Anda di halaman 1dari 12

Reliability Engineering and System Safety 99 (2012) 3344

Contents lists available at SciVerse ScienceDirect

Reliability Engineering and System Safety

journal homepage:

The risk concepthistorical and recent development trends

Terje Aven
University of Stavanger, Ullandhaug, Stavanger, Norway

a r t i c l e i n f o


Article history:
Received 1 September 2011
Received in revised form
3 November 2011
Accepted 19 November 2011
Available online 28 November 2011

This paper reviews the denition and meaning of the concept of risk. The review has a historical and
development trend perspective, also covering recent years. It is questioned if, and to what extent, it is
possible to identify some underlying patterns in the way risk has been, and is being understood today.
The analysis is based on a new categorisation of risk denitions and an assessment of these categories
in relation to a set of critical issues, including how these risk denitions match typical daily-life phrases
about risk. The paper presents a set of constructed development paths for the risk concept and
concludes that over the last 1520 years we have seen a shift from rather narrow perspectives based on
probabilities to ways of thinking which highlight events, consequences and uncertainties. However,
some of the more narrow perspectives (like expected values and probability-based perspectives) are
still strongly inuencing the risk eld, although arguments can be provided against their use. The
implications of this situation for risk assessment and risk management are also discussed.
& 2011 Elsevier Ltd. All rights reserved.

Risk concept
Historical perspective
Development trends
Semantic analysis

1. Introduction
There is no agreed denition of the concept of risk. If we study
the literature we nd a number of different ways of understanding
the risk concept. Some denitions are based on probability, chance
or expected values, some on undesirable events or danger, and
others on uncertainties. Some consider risk as subjective and
epistemic, dependent on the available knowledge, whereas others
grant risk an ontological status independent of the assessors.
These denitions, their rationale, strengths and weaknesses,
have been thoroughly discussed in the literature; see e.g. Aven
and Renn [15] and Aven et al. [18]. However, an interesting aspect
of these denitions, not addressed by these references, is the time
dimension. Is it possible to identify some development trends in
these and other denitions of risk? An initial hypothesis formulated for the present work was that there has been a gradual
change from rather narrow risk perspectives based on probabilities and expected values, to broader not-probability-based denitions with a sharp distinction between risk as a concept and
how this concept is measured. The purpose of this paper is to
study this issue in more depth and the validity of this hypothesis
in particular. Many of the denitions studied are from the last
3040 years, but some denitions are also from the rst part of
the 20th Century, and some even earlier, like de Moivres denition of risk from 1711. The risk denitions of the last 3040 years
have appeared along with the development of the scientic eld
of risk analysis (see e.g. [73]).

E-mail address:

0951-8320/$ - see front matter & 2011 Elsevier Ltd. All rights reserved.

Studying the concept of risk using a historical and development trend perspective is considered important for risk assessment, risk management and risk communication, as it could
provide a strengthening of the understanding of the foundational
pillars of these elds. Such a strengthening is considered imperative as the present situation is characterised by many weakly
justied and inconsistent concepts about risk [8,13,18]. An interesting question to ask is to what extent the risk eld is going in
the right direction. Are the inadequate perspectives wiped out or
are they still inuencing the risk eld? The present paper also
seeks to answer these questions.
The discussion is based on two important premises. The rst
one states that risk should be dened in such a way that it can be
distinguished between risk per se and how risk is managed. There
exist perspectives on risk in which this distinction is not made.
One illustrating example is Beck [19]. When Beck states that Risk
may be dened as a systematic way of dealing with hazards and
insecurities introduced by modernisation itself ([19], p. 21), he is
adopting a way of thinking that is not in line with this premise.
I do not think many researchers on risk would argue against this
premise. To use the words of Campbell and Currie [25], p. 151, in
their analysis of Becks work on risk:
It is hard to think of a less adequate denition: risk is not a
way of dealing with things y Becks denition would make it
impossible to ask: How are we responding to this risk?, as the
response and the risk would be the same thing. Secondly, risk
should not be so dened that it applies only to modernization, for there were of course risks before industrial society.


T. Aven / Reliability Engineering and System Safety 99 (2012) 3344

The second premise expresses that risk should be dened in such

a way that it can be distinguished between risk per se and how risk is
perceived. The perception notion includes personal feelings and
affections (for example dread) about the possible events, the consequences of these events and about the uncertainties and probabilities, but such feelings and affections should not be a part of the risk
concept when this is used in professional/scientic contexts. If risk
perception also includes judgments of risk acceptability, the arguments for this premise become even stronger, as the risk concept
should not cover risk treatment/management (refer to the rst
premise). This premise is not in line with cultural theory and
constructivism, which argue for the thesis that risk is the same as risk
perception ([47], critical comments in [67]). Risk coincides with the
perceptions of it (e.g. [32,81]). Beck [19] p. 55 concludes that because
risks are risks in knowledge, perceptions of risks and risk are not
different things, but one and the same. See Aven and Renn [15] for a
more detailed discussion of this thesis.
When it comes to risk assessment, we cannot so easily dene a
similar premise, as many common risk denitions are closely
linked to the way risk is described using a risk assessment. This
issue will be thoroughly discussed in the present paper.
Many perspectives on risk are developed and used for specic
disciplines and areas; see reviews by, for example, Renn [65]
(adjusted slightly in Aven and Renn [16]) and Althaus [3]. Renn
[65] distinguishes between the following disciplines/perspectives:
statistical analysis (including the actuarial approach), toxicology/
epidemiology, probabilistic risk analysis, economics of risk, psychology of risk, social theories of risk and cultural theory of risk,
whereas Althaus [3] distinguishes between logic and mathematics,
science and medicine, social sciences (anthropology, sociology,
economics, law, psychology, linguistics), history and humanities
(history, the arts), religion and philosophy. The classication
systems specify a view on risk for each discipline/area. For
example, according to the classication system of Althaus [3], risk
is viewed as a calculable phenomenon in logic and mathematics, an
objective reality in science and medicine, as a societal phenomenon
in sociology and as a concept in linguistics.
This is a classication which simplies how different disciplines and areas look at risk. However, for many disciplines and
areas, using just one category to describe the ruling thinking
needs to be replaced by several views, for example, in science,
subjective perspectives (Bayesian frameworks) are also commonly adopted. For the purpose of the present paper we nd
these discipline classications of risk to lack precisionwe need
to have a higher level of specication, not only characterisations
like objective reality or societal phenomenon.
This does not mean of course that such characterisations are not
important and will not be addressed in the coming discussion. To
meet the papers objective of searching for development trends in the
way risk is dened and understood, it is necessary to give due
attention to the distinction between conceptualisations of risk that
see risk as an objective property of the world and conceptualisations
that are based on judgments and knowledge of a person (i.e. are
epistemological). We remember the well-known phrases used by
Immanuel Kant (17241804), Das Ding an sich and Das Ding fur
mich. Risk (and probability) can be viewed as both a an sich
property of the world and a fur mich concept (see also [74]).
However, to be able to meaningfully discuss this issue, we
need to link these ideas to specic denitions with clear interpretations. As we will see in the coming sections, many of these
denitions and interpretations are closely related to different
understandings of a probability.
The concept of risk (addressing the term and its meaning) is of
course not only relevant for linguistics (refer to the classication
system of Althaus [3]), but also an issue in other disciplines and
areas. All disciplines and areas need to clarify how risk is to be

