Language selector

English (UK)Nederlands (NL)

(updated) Disaster risk assessment through the prism of ISO 31000:2009

This is a sligtely modified, in fact, sharpened version of the blog I published on 5 March 2017. It is a result of further discussion with two of my colleagues who helped me to introduced more refined and nuanced understanding of each step: disaster risk identification, disaster risk analysis, and disaster risk evaluation. Hope it would be interesting to the reader too!


Disaster risk identification: From disaster risk assessment perspective, this stage is concerned with a very high-level scoping of hazard and exposure to define the direction for the rest of disaster risk assessment process.  This stage allows initial conclusion about the importance of a specific hazard that matters for the NDRA. It is important to take into consideration the potential aggregated impact of various hazard events over the period of the NDRA not to miss the hazard events with low-probability-high-impact, and not to underestimate the cumulative negative impact of high-probability-low-impact events. Hence, considerations should be given to both extensive (frequent, low impact) and intensive (occasional, high impact) events.


Disaster risk analysis: this step is concerned with more detailed understanding of the risk: detailed hazard analysis, exposure analysis, and vulnerability analysis. From disaster risk assessment perspective, this step is concerned with the understanding of a single hazard and exposure with all dimensions of vulnerabilities (physical, ecological, social, economic, and cultural). Each point of interaction creates a unique coupling: a specific likelihood and a specific impact. Specific likelihood refers to a specific intensity, magnitude, frequency of hazard – whatever dimension is relevant to describe the strength of each hazard event. Specific impact refers to the impact to be expected from each probability value of a chosen hazard. Exposure and vulnerabilities are dynamic and constantly changing due to changing climate, rapidly growing urbanization, increasing violence and conflicts, changing demographic structures, technological innovations, increasing inequality gap, and many more. Therefore, addressing the root causes of societal vulnerability is also critical to take into consideration.


Single-hazard disaster risk analyses inform multi-hazard (or all-hazard) disaster risk analysis. For multi-hazard risk analysis it is critical to address the cascading effects that could be triggered by one hazard or be potentially caused by a chain of various hazardous events. This implies understanding of so called ‘stress multipliers’ or the ways in which inherent vulnerabilities interact with each other to drive down the overall resilience of the society.


It is important to clearly define the time horizon for the risk analysis in understanding its impact and likelihood. The optimal and widely used approach is to address the time horizon of 3-5 years, which gives sufficient confidence for the disaster risks identified. It is also important to consider the dynamics of disaster risk profile of a country by revealing longer-term trends through horizon scanning. Hence, understanding the confidence level (or the level of uncertainty in risk assessment) becomes another critical consideration and remains relevant for both single-hazard and multi-hazard disaster risk analysis.


Disaster risk evaluation: this step allows for risk prioritization. The multi-hazard disaster risks analyzed along the likelihood and impact criteria could be mapped to ease the visualization and prioritization process. The disaster risk prioritization is further adjusted based on understanding of resilience capacities and risk acceptance of the society itself. If the former requires due considerations from those accountable for the disaster risk management (national civil protection forces for instance), the latter is more complex subject and requires whole-of-society deliberation to define what are the priority disaster risks in a society. Only then there is a legitimate basis for disaster risk prioritization, i.e. defining the risks of high societal importance that requires immediate attention, the risks that could be tolerated or neglected, and the risks that need to be closely monitored.


While discussions on the scope of resilience capacities are still ongoing, for this guideline, the resilience capacities are operationalized as following: a) capacity to anticipate risk, b) capacity to respond to risk (risk reduction, transfer, etc.), c) coping capacity to respond to a disaster (when the risk is materialized), d) capacity to bounce back (including recovery & reconstruction), and e) capacity to adapt by learning. While the capacities to identify and manage risks refers to the inherent level of risk, the capacities to cope with disaster, recover from it and adapt instead refer to the residual level of risk.