Order Code RL33500
OMB and Risk Assessment
Updated March 14, 2008
Curtis W. Copeland
Specialist in American National Government
Government and Finance Division
OMB and Risk Assessment
Summary
On January 9, 2006, the Office of Management and Budget (OMB) released a
proposed bulletin on risk assessment for comment by the public and peer review by
the National Academy of Sciences (NAS). Risk assessment is used by federal
agencies to determine whether a potential hazard exists and/or the extent of possible
risk to human health, safety, or the environment. In a regulatory context, risk
assessment helps agencies identify issues of potential concern (e.g., whether exposure
to a given risk agent causes effects such as cancer, reproductive and genetic
abnormalities, or ecosystem damage), select regulatory options, and estimate a
forthcoming regulation’s benefits.
The bulletin proposed to establish six general risk assessment and reporting
standards (e.g., that they summarize the scope of the assessment, provide a
qualitative and/or quantitative characterization of risk, be based on the best available
data, explain the basis for critical assumptions, and contain an executive summary).
It also proposed to establish a seventh general standard for assessments produced in
relation to analysis for a rule with annual economic effects of $1 billion or more (e.g.,
comparison of baseline risk to alternative mitigation measures) and nine special
standards for “influential” risk assessments that go beyond those general standards.
The bulletin was written in a prescriptive manner, but also appeared to give agencies
discretion in its implementation.
In January 2007, the NAS committee reported that the proposed bulletin was
“fundamentally flawed” and should be withdrawn by OMB. Instead, the committee
said that OMB should issue a bulletin that outlines goals and general principles of
risk assessments that federal agencies could use to develop their own guidance. On
September 19, 2007, OMB withdrew the proposed bulletin and instead issued a
memorandum reiterating and reinforcing principles for risk assessment that were
originally written in 1995, indicating that agencies should comply with the principles.
Reaction to these principles has been generally positive, although their impact will
likely depend on how they are implemented. No related legislation has been
introduced in the 110th Congress.
This report will be updated when other significant developments occur.
Contents
Background on Risk Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Data, Assumptions, and Context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
What OMB’s Proposed Bulletin Would Have Required . . . . . . . . . . . . . . . . 4
General Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Special Standards for Influential Risk Assessments . . . . . . . . . . . . . . . 5
Public Comments on the Proposed Bulletin . . . . . . . . . . . . . . . . . . . . . . . . . 6
NAS Review of the Bulletin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Issuance of NAS Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Updated Principles for Risk Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Concluding Observations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
OMB and Risk Assessment
On January 9, 2006, the Office of Management and Budget’s (OMB’s) Office
of Information and Regulatory Affairs (OIRA) released a proposed bulletin on risk
assessment for comment by the public and for peer review by the National Academy
of Sciences (NAS).1 Public comments on the bulletin were requested by June 15,
2006. The bulletin proposed to establish general risk assessment and reporting
standards, and to establish special standards for “influential” risk assessments. The
bulletin applied to all agencies covered by the Paperwork Reduction Act (i.e., cabinet
departments, independent agencies, and independent regulatory agencies). The legal
authorities cited for the bulletin include the Information Quality Act (IQA);2 the
Regulatory Right-to-Know Act,3 which directs OMB to “issue guidelines to agencies
to standardize ... measures of costs and benefits” of federal rules; and Executive
Order 12866,4 which says OIRA is the “repository of expertise concerning regulatory
issues,” and requires agencies to base their decisions on the “best reasonably
obtainable scientific, economic, or other information.” OMB said the risk assessment
bulletin builds on its IQA guidelines5 and its peer review bulletin,6 and is intended
to be a companion document to its guidance on regulatory impact analyses (OMB
Circular A-4).7
Although characterized as “guidance” in the document’s summary, the preamble
mentioned the “requirements” of the bulletin, and listed the standards with which
1 Office of Management and Budget, “Proposed Risk Assessment Bulletin,” Jan. 9, 2006,
a v a i l a b l e a t [ h t t p : / / w w w . w h i t e h o u s e . g o v / o m b / i n f o r e g /
proposed_risk_assessment_bulletin_010906.pdf].