dened and understood. These disciplines and areas may have

different needs, and this has contributed to the many different
views on risk that exist out there.
It is obvious that the different disciplines and areas have and
need to have different methods for assessing and managing risk.
For example, business needs a different set of risk procedures and
models than, for example, medicine and engineering. But does
this mean that these disciplines and areas should have completely
different perspectives on what risk is as a concept? Is not the
basic challenge the sameto conceptualise that an activity in the
future could lead to some events/consequences/outcomes that in
some way are not desired or planned? As we will see later, the
answers are very much dependent on the issues raised in our
initial hypothesis: is the concept of risk inseparable from the risk
descriptions or is there a sharp distinction between risk as a
concept and how this concept is measured?
Many risk denitions are based on modelling, in particular
probability models reecting variation in populations (also
referred to as aleatory uncertainties) for example when considering risk denitions based on frequentist probabilities (a frequentist probability expresses a fraction of successes if the situation
studied is repeated over and over again innitely). When studying
the development trends, such denitions of risk will be studied,
but also risk denitions based on knowledge-based or epistemic
interpretations of probability.
The paper is organised as follows. Section 2 provides some general
reections about the risk concept, particularly addressing the origin of
the word risk and how this concept is used in everyday language.
Section 3 reviews ideas and denitions of risk adopted in the
professional/scientic context. A new way of classifying the various
types of risk denitions is presented, and, using this classication, an
analysis is conducted of how the various denitions perform in
relation to a set of issues raised. These issues cover questions like
the following: is the risk concept balancing different attributes (e.g.
consequences and likelihood)? and is the risk concept based on
expert modelling? Also an evaluation of the match between these
denitions and the phrases presented in Section 2 is carried out, to
see to what extent these denitions are in line with the typical daily
risk language. Section 4 discusses the ndings of the previous sections
and the initial hypothesis of the paper, that there has been a gradual
change from rather narrow risk perspectives based on probabilities
and expected values, to broader not-probability-based denitions
with a sharp distinction between risk as a concept and how this
concept is measured. For this purpose, a set of thought-constructed
development paths are dened and studied, starting from de Moivres
risk denition based on expected values in 1711 and ending up now
in 2011. For the sake of readability, some of the arguments referred to
are summarised in the appendix. Finally, Section 5 provides some
conclusions and closing remarks.
The discussion in this paper is based on my assessments, and it
is obvious that my underlying views on what is the best way of
dening and understanding risk affects my analysis. Through
other recent publications my view should be well-know. However, the main part of this paper provides a general analysis that
can be appreciated whether the reader agrees with my nal
conclusions or not. What is important in the paper are the
arguments used, their validity. I hope the paper can stimulate
further discussions on the meaning and understanding of the
concept of risk, as such discussion is considered very important
for the development of the risk elds as mentioned above.

2. About the risk concept its origin and daily use

Althaus [3] gives a thorough review of the origin of the word
risk. She underlines that the origin of the word risk is disputed

T. Aven / Reliability Engineering and System Safety 99 (2012) 3344

in the literature and this is also apparent when reading the

detailed analysis in the Oxford English Dictionary [62]. Here are
some of the explanations provided by the Oxford English Dictionary [62] (these are to a large extent in line with those
mentioned by Althaus):
French risque: danger or inconvenience, predictable or otherwise (1578 in Middle French as a feminine noun, 1633 as a
masculine noun; 1690 as a legal term)
Italian risco (rst half of the 14th cent.), variant of rischio
(1292; 13th cent. as reisego), risico (1367), both in sense
possibility of harm, an unpleasant consequence, etc.
Post-classical Latin resicum, risicum (both mid 12th cent. in
Italian sources; also mid 12th cent. in a document from
Constantinople), risigum, resigum, resegum (12278 in Occitanian sources), rischium, rischum, riscum, risecum (second half of
the 13th cent. in Italian sources), all in commercial contexts in
sense hazard, danger
Middle French (Walloon) resicq, risicq: possibility of damage to
or loss of merchandise (second half of the 15th cent.)
Old Occitan rezegue: possibility of damage to merchandise
when transported by sea (1200; 1301 as reseque)
Catalan risc, reec: danger, risk, possibility of damage to merchandise when transported by sea (13th cent.)
Spanish riesgo: conict, disagreement (1300), possibility of
harm or unpleasant consequences (16th cent.)
Portuguese risco (15th cent.)
Dutch risico (1525) and resicq (1563), risicque (1602), both
recorded in the Spanish Netherlands in the sense possibility of
damage to merchandise
German Risiko (1507)
Post-classical Latin rixicum (1458 in a British source)
Medieval Greek rizikon (1160)
Arabic rizq (in Maghribi Arabic also rezq), which has a number
of senses: provision, lot, portion allotted by God to each man,
livelihood, sustenance, hence boon, blessing (given by God),
property, wealth, income, wages, and nally fortune, luck,
destiny, chance
According to the Oxford English Dictionary [62] it is widely
suggested that the post-classical Latin resicum, risicum, etc. in the
sense danger, hazard originated from the post-classical Latin
noun resecum, a proposed derivative of classical Latin resecare

meaning that which cuts and hence rock, crag, reef (compare
Spanish risco in this sense from the 13th cent.), with allusion to
the hazards of travel or transport by sea. The Oxford English
Dictionary [62] states that this argument ts with the maritime
context of many early uses of the word in English and the
Romance languages, but it involves a number of steps, which
are not supported by documentary evidence.
Again, following the Oxford English Dictionary [62], this explanation and one expressing that the post-classical Latin resicum, risicum,
etc. is derived from the specic senses fortune, luck, destiny, chance
of Arabic rizq, assume that that medieval Greek rizikon was
borrowed from post-classical Latin risicum, but it is also possible
that the borrowing went the other way: both words are rst
attested at about the same time. See the Oxford English Dictionary
[62] for some possible ways of explaining the origin of the Greek
word (one is the Arabic rizq).
Clearly, the etymology of the concept of risk is inconclusive. To
further illustrate the many views on the origin of the word risk,
consider the following statements from various sources (the last
three are from Althaus [3]):
According to Bernstein [21], the word risk derives from the
early Italian risicare, which means to dare. It was used by


ancient sailors to warn the helmsman that rocks might

be near.
Giddens [37] suggests the word came to English from the
Portuguese or Spanish where it was used to refer to sailing into
uncharted waters; Chambers Twentieth Century Dictionary
[26] explains the Spanish risco refers to a rock; Giddens [37]
says that one root of the term risk in the original Portuguese
means to dare.
Ewald argues that the notion of risk rst appeared in the
Middle Ages, related to maritime insurance and was used to
designate the perils that could compromise a voyage [76].
The British Medical Association [22] suggests that the word is
derived from the Greek word rhiza, which refers to the
hazards of sailing too near to the cliffs: contrary winds,
turbulent downdraughts, swirling tides.

The daily use today of the word risk to a large extent reects
these explanations. Using the Oxford English Dictionary [62],
we nd three main categories of denitional perspectives to risk
(see also [3]):
(1) (Exposure to) the possibility of loss, damage, injury, or other
adverse or unwelcome circumstance; a chance or situation
involving such a possibility.
(2) A hazardous journey, undertaking, or course of action; a
(3) A person or thing regarded as likely to produce a good or bad
outcome in a particular respect; a person or thing regarded as
a threat or source of danger.

From these perspectives we see that the term risk can be

considered something that is positive or negative, and it could be
both a noun (taking risks) and a verb (to risk losses).
In the coming sections we will study how the risk concept
used in professional and scientic settings matches these usages,
and we will have a special focus on possible development trends.
To provide a basis for this study, we will investigate in somewhat
more detail the daily use of the risk termexploring these three
perspectives using some examples of typical statements involving
risk, also capturing some more recent applications (for example
terrorism risk). The examples are partly taken from the Oxford
English Dictionary [62] (when a year is indicated) and partly from
Merkelson (2011) (some adjustments are made for some of the
examples) who performs an interesting semantic analysis of the
concepts of risk, danger, chance and hazard using different
sentences that describe a scenario in which a couple is placed
under a boulder that may or may not dislodge from a ledge and
hit the couple (this example is also studied in, for example, Rosa
[67] and Aven et al. [18]).
Oxford English Dictionary [62]:
Category (1)


They must run the risque of the falling of the price.

He that runs the risque deserves the fair.
Little he loves such risques, I know.
Fire insurance as a business consists in undertaking a
certain risk in return for a comparatively small sum,
called the premium.
Sugar is very difcult to ship; rum and taa can be
handled with less risk.
The plan was rather a hazardous one, but she was
prepared to take risks.
Particular districts may be open to the risk of ooding
arising from heavy rainfall or the thawing of snow.


T. Aven / Reliability Engineering and System Safety 99 (2012) 3344


In Colorado, about 1.3 million people live in the red

zone, areas at great risk of wildre.

Category (2)


Unto far distant Orbs, she takes her ight, and wanders,
without Keeper, out of sight. Return, return, to thy
imprisond shrine; and shamefully repent, this risque
of thine.
An insolent despiser of Discipline, nurturd into Impudence by a long Risque of Licence and Rebellion.

Category (3)

Married men are usually the most desirable risks.

Gasworks are esteemed a re risk of special hazard.
Customers of other Citigroup companies who agreed to
buy Travelers insurance tended to be poor risks.
The boy, who is considered a risk to himself and others,
is currently being housed in a 3,500-a-week secure unit
in Leeds.

