Abstract
Essentially any concept of risk is built on fundamental concepts of chance, likelihood, or probability. Although risk is generally a probability of loss of something of value, given that a risk-generating event will occur or has occurred, it is ironic that the quality risk management literature and guidelines on quality risk management tools are relatively silent on the meaning and uses of “probability.” The probability concept is typically applied by risk managers as a combination of frequency-based calculation and a “degree of belief” meaning of probability. Probability as a concept that is crucial for understanding and managing risk is discussed through examples from the most general, scenario-defining and ranking tools that use probability implicitly to more specific probabilistic tools in risk management. A rich history of probability in risk management applied to other fields suggests that high-quality risk management decisions benefit from the implementation of more thoughtful probability concepts in both risk modeling and risk management.
LAY ABSTRACT: Essentially any concept of risk is built on fundamental concepts of chance, likelihood, or probability. Although “risk” generally describes a probability of loss of something of value, given that a risk-generating event will occur or has occurred, it is ironic that the quality risk management literature and guidelines on quality risk management methodologies and respective tools focus on managing severity but are relatively silent on the in-depth meaning and uses of “probability.” Pharmaceutical manufacturers are expanding their use of quality risk management to identify and manage risks to the patient that might occur in phases of the pharmaceutical life cycle from drug development to manufacture, marketing to product discontinuation. A probability concept is typically applied by risk managers as a combination of data-based measures of probability and a subjective “degree of belief” meaning of probability. Probability as a concept that is crucial for understanding and managing risk is discussed through examples from the most general, scenario-defining and ranking tools that use probability implicitly to more specific probabilistic tools in risk management.
Introduction
The objective of this paper is to discuss probability in the context of pharmaceutical quality risk management. Although a fundamental concept for risk assessments, risk control, risk communication, and risk review supporting the decision-making activity, probability is not explicitly defined or implemented in some risk management tools. Qualitative risk management tools are generally silent on probability concepts while more quantitative approaches include explicit steps for probability estimation. Probability estimation is also vital to deciding among alternative root causes if root cause analysis (RCA) is used as a causal analysis tool. In spite of a rich scholarly and popular literature on probability and some of the mental blocks people have against formal probability assessments, there is little evidence for even a common usage of a probability concept in quality risk management. In this essay, I present several examples of implicit or explicit probability and uncertainty use in popular quality risk management tools.
Although probability is a concept originating in ancient Rome (1), it still continues to defy a single definition. Definitions of probability from mathematics, physics, statistics, psychology, and philosophy often clash; and, the meaning of probability is often casually mixed with notions of chance and likelihood (2). Even within applied risk management, probability has at least two major meanings. For example, risk managers favoring classical or “frequentist” statistics prefer a meaning of probability based on the ratio of successful outcomes to the number of (experimental) attempts or trials. The true probability of this random event emerges from frequencies only after a very large number (e.g., millions) of trials. On the other hand, risk managers preferring Bayesian statistics refer to probability as the degree of belief that an event will occur or has occurred, given the knowledge at hand. According to Bayesian analysis, both frequency-based and subjective probabilities can be updated with new information to yield a posterior estimate of probability.
Concepts of Probability
Risk management involves processes and decisions to minimize the chance of loss from negative events that have yet to occur. This fact suggests that risk management is an inherently Bayesian endeavor favoring notions of probability as a degree of belief that an event has occurred or will occur. But classical statistics' focus on frequency can also provide inferences about risks from past events to derive predictions of deleterious outcomes from future risk-creating events. Technological endeavors in particular seek data for modeling trends and making predictions. Ultimately, risk managers are likely to use mixtures of both frequentist and Bayesian interpretations of probability. Perhaps Peter Bernstein noted the use of both schools of thought in risk management when he remarked that “risk management and decision-making are all about confronting uncertainty and where the balance between measurement and gut becomes the focal point of the whole story” (3; p. 56).