2 The IQA, sometimes referred to as the Data Quality Act, was enacted in December 2000
as Section 515 of the Treasury and General Government Appropriations Act for Fiscal Year
2001 (P.L. 106-554).
3 Section 624 of the Treasury and General Government Appropriations Act, 2001, (31
U.S.C. 1105 note).
4 Executive Order 12866, “Regulatory Planning and Review,” 58 Federal Register 51735,
Oct. 4, 1993.
5 A copy of OMB’s IQA guidelines is available at [http://www.whitehouse.gov/omb/inforeg/
iqg_oct2002.pdf]. For more information , see CRS Report RL32532, The Information
Quality Act: OMB’s Guidance and Initial Implementation, by Curtis W. Copeland.
6 A copy of OMB’s peer review bulletin is available at [http://www.whitehouse.gov/omb/
memoranda/fy2005/m05-03.pdf]. For more information, see CRS Report RL32680, Peer
Review: OMB’s Proposed, Revised, and Final Bulletins, by Curtis W. Copeland and Eric
A. Fischer.
7 A copy of OMB Circular A-4 is available at [http://www.whitehouse.gov/omb/circulars/
a004/a-4.pdf].
CRS-2
“[e]ach agency shall” comply. However, OMB also said that the bulletin applied to
all agency risk assessments “to the extent appropriate.” Agency heads were
authorized to waive or defer some or all of the requirements in the bulletin “where
warranted by a compelling rationale.” Also, under the heading of “Judicial Review,”
OMB said that the bulletin was “intended to improve the internal management of the
Executive Branch,” and “does not create any right or benefit, substantive or
procedural, enforceable at law or equity, against the United States, its agencies or
other entities, its officers or employees, or any other person.”
Risk assessment was defined in the bulletin as a document that “assembles and
synthesizes scientific information to determine whether a potential hazard exists
and/or the extent of possible risk to human health, safety, or the environment.” In a
regulatory context, risk assessment helps agencies identify issues of potential concern
(e.g., whether exposure to a given risk agent causes effects such as cancer,
reproductive and genetic abnormalities, or ecosystem damage), select regulatory
options, and estimate a forthcoming regulation’s benefits. OMB said in the bulletin
that it “has a strong interest in the technical quality of agency risk assessments
because these assessments play an important role in the development of public
policies at the national, international, state and local levels.” OMB also said that
“there is general agreement that the risk assessment process can be improved, and
said the purpose of the bulletin is “to enhance the technical quality and objectivity
of risk assessments prepared by federal agencies by establishing uniform, minimum
standards.”
Background on Risk Assessment
Risk assessments, particularly quantitative assessments, date to the first half of
the 20th century, but their use was accelerated by the enactment of numerous health,
safety, and environmental statutes in the early 1970s. In 1983, NAS identified four
steps in the risk assessment process: (1) hazard identification (determining whether
a substance or situation could cause adverse effects), (2) dose-response assessment
(determining the relationship between the magnitude of the exposure to a hazard and
the probability and severity of adverse effects), (3) exposure assessment (identifying
the extent to which exposure actually occurs), and (4) risk characterization
(combining the above information into a conclusion about the nature and magnitude
of the risk).8 NAS pointed out that this four-step assessment process is separate and
distinct from the decision on where to set a regulatory standard (which is termed
“risk management”).
In 1990, Congress mandated that a commission be formed to “make a full
investigation of the policy implications and appropriate uses of risk assessment and
risk management in regulatory programs under various Federal laws to prevent
cancer and other chronic human health effects.” In its 1997 final report, the
Presidential/Congressional Commission on Risk Assessment and Risk Management
said that the assessments should be guided by an understanding of the issues of
8 National Research Council of the National Academy of Sciences, Risk Assessment in the
Federal Government: Managing the Process (Washington, DC: National Academy Press,
1983).
CRS-3
importance to risk management decisions and to the public’s understanding of what
is needed to protect public health and the environment.9 The commission also noted,
however, that risk-related controversy often “arises from what we don’t know and
from what risk assessments can’t tell us.”
