Factsheets 16: Using our climate resources for risk assessments

A climate risk assessment is a structured process for estimating the likelihood of future climate hazards and their potential impacts to identify climate-related risks and possible management actions.

Importantly, a risk assessment process provides a way to navigate uncertainty, identify required data and information (climate and non-climate), consider multiple sources of information, and to make appropriate decisions with often imperfect information.

Climate risk occurs at the intersection of a hazard, exposure, vulnerability and response (Figure 1).

A hazard is a natural or human-induced event with the potential to harm. Climate hazards are often described as acute (such as extreme weather events that are expected to become more frequent and or intense under climate change) or chronic (such as sea level rise or shifting climatic zones). It can also be useful to consider compound or coincident hazards that may overlap in time and/or space such as severe winds, flash flooding and storm tide inundation that can occur together with tropical cyclones.

Exposure refers to the presence of people, assets or other values in places that could be affected by a hazard.

Vulnerability is the susceptibility or predisposition to be adversely affected, reflecting a lack of resilience or adaptive capacity. You may see sensitivity and adaptability identified as components of vulnerability.

A Response includes policy or management actions introduced to adapt, mitigate or control risk by reducing exposure and/or vulnerability. However, a management response may not eliminate risk and can still leave some 'residual' risk or even produce new risks for both adaptation and mitigation responses (e.g. maladaptive responses or perverse outcomes). It is common to see definitions of climate risk and variations of figure 1 that exclude the response. However, the design and effectiveness of responses are important considerations in climate policy and can be a major influence of future climate risk for reporting purposes (e.g. financial disclosures), so we've included it here.

An understanding of exposure and vulnerability helps to identify relevant hazards for your system, interests or activities. It can also help to identify particular thresholds at which hazards will have an impact. This then helps to identify what kind of climate data you need, and most importantly, can narrow down or simplify your data search.

Multiple climate risk assessments tools, methodologies and frameworks are available, with many focussing on the needs of specific sectors. Most methodologies follow much the same process and align with the International Standard for Risk Management (ISO 31000). However, they may vary in the terminology used or recommended information sources.

Some examples include:

• Climate Compass (CSIRO) - a risk management tool for government agencies that enables the consideration of climate risk within current risk management processes
• National Climate Risk Assessment Methodology - developed by the Australian Government to support the first National Climate Risk Assessment
• CoastAdapt (National Climate Change Adaptation Research Facility) - a resource to support coastal adaptation that includes information for risk assessments and adaptation decision support
• Climate Risk Ready NSW Guide (NSW Government) - public sector climate risk management
• Climate risk management tools for households and small businesses (Queensland Government).

You may prefer to apply a different methodology tailored for your sector, or you could be required to use a particular methodology as directed by internal policy or compliance requirements.

Following one of these formal risk assessment methodologies provides confidence in the decision-making process and provides a way to make progress without being distracted by uncertainty or becoming overwhelmed by the volume of data available. As a result, it's essential to adopt a risk assessment methodology early in your exploration of climate risk to maximise chances of rapid and effective progress.

A common principle in assessing climate risk is to look at the greatest amount of plausible change, not just what's most likely or that is known with high confidence. This enables the consideration of events that may have a low likelihood but would have very high impact should they occur. Another common practice is to consider at least two alternative climate futures that provide plausible upper and lower bounds for a risk assessment, such as different future emissions pathways or scenarios. A risk assessment tool or framework will usually provide guidance on selecting the most appropriate scenarios to use.

Climate data is just one of the sources of information that feed into a risk assessment.

Climate projections data, scenarios and storylines can tell you how the physical hazard may change in the future, but you also need to consider what other data you need to assess exposure and vulnerability, and how you can combine this data to calculate risk. This can include information on the design or construction of physical assets, requirements for the reliable provision of services, financial data, socioeconomic data, ecological processes, impacts of historical events, critical hazard thresholds, and links and dependencies such as supply chain vulnerabilities.

It can often be the availability and suitability of these other datasets that can create challenges for a climate risk assessment rather than the availability or uncertainty in climate projections data.

Climate risk assessments can vary in the level of detail required and are often performed in sequence, getting more focussed and detailed at each step. A common way to describe these stages is as a 1st, 2nd or 3rd pass risk assessment, but Climate Compass is a little different and describes these levels as 'scan', 'strategy' and 'project' cycles.

This section describes the key high-level steps in a generic process for a 2nd pass assessment addressing assets or services. A common practice is to conduct a risk assessment in a group setting that brings together people with expertise in different parts of your system to facilitate engagement across an organisation and to ensure multiple perspectives are considered.

