This study addresses a critical gap in quantitative risk management: the absence of formal modeling for the epistemic justification and institutional commitments underlying risk claims, which hinders credible assessment of their trustworthiness. To remedy this, the paper introduces a modal epistemic logic framework that distinguishes objective risk propositions from their cognitive stances—such as warranted belief (\(Kp\)) and working commitments (\(Bp\))—and embeds them within a layered governance architecture. This architecture separates object-level risks from meta-level epistemic diagnostics, thereby avoiding logical collapse due to self-reference. By integrating classical and fuzzy modal semantics, the framework formally captures notions of assurance, commitment, possibility, hesitation, and epistemic inconsistency. It further establishes a diagnostic mechanism to detect scenarios where risks exist without corresponding cognitive stances, thereby enhancing the robustness and prudence of risk disclosure, auditing, and regulatory decision-making.

Risk governance is not only about identifying and measuring adverse states of the world. It also asks when an institution is entitled to rely on a risk claim. This paper introduces modal epistemic tools for that second layer of QRM. For a risk proposition $p$, $Kp$ denotes assurance-grade endorsement for certification, audit reliance, board sign-off, or regulatory reporting. By contrast, $Bp$ denotes working commitment: a disciplined action-guiding stance under incomplete assurance. The framework distinguishes object-level risk claims from stances toward them. It develops crisp and fuzzy modal semantics for assurance, working commitment, live possibility, non-exclusion, hesitation, and epistemic inconsistency. The central diagnostics are \[ p\wedge\neg Kp \qquad\text{and}\qquad p\wedge\neg Bp, \] which identify cases in which a risk is present but lacks the relevant stance. Thus QRM should model not only hazards and losses, but also evidential incompleteness, model risk, validation gaps, and failures of escalation. Two governance principles motivate the analysis. The Risk Management Principle says that if $p$ is a risk, then the absence of the relevant stance, $p\wedge\neg Mp$, is itself risk-relevant. The Risk Reach Principle says that real and decision-relevant risks should be reachable by the appropriate stance. Their unrestricted combination creates Moorean and Fitch-style collapse pressure: treating $p\wedge\neg Kp$ or $p\wedge\neg Bp$ as ordinary targets of the same stance whose absence they record undermines the diagnostic. The response is architectural. Object-level risk claims should be separated from meta-level epistemic diagnostics. The latter should be governed through an audit layer that records and controls epistemic gaps. This preserves action and precaution without collapsing risk governance into institutional omniscience.