Are Misunderstandings over “Risk” Contributing to Difficulties in Assessing and Managing Safety in the Public Domain?


Since 1974 the public sector in the United Kingdom has been required to assess and manage risk as a means of safeguarding its employees and the public. While this risk-based approach still enjoys high-level support, the process of assessing and managing risk has been reported as giving rise to technical difficulties. Of note is that in 1983 it was stated in a Royal Society of London study group report that it may be seriously misleading to multiply the estimated severity of a risk by its probability as a process for comparing and thus prioritising hazards. However, influenced by developments in occupational safety, it has become common to express “risk” as some function of likelihood and severity of consequence. This article investigates whether this definitional matter is in any way problematic within the public sphere by application of an inductive, qualitative methodology entailing in-depth interview with thirty-four UK risk experts whose transcripts were subjected to thematic analysis. This was triangulated against document analysis and observation of the written and spoken word at conferences, training sessions and in the contested environment of the courtroom. An emergent theme amongst the experts is that while the risk-based approach to safety management continues to be strongly supported, there remain fundamental definitional issues over the way the term “risk” is used, and this is leading to confusion, uncertainty and inconsistencies. Evidence of similar definitional issues can be observed in documents, educational literature, and also manifests itself in UK courtrooms. It is concluded that the risk-based approach to safety assessment and regulation is hampered by foundational issues linked to societal understanding of “risk.”

Share and Cite:

Ball-King, L. (2022) Are Misunderstandings over “Risk” Contributing to Difficulties in Assessing and Managing Safety in the Public Domain?. Journal of Service Science and Management, 15, 516-530. doi: 10.4236/jssm.2022.155030.

1. Introduction

This article describes an investigation into understanding of the term “risk” in public services and also amongst risk educators, regulators and English courts, and the consequences which arise from subtly different interpretations.

A fundamental principle of the United Kingdom’s approach to safety is that it is risk-based (Russ, 2010), a position which continues to be strongly endorsed by the wider community of risk experts (Ball-King, 2020b). This principle stems directly from the UK’s primary workplace legislation, the Health and Safety at Work etc Act of 1974 (HSWA), which requires risks to be reduced only so far as is reasonably practicable (SFAIRP) aka ALARP—as low as reasonably practicable. Because the requirement is not to eliminate risk unless it is reasonably practicable to do so, residual risks can be anticipated, and the risk-based approach therefore leads to a need for prioritisation, which in turn is reliant upon the outputs of a risk assessment. However, for this to be done effectively, it is necessary to have a clear understanding of the meaning of “risk”, and it is evident that this is not always the case.

The point is aptly made by a prominent legal case which progressed through all tiers of the English courts culminating in a hearing in the House of Lords, the highest court, in 2002. The case is referred to as Tomlinson v Congleton Borough Council and involved a young man who was paralysed following a shallow dive into a lake on Council-owned land (House of Lords, 2002). The outcome of the case is not important here, but what is an issue is that in each of the courts involved (the court of the first instance, the Appeal Court and the House of Lords) the decision of the prior court was reversed, and that this was partly attributable to differing opinions about the significance of the prior risk, and whether enough had been done to control it. Thus, Lord Hobhouse, in his closing speech to the House of Lords, remarked as follows on the understanding of risk by the courts and council officers:

“The park had been open to the public since about 1982. Some 160,000 people used to visit the park in a year. Up to 200 would be bathing in the mere on a fine summer’s day. Yet the number of incidents involving the mere was so few. It is a fallacy to say that because drowning is a serious matter that there is therefore a serious risk of drowning. In truth the risk of drowning was very low indeed and there had never actually been one and the accident suffered by the claimant was unique. Whilst broken necks can result from incautious or reckless diving, the probability of one being suffered in the circumstances of the claimant was so remote that the risk was minimal. The internal reports before his accident make the common but elementary error of confusing the seriousness of the outcome with the degree of risk that it will occur” [3, para. 79] (emphasis added).

