Lessons learned in twenty years of hazard, risk and resilience analyses
Jul 21st, 2021
Writing lessons learned in twenty years of hazard, risk and resilience analyses has been a difficult exercise for various reasons.
We compiled and explain lessons learned in our practice of risk assessment and resilience advice to industries, municipalities and regional governments around the world in our latest book, Convergent Leadership – Divergent Exposures: Climate Change, Resilience, Vulnerabilities, and Ethics.
However, the fact that we systematically apply our quantitative convergent approach (ORE, Optimum Risk Estimates) to all sorts of industries and organizations made it difficult to select specific examples. We had the constant desire to insert “one more” real-life case but at the end we had to make sometimes “painful choices”. Then came the usual conundrum of the glossary. Clarity and transparency are paramount. They require discussing in detail terms such as:
Compiling lessons learned in twenty years of hazard, risk and resilience analyses
The book includes numerous examples and three case studies showing how to evaluate and prioritize business-as-usual and divergent hazards (e.g. climate change, pandemic) in a convergent manner (e.g. natural, man-made, cyber, etc. within the same platform).
Beside discussing world events such as the:
- Japan Tsunami;
- Typhoon prevention policies and their risk abatement efficacy;
- Flooding in various parts of the world;
- Insect invasions (locusts);
- Solar flares;
- Volcanic eruptions and finally
- Epidemics and pandemics in history,
from a risk assessment and management point of view, the book uses real life examples. For instance:
- Chemical plants;
- Nuclear power plants;
- Transportation systems and finally
Each one of these systems and their sub-systems is potentially exposed to “business-as-usual” or divergent hazards and can generate multi-dimensional consequences. This complexity requires to perform divergent and convergent risk assessment leading to quantitative risk informed decision-making.
Divergent and convergent quantitative risk-informed decision-making
The focus on divergence and convergence (Riskope glossary clarifies the terms used) stems from recognizing the side effects of the interdependencies characterizing our modern systems, namely a:
- reduction of resilience and
- proneness to systemic risks decried by many.
As a result systemic shocks become more common and intense but also propagate further due to cascading probabilities and amplification of consequences. Convergent-divergent risk assessments highlight these scenarios and deliver planning decision-making support.
Below we list a few points we consider paramount to ensure reasonable and sustainable risk reduction planning.
- Cognitive biases of any kind may be very costly and are paramount in explaining many failures of human endeavors and projects.
- Clients oftentimes receive support from hazard specialists, including for example climate change experts. However, experience shows that specific risk management support is necessary to avoid mitigation/resilience enhancement blunders arising from specialists’ siloed view on hazards.
- Recent harmful events have highlighted deficiencies in mitigation programs when divergent events occurred. Past does not equal future as divergence is always lurking.
- If one designs a system to withstand all the credible worst-case accidents, the system is NOT “by definition” safe against any credible accident.
- There are no risk-free alternatives in any human endeavor. One needs to transparently evaluate the risks of any new solution or mitigation alternative, including possible change in the systems. That is especially true in the current conditions of rapid climate change, emerging threats. Caution has to be exerted and the risk profiles of all alternatives have to be presented so that the decisions are as risk-informed as possible.
The goal is to enhance survivability and sustainability
Common practice siloed approaches, which keep risks divided according to source and treat them individually, will inevitably lead to costly misunderstandings and unclear roadmaps to sustainable mitigation. That is especially true when facing divergent climate change and cyber threats.
Here is our advice to enhance survivability and sustainability within the context of divergence:
- fight biases and censoring as your worst enemies;
- consider all the possible consequences dimensions (physical, environmental, etc.), thereby reducing un-foreseeability;
- maintain responsibility and ethics at the highest standards;
- build scenarios by thinking of the unthinkable and thereby reduce unpredictability.
- it is not advisable to design any system based on compliance tests only. Our advice is to always think in term of risk-informed durability and sustainability, thus maximizing value creation and profits.
- Risk assessments must deliver enough granularity to allow meaningful prioritization. Ill conditioned resilience enhancements, such as those resulting from siloed approaches, will leave a legacy of unpleasant side effects.
- Probabilities are perishable goods. They change as the considered systems evolve; hence they require updates. Risk assessments must be easily updatable. Finally,
- tolerance/acceptability thresholds must be developed independently from risks to ensure unbiased results and transparent risk-informed decision making. It is paramount that society and industries adopt clear risk tolerance thresholds to support their decision-making.
The importance of explicit tolerance thresholds
A modern, convergent quantitative risk assessment should empower decision makers with answers to questions about different aspects of the risks, such as which risks are:
Defining tolerance thresholds makes it possible to provide a transparent, repeatable definition of what constitutes manageable or unmanageable tactical or strategic risk.
The key element is a community/corporate/government choice of what level of effective mitigative investment preserves the economic livelihood of an entity. That is why improving project cost evaluation, including risk adjustments, is paramount. If a risk cannot be brought below the tolerance threshold by sustainable mitigative investments, then it must be considered unmanageable and will require system’s strategic shifts, i.e. system’s changes.
Finally, a risk analysis can be either precise or accurate, but not both. Oftentimes we forget that the world is mostly random and thus probabilistic by nature. If we want to remain descriptively accurate the model needs to include uncertainties and ranges should be used to describe the risk landscape and reach rational prioritization.
The roadmap for mitigating risks, expressed as relative value of the intolerable risks, helps maximize the time and resources of managers by focusing on the most important issues and not necessarily on immediate issues. That is the ultimate goal of risk-informed decision making and planning.
Closing remarks on lessons learned in twenty years of hazard, risk and resilience analyses
Lessons learned in twenty years of hazard, risk and resilience analyses show that divergent events are bound to hit the system at its weakest point and then cascade. Generally divergent events will disproportionately affect the risk landscape of an organization, unless properly understood.
A change in the system oftentimes seems to solve a family of risks looming over an operation, thus appears as the highest value mitigation. Again, that assumption has to be tested with a quantitative convergent risk assessment, playing divergence scenarios. The reason to be cautious is rooted in the potential side effects of any change to a complex system, even if they are apparently beneficial.
However, as there is no room here to expand on this last phrase, we will likely write a few papers and who knows, perhaps another book!
Tagged with: climate change, Hazard, resilience, Risk and resilience, vulnerabilities
Category: Consequences, Hazard, Mitigations, ORE2_Tailings, Probabilities, Risk analysis, Risk management