Technology & Engineering

Risk Analysis

Risk analysis involves identifying, assessing, and prioritizing potential risks to a project, process, or system. It aims to understand the likelihood and impact of these risks and develop strategies to mitigate or manage them effectively. In technology and engineering, risk analysis is crucial for ensuring the safety, reliability, and success of complex systems and innovations.

Written by Perlego with AI-assistance

Related key terms

Business Risk Analysis

Financial Risk Management

FMEA Risk Analysis

FMEA Risk Assessment

Project Analysis

Project Risk Management

Risk

Risk Assessment

Risk Management

Security Risk Assessment

7 Key excerpts on "Risk Analysis"

eBook - ePub
Managing Technology and Product Development Programmes
A Framework for Success
- Peter Flinn(Author)
- 2019(Publication Date)
- Wiley
  (Publisher)
7 Identifying and Managing Engineering Risks

7.1 Introduction

Chapters 2 and 6 drew attention to two fundamental, and sometimes opposing, aspects of product and technology development work:

The creative element of the process, developing new ideas to solve problems and to improve people's well‐being.

The element of risk which those new engineering solutions might introduce in terms of reliability, robustness, or creation of other forms of harm or danger.

This chapter is concerned with the second of these points – the identification of risks that require attention. Chapter 8 then deals with how those risks might be reduced or eliminated through engineering development work.

Risk is a widely used term, and its simplest definition is perhaps given by the Cambridge English Dictionary: ‘the possibility of something bad happening’. Within the engineering and technology community, it is essentially ‘the possibility of something going wrong’. A more technical description can be found in the Risk Management Guide for DoD Acquisition: ‘Risk is a measure of the potential inability to achieve overall program objectives within defined cost, schedule, and technical constraints’. Risk in this context is normally considered to have two elements: the frequency of a potentially hazardous event and the severity of its consequences.

It should be noted that the concern in this book is with engineering or technical risks that can be addressed through the engineering development process. Other forms of risk, such as business or financial risks, are not covered here, although the same principles can be used for their management – see Refs. 1 –3 .

7.2 Identification of Risks

It might be argued that the separate identification of risks is a relatively new concept in the engineering world. Engineers have, over a 200‐ to 250‐year period, always performed experiments and calculations to ensure that their products will work. Initially, knowledge was limited and failure was commonplace despite engineers' best efforts. For example, nineteenth‐century railways were plagued with problems and several royal commissions were set up in the United Kingdom looking, for example, at iron bridges on railways (1847). Unlike today, that was a period when failure in service was commonplace and was one of the primary learning mechanisms – an approach that would be unacceptable nowadays.
Sign up to read
Learn more about book
eBook - ePub
Engineering Risk Management
- Thierry Meyer, Genserik Reniers(Authors)
- 2016(Publication Date)
- De Gruyter
  (Publisher)
Fig. 4.2: General procedure of Risk Analysis.

The different steps are summarized in Fig. 4.2 . The essential starting point is the definition of the system. At this moment, a qualitative Risk Analysis can be undertaken. This analysis cannot always be quantified by figures or probabilities, often because of the lack of reliable and pertinent data. However, whenever it is useful and feasible, the system will be quantified. The final question that remains to be asked is: “Is the risk acceptable?” If yes, the analysis is complete, and if not, it becomes necessary to modify the concept or the design and repeat the analysis. This is the iteration of the process.
!
For both economic and efficiency reasons, it is generally favorable to integrate Risk Analysis at the project design stage (prospective analysis) (the measures are called “inherent” or “design-based” safety measures), because measures issued afterwards (“add-on” safety measures) are often more expensive and mainly palliative (like a bandage on a wooden leg).

Figure 4.3 illustrates the evolution of costs linked to technical and operational modifications imposed by the results of Risk Analysis as well as their efficiency with time and development of the project.

Fig. 4.3: Cost evolution depending on the development phases.