At risk, in risk

The reputation of the whole fraternity would be at risk

by irregularity on this occasion.
Hundreds of Irishmen were glad to put their necks in
risk of Englands halter.
Researchers worldwide have raced to identify more of
the genes that put individuals at high risk of developing
the disease, also known as juvenile diabetes.

At a persons risk

If a part of the property insured was sold, it ceased

thereby to be at the risk of the underwriters.
The goods were carried at the owners risk.
He therefore should be at risk where the car causes

At the risk of

Ay, at the risk of all our own neckswe could do that

without you.
He ran down to the cellar at the risk of breaking
his neck.
You thought you could save him at the risk of your
In science as in normal life, there are some clochards
who, at the risk of being ridiculed, explore unpopular

At risk to


The bravery of eight men of the regiment who, at risk to

their lives, snatched from the zone of re a popular
young ofcer.
Increasing numbers of townsmen were engaged in
forming politically oriented professional unions at considerable risk to the individuals involved.

Merkelson (2011)
1. The couple placed under the boulder is exposed to (a) risk.
2. There is a risk that the boulder will hit the couple.

3. The couple takes (a) risk by placing themselves under the

4. The couple placed under the boulder is in a risky situation.
5. The couple risk getting hit by the boulder.
And I add
6 The couple face risk the boulder may dislodge from the ledge
and hit them.
7 The risk that the couple face (is exposed to) is small.
Some other sentences, addressing some current issues:
8. There is risk associated with the operation of a nuclear
power plant.
9. Emergent risks have become an issue.
10. The terrorism risk is high.
As highlighted by Althaus [3], by its very semantics, the
conceptual understanding of risk conveys risk to be something
that is open to a multitude of converse possibilities and
Althaus [3] makes some interesting reections concerning the
variability in use of the word risk across time, society and region.
Althaus refers to Bernstein [21] and Gigerenzer et al. [38] who to
a large extent align the concepts of chance and probability with
risk, and argue that the notion of fate was replaced with belief in
the ability of humanity to master uncertainty using the tool
probability. Following this idea any distinction between risk and
uncertainty/chance today has been linguistically lost.
However, at the same time, risk is a very loose term in
everyday parlance, and issues of calculable probability are not
necessarily important to the colloquial use of risk [56]. As will be
seen from our coming analysis, many risk perspectives have a
sharp distinction between uncertainty/chance and risk.
Althaus [3] concludes that the older entrepreneurial concept of
risk as a venture has blurred since the beginning of the 19th
century [56]. In contemporary times the word risk in everyday
language has increasingly come to refer to something negative
[76]. These changes the resistance against fate, the merging of
risk with uncertainty, and the contemporary emphasis on risk
linked to undesirable consequences or outcomes in the meanings and use of risk, are associated with the emergence of
modernity, beginning in the 17th century and gathering force in
the 18th century [56,37].
If we look at the various historical denitions and compare
them with the current three interpretations, I see the following
similar features:
For an activity, different consequences are possible; one or
more are negative (undesirable) and the main focus is on
thesethe consequences are not known.
Risk is either the possibility/uncertainty/chance that the activity will have some undesirable consequences, or the activity
(person, gasworks) itself, that which is often also referred to as
a risk source or a threat. To me the origin and historical use match
very well current everyday use.

3. The risk concept used in a professional/scientic context

It is impossible to present and discuss all denitions of the risk
concept suggested and used in the scientic risk elds. Quite
many denitions can be found in for example Wood [80], Crowe
and Horn [27], DFI [28], Aven and Renn [15] and Aven et al. [18],
but there are many more. However, by structuring and classifying

T. Aven / Reliability Engineering and System Safety 99 (2012) 3344

the risk denitions according to some specic features as shown

below, it is possible to cover a large number of denitions.

3.1. Classication system for risk denitions

To my best knowledge, the references in the parentheses
specify the sources of the relevant denitions except for (1b),
(1d), (2b) and (6d) where the references simply provide examples of work in which the relevant denitions are used or
referred to.
1) RiskExpected value (loss) (RE)
a) The risk of losing any sum is the reverse of Expectation, and
the true measure of it is, the product of the sum adventured
multiplied by the probability of the loss [30].
b) Risk equals the expected loss [75,78].
c) Risk equals the product of the probability and utility of
some future event [1].
d) Risk equals the expected disutility [24].
2) RiskProbability of an (undesirable) event (RP)
a) Risk is the chance of damage or loss [41].
b) Risk equals the probability of an undesirable event [24].
c) Risk means the likelihood of a specic effect originating
from a certain hazard occurring within a specied period or
in specied circumstances [49].
3) RiskObjective Uncertainty (ROU)
a) Risk is the objective correlative of the subjective uncertainty; uncertainty considered as embodied in the course of
events in the external world [77].
b) Risk is measurable uncertainty, i.e., uncertainty where the
distribution of the outcome in a group of instances is
known (either through calculation a priori or from statistics
of past experience) [50].
4) RiskUncertainty (RU) [4,60]
a) in regard to cost, loss or damage [40].
b) about a loss [58].
c) of the happening of an unfavourable contingency [57].
d) of outcome, of actions and events [23].
5) RiskPotential/possibility of a loss (RPO)
a) Risk is the possibility of an unfortunate occurrence [64].
b) Risk is the possibility of an unfavourable deviation from
expectations [5].
c) Risk is the potential for realisation of unwanted, negative
consequences of an event [69].


6) Risk Probability and scenarios/Consequences/severity of consequences (RP&C)

a) Risk is a combination of hazards measured by probability; a
state of the world rather than a state of mind [63].
b) Risk is a measure of the probability and severity of adverse
effects [55].
c) Risk is equal to the triplet (si, pi, ci), where si is the ith
scenario, pi is the probability of that scenario, and ci is the
consequence of the ith scenario, i 1,2, yN; i.e. risk
captures: What can happen? How likely is that to happen?
If it does happen, what are the consequences? [48].
d) Risk is the combination of probability and extent of
consequences [2].
7) Risk Event or consequence (RC)
a) Risk is a situation or event where something of human
value (including humans themselves) is at stake and where
the outcome is uncertain [67,68].
b) Risk is an uncertain consequence of an event or an activity
with respect to something that humans value [44].
8) Risk Consequences/damage/severity of these Uncertainty
(R C&U)
a) RiskUncertainty Damage [48].
b) Risk is equal to the two-dimensional combination of events/
consequences (of an activity) and associated uncertainties
c) Risk is uncertainty about and severity of the consequences
(or outcomes) of an activity with respect to something that
humans value (Aven and Renn 2009a).
d) Risk is the deviations from a reference level (ideal states,
planned values, expected values, objectives) and associated
uncertainties [14].
9) Risk is the effect of uncertainty on objectives [45,46] (RISO).

To characterise these denitions, or rather these categories of

denitions, a set of issues are addressed for each of these
categories; see Table 1. Most of the assignments in Table 1 are
straightforward, but others need some comments.
Firstly, for the denitions that are based on probabilities and
expected values, we need to explain what we mean by these
terms as they can be interpreted in different ways. The most
general interpretation is simply to say that a probability is a
measure for representing or expressing uncertainty, following the
rules of probability calculus [10]. However, this is not sufciently
precise, as the measure is not dened, and, depending on the

Table 1
Characterisations of different risk denition categories (x: yes, blank: no, x?: answer depending on the meaning of P and E).


Risk is a quantitative measure

Risk is a qualitative concept
Risk exists objectively (broad inter-subjectively)
Risk is based on a (technical) model concept
Risk is dened through events/consequences/outcomes/severity of these
Risk is dened through uncertainties
Risk is based on a probability (considered a measure for representing or expressing uncertainty,
following the rules of probability)
Risk balances different attributes (e.g. consequences and likelihood)
Risk relates to negative/undesirable consequences/outcomes only
The denition allows for a distinction between the concept of risk and how to measure/describe
Origin after 1970
Focused last 1015 years

















R Risk, E Expected value (loss), P Probability (of an undesirable event), OUobjective uncertainty, U Uncertainty, Cevent/consequence, Po Potential/possibility
(of a loss), ISO [45,46] denition of risk.