The clear implication was that a difficulty was being experienced in deciding what constituted a significant risk, and that this was linked with the definition of “risk” itself. The purpose of this article is to investigate this phenomenon more fully and to determine the extent to which a dilemma over the understanding of risk might exist.

The originality of this paper, apart from its contemporaneousness, is its use of multiple data sources including, notably, current expert opinion combined with deliberations in courtrooms, to gain insights into the societal functioning of risk management as practised in the UK. This identifies significant dilemmas for public service managers which are not of their own making.

2. Methods

2.1. Use of Bricolage

A qualitative, inductive methodology was used for the reason that “…the human activity system needs to be approached and understood in terms that are quite different from the normal linear, mechanical framework used” (i.e., positivist paradigm) (Chapman, 2002: p. 51). Additionally, although the dominant research tool was the interview, other data sources were applied as a means of triangulation in an approach referred to as bricolage (Rogers, 2012; Denzin & Lincoln, 1999). These included document analyses, and the written and spoken word as encountered at conferences, training sessions and in the courtroom.

2.2. Interview Participants

One of most used instruments in qualitative research, and which was deployed here, is the interview (Packer, 2011), along with one of the most thoroughly documented of these approaches which is thematic analysis (Braun & Clarke, 2006). To initiate this, purposive sampling was used to select an opening group of interviewees based on their experience and knowledge, with further candidates selected by an opportunity, snowball-sampling strategy. A total of 34 individuals participated in the final study with, collectively, over 1000 years of professional experience in the management of risk.

Table 1 and Table 2 summarise personal characteristics and professional backgrounds of the interviewees. Table 1 shows the cohort to have been dominantly male, highly educated and/or qualified, and with extensive experience working in risk-related jobs. The types of occupations are shown in Table 2. Many of the participants had work experience in multiple sectors.

2.3. Interviews and Analysis

Interviews were conducted via telephone, Skype or face to face and later transcribed with permission. Interviews lasted between 30 - 90 minutes. Introductory questions asked were: 1) “How would you describe your sector’s approach to risk assessment and subsequent decision-making?” 2) “Have you noticed any trends or changes over time?”, but otherwise discourse was relatively unstructured. The general approach was to record and transcribe interviews and report

Table 1. Summary of personal particulars of participants (n = 34).

Table 2. Summary of occupational sector of participants (n = 34).

data in the form of example statements [9] following the method of Braun and Clarke (2006). This requires the transcripts to be read open-mindedly to identify units of text relevant to the research topic, text units dealing with the same issue to be organised into groups of analytic categories, and the data to be reviewed for consistency and tabulated. In the final step illustrative quotes are assembled into a report and the collected data compared with other data sources and interpreted (Ball-King, 2020b).

2.4. Limitation of Scope

The scope of the study was purposefully restricted to the UK, one reason being that the UK has been in the vanguard globally in promoting risk-based governance and this thinking has come to colonise its regulatory regime (Rothstein et al., 2013) such that the UK provides a special case for study. This is not to say that UK experiences over risk definitional issues are confined to its shores (Aven & Zio, 2014).

3. Findings

3.1. Evidence from the Literature

In 2001 the UK’s principal safety regulator, the Health and Safety Executive (HSE), reaffirmed the commitment to the risk-based approach in its flagship publication “Reducing risk, protecting people” (aka R2P2) (HSE, 2001). In 2020, HSE elaborated on the approach to risk prioritisation as follows:

“You may find that there are a number of issues which need action, so you need to decide on your priorities for that action. In thinking through your priorities, think about the biggest or most serious risks first ….. Remember, the greater the risk the more robust and reliable the control measures will need to be.” (HSE, 2020a)

The level of risk is normally determined by some form of risk assessment (Russ, 2010) and there are now numerous approaches to risk assessment with ISO 31010 describing no less than thirty-one (ISO, 2010). One of the most widely used approaches in the UK is known as “Five steps to risk assessment” which has been revised and reissued over several decades. Version 3 of ‘Five steps’ describes risk as follows:

“When thinking about your risk assessment, remember:

• a hazard is anything that may cause harm

• risk is the chance, high or low, that somebody could be harmed by these and other hazards, together with an indication of how serious the harm could be (HSE, 2014).

