Most federal agencies are required to conduct benefit-cost analyses for their largest regulations. Benefit-cost analysis is intended to objectively inform decision makers about the myriad effects of a range of potential alternatives. For many regulations, benefit-cost analyses depend on health risk assessment. It is well established that a clear conceptual distinction must be established and maintained between (positive) risk assessment and (normative) risk management. Decision makers cannot ensure that regulatory choices conform with their intentions if they cannot discern where the science in an analysis ends and value judgments begin.
In practice, the distinction between risk assessment and risk management has become thoroughly blurred. This paper provides an introduction to how risk management choices are embedded in risk assessments, and how this leads to biased and misleading benefit-cost analyses. Restoring objectivity to health risk assessment is an essential prerequisite for objective regulatory benefit-cost analysis.
Since 1981, most federal agencies have been required to conduct regulatory impact analyses (RIAs) for their largest regulatory actions. These RIAs are submitted to the Office of Management and Budget (OMB) for review along with the draft regulation. They are intended to help inform agency heads and White House officials about the nature of the problem the regulation is supposed to solve and the costs and benefits of a range of options.
Beginning in 1990, OMB published several iterations of guidelines to agencies on how to prepare RIAs. Each one emphasized a fundamental point: RIAs must be objective portrayals of the social costs and social benefits of regulatory action. For health and environmental regulations, this requires the use of risk assessments, a set of methods devised to provide a systematic description of the human health consequences of exposure to physical, chemical, or microbiological hazards. Risk assessment is distinguished from risk management, the process of selecting among an array of regulatory and nonregulatory alternatives.
These are fundamentally different activities. Risk assessment is the science-based practice of ascertaining what is expected to happen under what circumstances. Risk management is the policy activity of deciding what, if anything, to do about it. It has long been a maxim in the field that a clear conceptual distinction between the assessment and management of risk should be established and maintained.
This distinction has not been maintained by federal regulators. Instead of a clear conceptual distinction, the line dividing risk assessment and risk manage- ment has become increasingly blurred. Agency policy officials are sometimes accused of interfering with science or trying to manipulate risk assessments to advance particular risk management goals. An equally or perhaps more common phenomenon, however, arises when risk assessments include within them implied risk management policy choices that science can inform but not determine. This paper provides an introduction to how risk management choices wind up in risk assessments where they do not belong and how this results in RIAs that distort estimates of regulatory benefits.