T. Aven / Reliability Engineering and System Safety 99 (2012) 3344

measure, we would evaluate the various denitions in Table 1

differently. Basically, as noted for example by Aven et al. [18],
there are two alternative interpretations that could be used; a
probability of an event A is either:
i) a frequentist probability, expressing the fraction of times the
event A occurs when considering an innite population of
similar situations or scenarios to the one analysed. We denote
this probability by Pf(A). This concept is a model concept
(a parameter of a probability model), and as Pf(A) is unknown
it has to be estimated. Hence we get a distinction between
the underlying concept Pf(A) and its estimate Pf(A)* (say), or
ii) a subjective (knowledge-based, judgmental) probability,
expressing the assessors uncertainty (degree of belief) of the
occurrence of event A. We denote this probability by P, or P(A9K)
to show that this probability is conditional on some background
knowledge, K. A common interpretation is the uncertainty
standard: the probability P(A)0.1 (say) means that the assessor compares his/her uncertainty (degree of belief) about the
occurrence of the event A with the standard of drawing at
random a specic ball from an urn that contains 10 balls.

The expected value of an unknown quantity (for example the

loss associated with an activity) is the centre of gravity of the
probability distribution of this quantity. When using frequentist
probabilities, we can interpret the expected value as the arithmetic mean of the quantities generated by considering an innite
population of similar situations or scenarios to the one analysed.
Hence, if probability is understood as a frequentist probability,
the denition categories (1), (2) and (6) are based on a model
concept. If, on the other hand, probability is a subjective probability these denitions would represent the judgements degree
of belief of the assessors.
The ontological status of many types of risk denitions are
studied in Aven et al. [18], and it is referred to this paper for the
argumentation for the assignments made in Table 1 on this issue.
Risk exists objectively, meaning in the sense of broad intersubjectively, when risk is for example uncertainty or a potential.
The point made is that there should be no discussion in advance
when studying an activity, that we do not know what will be the
consequences, different events/outcomes are thinkable, they could
occur. The subjectivity enters the scene when we try to measure
this uncertainty or potential; see discussion in Aven et al. [18].

In Table 1, risk relates to negative/undesirable consequences/

outcomes only for the denition categories 2 and 5, but also for
the categories 1 and 6 the consequences are often restricted to
loss (damage, etc.).
If the denitions are based on probabilities, Table 1 species
that the denitions do not allow for a distinction between the
concept of risk and how to measure/describe risk. This is certainly
true if subjective probabilities provide the basis for the denitions
as the concept of risk is then the same as the measurement of the
risk as was indicated above. If, on the other hand, risk is based on
frequentist probabilities we may obtain a distinction between the
concept of risk which is based on the underlying true frequentist probability and the measurement/description of risk, which
is based on estimation of these probabilities. However, in this case
the risk concept is based on modelling, and this modelling will
only be justied in some cases of repeatability, making this
distinction generally non-existent. We will return to this issue
in the next section.
When risk is dened by consequences and uncertainties
(R C&U) (and also when RC) a risk description is obtained by
specifying the events/consequences C and using a description
(measure) of uncertainty Q. Specifying the events/consequences
means to identify a set of events/quantities of interest C0 that
characterize the events/consequences C. An example of C0 is the
number of fatalities. Depending on the principles laid down for
specifying C and the choice of Q we obtain different perspectives
on how to describe/measure risk. As a general description of risk
we can write (C0 ,Q,K), where K is the knowledge that Q is based on.
The most common tool for describing the uncertainties U is
probability P, but there exist also others including imprecise
(interval) probability and representations based on the theories
of evidence (belief functions) and possibility [34,17], as well as
qualitative methods as for example described in Aven [9] (see
comment on this type of methods in the last section of the paper).
Table 2 presents an evaluation of the match between some of
the daily language phrases presented in the previous section and
the different risk denition categories. In the following, some
comments to the assignments are given.
Firstly, we see from Table 2 that the risk denition RiskObjective Uncertainty, which includes Frank Knights famous risk denition from 1921, basically saying that risk is an objective probability
distribution, is not consistent in general with any of the risk phrases.
The reason is of course obvious as few situations in life are
characterised by objective probability distributions, and, hence,

Table 2
Evaluation of the match between daily language phrases and different risk denition categories. x: the phrase makes sense following this risk denition category.
(a) They must run the risk of the falling of the price.
(b) The plan was rather a hazardous one, but she was prepared to take risks.
(c) In Colorado, about 1.3 million people live in the red zone, areas at great risk of wildre.
(d) Married men are usually the most desirable risks.
(e) The goods were carried at the owners risk.
(f) He ran down to the cellar at the risk of breaking his neck.
(g) The couple placed under the boulder is exposed to (a) risk
(h) There is a risk that the boulder will hit the couple.
(i) The couple takes (a) risk by placing themselves under the boulder.
(j) The couple placed under the boulder is in a risky situation.
(k) The couple risk getting hit by the boulder.
(l) The couple face riskthe boulder may dislodge from the ledge and hit them.
(m) The risk that the couple face (is exposed to) is small.
(n) There is risk associated with the operation of a nuclear power plant.
(o) Emergent risks have become an issue.
(p) The terrorism risk is high.





































R Risk, E Expected value (loss), P Probability (of an undesirable event), OUobjective uncertainty, U Uncertainty, C event/consequence, Po Potential/possibility
(of a loss), ISO [45,46] denition of risk.

T. Aven / Reliability Engineering and System Safety 99 (2012) 3344

adopting this denition would mean to contradict the daily use of the
term risk.
Secondly, we see that the phrases (h) and (k) expressing that
there is a risk that the boulder will hit the couple and the couple
risk getting hit by the boulder, respectively, have no match with the
risk denitions 19. If the phrase (h) is rewritten as there is a
probability that the boulder will hit the couple, there is a possibility
that the boulder will hit the couple, there are uncertainties about
the boulder hitting the couple etc., we obtain matches with some
risk categories, for example there is a probability that the boulder
will hit the couple will be an example of risk denition category 2.
One of the reviewers of the original version of this paper made
the remark that it is common among economists to refer to risk of
positive (and I would add, also negative) outcomes (in relation to
some reference values), but it would be better to use the term
probability or chance of positive (negative) outcomes it is not
the risk that is positive (negative). This is an example of a
statement like (h) and (k), and yes, risk here could be replaced
by probability/chance, or alternatively possibility or uncertainties
depending on the preferred risk denition.
Similarly, we can rephrase (k) to obtain for example the
couple could be hit by the boulder, which corresponds well with
the risk denition categories 4, 5 and 8.
Thirdly, for the phrases (b), (g), (i) and (j), risk/risks are
interpreted in Table 2 as high risk/risks, for example phrase (b)
is read as The plan was rather a hazardous one, but she was
prepared to take high risks. This is in line with for example risk
denition 1 (risk expected value (loss)), reading the sentence as
The plan was rather a hazardous one, but she was prepared to
take high risks in the form of a high expected loss.
Fourthly, as we see from Table 2, the assignments are quite similar
for most risk denitions. We see that for (a) and (d) the probabilitybased denitions and 7 do not match, whereas they do for the others
(except risk denition 7 for phrase (c)). Take for example phrase (a),
They must run the risk of the falling of the price. It is immediately
clear that this statement is consistent with for example the risk
denition saying that risk is uncertainty (category 4) or risk is the
possibility (category 5), but not if risk is the probability of a loss, as it
does not make sense to say that they must run the probability (of a
loss) of the falling of the price. For the phrase (c) In Colorado, about
1.3 million people live in the red zone, areas at great risk of wildre,
there is no match with risk denition 7 (riskevent/consequence) as
it is not meaningful to talk about great events/consequences in this
context. As noted by Aven and Renn [15], the use of this type of risk
denition requires a rewriting of the commonly used risk language
(we cannot write that risk is high or low, that risk is acceptable, or
that risk should be reduced etc.). Check for example phrase (m) The
risk that the couple face (is exposed to) is small. We see that this
statement has no meaning if we adopt the denition (7) as the issue
is not about the event/consequence being small or not.
Fifthly, we see from Table 2 that the risk denition categories
(8) and (9) have the same assignments. The reason for this is that
(9) has been interpreted to be in line with (8). This interpretation
is, however, not obvious, as discussed in Aven [10]. An interpretation more in line with category (7) is also reasonable and
then the assignment of (9) becomes as for (7).
Sixthly and nally, it has to be noted that the probabilitybased denitions would all work based on the subjective probability interpretation for the phrases (b), (c), (e), y, (p). The
degree to which the frequentist interpretation would make sense
depends on the setting, but for some phrases it is clear that such
an interpretation is not applicable as the situation considered
cannot be meaningfully repeated under similar conditions (e.g. p)
the terrorism risk is high.
Some comments are also in place concerning the issue of risk
perception. Premise 2 as dened in the introduction states that


there is a distinction between risk per se and how risk is perceived.