The usefulness of a probability concept and probability theory in pharmaceutical quality risk management is incontrovertible. Probability is the scale for measuring Bernstein's confrontations with uncertainty in risk management. Without a probability as a unit of measure for risk projections and predictions, only qualitative and typically vague linguistic descriptors remain (4). For example, imagine the range of perceptions in the minds of listeners of a weather report if the only statement of future or chance is only in terms of possibility (i.e., “it can rain tomorrow”) or even vagueness (“there is a high chance of rain”). In the listener's mind, the forecast might be assigned a value between 0 and 100%, but the assigned probability is based entirely on the listener's own heuristics for probability judgments and personal experience with rain forecasts (5). Even when the weather forecast includes a probability, the individual meanings given to that numeric probability are known to vary widely (4).
Not only is a probability concept essential to describing and quantifying risks of any kind, but probability theory is also a critical underpinning for causal analysis in risk management. In fact, Pearl noted that “probability theory is currently the official language of most disciplines that use causal modeling, including economics, epidemiology, sociology, and psychology” (6, p. 1). Causal inference used in quality risk management, such as in RCA, relies on probability to identify the most likely causal pathway when alternative pathways are identified. Even the evaluation of “common” versus “special” cause deviations in manufacturing quality are probability-driven designations (7). More rigorous underpinnings for manufacturing risk management, such as reliability analysis, are especially relevant applications of probability theory (e.g., 8).
The remainder of this essay explores the use of probability in common tools applied to quality risk management. Probability in the language of risk and its importance as the measure of uncertainty are discussed. Examples are presented ranging from those in which probability is implicit, such as hierarchical and brainstorming approaches, to explicitly probabilistic tools, such as Monte Carlo calculations.
Probability in the Language of Risk
In the inaugural volume of the journal Risk Analysis, Kaplan and Garrick (9) outlined some basic principles for risk analysis, including a statement that “the notion of 'probability' is fundamentally intertwined with the definition of risk.” These authors stated that risk, for any field of endeavor, can be characterized using a set of triplets that describe
the scenario identification or description,
the probability of that scenario, and
the consequence or evaluation measure of that scenario, i.e., the measure of damage or harm.
Nearly 25 years later, the International Conference on Harmonisation quality guideline ICH Q9: Quality Risk Management (10, 11) acknowledged similar principles in quality risk management and adopted the plain-speaking language of Kaplan and Garrick, that information for estimating the scenario (s), probability (p) and consequence (x) necessary for a risk analysis consists of answering three simple questions:
What might go wrong?
What is the likelihood (probability) it will go wrong?
What are the consequences (severity)?
In more formal terms for the ith scenario, the triplets are si, pi, xi (9). It is apparent that these fundamental questions apply to a wide variety of risks, from financial to pharmaceutical manufacturing processes, and at levels from the individual to large organizations. It is also apparent that in any risk estimate or projection, ultimately it is the chance—probability—that the risky scenario can occur that is the principal random feature of risk assessments.
Definitions of risk in either pharmaceutical industry guidance or relevant literature refer to combinations of uncertainty, likelihood, and probability for defined consequences or harms. For example, ICH Q9 defines risk as “the combination of the probability of occurrence of harm and the severity of that harm” and states the principle that the “evaluation of risk to quality should … ultimately link to the protection of the patient” (10, 11). ICH Q9 aligned several of its risk management principles and processes with other international guidances, such as the International Organization for Standardization (ISO) medical device standard, ISO 14971 (12). More recently, ISO revised its general standards for risk management approaches in a more comprehensive standard, ISO 31000 (13), in which the standards organization defined risk succinctly as “effect of uncertainty on objectives”; however, ISO then elaborated on the definition using five footnotes, including one analogous to ICH Q9 that stated, “risk is often expressed in terms of a combination of the consequences of an event … and the associated likelihood of occurrence” (10, p. 1). Recently, Aven and Renn (14) looked at definitions of risk from various disciplines and identified two major themes among the definitions:
risk expressed in terms of probabilities and expected values, and
risk expressed through events/consequences and uncertainties.
