First published in 1998 and now already in its 3rd edition in 2009, but still unknown to me, although I have been studying risk since the early 90s, Risk Modeling Assessment and Management by Yacov Haimes is not for those looking for a quick Wikipedia-like answer on how to analyze risk. It is an extensive work that on its downside may require many hours of studying. On the upside, however, it does contain all you would ever need to know and may not even want to know about the state of the art of risk analysis. This rapidly growing field has important applications in engineering, science, manufacturing, business, homeland security, management, and public policy, and this book shows examples of how to apply risk analysis to all these fields.
Hidden in plain sight?
A couple of days ago I did a post on infrastructure vulnerability where I reviewed the infrastructure risk analysis model by Ezell, Farr and Wiese (2000). I’ve had that article in my possession since 2002, and it is an article that makes extensive reference to this book. So why did I not see it before? I have no answer, but I sure wish I would have noticed the book sooner than I did.
Are we reading the same book?
A good thing can never come too late, as we say in Norway, because this is a good book, and if you’re waiting for something good, well, a long wait doesn’t really matter. That said, the reviews on amazon.com describe Risk Modeling Assessment and Management as being quite the opposite:
…When used as a graduate level textbook, this work places extreme demands on the student. The lack of simple examples to explain foundation concepts places the student at a disadvantage from the start. The summary examples at the end of each section seemed to be confined to the author’s research work and leave the reader more puzzled than enlightened…
…The book is pretty chaotic and appears hastily thrown together from recently published papers and other “young” sources…
…The author spends a great deal of time describing his models and methods (referred to by highly forgettable acronyms) as if they were standards of practice. The writing is not easy to read and the organization of the material and poor indexing do not facilitate use as a reference…
It’s almost as if they were reading a different book. Well, the one I am holding in my hands right now is the first edition, and maybe it is different from the second edition, reviewed above. For what it’s worth, I totally disagree with what my fellow reviewers state, at least when it comes to the third edition, which I have only seen as a Google preview.
Extensive and all-encompassing
Personally, I am amazed at what this book covers, and while you may download the list of contents from the Wiley website and peruse it in full, here is a brief overview of what you will find:
- The art and science of systems and risk analysis
- The role of modeling in the risk analysis process
- Identifying risk through hierarchical holographic modeling
- Decision analysis
- Multi-objective trade-off analysis
- Defining uncertainty and sensitivity analysis
- Risk filtering, ranking and management
- Risk of extreme events and the fallacy of the expected value
- Multi-objective decision-tree analysis
- Multi-objective risk impact analysis method
- Statistics of extremes
- Bayesian analysis and the prediction of chemical carcinogenicity
- Fault trees
- Multi-objective statistical method
- Principles and guidelines for project risk management
- Applying risk analysis to space missions
- Risk modeling, assessment and management of terrorism
- Inoperability input-output model and its derivatives for interdependent infrastructure systems
- Case studies
- August 2003 Northeast Blackout
- Hurricane Katrina
- September 11, 2001
I think there ought to be something for everyone here, and I cannot think of much that would make the list more complete. For an overview of terms and definitions used in risk management, I recommend taking a look at ISO 73 Risk Management Vocabulary.
The fallacy of the expected value
My favorite topic is perhaps the risk of extreme events and the fallacy of the expected value. These are high consequence low probability events that beg the question what is an acceptable risk and how safe is safe enough when faced with extreme events? At some point in the risk assessment and management process you will have to make a decision about what that is so improbable that you are going to accept that it may happen, because safeguarding against it will simply be too costly. On the other hand, you must also decide which highly probable but not so damaging events that must be taken into account. While that may be an easy task per se, the expected value then sums up all possible low and high probability scenarios, and small and huge consequences into one single value, averaging and smoothing and in the end the overall picture is not so bad. Wrong. Very wrong, because
Imagine what life would be if:
- Our highways and bridges were constructed to accommodate the average traffic load of vehicles of average size and average weight.
- Homes and industrial and commercial buildings were designed to withstand the average wind or average flood or average snowfall.
- Emergency services provided only the average number of personnel needed for the average number of patients during all hours of the day.
Averaging is NOT what risk modeling, assessment, and management is about. Far from it. It needs to be specific, yet it should not shy away from showing that risk is uncertain, and that uncertainty is risky. This book provides the tools for doing exactly that.
Conclusion
This book comes at a very hefty price. Nonethless, I doubt you will need that many other risk books after buying this one.
Reference
Haimes, Yacov Y. (2009). Risk Modeling, Assessment, and Management. Hoboken: Wiley & Sons.
Author link
- virginia.edu: Yacov Haimes
Download
- wiley.com: Download index
- wiley.com: Download 1st chapter
- wiley.com: Download list of contents
amazon.com
- Buy this book from amazon.com: Risk Modeling, Assessment, and Management
Related
- husdal.com: Not all risk is risk
- husdal.com: Certain death. Not risky. Uncertain death. Risky
