Pipeline engineers routinely perform risk assessments using a linear approach that begins with data collection, progresses through threat identification, and concludes with risk assessment. This linear risk assessment process leads to some inefficiencies. For example, since all data is gathered in the first step, inconsequential data might be collected during the data gathering process that diverts resources from other pipelines. This paper presents a different approach, where data is gathered iteratively based on its risk reduction value derived from a sensitivity analysis and data collection cost. Each time data is gathered; future risk predictions become more certain. This process is stopped when the cost of data gathering activities outweighs the benefit to risk predictions.