Justification of risk-taking - ETH Z · Quantified risk context 1.e-9 1.e-5 1.e-3 1.e-2 1.e-6 1.e-7 1.e-8 1.e-4 0.1 1 10 100 1000 Consequences Risks that one cannot afford to take

Undesirable event with potential for harm or damage

Justification of risk-taking

reasoning, reasonableness practicability

Des Hartford: Scientific Advisor; Safety & Risk Assessment

Safety, Health and EnvironmentProtecting People, Property and the Environment for Generations

2

Catastrophic loss societal risk - dams


3

Technocratic view of “safe”

H hw

G

UF

P

B

hs

Zsliding < 0 (F-P < 0)P = ½ wg(hw)2

F = (G-U)tan

b

G = cg(bH + ½(B-b)hs) U = ½ wghwB

Cumulative Frequency - Consequences (F-N)

1.E-07

1.E-06

1.E-05

1.E-04

1.E-03

1 10 100 1000

Unsafe

Safe

Fault tree analysis Event tree analysis

Failu

re M

odes


4

Some government’s view of safety

Netherlands (Installations)

Freq

uenc

y of

N o

r mor

e fa

talit

ies

UK (Transport - scrutiny)

Hong Kong (Unacceptable)

Hong Kong (Acceptable)

Netherlands

(transport)

UK (Transport -

negligible)

Apparently very similarActually very different


5

Similar but starkly different frameworksNetherlandsThe (marginal) costs of safety improvements should balance the benefits in terms of lives and property saved

“ALARA” is a token statement

United KingdomThe (marginal) costs of safety improvements should grossly outweigh the benefits in terms of lives and property saved

“ALARP” is a requirement


6

Implications… (Ale, 2005)

• Common law system, > what is not explicitly allowed is forbidden, unless it can be justified,

where necessary in court; • Roman/Napoleonic system,

> everything that is not explicitly forbidden is allowed. • Leads to completely different interpretations of the

meaning of “As Low As Reasonably Practicable” under the different legal systems. > These differences of legal definition mean that “seemingly different”

or “seemingly similar” measures or metrics can lead to completely different conclusions


7

Acceptable or tolerable

• Roman/Napoleonic system, > notion of tolerability of risk does not really apply

• the legally enshrined “decision rule” constitutes the political acceptability of the risk.

– Courts invariably state that, should the government want more safety, it should put stricter levels in the law”

» except when politics overrides the rule”

• Common law system> risks are only tolerable if there are no reasonable opportunities to

implement further risk reduction measures.• in the United Kingdom there is no way of being sure in advance if the

ALARP demonstration is sustainable in court


8

Politics of risk acceptance criteria


9

Societal risk regulation – common law

• “Risk-regulation is about making trade-offs. > Trade-offs between different risks;

• between risks to some individuals or groups, and risks to others; • between costs and benefits.

> It is the nature of risk that, frequently, those who create the risk do not bear its consequences nor its wider costs.

• So the market does not function properly as a distributive mechanism. The State must intervene to regulate risk.”

– UK Health and Safety Executive (Bacon, 1997)


10

The State's regulator has to• confront some basic issues:

> the need for economic, social and technological progress compared with "zero risk" or “guaranteed safety".

• assert the propositions that > risk is a necessary part of the human condition; > progress often depends both on incurring risk and on learning from

failures (that is, accidents); > risks must be controlled but cannot in most circumstances be

eliminated;> control of risks must move public opinion from focussing on what is

acceptable to what is tolerable; • that 'safe enough' is the goal to be striven for in design, engineering and

risk management”


11

Setting the decision context (UKOOA)

Codes &

standard

s

Good practice

Engineering judgment

Risk-based analysis

(e.g. QRA, CBA)

Company values

Societal

values

Codes & standards

Verification

Peer Review

Benchmarking

Internal Stakeholder ConsultationExternal Stakeholder Consultation

Means of Calibration Decision Context Type

Nothing new or unusualWell understood risksEstablished practiceNo major stakeholder implications

Lifecycle implicationsSome risk trade-offs/transfersSome uncertainty or deviation from standard or best practiceSignificant economic implications

Very novel or challengingStrong stakeholder views & perceptionsSignificant risk trade-offs or risk transferLarge uncertaintiesPerceived lowering of safety standards

Significance to Decision-making Process

Dams!


12

Quantified risk context

1.e-9

1.e-5

1.e-3

1.e-2

1.e-6

1.e-7

1.e-8

1.e-4

1 10 100 10000.1Consequences

Risks that one cannot afford to take too often

Risks that one cannot afford to

take at all

Limit of tolerability

Risk profile

10E5 10E6 10E7 10E8 10E9 10E10

Monetary Units (e.g. US$)

10E11

Risk carried by the owner

Limit of global insurance market

Risk carried by 'insurance'

Risk increasingly carried and managed by

'Society

Risk carried and managed by 'Society'

Envelope of applicability of business risk concepts

BUSINESS RISK

SOCIETAL RISK


13

Risk analysis …. the unifying link

EVENTS, CIRCUMSTANCES AND SCENARIOS

Accident/Incident

Harm to people and damage to assets and/or environment

Fault tree analysis Event tree analysis

Failu

re M

odes


14

Engineered safeguards

Undesirable event with the potential for

harm or damage




15

Maintenance safeguards


16

Operational safeguards


harm or damage




17

Defence in depth & strategic risk

Political, Regulatory and Owner hazards and failure modes!


harm or damage



CO

NSE

QU

ENC

ES

HA

ZAR

DS

Failu

re M

odes

Barriers


18

Risk informed decisions Harm to people and damage to assets and/or environment


CO

NSE

QU

ENC

ES

HA

ZAR

DS

Failu

re

Mod

es

BARRIERS

Undesirable events with the potential for

harm or damage

freq

uenc

y /y

r

1.e-9

1.e-5

1.e-3

1.e-2

1.e-6

1.e-7

1.e-8

1.e-4

1 10 100 10000.1Consequences

Limit of tolerability

Risk profile

Cost 1 Cost 2

Justification of risk-taking - ETH Z · Quantified risk context 1.e-9 1.e-5 1.e-3 1.e-2 1.e-6 1.e-7 1.e-8 1.e-4 0.1 1 10 100 1000 Consequences Risks that one cannot afford to take

Documents