Introduction to risk management Jouni Tuomisto Mikko Pohjola

Introduction to risk management Jouni Tuomisto, Mikko Pohjola THL

Contents • Conventional perspectives to risk management • Open risk management (ORM) • RM in the swine flu case – Beginning of the pandemic – Preparedness in Finland elsewhere

Conventional perspectives to risk management Mikko Pohjola, THL

Risk management (of what? ) • Google ”risk management”, what do you find? – Finance, project, legal, credit, accident, disaster, terrorism, … • What we want to find, is environment and health risk management – Also several perspectives to this! • Somewhat related to E&H RM are: – Workplace health and safety RM – Engineering safety RM (e. g. nuclear safety) – World Bank’s social RM (SRM)

Definitions of RM • Wikipedia: – Risk management is the identification, assessment, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives, whether positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events, or to maximize the realization of opportunities.

Definitions of RM • Business. Dictionary. com: – Policies, procedures, and practices involved in identification, analysis, assessment, control, and avoidance of unacceptable risks. A firm may use risk assumption, risk avoidance, risk retention, risk transfer, or anu other strategy (or combination of strategies) in proper management of future events.

RM strategies • Wikipedia (RM): – Avoidance • eliminate, withdraw from or not become involved – Reduction • optimize - mitigate – Sharing • transfer - outsource or insure – Retention • accept and budget • Wikipedia (SRM): – Prevention – Mitigation – Coping

RM strategies • STTV (National Product Control Agency for Welfare and Health): – – – Non-acceptance / substitution Design of packaging (child resistant fastening) Classification & labeling Limit of the product volume Modification of a physical state Limiting the marketing or use Instructions, information, warnings Technical measure (closed system, exhaust ventilation, …) Training Medical surveillances Personal protective equipment (gloves, filters, covers, …) Presentation by J. Räisänen, STTV. 8. 11. 2006. Introduction to environmental risk assessment. Kuopio.

Conventional frameworks for E&H RM • Several perspectives exist, e. g. : – EHRM framework – NRC • Red book RA, Understanding risk, Science and decisions – – – IRGC risk governance framework REACH YVA - regulatory EIA in Finland Water resources management (integrated modelling) Ecological RA/RM Risk analysis

EHRM framework The Presidential / Congressional comission on Risk Assessment and Risk Management: Final Report Volume 1, 1997.

EHRM framework • Risk management is the process of identifying, evaluating, selecting, and implementing actions to reduce risk to human health and to ecosystems. • The goal of risk management is scientifically sound, cost-effective, integrated actions that reduce or prevent risks while taking into account social, cultural, ethical, political, and legal considerations.

EHRM framework • Risk is defined as the probability that a substance or situation will produce harm under specified conditions. Risk is a combination of two factors: – The probability that an adverse event will occur (such as a specific disease or type of injury). – The consequences of the adverse event. • Risk encompasses impacts on public health and on the environment, and arises from exposure and hazard. Risk does not exist if exposure to a harmful substance or situation does not or will not occur. Hazard is determined by whether a particular substance or situation has the potential to cause harmful effects.

NRC: Red book Risk assessment Observations Hazard identification Extrapolation Dose-response assessment Risk management Regulatory options Risk characterization Measurements and population characteristics Exposure assessment Evaluation of options Decisions and actions NRC 1983. Risk Assessment in the Federal Government: Managing the Progress. The National Research Council. National Academy Press, Washington D. C.

NRC: Red book • Regulatory actions are based on two distinct elements, risk assessment and risk management. • Risk assessment is the use of the factual base to define the health effects of exposure of individuals or populations to hazardous materials and situations. • Risk management is the process of weighing policy alternatives and selecting the most appropriate regulatory action, integrating the results of risk assessment with engineering data and with social, economic, and political concerns to reach a decision.

NRC: Red book • …the risk of cancer and other adverse health effects associated with exposure of humans to toxic substances. • Many decisions of federal agencies in regulating chronic health hazards… …improvements in scientific and technologic capability to detect potentially hazardous chemicals, in changes in public expectations and concerns about health protection, and in the fact that the costs and benefits of regulatory policies fall unequally on different groups. . .

