Science Risk Assessment Methods

𝗥𝗲𝗰𝗼𝗴𝗻𝗶𝘇𝗶𝗻𝗴 𝗣𝗿𝗼𝗰𝗲𝘀𝘀 𝗛𝗮𝘇𝗮𝗿𝗱𝘀 𝗮𝗻𝗱 𝗟𝗮𝘁𝗲𝗻𝘁 𝗖𝗼𝗻𝗱𝗶𝘁𝗶𝗼𝗻𝘀 Field visits, or walkabouts, are a common tool used by leaders at all levels to engage the workforce and demonstrate that OE is a core value. These visits have typically been used to observe behaviors that impact personal safety performance. While these visits also provide an opportunity for leaders to demonstrate their commitment to process safety risk mitigation, process hazards and the latent conditions that can potentially lead to serious process incidents are much more difficult to recognize. Finding these potential issues takes a different focus and level of rigor when visiting field operations. Latent conditions can be defined as existing conditions that may lie unrecognized until combined with another upset condition (latent condition or active error) to result in an incident. Latent conditions could be the managerial influences and social pressures that make up the culture (“the way we do things around here”), which may affect the design of equipment or systems, and may stem from insufficient supervisory oversight. They tend to be hidden until uncovered by an incident, possibly due to several latent conditions combining in an unforeseen way. The goal should be to identify these latent conditions before they can escalate into a potential process safety incident. To do this, we need to change the way we look at hazards when we go out into the field. We still have to look for hazards and behaviors that can impact personal safety, but we must broaden our search for potential process safety incidents. The Hazard Identification Tool is great for helping identify hazards that can lead to potential immediate and certain safety consequences. However, it is harder to use on those potential future and uncertain scenarios.  Generally, there are four areas of focus to help identify potential loss of containment scenarios during a field walk.  1. Identify the potential source of a loss of containment event.  2. Identify latent conditions that could allow loss of containment events to escalate into more severe process safety consequences – fire, explosion, toxic impact, etc.  3. Review the stewardship of our safeguards (both preventive and mitigative) – are they still effective?  4. Identify non-process safety hazards that could be a cultural indicator and relate to process safety as an Operational Discipline issue.   ... #LatentConditions #ProcessSafety #ProcessHazards #HAZOP #HAZID #LOPA #SIL #QRA

VALUATION WITH UNCERTAINTY: BAYESIAN DISCOUNTED CASH FLOW 💰 In corporate valuation, the classical DCF model often produces fragile point estimates that mask the true uncertainty in key assumptions. Bayesian DCF addresses this limitation by generating probability distributions rather than single point estimates. 📈 This approach updates prior beliefs about growth and discount rates with observed data through Bayesian inference: g_post = (σ_g^(-2)·μ_g + n·σ_FCF^(-2)·ĝ) / (σ_g^(-2) + n·σ_FCF^(-2)) Note: This formula represents a simplification. Full Bayesian DCF requires MCMC methods and joint parameter distributions. When properly implemented, Bayesian DCF incorporates three core elements: 📌 Prior Distributions: Setting initial beliefs about growth rates and WACC, often using industry benchmarks or analyst consensus as starting points 📊 Historical Evidence: Using observed cash flow patterns and peer multiples to update beliefs, with data quality determining the weight given to empirical evidence 🎲 Posterior Simulation: Generating thousands of valuation scenarios to capture the full range of uncertainty in enterprise value Key steps to implement Bayesian DCF: 1. Specify prior distributions for growth rates (g ~ N(μ_g, σ_g²)) and discount rates 2. Update parameters using historical FCF volatility and growth patterns 3. Run Monte Carlo simulation drawing from posterior distributions 4. Generate valuation distribution instead of point estimate 5. Calculate confidence intervals and probability of target prices Applications in finance: • M&A Transactions: Quantifying deal risk and negotiation ranges • Startup Valuation: Handling high uncertainty with limited data • Investment Committees: Presenting value-at-risk alongside expected returns • Fairness Opinions: Demonstrating robustness of valuation conclusions • Portfolio Companies: Tracking valuation uncertainty through time By transforming DCF from a single point estimate to a probability distribution, Bayesian valuation enables risk-adjusted decision making and robust uncertainty's assessment—particularly crucial in high-stakes transactions where traditional DCF's false precision can mislead! 🎯 #CorporateValuation #BayesianFinance #DCF #MergersAndAcquisitions #ValuationModeling

