ISO 13824:2009

INTERNATIONAL ISO
STANDARD 13824
First edition
2009-11-15
Bases for design of structures — General
principles on risk assessment of systems
involving structures
Bases du calcul des constructions — Principes généraux sur
l'évaluation du risque pour les systèmes comprenant des structures

Reference number
©
ISO 2009
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.

©  ISO 2009
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2009 – All rights reserved

Contents Page
Foreword .v
Introduction.vi
1 Scope.1
2 Normative references.1
3 Terms and definitions .2
4 General framework of risk assessment of systems involving structures.4
4.1 Overview of risk management of systems involving structures.4
4.2 Applicability of risk assessment.6
5 Establishment of structural engineering context .6
5.1 Structural-engineering context .6
5.2 Establishment of design basis.7
5.3 Assessment of existing structures.7
5.4 Assessment of exceptional structures or extraordinary events .7
5.5 Preparation of risk information for decision .7
6 Definition of system .8
6.1 Representation of the system .8
6.2 Identification of the subsystems .8
7 Identification of hazards and consequences.8
7.1 Identification of possible hazards .8
7.2 Identification of extent of scenarios.8
7.3 Identification of consequences.8
7.4 Hazard screening.8
8 Risk estimation .9
8.1 Types of risk estimation .9
8.2 Data for estimation .10
8.3 Risk representation .10
8.4 Estimation of probability .10
8.5 Estimation of consequence.11
8.6 Risk calculation .11
8.7 Sensitivity analysis .11
9 Risk evaluation .11
9.1 Risk acceptance .11
9.2 Risk criteria .12
10 Evaluation of options for risk treatment .12
10.1 General .12
10.2 Determination of options.12
10.3 Assessment of options for risk treatment .13
10.4 Implementation of risk treatment.13
11 Report .13
Annex A (informative) Principles of risk assessment .14
Annex B (informative) Examples of extraordinary events and exceptional structures for risk
assessment .18
Annex C (informative) Techniques for treatment of expert opinions .20
Annex D (informative) Examples of quantitative risk representation.23
Annex E (informative) Equations for risk estimation.27
Annex F (informative) Procedure for the estimation of consequences.31
Annex G (informative) Examples of measures for risk treatment .33
Annex H (informative) Examples of application of risk acceptance and optimization .36
Bibliography .42

iv © ISO 2009 – All rights reserved

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies
(ISO member bodies). The work of preparing International Standards is normally carried out through ISO
technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International Standards
adopted by the technical committees are circulated to the member bodies for voting. Publication as an
International Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 13824 was prepared by Technical Committee ISO/TC 98, Bases for design of structures, Subcommittee
SC 2, Reliability of structures.
Introduction
Recently, special attention has been has been focused on risk. Although risk assessment of structures is done
with a common basis, it has been implemented under various contexts in diversified ways. Therefore, this
International Standard provides a common basis for assessing risk relevant to design, assessment,
maintenance and decommissioning of structures. This International Standard accords with the umbrella
International Standard of risk management being prepared as ISO 31000 by ISO/TMB.
In a risk assessment, hazard identification and the estimation of consequence are primary major procedures.
For these, it is necessary to assess the risk of systems involving structures rather than just the structures,
since structural failure has significant consequence for systems, and a failure of systems such as fire
protection systems can cause serious consequences. However, actions for risk treatment are taken within the
scope of structural design. Such considerations are reflected in the title of this International Standard.
This International Standard is intented to serve as a basic document, along with other relevant standards on
risk management, for those assessing risk for systems involving structures.
Annexes A to H of this International Standard are for information only.

vi © ISO 2009 – All rights reserved

INTERNATIONAL STANDARD ISO 13824:2009(E)

