Order Code RL33500
CRS Report for Congress
Received through the CRS Web
OMB’s Proposed Bulletin on Risk Assessment
June 29, 2006
Curtis W. Copeland
Specialist in American National Government
Government and Finance Division
Congressional Research Service ˜ The Library of Congress
OMB’s Proposed Bulletin on Risk Assessment
Summary
On January 9, 2006, the Office of Management and Budget (OMB) released a
proposed bulletin on risk assessment for comment by the public and peer review by
the National Academy of Sciences (NAS). Risk assessment is used by federal
agencies to determine whether a potential hazard exists and/or the extent of possible
risk to human health, safety, or the environment. In a regulatory context, risk
assessment helps agencies identify issues of potential concern (e.g., whether exposure
to a given risk agent causes effects such as cancer, reproductive and genetic
abnormalities, or ecosystem damage), select regulatory options, and estimate a
forthcoming regulation’s benefits.
OMB said one of the legal bases of the proposed bulletin is the Information
Quality Act (IQA). The bulletin would, if made final, establish six general risk
assessment and reporting standards (e.g., that they summarize the scope of the
assessment, provide a qualitative and/or quantitative characterization of risk, be
based on the best available data, explain the basis for critical assumptions, and
contain an executive summary). It would also establish a seventh general standard
for assessments produced in relation to analysis for a rule with annual economic
effects of $1 billion or more (e.g., comparison of baseline risk to alternative
mitigation measures) and nine special standards for “influential” risk assessments
that go beyond those general standards. The bulletin is written in a prescriptive
manner (e.g., stating “requirements” and that agencies “shall” take certain actions),
but also appears to give agencies discretion in its implementation (e.g., stating that
its requirements apply “to the extent appropriate”).
The NAS committee reviewing the bulletin held its first hearing in May 2006,
and OMB published the comments it received from the public in June 2006.
Reactions to the bulletin have been mixed. Some agency officials indicated that the
scope of the bulletin is too broad and could delay the issuance of health warnings, but
other agencies generally supported its development and implementation. Comments
from business groups also generally supported the bulletin, but also suggested ways
to make it stronger, less discretionary, and more inclusive. Public interest groups, on
the other hand, said the bulletin mandates “one-size-fits-all” requirements, and
recommended that OMB withdraw the bulletin.
Because the proposed bulletin appears to give agencies and OMB significant
discretion in its implementation, and because it is unclear whether OMB will (in the
current or future administrations) treat its provisions as advisory or mandatory, the
ultimate effect of the guidance on agencies’ risk assessments and related regulatory
actions is unclear. Although currently not subject to judicial review, efforts to make
the IQA subject to judicial review may have an effect on the risk assessment bulletin.
This report will be updated when the NAS committee issues its findings or if
other significant developments occur.
Contents
Background on Risk Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Data, Assumptions, and Context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
What OMB’s Proposed Bulletin Would Require . . . . . . . . . . . . . . . . . . . . . . 4
General Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Special Standards for Influential Risk Assessments . . . . . . . . . . . . . . . 5
NAS Review of the Bulletin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Public Comments on the Proposed Bulletin . . . . . . . . . . . . . . . . . . . . . . . . . 7
Concluding Observations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
OMB’s Proposed Bulletin on Risk
Assessment
On January 9, 2006, the Office of Management and Budget’s (OMB’s) Office
of Information and Regulatory Affairs (OIRA) released a proposed bulletin on risk
assessment for comment by the public and for peer review by the National Academy
of Sciences (NAS).1 Public comments on the bulletin were requested by June 15,
2006. If made final, the proposed bulletin would establish general risk assessment
and reporting standards, and establish special standards for “influential” risk
assessments. The bulletin would apply to all agencies covered by the Paperwork
Reduction Act (i.e., cabinet departments, independent agencies, and independent
regulatory agencies). The legal authorities cited for the bulletin include the
Information Quality Act (IQA);2 the Regulatory Right-to-Know Act,3 which directs
OMB to “issue guidelines to agencies to standardize ... measures of costs and
benefits” of federal rules; and Executive Order 12866,4 which says OIRA is the
“repository of expertise concerning regulatory issues,” and requires agencies to base
their decisions on the “best reasonably obtainable scientific, economic, or other
information.” OMB said the risk assessment bulletin builds on its IQA guidelines5
and its peer review bulletin,6 and is intended to be a companion document to its
guidance on regulatory impact analyses (OMB Circular A-4).7
1 Office of Management and Budget, “Proposed Risk Assessment Bulletin,” Jan. 9, 2006,
a v a i l a b l e a t [ h t t p : / / w w w . w h i t e h o u s e . g o v / o m b / i n f o r e g /
proposed_risk_assessment_bulletin_010906.pdf].
