RISK MANAGEMENT FOR THE FUTURE – THEORY AND CASES Edited by Jan Emblemsvåg Risk Management for the Future – Theory and Cases Edited by Jan Emblemsvåg Published by InTech Janeza Trdine 9, 51000 Rijeka, Croatia Copyright © 2012 InTech All chapters are Open Access distributed under the Creative Commons Attribution 3.0 license, which allows users to download, copy and build upon published articles even for commercial purposes, as long as the author and publisher are properly credited, which ensures maximum dissemination and a wider impact of our publications. After this work has been published by InTech, authors have the right to republish it, in whole or part, in any publication of which they are the author, and to make other personal use of the work. Any republication, referencing or personal use of the work must explicitly identify the original source. As for readers, this license allows users to download, copy and build upon published chapters even for commercial purposes, as long as the author and publisher are properly credited, which ensures maximum dissemination and a wider impact of our publications. Notice Statements and opinions expressed in the chapters are these of the individual contributors and not necessarily those of the editors or publisher. No responsibility is accepted for the accuracy of information contained in the published chapters. The publisher assumes no responsibility for any damage or injury to persons or property arising out of the use of any materials, instructions, methods or ideas contained in the book. Publishing Process Manager Martina Blecic Technical Editor Teodora Smiljanic Cover Designer InTech Design Team First published April, 2012 Printed in Croatia A free online edition of this book is available at www.intechopen.com Additional hard copies can be obtained from orders@intechopen.com Risk Management for the Future – Theory and Cases, Edited by Jan Emblemsvåg p. cm. ISBN 978-953-51-0571-8 Contents Preface IX Section 1 Health, Safety and the Environment 1 Chapter 1 Current Trends and Future Developments in Occupational Health and Safety Risk Management 3 Roland Iosif Moraru Chapter 2 Hazard Matrix Application in Health, Safety and Environmental Management Risk Evaluation 29 Assed Haddad, Erick Galante, Rafaell Caldas and Claudia Morgado Chapter 3 The Deterministic and Stochastic Risk Assessment Techniques in the Work Sites: A FTA-TRF Case Study 51 P.K. Marhavilas and D.E. Koulouriotis Chapter 4 Health Technology Assessment: An Essential Approach to Guide Clinical Governance Choices on Risk Management 67 Giovanni Improta, Antonio Fratini and Maria Triassi Chapter 5 Preventing Societal Health Risks Emerging in the Development Of Nanomedicine – What Should Prevail? 85 Roberte Manigat, Florent Allix, Céline Frochot and Jean Claude André Chapter 6 Post-Operative Residual Curarization (PORC): A Big Issue for Patients’ Safety 117 A. Castagnoli, M. Adversi, G. Innocenti, G.F. Di Nino and R.M. Melotti Chapter 7 Risk Assessment On-Scene 139 Eivind L. Rake VI Contents Section 2 Engineering 157 Chapter 8 Uncertainties and Risk Analysis Related to Geohazards: From Practical Applications to Research Trends 159 Olivier Deck and Thierry Verdel Chapter 9 A Monte Carlo Simulation and Fuzzy Delphi-Based Approach to Valuing Real Options in Engineering Fields 185 Roberta Pellegrino and Nicola Costantino Chapter 10 Fire Analysis and Production of Fire Risk Maps: The Trabzon Experience 215 Recep Nisanci, Volkan Yildirim and Yasar Selcuk Erbas Chapter 11 Flood Risk Management in Rivers and Torrents 233 Luca Franzi Chapter 12 Analysis of Historical River Floods – A Contribution Towards Modern Flood Risk Management 275 Jochen Seidel, Paul Dostal and Florian Imbery Section 3 Information Management 295 Chapter 13 Understanding Components of IT Risks and Enterprise Risk Management 297 Abdul Rahman Ahlan and Yusri Arshad Chapter 14 Enterprise Cyber Risk Management 319 Patrick L. Brockett, Linda L. Golden and Whitley Wolman Chapter 15 Trust in an Asynchronous World: Can We Build More Secure Infrastructure? 341 Dragutin Vuković Chapter 16 Adopting and Adapting Medical Approach in Risk Management Process for Analysing Information Security Risk 367 Ganthan Narayana Samy, Rabiah Ahmad and Zuraini Ismail Section 4 Finance and Economics 389 Chapter 17 Risk, Return and Market Condition: From a Three-Beta to a Functional-Beta Capital Asset Pricing Model 391 Zudi Lu and Yuchen Zhuang Contents VII Chapter 18 Linking U.S. CDS Indexes with the U.S. Stock Market: A Multidimensional Analysis with the Market Price and Market Volatility Channels 413 Hayette Gatfaoui Chapter 19 Financial Risks: Cases Of Non-Financial Enterprises 435 Irina Voronova Chapter 20 Supply Chain Risk Management in the Electronics Industry 467 Frank Zwißler and Marco Hermann Preface If you think predicting the future is risky, try ignoring it. The Economist Risk