4.1.4General process for all analysis techniques

Risk assessment is an important step in protecting workers and business, as well as for complying with the law. It helps to focus on the risks that really matter in the workplace – the ones with the highest potential to cause real harm, whether they are type I, II or III risks. The general framework to assess risk follows five steps:
Sign up to read
Learn more about book
eBook - ePub
Computer System and Network Security
- Gregory B. White, Eric A. Fisch, Udo W. Pooch, Udo W. Pooch(Authors)
- 2017(Publication Date)
- CRC Press
  (Publisher)
2 Risk Analysis
Computer security Risk Analysis is the process of identifying and evaluating the risk of being successfully attacked and suffering a loss of data, time, and person-hours versus the cost of preventing such a loss. The goals of performing this process are to determine the strength of a computer system’s security and make a rational decision as to how the security of the system can and should be improved. The benefits of performing a security Risk Analysis are not just the end results of improving the security of a system. The benefits also include a better understanding of a system and its flaws. Table 2.1 provides a list of the information gained by performing a Risk Analysis. Note that much of the terminology in the table requires definition, if not clarification. This is done in the sections that follow.

Table 2.1 Information gained by performing a computer security Risk Analysis

Risk Analysis is not unique to computer science, let alone computer security. As will be demonstrated, applying Risk Analysis to the computer security field is a matter of associating, or relating, the ideas used in computer security to the general concepts of Risk Analysis. This association includes the terminology, risk standards, and risk tolerances.

2.1 Theory

Risk Analysis is a byproduct of the many decisions a person makes each and every day. The analysis occurs in such mundane decisions as crossing the street or driving to the supermarket, and in more significant decisions such as purchasing a new car or home. Whether a rational decision maker is aware of the specific mental balancing performed in making a decision, the concept remains the same: weigh the benefit of performing an action to the possible risks involved. In each of the actions mentioned earlier, a decision is made whether the time and effort expended to perform the action is warranted by the possible danger that could ensue. The theory and thought process behind these decisions can be reduced, however, to the basic theories and formula of Risk Analysis.
Sign up to read
Learn more about book
eBook - ePub
Total Safety and the Productivity Challenge
- Maria Chiara Leva, Tom Kontogiannis, Marko Gerbec, Olga Aneziris, Maria Chiara Leva, Tom Kontogiannis, Marko Gerbec, Olga Aneziris(Authors)
- 2019(Publication Date)
- Routledge
  (Publisher)
2 Understanding hazards and risks Passage contains an image
3 Process risk assessment
From the basics to new frontiers Micaela Demichela and Gabriele Baldissone

Introduction

Process risk assessment is nowadays a mature discipline that is based on consolidated techniques and tools for each phase of its cycle. The definition of “risk” and the methodologies falling under the acronym PRA – Probabilistic Risk Assessment – have arisen from the nuclear domain and laid the foundations of technological risk evaluation (Rasmussen 1975).

Technological risk refers to the undesired consequence of a particular hazardous activity in relation to its likelihood of occurrence . This clearly means that the risk (R ) can be seen as the product of two parameters: F , the expected probability that a hazardous event could occur within a given time interval; and M , the severity of the consequences ensued (Magnitude).
From the Rasmussen’s Report the logical link between the two is set to:

R = F · M

This simple definition of technological risk allows safety analysts to assess risks and make comparisons between the foreseeable risks associated to a given process or plant or to examine whether risks fall within particular tolerability limits.

Since process plants are usually complex socio-technical systems, the risk assessment process requires a procedure to control this complexity and to support risk-based decision making within the Total Safety Management framework (see Chapter 1 ).

The risk assessment procedure

As discussed in Chapter 1 , standard ISO 31000:2009 defined a framework for risk assessment that is coherent with most process risk assessments from early days, although with some variations. According to Figure 3.1
Sign up to read
Learn more about book
eBook - ePub
Certified Information Security Manager Exam Prep Guide
Gain the confidence to pass the CISM exam using test-oriented study material, 2nd Edition
- Hemang Doshi(Author)
- 2022(Publication Date)
- Packt Publishing
  (Publisher)
Risk identification : In this phase, significant business risks are identified. Risk identification is generally conducted by the use of risk scenarios. A risk scenario is a visualization of a possible event that could have some adverse impact on the business objectives. Organizations use risk scenarios to imagine what could go wrong or what could create barriers to achieving the business objectives.
Risk Analysis : Risk Analysis involves ranking risks based on their impact on business processes. The impact can be either quantifiable in monetary terms or qualitative, such as high, medium, or low risk. Both the probability of an event and its impact on the business are considered to determine the level of risk.