Bases for design of structures — General principles on risk
assessment of systems involving structures
1 Scope
This International Standard specifies general principles of risk assessment for systems involving structures.
The focus is on strategic and operational decision-making related to design, assessment, maintenance and
decommissioning of structures. This also includes formulation and calibration of related codes and standards.
Systems involving structures can expose stakeholders at various levels in society to significant risks. The aim
of this International Standard is to facilitate and enhance decision-making with regard to monitoring, reducing
and managing risks in an efficient, cost-effective and transparent manner. Within the broader context of risk
management, risk assessment provides decision-makers with procedures to determine whether or not and in
what manner it is appropriate to treat risks.
This International Standard provides a general framework as well as a procedure for identifying hazards and
estimating, evaluating and treating risks of structures and systems involving structures. This International
Standard also provides a basis for code writers as well as designers to set reasonable target-reliability levels,
such as stated in ISO 2394, based on the result of risk considerations. For existing structures, assessment of
the risks associated with the events that were not considered in the original design or with changes in use
shall be implemented according to the principles stated in this International Standard. This International
Standard can also be used for risk assessment of exceptional structures, the design of which is usually
beyond the scope of existing codes.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
ISO 2394, General principles on reliability for structures
ISO/TS 16732, Fire safety engineering — Guidance on fire risk assessment
ISO/IEC Guide 51:1999, Safety aspects — Guidelines for their inclusion in standards
ISO Guide 73, Risk management — Vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 2394, ISO/TS 16732,
ISO/IEC Guide 51 and ISO/IEC Guide 73, together with the following, apply.
3.1
acceptable risk
level of risk that an individual or society accepts to secure certain benefits
3.2
cost/benefit analysis
analysis contributing to decision-making on whether to adopt a project or a plan by quantifying and comparing
its costs and benefits
3.3
extraordinary event
event that cannot be anticipated or expected technologically by experts, or an event whose occurrence
probability is estimated as extremely low
3.4
hazard
potential source of undesirable consequences
3.4.1
hazard identification
process to find, list and characterize hazards
3.4.2
hazard curve
exceedence probability of a specified hazard magnitude for a specified period of time
3.4.3
hazard screening
process of identifying significant hazards that shall be considered during risk assessment of systems involving
the structures
3.5
option
possible measures for managing the risk
NOTE Doing nothing can be a feasible option when other options cannot mitigate the risk against their invested costs.
3.6
reliability
ability of a structure or structural element to fulfil the specified requirements, including working life for which it
has been designed
3.7
residual risk
risk remaining after risk treatment
3.8
risk
combination of the probability or frequency of occurrence of an event and the magnitude of its consequence
NOTE From the view point of a strict decision theory, it is the expected value of all undesirable consequences, i.e.
the sum of all the products of the consequences of an event and their probabilities.
2 © ISO 2009 – All rights reserved

