Guest Editorial

This is an empirical and quantitative study of the validity of four kinds of distal explanatory factors in risk perception. In an initial study, personality constructs (Five Factor Model, Myers-Briggs Indicator of Jungian constructs and risk attitudes) were related to risk perception data (26 hazards). A relationship was found between emotional stability and risk perception, but none with Jungian constructs. One risk attitude dimension, 'Macho' risk willingness, was (negatively) related to demand for governmental risk mitigation. In a second study with a different sample, indices were constructed to measure the four World Views according to Cultural Theory (CT) as well as Group/Grid dimensions, New Age beliefs and the New Environmental Paradigm (NEP) dimensions of Dunlap et al . Risk perception data were obtained with regard to 37 hazards, both general and personal risk. The respondents were a large representative sample of the Swedish population. Only about 5% of the variance of perceived risk was accounted for by Cultural Theory dimensions, considerably more by New Age beliefs and one of the NEP scales (eco-crisis). In a third study, data from the five Nordic countries were used to analyse the relationships between CT dimensions and risk perception. Only weak relations were found. The results are discussed in relation to other current work on models of risk perception and the question of what should be considered 'strong' evidence for a theory.     

Risk perception and worry in environmental decision-making – a case study within the Swedish steel industry

Sustainable development is an important issue for the industry in order to fulfil legislation requirements and to be able to use green marketing as a competitive advantage. The Swedish steel industry has implemented a large number of environmental improvements, for example, within energy efficiency, raw materials and recyclability. Technical improvements can help the industry decrease its environmental impact; however, in order to reach sustainable development, more factors need to be considered: an effective environmental decision-making process, for example. This process may be influenced by personal factors such as risk perception and worry, which are factors that will not contribute to an effective decision-making process. The aim of this study was to investigate if personal worry and risk perception influenced environmental decision-making within the Swedish steel industry. Thirty-eight interviews were performed at 10 Swedish steelworks using the Q-methodology. The major perceived environmental risks with the facility and personal worry were assessed, compared to the day-to-day work. It was concluded that the major perceived risks were emissions of carbon dioxide, use of non-renewable energy and emissions of particulate matter. The decision-makers were mainly worried about emissions of carbon dioxide, emissions of dioxin and use of non-renewable energy. The environmental issues that were prioritised in practice (day-to-day work) were emissions of carbon dioxide, emissions of particulate matter and emissions of metals. Even though emissions of carbon dioxide were given the highest priority in the Q-sorts, there was in general no clear relationship between risk perception and personal worry with the prioritised environmental issues at the steelworks. The quantitative analysis of the Q-sorts and the qualitative interviews both showed that the day-to-day work was unaffected by personal worry and risk.     

People’s responses to risks of electromagnetic fields and trust in government policy: the role of perceived risk,benefits and control

Trust in government policy affects the way people perceive and handle risks. In our study, we investigated the relationships between trust in government policy regarding electromagnetic fields (EMF), perceived risk and perceived benefits of public and personal EMF sources, perceived control over exposure to EMF and responses to the possible EMF health risk (e.g. protest against placement of mobile phone base stations or power lines, or taking own measures against EMF exposure). Previous research indicated that perceived risk and benefits mediate the relationship between trust and people’s risk responses. Additionally, we suggest that perceived control over EMF exposure affects the relation between trust in government policy and perceived risk, and, consequently, the risk responses. We performed a survey among the Dutch population (n?=?1009), which contained questions about risk responses to EMF, perceived risk and benefits of several EMF sources, trust in government policy and perceived control over EMF exposure. Comparing public EMF sources, i.e. power lines and mobile phone base stations, to personal EMF sources, i.e. microwave ovens and cordless and mobile phones, we tested our hypotheses. Variations in risk responses to both public and personal EMF sources were mainly explained by risk perception. In addition, perceived risk partially mediated the relationship between trust in government policy and risk responses. For public sources, perceived control over exposure weakened the negative relationship between trust and perceived risk. We conclude that, especially in people with low perceived control, a lack of trust in government policy may enhance perceptions of health risks, thereby increasing their inclination for risk responses.     