This is true for all the risk denitions discussed above, and in a
professional risk assessment context also the risk description
should be separated from the risk perception. The analysts fear
for a type of event should not inuence their judgment on how
large the risk is. Of course, there could be cases when such inuence
is present, but that would not be the normal situation for a
professional analyst team. However, if we look at the laymans risk
description, things could be different. Consider as an example the
assessment of terrorism risk. Here the concept of risk as well as its
description, could be strongly inuenced by feelings and affections.
4. Discussion
Looking at the nine categories of risk denitions, it is possible to
draw several development paths. I have identied six, all starting
from de Moivres the expected value (loss); see Fig. 1. These paths
are thought-constructed schemes reecting some main type of
prevailing risk perspectives today with plausible development
paths ending up with this current perspective. Think about a person
that today argues for the use of the C&P perspective (D2 in Fig. 1). If
he/she had lived some x years back in time, what would have been
his/her stand? The scheme says that if x had been about 30110
years, the person is likely to have been ruled by the RiskProbability of a loss perspective, etc. Alternatively, we may think of a
set of six different categories of people, with members in each
category being dened as similar in some meaningful sense even
though they live in different time periods. One way of dening
similarity is to refer to the same training or occupation, for example
engineers or economists. It is stressed that this is a highly simplied
scheme based on mental simulation with the purpose of illustrating
some overall lines of potential development. The gure is not to be
read as an accurate timetable for specic events.
The six development paths D1D6 (the parentheses include
typical categories of advocators of this perspective):
1. Since de Moivre, risk has been considered an expected value
(loss) E. No changes in views (decision analysts and economists)
2. The concept of risk has developed from the E stand, to P and
nally C&P which now prevails (engineers, health personnel)
3. The path is the same as D2, but C&P is recently replaced by
C&U (engineering based-scientists)
4. The risk concept changed early from the E perspective to U and
has not changed since then (business)
5. The risk concept changed early from the E perspective to OP
and has not changed since then (economists)
6. The concept of risk has developed from the E stand, to covering
both U and P, then all three U, Po and C&P, and nally all of C,
C&U and ISO (people with a holistic perspective)
Within these perspectives we have interpretations based both
on frequentist probabilities and subjective (judgemental, knowledge-based) probabilities.
In the following, a brief description and evaluation of these
paths will be given. Some of the argumentation used for justifying
or rejecting the various risk denitions is well known from other
publications (e.g. [8,11,18]), but for the sake of completeness and
readability some text from these references is included.

4.1. Development path D1

Following this development, risk is the same as an expected
value, which basically means either
Risk expected loss or Riskexpected (dis)utility


T. Aven / Reliability Engineering and System Safety 99 (2012) 3344

Risk = U
Risk = P

Risk = P

R = U,
R= Po
Risk = C&P


Risk = U



Risk = C&P

Risk = C & P

Risk = E



Risk = E


Risk = OU

Risk = P


R = C,



Fig. 1. Six thought-constructed development paths for the risk concept.

The difference is important, as the second interpretation

allows for weighing the loss (outcomes) depending on the
assessors preferences.
Both interpretations mean that some integration is made
between the severity of the different outcomes and the corresponding probabilities. The simplicity of having just one number
to relate to is considered an attractive property of this perspective. The expected loss version is motivated by the law of large
numbers which says that the average of a number of similar
independent, identically distributed random variables converges
to the expected value of one specic random variable.
The utility perspective reects the need for seeing beyond
expected values in risk management by incorporating the decision makers risk aversion or risk-seeking attitude in the utility
(loss) function used. Risk aversion means that the decision
makers certainty equivalent is less than the expected value; the
certainty equivalent is the amount of payoff (e.g. money or utility)
that the decision maker has to receive to be indifferent between
that payoff and the actual gamble. A risk-seeking attitude
means that the decision makers certainty equivalent is higher
than the expected value [53]. Only in the case that the decision
maker is risk neutral, expected values can replace the information
provided by the whole probability distributions.
Strong arguments can be raised against these perspectives. In
Appendix A a summary of the main points are presented.
4.2. Development path D2
Now risk becomes the probability of a loss. It is not difcult to
nd situations where this denition makes sense: consider, for
example, the probability of getting a specic disease, for example
cancer. In health care it is common to talk about cancer risk,
understood as the probability of getting cancer.
Both frequentist and subjective probabilities are used, depending on which probabilistic/statistical framework is preferred, a
traditional statistical one or a Bayesian one. See Section 3.
However, the probability of loss dimension alone fails as a
general denition of risk. In one case, the consequences of getting
cancer could be rather small, in other cases life-threatening. Risk

should also cover this aspect, and the intention of the C&P
denitions is to meet this critique, as they address the full spectre
of consequences that could occur.
Following this path, probability theory is considered the
appropriate mathematical structure for the representation of
uncertainty and no other is needed [54,79,61].
Critique can also be raised against these perspectives.
Appendix B provides a summary of the main points made. This
critique is leading up to the development perspective D3.
4.3. Development path D3
The development path for D3 is as for D2, with an extension of
the C&P risk perspective to C&U in recent years. Hence, different
types of tools for measuring the uncertainties can be incorporated
for the risk descriptions. The C&U perspective facilitates a clear
distinction between the risk concept and how it is measured.
Thus probability enters the scene when we would like to
describe or measure the uncertainties and thus risk. Probability is
not a part of the risk concept per se.
The risk descriptions are often based on modelling, for example
using probability models and frequentist probabilities. Probability
models and frequentist probabilities do not exist in general they
are model concepts that are meaningful only in some situations of
repeatability, as highlighted also earlier in this paper.
The Kaplan and Garrick denition from 1981 can be viewed as a
founding pillar of the C&P perspective. In their famous 1981 paper
[48] they also refer to risk as qualitatively dened as uncertaintiesdamage, which can be seen as a version of the C&U type of
denitions. The uncertainties damage perspective is, however,
not included in D3 for that time as it was not given much attention
then, and no unied framework for integrating C&U and C&P was
presented. Recently, however, several such frameworks have been
developed, as seen from the examples of C&U denitions in Section 3.
4.4. Development path D4
The riskuncertainty perspective is mainly linked to the
economic eld, and investment analysis in particular. The

T. Aven / Reliability Engineering and System Safety 99 (2012) 3344

qualitative term is uncertainty, and variance is a common tool for

measuring the uncertainties. Thus the perspective allows for the
same type of dichotomy as the C&U perspective the clear
distinction between the qualitative concept of risk and how it is
measured. The idea that risk equals uncertainty seems to be based
on the assumption that the expected value is the point of
reference and that it is known or xed. The uncertainty is seen
in relation to, for example, an historical average value for similar
investments. Risk captures the deviation and surprise dimension
compared to this level.
Without such a reference level, the risk uncertainty thesis
does not work. Uncertainty seen in isolation from the consequences and the severity of the consequences cannot be used as a
general denition of risk. Large uncertainties need attention only
if the potential outcomes are large/severe in some respect. Look at
the following example ([8], p. 52): the activity considered can
result in only two outcomes, 0 and 1, corresponding to 0 and
1 fatality, and the decision alternatives are A and B, having
uncertainty (probability) distributions (0.5, 0.5), and (0.0001,
0.9999), respectively. Hence, for alternative A there is a higher
degree of uncertainty than for alternative B, meaning that risk
according to this denition is higher for alternative A than for B.
However, considering both dimensions, both uncertainty and the
consequences, we would, of course, judge alternative B to have
the highest risk as the negative outcome 1 is nearly certain
to occur.
The expected values for the two alternatives are 0.5 and
0.9999, respectively, whereas the variances are 0.25 and 0.0001,
respectively. The example is related to safety, but the conclusion
is general and it also applies to investment problems. It does not
make sense to say that there is negligible risk if we can predict
with high condence that the loss will be $10 billion. The
uncertainties would be small, but it is misleading to use the term
risk for the uncertainties as such. The consequences dimension
must also be taken into account.
4.5. Development path D5
This fth path is as the fourth path, but the last 100 years have
been ruled by the objective probability denition of risk and not
uncertainty. The perspective is to a large extent founded on Frank
Knights work from 1921 and his idea that we have risk in the
case that an objective probability distribution can be obtained
(and uncertainty otherwise). This thinking has strongly inuenced
the risk eld, and in particular the economic risk area. The idea
has been thoroughly discussed in the literature; see for example
LeRoy and Singell [52], Holton [43], Langlois and Cosgel [51],
Taylor [72], Runde [70] and Aven [8]. It is, however, difcult to
nd any good argument for using this terminology. The above
analysis shows that it is not in line with the common risk
language. Referring to risk only when we have objective distributions would mean we exclude the risk concept from most
situations of interest. As stated by Aven [8], p. 75, if we adopt
the subjective or Bayesian perspective on probability, Knights
denition of risk becomes empty. There are no objective probabilities. Given these observations, it is hard to understand that
this denition is still being used. In my view we should leave the
Knight nomenclature once and for all ([8], p. 75). However, few
things indicate that my wish will soon be met. I cannot see any
trend in its use. Economist and others continue to refer to this
denition despite the strong arguments against it. They seem to
see Knights words as some established terminology.
Of course, one may argue that the Knightian risk-uncertainty
dichotomy is not so important as long as it does not affect the
assessment and management of the totality of risk/uncertainty.
The dichotomy is just a classication. This is true; however, the


