Author(s)

S. Meyer-Nieberg, S. Pickl, M. Zsifkovits

Abstract

Detecting and identifying future risks is a major issue for public decision makers, especially in the field of national security. Decision makers need to identify threats in order to be able to react to them adequately and so reduce risks. Therefore, we established a general risk management support guideline for public decision makers with a focus on national security. The framework aims at identifying future risks, analyzing and evaluating them, so that concrete actions can be set that tackle the potential threat. The risk management framework is thereby based on the core process of the ISO31000 risk management norm. Therefore we are combining several techniques and tools from the field of Operations Research (OR) to guide the decision maker through the risk management core process (risk identification, risk analysis, risk evaluation). Especially in the field of risk identification, the collection of high quality data is a key issue as this data is the foundation for the further creation of possible future scenarios. Therefore, the risk identification faces up to six individual steps of analysis, including qualitative and quantitative OR methods. Several tools were developed that enable a country-based screening for developing threats as well as an internet-based topic monitoring. Out of the concluding catalogue of hazards possible future scenarios are designed, analyzed, and ranked according to their probability of occurrence and importance. Finally, these scenarios are evaluated using a variety of quantitative OR methods, simulation models (mainly ABM and SD), or Fuzzy Logic Analysis.

Keywords

risk management, risk management process, operations research, OR, ISO31000