Acceptable Risk : A Critical Guide

A very well-researched book, it is obvious that the authors have not only thought long and hard about the subject matter, but have also applied a very disciplined analysis to it. Although the authors are scholars, the book is not necessarily aimed at an academic audience. While challenging, it is still approachable by the lay person.

The text does not recommend any particular methodology for decision making, but instead provides a context within which different decision making methods can be understood and evaluated. It begins by analyzing the problems confronting all acceptable risk decisions, discussing '5 generic complexities' that negatively affect all forms of formal risk analysis. Then the authors provide '7 criteria for evaluating the acceptability of approaches to acceptable risk.' The remainder of the book is spent analyzing approaches to risk management on a spectrum of empirical to formal methods, using their 7 criteria.

I found it an extremely enlightening text with applicability beyond that stated by the authors. It sheds light on many of the 'formal' methods that have been developed for areas of concern to me, specifically in the Information Security field, which often tends towards voodoo analysis based on unstated assumptions and incomplete methodologies. Although it was written over 20 years ago, it still provides a great deal of utility and insight today. One of the text's final recommendations is that the field of Risk Management be made into a formal career choice, with all of the 'formal trappings'. It is a tribute to the foresight of the authors that this is exactly what is happening today, with the emergence of the Chief Risk Officer role, trade journals devoted to the generic concept of risk, and ever greater academic attention and career training in risk management.

Rating:
Summary: Brilliant and insightful
Review: This is a brilliant and stimulating book. Although it nominally concerns itself with the area of hazard management, policy and technology choices associated with loss of life or limb, it provides a great deal of insight into all forms of risk management and formal decision making.

A very well-researched book, it is obvious that the authors have not only thought long and hard about the subject matter, but have also applied a very disciplined analysis to it. Although the authors are scholars, the book is not necessarily aimed at an academic audience. While challenging, it is still approachable by the lay person.

The text does not recommend any particular methodology for decision making, but instead provides a context within which different decision making methods can be understood and evaluated. It begins by analyzing the problems confronting all acceptable risk decisions, discussing '5 generic complexities' that negatively affect all forms of formal risk analysis. Then the authors provide '7 criteria for evaluating the acceptability of approaches to acceptable risk.' The remainder of the book is spent analyzing approaches to risk management on a spectrum of empirical to formal methods, using their 7 criteria.

I found it an extremely enlightening text with applicability beyond that stated by the authors. It sheds light on many of the 'formal' methods that have been developed for areas of concern to me, specifically in the Information Security field, which often tends towards voodoo analysis based on unstated assumptions and incomplete methodologies. Although it was written over 20 years ago, it still provides a great deal of utility and insight today. One of the text's final recommendations is that the field of Risk Management be made into a formal career choice, with all of the 'formal trappings'. It is a tribute to the foresight of the authors that this is exactly what is happening today, with the emergence of the Chief Risk Officer role, trade journals devoted to the generic concept of risk, and ever greater academic attention and career training in risk management.