Towards a Logical Framework for Reasoning about Risk