Skip to content

Uncertainty and climate risk

Uncertainty and climate risk

Authors: Andreas Hafver, Asun Lera St.Clair, Siegfried Eisinger, Frank Børre Pedersen


Although uncertainty is a known characteristic of climate change, from a modern perspective of risk, uncertainties can be an ally. In this article, we present the differences and commonalties between the most used conception of risk in the climate change community, and current trends in risk science. We argue that a focus on the value of uncertainty, in particular its knowledge or epistemic value, can enhance the quality of climate risk assessments, as it contributes to prioritizing decision-making by balancing what often are diverse perspectives on acceptable risk.


DISCLAIMER: Statements in this article represent views of the authors
and do not necessarily represent the positions of DNV or any other partners.

A better understanding of climate risk and uncertainty

Uncertainty is a defining characteristic of any risk, including climate risk. Not only is the concrete and timely identification of specific climate change consequences challenging, but climate change is also closely intertwined with multiple uncertainties related to both short- and long-term consequences, introducing many uncertainties across the links in value chains and across multiple time horizons. While the consequences of climate risks are what humanity should safeguard against, the very existence of large uncertainties around potential consequences of climate change will impact businesses and industries. In the business community, uncertainty in itself is a dimensioning factor for risk. 1 To the socio-geopolitical, financial, and regulatory uncertainties in which businesses operate, we also need to add uncertainties introduced by the digital transformation. Climate risk does not occur in isolation; the fast deployment of intelligent technologies (including in climate science) involves opportunities, but it increases uncertainties and creates other risks as much as it enhances efficiencies.

The fact that uncertainty is a defining characteristic of climate risk is not new. In fact, uncertainty in climate models has repeatedly been used as an excuse for inaction. However, a deep dive into risk science and risk management practices commonly used in industry reveals a different story altogether. Risk assessments are primarily used to support decision-making. It is not always possible or feasible to mitigate all risks, and the main purpose of assessing risks is to actually prioritize them. It shows that a better understanding of uncertainties is a key tool for prioritizing risks.

In this short article, we introduce the International Standards Organization’s (ISO) definition of risk as the ‘effect of uncertainty on objectives’ and discuss the changes it brings to the understanding of climate risk. Drawing on our long experience in risk management and our more recent engagement with the climate services community through the Climateurope2 project, we elaborate on the connection between the concepts of risk and uncertainty and propose an optimal way to describe them. In our view, embracing uncertainties as part of understanding and measuring risk leads to better decisions, as uncertainty is an inherent aspect of our complex world.

The multiple meanings and interpretations of risk

‘Risk’ is a commonly used term, yet experts debate how best to define it. A widely used risk management standard for businesses, ISO 31000, defines risk as ‘the effect of uncertainty on objectives’. 2 The Cambridge dictionary defines risk as ‘the possibility of something bad happening’. 3 Professionals in safety-critical industries may be familiar with the ISO/IEC 61508 definition of risk as the ‘combination of the probability of occurrence of harm and the severity of that harm’. 4 In the context of climate risk, the IPCC AR6 defines risk as ‘the potential for adverse consequences for human or ecological systems, recognising the diversity of values and objectives associated with such systems’. 5 The Society for Risk Analysis has not agreed on one definition, but provides a set of alternative qualitative risk definitions, for example: ‘risk is the possibility of an unfortunate occurrence’; ‘risk is the potential for realization of unwanted, negative consequences of an event’; and ‘risk is the consequences of the activity and associated uncertainties’. 6

All these definitions of risk do in fact share some common characteristics. Firstly, they refer to an outcome, often a negative one (i.e. a bad or harmful effect, impact, or consequence). Secondly, all the definitions use terms to indicate that these outcomes are not certain (i.e. uncertainty, possibility, potential, probability). A common denominator amongst the diverse definitions of risk is that they fundamentally concern uncertain consequences. As T. Aven advocates, a good conceptualization is that Risk = (C,U), where  C=consequences and U=uncertainty 7 8.