Manifest anxiety,general self-efficacy and locus of control as determinants of personal and general risk perception

The hypothesis that risk perception is associated with differences in personality was proposed. Three personality variables were used, Rotter's Internal vs External Locus of Control Scale, Schwarzer's General Self-efficacy Scale and Taylor's Manifest Anxiety Scale. A scale asking for personal and general risk perception measured perceived risk. It was proposed that individuals low in anxiety, having an internal locus of control and high in self-efficacy should perceive general risks and personal risks higher than individuals high in anxiety and low in self-efficacy and having external locus of control should do. Fifty-nine business students responded to these three scales. The hypothesis was supported by the results and suggested that the personality measures and particularly anxiety were significantly associated to both personal and general risk perceptions.     

Public perception of scientific uncertainty in relation to food hazards

The research reported here aims to understand how people react to statements expressing risk uncertainty information in the context of a commonly experienced potential hazard, food related risks. Public perception of seriousness of risk for themselves, and for other people was examined for different types of uncertainty, for each of five different food hazards. The results indicated that participants responded to the different types of uncertainty in a uniform way, suggesting that perception of risk associated with uncertainty is not affected by the 'type' of uncertainty. The results further indicated that the seriousness of risk, in the presence of statements of uncertainty, was perceived to be greater for pesticides and genetic modification compared to BSE, high fat diets and Salmonella . It was argued that this could be due to the perceptions of low personal control, and high societal responsibility to protect people and societal control over exposure to the potential risks of pesticides and genetic modification. Under circumstances where people feel they have little personal control over their exposure to a particular hazard, and those social institutions that are perceived to be in control of protecting the public indicate that there is uncertainty associated with risk estimates, the hazard may appear to be 'out of control', which is associated with a perception of serious risk.     

Internal audit reporting lines,fraud risk decomposition,and assessments of fraud risk

The main purpose of this research is to examine the effects of internal audit reporting lines on fraud risk assessments made by internal auditors when the level of fraud risk varies. Significant emphasis has been placed on the importance of reporting lines in maintaining the autonomy of internal auditors, but the perceived benefits of requiring internal audit to report directly to the audit committee have not been validated or systematically investigated. Results of an experiment involving 172 experienced internal auditors and additional survey findings indicate that internal auditors perceive more personal threats when they report high levels of risk directly to the audit committee, relative to management. Perceived threats lead internal auditors to reduce assessed levels of fraud risk when reporting to the audit committee relative to when reporting to management. This finding runs counter to the anticipated benefits of requirements that the internal audit function report directly to the audit committee, and it reveals potential conflicts of interest and independence threats created by the audit committee itself. We also investigate the effects of fraud risk decomposition on risk assessments made by internal auditors. We find that fraud risk assessment decomposition does not have the same effects on internal auditors as it has on external auditors, and the effects of decomposition do not align with the expected benefits of decomposition.     

Perceived risk and tampering with nature

It is proposed that risk perception is partly driven by notions of what is seen as unnatural and immoral activities of modern technology, e.g. nuclear technology. The dimension of tampering with nature is found, in two large-scale survey studies of the general public and, in one case, of politicians involved in the environmental field, to be an important predictor of perceived risk. In one study, the perceived risk of nuclear waste was investigated, and in the other the perceived risk of a potential nuclear disaster of the Chernobyl kind. It was found that tampering with nature was a much stronger predictor of perceived risk than the traditional psychometric model dimensions, and that it absorbed most or all of the predictive power of these dimensions when entered in a common regression equation. Policy implications of these findings are discussed.     

