8 Important Qualitative Risk Analysis Methods

Qualitative risk analysis methods are used to quantify risk associated with a particular hazard. Qualitative risk analysis methods are the most basic form of risk assessment, categorizing potential risks based on either nominal or ordinal scales. It involves evaluating the potential losses from a given risk using a combination of known information about the situation, knowledge about the underlying process, and judgment about the information that is not known or well understood.

Generally, we have the qualitative and quantitative risk analysis methods. The main difference being that qualitative risk analysis uses a relative or descriptive scale to measure the probability of occurrence whereas quantitative risk analysis uses a numerical scale.

For example:

A qualitative analysis would use a scale of “Low, Medium, High” to indicate the likelihood of a risk event occurring.


A quantitative analysis will determine the probability of each risk event occurring, attaching numerical values to them. For example, Risk #1 has an 80% chance of occurring, Risk #2 has a 27% chance of occurring, etc.

Read Also

There are several qualitative risk analysis methods, they include:

  1. Delphi Technique: This is a form of risk brainstorming that makes use of expert opinion to identify, analyse and evaluate risks on an individual and anonymous basis. Each expert then reviews every other experts risks, and a risk register is produced through continuous review and consensus between the experts.
  2. SWOT (Strengths, Weaknesses, Opportunities and Threats) analysis: SWOT analysis is a strategic planning technique used to help a person or organization identify strengths, weaknesses, opportunities, and threats related to business competition or project planning. This can help identify ways to mitigate risks and manage them in the future. It consists of listing the strengths, weaknesses, opportunities and threats associated with your company’s ability to withstand or eliminate each risk.
  3. SWIFT Analysis: This stands for “Structured What-If Technique”. What-If Analysis is used to identify hazards, hazardous situations, or specific event sequences that could produce undesirable consequences. The method can involve examination of possible deviations from the design, construction, modification, or operating intent. It requires a basic understanding of the process intention, along with the ability to mentally combine possible deviations from the design intent that could result in an incident. This technique is really successful when the members of the team involved in the analysis are well experienced.
  4. ICOR (Improvements, Challenges, Opportunities and Risks) analysis: This approach melds risk management practices with the SWOT analysis to focus on the risks and benefits associated with a process change. The ICOR chart, adapted from a SWOT template, puts in plain view not only the improvements expected, but also any challenges that will be faced, any opportunities to be realized elsewhere and any risks involved with the activity.
  5. Bow-Tie Analysis: The ‘Incident BowTie’ analysis method combines two analysis methods; BowTie risk analysis and Tripod incident analysis. The method brings the advantages of both worlds together. The information from the BowTie analysis can be used as input for the incident analysis, viewing it from a broader perspective and making sure all the possible scenarios are taken into account. The input from the Tripod incident analysis can be used to make the BowTie analysis more realistic and up to date, using real-life data. It creates an extra layer in the BowTie diagram, making it possible to add more specific information to the risk analysis.  The two methods have an important similarity in the analysis technique; the barriers. For both methods barriers are used to show what is done to prevent incidents or events (BowTie) or to show where the failures lie (Tripod). To build an ‘Incident BowTie’ diagram the items from both methods are connected on the level of the barriers, making it possible to collect information about those barriers from two viewpoints.
  6. Decision Tree Analysis: This is similar to Event Tree Analysis, but without providing a fully quantitative output. This is done by starting with the initial proposed decision and mapping the different pathways and outcomes as a result of events occurring from the initial decision. Once all pathways and outcomes have been established, and their respective probabilities evaluated, a course of action may be selected based on a combination of the most desirable outcomes, associated events and probability of success.
  7. Risk probability and impact assessment: This method consists of the investigation about the likelihood that each specific risk will occur and the potential effect on an organizational objective or goal such as cost, delivery, quality or performance (negative effects for threats and positive effects for opportunities), defining it in levels, through interview or meeting with relevant stakeholders and documenting the results.
  8. Probability & Consequence Matrix: Risk Matrices will often vary in size, but they all essentially do the same thing, and that is:Provide a practical means of ranking the overall severity of a risk by multiplying the likelihood of risk occurrence against the impact of the risk, should it still occur. Through ranking risk probability against risk consequence, one is able to not only determine the overall severity of the risk, but also determine the main driver of the risk severity, be it probability or consequence. This information is then useful in helping identify suitable mitigations to manage the risk, based on its prominent drivers.