On the new ISO guide on risk management terminology

A new ISO guide on risk management terminology has recently been issued. The guide provides basic vocabulary for developing a common understanding of risk assessment and risk management concepts and terms among organisations and functions, and across different application areas. It provides the foundation of, for example, the ISO 31000 standard on risk management. The guide strongly influences the risk assessment and risk management field, and its quality is thus of utmost importance. In this paper a critical review of the guide is conducted. We argue that the guide fails in several ways in producing consistent and meaningful definitions of many of the key concepts covered. A main focus is placed on the risk concept, which is defined as the effect of uncertainty on objectives, but also many other definitions are looked into, including probability, vulnerability, hazard, risk identification and risk description. Examples are used to illustrate the problems and show how they can be rectified. Although the focus is on the ISO guide, the discussion is to a large extent general. The overall aim of the paper is to contribute to the further development of the area of risk assessment and risk management by strengthening its conceptual basis.