Risk in Public Management

… a core concept used in Implementation and Delivery and Atlas107

Concept description

Leslie Pal (reference below) examines the nature of risk in public management.

Pal writes (p. 320):

“From a policy perspective, risk is increasingly an important component about thinking through policy issues and managing policy organizations. Risk is associated with threats to government assets and personnel, and can arise from cataclysmic terrorist acts or simple accidents in the field. Another factor is the rise in insurance costs, which makes risk management more than a matter of taking out a policy; it becomes a matter of actively mitigating or avoiding risks. Finally, the public is less tolerant of even small errors made by private and public organizations, and is more ready to litigate in a climate where courts are prepared to hand out increasingly punitive damages.”

“Risk, of course, is, to some large extent, a subjective assessment at both the individual and the cultural level. Some people see no risks in activities that make others quail. Societies define risk differently as well. For example, there is a case to be made that contemporary industrial societies have elevated “safety” to almost a religious level (Beck, 1992, 1999; Furedi, 2002). On almost any conceivable measure, from life expectancy to the likelihood of suffering accidents, people generally today (in developed countries, to be sure) are safer than ever before. Paradoxically, that very condition of relative safety may inflate people’s expectations about how safe things should be and, hence, lower their tolerance to risk. Nonetheless, there are internationally recognized definitions of risk.”

The definition of risk

Pal writes (p. 321):

“The International Organization for Standards defines risk as a “combination of the probability of an event and its consequences.” This definition highlights two key points about risk: chance or probability, and severity of consequences. This is exactly the logic behind auto insurance. Companies calibrate their insurance premiums to age, sex, type of car, driving environment, and use. These are all measures of probability. Young male drivers of sports cars in urban centres who will use their cars a lot are a greater risk – that is, the probability of a car accident is higher – than middle-aged, rural drivers who go out only to church on Sunday in the family sedan. The other dimension is the severity of the consequence. If the consequence, usually defined in negative terms (but not always, as in “take a chance on love”) is slight, even if the probability is high, then the risk factor would be considered negligible. However, a low probability of a severe consequence (a nuclear plant explosion) can give one pause, simply because the result might be so awful.

“In normal language, the concept of risk is associated with probabilities that negatively valued events or outcomes will occur. We don’t think it a “risk” to possibly encounter an old dear friend on the street; it is more of a chance or an opportunity. However, it makes perfect sense to view meeting up with someone you dislike as a “risk.” The other common language feature of risk is that it should be a probability of not just something severe happening, but something severe that is relevant to the core mission of the risk-assessing organization. From a policy point of view, this feature means assessing risks that would impede program development and delivery, and risks that would challenge the organizational mission as a whole.”

Risk profiles

Pal notes (p. 234) that:

“… risk is, to some extent, in the eye of the beholder. It is linked to the notion of probability, but distinct from it nonetheless. For example, it might be possible to mathematically calculate the probability of some accident at 80 percent. Some would see that figure and consider it too high. Others – less “risk averse” – would look at it and consider the 20 percent probability of it not occurring as being quite comforting. Security and stock markets work in exactly the same way, offering products with different risks attached that appeal to different segments of the market. This distinction underlines the point that an organization’s risk profile is only the classification of the types and probabilities of risks it faces. It is not an assessment of how seriously to take those risks. Doing that is a more difficult process, one that ultimately depends on the judgment of management, based, in turn, on the risk aversion (or organizational culture) of key stakeholders. For private firms this is a matter of checking with stakeholders; for public organizations it is trickier since the potential stakeholder base is quite large, and in any event, the organization is supposed to be motivated by the public interest (Pal & Maxwell, 2004).

“Public organizations face a special problem in developing risk profiles because of the risk aversion of most clients. Many public services are monopoly services not provided in the same degree in the private sector – education, health, and the myriad of social services are prime examples. With few or no alternatives, clients of these services demonstrate a strong negativity bias – the risk of any change or withdrawal of benefit is considered very serious. This point of view is a standard problem that all democratic governments face when they inflict pain or losses on their citizens (Pal & Weaver, 2003). On the other hand, risk analysis can become a smokescreen for bad policy. If there is a “risk,” for example, that the media will learn about a badly performing program and that risk is “managed” – the net effect in terms of democracy is probably negative. A risk that truth will be told, that abuses will be exposed, that malfeasance might see the light of day – these are indeed risks, but “managing” them so they do not cause problems is the antithesis of good public service. Managing risk always has to be put in the broader context of ethical government behaviour. A risk, by definition, is the probability of bad news – but what counts as bad has to be measured against the yardstick of ethics.”

Atlas topic, subject, and course

Managing Risk (core topic) in Implementation and Delivery and Atlas107.


Leslie Pal (2014), Beyond Policy Analysis – Public Issue Management in Turbulent Times, Fifth Edition, Nelson Education, Toronto. See Beyond Policy Analysis – Book Highlights.

Beck, U. (1992). The risk society: Towards a new modernity. Newbury Park, CA: Sage.

Beck, U. (1999). World risk society. London, UK: Polity Press.

Furedi, F. (2002). Culture of fear: Risk-taking and the morality of low expectation (2nd ed.). London, UK: Continuum International Publishing.

Pal, L. A., & Maxwell, J. (2004). Assessing the public interest in the 21st century: A framework. Background study for the External Advisory Committee on Smart Regulation. Retrieved from http://www.cprn.org/doc.cfm?doc=508&l=en

Pal, L. A., & Weaver, R. K. (Eds.). (2003). The government taketh away: The politics of pain in the United States and Canada. Washington, DC: Georgetown University Press.

Page created by: Ian Clark, last modified 9 April 2017.

Image: Value4Risk, at http://value4risk.com/researchintelligence/, accessed 9 April 2017.