Although it is clear that probability and the related concept of uncertainty are fundamental elements of risk definitions, probability is seldom discussed or formally defined in either speeches or papers on pharmaceutical quality risk management. Likely reasons for probability's low profile include the facts that probability is often thought to be something relevant only to quantitative risk evaluation and that it is often an unfamiliar concept for decision makers (e.g., 15–17). It is paradoxical that examples of probability surround us in daily life and that probability is intuitively part of decision making, yet probability is difficult to define and apply in organizational risk management. Perhaps the psychological barriers to the use of probability are as important as are the challenges that arcane quantitative applications can create. For example, humans are notoriously poor judges of probability (5, 18–20), preferring to use unspecified “gut feelings” and heuristics that can create cognitive biases rather than rationally estimate probability for risk management decisions (e.g., 15–19). Our human propensity for flawed judgments of probability is easily exploited in casinos, by advertisers, and in political campaigns (19, 20).
Authors of both original research reports and the general management literature have stressed the importance of changing management's aversion to probability and also of better and more routine applications of probability in decision making more generally (e.g., 1, 15, 16, 20–24). Some of these authors argue for a new practice of “probability management” and that organizations should designate a “chief probability officer” to lead the organization in the sound use of probability for risk management, especially for complex decisions (16, 21). Ultimately, a major theme in the business risk management literature, and for which risk management of pharmaceutical quality is no exception, is that including probability and uncertainty as a part of better risk management decision making amounts to a culture change. Even when risk managers use probability in risk assessment and risk control for decision making, it is notoriously difficult to communicate to the general public as a part of risk communication (4).
Probability for the Measurement of Uncertainty
Probability is the scale for measuring uncertainty. For example, a probability distribution is used to describe the uncertainty in a variable that can randomly take discrete values from a range of possible values. Although the likelihood that a variable takes each specific value in the distribution is generally taught as probability, and probability and likelihood are used interchangeably in much of the risk management literature, some theoreticians argue for distinctly separate definitions (2). A continuously distributed random variable is described using a probability density function (PDF) for which the total area described by the curve is defined as 100%, or probability = 1. The proportion of the area under the PDF curve for an interval of possible values is the probability that the random variable takes a value within the interval. For example, the area under the normal PDF curve between the mean − σ and the mean + σ is 68.3% of the total area under the curve, or, probability = 0.683. The standard deviation (σ) measured in the units of the random variable is a key measure of uncertainty for that variable. Moreover, for two risk estimates having equal means and modeled using the normal PDF, the distribution having the “wider” standard deviation is the one reflecting greater uncertainty in its variable (e.g., a risk estimate).
Risk managers are likely to have a more realistic appreciation of risk if the risk quantity of interest is described as uncertain rather than as a unique value (e.g., 15, 19, 22, 23). For example, for two scenarios of equal average (mean) risk, the percentiles of the distributions could be drastically different with respect to exceeding a bright-line risk acceptance threshold (Figure 1). along with comments about the implementation of probability concepts.
Probability-based measures of the uncertainty in a risk measure, such as percentiles of the sample distributions, might lead risk managers to conclude the risks are different. For example, Figure 1 shows that, although the mean estimates of risk are equivalent, the probabilities of a risk estimate above a percentile-based threshold are clearly different (Fig 1b).