NRC: Understanding Risk (Orange book) • • Role and importance of deliberation Risk characterization as the link between assessment and management Learning and feedback Public officials Natural and social scientists Interested and affected parties Problem formulation Process design Selecting options & outcomes Information gathering Synthesis Decision Implementation Evaluation Analysis and deliberation NRC 1996. Understanding Risk: Informing Decisions in a Democratic Society. The National Research Council. National Academy Press, Washington D. C.

NRC: Science and decisions (Silver book) NRC 2009. Science and Decisions: Advancing Risk Assessment. The National Research Council. National Academy Press, Washington D. C.

NRC: Science and decisions (Silver book) • How we deal with risk depends largely on how well we understand it. The process of risk assessment has been used to help us understand address a wide variety of hazards… • U. S. Environmental Protection Agency (EPA), other federal and state agencies, industry, the academic community, and others in evaluating public-health and environmental concerns. • From protecting air and water to ensuring the safety of food, drugs, and consumer products such as toys, risk assessment is an important public-policy tool for informing regulatory and technologic decisions, setting priorities among research needs, and developing approaches for considering the costs and benefits of regulatory policies.

IRGC – Risk governance Management sphere: Decision & implementation of actions Pre assessment ▪ Problem framing ▪ Early warning ▪ Screening ▪ Determination of scientific conventions Risk management Implementation ▪ Option realization ▪ Monitoring & control ▪ Feedback from risk management practice Communicatio n Decision making ▪ Option identification & generation ▪ Option assessment ▪ Option evaluation & selection Assessment sphere: Generation of knowledge Risk appraisal Risk assessment ▪ Hazard identification & estimation ▪ Exposure & vulnerability assessment ▪ Risk estimation Concern assessment ▪ Risk perceptions ▪ Social concerns ▪ Socio-economic impacts Tolerability & acceptability judgement Risk evaluation Risk characterization ▪ Judging tolerability & acceptability ▪ Need for risk reduction measures ▪ Risk profile ▪ Judgment of the seriousness of risk ▪ Conclusions & risk reduction options IRGC 2005. Risk governance – towards an integrative approach. International Risk Governance Council. Geneva.

IRGC • Risk is an uncertain (generally adverse) consequence of an event or activity with respect to something that humans value. Risks are often accompanied by opportunities. • Systemic risks are embedded in the larger context of societal, financial and economic consequences and are at the intersection between natural events, economic, social and technological developments and policy-driven actions. Such risks are not confined to national borders; they cannot be managed through the actions of a single sector; they require a robust governance approach if they are to be adequately managed. The governance of systemic risks requires cohesion between countries and the inclusion within the process of governments, industry, academia and civil society.

IRGC • • Governance refers to the actions, processes, traditions and institutions by which authority is exercised and decisions are taken and implemented. Risk governance deals with the identification, assessment, management and communication of risks in a broad context. It includes the totality of actors, rules, conventions, processes and mechanisms and is concerned with how relevant risk information is collected, analysed and communicated, and how management decisions are taken. It applies the principles of good governance that include transparency, effectiveness and efficiency, accountability, strategic focus, sustainability, equity and fairness, respect for the rule of law and the need for the chosen solution to be politically and legally feasible as well as ethically and publicly acceptable. Risk accompanies change. It is a permanent and important part of life and the willingness and capacity to take and accept risk is crucial for achieving economic development and introducing new technologies. Many risks, and in particular those arising from emerging technologies, are accompanied by potential benefits and opportunities. The challenge of better risk governance lies here: to enable societies to benefit from change while minimising the negative consequences of the associated risks.

IRGC

IRGC

REACH – EU Chemical safety Information: available vs. required/needed ▪ Substance intrinsic properties ▪ Manufacture, use, tonnage, exposure, risk management Exposure assessment ▪ Hazard identification ▪ Classification & labeling ▪ Derivation of threshold levels ▪ PBT/v. Pv. B assessment ▪ Exposure scenarios building ▪ Exposure estimation no Iteratio n Hazard assessment yes Dangerous or PBT/v. Pv. B Risk characterisation yes Chemical safety report no Risk controlled ECHA 2008. Guidance on Information Requirements and Chemical Safety Assessment. Guidance for the Implementation of REACH.

