Risk Management FAQ

What is the threat assessment paradox?

United States

A threat assessment often takes the form of an evaluation along two axes - likelihood and impact. However, this can create a paradox if there is any ambiguity in the threat description. For example, one person might evaluate the risk of "worker injury" as being High Likelihood, Low Impact because they are envisioning a frequent situation where a factory worker might bump into a piece of equipment and develop a bruised leg. However, a different person might answer the same question as Low Likelihood, High Impact because they are envisioning a more serious type of injury - one that is very unlikely to occur.

Who is right? Both are right. But this illustrates the common paradox created by the threat description. It is not uncommon for any threat to have a have a "high likelihood of low impact" and a "low likelihood of high impact".

If two completely opposite evaluations are both valid, this creates an obvious problem with the validity of the evaluation process.