Aven (2008) differentiates three main categories for risk analysis: simplified, standard and model-based. The simplified risk analysis is qualitative and the risk in presented in on a coarse scale (low, moderate or large) and formalised risk analysis methods are not used. On the other hand, standard risk analysis may be quantitative or qualitative and it is more formalised using methods like HAZOP and coarse risk analysis. Finally, model-based risk analysis is primarily quantitative using techniques such as event tree analysis and fault tree to calculate risk. Thus, quantitative and qualitative approaches are fundamental to be applied in the risk assessment process. Quantitative methods are related to the use of numerical measures, whereas
…show more content…
The main advantages of quantitative methods are that the use of quantitative measures provides a more precise way to perform analysis of costs and benefits of selecting the adequate measures to reduce risk. Also, these methods offer a better and accurate picture of risk. In terms of disadvantages, quantitative methods depend on the scope of a precise measurement scale. Moreover, results may be confusing, the analysis is more expensive and requires advanced tools and more experience. Regarding the qualitative methods, the advantages have to do with the correct order of risks according to priority, areas of greater risk can be addressed easily in less time and the analysis is cheap. The main disadvantage of qualitative methods is that probabilities and results are not possible because numerical variables are not used. Also, cost-benefit analysis for measures is more difficult and the results are not exact but …show more content…
As discussed above and due to the changing nature of security systems, a single approach is not enough to determine the risk in different scenarios. Several methods for risk assessment must be applied in order to get a clear picture of the risk and to design accurate measures to reduce it. Each event and its causes and consequences are different depending on a particular scenario. It is important to take into account that uncertainty is a crucial factor of risk assessment. Thus, scenarios should be modeled according to the type of uncertainty involved: stochastic or epistemic. According to Aven (2010), all uncertainties are epistemic. However, for the purpose of analysing uncertainties and risk, models are introduced based on variations in populations (stochastic uncertainty). As result, these models can be analysed using statistical analysis and a more precise identification and estimation of risk can be
The main advantages of quantitative methods are that the use of quantitative measures provides a more precise way to perform analysis of costs and benefits of selecting the adequate measures to reduce risk. Also, these methods offer a better and accurate picture of risk. In terms of disadvantages, quantitative methods depend on the scope of a precise measurement scale. Moreover, results may be confusing, the analysis is more expensive and requires advanced tools and more experience. Regarding the qualitative methods, the advantages have to do with the correct order of risks according to priority, areas of greater risk can be addressed easily in less time and the analysis is cheap. The main disadvantage of qualitative methods is that probabilities and results are not possible because numerical variables are not used. Also, cost-benefit analysis for measures is more difficult and the results are not exact but …show more content…
As discussed above and due to the changing nature of security systems, a single approach is not enough to determine the risk in different scenarios. Several methods for risk assessment must be applied in order to get a clear picture of the risk and to design accurate measures to reduce it. Each event and its causes and consequences are different depending on a particular scenario. It is important to take into account that uncertainty is a crucial factor of risk assessment. Thus, scenarios should be modeled according to the type of uncertainty involved: stochastic or epistemic. According to Aven (2010), all uncertainties are epistemic. However, for the purpose of analysing uncertainties and risk, models are introduced based on variations in populations (stochastic uncertainty). As result, these models can be analysed using statistical analysis and a more precise identification and estimation of risk can be