The use of discrete and continuous probability distributions is a regular part of quality management exemplified by control charting, sampling plans, quality by design, critical quality attributes, critical process parameters, etc. (e.g., 25–29). In fact, the utility of uncertainty and probability relationships as risk and quality management drivers is even exploited in six sigma quality theory. Six sigma generally refers to a performance target that assumes that the average chance of defects in a critical-to-quality characteristic is only 3.4 or less in 1 million opportunities (29). In other words, the process would be expected to operate between the lower and upper specifications with a theoretical probability of about 0.9999966. A measure of central tendency, such as an average, is not the important measure; rather, six sigma concepts are about performance “certainty” keeping variation within a 6σ width around the mean. Part of six sigma's success is in its convenient—yet probabilistic—communication of the goal to keep the risk of defects to a defined region, e.g., “1 in a million” or less. For many manufacturing processes, including some in the pharmaceutical industry, lower goals might be sufficient for the purpose. Although 6σ conveys probabilistic thinking and goals, it is important to recall that quantitative, σ measures require consideration of the sample size and experimental design.
If probability—even as a single point estimate—is challenging to judge and communicate, then uncertainty as a range or a distribution of probabilities, or even as the “weights of evidence on chances” (2), only amplifies communication challenges. Probability distributions describe the range of values a random variable may take, along with the probability (likelihood) that the variable will take any specific value (e.g., 30, p. 20). Calculating or measuring a distribution about a large probability or “sure thing” might not add significant value to either a risk assessment or a decision analysis. In contrast, estimating probabilities and uncertainties of extreme events is often a high-value exercise for decision makers or managers that is too often ignored or short-circuited by simple guesses of the probability. The common avoidance of uncertainty by decision makers might be due in part to the perception that it is too arcane to be meaningful in boardroom decisions (e.g., 15, 16, 19, 21). Ultimately, misperceptions about the value of (probabilistic) uncertainty analysis lead to what Hubbard refers to as the “risk paradox”—organizations use their risk-analytical resources on low-hanging fruit rather than applying sophisticated analyses to more challenging risks that are often the highest value in terms of costs to organization (21).
Probability Implementation in Various Quality Risk Management Tools
ICH Q9 referred briefly to a wide range of risk management tools and where the tools might have applications in pharmaceutical manufacturing (10, 11, 31). More recently, ISO 31000 reviewed features of risk assessment tools ranging from “brainstorming” to Markov analysis (13). The remainder of this essay discusses examples of risk management tools that are either missing probability or use probability implicitly or explicitly. The references in ICH Q9 and ISO 31000 are useful for in-depth explanations of risk management tools and how probability is or is not implemented in each tool (11, 13). Some of the commonly used quality risk management tools are listed in Table I along with comments about the implementation of probability concepts.
Qualitative, Hierarchical Methods
High-level, or general, qualitative risk management techniques call for defining and structuring risk management problems by classifications within hierarchies. Such qualitative risk management tools include hierarchical holographic modeling, value-focused thinking, tools used for multi-criteria decision analysis, and others (4, 24, 32–34). These tools are used to define the risk(s) in more-fundamental terms and, typically, a hierarchical structure that decomposes the general high-level risk categories or, in decision analysis models, decision objectives. Categorization and decomposition often rely on brainstorming or structured what-if techniques (SWIFTs) in order to identify important features underlying the principal objective or risk management goal of the model. Identified “topics” are then categorized under logical groupings being mindful of principles for categorization (e.g., 35). The process of decomposition or “drilling down” to more-fundamental objectives and/or potential sources of risk feeds into either decision analysis or risk management (e.g., 24, 34). Decomposition of a defined risk problem helps to focus risk managers and subject matter experts on the most important drivers of the risk in question. Decomposition also leads naturally to defining attributes that are useful for measuring risk or, perhaps, measuring progress toward risk management objectives (24, 32–34).
The high-level risk management procedures for creating hierarchical “trees” typically do not explicitly mention either measured or judged probabilities for the scenarios defined in the tree. Yet, for hierarchical models to be useful as structural foundations for risk modeling, mapping probabilities to the elements of the tree helps to ensure that the problem is statistically (36) and mathematically (37) coherent and that the trees are suitable for use in follow-on procedures such as risk ranking and filtering (34). Both risk-analytical modeling and multi-objective decision analysis benefit by mapping probabilities of specific outcomes (or consequences)—linked to the elements described in the hierarchies—in outcome space. Thinking through an entire outcome space is necessary to satisfy the second probability axiom, that the probability that some event in the outcome space occurs is 100%, because every possible event is defined within the outcome space. In other words, the risk management team seeks to (at least) qualitatively map “what might go wrong?” possibility scenarios to “what is the likelihood (probability) it will go wrong?” probability-weighted scenarios, thereby bringing the risk problem definition closer to one that links with risks to the patient (11, 12).
