Multi-Criteria Risk Assessment Approaches

🔍 What Is a Risk Assessment Methodology? A risk assessment methodology is the structured approach an organization uses to identify, analyze, evaluate, and prioritize risks. It ensures consistent, repeatable assessments across all business areas and is essential for risk-informed decision-making. ⸻ ✅ Core Components of a Risk Assessment Methodology: 1. Risk Identification • Pinpoint what could go wrong (risk events). • Sources: business processes, historical incidents, regulatory changes, third-party risks, IT systems, etc. • Tools: brainstorming, risk checklists, process walkthroughs, SWOT, interviews, PESTLE. 2. Risk Analysis • Determine the likelihood and impact of each risk. • Approaches: • Qualitative (e.g., High/Medium/Low or Heat Maps) • Semi-quantitative (e.g., scoring systems 1–5 for likelihood and impact) • Quantitative (e.g., Monte Carlo, VaR, financial modeling) 3. Risk Evaluation • Compare risk levels to your risk appetite and tolerance thresholds. • Decide which risks are acceptable, and which need treatment or escalation. 4. Risk Prioritization • Rank risks based on their score to allocate resources effectively. • Often visualized in a risk matrix or heat map. 5. Risk Treatment (Optional in Assessment Phase) • Recommend how to handle critical risks: • Avoid • Transfer • Mitigate (via controls) • Accept 📊 Common Methodologies Used: 1️⃣ISO 31000 Framework Emphasizes integration, structure, and continuous improvement in risk management. 2️⃣ COSO ERM Framework Aligns risk with strategy and performance across governance, culture, and objective-setting. 3️⃣ Basel II/III for Financial Risk Used in banking and finance, focusing on credit, market, and operational risk. 4️⃣ NIST Risk Assessment Applied in cybersecurity and federal agencies, emphasizing threats, vulnerabilities, and impacts. 🎯 Best Practices: • Use both inherent and residual risk ratings. • Involve first-line teams for accurate process-level risk input. • Align methodology with risk appetite and strategic objectives. • Document risk criteria (likelihood/impact definitions) clearly. • Update the risk assessment periodically or after significant events.

As part of its inaugural convening, the International Network of AI Safety Institutes issued a joint statement on risk assessments of advanced AI systems! I led the US AI Safety Institute's work on the technical track on risk assessments and we had a really fantastic discussion at the convening Here's an excerpt of the joint statement: 🦾 Advanced AI systems have capabilities across a broad range of contexts, enabling them to be used and misused, accidentally or intentionally, in ways that can be difficult to predict, measure, and mitigate. Addressing these challenges is core to the mission of the International Network of AI Safety Institutes. ☣️ Risk assessments should be carried out in a manner that can directly inform proportionate and effective mitigation measures, for example by estimating risk in relation to specified evaluation criteria, such as tolerance levels or thresholds. Risk domains can be prioritized according to multiple criteria, including their severity, likelihood of occurrence, or the level of societal resilience in that domain. 🪟 Risk assessments should to the greatest extent possible be transparent in their methodology and results. Transparency can help ensure that risk assessments are evidence-based, interpretable, and consistent. 🌎 Risk assessments should be comprehensive and connected to a broad range of potential and existing real-world harms through the use of a variety of assessment methods. An estimation that an advanced AI system may pose a particular risk should map to the potential impact of the risk if it manifests as part of a system deployed to users. 🙌 Risk assessments should be multistakeholder in their approach and in the interpretation of results. The scale and increasing impact of advanced AI systems demands a more integrated ecosystem of AI safety that includes diverse disciplines, perspectives and experiences, including from across the AI lifecycle. 🤝 The Network is committed to building on these six key aspects to establish a shared scientific basis for risk assessments of advanced AI systems. This may involve conducting joint risk assessments and cooperative scientific research, recognizing that the science and practice of advanced AI risk assessment continues to evolve. Individual network members retain flexibility to conduct, apply, and adapt any risk assessments or risk-benefit trade-offs in line with international and domestic frameworks. ⏰ Risk assessments should inform concrete decisions and be conducted at regular intervals to adapt to progress in advanced AI systems and AI safety research. ↻ Risk assessments should be, to the extent possible, reproducible and appropriately documented. Thanks to all of my colleagues at the U.S. AI Safety Institute that helped lead this work! This was a joint effort with Christina Knight, Conrad Stosz, Mark Latonero, Elizabeth Kelly and the rest of the team, as well as our international partners

