This blog is based on my mini-chapter from the Risk Management Handbook: A practical guide to managing the multiple dimensions of risk (2016) edited by David Hillson. In the mini-chapter I explore the parallels of the evolution of the notion of risk and the praxis of risk management in development aid. Within this blog, I’d like to highlight the stages of the evolution of the notion of risk only.

This is a sligtely modified, in fact, sharpened version of the blog I published on 5 March 2017. It is a result of further discussion with two of my colleagues who helped me to introduced more refined and nuanced understanding of each step: disaster risk identification, disaster risk analysis, and disaster risk evaluation. Hope it would be interesting to the reader too!

In my work, I constantly witness confusions around the differences of disaster risk management and disaster risk governance. Recently one of the experts in the area told me that ‘disaster risk governance’ is a cross-cutting theme and it could fully fit disaster risk management subject area. This magic domain of ‘cross-cutting’ leaves many uncomfortable questions unaddressed and many definitions blurred. In this blog I’d like however, to attempt to address one of them: the difference between disaster risk management and disaster risk governance and the leading principle of ‘risk footprint’.

Disaster risk assessment through the prism of ISO:31000

I wouldn’t think that this subject could be interesting if not my recent discussion with a group of high-caliber international experts who we are working together on an international project on disaster risk assessment. We wanted to follow the risk assessment processes as described in the ISO 31000:2009 standards (Figure 1) and apply them to the disaster risk management context. The questions raised among us were around the three steps of risk assessment: risk identification, risk analysis, and risk evaluation. What is the focus of each of these steps from disaster risk assessment perspective? Should ‘risk identification’ be already concerned with ‘disaster risk’ including understanding of some impact? What is the difference between the ‘disaster risk analysis’ and the ‘disaster risk evaluation’? Eventually, disaster risk is one of many types of risks and it should be possible for its assessment to follow the logic of risk assessment process described in Figure 1.

We do not run risk analysis for fun. We need risk analysis to inform our decisions: where to go, what to do, who to partner with, what to avoid, etc. Instead, I regularly come across with ‘risk analyses’ which are nothing else but boring box-ticking exercises burdened by an organization or a project, providing with little if any input for decision-making. Hoping to address this situation, allow me to share some considerations on what can potentially help.


Risk Society Training

We help you to develop your risk management capacities

Learn more about our
Training programme


Risk Society Consultancy Risk Management

We offer a range of services to manage your risks

Learn more about our


Risk Society Expertise Risk Management

We offer professional expertise with sector focus

Learn more about our

Contact us

Risk Society Contact us

Call us at
+31 (0) 616499150

or mail us at