An example of a hierarchical mapping process for an arbitrary quality risk problem is shown in Figure 2. This notional example shows a mapping of drug quality risk to potential sources of risk from manufacturing problems within five independent, generalized categories of events: product, manufacturing facility, manufacturing process, people, and other. Given no other information than the chart and an assumption of mutual independence among the categories, the default assumption in risk scenarios in this hierarchy is that each category represents 20% of the probably of events creating public health risks from manufacturing quality problems. The typical work of a team developing scenario-based hierarchies into quantitative risk management models is to use quantitative information, expert judgments, or both to estimate probabilities for scenarios creating the risk of interest.
For risk management teams defining a risk problem using a qualitative hierarchical model, an understanding of the completeness of scenarios mapping to outcome space can also be important for prioritization of risk management resources. For example, interdisciplinary teams often find that they can map their defined risks in many top-level categories, but still have historical or envisioned unexplained events lumped into an “other” category. This category gathers the so-called “known unknowns” because sometimes there are scenarios that are not recalled explicitly during the initial rounds of brainstorming. Nevertheless, it is understood that these scenarios account for a portion of the total probability in the risk hierarchy. Not shown in the hierarchy are so-called “unknown unknowns” scenarios. Thinking deeply about hypothetical alternatives can raise the need for an alternative model—a different hierarchy—to accommodate such scenarios. Some authors argue that some of the least-considered scenarios are the highest value for risk management (15, 21) and that deliberate evaluation of extreme value risks (identifying unknowns) is more important than routine risk analysis (38).
Probability becomes an important measure for simplifying risk hierarchies and pruning value trees to yield simpler, more parsimonious models. Either hierarchies or value trees implicitly partition probability of occurrence through the branches. The greater the number of levels in the tree the smaller the probabilities are likely to be at the lowest branches. Identifying the lowest probability components as candidates for pruning helps to focus risk managers on the most important determinants of risk. For example, the probability of one of the branches might be vanishingly small and for some purposes, such as ranking independent items in a portfolio, might be eliminated as a relatively uninformative component of the model. Using probability this way simplifies the hierarchy under one well-defined risk that can be causally categorized in multiple components and hierarchies.
Cause-and-effect models, such as the Ishikawa “fishbone” procedure, can represent causal probability space using highly inclusive categories that might contribute to causing a defined effect (39). For example, categories of materials, personnel, procedures, or environment can span manufacturing operations. Logically, the probability of all potential causes (and their sub-causes) of a defined risk should sum to 100%. In order to identify all possible causes for a given effect, knowing the probability of each sub-branch of the fishbone might not be necessary to understand all possible causes, but the total probability of possible sub-causes should sum to the major branch probability. Interactions (non-independence) among branches and sub-branches complicate probability calculations and add complexity to interpretations of Ishikawa diagrams. Although the most probable pathway in the fishbone is sometimes identified by graphical techniques such as bolding the connecting lines, cause-and-effect techniques are often simplified into checklist approaches and do not recognize probabilities explicitly (40). Yet, probability estimates are vital to identify the most likely pathways in a causal analysis (6). Finally, unlike fault tree analysis, cause-and-effect approaches usually concentrate on independent or non-sequential events, although the Ishikawa and similar approaches could readily be adapted to sequential causal chains.
