Abstract
Risk analysis is traditionally accepted as a complex and critical activity in various contexts, such as strategic planning and software development. Given its complexity, several modeling approaches have been proposed to help analysts in representing and analyzing risks. Naturally, having a clear understanding of the nature of risk is fundamental for such an activity. Yet, risk is still a heavily overloaded and conceptually unclear notion, despite the wide number of efforts to properly characterize it, including a series of international standards. In this paper, we address this issue by means of an in-depth ontological analysis of the notion of risk. In particular, this analysis shows a surprising and important result, namely, that the notion of risk is irreducibly intertwined with the notion of value and, more specifically, that risk assessment is a particular case of value ascription. As a result, we propose a concrete artifact, namely, the Common Ontology of Value and Risk, which we employ to harmonize different conceptions of risk existing in the literature.
Access provided by CONRICYT-eBooks. Download conference paper PDF
Similar content being viewed by others
Keywords
1 Introduction
Risk analysis is traditionally accepted as a complex and critical activity in various contexts, such as strategic and project planning, finance, engineering of complex systems, and software development. It offers techniques and tools for systematically identifying potential issues, analyzing their impact and designing and evaluating mitigation strategies.
Given the complexity of risk analysis, several modeling approaches have been proposed to help analysts in representing and analyzing risks in different contexts. Examples include the Goal-Risk framework [2], an approach designed to support risk analysis in the context of requirements engineering; RiskML [30], an i*-based modeling language tailored for dealing with risks inherent to the adoption of open source software; the CORAS method [22], a model-driven approach focused on the protection of enterprise assets; and Archimate [6], in which risks are analyzed in the context of enterprise architecture models.
Naturally, having a clear understanding of the ontological nature of risk is fundamental for performing risk analysis, and even more for developing modeling languages to support it. Yet, risk is still a heavily overloaded and conceptually unclear notion [5, 25], despite the wide number of efforts to properly characterize it [3, 7, 27]–including several standardization efforts [9, 16,17,18].
In this paper, we address this issue by means of an in-depth ontological analysis, conducted under the principles of the Unified Foundational Ontology (UFO) [13]. As we shall see, our analysis shows an important result: the notion of risk is irreducibly intertwined with the notion of value and, more specifically, the process of assessing risk is a particular case of that of ascribing value. Indeed, we are not the first to relate value and risk. For example, Boholm and Coverllec [7] defended, in their relational theory of risk, that “for an object to be considered ‘at risk’, it must be ascribed some kind of value”, and Rosa [27] defined risk as “a situation or event where something of human value [...] has been put at stake”. Our analysis, however, is (to the best of our knowledge) the first to show and formally characterize the process of ascribing risk as a particular case of the process of ascribing value (in the sense of use value, as we shall discuss in Sect. 2). This opens the possibility of applying methodologies and techniques developed in marketing and economics for value analysis to the case of risk analysis, and vice versa, linking together two historically disconnected bodies of research. As a result of our analysis, we propose a concrete artifact, namely the Common Ontology of Value and Risk, formalized in OntoUML [13].
The remainder of this paper is organized as follows. First, in Sects. 2 and 3 we start with separate characterizations of the concepts of value and risk, contrasting their different interpretations found in the literature. Then, in Sect. 4 we compare the two concepts and discuss how several characteristics, historically ascribed to value, also apply to risk and vice versa. In Sect. 5 we present the common ontology of value and risk resulting from our analysis, and finally we discuss the implications of our findings on the practice of conceptual modeling of risk and value in Sect. 6, adding some further remarks in Sect. 7.
2 On Value and Value Ascription
The term ‘value’ is heavily overloaded, standing for various meanings in different fields. Thus, it is paramount to this paper to clarify what we mean (and what we do not mean) by value. There is one sense in which value stands for ethical value [26], as in “the values of our company are passion, integrity and diversity”. In this sense, a value can be some sort of high-level and long term goal an agent is committed to pursuing or a sort of constraint that guides the behavior of an agent. This notion of value is important in the study of Ethics and human behavior, but it is not what we mean by value in this paper.