management is a topic on the agenda of an increasing number of organizations around the world for the last 20 years or so. In fact, due to the large number of corporate scandals, risk management has become central in the boardrooms of large enterprises around the world as some stock exchanges in fact demand risk management in the corporate governance work. Despite this, we have a financial crisis that abundantly illustrated that risks were not properly understood – also in corporations that supposedly were conducting risk management. While risk management in corporate governance is a relatively new idea, we have been managing risk in engineering for decades. Yet, engineering disasters appears every now and then often indicating (posteriori) lack of, or at least insufficient, risk management. There are many other cases in all aspects of human society that could have been mentioned here, as well, but the point is that managing risks is difficult. This illustrates further important facts about risk – it is pervasive, it is timeless and it is inevitable. The pervasiveness and timelessness of risk means that it is found in all kinds of scholarly disciplines and human endeavors. An important side effect is that it is often slowly emerging, which makes it even harder to address – disasters are rarely due to a single mistake or single source of problems, but due to a complex interplay of factors that by themselves may not have resulted in a disaster. Furthermore, because it is inevitable, risk has been addressed in a large number of ways. This means that basic terminology is still not unified. Depending on whom you ask, and what background they have, you will get different definitions and approaches towards risk management. The ISO 31000 Risk Management standard has therefore been developed to provide principles and generic guidelines on risk management (without intending to promote uniformity of risk management across organizations). Yet, many find the standard unsatisfactory and therefore find their own ways towards risk management. In this book, we therefore present a flavor of current advances in risk management theory as well as some cases with no attempt to present a unified theory of risk management. X Preface The book is divided into four, broad topics – each covering an entire part of the book. The first topic is Health, Safety and the Environment (HSE) in which we have seven contributions. The opening chapter is written by R.I. Moraru and it concerns the identification of effective practices, processes and structures in occupational health and safety risk management. The authors identifies and argues that there is an urgent need for the formulation and implementation of a new management framework for occupational hazards; one that is appropriate for the new economic and occupational structure of work. Next, in Chapter 2, A. Haddad, E. Galante, R. Caldas and C. Morgado focus on the development and usage of a risk assessment methodology called Hazard Matrix (HM) and its application in Health, Safety and Environmental Management (HSE). The HM is a prioritization methodology suitable to be used in the analysis phase of a risk management program. The authors argue that the HM in HSE is a very powerful methodology to highlight critical hazards and sectors/areas in a business unit or company under study. In Chapter 3, P. K. Marhavilas and D.E. Koulouriotis present a new risk assessment framework based on the combination of the deterministic FTA (“fault-tree-analysis”) technique and the stochastic TRF (“time at risk failure)” model, and they apply it on an industrial worksite to test its usefulness. Then, in Chapter 4, G. Improta, A. Fratini and M. Triassi present an example on a possible design and implementation of a Health Technology Assessment (HTA) protocol for the classification of hospitals or health facilities equipment, realized by combining the classic HTA concepts with hierarchic clustering techniques in a multidisciplinary analysis of requirements, cost, impact of logistics, technology associated risks. Chapter 5 is written by R. Manigat, F. Allix, C. Frochot and J.C. André. They chose to develop a case study on nanomedicine based on nanotechnology, with integrated inputs from each individual of the multidisciplinary team (photo chemist conducting research in basic sciences, risk management specialist, public health medical specialist), in order to develop an interdisciplinary expertise open to large societal needs. The objective of the 6 th chapter, written by A. Castagnoli, M. Adversi, G. Innocenti, G.F. Di Nino and R. M. Melotti, is to update the state of the art on Post-Operative Residual Curarization (PORC) and risk management of patients with persistent neuromuscular blockade. They start by careful reviewing the literature using electronic databases, analyzing original papers, systematic reviews and guidelines and end up by suggesting possible ways to correctly prevent or manage PORC. The final chapter in the first section – Chapter 7 – is written by E.L. Rake. It describes the assessments on-scene, the arena where the crisis take place, especially assessment [...]