2 The IQA, sometimes referred to as the Data Quality Act, was enacted in December 2000
as Section 515 of the Treasury and General Government Appropriations Act for Fiscal Year
2001 (P.L. 106-554).
3 Section 624 of the Treasury and General Government Appropriations Act, 2001, (31
U.S.C. 1105 note).
4 Executive Order 12866, “Regulatory Planning and Review,” 58 Federal Register 51735,
Oct. 4, 1993.
5 A copy of OMB’s IQA guidelines is available at [http://www.whitehouse.gov/omb/inforeg/
iqg_oct2002.pdf]. For more information , see CRS Report RL32532, The Information
Quality Act: OMB’s Guidance and Initial Implementation, by Curtis W. Copeland and
Michael Simpson.
6 A copy of OMB’s peer review bulletin is available at [http://www.whitehouse.gov/omb/
memoranda/fy2005/m05-03.pdf]. For more information, see CRS Report RL32680, Peer
Review: OMB’s Proposed, Revised, and Final Bulletins, by Curtis W. Copeland and Eric
A. Fischer.
7 A copy of OMB Circular A-4 is available at [http://www.whitehouse.gov/omb/circulars/
a004/a-4.pdf].
CRS-2
Although characterized as “guidance” in the document’s summary, the preamble
mentions the “requirements” of the bulletin, and lists the standards with which
“[e]ach agency shall” comply. However, OMB also says that the bulletin applies to
all agency risk assessments “to the extent appropriate.” Agency heads are authorized
to waive or defer some or all of the requirements in the bulletin “where warranted by
a compelling rationale.” Also, under the heading of “Judicial Review,” OMB said
that the bulletin is “intended to improve the internal management of the Executive
Branch,” and “does not create any right or benefit, substantive or procedural,
enforceable at law or equity, against the United States, its agencies or other entities,
its officers or employees, or any other person.”
Risk assessment is defined in the bulletin as a document that “assembles and
synthesizes scientific information to determine whether a potential hazard exists
and/or the extent of possible risk to human health, safety, or the environment.” In a
regulatory context, risk assessment helps agencies identify issues of potential concern
(e.g., whether exposure to a given risk agent causes effects such as cancer,
reproductive and genetic abnormalities, or ecosystem damage), select regulatory
options, and estimate a forthcoming regulation’s benefits. OMB said in the bulletin
that it “has a strong interest in the technical quality of agency risk assessments
because these assessments play an important role in the development of public
policies at the national, international, state and local levels.” OMB also said that
“there is general agreement that the risk assessment process can be improved, and
said the purpose of the bulletin is “to enhance the technical quality and objectivity
of risk assessments prepared by federal agencies by establishing uniform, minimum
standards.”
Background on Risk Assessment
Risk assessments, particularly quantitative assessments, date to the first half of
the 20th century, but their use was accelerated by the enactment of numerous health,
safety, and environmental statutes in the early 1970s. In 1983, NAS identified four
steps in the risk assessment process: (1) hazard identification (determining whether
a substance or situation could cause adverse effects), (2) dose-response assessment
(determining the relationship between the magnitude of the exposure to a hazard and
the probability and severity of adverse effects), (3) exposure assessment (identifying
the extent to which exposure actually occurs), and (4) risk characterization
(combining the above information into a conclusion about the nature and magnitude
of the risk).8 NAS pointed out that this four-step assessment process is separate and
distinct from the decision on where to set a regulatory standard (which is termed
“risk management”).
In 1990, Congress mandated that a commission be formed to “make a full
investigation of the policy implications and appropriate uses of risk assessment and
risk management in regulatory programs under various Federal laws to prevent
cancer and other chronic human health effects.” In its 1997 final report, the
8 National Research Council of the National Academy of Sciences, Risk Assessment in the
Federal Government: Managing the Process (Washington, DC: National Academy Press,
1983).