💡 A Practical Guide to Climate Scenarios! Really pleased to have written the forward to this valuable report on the types and applications of climate scenarios by MSCI Inc. and my former United Nations Environment Programme Finance Initiative (UNEP FI) FI colleagues Looking for a handy summary of the types of scenarios from qualitative to quantitative? Here it is: 1. 𝗙𝘂𝗹𝗹𝘆 𝗡𝗮𝗿𝗿𝗮𝘁𝗶𝘃𝗲 𝗦𝗰𝗲𝗻𝗮𝗿𝗶𝗼𝘀 These scenarios are qualitative descriptions of potential climate futures. ✅ Strengths: - Easily customizable - Useful for high-level strategic discussions - Can capture complex risks that are difficult to quantify ⚠️ Limitations: - Subjective and vulnerable to bias - Lack of numerical outputs makes them hard to integrate into risk models 2. 𝗤𝘂𝗮𝗻𝘁𝗶𝗳𝗶𝗲𝗱 𝗡𝗮𝗿𝗿𝗮𝘁𝗶𝘃𝗲 𝗦𝗰𝗲𝗻𝗮𝗿𝗶𝗼𝘀 This type builds on fully narrative scenarios by adding expert-driven quantitative estimates (macroeconomic forecasts, asset class returns, regional physical risks). ✅ Strengths: - Balances qualitative storytelling with numerical data - Allows for scenario comparisons without requiring sophisticated models - Easier to communicate results with clear quantitative insights ⚠️ Limitations: - Can give a false sense of precision if assumptions are weak - Still dependent on subjective expert input, leading to potential biases 3. 𝗠𝗼𝗱𝗲𝗹-𝗗𝗿𝗶𝘃𝗲𝗻 𝗦𝗰𝗲𝗻𝗮𝗿𝗶𝗼𝘀 These scenarios rely on integrated quantitative models to project how climate change and transition risks might evolve under different policy and economic conditions, using macroeconomic models, IAMs, and energy system models. ✅ Strengths: Highly structured and data-driven, reducing subjectivity. Can produce detailed, sector-specific outputs useful for investment decisions. Widely used by regulators and financial institutions for stress testing. ⚠️ Limitations: - Expensive and time-consuming to develop and maintain - “Black box” nature of complex models makes interpretation difficult - Results are only as good as underlying assumptions and data inputs 4. 𝗣𝗿𝗼𝗯𝗮𝗯𝗶𝗹𝗶𝘀𝘁𝗶𝗰 𝗦𝗰𝗲𝗻𝗮𝗿𝗶𝗼𝘀 Probabilistic models go beyond single-scenario forecasting by assigning probabilities, variance, and uncertainty estimates to different climate outcomes. ✅ Strengths: - Models uncertainty, improving risk management - Enables sophisticated stress testing for asset prices, portfolios, and corporate exposure - Valuable for insurance, catastrophe modeling, and financial risk assessments ⚠️ Limitations: - Highly complex and computationally demanding - Requires strong assumptions about uncertainty - Limited research on how climate change affects probability distributions #ClimateFinance #ClimateScenarios #SustainableInvesting #RiskManagement #ScenarioAnalysis #Risk #Finance

🔍 What Is a Risk Assessment Methodology? A risk assessment methodology is the structured approach an organization uses to identify, analyze, evaluate, and prioritize risks. It ensures consistent, repeatable assessments across all business areas and is essential for risk-informed decision-making. ⸻ ✅ Core Components of a Risk Assessment Methodology: 1. Risk Identification • Pinpoint what could go wrong (risk events). • Sources: business processes, historical incidents, regulatory changes, third-party risks, IT systems, etc. • Tools: brainstorming, risk checklists, process walkthroughs, SWOT, interviews, PESTLE. 2. Risk Analysis • Determine the likelihood and impact of each risk. • Approaches: • Qualitative (e.g., High/Medium/Low or Heat Maps) • Semi-quantitative (e.g., scoring systems 1–5 for likelihood and impact) • Quantitative (e.g., Monte Carlo, VaR, financial modeling) 3. Risk Evaluation • Compare risk levels to your risk appetite and tolerance thresholds. • Decide which risks are acceptable, and which need treatment or escalation. 4. Risk Prioritization • Rank risks based on their score to allocate resources effectively. • Often visualized in a risk matrix or heat map. 5. Risk Treatment (Optional in Assessment Phase) • Recommend how to handle critical risks: • Avoid • Transfer • Mitigate (via controls) • Accept 📊 Common Methodologies Used: 1️⃣ISO 31000 Framework Emphasizes integration, structure, and continuous improvement in risk management. 2️⃣ COSO ERM Framework Aligns risk with strategy and performance across governance, culture, and objective-setting. 3️⃣ Basel II/III for Financial Risk Used in banking and finance, focusing on credit, market, and operational risk. 4️⃣ NIST Risk Assessment Applied in cybersecurity and federal agencies, emphasizing threats, vulnerabilities, and impacts. 🎯 Best Practices: • Use both inherent and residual risk ratings. • Involve first-line teams for accurate process-level risk input. • Align methodology with risk appetite and strategic objectives. • Document risk criteria (likelihood/impact definitions) clearly. • Update the risk assessment periodically or after significant events.

