Appendix B – Terms and Definitions
Communication and consultation - continual or iterative processes that an organisation conducts to provide, share or obtain information and to engage in dialogue with stakeholders regarding the management of risk
Consequence - outcome of an event affecting objectives
Control - measure to modify risk
Event - occurrence or change of a particular set of circumstances
Nature, likelihood, and consequence of an event can not be fully knowable.
An event can be one or more occurrences, and can have several causes.
Likelihood associated with the event can be determined.
An event can consist of a non occurrence of one or more circumstances.
An event with a consequence is sometimes referred to as “incident”.
An event where no loss occurs may also be referred to as a "near miss", "near hit", "close call" or "dangerous occurrence".
Exposure - extent to which an organisation is subject to an event
External context - external environment in which the organisation seeks to achieve its objectives. External context can include:
the cultural, political, legal, regulatory, financial, technological, economic, natural and competitive environment, whether international, national, regional or local
key drivers and trends having impact on the objectives of the organisation
perceptions and values of external stakeholders.
Frequency - measure of the likelihood of an event expressed as a number of events or outcomes per defined unit of time
Hazard - potential source of harm
Internal context - internal environment in which the organisation seeks to achieve its objectives
Level of risk - magnitude of a risk expressed in terms of the combination of consequences and their likelihood
Likelihood - chance of something happening
The English term “likelihood” does not have a direct equivalent in some languages; instead the equivalent of the term "probability" is often used. However, in English, “probability” is often narrowly interpreted as a mathematical term. This Guide therefore uses “likelihood“, with the intent that it should have the same broad interpretation as the term “probability“ has in many languages other than English.
Major Hazard Management Plan - (also called Principal Hazard Management Plan) a management plan developed to control major hazards that have the potential for multiple fatalities. They typically include an emergency response component and triggers that require evacuation from the mine.
Monitoring - continual checking, supervising, critically observing or determining the status in order to identify change from the performance level required or expected
Probability - measure of the chance of occurrence expressed as a number between 0 and 1, where 0 is impossibility and 1 is absolute certainty
Residual risk - risk remaining after risk treatments
Resilience - capacity to resist being affected by an event
Review - activity undertaken to determine the suitability, adequacy and effectiveness of the subject matter to achieve established objectives
Risk - effect of uncertainty on objectives
An effect is a deviation from the expected - positive and/or negative.
Objectives can have different aspects such as financial, health and safety, and environmental goals and can apply at different levels such as strategic, organisation-wide, project, product, and process.
Risk is often characterised by reference to potential events, consequences, or a combination of these and how they can affect the achievement of objectives.
Risk is often expressed in terms of a combination of the consequences of an event or a change in circumstances, and the associated likelihood of occurrence.
Risk acceptance - informed decision to take a particular risk
Risk aggregation - process to combine individual risks to obtain a more complete understanding of risk
Risk analysis - process to comprehend the nature of risk and to determine the level of risk
Risk analysis provides the basis for risk evaluation and decisions about risk treatment.
Risk appetite - amount and type of risk an organisation is prepared to pursue or take
Risk assessment - overall process of risk identification, risk analysis and risk evaluation
Risk attitude - organisation’s approach to assess and eventually pursue, take or refuse risk
Risk aversion - attitude to turn away from risk
Risk avoidance - decision not to be involved in, or to withdraw from, an activity based on the level of risk
Risk criteria - terms of reference against which the significance of a risk is evaluated
Risk evaluation - process of comparing the results of risk analysis against risk criteria to determine whether the level of risk is acceptable or tolerable
Risk financing - form of risk treatments involving contingent arrangements for the provision of funds to meet the financial consequences should they occur
Risk identification - process of finding, recognising and describing risks
Risk identification involves the identification of risk sources, events and their causes and their potential consequences.
Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholder’s needs.
Risk management - coordinated activities to direct and control an organisation with regard to risk
Risk management audit - systematic, independent and documented process for obtaining evidence and evaluating it objectively to determine the extent to which the risk management framework is adequate and effective
Risk management framework - set of components that provide the foundations and organisational arrangements for designing, implementing, monitoring, reviewing and continually improving risk management processes throughout the organisation
Risk management plan - document within the risk management framework specifying the approach, the management components and resources to be applied to the management of risk
Management components typically include procedures, practices, assignment of responsibilities and sequence of activities.
The risk management plan can be applied to a particular product, process and project, and part or whole of the organisation.
Risk management policy - overall intentions and direction of an organisation related to risk management
Risk management process - systematic application of management policies, procedures and practices to the tasks of communicating, consulting, establishing the context, identifying, analysing, evaluating, treating, monitoring and reviewing risk
Risk matrix - tool for ranking and displaying risks by defining ranges for consequence and likelihood
Risk mitigation - measures taken to reduce an undesired consequence
Risk owner - person or entity with the accountability and authority for managing the risk and any associated risk treatments
Risk perception - stakeholder’s view on a risk
Risk profile - description of a set of risks
Risk register - record of information about identified risks
Risk reporting - form of communication intended to address particular internal or external stakeholders to provide information regarding the current state of risk and its management
Risk retention - acceptance of the benefit of gain, or burden of loss, from a particular risk
Risk sharing - form of risk treatments involving the agreed distribution of risk with other parties
Legal or regulatory requirements can limit, prohibit or mandate risk sharing.
Risk sharing can be carried out through insurance or other forms of contract.
Risk sharing can create new risks or modify existing risks.
Risk source - anything which alone or in combination has the intrinsic potential to give rise to risk
Risk tolerance - organisation’s readiness to bear the risk after risk treatments in order to achieve its objectives
Risk treatment - process of developing, selecting and implementing controls
Risk treatment can involve:
avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk
seeking an opportunity by deciding to start or continue with an activity likely to create or enhance the risk
removing the source of the risk
changing the nature and magnitude of likelihood
changing the consequences
sharing the risk with another party or parties
retaining the risk by choice.
Risk treatments that deal with negative consequences are sometimes referred to as risk mitigation, risk elimination, risk prevention, risk reduction, risk repression and risk correction.
Safety management system - (or safety and health management system) is the collective documentation of safety and risk based information and procedures for safely and effectively managing a mine.
Stakeholder - any person or organisation that can affect, be affected by, or perceive themselves to be affected by a decision or activity
Standard operating procedure - (maybe also be called standard work procedures or standard job instructions depending on the scope) these are typically task level procedures for consistent standardised methods to conducting a task. They are developed from team based risk assessments.
Uncertainty - state, even partial, of deficiency of information related to or understanding or knowledge of an event, its consequence, or likelihood
Vulnerability - intrinsic properties of something that create susceptibility to a source of risk that can lead to a consequence