CRS-3
Presidential/Congressional Commission on Risk Assessment and Risk Management
said that the assessments should be guided by an understanding of the issues of
importance to risk management decisions and to the public’s understanding of what
is needed to protect public health and the environment.9 The commission also noted,
however, that risk-related controversy often “arises from what we don’t know and
from what risk assessments can’t tell us.”
Data, Assumptions, and Context. Key elements in any risk assessment are
the data used in determining the level of risk associated with any given substance or
situation. In many cases, though, the data needed to assess risk are lacking. For
example, in 1998, the Environmental Protection Agency (EPA) reported that of 3,000
high-production-volume chemicals (those imported or produced at volumes of 1
million pounds per year), a full set of toxicity data was available for only about 200
(7%) of the chemicals, and there was no publicly available data for about 43% of the
chemicals.10 Similar data gaps exist regarding the extent to which people are exposed
to chemicals. For example, in 2000, the General Accounting Office (GAO, now the
Government Accountability Office) reviewed federal and state efforts to collect
human exposure data on more than 1,400 naturally occurring and manmade
chemicals considered by the Department of Health and Human Services (HHS), EPA,
and other entities to pose a threat to human health. GAO reported that HHS and EPA
surveys measured exposure of the general population for only 6% of those
chemicals.11
Because of the lack of data, agencies must make assumptions as part of the risk
assessment process. Some critics of agencies’ practices believe those assumptions
are unjustifiably “precautionary” (i.e., designed to ensure that risks are not
underestimated) in the face of new scientific data and methods, thereby producing
estimates that overstate actual risks, and that those effects are compounded when
multiple precautionary assumptions are used.12 Others, though, believe that agencies
are often not precautionary enough, particularly when estimating the effects of
exposures to multiple chemicals, or to account for risks to particularly vulnerable
groups (e.g., children, the elderly, or the infirm).13
9 Presidential/Congressional Commission on Risk Assessment and Risk Management,
Framework for Environmental Health Risk Management, Final Report, Vol. 1, 1997, p. 23.
10 U.S. Environmental Protection Agency, Chemical Hazard Data Availability Study: What
Do We Really Know About the Safety of High Production Volume Chemicals, April 1998.
11 U.S. General Accounting Office, Toxic Chemicals: Long-Term Coordinated Strategy
Needed to Measure Exposures in Humans, GAO/HEHS-00-80, May 2, 2000.
12 See, for example, John D. Graham, “The Perils of the Precautionary Principle: Lessons
from the American and European Experience,” speech before the Regulatory Forum,
Heritage Foundation, Oct. 20, 2003, available at [http://www.whitehouse.gov/omb/inforeg/
speeches/031020graham.pdf].
13 For a discussion of some of these assumptions, see U.S. General Accounting Office,
Chemical Risk Assessment: Selected Federal Agencies’ Procedures, Assumptions, and
Policies, GAO-01-810, Aug. 6, 2001.
CRS-4
The legal context in which risk assessments are conducted plays an important
role in determining what type of assessment is performed and why certain approaches
are used. For example, different agencies (and often different offices within a single
agency) have different risk-related statutory mandates. Some statutes require
regulatory decisions to be based solely or primarily on risk. (For example, Section
109 of the Clean Air Act requires EPA to set national ambient air quality standards
that allow for an “ample margin of safety” to protect public health.) Other statutes
require technology-based standards (e.g., “best available technology”), and still
others require balancing the benefits of risk reduction against the costs incurred in
setting risk management goals. Some statutes also place the primary responsibility
for conducting risk assessments and compiling risk data for a particular chemical or
source of exposure with industry, states, or localities, not federal agencies. (For
example, industry petitioners have the primary responsibility to provide the data
needed to support registration and tolerances from EPA for their pesticides.) Still
other statutes specifically define what will be a hazard, tell the agency to take certain
methodological steps, or specify an exposure scenario. However, in many cases, the
statutes simply provide a general framework within which agencies make specific
assumptions and methodological choices.
What OMB’s Proposed Bulletin Would Require
OMB’s proposed risk assessment bulletin would establish general risk
assessment and reporting standards, as well as special standards for “influential” risk
assessments. The bulletin makes OIRA, in consultation with the Office of Science
and Technology Policy, responsible for overseeing agency implementation of its
requirements.