Ranking Methods
ICH Q9 lists several possible ranking tools that can be used to prioritize a number of risk items for risk management resources (10, 11). For example, failure mode and effect analysis (FMEA; (41) and failure modes, effects, and criticality analysis (FMECA) rank the failure likelihoods of different failure modes in manufacturing processes (41) or supply chain auditing scenarios (42). FMEA and FMECA approaches resemble decision analytical semi-quantitative techniques for ranking and prioritizing portfolios or resources (Figure 3) The difference between decision and risk analytical methods is that decision analysis generally relies on point estimates of probabilities whereas risk assessment seeks to describe estimate of probability and risk with the uncertainty in the estimate. Such is the case for the FMEA tools. Moreover, probability in FMECA is typically reduced to so-called “temperature scale” integers between 1 and 4 or up to 10, inclusive. A quick scan of the published literature and presentations at meetings suggests wide applications of FMEA and FMECA, perhaps in part due to the simplicity of the probability approach.
A possible reason that probabilistic methods are seldom considered or, perhaps, are unnecessary detail in ranking methods such as FMEAs is that the uncertainties from mode to mode are either unknown or the specific means of data collection that could inform the uncertainties are not available. Indeed, in his thorough text on FMEA, Stamatis does not even list “probability” or “likelihood” in the subject index, preferring to use “frequencies” of occurrence (41). Another reason for the lack of a probability implementation in FMEAs is that comparison of probability distributions from mode to mode in a long list of failure modes is not likely to add much to the overall objective of ranking failure modes and effects for the purpose of risk management.
If all estimates of severity-probability-detectability in a given FMECA have similar uncertainties and distributions, then the choice of any single parameter representing the probability component is likely sufficient for ranking purposes. On the other hand, if uncertainties can be obtained for the scenarios in question, then it is possible to consider whether the mean, median, or another percentile of the distributions are better measures for ranking purposes. If it is important to consider widely variable uncertainties among the scenarios, then the median or an upper percentile of the distributions is likely to be more informative than a mean. This is particularly true for the case of skewed distributions.
There are two levels of probability judgments in ranking processes like FMEA and FMECA. First, the judgments within a range of cardinal scales severity and detection scores are probability judgments—e.g., the severity of occurrence is more probably a “5” than a “3” according to the descriptions at each scoring level. The judgment of the probability of occurrence is clearly a probability judgment unless it relies only on frequencies of various modes from the past experience. The second level is in the set of scenarios—the likelihood that the entire FMEA model is more likely to represent the failure modes and effects of the defined process than are alternative models.
Quantitative Methods
Quantitative methods in risk management generally focus on potential quantitatively characterizing uncertainties in risk estimates. Given a model to calculate a risk estimate, this parametric risk estimate could be expressed as central tendencies such as a means or medians, a single percentile (e.g., the 95th percentile), or a set of percentiles (“quantiles”) of the risk distribution. The appropriate quantitative measure depends on policy and the risk management goal. Quantitative risk assessments might be used in situations in which the potential benefits are seen in terms of either reduced health risk or costs savings in pharmaceutical manufacturing. These methods require an understanding of both probability and uncertainty analysis. For example, Monte Carlo and hierarchical Bayesian estimations using Markov Chain Monte Carlo (MCMC) methods are common, probability-rich tools used in quantitative risk analysis. When various relative frequencies and PDFs are either measured, created as assumptions for the purpose of modeling, or derived from expert elicitations, the major value of Monte Carlo and MCMC modeling is to propagate the component uncertainties throughout the complete model. Sometimes analytical error propagation among numerous variables is impractical: MCMC enables modelers to quickly view the impacts of numerous uncertain variables on the uncertainty in the overall risk estimates. A question remains if these “quantitative” tools can really quantify risk versus just estimate a relative risk ranking.