Improving lay understanding of exposure to electromagnetic fields; the effect of information on perception of and responses to risk

Studies show that, although many people are concerned about the potential health risks of being exposed to electromagnetic fields (EMF), lay understanding of exposure, an important determinant of risk perceptions and responses, is limited. In an online consumer panel (n = 245), we tested the effects of providing people with information about EMF on lay understanding of exposure, and on perceptions and responses to risks, using an experimental 2?×?2?×?2 design. Providing people with specific information explaining the distance–exposure relationship, clarifying EMF policy, or specifying personal exposure management options actions resulted in a better understanding of exposure. We demonstrated that information provision as such had no effects on concerns about EMF nor on perceived risk of personal sources, i.e. mobile phones, but lowered perception of risk of public sources, i.e. mobile phone base stations and high-voltage power lines. In addition, information explaining the distance–exposure relationship in combination with policy information resulted in reduced self-reported risk-aversive responses. Moreover, participants who understood more about exposure in relation to the distance to the source showed lower perceptions of risk, were less likely to restrict their own exposure, and more likely to accept new installations of public sources of EMF in their neighborhood. In contrast, awareness that exposure was mainly determined by personal use of EMF sources corresponded with higher perceptions of risk from personal sources and a higher likelihood to restrict one’s own exposure. Our findings provide focal points for improving communication on EMF. In particular, we suggest to include information clarifying the distance–exposure relationship to improve understanding of exposure.     

A characterisation of the methodology of qualitative research on the nature of perceived risk: trends and omissions

The issue of how risk is ‘perceived’ is one of significant research interest and immense practical importance. In spite of this wide interest, however, it is probably fair to say that most emerging ‘risk’ crises – whether related to natural or technological phenomena – come as a surprise to researchers and to society as a whole. Prediction of human responses to novel potential hazards (or novel manifestations of old hazards) is neither reliable nor complete; strategies to ameliorate inappropriate concerns when they arise (or to make realistic inappropriate absences of concern) do not appear totally effective. It therefore seems apt to ask the question: just what have we learned about ‘risk perception’? In this paper we conduct a structured review of qualitative research on perceived risk – to be followed by a subsequent analysis of quantitative research in a later paper – focusing upon methodological issues. Qualitative research often precedes quantitative research, and ideally informs it; it seeks depth and meaning from few subjects rather than identifying patterns within larger samples and populations. Without adequate qualitative research, quantitative research risks misanalysis of the target phenomenon, at the very least by the omission of relevant factors and inclusion of irrelevant ones. Our analysis here – of qualitative studies conducted across a range of disciplines, not all of which will be familiar to the readers of this journal – suggests that this research suffers from an incomplete coverage of the ‘risk perception universe’, typified by a focus on atypical hazards and study samples. We summarise the results of this research, while pointing out its limitations, and draw conclusions about future priorities for research of this type.     

The differences in perception of radiological risks: lay people versus new and experienced employees in the nuclear sector

This paper studies the differences in perception of two radiological risks – an accident at a nuclear installation and medical X-rays – between four different groups: the general population without (1) and with experience related to radiological risks (2), new employees (3) and professionally exposed people (4) in the nuclear sector. More precisely, this study determines if differences in risk perception can be explained by the level of experiences with ionizing radiation, the knowledge level about radiological risks, the confidence in authorities, the attitude towards nuclear energy, the trust in a management of nuclear installations, gender and age. The data are gathered using computer assisted personal interviews based on the SCK-CEN Barometer of the Belgian Nuclear Research Centre. The relations between risk perception and the independent variables are tested with linear regression analysis. The risk perception of both risks differs significantly between the four population groups. The professionally exposed people and the new employees in the nuclear sector have a significant higher risk perception for medical X-rays compared to the risk for an accident at a nuclear installation. For the general population without experience, it was just the opposite. The general population with experience does not have a significant difference in risk perception between the two radiological risks. Level of experiences with ionizing radiation is determined as an important variable; people have a lower perception of radiological risks when they have higher experiences with risk.     

