Risk Management in the Swedish armed forces. A description of the model and acomparisonwithriskmangement models in civilian authorities


  • Thérése Palm

Publish date: 2008-12-16

Report number: FOI-R--2591--SE

Pages: 64

Written in: Swedish


  • risk management
  • risk analysis
  • risk evaluation
  • risk assessment
  • threat
  • threat assessment
  • vulnerability
  • vulnerability assessment
  • Swedish Armed forces
  • Defence Forces


In November 2005, two Swedish soldiers were killed in Afghanistan by an improvised explosive device that exploded under their vehicle. The Swedish Armed Forces´internal investigation of the incident showed that different threat and risk assessments had been made by various functions and levels in the organisation. The Supreme Commander decided that a common risk management approach was needed. In connection with the development of a rsk management model the Defence Director General requested a comparison between the new model and the models produced by other authorities. The purpose of this report is to provide information on the risk management model the Swedish Armed Forces (in cooperation with operational analysts from the Swedish Defence Research Agency) has developed, and also to describe some experiences from the development work. In addition, the aim is to provide a brief comparison of defferent models used by Swedish authorities, and to hold a general discussion of the great number of concepts in the area of risk management and the problems surrounding it. There are a variety of concepts in the field of risk management, and unfortunately they are used ambiguously. Many problems or difficulties in the risk management approach are due to different people using the same words for different things, or different words for the same thing. The Swedish Armed Forces´model is primarily focused on operations in theatre. In the model, basic values for risk management are first identified, and then assessments of threats and vulnerabilities are made. Based on these, a risk assessment is produced, and finally a decision to accept the risks or to mitigate the risks is taken. In the comparison between the Swedish Armed Forces´model and the other studied models, it can be seen that all authorities have a model that is suitable mainly for their own activities. Despite this, a majority of the models are structurally similar.The largest difference between the models is how detail-driven they are. The Swedish Armed Forces´model and the County Administrative Board´s models are very specific and detail-driven, while other authorities merely provide guidance on how risk analysis and risk management can be implemented. Another major difference between the models is whether a vulnerability assessment is carried out and where in the process that is done. In the SwedishArmed Forces´model the vulnerability assessments form the basis of the risk assessments, while in the Swedish Emergency Management Agency´s model, for example, the vulnerability assessment is carried out after the risk analysis is completed (that is, the risk analysis form the basis of the vulnerability assessment).