Another common meaning for value is that of exchange value [31], an interpretation that is widely adopted in economics. This meaning of value is exemplified in sentences such as “the value of my bicycle is 100 €” and “the value of my house is equivalent to that of two cars”. Exchange value captures how much people are willing to pay for something or, more broadly, the worth of one good or service expressed in terms of the worth of another. This meaning of value is fundamental for economics and has been used in modeling approaches such as e3value [11], but still, it is not the interpretation we adopt in this paper.
Moreover, value may stand for use value [1, 29, 31], as in “my bicycle is valuable to me because I ride it to the office every day” and “the heating system of my car is of little value to me because I live in a city that is warm all year round”. In this sense, the value of a thing emerges from how well its affordances match the goals/needs of a given agent in a given context. The notion of use value (or value-in-use) is mostly used in the business literature, in particular in marketing and strategy research, as it is a core part of understanding relevant phenomena such as what motivates customers to buy a particular product, why they choose one offering over another, and how companies differentiate themselves from their competitors. Use value is the interpretation of value we adopt in this paper.
In recent works [1, 29], some of us have investigated the ontological nature of use value, aiming at understanding foundational questions such as: “What do we ascribe value to?” and “Which factors influence value?”. In these works, we were able to identify and formalize various characteristics of use value. Its first characteristic is goal-dependency, i.e. things have value to people because they allow them to achieve their goals. This means that value is not intrinsic to anything, and the same object may have different values to different agents, or even according to different goals of the same agent. For example, a winter jacket has value on a cold night because, by wearing it, one is protected from the cold.
A second characteristic of use value is that, ultimately, it is ascribed to experiences, not objects. This may sound counter intuitive at first, as we have mentioned several examples of value seemly being attributed to objects. To clarify this point, let us go back to the winter jacket example. To ascribe some value to a jacket, we need to consider the situations in which we envision ourselves using such a jacket. It could be a snowy day while we go to work, a winter hike on the Italian Dolomites, or a rainy evening when we go to a dinner. In each of these situations, we will have different goals that we expect the jacket to help us fulfill, such as staying warm and dry, looking fashionable, keeping our belongings and so on. The value that we ascribe to the jacket, thus, will be “calculated” from the value ascribed in these envisioned experiences.
Despite its subjective nature and the fact that value is ultimately grounded on experiences, value is directly affected by the intrinsic properties of the objects that participate in these experiences. For instance, if a jacket is worn during a hike, it will be more or less valuable depending on its weight (an intrinsic quality that inheres in the jacket), as lighter jackets facilitate exercise. The same analysis holds for a jacket’s waterproof capability on a rainy day: the more it can repel water, the more it satisfies its wearer’s goal of staying dry.
By considering the whole experience in which objects are used, we are able to explain that not only intrinsic properties of things affect their value, but also the properties of other objects and of the experience itself. This is useful, for instance, to explain that the value experienced by a user of a movie streaming service is affected by the speed of the internet connection used to access it, as well as the screen resolution of the streaming device.
Note that the conceptualization of value we proposed in our previous works [1, 29] is not restricted to the positive dimensions of experiences. As extensively discussed in the literature [19, 21], value is a composition of benefits, which emerge from goal satisfaction, and sacrifices, which emerge from goal dissatisfaction. Thus, the value of an airline service is not only taking passengers from one place to another, but doing so minus the price one has to pay for the respective flight ticket, the effort to arrive to the point of departure, and so on.
The types of sacrifices that affect customer value have even been classified in the literature. Kambil and colleagues [19], for instance, propose to distinguish between three types of sacrifices, namely price, risk and effort. Note that the explicit representation of risk as a value reducing factor already suggests the process of ascribing value is strongly related to the process of assessing risk.
3 On Risk and Risk Assessment
The notion of risk has been systematically investigated for over 50 years [25]. Throughout this time, a wide number of definitions have been proposed and, although much progress has been made to clarify the nature of risk, the term remains overloaded and conceptually unclear [4, 5, 25, 27].
One of the definitions that gained significant traction over the years in the risk community was proposed by the sociologist Eugene Rosa [27], who defined risk as “a situation or event where something of human value (including humans themselves) has been put at stake and where the outcome is uncertain”. Rosa argues that his definition contains the three necessary and sufficient conditions to characterize risk. First, risk relates to some possible state of reality that affects someone’s interest, either positively or negatively. Second, risk involves uncertainty about whether or not such a state will hold in the future; thus, if an event is certain to happen (such as the sun rising tomorrow), one cannot ascribe a risk to it. Third, risk is about a possible state of reality (thus ruling out the possibility of talking about the risk of someone turning into a werewolf).
