Upload
saospie
View
227
Download
0
Embed Size (px)
Citation preview
7/27/2019 Risk Analysis types
1/41
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 1 / 41
Risk Analysis
An Introduction
Marvin Rausand
Department of Production and Quality EngineeringNorwegian University of Science and Technology
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
2/41
IntroductionWhat is ..?
Brief history
Cons. spectr.
Accident categ.
Standards
ProcedureAcceptable risk
ALARP principle
Assessment
Main Steps
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 2 / 41
Introduction
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
3/41
What is risk analysis?
IntroductionWhat is ..?
Brief history
Cons. spectr.
Accident categ.
Standards
ProcedureAcceptable risk
ALARP principle
Assessment
Main Steps
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 3 / 41
A risk analysis is:
u Systematic use of available information to identify hazardsand to estimate the risk to individuals or populations,
property or the environment IEC 60300-3-9
u A systematic approach for describing and/or calculating risk.Risk analysis involves the identification of undesired
(accidental) event, and the causes and consequences of theseevents
NS 5814
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
4/41
7/27/2019 Risk Analysis types
5/41
Consequence spectrum
IntroductionWhat is ..?
Brief history
Cons. spectr.
Accident categ.
Standards
ProcedureAcceptable risk
ALARP principle
Assessment
Main Steps
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 5 / 41
A consequence spectrum (or, risk picture) of an activity is a
listing of its potential consequences and the associatedprobabilities (e.g., per year). Usually, only unwantedconsequences are considered.
Activity
C1
C2
C3
Ck
p1
pk
p3
p2
Risk is sometimes defined as:
Risk = C1p1 + C2p2 + + Ckpk =k
i=1
Cipi
This requires that all consequences may be measured with a
common measure (e.g., as monetary value)
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
6/41
Categories of accidents
IntroductionWhat is ..?
Brief history
Cons. spectr.
Accident categ.
Standards
ProcedureAcceptable risk
ALARP principle
Assessment
Main Steps
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 6 / 41
- Traffic accidents- Occupational
accidents, etc.- Air trafic accidents- Railway accidents- Major industrialaccidents
- Nuclear accidents
- Catastrophies
Severity (log scale)
Frequency(lo
gscale)
1.
3.
2.
Low risk
High risk
Based on Rasmussen (1994)
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
7/41
Standards for risk analysis
IntroductionWhat is ..?
Brief history
Cons. spectr.
Accident categ.
Standards
ProcedureAcceptable risk
ALARP principle
Assessment
Main Steps
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 7 / 41
u IEC 60300-3-9: Risk analysis of technologuical systemsu EN 1050: Safety of machinery Risk assessmentu EN 50126: Railway applications The specification and
demonstration of reliability , availability, maintainability amd
safety (RAMS)u ISO 17776: Petroleum and natural gas industries Offshore
production installations Guidelines and tools for hazardidentification and risk assessment
u NORSOK Z-013: Risk and emergency preparedness analysis
u EN 1441: Medical Devices - Risk Analysis
More standards on: http://www.ntnu.no/ross/srt
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
8/41
Risk analysis procedure
IntroductionWhat is ..?
Brief history
Cons. spectr.
Accident categ.
Standards
ProcedureAcceptable risk
ALARP principle
Assessment
Main Steps
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 8 / 41
Planning and
organizing
Description
of object
Hazardidentification
Frequencyanalysis
Consequenceanalysis
Riskevaluation
Risk reducingmeasures
What is
acceptable risk?
Other measuresdesirable?
Acceptable?No
Yes
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
9/41
Risk analysis procedures - (2)
IntroductionWhat is ..?
Brief history
Cons. spectr.
Accident categ.
Standards
ProcedureAcceptable risk
ALARP principle
Assessment
Main Steps
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 9 / 41
Accidental
eventCausal
analysis
Consequence
analysis
Methods
- Checklists
- Preliminary hazardanalysis
- FMECA*
- HAZOP
- Event data sources
- Fault tree analysis*
- Reliability blockdiagrams*
- Influence diagrams*
- FMECA*
- Reliability data
sources*
- Event tree analysis*
- Consequencemodels
- Reliability
assessment*
- Evacuation models
- Simulation
(a)(b) (c)
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
10/41
Acceptable risk
IntroductionWhat is ..?
Brief history
Cons. spectr.
Accident categ.
Standards
ProcedureAcceptable risk
ALARP principle
Assessment
Main Steps
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 10 / 41
Several principles can be used to determine the acceptable risk:
u The ALARP principle (As low as reasonably practicable)u The precautionary principleu
Risk acceptance as defined in NORSOK Z-013u Minimum endogeneous mortality (MEM)u Globalement au moins aussi bon (GAMAB)
Risk acceptable is generally a complicated and multifaceted issue.
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
11/41
ALARP principle
IntroductionWhat is ..?
Brief history
Cons. spectr.
Accident categ.