General Standards. With regard to the general standards, the bulletin
establishes six risk assessment quality standards:
! that the assessments clearly state the informational needs that drive
them as well as their objectives;
! that they clearly summarize the scope of the assessment (including
identification of the agent, technology, or activity at issue; the hazard
of concern; the affected entities; and the event-consequence or dose-
response relationships for the relevant exposure ranges);
! that they provide a qualitative and, where possible, a quantitative
characterization of risk (including a range of plausible estimates for
quantitative measures);
! that they ensure objectivity by “neither minimizing nor exaggerating
the nature and magnitude of risk;14 using the best available data;
14 OMB said this standard would not apply to “screening-level” risk assessments in which
conservative, “worst case” assumptions and scenarios are used to determine whether any
hazard exists. In these assessments, agencies will proceed to a more comprehensive estimate
(continued...)
CRS-5
being based on the weight of the available scientific evidence; and
having a high degree of transparency regarding the data,
assumptions, and methods;
! that they explain the basis of each critical assumption and those
assumptions that affect the assessment’s key findings, including an
evaluation (quantitative if possible) of the effects of plausible
alternative assumptions; and
! that they contain an executive summary that discloses the
assessment’s objectives and scope, key findings, and key scientific
limitations and uncertainties.
When a risk assessment is produced in relation to regulatory analysis for a rule
with annual economic effects (positive or negative) of $1 billion or more, the bulletin
establishes a seventh requirement — that there be a “formal quantitative analysis of
the relevant uncertainties about benefits and costs.” The bulletin highlights several
“important aspects of risk assessments useful for regulatory analysis,” including (1)
identification of baseline risk; (2) comparison of baseline risk to alternative
mitigation measures, noting any “countervailing risks” caused by those alternatives;
(3) information on the timing of exposure and the onset of adverse effects, and the
time between control measures and the cessation of those effects; and (4) when risk
is measured quantitatively, the development of a range of plausible risk estimates,
including a central estimate (e.g., a weighted average based on relative plausibility).
Special Standards for Influential Risk Assessments. The proposed
bulletin defines an “influential risk assessment” as one that “the agency reasonably
can determine will have or does have a clear and substantial impact on important
public policies or private sector decisions.”15 OMB said that such assessments
include those that determine the level of risk regarding health, safety, or the
environment (e.g., risk assessments that support EPA’s National Ambient Air Quality
Standards, or economically significant rulemakings — e.g., those with a $100 million
impact on the economy). In addition to the general standards delineated above, the
proposed bulletin requires all influential risk assessments to:
! be capable of being “substantially reproduced,” which is defined in
the narrative portion of the bulletin (referencing the IQA guidelines)
as meaning that “independent reanalysis of the original or supporting
data using the same methods would generate similar analytical
results”;16
14 (...continued)
of risk only if evidence of harm is revealed.
15 This is essentially the same standard that the IQA guidelines say OMB is to use to
determine whether information is “influential,” and OMB’s peer review bulletin says that
agencies are to use to determine whether information is “influential scientific information.”
16 The narrative text goes on to say that “[p]ublic access to original data is necessary to
satisfy this standard.”
CRS-6
! compare the results of the assessment to other results published on
the same topic from “qualified scientific organizations” (which is
undefined in the bulletin);
! highlight central estimates as well as high-end and low-end
estimates of risk when such estimates are uncertain;
! characterize uncertainty with respect to the major findings of the
assessment (e.g., by conducting a sensitivity analysis and providing
a quantitative distribution of the uncertainty);
! portray results based on different effects observed and/or different
studies to convey how the choice of effect and/or study influences
the assessment;
! characterize (to the extent feasible) variability through a quantitative
distribution, reflecting different affected population(s), time scales,
geography, or other parameters relevant to the needs and objectives
of the assessment;
! where human health effects are a concern, determinations of which
effects are adverse shall be specifically identified and justified based
on the best available scientific information generally accepted in the
relevant clinical and toxicological communities;
! provide discussion (to the extent possible) of the “nature, difficulty,
feasibility, cost and time associated with undertaking research to a
report’s scientific limitations and uncertainties”; and
! consider all significant comments received on a draft risk assessment
report, and issue a “response to comment” document summarizing
the significant comments received and the agency’s responses.
