This chapter provides a broad introduction to risk management and risk asssessment, as a basis for the analyses and dicussions in the coming chapters. The presentation highlights general features but also challenges related to the definitions and use of these tools. Key references for the chapters are Bedford and Cooke (2001), Vose (2008) and Aven and Vinnem (2007). The terminology is to a large extent in line with ISO (2009a). See summary of key definitions in Appendix B.
General features of risk management and risk assessments
Risk management is all coordinated activities to direct and control an organisation with regard to risk. Two main purposes of the risk management are to ensure that adequate measures are taken to protect people, the environment and assets from undesirable consequences of the activities being undertaken, and to balance different concerns, for example safety and costs. Risk management covers both measures to avoid the occurrence of hazards/threats and measures to reduce their potential consequences. In industries like nuclear and oil & gas, risk management was traditionally based on a prescriptive regulating regime, in which detailed requirements for the design and operation of the plant were specified (Kumamoto, 2007; Aven and Vinnem, 2007).