Risk management and its practical application: lessons from the British Army

This study explores, using predominately qualitative data, the risk management approaches of British Army officers in operational theatre. Risks within an operational context are particularly challenging for the British Army to manage due to external constraints such as its adherence to various rules of engagement and international conventions such as the Geneva Convention that consists of treaties that clearly articulate legal protection to be accorded to both civilians and combatants during war. The British Army’s centralised and highly structured control and regulation mechanisms are the product of over 300 years of traditions. Few companies can draw on this history, but we argue that the historical successes of the British Army suggest that contemporary civilian organisations have much to learn from the military approach to risk management.     

Overconfidence,risk perception and the risk-taking behavior of finance professionals

This paper highlights the role played by overconfidence and risk perception in the risk-taking behaviors of finance professionals. We interviewed 64 high-level professionals and demonstrate that they are overconfident in both the general and the financial domains. Using a recent measure proposed by Glaser et al. (2013), we indicate that respondents are overconfident in forecasting future stock prices. We demonstrate that the risk they are willing to assume is positively influenced by overconfidence and optimism and negatively influenced by risk perception. However, the stock return volatility anticipated is, in most cases, an insignificant determinant of the risk that professionals are ready to assume.     

Determinants of risk behaviour: effects of perceived risks and risk attitude on farmer’s adoption of risk management strategies

The importance of risk perception and risk attitude for understanding individual’s risk behaviour are independently well described in literature, but rarely combined in an integrated approach. In this study, we propose a model assuming the choice to implement certain risk management strategies to be directly driven by both perceptions of risks and risk attitude. Other determinants influence the intention to apply different risk strategies mainly indirectly, mediated by risk perception and risk attitude. This conceptual model is empirically tested, using structural equation modelling, for understanding the intention of farmers to implement different common risk management strategies at their farms. Data are gathered in a survey completed by 500 farmers from the Flanders region in Belgium, investigating attitudes towards farming, perceived past exposure to risk, socio-demographic characteristics, farm size, perceptions of the major sources of farm business risk, risk attitudes and the intention to apply common risk management strategies. Our major findings are: (i) perception of major farm business risks have no significant impact on the intention of applying any of the risk strategies under study, (ii) risk attitude does have a significant impact. Therefore, rather than objective risk faced and the subjective interpretation thereof, it is the general risk attitude that influence intended risk strategies to be implemented. A distinction can be made between farmers willing to take risk, who are more inclined to apply ex-ante risk management strategies and risk averse farmers who are less inclined to implement ex-ante risk management strategies but rather cope with the consequences and diminish their effects ex-post when risks have occurred.     

How do people perceive graphical risk communication? The role of subjective numeracy

This study aims to evaluate directly how a graphical risk ladder is perceived and how this perception is related to people’s subjective numeracy. Gaze durations and frequencies were used to examine visual attention. Participants (N = 47) appeared to focus on the target risk information, whereas referential information was less attended. Subjective numeracy was negatively correlated with total watching time and the absolute number of gaze events. Results suggest that participants with low subjective numeracy have more difficulty in comprehending the graph, and that they process the graphical information less efficiently than the participants with high subjective numeracy. In addition, the position of referential risks on risk ladders could influence people’s risk perception. Based on these findings, we provide some implications for the design of risk communication graphs and for the use of graphs in informing persons with low subjective numeracy about risks.     

Estimation of deficiency risk and prioritization of information security controls: A data-centric approach

Risk of unauthorized disclosure or modification of corporate data can impact in different ways, including affecting operations, the public image and/or the firm's legal/compliance exposure. While management views risk along these dimensions, the information technology function (ITF) typically views risk from an IT infrastructure compromise viewpoint, and this drives the establishment of IT security controls. It is oftentimes difficult for the internal audit function (IAF) to assess control deficiency risk (CDR) in the area of information security, as well as estimate the importance of each in-place security control. Using a design science approach, we propose the Operational, Public image, Legal (OPL) model and method to classify the security criticality of the organization's data along three dimensions. Through an empirical study, we demonstrate how the OPL method allows for a quantitative estimation of the importance of in-place security controls as well as the CDR of missing controls. This information provides guidance on strategies for testing in-place controls during audit, as well as for determining which controls may need to be incrementally added.     

