature; see for example Renn [66], establish a probability model expressing that the distribution of outcomes is
Rosa [67] and Shrader-Frechette [71]. Renn concludes that it is highly given by (p1, p2, y, p6), where pi is the chance of outcome i, interpreted as the
advisable to maintain the classic distinction between evidence and values and fraction of outcomes resulting in outcome i. However, in a risk assessment
also to affirm that justifying claims for evidence versus values involves context, the situations are often unique and the estab-lishment of chances
different routes of legitimisation and validation. means the construction of fictional populations of non-existing similar
situations. Then chances and probability models in general cannot be easily
The distinction between probability and utility/preferences is, however, defined as in the die tossing example; in many cases they cannot be
disputed. Many of the earliest probabilists (e.g. [29]) and many decision meaningfully defined at all. For example, it makes no sense to define a chance
analysts link probability with utility/prefer-ences. From their point of view, (frequentist probability) of a terrorist attack ([16], p. 80). In other cases, the
probability is an indispensible instrument for reasoning and behaving under conclusion may not be so obvious. For example, a chance of an explosion
uncertainty [29]; see also Merkelsen [59]. Such a perspective on risk and scenario in a process plant may be introduced in a risk assessment, although
decision making may work for some people for guiding their personal choices the underlying population of infinite similar situations is somewhat difficult
in life, but is in my view naı¨ve for applications in industry and society. If you to describe’’.
are a decision maker and would like to be informed by an expert expressing
his or her subjective assess-ment of uncertainties about an event A, you would
not be happy about this assessment being influenced by this expert’s utility
function or preferences concerning the stakes involved. The assessment then By using probability as a main component of risk, we restrict risk to this
would be disturbed by external factors. It would also be unrealistic and measurement tool. In this view, probability is a tool introduced to
unfeasible to force decision makers to assign their probabilities in complex describe/measure the uncertainties. However, many other representations of
problems. uncertainty exist, including impre-cise (interval) probability, fuzzy probability
and representations based on the theories of evidence (belief functions) and
possibi-lity. In recent years such representations have been given con-
siderable attention among researchers and analysts (see e.g. [34,31,35]). It is
argued that these representations are more adequate in situations with poor
Appendix B. Critique of the D2 perspectives leading up to the development knowledge available.
perspective D3
For these alternative approaches and theories, a probability-based risk
A growing number of researchers and analysts have found the probability- definition cannot in general serve as a conceptual framework for defining and
based approaches for assessing risk and uncertainties to be too narrow. The understanding risk. A broader risk perspective is required, probability has to
argumentation follows different lines of thinking. One main point raised is be removed from the definition of risk and the natural replacement is
that risk is more than some analysts’ assigned probabilities, which may be uncertainty.
based on strong assumptions and lead to poor predictions of the quantities
considered. As noted by Aven and Zio [17]: ‘‘One may assign a low
probability of health problems occurring as a result of some new chemicals, References
but these probabilities could produce poor pre-dictions of the actual number
of people that experience such problems. Or one may assign a probability of [1] Adams J. Risk. London: UCL Press; 1995.
fatalities occurring on an offshore installation based on the assumption that [2] Ale BJM. Risk assessment practices in The Netherlands. Safety Science 2002;40:105–26.
the installation structure will withstand a certain accidental load; in real life [3] Althaus CE. A disciplinary perspective on the epistemological status of risk. Risk Analysis
the structure could, however, fail at a lower load level: the assigned 2005;25(3):567–88.
probability did not reflect this uncertainty.’’ [4] Angell FJ. Insurance, Principles and Practices. New York: the Ronald Press Comp; 1959.
p. 4.
[5] Atheam JL. Risk and Insurance. New York: Appleton-Centoty-Crofts; 1969 p. 36.
44 T. Aven / Reliability Engineering and System Safety 99 (2012) 33–44

[6] Aven T. A unified framework for risk and vulnerability analysis and manage-ment [46] ISO. Risk Management—Principles and Guidelines. ISO 2009;31000:2009.
covering both safety and security. Reliability Engineering and System [47] Jasanoff S. The Songlines of Risk. Environmental Values. Special Issue: Risk
Safety 2007;92:745–54. 1999;8(2):135–52.
[8] Aven T. Misconceptions of Risk. Chichester: Wiley; 2010. [48] Kaplan S, Garrick BJ. On the quantitative definition of risk. Risk Analysis 1981;1:11–27.
[9] Aven T. On how to define, understand and describe risk. Reliability Engineer-ing and
System Safety 2010;95:623–31. [49] Kirchsteiger C. Preface. International workshop on promotion of technical harmonisation
[10] Aven T. On the new ISO guide on risk management terminology. Reliability Engineering on risk-based decision-making. Safety Science 2002;40:1–15.
and System Safety 2011;96(7):719–26. [50] Knight FH. Risk, Uncertainty, and Profit. Boston: Houghton Mifflin Co.; 1921.