Note that, intentionally, Rosa’s definition does not exclude the case of “positive risks”, i.e., risks related to events that can exclusively affect one’s interests in a positive way. This idea that risks are not necessarily “bad”, however, is in fact much older, dating back to at least the 1960’s, when the distinction of speculative and pure risks was already being discussed [32]. In this context, pure risk stands for uncertain events that exclusively lead to negative outcomes (such as the risk of being in a car accident or the risk of being robbed), while speculative risk stands for the possibility of getting either a positive or a negative outcome, such as when investing in a company or playing the lottery.
More recently, Boholm and Corvellec proposed the so-called relational theory of risk [7], which defines risk as a triple composed of a risk object, an object at risk, and a risk relationship connecting the former two. In this theory, risk objects are said to be the source of risks, such as a drunk driver that poses a threat to the wellbeing of pedestrians, or a blizzard that puts car drivers in risk of an accident. Note that, even though the authors use the term object, they also include events and states as possible risk “objects”. Objects at risk are the things of valueFootnote 1 that are at stake because of a risk object. In the former examples, the objects at risk could be the pedestrians, the car, the driver and so on. The risk relationship is what connects risk objects to objects at risk. The authors adopt a cognitive approach towards the nature of risk, arguing that these relationships do not just occur, but instead they must be crafted or imagined by some agent. What follows from this position is that being a risk object or an object at risk is neither an intrinsic nor a necessary property of anything. Thus, an object may be a risk object to one person and an object at risk to another.
In [5], Aven and colleagues compared eleven definitions of risk from different sources, categorizing them in three groups, each capturing a particular sense in which risk is used. A first group refers to risk as a quantitative concept “attached” to an event. This interpretation is fundamental to make sense of sentences such as “it is riskier to drive when it is snowing than when it is not”. The second group refers to risks as if they were the actual events, defined in terms of a chain of causality leading to consequences to some agent. This perspective is fundamental to explain what we assess risk for, and where risk comes from. The last group refers to risks as people’s perceptions, equating objective risk to assessed risk. In this sense, risk is not just “out there”, but, as argued in the relational theory of risk, it must be necessarily assessed by someone.
This plethora of risk definitions led to a number of standardization efforts [9, 16,17,18] that aimed to provide an ultimate definition for those working on risk management. One of these efforts resulted in the ISO 3100:2018 [17, 18] standard, which defines risk as the “effect of uncertainty on objectives”. This very abstract and concise definition is further explained in the standard by a number of commentaries, including that risks might refer to positive or negative impact on objectives (in line with Rosa’s proposal [27]) and that risks are often explained in terms of events, consequences and likelihood.
In summary, what can be extracted from these different definitions is that to conceptualize risk, one must refer to: (i) agents and their goals; (ii) events and their triggers, and events’ impacts on goals; and (iii) uncertainty.
4 Similarities Between Value and Risk
In this section, we elaborate on the evidences that motivated our pursue of a common ontology of value and risk. In particular, we explore the role of goals, context, uncertainty and impact in the conceptualization of both risk and value.
4.1 Goal Dependency
The first similarity between value and risk is that they are both goal-dependent notions, in the sense that nothing is intrinsically valuable and nothing is intrinsically at risk. Things do not just have value, they have value for someone, and in case their affordances enable certain happenings that positively contribute to the achievement of one’s goals. Analogously, things are only at risk from one’s perspective, in case their vulnerabilities enable happenings that hurt one’s goals. Just as “beauty is in the eye of the beholder”, so are value and risk.
Take a pack of cigarettes, for instance. It has a high positive value for a smoker, as it enables him to satisfy his addiction. The same pack of cigarettes, however, would have arguably no value for a non-smoker, as its affordances would not help such a person to make any progress towards her goals. Similarly, if one drops her wallet on the street, we would claim that the wallet is at risk of being stolen, as it is unattended and the owner probably wants to keep her money and documents. However, from the perspective of an alert thief, such an unattended wallet is not at risk, but it presents an opportunity for an easy theft.