Standards
ProcedureAcceptable risk
ALARP principle
Assessment
Main Steps
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 11 / 41
Negligible risk
Unacceptable region
The ALARP or Tolerabilityregion (Risk is undertaken only
if a benefit is desired)
Broadly acceptable region(No need for detailed work to
demonstrate ALARP)
Risk cannot be justified exceptin extraordinary circumstances
Tolerable only if risk reduction isimpracticable or its cost isgrossly disproportionate to the
improvement gained
Tolerable if cost of reductionwould exceed the improvement
gained
Necessary to maintainassurance that risk remains at
this level
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
12/41
Risk assessment and management
IntroductionWhat is ..?
Brief history
Cons. spectr.
Accident categ.
Standards
ProcedureAcceptable risk
ALARP principle
Assessment
Main Steps
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 12 / 41
Risk analysis
- Scope definition
- Hazard identification
- Risk estimation
Risk evaluation
- Risk tolerability
decisions- Analysis of options
Risk reduction/control
- Decision making
- Implementation
- Monitoring
Riskassessment
Risk
management
IEC 60300-3-9
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
13/41
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 13 / 41
Main Steps
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
14/41
Planning and organization
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 14 / 41
u Identify relevant laws and regulationsu Clarify internal policies and risk acceptance criteriau Define the purpose and objectives of the risk analysis
3 What type of risks should be studied? (Major accidents vs.occupational accidents; random hazards, deliberate actions, and/orenvironmental loads)
3 Which life phases should be included? (Normal operation, start-up,end-of-life, major overhaul, etc.)
u Organize the work, multidisciplinary team where selectedexperts provide the required expertice
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
15/41
Description of the analysis object
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 15 / 41
Description encompassing everything that can incluence theanalysis results
Main questions:
u What is the system dependent upon? (inputs)u What activities are performed by the system? (functions)u
What services does the system provide? (outputs)
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
16/41
Description of the analysis object - (2)
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 16 / 41
u Technical, personnel, and organizational relationshipsu Significant political, social, and economic relationshipsu Association with and dependency on the wider worldu External support if an accidental should occur
u Indicate special relationships that are significant to safety
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
17/41
Description of the analysis object - (3)
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 17 / 41
u Large enterprises can be broken down into smaller elements(i.e., objects and/or functions)
u A breakdown that constitutes too many too small elementswill demand much resources, whereas insufficient breakdown
of the enterprise can lead to unintentional omissions of rarebut significant events
u A possible technique for breaking down a system ishierarchical breakdown
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
18/41
Hierarchical breakdown
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 18 / 41
1.
Company
1.2.2
Building 2
1.2
Production unit
1.1
Design offices
1.2.3
Building 3
1.2.1
Building 1
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
19/41
Identification of hazards
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 19 / 41
u Potential hazards related to the activity must be identified(e.g., mechanical hazards, fire, explosion, toxix materials,radiation)
u In which part(s) of the system are the hazards relevant (e.g.,
pressure vessels, cranes, storage)
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
20/41
Methods and tools
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 20 / 41
u Checklistsu Preliminary hazard analysis (PHA), also known as:
3 Hazard identification (HAZID)3 Rapid risk ranking (RRR)
u Failure modes, effects, and criticality analysis (FMECA)u Hazard and operability analysis (HAZOP)u Brainstorming
u Experience data - data bases
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
21/41
Accidental events
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 21 / 41
Some questions to consider when defining accidental events:
u What type of event is it?
3 Describe the type of event (e.g., fire, gas leak, falling object)
u Where does the event take place?
3 Describe where the event occurs (e.g., in process area A)
u When does the event occur?3 Describe the conditions under which the event occurs (e.g., normal
operation, start-up, during maintenance)
Example: Contamination of water supply by bacteria duringflood conditions
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
22/41
Accidental events - (2)
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 22 / 41
u The list of accidental events arising from the PHA orbrainstorming should be sorted and filtered (i.e., events maybe disregarded due to insignificant consequences or likelihoodof occurrence are closed out without unnecessary delay)
u The different accidental events are considered for each of theelements to be analyzed. Where are the events relevant? Inthis relation one can use a simple event/element matrix.