The above definition of risk would appear to have the goal of simplicity. A more comprehensive account of risk’s meaning can be found on HSE’s website under the ALARP section:

“A risk is the likelihood that a hazard will actually cause its adverse effects, together with a measure of the effect. It is a two-part concept and you have to have both parts to make sense of it. Likelihoods can be expressed as probabilities (e.g., “one in a thousand”), frequencies (e.g., “1000 cases per year”) or in a qualitative way (e.g., “negligible”, “significant”, etc.) …..” (HSE, 2019)

From these statements it could be concluded with some confidence that risk is seen as the chance or likelihood of some event with a specified consequence. If so, this would be consistent with the definition in HSE’s R2P2 and in an earlier and influential report of The Royal Society of London:

“… the chance that someone or something that is valued will be adversely affected in a stipulated way by the hazard.” (HSE, 2001: p. 6)

“the probability that a particular adverse event occurs during a stated period of time.” (The Royal Society, 1983)

However, the above ALARP definition of risk (HSE, 2019) does say that risk is a “two-part concept”, the meaning of which is perhaps ambiguous, particularly as other definitions of risk exist in which risk is defined as some function, or combination, of likelihood (F) and consequence (C), i.e., R = F × C or, in mathematical parlance, R = f (F, C).

For example, ISO 45001:2018 defines occupational OH&S risk as:

“combination of the likelihood of occurrence of work-related hazardous event (s) or exposure (s) and the severity of injury and ill health that can be caused by the event (s) or exposure (s).” (ISO, 2018)

Likewise, variants of this two-part definition can be seen to have been in widespread circulation in educational contexts. Thus:

“Risk is the likelihood that a hazard will cause harm in combination with the severity of injury, damage or loss that might foreseeably occur.” (NEBOSH, 2013)

“So, risk is the combination of two factors:

• chance—the likelihood that a person will come into contact with a particular hazard so that harm is caused.

• consequence—the foreseeable harm. How bad would it be?

These two factors combine to give us the degree or level of risk. We might then identify the level of risk using words such as ‘low risk’ or ‘high risk’.” (IOSH, 2013)

The tendency to conflate likelihood and consequence can also be found in international risk literature:

“Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood” (ISO, 2009)

“Risk is thus the combination of the severity of possible damage to the consumer and the probability that this damage should occur.” (Commission of European Communities, 2018)

From this it can be concluded that there are two, at least, understandings of the word “risk” which are both in circulation, one seeing risk as the likelihood of some specified event occurring with a given consequence, and the other as a combination of likelihood and consequence. These approaches are sometimes referred to as the likelihood or probabilistic definition and the expected value definition. Aven (2012) identifies seven other definitions of risk but this article focuses on these two, which are currently the most prevalent.

3.2. Why It Matters

The difference may appear inconsequential, but as long ago as 1983 The Royal Society of London’s report on risk assessment warned as follows:

“It may be seriously misleading merely to multiply the estimate of severity of a risk by its probability, and then compare the result with similar estimates for other hazards.” (The Royal Society, 1983: p. 15)

The same or similar warning has been repeated many times since. For example, Aven and Zio (2014) describe several foundational issues within risk management, defined as the platform upon which risk assessment and risk management stand, the first of which relates to the meaning and interpretation of fundamental concepts such as risk. As they say, “if we ask a number of risk analysts to explain what risk means, we get many different answers, some of which are misconceptions that could seriously misguide decisionmakers!”