Data, Assumptions, and Context. Key elements in any risk assessment are
the data used in determining the level of risk associated with any given substance or
situation. In many cases, though, the data needed to assess risk are lacking. For
example, in 1998, the Environmental Protection Agency (EPA) reported that of 3,000
high-production-volume chemicals (those imported or produced at volumes of 1
million pounds per year), a full set of toxicity data was available for only about 200
(7%) of the chemicals, and there was no publicly available data for about 43% of the
chemicals.10 Similar data gaps exist regarding the extent to which people are exposed
to chemicals. For example, in 2000, the General Accounting Office (GAO, now the
Government Accountability Office) reviewed federal and state efforts to collect
human exposure data on more than 1,400 naturally occurring and manmade
chemicals considered by the Department of Health and Human Services (HHS), EPA,
and other entities to pose a threat to human health. GAO reported that HHS and EPA
surveys measured exposure of the general population for only 6% of those
chemicals.11
Because of the lack of data, agencies must make assumptions as part of the risk
assessment process. Some critics of agencies’ practices believe those assumptions
are unjustifiably “precautionary” (i.e., designed to ensure that risks are not
underestimated) in the face of new scientific data and methods, thereby producing
estimates that overstate actual risks, and that those effects are compounded when
multiple precautionary assumptions are used.12 Others, though, believe that agencies
are often not precautionary enough, particularly when estimating the effects of
exposures to multiple chemicals, or to account for risks to particularly vulnerable
groups (e.g., children, the elderly, or the infirm).13
The legal context in which risk assessments are conducted plays an important
role in determining what type of assessment is performed and why certain approaches
are used. For example, different agencies (and often different offices within a single
9 Presidential/Congressional Commission on Risk Assessment and Risk Management,
Framework for Environmental Health Risk Management, Final Report, Vol. 1, 1997, p. 23.
10 U.S. Environmental Protection Agency, Chemical Hazard Data Availability Study: What
Do We Really Know About the Safety of High Production Volume Chemicals, April 1998.
11 U.S. General Accounting Office, Toxic Chemicals: Long-Term Coordinated Strategy
Needed to Measure Exposures in Humans, GAO/HEHS-00-80, May 2, 2000.
12 See, for example, John D. Graham, “The Perils of the Precautionary Principle: Lessons
from the American and European Experience,” speech before the Regulatory Forum,
Heritage Foundation, Oct. 20, 2003, available at [http://www.whitehouse.gov/omb/inforeg/
speeches/031020graham.pdf].
13 For a discussion of some of these assumptions, see U.S. General Accounting Office,
Chemical Risk Assessment: Selected Federal Agencies’ Procedures, Assumptions, and
Policies, GAO-01-810, Aug. 6, 2001.
CRS-4
agency) have different risk-related statutory mandates. Some statutes require
regulatory decisions to be based solely or primarily on risk. (For example, Section
109 of the Clean Air Act requires EPA to set national ambient air quality standards
that allow for an “ample margin of safety” to protect public health.) Other statutes
require technology-based standards (e.g., “best available technology”), and still
others require balancing the benefits of risk reduction against the costs incurred in
setting risk management goals. Some statutes also place the primary responsibility
for conducting risk assessments and compiling risk data for a particular chemical or
source of exposure with industry, states, or localities, not federal agencies. (For
example, industry petitioners have the primary responsibility to provide the data
needed to support registration and tolerances from EPA for their pesticides.) Still
other statutes specifically define what will be a hazard, tell the agency to take certain
methodological steps, or specify an exposure scenario. However, in many cases, the
statutes simply provide a general framework within which agencies make specific
assumptions and methodological choices.
What OMB’s Proposed Bulletin Would Have Required
OMB’s proposed risk assessment bulletin would have established general risk
assessment and reporting standards, as well as special standards for “influential” risk
assessments. The bulletin proposed to make OIRA, in consultation with the Office
of Science and Technology Policy, responsible for overseeing agency implementation
of its requirements.