3.9
risk acceptance
decision to accept a risk
3.10
risk assessment
overall process of establishment of structural engineering context, definition of system, identification of
hazards and consequences, risk estimation, risk evaluation and evaluation of treatment options
3.11
risk calculation
act of representing a combination of probabilities and consequences of occurrence of risks as a scalar, in
order to compare with risk options
NOTE See 8.6.
3.12
risk communication
exchange or sharing of information about risk among the decision-makers, other stakeholders and engineers
NOTE 1 The information can relate to the existence, nature, form, probability, severity, acceptability, treatment or other
aspects of risk.
NOTE 2 Engineers are the main source for risk information and encourage stakeholders to communicate with each
other.
3.13
risk control
actions implementing risk-management decisions
NOTE Risk control can involve monitoring, re-evaluation and compliance with decisions.
3.14
risk criteria
criteria against which the results of the risk analysis are assessed
NOTE 1 The criteria are generally based on regulations, standards, experience, and/or theoretical knowledge used as
a basis of the decision on acceptable risk.
NOTE 2 Risk criteria can depend on associated costs and benefits, legal and statutory requirements, socio-economic
and environmental aspects, the concerns of stakeholders, priorities and other inputs to the assessment.
3.15
risk estimation
process of assigning values to the probability of occurrence of events and their consequences
NOTE Risk estimation can consider cost, benefits, the concerns of stakeholders and other variables, as appropriate
for risk evaluation.
3.16
risk evaluation
process of comparing the estimated risk with given risk criteria to determine the significance of the risk
NOTE Risk evaluation can be used to assist in the decision to accept or to treat a risk.
3.17
risk treatment
process of selection and implementation of measures to optimise risk
3.18
scenario
qualitative description of a series of events in time and space and their inter-relationship given the occurrence
of a hazard
3.19
structural engineering context
background or reasons why the risk assessment shall be implemented from structural perspectives
3.20
stakeholder
any individual, group, organization or authority that can affect, be affected by, or perceive itself to be affected
by, a risk
NOTE The decision-maker is a stakeholder.
3.21
structure
arrangement of materials that is expected to withstand certain actions and to perform some intended function
3.22
system
delimited group of interrelated, interdependent or interacting objects that is assessed for a potential risk
NOTE 1 This definition implies that the system is identifiable and is made up of interacting elements or subsystems,
that all elements are identifiable, and that the boundary of the system can be identified.
NOTE 2 A system involving structures includes the structural system defined in ISO 2394 as a subsystem.
NOTE 3 In terms of technological hazards, a system is normally formed from a physical subsystem, a human
subsystem, their management and environment.
3.23
undesirable consequence
direct and indirect harm, stated in terms of personal injury, death, environmental damage, and monetary loss
NOTE 1 There can be more than one negative consequence from an event.
NOTE 2 Consequences can be expressed qualitatively or quantitatively.
NOTE 3 Both immediate and long-term consequences should be included.
NOTE 4 “Environmental damage” is based on a versatile point of view and sometimes various kinds of damage can be
included, such as social and political damage.
3.24
undesirable event
event that can have undesirable consequences
4 General framework of risk assessment of systems involving structures
4.1 Overview of risk management of systems involving structures
4.1.1 General
The objective of risk management is generally to allocate limited resources “optimally” for the stakeholders
such as society, local community, individuals, and various organizations. Risk management typically consists
of the establishment of risk-management goals, risk assessment, risk treatment, communication and
consultation, and monitoring and review, as illustrated in Figure 1 and described in 4.1.2. Risk management is
not a one-way process but shall be an iterative process.
4 © ISO 2009 – All rights reserved