scientic risk elds cannot be based on a terminology that simply

restricts itself to a set of more or less trivial situations and
excludes the majority of cases.
4.6. Development path D6
This development path is characterised by the acceptance of
different perspectives on risk. The rst part of the 20th century
covers both the P and U risk denitions, whereas the last part
includes U, Po and C&P. Recently the C, C&U and ISO denitions
have been adopted. The underlying thinking for this development
path is a pragmatic view regarding which risk perspective is the
most suitable one. The changes from one period to the other are
motivated by the same type of arguments as presented above in
Sections 4.24.5.
A comment is in place for the Risk Potential/possibility of a
loss denition. Basically this denition says that a loss may or
may not happen (or loss of different magnitude may occur) which
is not far from saying that there is uncertainty about the loss (U),
i.e. what will be the outcome, or perhaps even more accurately,
that risk is C&U as the potential/possibility relates to different
outcomes. It is also common to relate potential/possibility to
probability in some cases the word may be used in the same
meaning, but a perhaps more reasonable interpretation is to
relate these words to thinkable an interpretation that seems
also more in line with the use of the term possibility in
possibility theory to measure uncertainty [33].
According to one of the main denitions of the C category, risk
is a situation or event where something of human value (including humans themselves) is at stake and where the outcome is
uncertain [67,68]. The Rosa denition and the related ones [44]
are thoroughly discussed by Aven and Renn [15] and also
commented on in Section 3. The conclusion is that compared to
common terminology, the Rosa denition leads to conceptual
difculties that are incompatible with the everyday use of risk in
most applications, as is also seen from the semantic analysis in
Section 3. By considering risk as an event, we cannot conclude, for
example, about the risk being high or low, or compare different
options with respect to risk.
According to the [45,46], risk is the effect of uncertainty on
objectives. But what does this mean? Risk relates to uncertainty,
but is it the effect of uncertainty? And risk is linked to objectives,
but what if objectives are not dened? Then we have no risk?
Challenging experts on risk, there is no doubt that they would
produce numerous different interpretations. The denition is not
sufciently precise, and there are also reasons to question its
rationale as indicated. The ISO denition is thoroughly discussed
in Aven [10]. An interpretation in line with both the C perspective
and with the C&U perspective is possible.

5. Conclusions and nal remarks

If we use the newest risk perspective from each of the six
development paths we end up with
E, C&P, C&U, U, OU and (C, C&U and ISO).
These are what I would call the main categories of risk
perspectives today. These perspectives have developed in different
ways, some go back over 100 years (300 for E), others have been
presented more recently. The different denitions can to some
extent be traced back to different environmentseconomy, engineering, etc., but we see a tendency now that more overall general,
holistic concepts are developed to be able to capture the needs for
assessing and managing decision problems, crossing traditional
scientic disciplines and areas and opening up for new ways of
describing/measuring uncertainties other than probability.


T. Aven / Reliability Engineering and System Safety 99 (2012) 3344

In my view the above argumentation in Sections 24 has led to

C&U being the most appropriate type of risk denition as also
argued for in earlier publications [12,18]. A short summary of the
arguments used follows:
The restriction of risk to objective uncertainties (OU) would
mean an extremely narrow view on what risk is and is therefore
rejected. The ISO denition is not sufciently precise, but with
reasonable interpretations it can be considered a special case of
C&U or C. Seeing risk as uncertainty can be considered a special
case of C&U. The expected loss is rejected as a general risk concept
as it does not adequately reect the uncertainties. Expected
(dis)utility is difcult to apply and mix uncertainty characterisations and value judgments which is considered unfortunate for
practical risk management. Using the C concept would mean that
we have to change the language of risk compared to everyday use.
What remain then are the C&P and C&U categories of denitions.
However, as argued in Appendix B, the C&P perspective can be
criticised for not taking into account that probability is not a
perfect tool, and the solution is to replace P by U to get C&U. Risk
as a concept should not be founded on one specic measurement
tool. In this way we obtain a sharp distinction between risk as a
concept, and risk descriptions (assessments) which could be
based on models.
Risk denitions based on probability models (as frequentist
probabilities) are rejected as such models make sense only in
cases of repeatability (refer to Appendix B). For unique events,
such models cannot be justied. However, such models may play
an important role in describing risk by supporting the assignments of subjective probabilities.
Following this view, it is hoped that the argumentation presented
would lead to a more widespread adoption of the C&U type of
denitions in the future. However, having said this, it is considered
highly likely that all the perspectives E, C&P, C&U, U, OU (and C, C&U
and ISO) will have a position in the risk eld as founding pillars for a
long time. For a specic context a particular risk perspective may
work ne, and generalisations and more universal frameworks are
not seen as attractive or necessary replacements. For the actual risk
assessment or risk management, it may be argued that how we
theoretically dene risk is not so important as long as we are precise
on what we describe when performing a risk assessment, there is
consistency in terminology, and we are aware of and able to point to
the limitations of the perspective adopted.
My response to this comment is that the risk perspective
chosen strongly inuences the way risk is analysed and hence it
may have serious implications for the risk management and
decision making. Just being precise and consistent in terminology
and aware of the boundaries and limitations of the tools that are
used for the risk assessment, are not enough. Some of the
perspectives need to be wiped out as they are simply misguiding
the decision maker in many cases. The best example is the use of
expected loss as a general concept of risk (see Section 4.1 and
Appendix A). I would also include the pure probability-based
perspectives, as the uncertainties are not sufciently revealed for
these perspectives (see Appendix B). By starting from the overall,
qualitative risk concept, we acknowledge that any tool we use
needs to be treated as a tool. It always has limitations and these
must be given due attention. By this distinction we will more easily
look for what is missing between the overall concept and the tool.
Without a proper framework clarifying the difference between the
overall risk concept, and how it is being measured, it is difcult to
know what to look for and make improvements in these tools.
There is and should be a continuous discussion in the scientic
environments and application areas on how to best measure/
describe risk. Most analysts would probably see the need for both
quantitative methods and qualitative methods. Different situations (for example with respect to the degree of uncertainties) call

for different methods. I share this view. I believe that in many

cases a combination of quantitative analysis and qualitative
analysis would provide the best way of supporting the decision
making. As noted in Section 2, following the C&U risk perspective,
risk is described as (C0 ,Q,K), where C0 is a specication of the
events/consequences C, Q is a measure of the uncertainties U, and
K is the background knowledge that Q is based on. Probability P is
the common tool for Q, but as discussed in Appendix B there is a
need for seeing beyond probability. In addition to the alternative
approaches mentioned in Section 3, I would like to draw attention
to the Q(P,UF) approach. Here UF covers qualitative assessments of the importance of uncertainty factors which reect key
assumptions that the probabilities are based on [9,36]. Following
this scheme, knowledge-based probabilities are used to assess
uncertainties about C0 , and the uncertainty factor analysis captures the beyond probability part. The approach is based on
judgments of sensitivity as well as uncertainty. Independent of
the approach taken, it is essential that that the risk description
captures both subjective judgments and hard data. The framework here recommended supports such a view.
As the above analysis demonstrates, the C&U risk perspectives
(and also the majority of the others) are to a large extent in line
with everyday language on risk and the etymology of the word
risk. The consequence dimension relates to something that
humans value (health, the environment, assets, etc.). The denition does not distinguish between positive and negative consequences (desirable and undesirable consequences), the point
being that the activity results in some consequences (whatever
they are). However, in practice there are always some outcomes
of C that are judged as undesirable. The activity runs, and there is
a possibility of undesirable consequences, but the consequences
could also be positive. When taking risk, we balance these
It would have been possible to restrict C to undesirable
consequences. However, by doing this we need to determine
what is undesirable, and for whom? An outcome could be positive
for some stakeholders and negative for others. It may not be
worth the effort and energy discussing whether an outcome is
classied in the right category, and therefore most general risk
denitions allow for both positive and negative consequences
(Aven and Renn 2009a).