General Standards. With regard to the general standards, the bulletin
established six risk assessment quality standards:
! that the assessments clearly state the informational needs that drive
them as well as their objectives;
! that they clearly summarize the scope of the assessment (including
identification of the agent, technology, or activity at issue; the hazard
of concern; the affected entities; and the event-consequence or dose-
response relationships for the relevant exposure ranges);
! that they provide a qualitative and, where possible, a quantitative
characterization of risk (including a range of plausible estimates for
quantitative measures);
! that they ensure objectivity by “neither minimizing nor exaggerating
the nature and magnitude of risk;14 using the best available data;
being based on the weight of the available scientific evidence; and
having a high degree of transparency regarding the data,
assumptions, and methods;
14 OMB said this standard would not apply to “screening-level” risk assessments in which
conservative, “worst case” assumptions and scenarios are used to determine whether any
hazard exists. In these assessments, agencies will proceed to a more comprehensive estimate
of risk only if evidence of harm is revealed.
CRS-5
! that they explain the basis of each critical assumption and those
assumptions that affect the assessment’s key findings, including an
evaluation (quantitative if possible) of the effects of plausible
alternative assumptions; and
! that they contain an executive summary that discloses the
assessment’s objectives and scope, key findings, and key scientific
limitations and uncertainties.
When a risk assessment is produced in relation to regulatory analysis for a rule
with annual economic effects (positive or negative) of $1 billion or more, the bulletin
proposed a seventh requirement — that there be a “formal quantitative analysis of the
relevant uncertainties about benefits and costs.” The bulletin highlighted several
“important aspects of risk assessments useful for regulatory analysis,” including (1)
identification of baseline risk; (2) comparison of baseline risk to alternative
mitigation measures, noting any “countervailing risks” caused by those alternatives;
(3) information on the timing of exposure and the onset of adverse effects, and the
time between control measures and the cessation of those effects; and (4) when risk
is measured quantitatively, the development of a range of plausible risk estimates,
including a central estimate (e.g., a weighted average based on relative plausibility).
Special Standards for Influential Risk Assessments. The proposed
bulletin defined an “influential risk assessment” as one that “the agency reasonably
can determine will have or does have a clear and substantial impact on important
public policies or private sector decisions.”15 OMB said that such assessments
include those that determine the level of risk regarding health, safety, or the
environment (e.g., risk assessments that support EPA’s National Ambient Air Quality
Standards, or economically significant rulemakings — e.g., those with a $100 million
impact on the economy). In addition to the general standards delineated above, the
proposed bulletin required all influential risk assessments to:
! be capable of being “substantially reproduced,” which is defined in
the narrative portion of the bulletin (referencing the IQA guidelines)
as meaning that “independent reanalysis of the original or supporting
data using the same methods would generate similar analytical
results”;16
! compare the results of the assessment to other results published on
the same topic from “qualified scientific organizations” (which is
undefined in the bulletin);
! highlight central estimates as well as high-end and low-end
estimates of risk when such estimates are uncertain;
15 This is essentially the same standard that the IQA guidelines say OMB is to use to
determine whether information is “influential,” and OMB’s peer review bulletin says that
agencies are to use to determine whether information is “influential scientific information.”
16 The narrative text goes on to say that “[p]ublic access to original data is necessary to
satisfy this standard.”
CRS-6
! characterize uncertainty with respect to the major findings of the
assessment (e.g., by conducting a sensitivity analysis and providing
a quantitative distribution of the uncertainty);
! portray results based on different effects observed and/or different
studies to convey how the choice of effect and/or study influences
the assessment;
! characterize (to the extent feasible) variability through a quantitative
distribution, reflecting different affected population(s), time scales,
geography, or other parameters relevant to the needs and objectives
of the assessment;
! where human health effects are a concern, determinations of which
effects are adverse shall be specifically identified and justified based
on the best available scientific information generally accepted in the
relevant clinical and toxicological communities;
! provide discussion (to the extent possible) of the “nature, difficulty,
feasibility, cost and time associated with undertaking research to a
report’s scientific limitations and uncertainties”; and
! consider all significant comments received on a draft risk assessment
report, and issue a “response to comment” document summarizing
the significant comments received and the agency’s responses.
Public Comments on the Proposed Bulletin
On June 22, 2006, OMB posted the comments that it had received regarding the
proposed bulletin on its website.17 Those comments varied significantly, with some
suggesting ways to make the document stronger and more inclusive, whereas others
suggested that OMB abandon the bulletin altogether.