[11] Aven T. On how to conceptualise and describe risk. Reliability & Risk Analysis: Theory p. 233.
& Applications 2011;2(1):28–37. [51] Langlois RN, Cosgel M. Frank Knight on risk, uncertainty, and the firm: A new
[12] Aven T. A risk concept applicable for both probabilistic and non-probabilistic interpretation. Economic Inquiry 1993;XXXI:456–65.
perspectives. Safety Science 2011;49:1080–6. [52] LeRoy SF, Singell LD. Knight on risk and uncertainty. Journal of Political Economy
[13] Aven T. Selective critique of risk assessments with recommendations for improving 1987;95:394–406.
methodology and practice. Reliability Engineering and System Safety 2011;96:509–14. [53] Levy H, Sarnat M. Capital Investment and Financial Decisions. 5th ed. New York:
Prentice Hall; 1994.
[14] Aven E, Aven T. On how to understand and express enterprise risk. Interna-tional Journal [54] Lindley DV. The philosophy of statistics. The Statistician 2000;49:293–337.
of Business Continuity and Risk Management 2011;2(1):20–34. [55] Lowrance W. Of Acceptable Risk—Science and the Determination of Safety. Los Altos,
[15] Aven T, Renn O. On risk defined as an event where the outcome is uncertain. Journal of CA: William Kaufmann Inc; 1976.
Risk Research 2009;12:1–11. [56] Lupton D. Risk. London: Routledge; 1999. p. 5.
[16] Aven T, Renn O. Risk Management and Risk Governance. Berlin: Springer Verlag; 2010. [57] Magee JH. General Insurance.6th ed. Homewood, Illinois: Richard D. Irwin; 1961.

[17] Aven T, Zio E. Some considerations on the treatment of uncertainties in risk assessment [58] Mehr RI, Cammack E. Principles of Insurance.3rd. ed Homewood, Illinois: Richard D.
for practical decision-making. Reliability Engineering and System Safety 2011;96:64–74. Irwin; 1953.
[59] Merkelsen H. The constitute element of probabilistic agency in risk: a semantic analysis
[18] Aven T, Renn O, Rosa E. The ontological status of the concept of risk. Safety Science of risk, danger, chance and hazard. Journal of Risk Research 2011;14(7):881–97.
2011;49:1074–9.
[19] Beck U. Risk Society. Towards a New Modernity. London: Sage; 1992. [60] Mowbray AH, Blanchard RH. Insurance.5th ed. New York: McGraw-Hill book comp;
[20] Bergman B. Conceptualistic pragmatism: a framework for Bayesian analysis? IIE 1961.
Transactions 2009;41:86–93.
[61] North W. Probability theory and consistent reasoning. Risk Analysis 2010;30(3):377–80.
[21] Bernstein PL. Against the Gods: The Remarkable Story of Risk. New York: John Wiley &
Sons; 1996.
[62] Oxford English Dictionary. (2011) /http://www.oed.comS (accessed 23 August 2011).
[22] British Medical Association. Living with Risk: The British Medical Association Guide
Chichester. John Wiley & Sons; 1987. p. 1.
[63] Pfeffer I. Insurance and Economic Theory. Homewood, Illinois: Richard D. Irwin Inc.;
[23] Cabinet Office (2002) Risk: improving government’s capability to handle risk and 1956. p. 42.
uncertainty. Strategy unit report. UK.
[64] Riegel R, Miller JS. Insurance Principles and Practices. 5th ed. Englewood Cliffs, N.J:
[24] Campbell S. Determining overall risk. Journal of Risk Research 2005;8:569–81. Prentice-Hall, Inc.; 1966. p. 20.
[65] Renn O. Concepts of Risk: A Classification. In: Krimsky S, Golding D, editors.
[25] Campbell S, Currie G. Against Beck: In Defence of Risk Analysis. Philosophy of the Social Theories of Risk. Westport, CT: Praeger; 1992. p. 53–79.
Social Sciences 2006;36(2):149–72.
[66] Renn O. Risk Governance. Coping with Uncertainty in a Complex World. London:
[26] Chambers Twentieth Century Dictionary (1946) Edinburgh: W&R Chambers Ltd. Earthscan; 2008.
[67] Rosa EA. Metatheoretical foundations for post-normal risk. Journal of Risk Research
[27] Crowe RM, Horn RC. The meaning of risk. The Journal of Risk and Insurance
1998;1:15–44.
