Risk Assessment. Marvin Rausand
and risk analysis methods in particular.
Come from different levels of the organization. The purpose of this is to better reflect the priorities, attitudes, and knowledge of different organizational levels in the analysis.
The last item may seem unnecessary because as long as the analysis is done in an objective manner, based on the available information, should we not arrive at the same results regardless of who is involved? This is an important issue for any risk assessment and should always be kept in mind. A risk analysis predicts what may happen in the future. Because we are never able to know exactly what will happen, the analysis is always based both on facts and judgments. Different people may judge the situation differently and may thus arrive at different conclusions. A risk analysis should therefore never be seen as a completely objective study, but a reflection of the available data and the knowledge of the participants in the study, including their values, attitudes, and priorities.
The number of persons taking part in the study may vary depending on the scope of the risk assessment and how complicated the study object is. In some cases, it may be relevant to contract a consulting company to carry out the risk assessment. If the risk assessment is done by external consultants, it is important that in‐house personnel carefully follow the assessment process to ensure that the company accepts ownership of the results. The competence and experience of each member of the study team should be documented, along with their respective roles in the team. In cases where external stakeholders are exposed to risk, it should be considered if, and to what degree, these should be involved in the risk assessment.
3.2.1.5 Step 1.5: Establish Project Plan
For the results from the risk assessment to be used as the basis for a decision, it is of paramount importance that the assessment process be planned such that the results are available in a timely manner. The study team should, in cooperation with the decision‐makers decide on a time schedule and estimate the resources that are required to do the risk assessment. The extent of the assessment depends on how complicated the study object is, the risk level, the competence of the study team, how important the decision is, the time available for the study, access to data, and so on. The level of detail in the study should be agreed upon as part of the planning.
3.2.1.6 Step 1.6: Identify and Provide Background Information
Most study objects have to comply with a number of laws and regulations. Many of these give requirements related to health and safety, and some of them require that risk assessments be performed. It is important that the study team is familiar with these laws and regulations, such that the requirements are taken into account in the risk assessment.
Risk assessment standards and/or guidelines have been developed for many types of study objects and application areas (see Chapter 20). Internal requirements and guidelines given by the organization that performs the risk assessment may also need to be adhered to. The study team must be familiar with these standards and guidelines.
The number of documents required to support a risk assessment may be substantial. A document control system should therefore be established to manage the various documents and other information sources. This system must control the updating, revision, issue, or removal of reports in accordance with the quality assurance program to ensure that the information remains up to date.
3.2.2 Step 2: Define the Study
The structure of step 2 is shown in Figure 3.5 .
3.2.2.1 Step 2.1: Define and Delimit the Study Object
The study object must be defined precisely. When the risk assessment is initiated at an early stage of a system development project, we have to suffice with a preliminary system definition and delimitation on a high level, leaving a more detailed description to a later stage. Aspects of the study object that need to be considered include the following:
The boundaries and interfaces with related systems, both physical and functional.
Interactions and constraints with respect to factors outside the boundary of the study object.
Technical, human, and organizational aspects that are relevant.
The environmental conditions.
The energy, materials, and information flowing across boundaries (input to and output from the study object).
The functions that are performed by the study object.
The operating conditions to be covered by the risk assessment and any relevant limitations.
In many risk assessments, it is difficult to delimit the study object and to decide which assumptions and conditions that apply. What should be covered in the risk assessment, and what can be disregarded? In the first steps of a risk assessment, the objective should be to establish a picture of the most important risk issues related to the study object. Later on, the risk assessment may be extended to cover specific parts of the study object under special conditions.
In most cases, the study object must be divided into reasonable parts for analysis. Depending on how complicated the study object is, these parts may be subsystems, assemblies, subassemblies, and components. A numerical coding system corresponding to the system breakdown should be established, such that each part is given a unique number. In the offshore oil and gas industry, this system is usually called the tag number system.
Several methods are available for system breakdown. It is most common to use some sort of hierarchical structure. In some cases, it is most relevant to focus on functions or processes, whereas in others, the focus is on the physical elements of the system. System breakdown methods are discussed further in Chapter 11 and onwards when different methods are discussed. The study object is studied further in Chapter 4.
3.2.2.2 Step 2.2: Provide Documentation and Drawings
A lot of information about the study object is required, in particular for detailed analyses. Information sources of interest may include (e.g. see IAEA 2002):
System layout drawings, including the relation to other systems and assets.
System flow, logic, and control diagrams.
Descriptions of normal and possible abnormal operations of the study object.
Inventories of hazardous materials.
Operation procedures and operator training material.
Testing and maintenance procedures.
Emergency procedures.
Previous risk assessments of the same or similar systems
Descriptions of engineered safety systems (barriers) and safety support systems, including reliability assessments.
Description of previous hazardous events and accidents in the study object.
Feedback from experience with similar systems.
Environmental impact assessments (if relevant).
The document control system fills an important role in keeping track of all the documentation that is used as input to the risk assessment. In system development projects, the