Note that even though risk and value are subjective, they still depend on the intrinsic properties of things or, to put it more precisely, on their dispositions (or dispositional properties). Note that when dispositions are perceived as beneficial, i.e., they enable the manifestation of events desired by an agent, they are usually labeled as capabilities[23], as in the capability of a smartphone to make calls. Conversely, when dispositions enable undesired events, as in “the fragility of my phone’s screen material makes it susceptible to breaking”, they are referred to as vulnerabilities [6]. That is why conceptualizations of value, which usually focus on positive outcomes, refer to capabilities, and those of risk, which usually focus on negative outcomes, refer to vulnerabilities.
Still, some argue that risks can be absolute in some situations [5], such as in the risk of dying. This argument is built upon the claim that some things, such as human lives, are universally valuable, thus any death is an event that necessarily “destroys” value. We argue against this position because, from an utilitarian perspective, value always emerges from goal achievement, which makes it necessarily relative. Take for instance the extreme case of suicidal terrorist attacks. From the perspective of the attacker, his death does not destroy value, but creates it for his terrorist organization.
4.2 Context Dependency
Another similarity between value and risk comes from the process we follow to “calculate” them. The value/risk ascribed to an object is always derived from the value/risk ascribed to events (or experiences) “enabled” by their dispositions, regardless if these events are intentional or not, and if they affect one’s goals positively or negatively. Ascribing value to a notebook, for instance, means ascribing value to a number of different experiences enabled by the notebook, such as streaming a movie, giving a presentation, using a social media platform, working on a paper while traveling for a conference in another country, or playing a computer game. The ascribed value could be even high for some of these cases and low for others. Nonetheless, the value of the notebook cannot be computed without considering the different scenarios in which it will be used. Analogously, ascribing risk to an object means ascribing risks to different events involving this object. For instance, the risk of a car being stolen is ascribed based on the risk of it being stolen when parked on a private garage, when parked on the street, when being driven in a city with high criminality rates, and so on.
Stating that risk and value are contextually dependent means that they emerge not only from intrinsic properties of an object, but also from contextual properties. The value of watching a film on Netflix indeed depends on the properties of the Netflix service, but it also depends on the properties of the other objects involved in the experience, such as the resolution of the streaming device and the speed of the internet connection. In an analogous manner, the risk of being involved in a car accident when driving on a highway is certainly affected by the car’s properties, such as how reliable the breaking system is, but it is also affected by the properties of the other participants of the driving event, including the highway’s physical conditions and the traffic intensity.
4.3 Uncertainty and Impact
A further evidence that the processes of conceptualizing risk and value are similar regards the role played by uncertainty and impact. According to the popular risk equation, risk is equal to the likelihood of an event times its impact.
To understand why impact is positively correlated with risk, consider the following example. Two business angels invested in the same startup. One invested a hundred thousand euros and the other a million. If everything else but the invested amount is the same, the bigger investment is said to be riskier, since the impact of an eventual bankruptcy of the startup would be ten times worse.
But what about value? Is the value ascribed to an experience also positively correlated with its impact? As we have previously discussed, value emerges from achieving goals. Thus, the more an event makes progress towards achieving one, the more valuable it is. For instance, imagine that a traveler wants to fly from Rome to Brussels and that there are only two flights available. If the only significant difference between them is that one takes two hours and the other takes four hours, the shorter flight would be more valuable to the traveler, assuming that she has the goal of minimizing the duration of her trip.
The other parameter in the risk equation is likelihood, often referred to as probability or frequency, which states that the more likely an event is to happen, the riskier it is. To understand this correlation, consider two trips. The first takes place in a highway during a bright sunny day, whilst the second takes place during a snowstorm. The risk of an accident in the latter scenario is greater simply because an accident is more likely to happen in conditions that included reduced visibility and reduced adhesion of the car tires to the road.
Note that the likelihood parameter also applies to value. To see how, let us consider a mobile app that works as a compass. It is very unlikely that urban smartphone users would ever need such an app for guidance. Thus, having it in their phones is of very little value to them, even though it could be useful in a theoretical scenario. If we then compare it to other apps, such as a calendar, a camera, or an alarm, the value of the compass app seems to be even lower, as these other apps are often used in a daily basis.