"AI risk assessment has so far focused on measuring the models’ capabilities, but the capabilities of models are only indicators of risk, not measures of risk. Better modeling and quantification of AI risk scenarios can help bridge this disconnect and link the capabilities of LLMs to tangible real-world harm. This paper makes an early contribution to this field by demonstrating how existing AI benchmarks can be used to facilitate the creation of risk estimates. We describe the results of a pilot study in which experts use information from Cybench, an AI benchmark, to generate probability estimates. We show that the methodology seems promising for this purpose, while noting improvements that can be made to further strengthen its application in quantitative AI risk assessment" Malcolm Murray, Henry Papadatos, Otter Quarks, Pierre-François Gimenez, Siméon Campos at SaferAI

Using foresight to anticipate emerging critical risk - a Proposed methodology by OECD - OCDE The new OECD paper presents a methodology to help countries identify and characterise global emerging critical risks as part of the OECD’s Framework on the Management of Emerging Critical Risks. It supports experts and policymakers tasked with anticipating and preparing for uncertain and evolving threats that transcend traditional national boundaries. 1️⃣ The approach begins with horizon scanning to capture weak signals and unconventional data sources, including patent analysis, crowd forecasting, and the use of generative AI. 2️⃣It then applies structured foresight techniques, such as futures wheels, cross-impact analysis, and scenario-based “Risk-Worlds,” to explore how risks might manifest and interact in multiple possible future contexts. The methodology emphasises understanding risks “at source,” focusing on vulnerabilities, interconnectedness, and possible management strategies. Rather than predicting a single future, it seeks to broaden the range of possibilities, encouraging proactive adaptation, building collective understanding, and ultimately strengthening government capacity to navigate and shape an increasingly complex and uncertain global risk landscape. Kudos to Josh Polchar and OECD for putting the paper out #Foresight #Futures #Scenarios #OECD #Methodology

Climate scenario analysis 101 🌍 A great resource from MSCI outlines the fundamentals of climate scenario analysis and how it supports decision making in finance and business. Scenario analysis provides a structured way to evaluate how climate risk and transition pathways may influence markets, portfolios, and corporate strategies. For companies, this is increasingly relevant. Climate change is driving shifts in policy, technology, and consumer demand, and businesses need tools that test strategies across multiple possible outcomes. MSCI describes four types of scenarios. Fully narrative scenarios are qualitative frameworks that help map potential risk pathways and identify emerging issues in the early stages of analysis. Quantified narrative scenarios combine narratives with numerical estimates. They allow organizations to assign data to possible futures, creating an entry point to quantify risks before moving to more complex models. Model driven scenarios are developed with integrated assessment models that merge economic, energy, land use, and climate systems. These scenarios are widely applied by regulators and investors for stress testing and forecasting. Probabilistic scenarios introduce probability distributions to reflect uncertainty across multiple futures. This approach is useful for assessing financial risk exposure and for stress testing under varying climate conditions. Each scenario type has clear strengths and limitations. Narrative approaches are flexible and cost effective, while model based and probabilistic approaches provide more detail and credibility but require technical expertise and resources. MSCI proposes a progressive method that combines different types of scenarios. Organizations can begin with narratives, advance through quantification, refine insights with models, and ultimately integrate scenario analysis into strategy and governance. For business leaders, the implications are significant. Scenario analysis helps evaluate exposure to transition and physical risks, assess regulatory impacts, and identify opportunities emerging in a low carbon economy. It also strengthens strategic foresight. By translating complex climate science into structured outputs, it enables boards and executives to take informed decisions on risk and resilience. As expectations on sustainability rise, climate scenario analysis is becoming an essential capability for companies seeking to manage uncertainty and position themselves for long term competitiveness. Source: MSCI #sustainability #business #sustainable #esg