Other authors have reached similar conclusions (White, 1995; Hurst, 1998) and yet others have also been singularly critical of the use of risk matrices which tend to proliferate where the R = F x C definition of risk is in operation because they too are two-dimensional with likelihood and consequences axes which neatly align with the two-part conceptualisation of risk. The American risk expert L. A. Cox, for example, reached the following conclusions:

“Inputs to risk matrices (that is the severity and risk categorizations) and resulting outputs (risk ratings) require subjective interpretation, and different users may obtain opposite ratings of the same quantitative risks. These limitations suggest that risk matrices should be used with caution and only with careful explanations of embedded judgments.”

“Risk matrices do not necessarily support good (e.g., better-than-random) risk management decisions…” (Cox, 2008)

Similar conclusions about the likelihood-consequence matrices have been reached by many others (Garlick, 2007; Thomas, 2019; Safesmart, 2018; Birchmore, 2014; Ball & Watt, 2013).

3.3. Experts Views on Understanding of the Concept of Risk and the State of Risk Assessment

The expert interviews and thematic analysis identified a strong thread related to the so-called simplicity of risk assessment. The view was that there had been a tendency to present risk assessment as a straightforward task when the reality for many was quite different. Even supposedly low hazard locations could cause problems for assessors particularly if they did not have a clear perception of the risk concept, and maybe even if they did. Issues around comprehension of “risk” would obviously factor into this predicament. Thus:

“But you can only do this [risk assessment] effectively if you have a coordinated approach to risk and if people have actually been taught some things about risk. And I’ve seen no evidence that this is done – of course [names university] does it, but hardly anybody. So, it’s impossible to have a very sensible debate about risk because no-one’s had any training in it.” Q301

“… it’s not easy though. and I think it’s sometimes underrated how easy it is – we teach people to do rudimentary risk assessments, but the reality is, it’s very, very difficult to do, and it’s not an exact science.” Q36

“…. The notion of risk assessment gets trotted out all the time. And they see this and that as risk assessment. And people like myself say ‘are you sure?’, and ‘do you really know what you mean by that?’ It’s become common parlance, and in doing so has lost a certain element of its academic correctness. …. It’s a safety assessment. The terminology is inappropriate. And in a way that’s slightly damaging because on the occasions when you actually do need to do a proper risk assessment, lots of people don’t have the correct idea in their heads of what that means.” Q8

“In an attempt to make things understandable for small business, they’ve made things meaningless, and they’re inherently inaccurate in their approach. They’ve not only dumbed it down, they’ve actually got it wrong.” Q64

“They give the impression that risk is easy to deal with. But in others it’s very complicated. And it doesn’t have to be that you’re in a complex industry for it to be complicated. There’s a wide spectrum.” Q67

The issues of terminology and matrix-style scoring systems generated another theme:

“…. And because of the terminology and misunderstandings there are among lay people about what risk assessment is, I think that’s a challenge for people who are actually risk practitioners…...” Q41

“What is a risk assessment for? That is what we should be asking ourselves. And people don’t know. If you have A Level mathematics, you understand permutations of risk. Why have we got people who can’t do mathematics doing risk scores, and thinking that a 5 × 5 rating is 25 more than a 1 × 1? And we have these very bland descriptive terms – ‘rarely’, ‘occasionally’ ‘generally’. I think there’s a fundamental flaw with what we’re doing. The problem is they focus on the numbers and scoring systems.” Q78

“I’m in some doubt as to whether the very very common use of risk matrices, is actually useful. Because of two things. First to get a risk matrix right, there are a number of technical things that you need to get right. They look simple but they’re not. And a slightly trained person who’s not a risk expert can fill in a matrix and it looks convincing. But I wouldn’t rely to be honest on that matrix, because the numbers can be inputted in all sorts of different ways and you get all sorts of different answers, from very slight changes in judgment. So I’m very doubtful whether these matrices, and the end part with the final risk ratings, adds any value….” Q80

