With apologies to Nicholas Taleb, there are no Black Swans (The Black Swan: The Impact of the Highly Improbable) in risk management.  Just to start the discussion on a level view - The theory of black swan events is a metaphor for a surprising extreme event relative to one’s knowledge/ beliefs, and can be of different types: a) unknown unknowns and b) unknown knowns (we do not have the knowledge but others do).  Some people add events that are judged to have a negligible likelihood of occurrence and thus are not believed to occur.

Many of the objections to implementing Risk Management and acting upon risk results hinge on the subjectivity of the risk assessment system. This subjectivity makes it difficult to make risk assessments justifiable, repeatable, and comparable over an entire project, program, or organization. One cannot easily justify assigning a 30% likelihood to a risk occurring when others with more, the same, or less experience are ascribing a 60% likelihood of occurrence to a similar risk. How to get all (or most) risk assessments,  regardless of type (software, hardware, integration, programmatic, external, etc.), justifiable, repeatable, and comparable has been one of the holy grails of Risk Management for years. The methodology outlined in this paper meets at least some of this requirement.

Lessons Discovered But Seldom Learned
Or
Why Am I Doing This If No One Listens?