The principle of risk assessment are as follows −
The assessment should have clear goals reflecting the informational needs of decision makers and decided in an iterative dialogue between the assessor and the decision-maker.
Risk assessment is always connected to decision-making. In specific, it can provide prioritize actions, provide objective and defensible means to distinguish among alternative courses of action, and allows a choice to be made.
The scope and content should be depends on the goals of the assessment and best professional judgment, treating the benefits and costs of acquiring more information before undertaking the assessment.
The scope of the assessment are as follows −
The product (type) that is the context of the assessment.
The hazard(s) of concern.
The affected entities (population(s), subpopulation(s), individuals, or other) that are the context of the assessment.
The exposure/event scenarios relevant to the goals of the assessment.
The type of risk assessment should be responsive to the feature of the potential hazard, the available data, and the decision needs. In the other terms, the risk profile should be decided as completely as available in the design stage. Different risk assessment techniques or tools are available for these multiple types of risk assessment.
The level of effort put into the risk assessment should be commensurate with the essential of the decisions to be made. This principle is connected with principles 2 and 3 and emphasizes that risk assessments can vary considerably in scale. The time frame available for decision making can also affect the scale of the risk assessment.
The assessment should be objective, systematic, structured and to practically possible evidence based. This defines that the processes used for risk assessment should be organized and use recognized methods to provide that the results are repeatable and reliable.
An evidence based assessment also uses that efforts are important to provide the availability of suitable data. Data are necessary at the start to picking up some signals that can call for a risk assessment, and later in the risk assessment itself. Thus, an organization that required to implement risk assessments needs to prepare itself by creating a system for collecting relevant data of good quality or to understand where such data already exists.
The risk should be characterized qualitatively and, whenever applicable, quantitatively.
Risk Assessment must explicitly define its own uncertainty and the causes of the uncertainty. This can supporting a range of plausible risk estimates with a quantitative features of risk; for critical assumptions, whenever applicable.
It involves a quantitative computation of reasonable alternative assumptions and their implications for the key discovering of the assessment; reporting and disclosing the feature and quantitative implications of model uncertainty, and the associative plausibility of different models depends on scientific judgment; where feasible, implementing a sensitivity analysis; and supporting a quantitative distribution of the uncertainty.