Operational risk constitutes a large portion of a bank’s risk exposure. Unlike other financial risks, operational risk is classified as a pure risk (only an opportunity of a loss), as it always leads to a financial loss for a bank. The failure to mitigate and manage operational risk effectively during past operational risk events 𝗵𝗮𝘀 𝗹𝗲𝗱 𝘁𝗼 𝘁𝗵𝗲 𝗱𝗲𝗺𝗶𝘀𝗲 𝗼𝗳 𝘀𝗲𝘃𝗲𝗿𝗮𝗹 𝗯𝗮𝗻𝗸𝘀 𝗮𝗻𝗱 𝗼𝘁𝗵𝗲𝗿 𝗳𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹 𝗶𝗻𝘀𝘁𝗶𝘁𝘂𝘁𝗶𝗼𝗻𝘀. Operational risk modeling uses quantitative and qualitative techniques to predict and manage losses from failed internal processes, systems, people, or external events. Key methods include the Loss Distribution Approach (LDA), which statistically models event frequency and severity, and scenario analysis, which uses expert judgment for low-frequency, high-impact events. These models help financial institutions, especially banks, calculate capital requirements, manage risk, and comply with regulations. 𝗖𝗼𝗺𝗺𝗼𝗻 𝗠𝗼𝗱𝗲𝗹𝗶𝗻𝗴 𝗔𝗽𝗽𝗿𝗼𝗮𝗰𝗵𝗲𝘀 𝘓𝘰𝘴𝘴 𝘋𝘪𝘴𝘵𝘳𝘪𝘣𝘶𝘵𝘪𝘰𝘯 𝘈𝘱𝘱𝘳𝘰𝘢𝘤𝘩 (𝘓𝘋𝘈): -This statistical approach models the frequency (how often losses occur) and severity (how large the losses are) of events.  -It uses historical loss data (internal and external) to fit statistical distributions and then combines them using techniques like convolution and copula functions to determine an overall aggregate loss distribution.  -This approach is data-intensive and is often used by large financial institutions.  𝘚𝘤𝘦𝘯𝘢𝘳𝘪𝘰 𝘈𝘯𝘢𝘭𝘺𝘴𝘪𝘴: -This is a qualitative method that uses expert judgment to assess potential losses from low-frequency, high-impact events for which historical data may be scarce.  -It helps capture risks that are difficult to quantify with purely data-driven models, such as emerging threats like pandemics or new cyber threats.  𝘉𝘶𝘴𝘪𝘯𝘦𝘴𝘴 𝘌𝘯𝘷𝘪𝘳𝘰𝘯𝘮𝘦𝘯𝘵 𝘢𝘯𝘥 𝘐𝘯𝘵𝘦𝘳𝘯𝘢𝘭 𝘊𝘰𝘯𝘵𝘳𝘰𝘭 𝘍𝘢𝘤𝘵𝘰𝘳𝘴: -These are internal and external factors that can influence the likelihood and impact of operational losses.  -Data from internal control reports, audits, and business environment surveys are used to gain a more comprehensive view of the risk profile. The attached compilation covers the above topic including approaches used for operational risk modelling and model validation. #riskmanagement #operationalrisk #oprisk #modelrisk #modelvalidation #riskmeasurement #riskassessment #riskmitgation #riskmodelling #internalmodelling #LDA #lossdistribution #KRIs #internalcontrol #cyberrisk #AMA #fraud #resources #knowledge #information #research #IAD #CRO #boardofdirectors #nearmiss #RCSA #heatmap #uncertainty #riskseverity #frequency 