Step 1 is where you define the system and boundaries, set your objectives for the system in question, identify your values of interest, level of risk tolerance, set the timeframe for your analysis based on the 'decision lifetime' or 'consequence lifetime' etc.

Step 2 - draw on past events and expert knowledge to identify points of sensitivity and the climate hazards that may be relevant for your interests, including any critical thresholds at which a climate variable or event becomes hazardous for your interests and values.

For this step, it may be useful to explore high-level climate information such as our Regional Climate Change Impact Summaries.

Step 3 - explore relevant climate projection information to look for potential changes that may elevate existing risks or introduce new risks.

For this step, resources with more detailed information such as the Queensland Future Climate Dashboard and Regional Explorer.

Step 4 - calculate risk ratings, identify management responses and prioritise further work.

At the end of this process, you'll have a register of climate risks relevant for your interests and clear decisions on next steps.

A key point is that you only need to start looking at detailed climate projections data in step 3 of this process, after you've already established the context and scope for your assessment and identified material climate hazards and points of climate sensitivity for your interests.

The benefit of doing the steps in this order is that it helps you to narrow down what you might need in the way of detailed climate data that's actually relevant for your system and values. This avoids becoming overwhelmed by the amount of climate data and information available from multiple sources and makes it easier to make progress through the assessment.

The level of risk associated with a hazard or event is determined by combining information on likelihood and consequence to determine a risk rating using a risk matrix similar to the one in Table 1 below (part of step 4 in the process described above). This approach will be familiar to anyone who has done a risk assessment for workplace health and safety or a major project proposal.

Table 1: A typical risk assessment matrix used to determine overall risk ratings based on the likelihood and consequence of a hazard or event (adapted from Climate Compass).

The resulting risk rating determines your course of action, with examples provided in table 2 below where the responses are defined to match a predetermined risk tolerance (which may be defined in an organisation's risk policy).

Table 2: Examples of management responses that may be assigned to risk rating levels.

These tables are examples only - in the first step of the process, you can define the matrix and the required actions or responses to suit your own risk tolerance and strategic objectives. In addition, judgement and expert opinion are often required to supplement hard data when assessing both likelihood and consequence.

Importantly, you can include different levels of the same hazard in your risk matrix. E.g. One level may be likely and with moderate consequences leading to a high risk rating that would require an adaptation plan to be developed. A higher level of the same hazard may be unlikely but would have catastrophic consequences, leading to a medium risk rating that would require ongoing monitoring and review to detect any changes in the risk rating that might then require a different response.

Climate change can present some challenges for a traditional risk matrix approach:

• Traditional risk management relies heavily on past patterns and experience, but there is growing acknowledgement that past climate may not be a reliable indicator of future climate patterns.
• Likelihoods and consequences will both change with time reflecting the changing climate and management responses.
• Some future consequences and impacts can be difficult to envisage in the current environment.
• There may be an increased likelihood of simultaneous or multiple overlapping hazards or events (i.e. non-independent).
• The risk tolerance of different stakeholders within a system may not be the same, even for the same hazards and values.

For hazards that present high or extreme risks, you may need to conduct a more detailed 3rd pass risk assessment, develop an adaptation plan, or perhaps an investment plan or business case to secure funding for the required management actions. These types of plans usually require much more detailed data to support more complex analyses and the methods are beyond the scope of this factsheet. We suggest seeking expert advice before commencing these next steps.

Factsheet #2 provides guidance on how to select a source of climate data and information for a variety of purposes in addition to climate risk assessments.

• You will make more rapid progress exploring climate risk if you adopt a formal risk assessment methodology early in the process, and before you start exploring and collecting detailed climate data.
• There's no need to be overwhelmed by the volume and variety of climate data available - the risk assessment process will identify the types of climate data you need to assess the short list of hazards relevant for your system, values and objectives.
• You should have confidence in the risk assessment process as a way to make informed and defendable decisions even if some information is uncertain.

CoastAdapt - https://coastadapt.com.au/how-to-pages/how-to-conduct-a-climate-change-risk-assessment.

Climate Compass - https://www.agriculture.gov.au/sites/default/files/documents/climate-compass-climate-risk-management-framework-commonwealth-agencies.pdf.

IPCC Special Report on Managing the Risks of Extreme Events and Disasters to Advance Climate Change Adaptation - https://www.ipcc.ch/site/assets/uploads/2018/03/SREX_Full_Report-1.pdf.

This factsheet was developed in collaboration with the National Environmental Science Program Climate Systems Hub.