Risk Analysis results help with the prioritization of risk responses and the allocation of resources; for example, high-risk areas are given priority for treatment.

Risk evaluation : Risk evaluation is the process of comparing the result of Risk Analysis against the acceptable level of risk. If the level of risk is more than the acceptable level, then risk treatment is required to bring down the risk level.

Here are some practical examples for each of the risk assessment phases:

Risk identification: The risk of the malfunction of a machine due to heavy rain.
Risk Analysis: In this phase, the level of risk is determined. Suppose that the machine costs $100,000 and the probability of heavy rain is 50%. In this case, the risk level is $50,000 (i.e., $100,000 * 50%).
Risk evaluation: In this phase, the risk level is compared with the risk level acceptable to management. Suppose the acceptable level is only $20,000. The current risk of $50,000 exceeds the acceptable level of risk. In such a case, risk treatment is required to bring the risk level down. The organization may choose to take out insurance worth $30,000 so that the net risk remains only $20,000.

Learn more about book

eBook - ePub

Encyclopedia of Chemical Processing and Design

Volume 48 - Residual Refining and Processing to Safety: Operating Discipline

John J. McKetta Jr(Author)
2017(Publication Date)
CRC Press
(Publisher)

Risk Management of Engineered Designs General Discussion

Risk management of an engineered design for a process is the utilization of control systems and maintenance programs to limit estimated risk levels of human and financial losses associated with probable equipment failures. Risk management is proactive, not reactive, loss control management. It is achieved through the application of reliability engineering principles and empirical data under the premise that although there is no zero risk in any human activity, acceptable risk levels can be achieved.

Hazard assessment of an engineered design is the estimation of inherent risks of a process and its evaluation for acceptability by specified criteria: If the estimated risks do not exceed the criteria, the design is considered acceptable for risk; if not, then the design must be changed or affected in other ways to meet the specifications for maximum acceptable risk. Therefore, risk can be classified as either hazardous or nonhazardous by its comparison with risk criteria. Consequently, for our purposes of identifying hazards, a hazard is considered solely as an unacceptable risk. This is consistent with the general distinctions of voluntary risks taken by humans in public and private life, such as riding in a commercial airliner, driving a car, smoking cigarettes, getting out of bed, staying at home, boating, or skiing, all of which have been given a risk of death per person per year.

As an overview, industrial hazard identification (assessment) is performed by Risk Analysis and evaluation using probability estimates of the adverse effects of exposing people and property to a process system failure. Earlier, a hazard was defined as unacceptable risk of danger to people or property. Since some degree of danger abounds every day, we individually become discretionary in participating in life’s adventures with regard to their worth and risk. This is what hazard assessment is about: The evaluation of an activity’s consequences with its probability or frequency of failure with regard to a maximum acceptable value for a desirable result.

Learn more about book

eBook - ePub

Corporate Risk Management

Tony Merna, Faisal F. Al-Thani(Authors)
2011(Publication Date)
Wiley
(Publisher)

For the purpose of this book the present authors define tools as: The methodology which employs numerous techniques to achieve its aim. For example, risk management (tool) employs numerous techniques such as sensitivity analysis, probability analysis and decision trees. Value management (tool) employs such techniques as functional analysis, optioneering and criteria weighting. 4.3 Risk Analysis TECHNIQUES There are two main categories of Risk Analysis techniques: qualitative and quantitative. Qualitative methods seek to compare the relative significance of risks facing a project in terms of the effect of their occurrence on the project outcome. Simon et al. (1997) suggest that the information obtained from qualitative analysis is nearly always more valuable than that from quantitative analysis and that the latter is not always necessary. Thompson and Perry (1992) recommend qualitative analysis for developing an initial risk assessment. Quantitative techniques attempt to determine absolute value ranges together with probability distributions for the business or project outcome and, consequently, involve more sophisticated analysis, often aided by the use of computers. According to Simon et al. (1997), to achieve this, a model is created of the project under consideration. It is then modified to quantify the impacts of specific risks determined by an initial assessment using qualitative techniques

Learn more about book

Index pages curate the most relevant extracts from our library of academic textbooks. They’ve been created using an in-house natural language model (NLM), each adding context and meaning to key research topics.

Explore more topic indexes

View all