Hydrogen Safety Methods and Tools Green hydrogen production is set to expand rapidly, with the EU aiming for 10 million tonnes of domestic and 10 million tonnes of imported renewable hydrogen by 2030. Ensuring safety in large-scale electrolysis plants is challenging due to limited historical data and varying risk assessments among stakeholders. Sharing technical safety practices is essential for advancing the hydrogen economy. 🟦 1) Electrolyzer history Hydrogen production began nearly a century ago using electrolysis, but natural gas became cheaper through steam methane reformers in the USA in 1939. Today, hydrogen is widely used in ammonia production, refineries, and the food and chemical industries. 🟦 2) Risk assessment methods and tools 1- HAZOP HAZOP (Hazard & Operability analysis) identifies hydrogen process hazards by analyzing deviations from normal conditions at the P&ID level. 2- HAZID HAZID (Hazard Identification study) is a qualitative method for specifying a hydrogen process's main hazards. 3- Risk matrix A risk matrix is employed to evaluate the tolerability of a scenario based on the severity and frequency of undesired events. 4- Bow tie The bow tie approach visually shows hazard scenarios, including the chain of circumstances and barriers to stop or mitigate scenarios. 5- Level of Protection Analysis (LOPA) A small team further analyzes a subset of the most hazardous scenarios recognised during a HAZOP, evaluating the severity and frequency of the consequence. 6- Quantitative Risk Analysis (QRA) QRA is a technique for estimating safety contours by evaluating the mixture of frequency and fatalities. It uses tools like Event Tree Analysis (ETA) and Fault Tree Analysis (FTA). 7- Failure Mode and Effect Analysis (FMEA) FMEA concentrates on equipment part failure and frequency in deciding maintenance plans. 8- Safety Integrity Level (SIL) SIL reviews are utilised to allocate risk deduction aspects to instrumental safeguards. The conditions for safety systems are given in IEC61508 and 61511. 🟦 3) List of initiating events for a bow tie workshop 1. High temperature hydrogen attack 2. Hydrogen assisted corrosion 3. Overpressure in the system 4. Hydrogen induced stress cracking (HISC) 5. Lifting operations (external impact) 6. Equipment fatigue 7. Seal failure, flanges, valves rotating/static equipment 8. Natural disaster 9. Operator error 10. Hydrogen emissive diffusion 🟦 4) Recommendation Tools from the chemical industry can be adapted for large-scale green hydrogen production, but differences from hydrocarbons complicate risk assessments. Limited data on failures and ignition for hydrogen necessitates conservative design approaches. Bow tie analysis can help in conducting site-specific risk assessments for hazards such as hydrogen mixing with oxygen and air. Source: See post image This post reflects my knowledge and is for educational purposes only. 👇 What other hydrogen safety tools do you recommend?

The Power of Multi-Criteria Decision Analysis (MCDA)📊 Imagine facing a life-changing decision, like choosing a career path after graduation without a clear way to compare your options.. Now, imagine having a powerful tool that helps you visualise and structure your choices, weighing factors like salary, work-life balance, career growth, risk, and even the impact of AI on the job market 🤔 This isn’t just a hypothetical scenario – it’s exactly what Multi-Criteria Decision Analysis (MCDA) can help you achieve 🤝🏽 In a world where uncertainty is growing every day, making informed decisions can feel overwhelming. MCDA simplifies complex problems by breaking them into measurable attributes, prioritising what matters, and analysing trade-offs. As part of my studies, I explored this methodology in-depth using V.I.S.A. software. The process involved: ⚙️ Defining alternatives and key decision criteria ⚙️ Evaluating each criterion using quantitative & qualitative measures ⚙️ Assigning weights to reflect priorities ⚙️ Using Sensitivity Analysis & Pareto Plots 📈 to refine decisions A huge thank you to Professor Nadia Papamichail, whose brilliant teaching made this framework feel so practical and relevant. From career decisions to real-world challenges like Elon Musk’s Twitter acquisition, Amazon’s HQ expansion, and global climate strategies, her focus on tying MCDA to real issues has been incredibly insightful. MCDA has proven to be a game-changer, allowing me to make decisions with confidence and strategic clarity. I can’t help but think about the role tools like MCDA could play in Sudan’s rebuilding and development, given that many critical and strategic complex decisions will have to be made, guiding the next phase of Sudan’s future. 🇸🇩 For anyone navigating tough decisions in life or business, I highly recommend exploring MCDA. It’s a great way to cut through the uncertainty and gain clarity💡! The attached photos showcase the decision problem structuring process and the use of Sensitivity and Pareto plots to understand how changing preferences impact the overall decision-making. Additionally, the Trade-off chart provides a comprehensive overview of the trade-offs between different alternatives, offering a clear visual representation of the decision landscape. 📊✨ #DecisionMaking #MCDA #Uncertainty #BusinessAnalytics #AllianceManchesterBusinessSchool #UniversityOfManchester