FOOD HAZARDS-THE BIGGEST THREAT TO FOOD SAFETY A hazard is defined as a biological chemical or physical agent in a food or condition of the food with the potential to cause an adverse effect. Biological hazards are living organisms, including microbiological organisms, bacteria, viruses, fungi, and parasites. Chemical hazards are in two categories: naturally occurring poisonous substances and chemicals or deleterious substances. The first group covers natural constituents examples being aflatoxins and shellfish poison. The other group covers poisonous chemicals or deleterious substances that are intentionally or unintentionally added to food at some point in the production chain, examples are pesticides and fungicides as well as lubricants and cleaners. A physical hazard is any material not normally found in food that causes illness or injury. Physical hazards include glass, wood, stone, bone, and metal. RISK ANALYSIS APPROACH Risk analysis plays an important role for a National Food Control System. It is a powerful tool to carry out science-based analysis and to achieve a sound and consistent solution to food safety problems. It provides information on hazards in food to be linked directly to data on the risk to human health and to improve the food safety decision-making process. How Risk can enter into the food chain? Production: Poor agriculture practices Processing: Improper handling and processing, storage, and packaging Transportation: Improper unhygienic transportation Retail: Poor hygiene and sanitation The FSS Act 2006 defines: Risk assessment is a scientifically based process consisting of four steps: Step 1 Hazard identification: “Could this food or anything in it be harmful?’ Risk assessors collect and review scientific data and identify biological or chemical hazards in food. Step 2 Hazard characterization: “What effects do the hazards cause?” Risk assessors evaluate scientific data to determine whether evidence is strong enough to demonstrate that a substance has the potential to cause harm and the nature of the harm. Step 3 Exposure assessment: “Who may be harmed and at what level of exposure may be harmful?’ Experts estimate how much of the food or ingredient consumers in general population groups (e.g. infants, children, adults) or sub-populations (e.g. vegetarians, vegans) are likely to be exposed to under real-life conditions where both dose and duration are considered. . Step 4: Risk characterization: “How likely is it that people will experience exposure at a level that can cause harm in real life?’ The level of exposure that can cause harm is compared to the actual level of exposure that someone would experience in real life. Risk management is the process of weighing policy alternatives in consultation with all interested parties, considering risk assessment and other factors relevant to the health protection of consumers, and if needed, selecting appropriate prevention and control measures

Is process management the key to a strong risk and compliance environment? Large organizations spend significant amounts managing their complex risk and regulatory needs and many hemorrhage billions in fines for weak controls. This is primarily caused by an explosion in the regulatory environment and the increasing complexity of their internal environments. The implications go beyond cost though as weak controls can jeopardize customers, their stakeholders, and the markets they serve. The root of the challenge is in the poor quality of risk data, specifically in aligning risk to the organization’s objectives. ISO 31000 defines risk as the uncertainty on objectives. Objectives are achieved by executing processes. The problem is that most organization don’t have an accurate map of their processes. Many anchor their risk data on a generic process taxonomy for their unique business units. This one-size-fits-all approach leads to inconsistent interpretations. Business units struggle to align their risks to this generic taxonomy, resulting in assumptions, interpretations and misalignments. The results in: -  Untraceable Risks: Risks couldn’t be mapped to the specific processes each business executed - Regulatory Gaps: Compliance obligations couldn’t be reliably tied to processes - Confusion Across Risk Roles:  Lack of clarity in the business, risk oversight, and internal audit - Inaccurate Reporting: Management and regulators received flawed risk reports, undermining trust and decision-making The solution is to create a comprehensive Process Inventory by conducting top-down interviews of each business unit to capture their unique processes. For each process identified capture the definition of the process, the specific owner, technology leveraged, and other critical meta data. This taxonomy should be the anchor taxonomy in the risks repository which enables direct linkage between objectives of the organization. The results in clear in risk assessment, direct mapping of regulatory obligations to processes, stronger controls and ultimately more controlled risk for your customers and stakeholder. If you work in risk, does this describe your risk environment? Please let me know your thoughts. To learn more about this approach, check out my book https://a.co/d/1ajgWhI