Risk-Acceptance Criteria | Encyclopedia MDPI

Risk-Acceptance Criteria: Comparison

Please note this is a comparison between Version 1 by Panagiotis K. Marhavilas and Version 3 by Lindsay Dong.

The utilization of risk acceptance criteria (RAC) can help a business to judge whether the risk level concerning any process involved in its working environment is acceptable or not, especially when the risk has a significant societal impact.

risk acceptance criteria (RAC)
risk assessment
individual risk
cost-benefit analysis
societal risk

1. Introduction

There is not any industrial activity completely without risk, and as a consequence, many enterprises all over the world take measures to reduce OHS risk down to acceptable levels. In accordance with the terminology of ISO-Guide 73:2009 ^[1][4], the term “risk criteria” is used for making the final decision and means the reference level against which the importance of a risk is evaluated. Furthermore, the “risk criteria” or “risk acceptance criteria” (RACs), are based on internal and external context and on organizational objectives, and they might be derived from laws, policies, standards, and other requirements, whereas the term RAC constitutes the decision to “take” a particular risk ^[1][4].

In particular, RACs represent limits/thresholds for deciding whether a risk is acceptable. Mainly, subsequent to risk-computing, it has to be decided whether these risks are acceptable or not, and so the RACs are used. We believe that RACs support RAA rather than imposing a deterministic decision ^[2][22]. Figure 1 depicts the flowchart of the risk management process, with regards to OHS guidelines of ISO-IEC (1999, 2009) ^[1][3][4][4,5,14], where the risk-acceptance criteria has been incorporated in the subphase of risk evaluation.

Taking into consideration this context, the safety level to be ensured by firms may depend on the criteria they use. It seems evident that the safety level associated with a specific technical facility or process will depend on the RAC imposed. It is also evident that inappropriate criteria should generally not be used. Therefore, it is necessary to incorporate appropriate RACs into the risk assessment process, avoiding the usage of inappropriate criteria. Thus, the RACs can take various forms (for instance, collective/societal and individual risks, risk contours, lost life-years, fatal accident rates (FAR), F-N curves, the ALARP principle, etc.) ^[2][22].

The most common and flexible framework used for risk criteria divides risks into the above referred three bands of “unacceptable region”, “ALARP region,” and the “acceptable region” ^[5][6][23,24], and is exposed in Figure 12.

Figure 12. The framework for tolerability of risk, in light of the safety guidelines of HSE (2001) ^[5].

The framework for tolerability of risk, in light of the safety guidelines of HSE (2001) [23].

RACs are designed to discriminate the non-acceptable and acceptable risks. However, the final decision of what is “acceptable” (or “non-acceptable”) could be based on miscellaneous principles, and three significant rules to motivate RACs are (i) equity, (ii) utility, and (iii) technology. The “equity” principle means that a stable boundary is defined for risks, independently from the circumstances and/or the situation. The second principle associates the risk with its benefits, while the third one compares the system’s risks with (a) the risks of a reference-system or (b) the average risk of equivalent systems (for example, the risk of dying in an airplane of a certain airline is higher than the risk of another airline). In handy approaches, these rules are regularly combined by establishing limits (according to “equity”-principle) for different groups of employees (according to “utility”-principle) ^[2][22].

2. Individual and Societal Risk

Risk is classified in line with its different characteristics in the following main categories ^[2][22]:

individual or societal (collective/group) risks;
localized or non-localized risks;
natural, man-made, technical, natural-technical, artificial, health, and social risks;
periodic or non-periodic risks;
voluntary or unintentional risks;
risks per time-distance (or per life cycle) and risks per event (conditional risks);
objective or subjective risks;
risks based on semi-quantitative or quantitative risk estimates;
risks based on statistical and historical data or risk based on models;
risks on demand against continuous (or constant) risks.

The two most frequently used risk types (or aspects of risks) are individual (IR) and social (or societal) (SR), i.e., collective/group risk, from the social point of view. Authorities do not, as a rule, allow severe consequences, even with small likelihoods. Hence, the S-R type could be used to identify tolerable RACs for diverse activities. More specifically, I-R (and correspondingly SR) measures consider the risk to someone (to populations) who (which) might be inside the area of incidents’ effect-zones ^[7][15].