“So we come across providers who, probably the best example, in some of their risk assessments, attached a number to likelihood, and a number to consequence, and some people at the centre multiplied these together, and some people added them (laughs). What we also find is that either people jiggled round the numbers until they got a total score that their gut reaction told them was right, and other people stick with numbers and ignore the fact that they’re still going out, doing activities, even though they’ve identified the residual risk was high. So they do the numbers approach and then don’t take any notice of them.” Q81

Other noted threads related to a perceived split between risk-based (i.e., probability-based) safety professionals and hazard-based professionals and the overapplication of the R = F × C formulation of risk.

“I think the safety profession falls into two different categories. You get those safety professionals who are very hazard oriented. And because they’re focused on the fact that this incident could happen, this harm could result, they start to go down that line of ‘we have to have zero tolerance’, e.g., construction. But there are other environments and sectors where that’s not the appropriate way to go. And my profession is about being what I would term being ‘likelihood’ focused. So, in terms of likelihood, in our risk assessment process we have two sides – a hazard analysis and a likelihood analysis, where the latter part answers the question of what makes that event more or less likely to occur, i.e., the controls and competence of your workforce. That’s the focus for me….” Q57

“I think the process of risk assessment, the computation between likelihood and severity, has expanded and been more broadly used, i.e., not just within health and safety. I mean arguably you can say it’s been overused, or an over-reliance on it. I think technology has played a part too, because there’s a lot of health and safety management systems which are software solutions, and a large part of those is risk assessment – it becomes core to the whole system. And therefore, the organisation is driven to identify all risks, and risk assess all risks in exactly the same way, as a way of prioritising them, and then the whole management system is built around that. Again, this approach potentially can have undesirable outcomes. There may be an overreliance on it.” Q35

3.4. Expert Views on Courts and Sentencing

How “risk” is understood by the British legal system is also crucial because court decisions are influenced by the perceived prior level of risk (Ball-King, 2020a) and secondly because according to the Sentencing Council Guidelines (Sentencing Council, 2016) the level of risk also influences the magnitude of any fine. As experts put it:

“I think it’s part of the pattern I mentioned, which started in the Blair years [1997-2007]. There was a philosophy in that time of wanting to increase punishments for crime. And that has filtered through. So, we’ve had a number of developments which have led to this. One is something which wasn’t seen as very significant at the time, but it turned out to be so. And that is that before the HSWA it was almost exclusively limited to cases being brought before the magistrates’ court. The penalties typically were in their tens [of pounds] or maybe a hundred or so. Which even with the change in the value of money, it’s still small. But the HSWA introduced certain offences which could be tried only on indictment, i.e., only in the Crown court..... The fact is these are indictable offences because they can be tried in either court. Indictable offences in our society are serious – murder, rape and so on. And so, they’re classified in the HSWA in that grouping. That’s how it happened. The Sentencing Council have also decided to upgrade these offences to match these other ones, because people die or get seriously injured. So, we’re going to treat them the same. And this has had huge effect. So, people can no longer take risks with failing to have in place written risk assessments.” Q14

“Things may change now that the sentencing guidelines have changed. Because obviously since February [2017], we’ve had more £1 m fines for sentences in the criminal courts than we’ve had in the last 20 years. Perhaps the word gets out and people will be motivated by that.” Q106

3.5. The Sentencing Council Guidelines

The aim of the Sentencing Council Guidelines (Sentencing Council, 2016) is to bring consistency when dealing with OH&S breaches of the law. The opening gambit in the section headed “Harm” is as follows:

“Health and Safety offences are concerned with failures to manage risks to health and safety and do not require proof that the offence caused any actual harm. The offence is in creating a risk of harm.” (Sentencing Council’s emphasis).

