Risk Management Basics

Risk Management BasicsThis is a general discussion on risk assessment and is not specific to the EPA or the Libby Superfund Site.  The information contained herein is for learning about Risk Assessment and will help you understand LATAG and the EPA's approach to Risk Management. This is a lengthy document and is divided into 5 parts so the document is easier to read.

Quantitative risk assessment

A risk assessment that provides numerical expressions of risk and indication of the attendant uncertainties (WHO, 1995).

A typical quantitative risk assessment (QRA) was carried out by Lindqvist and Westöö (2000) for smoked fish in Sweden, where the predicted annual number of illnesses varied between 47 and 2 800 (mean 168) for consumers at most risk.

Qualitative risk assessment

A risk assessment based on data which, while forming an inadequate basis for numerical risk estimations, nonetheless, when conditioned by prior expert knowledge and identification of attendant uncertainties, permits risk ranking or separation into descriptive categories of risk.

A typical qualitative risk assessment was done by Huss, Reilly and Ben Embarek (2000), who estimated the risk as high for consumption of molluscan shellfish, fish eaten raw, lightly preserved fish and mildly heat-treated fish. Low-risk products were chilled/frozen fish and crustaceans, semi-preserved fish and heat-processed (canned) fish. Dried and heavily salted fish were considered to have no risk.

Risk profile

A description of a food safety problem and its context developed for the purpose of identifying those elements of a hazard or risk that are relevant to risk management decisions. This approach has been used in Australia to profile entire food industries.

Risk profiling can be a way of quickly identifying those products within a particular sector that are of most concern. This is exactly what Huss, Reilly and Ben Embarek (2000) did in the previous example for the seafood industry, as a whole. If you did a risk profile of your industry you might find some difference in risk rating. For example, dried and heavily salted fish usually have no risk. But what if the rainy season led to mould formation and the moulds were able to produce aflatoxin? The risk rating will no longer be zero.

A recent report of a joint FAO/WHO (2002) consultation defines that the purpose of a risk profile is to enable a decision on what will be done next and whether resources should be allocated to a more detailed scientific assessment. A risk profile comprises a systematic collection of information needed to make a decision, and is the responsibility of the risk manager (although it may be commissioned out to appropriate parties).


Characteristics of a process where the rationale, the logic of development, constraints, assumptions, value judgements, decisions, limitations and uncertainties of the expressed determination are fully and systematically stated, documented and accessible for review.

Whenever risk assessments are submitted for peer review or public comment, the reviewers often comment that there is a lack of transparency. This means that they were not able to find important data, or they could not understand a calculation, or the risk assessors did not fully explain their logic.

Uncertainty analysis

A method used to estimate the uncertainty associated with model inputs, assumptions and structure/form.

Risk assessments almost always contain a statement specifying that insufficient data were available in one or more areas and, as a result, a certain amount of caution should be attached to the estimate. Caution, as a result of lack of precise information, leads to uncertainty and you should always record the data gaps that lead to uncertainty. Later, if that knowledge becomes available, the level of uncertainty will be reduced so that the risk estimate becomes more accurate.

Principles and guidelines for risk assessment

In 1999 the CAC set out general principles and guidelines for the conduct of microbiological risk assessment (FAO/WHO, 2001). As we also consider non-microbiological hazards, these principles have been amended from the Codex Principles for Microbial Risk Assessment by omitting "microbiological" where appropriate. The principles state that:

1. Risk assessment should be soundly based upon science.

2. There should be functional separation between risk assessment and risk management.

3. Risk assessment should be conducted according to a structured approach that includes hazard identification, hazard characterization, exposure assessment and risk characterization.

4. A risk assessment should clearly state the purpose of the exercise, including the form of risk estimate that will be the output.

5. The conduct of a risk assessment should be transparent.

6. Any constraints that impact on the risk assessment, such as cost, resources or time, should be identified and their possible consequences described.

7. The risk estimate should contain a description of uncertainty and where the uncertainty arose during the risk assessment process.

8. Data should be such that uncertainty in the risk estimate can be determined; data and data collection systems should, as far as possible, be of sufficient quality and precision that uncertainty in the risk estimate is minimized.

9. A microbiological risk assessment should explicitly consider the dynamics of microbiological growth, survival, and death in foods and the complexity of the interaction (including sequelae) between human and agent following consumption, as well as the potential for further spread.

10. Wherever possible, risk estimates should be reassessed over time by comparison with independent human illness data.

11. A risk assessment may need re-evaluation as new relevant information becomes available.


Libby Vermiculite Learn what Libby Vermiculite looks like and what to do if you find it on your property.

Learn More