For example, in its comments on the bulletin, the U.S. Chamber of Commerce
said it “welcomes and applauds this undertaking by OMB to improve the risk
assessments performed by federal government agencies and especially in requiring
a reliable characterization of the uncertainties that impact the quality and useful
information content of the assessments.”18 Although it offered several suggestions
for improvement, the Chamber generally concurred with the text of the bulletin and
encouraged its implementation. Perhaps most notably, the Chamber viewed the lack
of judicial review as a “significant weakness” that “begs the question of what
happens if agencies simply choose to ignore the directions given in the Bulletin.”
Other individuals and organizations, while also supporting the issuance of the
bulletin, urged OMB to go further. For example, the National Association of
17 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/list_rab2006.html].
18 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/congress.pdf].
CRS-7
Manufacturers said exceptions to the bulletin should be “very limited” (e.g., declared
public emergencies), and said the “reproducibility” standard for influential
assessments should be applied to all assessments.19 The National Federation of Small
Businesses questioned the exemption for individual permitting decisions (e.g., EPA
determinations regarding pesticide applications).20 Two Members of Congress
proposed deleting the phrase “to the extent appropriate” from the bulletin’s scope
because it suggested that compliance with its requirements was at the discretion of
the agencies.21
On the other hand, the Center for Progressive Reform (CPR) urged OMB to
“withdraw the Proposed Bulletin and abandon efforts to revise it.”22 CPR said any
effort to produce government-wide, “one-size-fits-all” risk assessment requirements
would only cause confusion and delay in the development of public and worker
protections. The organization also questioned why OMB should be issuing risk
assessment guidance at all, since it is staffed primarily with economists and budget
analysts, not scientists. In particular, CPR said certain terms in the bulletin are
confusing (e.g., “central” or “expected” risk), and also said that the bulletin requires
information that may not exist or would be costly to obtain and may lead to the
further “ossification” of the rulemaking process. Similarly, the Natural Resources
Defense Council (NRDC) expressed “grave misgivings” regarding the proposed
bulletin, and urged OMB to withdraw it.23 In particular, NRDC said issuance of the
document as a “bulletin” rather than as guidance and its use of directive terms (e.g.,
“shall”) suggest that the document is mandatory, and said the exclusion of risk
assessments prepared by private industry for licensing and registration requirements
“protects industry assessments from scrutiny.”
Other commenters raised additional issues. The American Bar Association
(ABA) said the proposed bulletin is generally consistent with a 1999 ABA
recommendation on risk assessment, but noted several areas for possible
improvement (e.g., clarifying the amount of flexibility agencies have to deviate from
the bulletin’s requirements).24 The ABA also suggested that OMB clearly describe
the problems that warrant the creation of a new risk assessment bulletin, and also
describe why OMB (and not the regulatory agencies) is best suited to resolve those
problems. Dr. Gilbert Omenn, who chaired the Presidential/Congressional
Commission on Risk Assessment and Risk Management in the 1990s, said the
proposed bulletin has “worthy intentions,” but also said it was “too broad” and
recommended a number of improvements (e.g., deletion of the “influential” risk
assessment category and its additional requirements). He also recommended greater
transparency in the OMB and agency review processes, and the correction of certain
“omissions” (e.g., an exclusion for research agencies).
19 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/nam.pdf].
20 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/nfib.pdf].
21 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/cec.pdf].
22 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/cpr.pdf].
23 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/nrdc.pdf].
24 See [http://www.whitehouse.gov/omb/inforeg/comments_rab/aba.pdf].
CRS-8
NAS Review of the Bulletin
On March 22, 2006, a committee of the Board on Environmental Issues and
Toxicology within the National Academies’ Division of Earth and Life Sciences
began its peer review of OMB’s proposed bulletin. According to the committee’s
website,25 its mission was to
determine whether the application of the proposed guidance will meet OMB’s
stated objective to “enhance the technical quality and objectivity of risk
assessments prepared by federal agencies.” In performing its task, the committee
will comment, in general terms, on how the guidance will affect the practice of
risk assessment in the federal government. The committee will identify critical
elements that might be missing from the guidance. The committee will also
determine whether OMB appropriately incorporated recommendations from
previous reports of the NRC [National Research Council] and other organizations
into the proposed risk assessment guidance. In addition, the committee will
assess whether there are scientific or technical circumstances that might limit
applicability of the guidance.