Regardless of differences in defining the term ‘risk’, a thought exercise can be helpful to see the types of interpretations required to understand what risk may be. We could ask: What does risk feel like? We can imagine the need to make a decision, such as buying a home or selecting a mode of travel. Regardless of the choice we make, the resulting action will likely entail both desired and undesired consequences. Balancing these consequences is often challenging. The balancing is further complicated by the fact that some consequences may be certain or easy to foresee, while other consequences may be uncertain or difficult to foresee. Decision-makers therefore need to navigate the space of uncertainty and preferences, balancing the level of uncertainty against the consequences at stake. This is illustrated in Figure 1. From this perspective, performing risk assessments is a decision-support strategy to make priorities in a world with limited resources.

Figure 1 Outcome space - consequences

Figure 1: Outcome space - consequences


Risk perception is subjective. Different persons or actors may have different objectives, preferences, and levels of risk tolerance. There may also be different ways to foresee or envision potential consequences. Such differences are often related to knowledge differences, besides potential subjective preferences. Furthermore, different actors have their own way of acquiring and using knowledge. As a result, any risk assessment and management process must take into account stakeholders’ values, objectives, and preferences, as well as the knowledge used to assess the impact on those factors. This interpretation is in fact highly consistent with the IPCC’s definition of risk, which considers the potential for consequences when something of value is at stake and the outcome is uncertain, explicitly recognizing the diversity of value. 9 However, such differences will often lead to different risk assessment conclusions for different stakeholders. This means that any risk assessment must state the preferences and uncertainties of relevant stakeholders, allowing for the alignment of different risk conclusions across stakeholders and the achievement of a minimum level of consensus. This perspective points our attention not only to the importance of uncertainty but to its relation to knowledge, and to the idea that uncertainty has epistemic value.

Uncertainty is a form of knowledge

The term ‘uncertainty’ is also subject to multiple definitions. The Cambridge Dictionary defines uncertainty as ‘a situation in which something is not known, or something that is not known or certain’. 10 The Society for Risk Analysis defines uncertainty as ‘Imperfect or incomplete information/knowledge about a hypothesis, a quantity, or the occurrence of an event’. 11 Both explicitly relate uncertainty to knowledge.

It is common to distinguish between three types of knowledge, namely: propositional knowledge (e.g. ‘Oslo is the capital of Norway’); know-how (e.g. knowing how to ride a bike); and familiarity/acquaintance knowledge (e.g. the taste of banana). 12 A risk assessment can be directly related to propositions (e.g. ‘The consequence of X will be Y’). Uncertainty about propositions is therefore part of what is meant by risk. However, we can also be uncertain about know-how and familiarity/acquaintance knowledge. For example, we may misidentify something or be uncertain or mistaken about how to do something. Therefore, uncertainty, manifested as imperfections in all three aforementioned knowledge categories, should be included in the risk concept.

Uncertainty has many characteristics, and Walker et al. 2003 proposed a model for categorizing uncertainty according to its locationnature, and level. By location, they refer to where the uncertainty enters the risk assessment, for example as part of the context, model structure, model input, or model parameters. 13 The nature of uncertainty is either aleatoric (i.e. there is actual variability in the world, such as frequency of occurrence of some event) or epistemic (i.e. something has a particular value, we just don’t know it precisely, such as the number of people in the world today). However, it should be noted that the distinction between epistemic and aleatoric uncertainty is a practical decision that depends on how we decide to model phenomena. We can then distinguish aleatoric uncertainty that is part of the model, and epistemic uncertainty about the model structure, assumptions, and parameters. The different levels of uncertainty include complete determinism, statistical uncertainty, scenario uncertainty, recognized ignorance, and total ignorance. All these facets of uncertainty become important when assessing and managing risk, as they help determine what can and should be done given the stakes at hand. For example, using resources to obtain more information about an aleatoric uncertainty has no effect and is therefore a waste of resources.

Some knowledge can be stated explicitly, while other knowledge is implicit or even tacit. A risk analysis depends on uncertainty being made explicit, but also on the recognition that there will always be tacit knowledge. Imperfections in explicit knowledge can be expressed as explicit uncertainty and allow us to take ‘calculated risks’. Tacit knowledge may contain assumptions that turn out to be inaccurate or wrong, especially as conditions and contexts change. This leads to surprises, and the potential for surprises is an important aspect of risk. Acknowledging the existence of tacit knowledge, and consequently tacit uncertainty, motivates a conservative approach to decision-making. It also fosters preparedness for surprises, for example by building robustness and resilience into systems, acting like a ‘buffer’ against uncertainty.