In summary, the computation of the likelihood of an event times its impact on one’s objectives and preferences fits the quantitative analysis of both risk and value. The differences between them rely on the kind of event one usually analyzes (unwanted for risks, expected and desired for value) and the nature of the expected impact on goals (negative for risks and positive for value).
5 The Common Ontology of Value and Risk
In this section, we present a well-founded ontology that formalizes the assumptions on value and risk discussed in the previous sections. Given the polysemic nature of these terms [20, 31], we aim to disentangle three perspectives: (i) an experiential perspective, which describes value and risk in terms of events and their causes, (ii) a relational perspective, which identifies the subjective nature of value and risk, and (iii) a quantitative perspective, which projects value and risk on measurable scales. In the OntoUML diagrams depicting this ontology, we adopt the following color coding: events are represented in yellow, objects in pink, qualities and modes in blue, relators in green, situations in orange, and powertypes in white. Additionally, in the models represented in these diagrams, we use the OntoUML semantics of non-sortals proposed in [15].
The experiential perspective is depicted in Figs. 1 and 2. As argued in the previous section, value and risk can be ascribed to both objects and events. Still, whenever they are ascribed to an object, one must always consider all the relevant events involving it, which will ultimately ground value and risk. These events, named Value and Risk Experience, have some agents as key participants, deemed Value and Risk Subject respectively. These identify the perspective from which the judgment is made and whose Intentions are considered.
Note that, as we argued in [29], value can be ascribed to past, actual or envisioned experiences. Risk, however, is only ascribed to envisioned experiences that may (but are not certain to) happen. We are aware that there is a controversy concerning the ontological nature of future events. The classical view of events assumes that they are immutable entities and that only past events truly exist as genuine perdurants (occurrences) [10]. However, accounting for future events (which is the case for envisioned experiences) seems to be unavoidable for any theory of risk, as uncertainty and possibility are core aspects of this concept. This means that we need to refer to future events – whose expected temporal properties are not completely fixed – as first-class citizens in our domain of discourse. As bold as this assumption may seem (see [12] for details), conceptualizing risk with no reference to the future would sound as an oxymoron to us, given the explanatory purposes of our paper. So, we shall talk of expected events as regular entities of our domain, not differently from, say, a planned air trip in a flight reservation system. In order to use this non-classical notion of events in our analysis while maintaining its ontological rigour, we employ the formulation of events as proposed in [12], which was already successfully employed in our work on value propositions [29].
Value experiences, their parts and participants.
Risk experiences, their parts and participants.
Value and Risk Experiences are commonly decomposed into “smaller” events to clarify their internal structure and how they affect multiple goals. One component type of a Value Experience is a Trigger Event, which is defined by causing, directly or indirectly, events of gain or loss. A second component type is an Impact Event, which is defined by its impact on Intentions. Note that such an impact might be direct or indirect, and positive or negative. An example of an event with a direct positive impact is that of eating which directly satisfies a goal of being fed, while an example of an event with a direct negative impact is that of being robbed, which directly hurts the goal of feeling safe. An example an event with an indirect positive impact is that of taking a bus, which, upon its completion, will satisfy the goal of arriving at a destination. Lastly, an event with an indirect negative impact would be that of having your phone stolen, which puts one in a phone-less situation, which in turn hurts one’s goals of contacting people. The difference for Risk Experiences is that the focus is on unwanted events that have the potential of causing losses. Thus, its components are restricted to Threat and Loss Events. A Threat Event is one with the potential of causing a loss, which might be intentional, such as a hacker attack, or unintentional, such as an accidental liquid spill on a computer. Loss Events are simply Impact Events that necessarily impact intentions in a negative way.
Modeling value ascriptions.
Modeling risk assessments.
In the ontology, we differentiate between several roles played by objects in Value and Risk Experiences. In the value case, we distinguish between Value Objects and Value Enablers. These are the objects whose dispositions “enable” the occurrence of a Value Experience (or of one of its parts). Their difference is that the former is the focus of a given value ascription (e.g. a car, a music streaming service), whilst the latter plays an ancillary role in Value Experiences (e.g. the fuel in car, the device used for streaming). In the risk case, we distinguish between three roles: (i) the Threat Object, as that which causes a threat; (ii) the Object at Risk, as that which is exposed to potential damage; and (iii) the Risk Enabler, as that which plays an ancillary role in Risk Experiences. To exemplify this latter distinction, consider a situation in which a factory worker gets hurt while operating a machine. In this case, the worker is both the Threat Object and the Object at Risk, but she only got hurt because her equipment, the Threat Enabler, was not sturdy enough. Analogously to the value case, the dispositions of all these objects are manifested in risk experiences. Those of Threat Objects, however, are labeled Threat Capabilities (e.g. the skill of a pick-pocketer to swiftly grab a wallet), whilst those of Objects at Risk and Risk Enablers are labeled Vulnerabilities (e.g. the flammability of a house manifested in a fire, a security flaw in an information system which allows hackers to steal sensitive data).