Key
1 scope of risk assessment
Figure 1 — Risk-management process and
the scope of risk assessment of systems involving structures
4.1.2 Steps in the risk-management process
4.1.2.1 Establishment of risk-management goals
Procedures for establishing risk-management goals are outside the scope of this document. For the risk
management of either a new structure or an existing structure, the risk associated with the proposed design
specification(s) or current condition(s) is estimated objectively by an engineering approach within the process
of risk assessment. It is expected that risk-management goals related to a risk assessment be expressed in
terms of the protection of assets, maintaining health and safety level, environmental protection, regulatory
requirements, functional changes/requirements, etc. These goals are typically determined by comparison of 1)
cost/benefit of optional solutions or 2) various risks, for example, those known as acceptable to society.
4.1.2.2 Risk assessment
Risk assessment consists of the establishment of the structural engineering context, the definition of structural
system, identification of hazards and consequences, risk estimation, risk evaluation and evaluation of options
for risk treatment where it is decided that the risk shall be treated. Although the establishment of a structural-
engineering context and the evaluation of options for risk treatment are generally considered as outside the
scope of risk assessment, they are included within the scope of this International Standard in order to make
the outcome of the risk assessment meaningful.
4.1.2.3 Implementation of risk treatment
In the process of risk treatment, decisions are made about the implementation of risk-reducing measures
based on cost-effectiveness considerations or other social value judgements. Based on their sense of values,
their social and cultural perspective, etc., the stakeholders can decide to accept a risk that the evaluation has
found to be too high.
4.1.2.4 Communication and consultation
There shall be thorough communication and appropriate consultation with the stakeholders for each element
of the risk-management process and for the process as a whole. After the risk assessment is complete, its
results shall be conveyed in a suitable manner so that the stakeholders can understand them and make
appropriate decisions.
4.1.2.5 Monitoring and review
The level of risk shall be monitored in order to keep it under a target level, regardless of whether or not the
risk is treated. Also, the effectiveness of all elements of the risk-management process shall be reviewed in
order to ensure continuous improvement of the process. For each element of the risk-management process,
records shall be kept for future reference to guarantee that decisions are understood and to assist in the
continuous improvement of the process.
4.2 Applicability of risk assessment
Risk assessment is useful in circumstances when an event is very rare yet its consequences are very severe,
or where frequent events result in medium to large consequences. A huge earthquake occurring in an urban
area is a typical example of the former circumstance, whereas a road accident is an example of the latter.
Risk assessment is also useful in circumstances where the size of a structure is very large or the number of
people or amount of goods inside a structure is very large. High-rise buildings are a typical example of this
circumstance.
Risk assessment is essential when the uncertainty of input parameters has a significant impact on the
structural behaviour and the consequences resulting from such behaviour.
Risk assessment is also essential when damage and total loss of the function of a structure has significant
influence on a community. Hospitals, fire rescue and police stations, power-generating and distribution
networks and structures containing highly toxic materials are typical examples of such structures.
5 Establishment of structural engineering context
5.1 Structural-engineering context
The structural-engineering context defines the role of risk assessment in the framework of risk management
for structures. The typical structural engineering contexts are the following:
a) establishment of design basis;
b) assessment of existing structures;
c) assessment of exceptional structures and/or extraordinary events; see Annex B;
d) preparation of risk information for decision.
Stakeholders shall be identified based on the established structural-engineering context.
6 © ISO 2009 – All rights reserved