NAS Review of the Bulletin
On March 22, 2006, a committee of the Board on Environmental Issues and
Toxicology within the National Academies’ Division of Earth and Life Sciences
began what is expected to be an 11-month peer review of OMB’s proposed bulletin.
According to the committee’s website,17 it will
determine whether the application of the proposed guidance will meet OMB’s
stated objective to “enhance the technical quality and objectivity of risk
assessments prepared by federal agencies.” In performing its task, the committee
will comment, in general terms, on how the guidance will affect the practice of
risk assessment in the federal government. The committee will identify critical
elements that might be missing from the guidance. The committee will also
determine whether OMB appropriately incorporated recommendations from
previous reports of the NRC [National Research Council] and other organizations
17 The website is at [http://www8.nationalacademies.org/cp/projectview.aspx?key=34282].
CRS-7
into the proposed risk assessment guidance. In addition, the committee will
assess whether there are scientific or technical circumstances that might limit
applicability of the guidance.
On May 22, 2006, the committee held a public meeting on OMB’s proposed risk
assessment bulletin. According to press accounts, the nine federal agency officials
who testified at the meeting voiced a variety of opinions about the bulletin.18 For
example, the Director of FDA’s Center for Drug Evaluation and Research reportedly
said that if the bulletin was made final in its current form, doctors and the public
might not receive timely warnings about potential health risks posed by drugs and
medical devices (e.g., warnings related to the use of the anti-inflammatory drug
Vioxx). To illustrate, the FDA director said that of 109 safety alerts that FDA issued
in 2005, 92 of them would have been considered risk assessments under the bulletin,
and therefore would have been delayed by the required analyses. He and two other
agency officials (from the National Institute of Environmental Health Sciences and
the National Institute for Occupational Safety and Health’s Risk Evaluation Branch)
reportedly said that the bulletin’s definition of risk assessment is so broad that many
types of federal analyses could be inappropriately covered by its requirements.
On the other hand, EPA’s science advisor was quoted as saying that the agency
was in “pretty good shape” in terms of meeting the requirements in the proposed
bulletin, but nevertheless suggested that the guidance be revised to explain how much
flexibility agencies have regarding its requirements (e.g., how agencies can get
waivers from the bulletin’s requirements).19 He and an official from the National
Aeronautics and Space Administration also said that some aspects of the bulletin
would conflict with their own agency-specific guidance documents on risk
assessment, and it was not clear how those conflicts should be resolved. A
representative from the Department of Defense reportedly supported the proposed
guidelines, noting that any increased cost would be justified by improvements in the
resulting risk assessments.
Public Comments on the Proposed Bulletin
On June 22, 2006, OMB posted the comments that it had received regarding the
proposed bulletin on its website.20 Those comments varied significantly, with some
suggesting ways to make the document stronger and more inclusive, whereas others
suggested that OMB abandon the bulletin altogether.
For example, in its comments on the bulletin, the U.S. Chamber of Commerce
said it “welcomes and applauds this undertaking by OMB to improve the risk
assessments performed by federal government agencies and especially in requiring
a reliable characterization of the uncertainties that impact the quality and useful
18 Pat Phibbs, “Definition of Risk Assessment Deemed Too Broad by Several Health Agency
Officials,” BNA Daily Report for Executives, May 23, 2006, p. A-15.
19 Ibid.
20 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/list_rab2006.html].
CRS-8
information content of the assessments.”21 Although it offered several suggestions
for improvement, the Chamber generally concurred with the text of the bulletin and
encouraged its implementation. Perhaps most notably, the Chamber viewed the lack
of judicial review as a “significant weakness” that “begs the question of what
happens if agencies simply choose to ignore the directions given in the Bulletin.”
