Risk is defined as a function of a negative event probability and its impact. It is often expressed in monetary terms. Risks are of different types and must be considered in context. For example, in the private sector, companies often think of their risks in the following terms:
Governments look at a different risk typology than does the private sector. Public sector risks include:
- Political risk: risk to a country’s political institutions or stability
- Operational risk: risk associated with various agencies of the country being unable to function and provide services, sometimes due to failure of automated systems.
- Compliance risk: risk associated with failure to obey law or regulation
- Economic risk: risk that increase costs or decrease revenues
- Health and safety risks: risk to the health and safety of a country’s citizens
- International risk: risk in regard to international relations
- Infrastructure risk: risk to critical infrastructure
Placed within a public sector typology, risks must have their consequences calculated in terms of their capacity to cause damage to the socio-economic well-being of the sovereign state determined by their probability of occurrence and magnitude of impact.
Risk analysis is the systematic process of using available information to identify and determine the impact and probability of events and then ranking them.
The probability of an event is a function of the particular threat, the assessed competence of its cause, and the country’s vulnerability to the threat. These three factors are often combined either through expert judgment or statistical analysis into a probability of occurrence. These two methods of determining the probability of an event are categorized as qualitative and quantitative.
- Qualitative probability – Probability determined through expert judgment
- Quantitative probability – Probability determined through statistical research
Quantitative approaches provide a more empirical basis for ranking the likelihoods of occurrence across threats. A quantitative analysis requires research showing frequency of occurrence or resulting impact. Due to time and resource constraints, previous studies by other countries or multilateral organizations are often used by extrapolating them to the current country’s situation, particularly for common threats that transcend national boundaries. The underlying assumptions and adjustments made in adapting the study must be validated so that the conclusions drawn are relevant.
In the absence of reliable data regarding the probability of a threat, qualitative analysis uses the judgment of experienced professionals to rank the likelihood of a threat onto a common scale.
The impact,or magnitude, of a risk event is usually measured in terms of economic impact. Most impacts, even those that transcend mere economic expression, for example, loss of life or political instability, can be expressed in direct fiscal consequences for the purpose of risk management planning. Studies previously performed by an administration should be used wherever possible, as they will be the most pertinent, but it is often more cost-effective to acquire already-performed international studies for well-known risks, particularly ones that either transcend national boundaries or discuss similar economies.
A common method for displaying the results of a risk analysis is to use a matrix to plot risks in terms of probability and impact. The example matrix below ranks risks about which a customs or border control agency might be concerned. Performing this initial risk analysis on specific concerns for a given agency or set of agencies (and fine-tuning it over time) guides the overall risk strategy.
All of Greenline Systems technologies have a well-developed capability to define risk. As one example, our Cargo Targeting System is capable of running multiple risk assessment modules at the same time and uses a configurable risk scoring logic and a decision support framework to assist analysts with selecting the highest risk shipments for closer scrutiny. If you have a need to monitor shipment transactions and exploit your data with the most leading edge solutions and capabilities, please contact: VP, Customs Regulatory, and Law Enforcement Solutions – Chris Thibedeau (613)-884-8162 email:firstname.lastname@example.org for a live demonstration. Not all risks can be successfully and continually prevented. People and organizations have different risk tolerances and what is acceptable to one customs administration may be unacceptable to another administration, or even the same administration over time based on changing priorities. By having a well-considered risk management framework, administrations can better ensure policy and field practices are aligned and make overall operations more predictable.