Moving beyond probabilities – Strength of knowledge characterisations applied to security

Askeland, Tore; Flage, Roger; Aven, Terje

doi:10.1016/j.ress.2016.10.035

Cited by 32 publications

(23 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The findings reveal that hospitals replace risk ratings by risk scores, and hospitals recommend estimating the risk score by simply considering likelihood and consequence scores. However, this simplification has recently been criticized and it has been recommended that additional factors are considered (Askeland, Flage, & Aven, ; Aven, ; Khorsandi & Aven, ). These factors include the determination of the risk sources, uncertainty about the events and their consequences, and the strength of knowledge of the assessors (Aven, , ; Aven & Krohn, ).…”

Section: Discussionmentioning

confidence: 99%

A Review of Risk Matrices Used in Acute Hospitals in England

2018

View full text Add to dashboard Cite

In healthcare, patient safety has received substantial attention and, in turn, a number of approaches to managing safety have been adopted from other high-risk industries. One of these has been risk assessment, predominantly through the use of risk matrices. However, while other industries have criticized the design and use of these risk matrices, the applicability of such criticism has not been investigated formally in healthcare. This study examines risk matrices as used in acute hospitals in England and the guidance provided for their use. It investigates the applicability of criticisms of risk matrices from outside healthcare through a document analysis of the risk assessment policies, procedures, and strategies used in English hospitals. The findings reveal that there is a large variety of risk matrices used, where the design of some might increase the chance of risk misprioritization. Additionally, findings show that hospitals may provide insufficient guidance on how to use risk matrices as well as what to do in response to the existing criticisms of risk matrices. Consequently, this is likely to lead to variation in the quality of risk assessment and in the subsequent deployment of resources to manage the assessed risk. Finally, the article outlines ways in which hospitals could use risk matrices more effectively.

show abstract

Section: Discussionmentioning

confidence: 99%

A Review of Risk Matrices Used in Acute Hospitals in England

2018

View full text Add to dashboard Cite

show abstract

“…Typically, a stronger background knowledge is correlated with lower degrees of uncertainty. In performing this assessment, the uncertainty description becomes a function of their strength of background knowledge (Askeland, Flage, & Aven, ). Askeland et al.…”

Section: Conceptual Limitationsmentioning

confidence: 99%

“…In performing this assessment, the uncertainty description becomes a function of their strength of background knowledge (Askeland, Flage, & Aven, 2017). Askeland et al (2017) present a framework to evaluate strength of knowledge, categorizing it as "weak," "moderate," or "strong" based on five criteria: (1) expert's understanding of the phenomena, (2) reliability and availability of data, (3) agreement among experts, (4) identification, documentation, and soundness of assumptions, and (5) evaluation of knowledge gaps and changes in knowledge over time. Aven, Baraldi, Roger, and Zio (2013) present an alternative method for assessing strength of knowledge through assumption deviation risk scores.…”

Section: Definitions Of Riskmentioning

confidence: 99%

Review and Evaluation of the J100‐10 Risk and Resilience Management Standard for Water and Wastewater Systems

et al. 2019

Self Cite

View full text Add to dashboard Cite

Risk analysis standards are often employed to protect critical infrastructures, which are vital to a nation's security, economy, and safety of its citizens. We present an analysis framework for evaluating such standards and apply it to the J100‐10 risk analysis standard for water and wastewater systems. In doing so, we identify gaps between practices recommended in the standard and the state of the art. While individual processes found within infrastructure risk analysis standards have been evaluated in the past, we present a foundational review and focus specifically on water systems. By highlighting both the conceptual shortcomings and practical limitations, we aim to prioritize the shortcomings needed to be addressed. Key findings from this study include (1) risk definitions fail to address notions of uncertainty, (2) the sole use of “worst reasonable case” assumptions can lead to mischaracterizations of risk, (3) analysis of risk and resilience at the threat‐asset resolution ignores dependencies within the system, and (4) stakeholder values need to be assessed when balancing the tradeoffs between risk reduction and resilience enhancement.

show abstract

“…The assigned probabilities are then supplemented by qualitative assessments of the strength of knowledge supporting these and a classification into five categories ranging from strong to weak. For example, the knowledge is considered strong if all of the following criteria are met 42 3. There is broad agreement among experts.…”

Section: Uncertainty Assessment Q and Related Background Knowledge Kmentioning

confidence: 99%

“…42 develop and apply a more detailed system tailor-made for the security setting, involving, for example, assessment of aspects relating to insight into actors (RS) and their capacity and intention, as well as their knowledge and behaviour. For example, a burglary of an art museum case is presented in Askeland et al, 42 where the threat of burglary is measured by the probability of an attempted theft of (any) artwork and the conditional probability of theft of specific (high-value) artworks given an attempted theft. Consequences are measured in terms of monetary value, but an indication is given of how also qualitative characterisations of the merits of the artwork could be included.…”

Section: A General Framework Covering Both Safety and Securitymentioning

confidence: 99%

How the definition of security risk can be made compatible with safety definitions

Amundrud

Aven

Flage

2017

Proceedings of the Institution of Mechanical Engineers, Part O:

Self Cite

View full text Add to dashboard Cite

In safety settings, understood as situations involving the potential occurrence of unintentional events, it is common to define risk as a combination of consequences and associated probabilities or associated uncertainties. On the other hand, in security settings, understood as situations involving the potential occurrence of intentional malicious events, risk is commonly defined as the triplet asset/value, threat and vulnerability. One motivation often mentioned for the latter is that probability is considered inappropriate for intentional acts. In this article, we argue that it is unsuitable and unnecessary to define risk differently in these two settings. We show that risk, defined as the combination of future consequences and associated uncertainties, can be seen as compatible with the triplet definition of security risk. It also excludes probability from the definition of risk but explicitly includes uncertainty, which is more fundamental and present regardless of the type of events involved. The value dimension is integrated with the consequences as these are with respect to something that humans value. The purpose of the article is to contribute to a consolidation of the safety and security risk management fields at the fundamental level.

show abstract

Moving beyond probabilities – Strength of knowledge characterisations applied to security

Cited by 32 publications

References 15 publications

A Review of Risk Matrices Used in Acute Hospitals in England

A Review of Risk Matrices Used in Acute Hospitals in England

Review and Evaluation of the J100‐10 Risk and Resilience Management Standard for Water and Wastewater Systems

How the definition of security risk can be made compatible with safety definitions

Contact Info

Product

Resources

About