Other individuals and organizations, while also supporting the issuance of the
bulletin, urged OMB to go further. For example, the National Association of
Manufacturers said exceptions to the bulletin should be “very limited” (e.g., declared
public emergencies), and said the “reproducibility” standard for influential
assessments should be applied to all assessments.22 The National Federation of Small
Businesses questioned the exemption for individual permitting decisions (e.g., EPA
determinations regarding pesticide applications).23 Two Members of Congress
proposed deleting the phrase “to the extent appropriate” from the bulletin’s scope
because it suggested that compliance with its requirements was at the discretion of
the agencies.24
On the other hand, the Center for Progressive Reform (CPR) urged OMB to
“withdraw the Proposed Bulletin and abandon efforts to revise it.”25 CPR said any
effort to produce government-wide, “one-size-fits-all” risk assessment requirements
would only cause confusion and delay in the development of public and worker
protections. The organization also questioned why OMB should be issuing risk
assessment guidance at all, since it is staffed primarily with economists and budget
analysts, not scientists. In particular, CPR said certain terms in the bulletin are
confusing (e.g., “central” or “expected” risk), and also said that the bulletin requires
information that may not exist or would be costly to obtain and may lead to the
further “ossification” of the rulemaking process. Similarly, the Natural Resources
Defense Council (NRDC) expressed “grave misgivings” regarding the proposed
bulletin, and urged OMB to withdraw it.26 In particular, NRDC said issuance of the
document as a “bulletin” rather than as guidance and its use of directive terms (e.g.,
“shall”) suggest that the document is mandatory, and said the exclusion of risk
assessments prepared by private industry for licensing and registration requirements
“protects industry assessments from scrutiny.”
Other commenters raised additional issues. The American Bar Association
(ABA) said the proposed bulletin is generally consistent with a 1999 ABA
recommendation on risk assessment, but noted several areas for possible
improvement (e.g., clarifying the amount of flexibility agencies have to deviate from
21 See [http://www.uschamber.com/issues/comments/060518_ombriskassessment.htm].
22 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/nam.pdf].
23 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/nfib.pdf].
24 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/cec.pdf].
25 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/cpr.pdf].
26 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/nrdc.pdf].
CRS-9
the bulletin’s requirements).27 The ABA also suggested that OMB clearly describe
the problems that warrant the creation of a new risk assessment bulletin, and also
describe why OMB (and not the regulatory agencies) is best suited to resolve those
problems. Dr. Gilbert Omenn, who chaired the Presidential/Congressional
Commission on Risk Assessment and Risk Management in the 1990s, said the
proposed bulletin has “worthy intentions,” but also said it was “too broad” and
recommended a number of improvements (e.g., deletion of the “influential” risk
assessment category and its additional requirements). He also recommended greater
transparency in the OMB and agency review processes, and the correction of certain
“omissions” (e.g., an exclusion for research agencies).
Concluding Observations
The NAS committee reviewing OMB’s proposed risk assessment bulletin is
scheduled to meet again in July 2006, but those meetings are closed to the public.
The committee is scheduled to complete its work in February 2007. OMB officials
have indicated that if the first round of comments on its bulletin lead to substantive
changes in the document, it may publish it for a second round of comments (just as
it did for its bulletin on peer review).
As many of the commenters indicated, the proposed bulletin gives agencies (and
OMB) a substantial amount of discretion in how its provisions will be implemented.
Therefore, how OMB interprets those provisions and implements the bulletin will
determine, to a large extent, whether it will have a significant effect on agency
decision making and regulations. For example, it is unclear the extent to which
agencies will be allowed to waive or defer the bulletin’s requirements when they
believe it is “warranted by a compelling rationale.” Similarly, it is unclear whether
OMB will allow agencies to decide when a risk assessment is “influential” (thereby
triggering additional standards in the bulletin) and, more generally, whether OMB
will treat the bulletin’s provisions as “guidance” or as “requirements.”
Another factor that may determine the ultimate impact of the bulletin is whether
its provisions are subject to judicial review. Currently, the bulletin says that it “does
not create any right or benefit, substantive or procedural, enforceable at law or
equity.” Also, neither the IQA nor Executive Order 12866 — legal authorities on
which the bulletin is based — currently provide for judicial review. Because the risk
assessment bulletin is so closely related to the IQA, any efforts in Congress to make
the IQA judicially reviewable may ultimately affect the risk assessment bulletin as
well.28 If the guidelines become enforceable by the courts, affected parties outside
of the federal government (e.g., business and public interest groups) will likely use
them to oversee and affect agencies’ risk assessments — OMB’s actions
notwithstanding.
27 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/aba.pdf].
28 Pat Phibbs, “Congress Should Make Information Act ‘Judicially Reviewable,’ Chamber
Suggests,” BNA Daily Report for Executives, May 10, 2006, p. A-22. For a discussion of
the IQA and judicial review, see CRS Report RL32532, The Information Quality Act:
OMB’s Guidance and Initial Implementation, by Curtis W. Copeland and Michael Simpson.