Two worlds apart? IPCC and ISO 31000 risk definitions

Climate risk is a well-established topic within climate science. In its fifth Assessment Cycle (AR5), the IPCC put forward a perspective on climate risk that recognizes the critical importance of understanding the interaction between hazards, vulnerability, and exposure. Figure 2 below illustrates this risk perspective.


Figure 2 IPCC AR5 Risk Perspective

Risk results from the interaction of hazards, exposure, and vulnerability. The term risk is used primarily to refer to the risks of climate change impacts. 14 IPCC Sixth Assessment Cycle (AR6) restates this definition of risk as the ‘potential for adverse consequences’. 15

The focus on risk is a strategic choice made by the IPCC author team to ensure that the consequences of a changing climate are integrated into risk management processes. We see this in the methodological choice made by the ongoing European Climate Risk Assessment (EUCRA), which assesses current and future climate change impacts and risks relating to the environment, economy, and wider society in Europe with a focus on complex climate risks such as cross-border, cascading, and compound risks. 16 The EUCRA’s description of its methodology states that it applies the climate risk concept of the Intergovernmental Panel on Climate Change’s (IPCC) Sixth Assessment Report (AR6) and follows the risk assessment guidelines of ISO 31000 and ISO 14091 where feasible. The ISO 31000 risk management approach entails establishing the context, risk assessment, and risk treatment. ISO 14091 on adaptation to climate change is a specialized expansion of the risk assessment portion of ISO 31000.

But how compatible are the ISO 31000 and IPCC AR6 definitions of risk? We note that the ISO 31000 definition focuses on objectives, which is also mentioned by the IPCC definition. However, the IPCC definition focuses on the ‘potential for adverse consequences’, whereas ISO 31000 focuses on the ‘effect of uncertainty’. Arguably, the term ‘potential’ used in the IPCC definition refers to the level of ‘uncertainty’ used by ISO 31000. Indeed, in the explanation of the term risk, the IPCC AR6 states that ‘hazards, exposure and vulnerability may each be subject to uncertainty in terms of magnitude and likelihood of occurrence’, and that risks can arise for example from uncertainty in the implementation, effectiveness or outcomes of climate policy, climate-related investments, technology development or adoption, and system transitions’. However, the IPCC restricts the risk definition to cover ‘adverse consequences’, whereas the ISO 31000 definition includes all effects (i.e. positive and negative). Although this may seem like a significant difference, the IPCC definition of risk can be interpreted as a specialized adaption of the ISO 31000 definition, where negative climate impacts are distinguished from opportunities or ‘positive risks’. Linking climate risk to the ISO 31000 risk definition, which is well-established in risk management across many sectors, could lead to better integration of climate risk in ongoing risk management efforts and improved decision-making processes. Additionally, the ISO 31000 risk definition does not distinguish between positive and negative impacts a priori, thereby accommodating the fact that what may be positive for some stakeholders may be negative for others, and vice versa. This perspective is important in any negotiation or deliberation of policies that affect stakeholders in various ways.

Risk is a lot more than what is quantifiable

We often use metrics to describe quantifiable characteristics of systems. This is useful, as it facilitates comparisons and tracking of developments over time. However, we should always be careful not to confuse the map for the terrain, or the metric for the concept itself or the entirety of the system. This is also true when we talk about risk.

Risk is often presented in reports as numbers and graphs. For example, we often see risk summarized as expectation values, visualized in risk matrices (i.e. with likelihood on one axis and severity on the other), as exceedance curves (i.e. showing the cumulative frequency of events over a certain severity magnitude), or in tornado plots or radar plots highlighting different aspects of the risk. A general feature is of course that we present the results we can produce from the data we have, and not necessarily the results that we might need in areas where data is lacking.

It should be noted that all numerical and visual presentations of risk rely on a series of assumptions and choices. Firstly, the scope of the risk assessment must be defined. For example, in the context of climate risk, a risk assessment may focus on natural disasters but not consider effects on biodiversity. Secondly, once the scope has been defined, a particular set of models and methods are used to assess the risk. This always involves assumptions and simplifications. Finally, when the analysis is done, the results are presented in a particular way. This includes choosing risk metrics and ways of visualizing them. Clearly, certain aspects of risk could get ‘lost’ along the way and become hidden in the assumptions. Ideally, risk analyses should include as much of the studied phenomenon as possible, i.e. be ‘assumption free’. In reality, this cannot be fully achieved. Therefore, an important part of risk assessment is to identify and evaluate the impacts of assumptions on conclusions. This helps to compare and align risk approaches from various stakeholders that might otherwise appear to be different. Knowing each other’s assumptions is a way of building understanding of different views. A challenge, however, is that many assumptions are tacit and can be difficult to both identify and articulate.