Individual risk (IR) is defined as the risk to a specific individual in the “neighborhood” of a hazard, or in other words, the annual risk of death or serious injury to which specific individuals are exposed. This involves the nature of the harm to an individual, the probability of the harm occurring, and the time interval throughout which the injury may happen. In a building, the I-R differentiates in accordance with the place of the individual and its actions. At a chemical plant, the I-R level is lesser for somebody working in their office, a number of hundred meters distant from the establishment, than for the employees working in the production section. Hence, I-R is regularly expressed by the chance of injury (per yr) ^[7][8][15,25]. Besides, I-R is valuable for managing and appreciating risk in a place where individuals could be present. It is handy for the risk comprehension regarding anybody, relying on the information of their geographical position. In addition, I-R evaluation measures could be tabular format, individual numbers, and/or a variety of graphs, and on the other hand, I-R might be calculated either for the firm’s employees or for members of the general public ^[9][26].

Several major incidents “contain” the potential to influence a noteworthy number of individuals (e.g., in cases of fire or hazardous chemical-substance leakages). The calculation of S-R needs similar information as in the case of I-R computation. More specifically, the I-R calculation needs details of the existence of a person within the danger zones (effect zones), while the assessment of I-R requires the determination of the numeral (or quantity) of exposed people within the danger zones. This specification may include several parameters, for instance, the numeral and geographical distribution of the persons, the category of population (e.g., housing, industrial, scholar, etc.), the chance of citizens being present, etc. ^[10][27].

Societal risk (SR) is defined as the collective (or cumulative) risk for parties of people who may be influenced by hazardous events. More specifically, S-R measures the likelihood of impact on a group of persons within the impact-zone of an event (or series of events). Accordingly, estimates of S-R include an event-scale measure of the quantity of persons affected. Various S-R assessments have been intended to reflect the remark that societies tend to be more worried about the risk regarding major accidents (multiple deaths) than minor accidents (less fatal) and can give greater importance to major accidents ^{[7][2][8][9][10]}[15,22,25,26,27].

It is worth mentioning that “societal risk” is frequently utilized when the exposed persons are citizens (i.e., members of the general public).On the other hand, the term “group risk” is regularly used in such cases that the employees are isolated, and the citizens are improbable to be influenced ^[11][28]. In this article, the designated “societal risk” is utilized to comprise both the general public and the employee’s risk.

3. Principles for RACs (PRAC)

Various principles could be used for creating proper levels (or values) when developing RACs in decision-making concerning regulation ^[12][46]. The majority of RACs has been developed through a procedure of proficient judgment and political conciliation ^[13][33]. Hence, it is valuable to examine the basic principles that might be utilized to grow and implement RACs. The subsequent PRACs have been recommended in various firms, but they are presented here properly for any action that includes RACs ^[13][33]:

Justification of activity: This PRAC takes into consideration that the activity’s risks ought to be acceptable completely by its profits for the society.
Optimization of protection: This PRAC keeps in mind that the risks must be minimized by proper safety measures, considering their benefits and costs, and the established good practice as well.
The principle of equivalency: A common PRAC used for developing RACs of a system (or an activity) is composed by the (i) comparison with identified risk levels for analogous systems (or activities) that are extensively tolerable and (ii) requirement that a comparable risk level is acquired. A diversity of notable risk levels could be utilized as a base for the comparison. Otherwise, someone could use the comparison historical (or statistical) risk data, and if the risk level has been assumed to be tolerable, someone could necessitate that future risk-levels will be comparable with those of the past.

Justness: This PRAC bears in mind that the risks must not be unjustifiably intended on specific individuals and/or communities.
Comparison with acknowledged hazards: This PRAC is similar with the PRAC of the previous paragraph and dictates the comparison with acknowledged risk levels embedded in regular human activities. Two characteristic examples that are worth mentioning are the following. (i) A human life is expected to be equal with ~10² yrs, and consequently, this statistically denotes an intrinsic background risk to human life equal to ~10⁻²/yr for the entire people. Taking into consideration that this is the total risk to life, someone can use this estimation as a starting point in order to develop RACs for determined areas. (ii) The yearly rate of death (i.e., fatality rate) due to any reason in the period of life, when this is at its lowest age (4–15 years old) was estimated to be of ~10⁻³ in OECD countries a few years ago. This estimation is utilized by several regulators as an intolerable limit (IL) for OHS risk, showing that OHS risk does not add great quantities of risk to people. In relation to the principles for establishing RACs based on “acknowledged hazards”, we could refer to the articles by Tanner and Hingorani (2015) ^[14][39], Hingorani et al. (2019) ^[15]

Catastrophes’ aversion: This PRAC considers that the risks of significant accidents (relating to manifold-fatalities, extensive and/or high-cost impacts) ought to be a little magnitude of the aggregate.
Proportionality: This PRAC takes into consideration that the details in the RAA must be in proportion to the level of risk, and, on the other side, negligible risks ought to be expected from thorough assessment.
Continuous improvement: This PRAC keeps in mind that the total risks must not be increased, but on the other side, as a general rule, they must be reduced.