YVA - regulatory EIA in Finland Phase 2 Evaluation program Statements of the ministry of employment and economy about the report Participation Phase 1 Opinions and statements about the program Participation Statements of the ministry of employment and economy about the evaluation Opinions and statements about the report Assessment Evaluation report Pohjola et al. State of the art in benefitrisk analysis: Environmental health. Manuscript.

YVA Jantunen & Hokkanen 2010. YVAlainsäädännön toimivuusarviointi – Ympäristövaikutusten arviointimenettelyn toimivuus ja kehittämistarpeet. Ympäristöministeriö. Helsinki.

Water resource management (integrated modeling approach) Liu et al. 2008. Linking science with environmental decision making: Experiences from an integrated modelling approach to supporting sustainable water resources management. Environmental Modelling and Software, 23: 846 -858.

Ecological RA/RM Ecological risk assessment. Book. ? ? ?

Risk analysis

Risk analysis Lessons from the KTL Centre of excellence in environmental health risk analysis Risk assessment Hazard identification Exposure assessment Doseresponse assessment Risk characterization Risk management Options generation Options evaluation Policy effect evaluation Policy selection & implementation

Does risk analysis pay off? Risk assessment management Million. Risk euro cycle Hazard identification Options generation Exposure assessment Dose-response assessment Risk characterization Options evaluation Policy selection & implementation Billion euro cycle Risk communication Policy effect evaluation

Some RM related concepts • Risk communication (RC) – WHO: Risk communication is an interactive process of exchange of information and opinion on risk among risk assessors, risk managers, and other interested parties. • Risk perception (RP) – Wikipedia: the subjective judgment that people make about the characteristics and severity of risks. • Risk assessment (RA) • Risk characterisation • Risk analysis

Discussion points • Similarities and differences between perspectives? • Clear? Solid? Unambiguous? – In comparison e. g. to theory of DA • Sufficient?

Different roles in decision-making • • Authority (has the decision-making power) Policy-maker (develops policies to be decided) NGO Industry and other commercially interested parties Other stakeholders Citizens Anyone

Questions to ask about RM • Risk – what risk(s)? – how about benefits (costs)? – whose risks / whose benefits? • Management: – – who manages? manages what? manages how? on what basis?

Interim conclusions • RM: from needs to knowledge, knowledge to action – a societal knowledge/learning process • Confused? Don’t worry, we’ll get back to these issues on the later part of the course…

Open risk management Jouni Tuomisto, THL

• Is there a theory for RM? – Context: you must understand this to be able to operate – Find a decision or decisions that are reasonable and relevant – Essential parts: context, research question, decision(s), objectives – RA-RM process

Theory of open risk management • • Incremental improvements Everyone involved The idea of justice as one basis Decision analysis as one basis after we know what the decision is • Open assessment/trialogue as one basis as the method to reach shared understanding.

Concepts in theory • Problem(s) identified (something wrong with the world) • Decisions (as responses to problems) • Partners/actors: – Decision maker of a particular decision (may be several decisions) – Those influenced in any way – Everyone else

Definitions of risk and related issues • • • Hazard, endanger, exposure to mischange or peril. (Oxford English Dictionary) The chance of hazard or commercial loss. (Oxford English Dictionary) As in Risk-Money, an allowance paid to a cashier to cover accidental deficits. (Oxford English Dictionary) Risk = Probability ⊗ Severity (Wilson and Crouch) Risk = S{Probability ⊗ Severity ⊗ Weight} (Wilson and Crouch) – ⇤ 1 However, sometimes risks are not truly multiplicative. (Tversky et al. , 1990) • • Risk: a characteristic of a situation or action wherein two or more outcomes are possible, the particular outcome that will occur is unknown, and at least one of the possibilities is undesired. (Covello and Merkhofer, 1993) … and there is a need to improve the expectation of the outcome. (Tuomisto, 2006)

Societal role of RA • Risk assessment is collection, synthesis and interpretation of scientific information and value judgments for use of the society

Definition of risk 3 • In this course, we use the word risk in a loose/broad sense. – Risk = impact (good, bad) – The probability of risk may be low, high, or even 1. – Why? Because you treat favourable and harmful, likely and unlikely impacts all in the same way.