The guidance does not itself define risk, but it could be inferred from the above that risk is seen as likelihood. The origin of the statement is the 1993 case against the London Science Museum in which passers-by were said to be exposed to Legionella from tanks on the Museum’s roof, although no-one was known to have been harmed (Board of Trustees of Science Museum v Regina, 1993). The emboldened sentence is, however, potentially problematic. Since we live in a risk-based society there is not a requirement to eliminate risk (which is seldom a reasonably practicable proposition anyway) and therefore some exposure to harm must be permitted, but the Guidelines do not acknowledge this.

Instead, they introduce a two-dimensional matrix as in Figure 1 as a device for categorizing the offence on a harm scale from 1 to 4 based on the seriousness of harm risked and the likelihood. The embodied thinking is clearly similar to the risk matrix described earlier, shares some of its problems, and adds more of its own.

4. Discussion

The definition of risk is as foundational an issue as could be contemplated for those in public services who are responsible for safety and are subject to a risk-based regulatory regime. As described earlier, the matter was beautifully

Figure 1. Table for identifying initial category of harm (Daniels, 2012).

illustrated in the 2002 Tomlinson v Congleton Borough Council case (House of Lords, 2002). From this it is evident that Lord Hobhouse’s view of risk is that it is about the likelihood of a specified harm, in tune with the R2P2 and The Royal Society of London’s definitions. Others in the Tomlinson case appear to have conflated likelihood and consequence in concluding that the risk was high, and this is a perennial problem both in and out of court.

For example, Daniels (2012) has reported on the prosecution of Merlin Attractions Ltd over an elderly person’s fall from an historic bridge at Warwick Castle in 2007. As Daniels has said, “this was considered to be a finely balanced case and to achieve a conviction, the local authority prosecuting needed to convince the jury that the bridge posed a ‘material risk’.” The Defence’s evidence was, however, that there was no ‘material risk.’ It argued that approximately 20 million people had visited the Castle since 1978, that many had used that access point, and there had been no recorded accidents of any kind on the bridge, yet Merlin were found guilty and fined heavily. Daniels remarks that, “in this case, the local authority’s decision to prosecute appears to have been influenced by the severity of the consequences and the fact that there was no specific risk assessment in place for this bridge.” However, it could also be that the court felt, if their interpretation of risk was one of combining likelihood and consequence, that risk was high because the hazard constituted a potential fall of about 5 metres with only a low parapet for protection.2

A similar situation arose in 2018 after a cyclist on the Bristol quayside crashed into the dock and drowned (Liddle v Bristol City Council, 2019). The dockside at that location, another heritage site, had no railing and had been a topic of debate within the Council for many years, some having described it as a “huge risk” and others as low risk. It was reported that in 25 years there was only one known accidental case of falling into the water from the quay and that had been caused by unusual circumstances in which the quayside had been blocked. Given that the quayside had had many millions of visitors, the likelihood definition of risk is extremely low, but use of the expected value definition, or risk matrix, could point to a moderate or substantial risk. The judge in that case, HHJ Gargan, went on to the find there was no duty to erect barriers where the risk was very low and, in fact, barriers would have created other risks (Liddle v Bristol City Council, 2019) and the council was absolved.

Similar issues of how risk is understood and assessed come up in many risk assessments as well as legal cases involving personal injury or loss. It is evident that the standpoint taken can lead to diametrically opposite conclusions about risk and hence the need for control measures or, in legal cases, whether a case is won or lost.

Different interpretations of risk also originate when the number of persons exposed to a hazard is factored into the definition, as sometimes happens. For example, it could be contended in the context of the Warwick Castle and Bristol Quay cases that the risk was high because so many were exposed. However, the classic approach to understanding of risk is that set out in HSE’s Tolerability of Risk philosophy (HSE, 2001; HSE, 1992) which refers to individual risk and not collective risk.3 Collective risk is a useful concept when thinking about chronic exposure to hazards such as ionising radiation or chemical carcinogens but can be problematic in situations involving acute accidents. For example, if the collective risk concept were applied to the London Underground with its often-crowded platforms and absence of track-side barriers, the risk would be around unity because it is not unusual for there to be a very small number of platform/train interface fatalities per year (Office of the Rail Regulator, 2015). However, according to Transport for London (2020) there are over one billion passenger journeys on the underground per year, and therefore, combining this with the fact of few platform/track interface fatalities, the individual risk is vanishingly small.

