Risk Assessment. Marvin Rausand
The choice of approach may, for example, imply that the competence in the study team must be supplemented with an additional specialist, and delimitation of the study object may require that the project plan be revised. Even if the main steps are always performed, all the substeps defined in the following sections are not relevant for all types of risk assessment.
3.2.1 Step 1: Plan the Risk Assessment
For a risk assessment to provide the required results, the process must be carefully planned and prepared. One can easily be impatient in this part of the study, aching to get on with the “real work” as soon as possible. In most cases, it is beneficial to allocate sufficient time and resources to prepare the study. Experience has shown that this is perhaps the most critical part of the whole risk assessment process. Without a good understanding of what we want to achieve, it is hard to do a good job.
As described later in the book, there are many ways of doing a risk analysis. A reason why so many different methods have been developed is that risk assessment is applied to a wide range of problems and study objects. To be able to select the best methods, we need to have a good understanding of the problem that we are going to analyze. Further, risk assessments are normally performed to provide input to decisions about risk – whether we need to do something with the risk and if so, what should be done. Understanding the decision alternatives is also important before starting the work. The structure of step 1 is shown in Figure 3.3 .
3.2.1.1 Step 1.1: Clarify Decision and Decision Criteria
The reasons for performing risk assessments may vary, but common to all is that they are done to provide input to decisions. It is therefore important that the study team understands the decision alternatives and gives clear and specific answers that can be used in the decision‐making process. If the objective of the risk assessment is not clear from the beginning, it is not likely that the assessment will answer the questions that need to be answered to support the actual decision‐making.
The study team needs to know who the users of the results are and their knowledge about risk assessment. The users may influence both how the risk assessment should be carried out, and particularly, how the results should be presented. If the users are risk assessment experts, the presentation of results and the use of terminology may be different compared to if the users have no or little experience with risk assessment.
If risk acceptance criteria for risk evaluation have been established, these must be known to the study team such that the results from the risk assessment are given in a format that enables comparison with the criteria (see Chapters 5 and 6). A good understanding of these criteria and how they should be interpreted is essential.
Example 3.1 (Decision criteria)
A railway company has established a risk acceptance criterion that states “The frequency of fatal accidents per year in our operation shall be less than 0.1 per year.” In this case, it is necessary to clarify if this applies only to employees or also to passengers and/or people crossing the railway line. The answer to this question affects the scope of the risk assessment.
If several types of assets are considered in the risk assessment, separate decision criteria need to be established for each type of asset. This may apply even if people are the only asset considered. Different criteria may, for example, be applied for employees and neighbors living close to a hazardous plant. Criteria for when the assets are considered to be harmed may also need to be established. Many risk assessments are concerned only with people, and the criteria for harm are then usually whether people are injured or not.
The risk assessment should demonstrate that all the significant accident scenarios related to each decision alternative have been considered. If only one decision alternative is considered, the risk assessment should cover the risk if the decision alternative is chosen and also the risk if the decision alternative is not chosen.
The role of the risk assessment in the decision‐making process is illustrated in Figure 3.4 . From the decisions, the required input can be defined, and this determines the objectives and scope of the risk assessment. When the assessment is completed and results are ready, this feeds back to the decisions again, together with other relevant information that is taken into account (e.g. feasibility and cost).
3.2.1.2 Step 1.2: Define Outputs from Risk Assessment
The required outputs from the assessment should be clearly defined. The decisions and decision criteria determine, to a large extent, which outputs are required, but several aspects need to be considered:
Should the outputs be qualitative or quantitative? The decision criteria significantly influence this decision.
In what format should the results be presented? Only in a technical report or also in other formats (summary report, presentation, brochure)?
What level of detail should be used when presenting the results? This ties in with the decision and also the users.
Are there several stakeholders with different backgrounds that require different types of information?
Most important always is to keep the decision in mind and ask ourselves whether what we are planning to present will help the decision‐maker to make the best decision with regard to risk.
3.2.1.3 Step 1.3: Define Objectives and Scope
The decision alternatives and the decision criteria determine the scope and objectives of the study. The objectives can often be derived directly from the decisions that the analysis is supporting and this in turn also determines the scope of the study. The objective may be to
verify that the risk is acceptable,
choose between two alternative designs,
identify potential improvements in an existing design,
a combination of these,
…and several more.
When the objectives are defined, the scope may be set up. The scope describes the work to be done and specific tasks that need to be performed. At this stage, it is possible to specify more clearly what resources and competences are required to perform the risk assessment.
3.2.1.4 Step 1.4: Establish the Study Team and Organize the Work
The risk assessment is usually carried out by a study team that is led by a team leader. The team members should together meet the following requirements:
Have competence relevant to the study object. Including team members from sectors with similar problems may also be useful.
Have necessary knowledge of the study object, how it is operated, and how safety is managed and maintained.
Have competence