Questions in risk management • • What is the problem? Who is responsible for the problem? What are the possible decisions/actions? What are the objectives? What are the outcomes to be monitored? Who are influenced by the problem? Who are influenced by the actions?

Risk management of bus traffic in Kuopio • • What are the problems? What are potential actions? What are outcomes of interest? Who decides? Who acts?

Is there a theory for RM? – Context: you must understand this to be able to operate – Find a decision or decisions that are reasonable and relevant – Essential parts: context, research question, decision(s), objectives – RA-RM process

Open risk management: overview Q R A

Risk management • Also, we could use the term ”impact management” instead of ”risk management”. • This is just a matter of tradition. • (But if we had called this course Open assessment and impact management, the professors hadn’t been interested in including the course in Tox. En MSc studies. )

Open risk management: context • All risks emerge in a society (or group). • The society observes the risks, valuates them, is afraid of them, suffers from them, manages them, and adapts to them.

Definition of open risk management • How can scientific information and value judgements be organised for improving societal situations by identifying potential decisions and relevant outcomes in a situation where open participation is allowed? – Emphasis: The decision situation should be clarified.

Machine for risk management within a society 1. Identify a problem. 2. Formulate it as a (decision) question. 3. Perform argumentation about it. 1. Create hypotheses. 2. Attack and remove poor hypotheses. 4. Make conclusions. 5. Act based on the conclusions.

Definition of open assessment • How can scientific information and value judgements be organised for improving societal decisionmaking in a situation where open participation is allowed? – Emphasis: The decision situation is clear, focus on choosing good options.

Difference between OA and ORM • There is no clear separation between open assessment and open risk management. • If your decision options are clear (for the moment), you are more on OA side. • However, be prepared for surprises and revisiting your original questions (RM).

Theory of open risk management • • Incremental improvements Everyone involved The idea of justice as one basis Decision analysis as one basis after we know what the decision is • Open assessment/trialogue as one basis as the method to reach shared understanding.

Assessment, management, and communication • A traditional view separates – Risk assessment (by scientists) – Risk management (by decision-makers) – Risk communication (by all, but especially to stakeholders) • However, in trialogue there is no need for separation.

There is no science-policy interface • The most important tools for making science and making policy are the same. • Making artificial separations only confuse and slow down efficient actions. • This is not obvious, though. Why?

What are science and policy? • ”Science is what a scientist does. ” • ”Policy is what a politician does. ” • We know how is a scientist and who is a politician. We can answer the question by observation. • This is a reasonable assumption, if the current way is the best way to make science and policy. Is it?

What is the best way to make science and policy? • You cannot answer by observing. – However, you can find problems by observing and then try to understand why they exist. • You can start from the ultimate objective and then try to find efficient methods to reach it.

Different roles in decision-making • • Authority (has the decision-making power) Policy-maker (develops policies to be decided) NGO Industry and other commercially interested parties Other stakeholders Citizens Anyone

Independence of assessors? • How to ensure that science is objective? • What if assessments are only made to justify existing decisions? • Can political pressures be overcome if scientists step out of the ivory tower? • (Should this topic be discussed in more detail eg. In a decision analysis lecture? )

Concepts in theory • Problem(s) identified (something wrong with the world) • Decisions (as responses to problems) • Partners/actors: – Decision maker of a particular decision (may be several decisions) – Those influenced in any way – Everyone else

Performance • Context about what we actually aim to achieve. How do we know if we succeeded?

RM in the swine flu story • Independent exploration – Beginning of the Pandemic – Prepredness in Finland elsewhere • Mini-presentations and discussions • Summary