The author is grateful to three anonymous reviewers for their
useful comments and suggestions to the original version of
the paper.

Appendix A. Critique of the D1 perspectives leading up to the

other development perspectives
The use of expected values in risk management can seriously
misguide decision makers in practice; we seldom have a huge
number of similar activities with known variations as the law of
large numbers presumes. And if we cannot apply the law of large
number there is no proper justication: two probability distributions may have the same expected values, one with mass centred
around its expected value, the other having high probabilities for
severe outcomes, and clearly the risk management should be
different. For the latter probability distribution, there are high
probabilities for extreme outcomes and cautionary measures
like emergency preparedness are normally required to meet these
if one of them should in fact occur. For the former probability
distribution, such measures are not needed to the same extent.

T. Aven / Reliability Engineering and System Safety 99 (2012) 3344

From this line of argument we have to conclude that expected

values (loss) cannot be adopted as a general denition of risk, but of
course it can be used as a risk index or metric, and depending on the
situation it can be more or less informative and useful as such. Yet
we frequently see this denition used in practice, and it is also often
referred to in scientic papers (see [8], chapter 1). Some researchers
and analysts still use this denition and although there are strong
arguments against it, the expected value also has to be acknowledged as a common perspective on risk in 2011.
The risk expected dis(utility) meets the critique raised against
the expected loss, but is rejected by many for other reasons ([8], p.
66): Assigning a proper utility function is not easy, and whose utility
function should be used? For many situations there are a number of
stakeholders, and they may have completely different judgments
about the importance of (say) an environmental damage. Some may
also be reluctant to reveal their utility function as this would reduce
their exibility in negotiations and political processes. A decision
maker may prefer to base his/her decision on a professional
characterisation of uncertainties and likelihoods about events and
consequences together with a more informal value judgment
process. The point made is that risk should also be possible to
dene and describe in cases where the decision maker is not able or
willing to dene his/her utility function.
The need for making a distinction between analysis (evidence)
and values has been discussed thoroughly in the literature; see for
example Renn [66], Rosa [67] and Shrader-Frechette [71]. Renn
concludes that it is highly advisable to maintain the classic
distinction between evidence and values and also to afrm that
justifying claims for evidence versus values involves different
routes of legitimisation and validation.
The distinction between probability and utility/preferences is,
however, disputed. Many of the earliest probabilists (e.g. [29])
and many decision analysts link probability with utility/preferences. From their point of view, probability is an indispensible
instrument for reasoning and behaving under uncertainty [29];
see also Merkelsen [59]. Such a perspective on risk and decision
making may work for some people for guiding their personal
choices in life, but is in my view nave for applications in industry
and society. If you are a decision maker and would like to be
informed by an expert expressing his or her subjective assessment of uncertainties about an event A, you would not be happy
about this assessment being inuenced by this experts utility
function or preferences concerning the stakes involved. The
assessment then would be disturbed by external factors. It would
also be unrealistic and unfeasible to force decision makers to
assign their probabilities in complex problems.

Appendix B. Critique of the D2 perspectives leading up to the

development perspective D3
A growing number of researchers and analysts have found the
probability-based approaches for assessing risk and uncertainties
to be too narrow. The argumentation follows different lines of
thinking. One main point raised is that risk is more than some
analysts assigned probabilities, which may be based on strong
assumptions and lead to poor predictions of the quantities
considered. As noted by Aven and Zio [17]: One may assign a
low probability of health problems occurring as a result of some
new chemicals, but these probabilities could produce poor predictions of the actual number of people that experience such
problems. Or one may assign a probability of fatalities occurring
on an offshore installation based on the assumption that the
installation structure will withstand a certain accidental load; in
real life the structure could, however, fail at a lower load level:
the assigned probability did not reect this uncertainty.


While probabilities can always be assigned, the origin and

amount of information supporting the assignments are not
reected by the numbers produced. One may, for example,
subjectively assess that two different situations have probabilities
equal to 0.6 (say), but in one case the assignment is supported by
a substantial amount of relevant data, whereas in the other by
effectively no data at all. This is a main argument in the critique of
the probability-based approach to risk and uncertainties.
Another important argument relates to the decision setting: in
a risk assessment context there are often many stakeholders, and
they may not be satised with a probability-based assessment
expressing the subjective judgments of the analysis group; a
broader risk description is sought [17].
Again referring to Aven and Zio [17]: Probability models
constitute a pillar of the probabilistic approach, an essential tool
for assessing uncertainties and drawing useful insights [42,79]. The
probability models coherently and mechanically facilitate the
assignment and updating of probabilities. However, for many types
of applications these models cannot be justied, the consequence
being that the probability-based approach to risk and uncertainty
becomes difcult to implement. A probability model presumes some
sort of model stability; populations of similar units need to be
constructed (in the Bayesian context, formally an innite set of
exchangeable random variables). But such stability is often not
fullled [20]. Consider the denition of a chance (frequentist
probability). In the case of a die, we would establish a probability
model expressing that the distribution of outcomes is given by (p1,
p2, y, p6), where pi is the chance of outcome i, interpreted as the
fraction of outcomes resulting in outcome i. However, in a risk
assessment context, the situations are often unique and the establishment of chances means the construction of ctional populations
of non-existing similar situations. Then chances and probability
models in general cannot be easily dened as in the die tossing
example; in many cases they cannot be meaningfully dened at all.
For example, it makes no sense to dene a chance (frequentist
probability) of a terrorist attack ([16], p. 80). In other cases, the
conclusion may not be so obvious. For example, a chance of an
explosion scenario in a process plant may be introduced in a risk
assessment, although the underlying population of innite similar
situations is somewhat difcult to describe.
By using probability as a main component of risk, we restrict
risk to this measurement tool. In this view, probability is a tool
introduced to describe/measure the uncertainties. However,
many other representations of uncertainty exist, including imprecise (interval) probability, fuzzy probability and representations
based on the theories of evidence (belief functions) and possibility. In recent years such representations have been given considerable attention among researchers and analysts (see e.g.
[34,31,35]). It is argued that these representations are more
adequate in situations with poor knowledge available.
For these alternative approaches and theories, a probabilitybased risk denition cannot in general serve as a conceptual
framework for dening and understanding risk. A broader risk
perspective is required, probability has to be removed from the
denition of risk and the natural replacement is uncertainty.

[1] Adams J. Risk. London: UCL Press; 1995.
[2] Ale BJM. Risk assessment practices in The Netherlands. Safety Science
[3] Althaus CE. A disciplinary perspective on the epistemological status of risk.
Risk Analysis 2005;25(3):56788.
[4] Angell FJ. Insurance, Principles and Practices. New York: the Ronald Press
Comp; 1959. p. 4.
[5] Atheam JL. Risk and Insurance. New York: Appleton-Centoty-Crofts; 1969
p. 36.


