The elements presented before do, in truth, perform a risk assessment, but more through risk behavior (the exterior event with devastating potential, the financial damages it causes etc.).
For this reason, we think that other elements can also be considered in risk assessment, such as:
– the professionalism of the assessment team / trust granted to the human factor;
– the time available to make the assessment;
– the moment of risk identification in the system’s life cycle (analysis, project, implementing, testing, effective functioning etc.);
– the necessary cost for assessment and adopting the risk response plan – acceptance, avoidance or transfer. (“Is the assessment still worth if it generates a cost higher than the damage that would be generated in the case of a risk occurrence?”);
– the STEEP factors (social, technological, economical, environmental, political).
We reveal on this opportunity another factor which should be considered in the assessment of risk generated by the human component – the psychological factor. And we don’t necessarily mean by that abilities, skill (ability consolidated through habit) or intelligence (analytical, synthetic, pragmatic, and theoretical). We consider personality, character, creativity (when required), and temperament to be important.