There are numerous other examples of hazardous situations which subjectively would appear high risk but which historical data show to be low (Ball & Watt, 2013). Therefore, data and the historical record should be used wherever they can be. It is presumably one reason why, in HSE’s “Five steps to risk assessment,” it says “Look back at your accident and ill-health records,” as a method of identifying hazards.

There is also a tendency, as noted by Woodruff (2005), for some risk assessments and some court judgements to be less based on consideration of risk than by perceived or actual consequence. There are likely several drivers of this tendency. One might be empathy for the victim, although whether this should be a legitimate consideration in a risk-based society is debatable (Bloom, 2016). Another might be the fact that the accidents which are reported to regulators are based on consequence criteria (HSE, 2020b). Likewise, the Sentencing Council guidelines refer to “Whether the offence was a significant cause of actual harm” as a criterion in determining fines.

Layered on top of the foundational issues described in this paper are of course copious cognitive biases which arise in decision making in general and particularly in relation to risk which have been studied by economists and psychologists for decades (Slovic, 2000; Cox, 2007; Seedhouse & Peutherer, 2020).

5. Conclusion

This paper has described practical and consequential problems of risk assessment which have roots in foundational issues reflected in the definition and understanding of risk and the approach to risk assessment. Similar problems have been reported by Woodruff in 2005 when he concluded:

“…there is an inherent consequence bias within health and safety management in the UK even though the regulatory framework is built around organisations taking a risk-based approach using a risk assessment methodology.” (Woodruff, 2005)

It is now approaching half a century since the passage of the HSWA (1974) which introduced the risk assessment era within the UK and extended its reach to include public services. It is troubling that such fundamental issues persist.

6. Limitations

The obvious limitations of the research are that it presents a snapshot of views at a certain time (the 2020s) and that it is restricted to UK perspectives. While it is anticipated these issues arise outside of the UK this has not been addressed in this paper.


This study received no grants from funding agencies in the public, commercial, or not-for-profit sectors.


1The numbers link back to the full list of quotations which can be found in [2].

2The bridge was part of an ancient monument and therefore unaltered.

3The Sentencing Council guidelines also refer to the number of workers or the public exposed, but only after the application of the matrix (Figure 1). This implies the matrix is meant to relate to individual risk.

Conflicts of Interest

The authors declare no conflicts of interest regarding the publication of this paper.