5.2 Establishment of design basis
5.2.1 A design code prescribes a series of criteria for the design of structural members. The criteria are
often based on target reliability levels that can be predetermined based on risks associated with exceedance
of relevant limit states. Results of risk assessment can provide a rational basis for determining the target
reliability levels.
5.2.2 Risk assessment can be carried out to check the target reliability level of existing structural design
codes.
5.3 Assessment of existing structures
5.3.1 The risk associated with existing structures, including heritage structures, should be assessed when
the structure is damaged, its use is changed or it is in other relevant situations. If the risk is too large, results
from the risk assessment shall be reported to the stakeholders.
NOTE ISO 13822 can be used for risk estimation.
5.3.2 It is necessary to assess the risk due to extraordinary events beyond the design-based events and to
verify that the results should be within the acceptable level. It is recommended, where practicable, that the
acceptable level should be equivalent to that for newly designed structures; however, the level for existing
structures can be determined with cost/benefit consideration.
In many cases for old buildings, it is challenging or practically impossible to assess the reliability and compare
it to that of a new-built structure because it is not possible to apply modern design rules to old buildings and
structures. Materials and construction techniques are used for which design rules no longer exist. Also,
detailing can be in conflict with present detailing rules without representing necessarily an increased and
unacceptable risk. In situations where an existing structure is difficult to assess accurately, emphasis should
be put on the option of mitigating the risk.
5.4 Assessment of exceptional structures or extraordinary events
Exceptional structures are those whose design is beyond the scope of existing codes. Risk assessment of
such structures shall be carried out if their failures can have serious consequences. Risk assessment shall
also be implemented for some extraordinary events (see Annex B), such as fires and some critical event
scenarios.
5.5 Preparation of risk information for decision
When several optional strategies or concepts are available, the optimum strategy shall be determined based
on the result of risk assessment. Risk-based optimization can have two principal objectives:
a) to minimize risk given limited economic resources;
b) to determine the optimal level of investment in risk reduction.
In both situations, the optional use of economic resources should be considered to examine whether they
contribute to optimal risk reduction.
Options should be compared according to net utility, cost/benefit or cost-effectiveness; see Annex H. If the
aim of decision-making is to minimize risk within economic restraints, any of these criteria may be used
provided that all technical solutions are consistent with best practice.
6 Definition of system
6.1 Representation of the system
Fundamentally, the system representation shall facilitate decision-making and, thus, shall be adapted to the
structural engineering context described in Clause 5. The definition of the system involving structures shall
include a clear identification of the functions provided by the structures and how these functions are supported
by the structural components. The extent of the system that is considered in risk assessment shall be clearly
identified based on the structural engineering context.
6.2 Identification of the subsystems
The characteristics of each subsystem, such as type of structure(s), codes and standards used in the design
of the structure(s), use, importance, location and working life, shall be identified. The limit states of the system
shall also be specified.
7 Identification of hazards and consequences
7.1 Identification of possible hazards
During their service lives, structures can be exposed to various natural hazards and man-made hazards. The
hazards that can cause undesirable events shall be identified. For hazards that can cause a series of events
in time and space (e.g., fire), scenario analysis shall be performed. For the detailed procedure on scenario
analysis for fire, see ISO/TS 16732 and ISO/TS 16733.
7.2 Identification of extent of scenarios
Having identified a possible hazard, scenarios shall be identified as the sequences or combinations of events
or processes necessary for system failure and resulting undesirable consequences for the system involving
structures. The essential techniques used for schematic representation of scenarios are fault trees and event
trees. A scenario should include collapse or damage of the structure(s), loss of functionality, human death or
injury and other economic and/or social losses caused by or to the stakeholders.
7.3 Identification of consequences
Consequences resulting from the hazards and following events shall be identified. They should be described
in terms of several measures, e.g., monetary loss, human fatalities and environmental damage. Some
consequences can be identified by scenario analyses considering the extent of influences due to failure of the
structural systems in time and space.
7.4 Hazard screening
7.4.1 General
Although all possible hazards should be taken into consideration, hazards important to a system shall be
selected on the basis of their significance and incorporated in the risk assessment. As each hazard has its
inherent characteristics and possible consequences, it is recommended to categorize hazards by the original
cause, the degree of quantification, and the significance of consequences. The screening of hazards in
accordance with their importance for risk assessment can then be performed based on experience and
expertise of the engineer. The results of the hazard screening shall be documented.
8 © ISO 2009 – All rights reserved