T. Aven / Reliability Engineering and System Safety 99 (2012) 3344

[6] Aven T. A unied framework for risk and vulnerability analysis and management covering both safety and security. Reliability Engineering and System
Safety 2007;92:74554.
[8] Aven T. Misconceptions of Risk. Chichester: Wiley; 2010.
[9] Aven T. On how to dene, understand and describe risk. Reliability Engineering and System Safety 2010;95:62331.
[10] Aven T. On the new ISO guide on risk management terminology. Reliability
Engineering and System Safety 2011;96(7):71926.
[11] Aven T. On how to conceptualise and describe risk. Reliability & Risk
Analysis: Theory & Applications 2011;2(1):2837.
[12] Aven T. A risk concept applicable for both probabilistic and non-probabilistic
perspectives. Safety Science 2011;49:10806.
[13] Aven T. Selective critique of risk assessments with recommendations for
improving methodology and practice. Reliability Engineering and System
Safety 2011;96:50914.
[14] Aven E, Aven T. On how to understand and express enterprise risk. International Journal of Business Continuity and Risk Management 2011;2(1):2034.
[15] Aven T, Renn O. On risk dened as an event where the outcome is uncertain.
Journal of Risk Research 2009;12:111.
[16] Aven T, Renn O. Risk Management and Risk Governance. Berlin: Springer
Verlag; 2010.
[17] Aven T, Zio E. Some considerations on the treatment of uncertainties in risk
assessment for practical decision-making. Reliability Engineering and System
Safety 2011;96:6474.
[18] Aven T, Renn O, Rosa E. The ontological status of the concept of risk. Safety
Science 2011;49:10749.
[19] Beck U. Risk Society. Towards a New Modernity. London: Sage; 1992.
[20] Bergman B. Conceptualistic pragmatism: a framework for Bayesian analysis?
IIE Transactions 2009;41:8693.
[21] Bernstein PL. Against the Gods: The Remarkable Story of Risk. New York:
John Wiley & Sons; 1996.
[22] British Medical Association. Living with Risk: The British Medical Association
Guide Chichester. John Wiley & Sons; 1987. p. 1.
[23] Cabinet Ofce (2002) Risk: improving governments capability to handle risk
and uncertainty. Strategy unit report. UK.
[24] Campbell S. Determining overall risk. Journal of Risk Research
[25] Campbell S, Currie G. Against Beck: In Defence of Risk Analysis. Philosophy of
the Social Sciences 2006;36(2):14972.
[26] Chambers Twentieth Century Dictionary (1946) Edinburgh: W&R Chambers
[27] Crowe RM, Horn RC. The meaning of risk. The Journal of Risk and Insurance
[28] DFI. (2007) Evaluating Methodologies In Support of Homeland Security
R&D Investment Decision-Making, DFI International Government Services,
Washington, DC.
[29] De Finetti B de. Logical foundations and measurement of subjective probability. Acta Psychologica 1970;34:12945.
[30] De Moivre A. De Mensura Sortis. Philosophical Transactions 1711;27:21364.
[31] De Rocquigny E, Devictor N, Tarantola S, editors. A Guide to Quantitative
Uncertainty Management. New Jersey: Wiley; 2008.
[32] Douglas M, Wildavsky A. Risk and Culture: The Selection of Technological and
Environmental Dangers. Berkeley, CA: University of California Press; 1982.
[33] Dubois D. Possibility theory and statistical reasoning. Computational Statistics & Data Analysis 2006;51:4769.
[34] Dubois D. Representation, propagation and decision issues in risk analysis
under incomplete probabilistic information. Risk Analysis 2010;30:3618.
[35] Ferson S, Ginzburg LR. Different methods are needed to propagate ignorance
and variability. Reliability Engineering and System Safety 1996;54:13344.
[36] Flage R, Aven T. Expressing and communicating uncertainty in relation to
quantitative risk analysis (QRA). Reliability: Theory & Applications 2009;2(13):
[37] Giddens A. Runaway World: How Globalisation is Reshaping Our Lives.
London: Prole Books; 1999 pp. 2122, 35.
[38] Gigerenzer G, Swijtink Z, Porter T, Daston L, Beattie J, Kruger L. The Empire of
Chance: How Probability Changed Science and Everyday Life. Cambridge:
Cambridge University Press; 1989.
[40] Hardy CO. Risk and Risk Bearing. Chicago: University of Chicago; 1923. p. 1.
[41] Haynes J. Risk as an economic factor. The Quarterly Journal of Economics
[42] Helton JC. Treatment of uncertainty in performance assessments for complex
systems. Risk Analysis 1994;14:483511.
[43] Holton GA. Dening risk. Financial Analysis Journal 2004;60:1925.
[44] IRGC International Risk Governance Council (2005) White Paper on Risk
Governance. Towards an Integrative Approach. Author: O. Renn with
Annexes by P. Graham. Geneva: International Risk Governance Council.
[45] ISO. Risk ManagementVocabulary. Guide 2009;73:2009.

[46] ISO. Risk ManagementPrinciples and Guidelines. ISO 2009;31000:2009.

[47] Jasanoff S. The Songlines of Risk. Environmental Values. Special Issue: Risk
[48] Kaplan S, Garrick BJ. On the quantitative denition of risk. Risk Analysis
[49] Kirchsteiger C. Preface. International workshop on promotion of technical
harmonisation on risk-based decision-making. Safety Science 2002;40:115.
[50] Knight FH. Risk, Uncertainty, and Prot. Boston: Houghton Mifin Co.; 1921.
p. 233.
[51] Langlois RN, Cosgel M. Frank Knight on risk, uncertainty, and the rm: A new
interpretation. Economic Inquiry 1993;XXXI:45665.
[52] LeRoy SF, Singell LD. Knight on risk and uncertainty. Journal of Political
Economy 1987;95:394406.
[53] Levy H, Sarnat M. Capital Investment and Financial Decisions. 5th ed. New
York: Prentice Hall; 1994.
[54] Lindley DV. The philosophy of statistics. The Statistician 2000;49:293337.
[55] Lowrance W. Of Acceptable RiskScience and the Determination of Safety.
Los Altos, CA: William Kaufmann Inc; 1976.
[56] Lupton D. Risk. London: Routledge; 1999. p. 5.
[57] Magee JH. General Insurance.6th ed. Homewood, Illinois: Richard D. Irwin;
[58] Mehr RI, Cammack E. Principles of Insurance.3rd. ed Homewood, Illinois:
Richard D. Irwin; 1953.
[59] Merkelsen H. The constitute element of probabilistic agency in risk: a
semantic analysis of risk, danger, chance and hazard. Journal of Risk Research
[60] Mowbray AH, Blanchard RH. Insurance.5th ed. New York: McGraw-Hill book
comp; 1961.
[61] North W. Probability theory and consistent reasoning. Risk Analysis
[62] Oxford English Dictionary. (2011) /http://www.oed.comS (accessed 23
August 2011).
[63] Pfeffer I. Insurance and Economic Theory. Homewood, Illinois: Richard D.
Irwin Inc.; 1956. p. 42.
[64] Riegel R, Miller JS. Insurance Principles and Practices. 5th ed. Englewood
Cliffs, N.J: Prentice-Hall, Inc.; 1966. p. 20.
[65] Renn O. Concepts of Risk: A Classication. In: Krimsky S, Golding D, editors.
Social Theories of Risk. Westport, CT: Praeger; 1992. p. 5379.
[66] Renn O. Risk Governance. Coping with Uncertainty in a Complex World.
London: Earthscan; 2008.
[67] Rosa EA. Metatheoretical foundations for post-normal risk. Journal of Risk
Research 1998;1:1544.
[68] Rosa EA. The logical structure of the social amplication of risk framework
(SARF): Metatheoretical foundation and policy implications. In: Pidegeon N,
Kaspersen RE, Slovic P, editors. The Social Amplication of Risk. Cambridge:
Cambridge University Press; 2003.
[69] Rowe WD. An Anatomy of Risk. New York: John Wiley & Sons; 1977. p. 24.
[70] Runde J. Clarifying Frank Knights discussion of the meaning of risk and
uncertainty. Cambridge Journal of Economics 1998;22:53946.
[71] Shrader-Frechette KS. Risk and Rationality. Berkeley, Los Angeles and Oxford:
University of California Press; 1991.
[72] Taylor CR. The role of risk versus the role of uncertainty in economic systems.
Agricultural Systems 2003;75:25164.
[73] Thompson KM, Deisler Jr. PH, Schwing RC. Interdisciplinary vision: The rst
25 years of the Society for. Risk Analysis (SRA), 19802005. Risk Analysis
[74] Vatn J. A discussion of the acceptable risk problem. Reliability Engineering
and System Safety 1998;61:119.
[75] Verma M, Verter V. Railroad transportation of dangerous goods: Population
exposure to airborne toxins. Computers and Operations Research
[76] Wharton F. Risk management: Basic concepts and general principles. In:
Ansell J, Wharton F, editors. Risk: Analysis, Assessment and Management.
Chichester: John Wiley and Sons; 1992. p. 4.
[77] Willett AH. The Economic Theory of Risk and Insurance. Philadelphia: The
University of Pennsylvania Press; 1901. 1951 [originally published in 1901],
p. 6.
[78] Willis HH. Guiding resource allocations based on terrorism risk. Risk Analysis
[79] Winkler RL. Uncertainty in probabilistic risk assessment. Reliability Engineering and System Safety 1996;85:12732.
[80] Wood Jr. OG. Evolution of the concept of risk. Journal of Risk and Insurance
[81] Wynne B. Risk and Social Learning: Reication to Engagement. In: Krimsky S,
Golding D, editors. Social Theories of Risk. Westport CT: Praeger; 1992.
p. 27597.