Ten Uncertainties of Risk-Management Approaches to Security
This paper examines 10 sources of uncertainty in any risk-management system and illustrates them in security measures against terrorism. First, any risk assessment is an uncertain knowledge claim about contingent future events that cannot be fully known. Second, only some risks can be selected for a...
Canadian journal of criminology and criminal justice
Year: 2006, Volume: 48, Issue: 3, Pages: 345-357
|Journals Online & Print:|
|Check availability:||HBZ Gateway|
|Summary:||This paper examines 10 sources of uncertainty in any risk-management system and illustrates them in security measures against terrorism. First, any risk assessment is an uncertain knowledge claim about contingent future events that cannot be fully known. Second, only some risks can be selected for attention, and those left unattended are sources of uncertainty. Third, specific decisions in risk management bear the uncertainty of false positives and false negatives. Fourth, risk-management technologies manufacture new uncertainties, some of which pose risks greater than those they were designed to control. Fifth, risk is reactive: as people act on knowledge of risk, they simultaneously change the risk environment and create new uncertainties. Sixth, the complexity of risk-management systems can result in multiple and unexpected failures occurring simultaneously; such 'normal accidents' are a source of uncertainty beyond any direct human capacity for control. Seventh, catastrophic failures result in the urge to risk manage everything: intensified surveillance, audit, and regulation increase system complexity and yield more uncertainty. Eighth; risk managers facing an increasingly litigious environment for failures become defensive, focusing more on operational risks that might affect the reputation of their organization than on the real risks they are supposed to manage. Ninth, excessive precaution escalates uncertainty and breeds fear, leading to risk-management measures that are at best misplaced and at worst incubate new risks with catastrophic potential. Tenth, risk-management systems can restrict freedom, invade privacy, discriminate, and exclude populations. Such self-defeating costs and the uncertainties they entail can be minimized only by infusing risk- management systems with value questions about human rights, well-being, prosperity, and solidarity. English ABSTRACT FROM AUTHOR|