In accompaniment to the variety of principles that setup estimates for the risk levels and the cost, other PRACs such as “accountability” and “holistic” could be utilized for implementing RACs ^[12][46], such as the following:

Absolute probabilistic RACs: This PRAC does not take into consideration the cost of accomplishing the resultant risk level. Consequently, the risk level is absolutely elaborated, and the RACs are implemented as a highest risk-level that must not be surpassed, without taking into account the cost and profit related to it. For instance, such a RAC associated with this PRAC might be “the fatalities’ frequency will not overdraw the value of 10⁻⁶ per person-yr”.
[
47], Hingorani and Tanner (2020) ^[¹⁶^][48], who inferred acceptance criteria for the design and assessment of structures based on implicitly acceptable risks to persons associated with structures that comply with current best practices.
The ALARP PRAC: According to this PRAC, the risk management is executed in such a way to achieve the “as low as reasonably practicable” (ALARP) aim. Thus, the risk levels and the cost regarding the risk moderation are considered, and subsequently, every risk-mitigation measure ought to be implemented given that the implementation cost is within the ALARP area, consistent with cost effectiveness considerations.
Principle of voluntary risk reduction measures: This PRAC is supported by the theory that resources are mainly powerfully spent on safety aspects when they are spread to the society (to people and/or organizations), rather than when spent on the implementation of compulsory safety interventions. This guesswork is based on the recognition that the safety level is greater in economically developed countries, wherein resources are available to the community for willing expenses on safety, than in developing countries.
The principle of accountability: This PRAC entails demands for a clear process of risk managing, affecting the people and works as the basis of a professional ethic for the risk management of a population. It also denotes clearly designated RACs that could be utilized in decision making. Moreover, these RACs must be (i) expressed in a quantitative form rather than in a qualitative one and (ii) based on objective assessments.
The holistic principle: This PRAC implies a holistic examination of every part of risks, where decisions concerning OHS on behalf of the public should be involved via the whole spectrum of jeopardy to OHS of the community. Thus, the anticipated risk-mitigation measures can be accurately assessed, and the RACs for tolerable risk can be appropriately implemented only whenever the whole risk to the public is correctly evaluated.
RACs based on the combination of singular principles: This PRAC dictates a different way of developing RACs utilized in decision-making, and it is based on the combination of various principles outlined above. For instance, in maritime safety arrangements, the combination of a fully probabilistic RAC is utilized jointly with the ALARP-PRAC. An ordinary process is to settle on a precise value (PV#1) for the highest tolerable risk, which must not be surpassed except for the costs of keeping the risk to a value below it. Besides, a second precise value (PV#2) known as negligible, could be determined, which (i) characterizes the risk levels that are lower than PV#2, and (ii) denotes that no compulsory risk-mitigation measures are essential for risks below PV#2. In addition, it is essential that risk levels between PV#1 and PV#2 are kept “as low as reasonable practicable” according to a cost-effectiveness viewpoint and the ALARP-PRAC. An alternative method for deciding if a system is tolerable or not could be achieved by utilizing empirically derived RACs developed by the industrial good practices. This way is achieved by the F-N chart of Figure 5, wherein two absolute criteria (indicated by the dotted lines) are jointly utilized for determining the intolerable and ALARP societal risks. More specifically, this figure illustrates the F-N diagram (C1-curve) combined with the “mathematical” RAC (C2-line) and the “empirical” one (C3-line) regarding the societal risk of the most significant hazard sources in the energy-production industry of PPC SA (Public Power Corporation of Greece), concerning the period of years 1993–2009. The graph has been adapted from (and improved by) the work of Marhavilas and Koulouriotis (2012) ^[17][29].

Figure 25. Example of the combination of two absolute RACs (the “mathematical” and the “empirical”) with an F-N curve in order to define the intolerable and the ALARP risk region in the OHSRA system of an energy-production industry (adapted from the work of Marhavilas and Koulouriotis, 2012) ^[17][29].