The relational perspective is depicted in Figs. 3 and 4. We capture it by means of objectified relationships labeled Value Ascription and Risk Assessment, which involve: (i) an agent responsible for the judgment, deemed the Value and Risk Assessor respectively; and (ii) the target of the judgment, either an object or an event. Judgments made for objects are labeled Object Value Ascription and Object Risk Assessment and involve, respectively, exactly one Value Object and Object at Risk. Judgments on events are deemed Experience Value Ascription and Experience Risk Assessment, and involve, respectively, one Value and Risk Experience.
The quantitative perspective is also depicted in Figs. 3 and 4. We represent it by means of the Value and Risk qualities inhering in the aforementioned relationships. In UFO, a quality is an objectification of a property that can be directly evaluated (projected) into certain value spaces [13]. Common examples include a person’s weight, which can be measured in kilograms or pounds, and the color of a flower, which can be specified in RGB or HSV. Thus, representing value and risk as qualities means that they can also be measured according to a given scale, such as a simple discrete scale like <Low,Medium,High> or a continuous scale (e.g. from 0.0 to 100.0).
Representing likelihood in UFO.
Lastly, as discussed in Sect. 4, conceptualizing value and risk requires accounting for the likelihood of events, which is typically expressed by probability measures. However, as noted by Aven et al. [5], there are two conflicting interpretations on the ontological nature of probability: (i) the frequentist interpretation, in which the probability of an event is the fraction of times an event of that type occurs. For example, the likelihood of the Brazil beating Germany in the 2018 World Cup may be calculated based on the number of times it happened in the past; and (ii) the subjective interpretation, in which the probability of an event expresses the assessor’s uncertainty (degree of belief) of an event to occur, conditioned on some background knowledge. In the World Cup example, the likelihood of a Brazilian victory for a sports analyst depends on her knowledge about the physical conditions of players, the teams’ tactics, etc.
Discussing the ontological nature of probability is out of the scope of this paper. For us, it suffices that, in both perspectives, likelihood is a quantitative concept that inheres in types, not in individuals. Thus, we need to include types of events and situations in our domain of discourse. We do that by employing the notion of powertype incorporated into OntoUML. This means taking its ontological interpretation as proposed in [14] and following the modeling guidelines proposed in [8]. In particular, following the latter, we employ the relation of categorization between a powertype t and its base type \(t'\) such that: a type t categorizes a type \(t'\) iff all instances of t are proper specializations of \(t'\).
Figure 5 illustrates the excerpt of our ontology w.r.t. the concept of likelihood. We distinguish between a Triggering and Causal Likelihood. The former inheres in a Situation Type and represents how likely a Situation Type will trigger an Event Type once a situation of this type becomes a fact. The latter inheres in an Event Type and captures that, given the occurrence of an event e and a certain Event Type t, how likely e will – directly or indirectly – cause another event of type t to occur. In the value case, how likely a Trigger Event of a Value Experience will cause an Impact Event, whilst on the risk case, how likely a Threat Event of a Risk Experience will cause a Loss Event.
6 Implications for Conceptual Modeling
The ontology we proposed in this paper has a number of implications for research on the conceptual modeling of value and risk. First, the ontology can provide well-founded real world semantics for existing risk modeling languages, such as CORAS [22], RiskML [30], Goal-Risk Framework [2] and Archimate [6].