On May 22, 2006, the committee held a public meeting on OMB’s proposed risk
assessment bulletin. According to press accounts, the nine federal agency officials
who testified at the meeting voiced a variety of opinions about the bulletin.26 For
example, the Director of FDA’s Center for Drug Evaluation and Research reportedly
said that if the bulletin was made final in its then-current form, doctors and the public
might not receive timely warnings about potential health risks posed by drugs and
medical devices (e.g., warnings related to the use of the anti-inflammatory drug
Vioxx). To illustrate, the FDA director said that of 109 safety alerts that FDA issued
in 2005, 92 of them would have been considered risk assessments under the bulletin,
and therefore would have been delayed by the required analyses. He and two other
agency officials (from the National Institute of Environmental Health Sciences and
the National Institute for Occupational Safety and Health’s Risk Evaluation Branch)
reportedly said that the bulletin’s definition of risk assessment is so broad that many
types of federal analyses could be inappropriately covered by its requirements.
On the other hand, EPA’s science advisor was quoted as saying that the agency
was in “pretty good shape” in terms of meeting the requirements in the proposed
bulletin, but nevertheless suggested that the guidance be revised to explain how much
flexibility agencies have regarding its requirements (e.g., how agencies can get
waivers from the bulletin’s requirements).27 He and an official from the National
Aeronautics and Space Administration also said that some aspects of the bulletin
would conflict with their own agency-specific guidance documents on risk
assessment, and it was not clear how those conflicts should be resolved. A
representative from the Department of Defense reportedly supported the proposed
25 The website is at [http://www8.nationalacademies.org/cp/projectview.aspx?key=34282].
26 Pat Phibbs, “Definition of Risk Assessment Deemed Too Broad by Several Health Agency
Officials,” BNA Daily Report for Executives, May 23, 2006, p. A-15.
27 Ibid.
CRS-9
guidelines, noting that any increased cost would be justified by improvements in the
resulting risk assessments.
Issuance of NAS Report. On January 11, 2007, the NAS committee issued
its final report concluding that OMB’s proposed risk assessment guidance was
“fundamentally flawed” and should be withdrawn.28 The committee said that it “fully
supports the goal of increasing the quality and objectivity of risk assessment in the
federal government,” but also said that it “agrees unanimously that the OMB bulletin
would not facilitate reaching this goal.” Among other things, the committee said that
the proposed bulletin:
! used a definition of risk assessment that was too broad and “conflicts
with long-established concepts and practices”;
! used a definition of “adverse effect” that was too narrow, and
ignored a fundamental health goal of controlling exposures before
the impairment of an organism;
! gave little attention to sensitive populations, such as children and the
elderly;
! failed to explain the basis for exempting risk assessments associated
with licensing and approval processes; and
! ignored the continuum of risk assessment efforts by arbitrarily using
only two broad categories.
The report also criticized OMB for failing to identify the problem its guidance sought
to address, and said the proposed bulletin’s “most glaring omission” was the
“absence of criteria and information for gauging the benefits to be achieved by
implementing the bulletin (that is, a benefit-cost analysis).” In general, the NAS
committee said that risk assessment “is not a monolithic process.... Thus, one size
does not fit all, nor can one set of technical guidance make sense for the
heterogeneous risk assessments undertaken by federal agencies.”
Instead of finalizing the proposed bulletin, the NAS committee recommended
that OMB issue a bulletin that outlines goals and general principles of risk
assessments that would enhance the quality, efficiency, and consistency of such
studies. Federal agencies could then be required to develop their own risk
assessment guidance, which would be peer reviewed and contain procedures for
ensuring compliance. The committee said that the agencies or expert panels
appointed by the agencies should develop these detailed guidance documents,
28 National Academies of Science, Scientific Review of the Proposed Risk Assessment
Bulletin from the Office of Management and Budget, Jan. 11, 2007, as cited in Pat Phibbs-
Rizzuto, “Draft OMB Guidance ‘Fundamentally Flawed,’ National Academies Panel Says
in Report,” Daily Report for Executives, Jan. 12, 2007. As of January 16, 2007, the NAS
report was not available to the public, but a pre-publication executive summary was
available at [http://books.nap.edu/openbook.php?record_id=11811&page=11].