1967;34(3):459–74.
[68] Rosa EA. The logical structure of the social amplification of risk framework (SARF):
[28] DFI. (2007) Evaluating Methodologies In Support of Homeland Security R&D
Metatheoretical foundation and policy implications. In: Pidegeon N, Kaspersen RE,
Investment Decision-Making, DFI International Government Services, Washington, DC.
Slovic P, editors. The Social Amplification of Risk. Cambridge: Cambridge University
Press; 2003.
[29] De Finetti B de. Logical foundations and measurement of subjective prob-ability. Acta
[69] Rowe WD. An Anatomy of Risk. New York: John Wiley & Sons; 1977. p. 24.
Psychologica 1970;34:129–45.
[30] De Moivre A. De Mensura Sortis. Philosophical Transactions 1711;27:213–64. [70] Runde J. Clarifying Frank Knight’s discussion of the meaning of risk and uncertainty.
Cambridge Journal of Economics 1998;22:539–46.
[31] De Rocquigny E, Devictor N, Tarantola S, editors. A Guide to Quantitative Uncertainty
Management. New Jersey: Wiley; 2008. [71] Shrader-Frechette KS. Risk and Rationality. Berkeley, Los Angeles and Oxford:
[32] Douglas M, Wildavsky A. Risk and Culture: The Selection of Technological and University of California Press; 1991.
Environmental Dangers. Berkeley, CA: University of California Press; 1982. [72] Taylor CR. The role of risk versus the role of uncertainty in economic systems.
Agricultural Systems 2003;75:251–64.
[33] Dubois D. Possibility theory and statistical reasoning. Computational Statis-tics & Data
Analysis 2006;51:47–69. [73] Thompson KM, Deisler Jr. PH, Schwing RC. Interdisciplinary vision: The first 25 years
[34] Dubois D. Representation, propagation and decision issues in risk analysis under of the Society for. Risk Analysis (SRA), 1980–2005. Risk Analysis 2005;25:1333–86.
incomplete probabilistic information. Risk Analysis 2010;30:361–8.
[35] Ferson S, Ginzburg LR. Different methods are needed to propagate ignorance and [74] Vatn J. A discussion of the acceptable risk problem. Reliability Engineering and System
variability. Reliability Engineering and System Safety 1996;54:133–44. Safety 1998;61:11–9.
[36] Flage R, Aven T. Expressing and communicating uncertainty in relation to quantitative [75] Verma M, Verter V. Railroad transportation of dangerous goods: Population exposure to
risk analysis (QRA). Reliability: Theory & Applications 2009;2(13): 9–18. airborne toxins. Computers and Operations Research 2007;34:1287–303.

[37] Giddens A. Runaway World: How Globalisation is Reshaping Our Lives. [76] Wharton F. Risk management: Basic concepts and general principles. In:
London: Profile Books; 1999 pp. 21–22, 35. Ansell J, Wharton F, editors. Risk: Analysis, Assessment and Management.
[38] Gigerenzer G, Swijtink Z, Porter T, Daston L, Beattie J, Kruger L. The Empire of Chichester: John Wiley and Sons; 1992. p. 4.
Chance: How Probability Changed Science and Everyday Life. Cambridge: [77] Willett AH. The Economic Theory of Risk and Insurance. Philadelphia: The University of
Cambridge University Press; 1989. Pennsylvania Press; 1901. 1951 [originally published in 1901],
[40] Hardy CO. Risk and Risk Bearing. Chicago: University of Chicago; 1923. p. 1. p. 6.
[41] Haynes J. Risk as an economic factor. The Quarterly Journal of Economics [78] Willis HH. Guiding resource allocations based on terrorism risk. Risk Analysis
1895;9(4):409. 2007;27(3):597–606.
[42] Helton JC. Treatment of uncertainty in performance assessments for complex systems. [79] Winkler RL. Uncertainty in probabilistic risk assessment. Reliability Engi-neering and
Risk Analysis 1994;14:483–511. System Safety 1996;85:127–32.
[43] Holton GA. Defining risk. Financial Analysis Journal 2004;60:19–25. [80] Wood Jr. OG. Evolution of the concept of risk. Journal of Risk and Insurance
[44] IRGC International Risk Governance Council (2005) White Paper on Risk Governance. 1964;31(1):83–91.
Towards an Integrative Approach. Author: O. Renn with Annexes by P. Graham. Geneva: [81] Wynne B. Risk and Social Learning: Reification to Engagement. In: Krimsky S,
International Risk Governance Council. Golding D, editors. Social Theories of Risk. Westport CT: Praeger; 1992.
[45] ISO. Risk Management—Vocabulary. Guide 2009;73:2009. p. 275–97.