Second, following existing methods for ontology-based language evaluation and (re)design [13, 28], our proposal can serve as a reference model to assess how well these modeling approaches stand w.r.t to the risk domain in terms of domain appropriateness and comprehensibility appropriateness[13]. More concretely, these methods can be systematically employed for the identification of a number of types of deficiencies that can occur in language design (e.g., construct deficit - when there is concept in the domain that does not have a representation in terms of a construct of the language, and construct overload - when a construct in the language represents more than a domain concept). For example, such an analysis of RiskML [30] would identify a construct deficit with respect to the representation of vulnerabilities, whilst one in the CORAS approach [22] would identify a construct deficit regarding the explicit representation of goals. A case of construct overload is also found in ArchiMate [6], in which the Risk construct collapses: (i) a complex event, (ii) the overall risk an asset is exposed to, and (iii) an assessment regarding what to do about an identified risk.
Third, the ontology we propose allows for the comparison and integration of risk modeling approaches by means of semantic interpretation of the languages’ constructs–after all, language integration is a semantic interoperability problem. For instance, the constructs of Threat Scenario and Unwanted Event in CORAS seem to be equivalent to those of Threat Event and Loss Event in Archimate [6], respectively, which in turn, are all specializations of RiskML’s Event.
Languages for modeling use value are much less developed than those for risk. Thus, a relevant impact of this work is to demonstrate that a lot of the effort that has been done on risk modeling could be fruitfully leveraged in developing tools for value modeling. This is a noteworthy impact, given that value modeling approaches are in high demand, as evinced by the increasing popularity of tools such as the Business Model Canvas [23] and the Value Proposition Canvas [24].
7 Final Remarks
In this paper, we have presented an ontological analysis of risk which explicits the deep connections between the concepts of value and risk. The ontology that resulted from this analysis formally characterizes and integrates three different perspectives on risk: (i) risk as a quantitative notion, which we labeled simply as Risk in our ontology; (ii) risk as a chain of events that impacts on an agent’s goals, which we labeled as Risk Experience; and (iii) risk as the relationship of ascribing risk, which we labeled as Risk Assessment.
Moreover, this paper further extends the ontological analysis on use value initiated in [1] and revisited in [29]. In particular, we improved these works by (i) discussing how likelihood influences value, (ii) refining the internal structure of value experiences and their participants, (iii) clarifying the role of dispositions in value creation, and (iv) distinguishing between value objects and value enablers.
We are aware, however, that the current ontology does not fully describe the domain of risk management, as it lacks security-related concepts such as mitigation and control strategies. These are recurrently found in risk modeling languages (e.g. [6, 22]), as analysts do not just need to identify and model risks, but also decide on how to address them. As future work, we plan to extend and further validate our ontology with risk analysis experts from different domains, such as finance and software development. We also plan to validate it by means of systematic comparisons with other theories and formalizations of risk. Then, we can leverage it to analyze the domain adequacy of existing risk modeling languages and, if needed, redesign them so that they are clearer and more expressive to model risks.
Notes
- 1.
Boholm and Corvellec [7] do not explicitly state which notion of value they use, but, through their argumentation and examples, we inferred that they mean use value.
References
Anderson, B., Guarino, N., Johannesson, P., Livieri, B.: Towards an ontology of value ascription. In: 9th International Conference on Formal Ontology in Information Systems (FOIS), vol. 283, p. 331. IOS Press (2016)
Asnar, Y., Giorgini, P., Mylopoulos, J.: Goal-driven risk assessment in requirements engineering. Requir. Eng. 16(2), 101–116 (2011)
Aven, T.: On how to define, understand and describe risk. Reliab. Eng. Syst. Saf. 95(6), 623–631 (2010)