CRS-10
because therein “lies the depth of expertise to address the issues relevant to their
specific types of risk assessments.”
In response to the NAS committee report, OMB reportedly said that it would not
issue the proposed bulletin in final form, and was considering what further steps to
take. Possible future actions reportedly include the development of a new proposed
bulletin (similar to how OMB responded to adverse comments on its peer review
bulletin), the issuance of a new final bulletin, or some other action.
Updated Principles for Risk Assessment
On September 19, 2007, Susan E. Dudley, Administrator of OIRA, and Sharon
L. Hays, Associate Director and Deputy Director for Science in the Office of Science
and Technology Policy, jointly issued a memorandum for the heads of executive
departments and agencies entitled “Updated Principles for Risk Analysis.”29 The
memorandum indicated that the proposed risk assessment bulletin would not be
issued in final form. Instead, the memorandum reinforced general principles for risk
analysis that were issued in 1995,30 reiterating the text of the principles and
referencing more recent guidance where appropriate. For example, the memorandum
noted that the 1996 amendments to the Safe Drinking Water Act (SDWA) had
established certain standards for risk assessments and risk characterizations pursuant
to the act, and that agencies had adopted or adapted these standards as part of their
Information Quality Act guidelines. It also referenced requirements in OMB Circular
A-4 regarding accepted practices for regulatory analysis, and a 2007 OMB bulletin
on good guidance practices.31
Reaction to the risk memorandum has been generally positive. Sally Katzen of
the George Mason University School of Law, who was OIRA Administrator during
the Clinton Administration and who issued the 1995 principles, said the
memorandum was “responsive to the NAS critique.”32 Similarly, Rena Steinzor of
the University of Maryland School of Law and the Center for Progressive Regulation
said the memorandum indicated that OMB had “backed down” from its earlier
position and was “not anything close” to what OMB had set out to do.33
Representatives from the National Association of Manufacturers and the American
Chemistry Council were generally supportive of the memorandum. A representative
from OMB Watch, however, expressed concern that the memorandum is an attempt
to “bootstrap more recent OMB policies onto the 1995 principles.” Jim Tozzi, a
29 To view a copy of this memorandum, see [http://www.whitehouse.gov/omb/memoranda/
fy2007/m07-24.pdf].
30 To view a copy of these principles, see [http://www.whitehouse.gov/omb/inforeg/regpol/
jan1995_risk_analysis_principles.pdf].
31 U.S. Office of Management and Budget, “Final Bulletin for Agency Good Guidance
Practices,” 72 Federal Register 3432, Jan. 25, 2007, available at
[http://www.whitehouse.gov/omb/fedreg/2007/012507_good_guidance.pdf].
32 Ralph Lindeman, “Mild Response Greets New OMB Memo To Reinforce Risk
Assessments Principles,” BNA Daily Report for Executives, Sept. 28, 2007, p. A-42.
33 Ibid.
CRS-11
former OIRA official who currently heads the Center for Regulatory Effectiveness,
said it was significant that OMB indicated that it would enforce the aspirational goals
in the 1995 policy statement.34
Concluding Observations
The NAS committee’s conclusion in its January 2007 report that OMB’s
proposed risk assessment bulletin was “fundamentally flawed” appears to have had
a major effect on the principles of risk assessment that OMB issued in September
2007. As some observers have noted, however, much depends on how aggressively
OMB chooses to implement those principles. General statements that agencies
should use the “best reasonably obtainable scientific information to assess risks,” and
that those analyses should be based on the “best available scientific methodologies,
information, data, and weight of the available scientific evidence” can be broadly
interpreted and benign, or can be used to stop agency rulemaking.
The NAS committee also pointed out that OMB had not clearly established a
need for government-wide requirements, and had not included any information on
the expected costs and benefits of their implementation. To establish need, the NAS
committee implicitly suggested the establishment of a baseline of each agency’s risk
assessment proficiency, “including the extent to which generally satisfactory and
high-quality risk assessments are produced or how some agencies fall short of the
specified standards.” To date, OMB has not developed such a baseline or established
what “problem” in agencies’ risk assessments the new policy statement is intended
to correct. No related legislation has been introduced in the 110th Congress.
34 Ibid.