Cox Louis Anthony Tony
Cox Associates and University of Colorado, USA.
Risk Anal. 2009 Jul;29(7):940-8. doi: 10.1111/j.1539-6924.2009.01209.x. Epub 2009 Mar 26.
Two commonly recommended principles for allocating risk management resources to remediate uncertain hazards are: (1) select a subset to maximize risk-reduction benefits (e.g., maximize the von Neumann-Morgenstern expected utility of the selected risk-reducing activities), and (2) assign priorities to risk-reducing opportunities and then select activities from the top of the priority list down until no more can be afforded. When different activities create uncertain but correlated risk reductions, as is often the case in practice, then these principles are inconsistent: priority scoring and ranking fails to maximize risk-reduction benefits. Real-world risk priority scoring systems used in homeland security and terrorism risk assessment, environmental risk management, information system vulnerability rating, business risk matrices, and many other important applications do not exploit correlations among risk-reducing opportunities or optimally diversify risk-reducing investments. As a result, they generally make suboptimal risk management recommendations. Applying portfolio optimization methods instead of risk prioritization ranking, rating, or scoring methods can achieve greater risk-reduction value for resources spent.
为补救不确定危害而分配风险管理资源时,两条常见的推荐原则是:(1)选择一个子集以最大化风险降低效益(例如,最大化所选风险降低活动的冯·诺依曼-摩根斯坦预期效用),以及(2)为风险降低机会确定优先级,然后从优先级列表顶部开始选择活动,直至无法承担更多活动。当不同活动产生不确定但相关的风险降低时,实际情况往往如此,那么这些原则就不一致了:优先级评分和排序无法最大化风险降低效益。国土安全和恐怖主义风险评估、环境风险管理、信息系统漏洞评级、商业风险矩阵以及许多其他重要应用中使用的现实世界风险优先级评分系统,并未利用风险降低机会之间的相关性,也未对风险降低投资进行最优分散。因此,它们通常会给出次优的风险管理建议。应用投资组合优化方法而非风险优先级排序、评级或评分方法,可以为所花费的资源实现更大的风险降低价值。