Figure 3: Illustration of a full risk picture and how risk metrics and related acceptance criteria only capture part of it.

Figure 3: Illustration of a full risk picture and how risk metrics and related acceptance criteria only capture part of it.

Making uncertainty a friend in decision-making

When risk assessments rely on many uncertain assumptions, there is a tendency to react by dismissing or downplaying the risk. Also, when presented with uncertainty, many people may find it challenging to make decisions. Since risk is really a way to analyse uncertainty and its impact on consequences, we should not be concerned by the presence of uncertainty! In fact, based on the discussion above, we can turn uncertainty from an enemy into a friend. To do this, we should first ask ourselves how the uncertainty impacts our conclusions: What uncertainty matters, and what uncertainty does not matter? How inaccurate would our assumptions need to be in order for our decisions to be different? Second, we should ask ourselves how inaccurate we believe that our assumptions could be, and, if the worst possible inaccuracy is believed to be substantive, how this would alter the results based on our previous answer. Thirdly, we should assess the strength of the knowledge on which all these evaluations are based. Are the evaluations based on high-quality data, validated models, etc., and is there expert consensus on the matter? The approach outlined here is termed assumption-deviation risk assessment17 18 Such an approach helps to identify which assumptions are critical and which are not. In many cases, uncertain assumptions are not critical, which increases the confidence in the conclusions. In fact, identifying and understanding assumptions and associated uncertainties can be empowering.

When describing risk, actors can choose how quantitative they want to be. It is always possible to make assumptions to enable a quantitative analysis. However, precise quantitative risk metrics are misleading if the underlying assumptions are unfounded. In fact, quantitative risk metrics can become a source of risk themselves, rather than a useful means of describing risk. The level of detail in the risk description should match the needs of decision-makers to distinguish and prioritize alternatives. It should also be supported by the available knowledge.

Making uncertainty a friend in our decision-making requires interdisciplinary methodologies that complement the limits of quantitative metrics. These methodologies should provide a clear framework for the decision-making context in which such risk metrics are meant to apply. Rather than dismissing or downplaying a risk because of its uncertain nature, we can turn uncertainty into an ally to define the risk space. As illustrated in Figure 1, this can be done by recognizing multiple perceptions, or diverse degrees of risk tolerance. Uncertainty can also be tackled by balancing perspectives from different stakeholders. These stakeholders may have diverse knowledge systems, preferences, sources of incomplete knowledge, and subjective risk perceptions. By finding a balance amidst such diversity, we can minimize the scope of uncertainty.

In summary, from a modern climate risk science perspective that embeds a broader view of uncertainty as a key element in defining risk, risk is not only a threat but a means of setting priorities and aligning the values and interests of divergent stakeholders.





6 The Risk Analysis Glossary from the Society for Risk Analysis - Society for Risk Analysis (

7 Aven, Terje. "A risk concept applicable for both probabilistic and non-probabilistic perspectives." Safety science 49.8-9 (2011): 1080-1086.

8 T. Aven, “The risk concept—historical and recent development trends,” Reliability Engineering & System Safety, vol. 99, pp. 33-44, 2012.




12 See for example description in the Standford Encyclopedia of Philosophy

13 W.E. Walker, P. Harremoës, J. Rotmans, J.P. van der Sluijs, M.B.A. van Asselt, P. Janssen & M.P. Krayer von Krauss (2003) Defining Uncertainty: A Conceptual Basis for Uncertainty Management in Model-Based Decision Support, Integrated Assessment, 4:1, 5-17, DOI: 10.1076/iaij.




17 Aven, Terje. "Practical implications of the new risk perspectives." Reliability Engineering & System Safety 115 (2013): 136-145.

18 C. Berner and R. Flage, “Strengthening quantitative risk assessments by systematic treatment of uncertain assumptions,” Reliability Engineering & System Safety, vol. 151, pp. 46-59, 2016.