... and other stakeholders within industry who are interested in assessing and managing the existing OHS risks in their organisations, with the intention of identifying the priority areas for focussing improvement effort 4 Risk Management for the Future – Theory and Cases 2 Risk management: The need for an evolutionary and multifaceted approach Regardless of the type and size, any organization faces risks... Current Trends and Future Developments in Occupational Health and Safety Risk Management Fig 7 Graphical representation of a hypothetical working situation Fig 8 The complex and multifactorial landscape of OHS risks 19 20 Risk Management for the Future – Theory and Cases But workers participation is only effective if the qualification of the employees concerning their work situation, and their integrity... the OHS risk management 8 Risk Management for the Future – Theory and Cases 2.3 Snapshots from ISO 31000 standard Risk Management – Principles and guidelines for implementation The aforementioned standard emphasizes how the organization should understand the specific context in which risk management is implemented throughout the organization, at all levels and in every moment of its existence, to allow:... to qualify as the standard is so new that little reliable empirical research on its usefulness has been conducted Current Trends and Future Developments in Occupational Health and Safety Risk Management Fig 3 Components of the framework for managing risk (Based on ISO 31000:2009) Fig 4 The risk management process (Based on ISO 31000:2009) 9 10 Risk Management for the Future – Theory and Cases Assessment... term: the term risk assessment process”should be adopted to describe the overall process of identifying hazards, assessing risk and reducing risk The terms "risk analysis", "risk assessment", "risk estimation" and others have different definitions depending on the industry using them The two most frequently used terms to describe the overall risk assessment effort are "risk assessment" and "risk management" ... standard or technical description of risk assessment There are many risk ranking systems in use, each offering its strengths and 12 Risk Management for the Future – Theory and Cases weaknesses This variation reflects the great diversity of opinion on risk assessment Some of the most significant differences between risk assessment methods used today involve how risk is assessed As mentioned before, there... techniques for identifying risks, following the deductive or inductive approaches In the '70s, great efforts have been made to assess risks to populations near nuclear facilities, being developed many scenarios of 22 Risk Management for the Future – Theory and Cases accidents related to equipment failures and/ or operational errors In the following decades, methods and techniques of risk assessment and control... (Koob and Malchaire, 2003), which we further denominate as “Kinney–type” They are increasingly considered as incompleted, non-reliable and detaining a strong subjective character Other experts are refining their opinions, suggesting the resort to this kind of methods only as complementary or informational tools (Main, 2002; Schwartz, 2002) 14 Risk Management for the Future – Theory and Cases The Kinney... 4, ahead of the review 18 Issue Targeted working group Intervention Outcome measurement Implementation process Developing training Leadership Risk Management for the Future – Theory and Cases Questions to adress What is the structure of the team? What is the at -risk team? How large is the team Are the reasons for application clearly defined? Are the results repeatable? How do we measure the effectiveness?... geology and civil engineering, although there should be good thinking for other engineers as well The first chapter (Chapter 8) in Part II concerns classic issues like uncertainty and risk The authors – O Deck and T Verdel – focus on clarifying the interactions between risk management and uncertainties within the context of geohazards Recent trends developed in the field of risk management within the context . RISK MANAGEMENT FOR THE FUTURE – THEORY AND CASES Edited by Jan Emblemsvåg Risk Management for the Future – Theory and Cases Edited by Jan Emblemsvåg. improvement effort. Risk Management for the Future – Theory and Cases 4 2. Risk management: The need for an evolutionary and multifaceted approach Regardless of the type and size, any. promote uniformity of risk management across organizations). Yet, many find the standard unsatisfactory and therefore find their own ways towards risk management. In this book, we therefore present