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
23/41
Event-element matrix
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 23 / 41
Admin. building
Production unit
Loading area
Storage
Laboratory
Fire
Collision
Droppedobject
Toxicexposure
Explosion
Ar
ea(Systemelement)
Accidental event
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
24/41
Accidental events - (3)
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 24 / 41
The results from this step are:
u A listing of all relevant hazardsu
A listing and description of all potential (and relevant)accidental eventsu Identification of where each accidental event may occur
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
25/41
Causal analysis
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluation
Risk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 25 / 41
The causes of each accidental event must be identified anddescribed
HumanfactorsTechnical
factors
Organizationalfactors
Environmental
factors
Societal
factors
Accidental
event
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
26/41
Methods and tools
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 26 / 41
u Fault tree analysisu Bayesian belief networks (Influence diagrams)u Cause-effect diagramsu Reliability block diagramsu Root cause analysisu Experience data - data bases
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
27/41
Causal analysis results
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 27 / 41
u For each potential accidental event:
All combinations of events (technical failures, human errors,environmental loads, etc.) that may lead to the accidental
event (minimal cut set)u The minimal cut sets may be used to reveal weaknesses in the
system and form a basis for improvements
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
28/41
Frequency analysis
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 28 / 41
u After the causes of the accidental event have been identified,one is better placed to estimate the frequency (and how theaccidental event may be avoided)
u The frequency of the accidental events may be estimated
based on:
1. Data from previous incidents (and data bases)2. Fault tree analysis3. Expert judgement
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
29/41
Consequence analysis
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 29 / 41
u What is the result?u Identify consequences - bot immediate and delayed, given the
accidental event
When analyzing consequences, do not forget:
u The whole chain of events triggered by the accidental event(can a relatively benign event ultimately end up in adisaster?)
u Both immediate consequences and those that are notapparent until some time after the event.
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
30/41
Consequence categories
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 30 / 41
It is often desirable to classify consequences into differentcategories:
u
Personnel (i.e., health and safety)u Environmentalu Economicu Operational
u Company reputation
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
31/41
Consequence chains
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 31 / 41
u All potential event chains following an accidental event mustbe identified and described
u Most systems have one or more safety functions (barriers)that may stop or mitigate the effects of the accidental event.
The event chains will depend on whether or not these safetyfunctions are functioning or not.
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
32/41
Methods and tools
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 32 / 41
u Event tree analysisu Cause consequence analysisu Fire and explosion calculationsu Simulationu Experience data - data bases
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
33/41
Risk evaluation
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 33 / 41
u Which risks are present in my enterprise?u Risk classification matrices should be developed for each
consequence category.
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
34/41
Risk evaluation - (2)
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 34 / 41
u Risk is a function of the frequency of the accidental eventsand the consequences of the accidental events
u Higher frequency of occurrence higher risku More severe consequences higher risk
u A useful tool for describing risk is a risk classification matrix
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
35/41
Risk classification matrix
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 35 / 41
Frequency/consequence
1Very unlikely
2Remote
3Occasional
4Probable
5Frequent
Catastrophic
Critical
Major
Minor
Acceptable - only ALARP actions considered
Acceptable - use ALARP principle and consider further investigations
Not acceptable - risk reducing measures required
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
36/41
Risk evaluation - (2)
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
Methods
Accidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 36 / 41
u What do we do with accidental events once classified?u Part of risk management: guidelines for what should be done
with individual events dictated by the risk category to whichthey belong (Shouldnt this have been done during the
planning phase?)
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
37/41
Risk elimination
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
MethodsAccidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 37 / 41
u All accident causal factors (hazards) should be eliminated!We may, however, not have the resources to accomplish it
u We must therefore prioritize our corrective actions byaddressing high risks before low risks
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
38/41
Risk analysis report
Introduction
Main Steps
Planning
System descript.
Hierarchy
Hazard ident.
MethodsAccidental events
Event matrix
Causal analysis
Frequency analysis
Consequences
Risk evaluationRisk matrix
Risk elimination
Report
Conclusions
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 38 / 41
1. Summary and conclusions2. Objectives and scope3. Limitations, assumptions and justification of hypotheses4. Description of relevant parts of the system5. Analysis methodology
6. Hazard identification results7. Models used, including assumptions and validation8. Data and their sources9. Risk estimation results
10. Sensitivity and uncertainty analysis11. Discussion of results (including discussion of analytic difficulties)12. References
IEC 60300-3-9
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
39/41
Introduction
Main Steps
Conclusions
Criticism
Challenges
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 39 / 41
Conclusions
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
40/41
Criticism
Introduction
Main Steps
Conclusions
Criticism
Challenges
Marvin Rausand, October 7, 2005 System Reliability Theory (2nd ed), Wiley, 2004 40 / 41
We sometimes hear that:
u A risk analysis takes too much time and resourcesu The risk analysis is used to slow down decision processesu Risk analysis can be a manipulative tool
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr7/27/2019 Risk Analysis types
41/41
Challenges
Introduction
Main Steps
Conclusions
Criticism
Challenges
M i R d O b 7 2005 S R li bili Th (2 d d) Wil 2004 41 / 41
u Where data lacks, qualitative assessments through expertjudgment is unaviodable
u Confidence in achieved results highly depends on:
3 the confidence in the experts (i.e., their qualification and
competence)3 the effectiveness of assessment procedures
u However, uncertainties will be revealed and documented,rather than suppressed
u When properly performed, a risk analysis is very transparent
Adapted from IACS (2002)
http://www.ntnu.no/~marvinrhttp://www.ntnu.no/ross/srthttp://www.ntnu.no/ross/srthttp://www.ntnu.no/~marvinr