7.4.2 Hazard screening criteria
Preliminary risk estimation (see 8.1) shall be carried out to identify the significant risks. The criteria for the
hazard screening are, in principle, based on the magnitude of the risk from the preliminary risk estimation.
Frequency of the hazard and/or significance of the relevant consequences can also be useful criteria. Hazards
with obviously negligible risk compared with the acceptable risk level may be screened out.
The hazard screening criteria shall be clearly described in terms of frequency of the event and magnitude of
its consequence. They may be based on the past experience, human perception and relevant values specified
elsewhere.
8 Risk estimation
8.1 Types of risk estimation
8.1.1 General
Risk estimation shall be undertaken according to the purpose of the estimation, required degrees of details,
information, data and resources available. The types of estimation fall into three broad categories, i.e.,
qualitative, semi-quantitative and quantitative, depending on the circumstances. In practice, qualitative
estimation is often used, as a preliminary risk estimation, to obtain a general indication of the level of risk and
to reveal the risks that shall be considered. Later, it can be necessary to undertake more specific or
quantitative estimation on the revealed risk.
8.1.2 Qualitative estimation
In qualitative estimation, risk is subjectively estimated and ranked in a descriptive manner. Qualitative
estimation should be used
a) as an initial screening activity to identify risks that require more detailed estimation;
b) where the qualitative estimation provides sufficient information for decision-making;
c) where the numerical data or resources are insufficient for a quantitative estimation.
8.1.3 Semi-quantitative estimation
In semi-quantitative estimation, a ranking scale more expanded than the one usually achieved in qualitative
estimation shall be adopted. It should be noted that the numbers chosen cannot properly reflect relativities
and this can lead to inconsistent, anomalous or inappropriate outcomes.
8.1.4 Quantitative estimation
In quantitative estimation, numerical values rather than descriptive scales shall be used in qualitative and
semi-quantitative estimation for both consequences and probability using data from a variety of sources. The
quality of the estimation depends on the accuracy and completeness of the numerical values and the validity
of the models used.
8.2 Data for estimation
Data for estimation shall be taken from appropriate sources of information. The most pertinent information
sources and techniques should be used when estimating probability. Information sources can include the
following:
a) past records;
b) practice and relevant data (field data collection);
c) relevant published data (incident data);
d) experiments and prototypes;
e) engineering or other models;
f) specialist and expert judgment (expert opinions).
8.3 Risk representation
The results obtained in risk estimation shall be presented to stakeholders with maximum clarity, for example
by converting the results to a common scale, such as potential fatalities; see Annex H. These can, then, be
related to the probability of occurrence of various hazards and can be compared with other hazardous
activities or another risk level.
In qualitative risk representation, risk shall be rated as being, for example, of high, moderate or low
importance. In quantitative representation, risk shall be presented by a combination of probability and
consequence. The expectation of consequence can be used for risk representation; see Annex F.
8.4 Estimation of probability
8.4.1 General
Probability estimates can be obtained from any or all of the following three approaches:
a) direct estimation from data;
b) inference from a model that relates the probabilities of interest to other probabilities;
c) engineering judgment.
Where no reliable or relevant past data are available, subjective estimates can be made that reflect an
individual's or group's degree of belief that a particular event or outcome will occur.
In particular, to combine limited amounts of data from different types of sources, Bayesian Inference
techniques are recommended.
For the purposes of risk communication, it is preferable to differentiate between uncertainties due to inherent
natural variability, model uncertainties and statistical uncertainties. Whereas the first type of uncertainty is
often denoted aleatory uncertainty, the latter two are referred to as epistemic uncertainties.
8.4.2 Probability of occurrence of hazard
The probability of occurrence of each hazard shall be estimated based on the past data, if available. If the
data are not available, expert judgement should be incorporated; see Annex C. Note that it is important to
reflect the characteristics of the hazard, although a hazard is often represented simply in terms of a hazard
curve.
10 © ISO 2009 – All rights reserved