Challenges in Probability Judgments
As mentioned previously, probability estimates for various risk management models and risk assessments ideally come “from the data” using statistical or Bayesian methods. But often risk managers find that even a carefully designed structural model cannot be fully parameterized using data to complete either a simple ranking calculation or even a complex Monte Carlo model. Expert elicitation of probabilities has been used for at least a century to fill gaps in the available information, including estimating the most probable slope for dose-response models, the probable time to failure, and the most likely model among candidate models (15, 34, 43–45). The use of expert judgments has a robust scholarly literature and rigorous formal application to climate change, nuclear power concerns, and other difficult risk assessments; however, some useful and entertaining works about how humans make probability judgments and how these judgments “go wrong” are found in the trade literature (e.g., 16, 47).
In any business, management is known historically to seek simplified deterministic values of probability and consequence for decisions (e.g., 15, 16). Ironically, it is typically a chief executive officer's or other senior management leader's apparent willingness to make risky bets based on hunches that is valued as a leadership trait (16). Like an above-average batting season in baseball, success at hunches is more likely than not to tend toward a more realistic success rate over time (1, 17–19). As analysis of data and creation of information for decision making is becoming closer to “real time” using web-based analytics, a growing proportion of managers are calling for quantitative analysis to inform risky decisions. But inevitably, gaps in information and risk management models remain and need to be filled with best estimates using “calibrated” subject matter experts. Processes for high-quality decision making rely on calibrated expert judgments rather than simple hunches or “best guesses” (15, 16, 24, 45, 47, 48).
When a risk or decision analyst seeks decision makers' preferences to weight components of hierarchies or value trees, it is useful to recall well-known human flaws in probability judgments that might bias results (5, 15, 16, 20, 46). In this context, heuristics are “rules of thumb” or shortcuts people use to judge probabilities. Three principal heuristics are the following (18):
Availability, in which judgments are sometimes derived from outcomes that are more easily remembered, or “available,”
Representativeness, in which judgments are based on a faulty assumption that an example or other limited data and experience is representative of the population or average, and
Anchoring and adjustment, in which prior information about a particular value (estimate) leads the expert to fixate on close value in a range and to make insufficient adjustments away from it for uncertainty estimation.
Although both intuitive and expedient in many decision settings, these heuristics and others can create systematic errors—biases—in probability judgments.
Risk and decision analysts attempt to control for probability judgment biases by calibrating the subject matter experts. Beginning with developing mental models (45), value trees (24), or hierarchies (34) for each decision or risk management model, the process of calibrating experts for their probability judgment is used for more rigorous applications of probability in elicited models (45). Calibration can involve having the experts answer either general questions to reveal to the expert their abilities to judge probability intervals (15, 21) or a process involving an extensive set of individual and group exercises to elicit explicit values for quantitative measures such as the slope of functional relationships (44).
Detailed discussion of expert calibration and expert elicitation is beyond the scope of this essay, but its relevance and importance for the present topic should not be dismissed. Calibration of experts for probability judgments accomplishes at least two things: it increases self-awareness among the experts of well-known flaws in human judgments of probability, and it helps to join the varied judgments of experts on a single quantitative scale. Calibration is important not only for the subject matter experts themselves; the decision makers who the experts advise might also benefit from calibration (4, 14, 47). For example, Dieckmann et al. reported that the ability to use probabilistic (risk and likelihood) information depends partly on the numeracy of decision makers (47). In general, less numerate individuals report higher risk and likelihood perceptions. Calibration intends to improve alignment between subjective probability assessments and realistic probability measures.
Conclusion
Given that a probability concept or definition is irrefutably necessary to understanding risk in semi-quantitative and quantitative risk management, it is paradoxical that probability concepts are seldom explicitly used or discussed in the quality risk management literature more generally. A rich history of probability in risk management applied to other fields suggests that high-quality risk management decisions will benefit from the implementation of probability concepts in both risk modeling and risk characterization.
Conflict of Interest Declaration
The author declares that he has no competing interests. This paper reflects the views of the author and should not be construed to represent the FDA's views or policies.
Acknowledgments
Thanks go to J. Urban and F. Rahaman for helpful discussions on probability.
- © PDA, Inc. 2012