...that being said, there's always been one element that has bothered me: Probability. It seems to me that a single number (e.g. 1-5) is lacking... perhaps there is a better way?

Take a simplified example: A window.

- (E) Event: Window is impacted.
- (HS) Hazardous Situation: Window shatters into sharp shards.
- (H) Harm: Cuts
- (S) Worst-Case Severity: An artery is cut.

It seems like a more refined probability structure would be prudent if we wanted to effectively evaluate this risk. Namely:

- What is the probability of the event?
- What is the probability that, given the event, it results in a hazardous situation?
- What is the probability that, given the hazardous situation, it results in harm?
- What is the probability that, given harm, it is the worst-case harm?

This would certainly complicate the risk-management process, but it'd provide a better understanding of probability break-down...

Thoughts? I'd be curious how others would assign a probability value in this example...