Risk assessment, security, management


Business | Business Administration, Management, and Operations


One of the principal jobs of chief executives is to minimize risk and vulnerability to catastrophic events. Analyzing risk has become more complex since September 11, 2001. In addition to terrorism, other catastrophes can change the course of life as we know it including cyber crime, biological attacks, and the spread of diseases such as SARS. Companies must realign corporate priorities and put the security issue at the forefront, as many companies have done since the 9/11 attacks. Risk management has dealt traditionally with two types of events: known risk and unknown risk. Known risks are events you know exist, and are somewhat likely to occur, such as fire, theft, accidents, lawsuits, economic or currency risk. Unknown risks are those that could happen, but are unlikely to affect you, your people or your property: earthquakes, tornadoes and other weather risks, political instability, and conventional terrorism, such as that to which the US was exposed prior to 9/11. We now have a third category: unknowable risk. Unknowable risks are those that are neither known nor unknown, and you don’t imagine they exist. Therefore, it is difficult to plan contingencies for unknowable risks. Examples of unknowable risk include SARS, or passenger aircraft being flown into Manhattan skyscrapers

Original Citation

Sanchez, C., Goldberg, S. R. (2003). How to handle the threat of catastrophe. The Journal of Corporate Accounting & Finance, 14(6), 35.