The impact of CIO characteristics on data breaches

The exponential rate of increase in IT security breach incidents has led governments, regulators, and practitioners to respond by introducing standards and frameworks for the disclosure and management of organizational cybersecurity risk exposure. Cybersecurity, which is a part of IT risk management, is affected by the capability and the ability of senior leadership responsible for IT-related decisions. This paper uses hand-collected data related to the Chief Information Officer (CIO) for S&P 500 firms and explores whether the presence of a CIO role, human capital characteristics of the CIO, and structural capital characteristics of the firm and the CIO are related to a firm’s cybersecurity risk exposure. This study finds that firms disclosing the presence of a CIO are more likely to be breached, even after matching on the likelihood of a breach and controlling for the likelihood that a firm would choose to disclose a CIO. This study also finds predictable variations in the likelihood of a breach among CIOs based on various human capital dimensions (including past technology experience, external board memberships, firm tenure, and CIO tenure) and structural capital dimensions (including a recognized commitment to IT and charging the CIO with multiple responsibilities). Finally, this study finds evidence that the observed associations depend on both the source of the breach (external vs. internal) as well as the type of data compromised by the breach (e.g. financial, personal, etc.). The results of this study contribute to the growing body of academic breach literature, while also informing practitioners as they evaluate the costs and benefits of various methods for combating breaches.     

How financial information disclosure affects risk perception. Evidence from Italian investors’ behaviour

This paper investigates how different representations of financial information may be appraised in terms of complexity and usefulness, and how financial disclosure influences individuals’ risk perception. By using a consumer testing analytical approach, we run a survey on a sample of Italian investors: 254 bank customers were submitted 4 different templates, each combining a different typology of data (historical and prospective) and framing (words, numbers and charts) to indicate the same level of risk and return of four real-life financial instruments. Representation formats partially overlap with those mandated by regulators and used within the financial industry. Results show that the perceived riskiness of financial products is affected by the way information is disclosed. Perceived complexity of the financial information disclosure intensifies perception of riskiness of the product solicited. Gender, age, personal traits, behavioural biases and financial knowledge, do also play a role. Overall, given investors’ heterogeneity and behavioural biases, neither simplifying disclosure nor a ‘one-size-fits-all’ approach may be sufficient to ensure correct risk perception and to prevent unbiased investment choices.     

Assessing risks due to threats to internal control in a computer‐based accounting information system: a pragmatic approach based on fuzzy set theory

A rational risk assessment model, based on the reasoning of fuzzy set theory, is presented. The model would help managers assess risk exposure due to potential threats to internal control in a computer‐based accounting information system. Such risk assessment is essential in making appropriate decisions about establishing new internal control policies and procedures that may be necessary to protect the integrity and security of the information system. Copyright © 2004 John Wiley & Sons, Ltd.     

A life history approach to perceptions of global climate change risk: young adults’ experiences about impacts,causes, and solutions

Although the general acceptance of human-influenced global climate change within the technical sphere of science is important to consider, public perceptions of global climate change risks, impacts, causes, and solutions are as important to policy actions as scientific findings. Yet, studies analyzing climate change risk perceptions suffer from a number of limitations or use only a handful of approaches. Using a limited life history approach, this article answers calls for additional qualitative approaches in risk perception research. This article (1) introduces risk perception researchers to the limited life history method; (2) discovers that young adults articulate climate change solutions at the individual level, often as consumers, and blend their responses to climate change risks and advocacy for solutions with a general, environmentally friendly orientation, a ‘green posture;’ and (3) contends the key sources informing young adults’ perceptions about climate change risk have changed significantly from previous studies.