8.4.3 Limit state probability
The limit state probability shall be estimated using the following procedures:
a) modelling of action;
b) modelling of resistance;
c) structural analysis (response analysis).
Based on the statistical data of the above, the limit-state probability can be estimated by means of either
theoretical approaches or statistical approaches such as Monte Carlo simulations.
To represent a conditional limit state probability, a fragility curve can be defined as a function whose argument
is the magnitude of the hazard; see Annex D.
8.5 Estimation of consequence
Consequences shall be determined by modelling the outcomes of an event or a set of events, or by judging
from experimental studies or past data. A scenario analysis is performed from the occurrence of an initial
event with regard to the extent of consequences, as specified in 7.2. Tools like fault tree analysis and event
tree analysis are recommended.
A quantitative estimation of consequence should be expressed numerically to define the extent of human
fatality and injuries and/or environmental damage and economic loss.
8.6 Risk calculation
The probability distribution of consequences is a quantitative representation of the whole profile of a risk,
which is a combination of probability and consequence as defined in this International Standard. The
probability distribution can be expressed by a cumulative distribution function, CDF. It can also be expressed
by a probability mass function, PMF, when the consequence is a discrete value, or by a probability density
function, PDF, when it is continuous.
For the convenience of risk comparison, a risk is sometimes represented with a scalar. Traditionally, one of
the most frequently used representations is E[C], the expectation of consequences.
These are described in D.2 and E.1.
8.7 Sensitivity analysis
Since some of risk estimation results are not sufficiently accurate to lead to a rational decision, a sensitivity
analysis should be carried out to investigate the effect of uncertainty in assumptions, models and data. A
higher sensitivity suggests that more care and/or effort is required in obtaining data or estimates for the
variables concerned. Sensitivity analysis is also a way of examining the appropriateness and effectiveness of
possible risk controls and risk treatment options.
9 Risk evaluation
9.1 Risk acceptance
After the risk is estimated, it shall be determined whether the risk level is acceptable or not by comparing it
with predetermined criteria. If the risk is unacceptable, it shall be treated appropriately.
9.2 Risk criteria
Risk criteria shall be developed prior to the risk estimation as a part of establishing the risk-management goals.
They can be determined based on regulations, standards, cost/benefit considerations or net utility.
Risk criteria may be modified after risk estimation based on the cost/benefit analysis and optimization; see
Annex A. Although risk criteria are initially developed as a part of the risk management, they can be further
developed and refined subsequently as particular risks are identified and as procedures for risk estimation are
chosen.
Risk criteria shall be consistent with the risk-management goals, and shall reflect the values of society and/or
the decision-maker. The tolerable risk level of the parties who do not benefit from the series of activities shall
be considered rather than the organization that does benefit. Risk criteria shall be determined based on
characteristics of risks, such as whether they are natural or man-made, voluntary or involuntary, related to
specified or unspecified people, well known or new. More conservative criteria are usually set for the latter
characteristic of each of the pairs listed above.
10 Evaluation of options for risk treatment
10.1 General
If the risk level is higher than the acceptable level, the risk shall be treated and brought to be below the
acceptable level. Risk treatment involves identifying the range of options for treating a risk, assessing these
options and preparing and implementing a treatment plan.
10.2 Determination of options
10.2.1 General
In order to reduce a risk effectively, more than one risk treatment option should be considered. Options can
generally be sorted into the following four categories described in 10.2.2 to 10.2.5.
10.2.2 Risk avoidance
The risk can be avoided by deciding not to proceed with the activity likely to generate the risk. Since another
risk can arise by avoiding the activity or substituting an optional activity, such risk shall be estimated when this
option is considered.
10.2.3 Reduction of probability and/or consequences
The probability of hazardous events can be reduced, for example, by relocating the structure to a less
hazardous site. The consequences can be reduced, for example, by a revision of the structural design. The
associated costs and other effects of such optional measures shall be estimated.
10.2.4 Risk transfer
Insurance is a typical instance of transfer of risk. An organization can reduce a risk by involving another party
to share some part of the risk with a trade-off of fixed cost, i.e. risk premium. By transferring the risk, the
original organization can reduce the risk, but the total amount of the risk does not change for the whole society.
10.2.5 Risk retention
When a risk level is below the acceptable level, the residual risk can be retained by an organization. The
organization should submit to the consequence expected in the residual risk and, thus, should cope with the
loss through some means of financing (such as allowable financial reserve).
12 © ISO 2009 – All rights reserved

10.3 Assessment of options for risk treatment
The most appropriate treatment options should be selected based on the assessment of the options in terms
of cost and benefit.
The cost/benefit ratio and values of not only the decision-makers but also of the other stakeholders and
possibly the society should be considered. All direct and indirect costs, gains and losses, whether tangible or
intangible, financial or otherwise, should be considered within the established context. Legal and social
responsibility requirements should also be considered in the assessment.
If the budget for risk treatment is constrained, the assessment should be carried out while considering the
priority order in which individual risk treatments should be implemented. It is important to compare the cost of
not taking action against the budgetary saving. It also shall be taken into consideration that infrequent but
severe consequences require treatment actions not justifiable on strictly economic grounds.
The effectiveness of each option should be tested by sensitivity analysis.
10.4 Implementation of risk treatment
After the assessment of options for risk treatment, the most appropriate treatment option shall be selected and
implemented. Since new risks can be introduced by the risk treatment, they shall be identified, assessed,
treated and monitored.
Several options can be applied in combination.
After treatment, a decision shall be made on whether to retain the residual risk or repeat the risk treatment
process.
11 Report
The assessment of systems involving structures shall produce a re
...