[1] Aven, T. (2012). The Risk Concept—Historical and Recent Development Trends. Reliability Engineering and System Safety, 99, 33-44.
[2] Aven, T., & Zio, E. (2014). Foundational Issues in Risk Assessment and Risk Management. Risk Analysis, 34, 1164-1172.
[3] Ball, D. J., & Watt, J. (2013). Further Thoughts on the Utility of Risk Matrices. Risk Analysis, 33, 2068-2078.
[4] Ball-King, L. N. (2020a). Risk-Based Regulation in the UK: Courtroom Battles Expose Ongoing Problems. European Journal of Risk Regulation, 12, 1-14.
[5] Ball-King, L. N. (2020b). Risk Management and Proportionality: A Synoptic View of UK Practices. PhD Thesis, King’s College.
[6] Birchmore, I. (2014). Understanding Public Sector Risk: A Study into the Nature and Assessment of Strategic Risk in English Local Authorities. PhD Diss., University of Warwick.
[7] Bloom, P. (2016). Against Empathy: The Case for Rational Compassion. The Bodley Head.
[8] Braun, V., & Clarke, V. (2006). Using Thematic Analysis in Psychology. Qualitative Research in Psychology, 3, 77-101.
[9] Chapman, J. (2002). System Failure. DEMOS.
[10] Commission of European Communities (2018). Guidelines for the Management of the Community Rapid Information System (RAPEX). The Official Journal of the European Union, L22, 35.
[11] Court of Appeal (1993). Board of Trustees of Science Museum v Regina.
[12] Cox, L. A. (2008). What’s Wrong with Risk Matrices? Risk Analysis, 28, 497-513.
[13] Cox, L. A. (2007). Does Concern-Driven Risk Management Provide a Viable Alternative to QRA? Risk Analysis, 27, 27-43.
[14] Daniels, M. (2012). Fatal Accident at Warwick Castle.
[15] Denzin, N. K., & Lincoln, Y. S. (1999). Handbook of Qualitative Research (2nd ed.). Sage.
[16] Garlick, A. (2007). Estimating Risk: A Management Approach. Gower Publishing.
[17] High Court (2019). Goodman, Mitchell & Liddle v Bristol City Council.
[18] House of Lords (2002). Judgments: Tomlinson v Congleton.
[19] HSE (1992). The Tolerability of Risk from Nuclear Power Stations. TSO.
[20] HSE (2001). Reducing Risk Protecting People.
[21] HSE (2014). Five Steps to Risk Assessment. INDG 163 (rev 4).
[22] HSE (2019). ALARP at a Glance.
[23] HSE (2020a). How do I Prioritise the Actions from My Risk Assessment?
[24] HSE (2020b). Types of Reportable Incidents.
[25] Hurst, N. (1998). Risk Assessment: The Human Dimension. The Royal Society of Chemistry.
[26] IOSH (2013). Working Safely, Defining Hazard and Risk.
[27] ISO (2009). Risk Management-Principles and Guidance. ISO.
[28] ISO (2010). ISO 31010. Risk Management-Risk Assessment Techniques. ISO.
[29] ISO (2018). ISO 45001 Occupational Health and Safety Management Systems. ISO.
[30] NEBOSH (2013). International General Certificate.
[31] Office of the Rail Regulator (2015). Rail Safety.
[32] Packer, M. (2011). The Science of Qualitative Research. Cambridge University Press.
[33] Rogers, M. (2012). Contextualizing Theories and Practices of Bricolage Research. The Qualitative Report, 17, 1-17.
[34] Rothstein, H., Borraz, O., & Huber, M. (2013). Risk and the Limits of Governance: Exploring Varied Patterns of Risk-Based Governance across Europe. Regulation and Governance, 7, 215-235.
[35] Russ, K. (2010). Risk Assessment in the UK Health and Safety System: Theory and Practice. Safety and Health at Work, 1, 11-18.
[36] Safesmart (2018). The Problem with Risk Scores and a Risk Matrix.
[37] Seedhouse, D., & Peutherer, V. (2020). Using Personal Judgement in Nursing and Healthcare. Sage.
[38] Sentencing Council (2016). Health and Safety Offences, Corporate Manslaughter and Food Safety and Hygiene Offences Definitive Guideline.
[39] Slovic, P. (2000). The Perception of Risk. Earthscan.
[40] The Royal Society of London (1983). Risk Assessment—A Study Group Report. The Royal Society.
[41] Thomas, M. A. (2019). Mathematization, Not Measurement: A Critique of Stevens’ Scales of Measurement. Journal of Methods and Measurement in the Social Sciences, 10, 76-94.
[42] Transport for London (2020). Trivia and Facts.
[43] White, D. (1995). Applications of Systems Thinking to Risk Management: A Review of the Literature. Management Decision, 33, 35-45.
[44] Woodruff, J. M. (2005). Consequence and Likelihood in Risk Estimation: A Matter of Balance in UK Health and Safety Risk Assessment Practice. Safety Science, 43, 345-353.

Copyright © 2023 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.