Aven, T.: Misconceptions of Risk. Wiley, New York (2011)
Aven, T., Renn, O., Rosa, E.A.: On the ontological status of the concept of risk. Saf. Sci. 49(8), 1074–1079 (2011)
Band, I., et al.: Modeling enterprise risk management and security with the ArchiMate language - W172 (2017)
Boholm, Å., Corvellec, H.: A relational theory of risk. J. Risk Res. 14(2), 175–190 (2011)
Carvalho, V.A., Almeida, J.P.A., Fonseca, C.M., Guizzardi, G.: Multi-level ontology-based conceptual modeling. Data Knowl. Eng. 109, 3–24 (2017)
Committee of Sponsoring Organizations of the Treadway Commission (COSO): Enterprise Risk Management - Integrated Framework (2004)
Diekemper, J.: The existence of the past. Synthese 191(6), 1085–1104 (2014)
Gordijn, J., Akkermans, J.M.: Value-based requirements engineering: exploring innovative e-commerce ideas. Requir. Eng. 8(2), 114–134 (2003)
Guarino, N.: On the semantics of ongoing and future occurrence identifiers. In: Mayr, H.C., Guizzardi, G., Ma, H., Pastor, O. (eds.) ER 2017. LNCS, vol. 10650, pp. 477–490. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69904-2_36
Guizzardi, G.: Ontological foundations for structural conceptual models (2005)
Guizzardi, G., Almeida, J.P.A., Guarino, N., de Carvalho, V.A.: Towards an ontological analysis of powertypes. In: 1st Joint Ontology Workshops (JOWO) (2015)
Guizzardi, G., Fonseca, C.M., Benevides, A.B., Almeida, J.P.A., Porello, D., Sales, T.P.: Endurant types in ontology-driven conceptual modeling: Towards OntoUML 2.0. In: 37th International Conference on Conceptual Modeling (ER) (2018)
Institute of Risk Management (IRM): A Risk Management Standard (2002)
ISO: Risk Management - Vocabulary, ISO Guide 73:2009 (2009)
ISO: Risk Management - Guidelines, ISO 31000:2018 (2018)
Kambil, A., Ginsberg, A., Bloch, M.: Re-inventing value propositions. In: Information Systems Working Papers Series (1996)
Kjellmer, G.: On the awkward polysemy of the verb ‘risk’. Nord. J. Engl. Stud. 6(1), 57–70 (2007)
Lanning, M.J., Michaels, E.G.: A business is a value delivery system (1988)
Lund, M.S., Solhaug, B., Stølen, K.: Model-Driven Risk Analysis: The CORAS Approach. Springer Science & Business Media, Heidelberg (2010)
Osterwalder, A., Pigneur, Y.: Business Model Generation: A Handbook for Visionaries, Game Changers, and Challengers. Wiley, Hoboken (2010)
Osterwalder, A., Pigneur, Y., Bernarda, G., Smith, A.: Value Proposition Design: How to Create Products and Services Customers Want. Wiley, Hoboken (2014)
Renn, O.: Three decades of risk research: accomplishments and new challenges. J. Risk Res. 1(1), 49–71 (1998)
Rokeach, M.: The Nature of Human Values. Free Press, New York (1973)
Rosa, E.A.: Metatheoretical foundations for post-normal risk. J. Risk Res. 1, 15–44 (1998)
Rosemann, M., Green, P., Indulska, M.: A reference methodology for conducting ontological analyses. In: Atzeni, P., Chu, W., Lu, H., Zhou, S., Ling, T.-W. (eds.) ER 2004. LNCS, vol. 3288, pp. 110–121. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30464-7_10
Sales, T.P., Guarino, N., Guizzardi, G., Mylopoulos, J.: An ontological analysis of value propositions. In: 21st IEEE International Enterprise Distributed Object Computing Conference (EDOC), pp. 184–193 (2017)
Siena, A., Morandini, M., Susi, A.: Modelling risks in open source software component selection. In: Yu, E., Dobbie, G., Jarke, M., Purao, S. (eds.) ER 2014. LNCS, vol. 8824, pp. 335–348. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12206-9_28
Vargo, S.L., Maglio, P.P., Akaka, M.A.: On value and value co-creation: a service systems and service logic perspective. Eur. Manag. J. 26(3), 145–152 (2008)
Williams, C.A.: Attitudes toward speculative risks as an indicator of attitudes toward pure risks. J. Risk Insur. 33(4), 577–586 (1966)
Acknowledgement
This work is partially supported by CNPq (grants number 407235/2017-5, 312123/2017-5 and 312158/2015-7), CAPES (23038.028816/2016-41) and FUB (OCEAN Project).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Sales, T.P., Baião, F., Guizzardi, G., Almeida, J.P.A., Guarino, N., Mylopoulos, J. (2018). The Common Ontology of Value and Risk. In: Trujillo, J., et al. Conceptual Modeling. ER 2018. Lecture Notes in Computer Science(), vol 11157. Springer, Cham. https://doi.org/10.1007/978-3-030-00847-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-00847-5_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00846-8
Online ISBN: 978-3-030-00847-5
eBook Packages: Computer ScienceComputer Science (R0)