|
The following methods can be used to do a
risk assessment:
- Use a what-if
analysis to identify threats and hazards.
What-if questions are asked about what could go wrong
and about what would happen if things do go wrong. This
type of analysis is a brainstorming
activity and is carried
out by people who have knowledge
about the areas,
operations, and processes that may be exposed to
hazardous events and conditions.
-
Use a checklist of known
threats and hazards to identify
your threats and hazards. The value of this type of
analysis
depends upon the quality of the checklist and the
experience of the user.
-
Use a
combination of checklists
and what-if analysis to
identify your threats and hazards. Checklists
are used to
ensure that all relevant what-if questions are
asked and
discussed, and to encourage a creative
approach to
risk assessment.
-
Use a hazard and operability study (HAZOP)
to identify your
threats and hazards. If you need to do a thorough
analysis,
this method is for you. However, it requires strong
leadership
and is costly and time
consuming. It also assumes that you
have a very knowledgeable interdisciplinary team
available to
you, one with detailed knowledge about the areas,
operations,
and processes that may be exposed to hazardous events
and
conditions.
-
Use a failure mode and effect analysis
(FMEA) to identify
potential failures and to figure out what effect
failures would
have. This method begins by selecting a system for
analysis
and then looks at each element within the system.
It then tries
to predict what would happen to the system as a
whole when
each element fails. This method is often used to predict
hardware failures and is best suited for this purpose.
-
Use a fault tree analysis (FTA)
to identify all the things that
could potentially cause a hazardous event. It
starts with a
particular type of hazardous event and then tries to
identify
every possible cause.
|
|
|
Comprehensive
risk assessments:
-
Identify the
range of hazards, threats, or perils:
-
Identify
the hazards, threats, or perils that
impact or might impact your organization.
-
Identify
the hazards, threats, or perils that
impact or might impact your infrastructure.
-
Identify
the hazards, threats, or perils that
impact or might impact the surrounding area.
-
Determine
the potential impact of
each hazard, threat, or peril by:
-
Estimating
the relative severity
of each hazard, threat, or peril.
-
Estimating
the relative frequency
of each hazard, threat, or peril.
-
Estimating
the vulnerability to
each hazard, threat, or peril.
-
Estimate
how vulnerable your people
are to each hazard, threat, or peril.
-
Estimate
how vulnerable your operations
are to each hazard, threat, or peril.
-
Estimate
how vulnerable your property
is to each hazard, threat, or peril.
-
Estimate
how vulnerable your environment
is to each hazard, threat, or peril.
-
Categorize
each hazard, threat, or peril according
to how severe it is, how frequently it occurs, and
how vulnerable you are.
-
Develop
strategies to deal with the most
significant hazards, threats, or perils.
-
Develop
strategies to prevent hazards, threats, or
perils that impact or might impact your
organization
and its people, operations, property, and
environment.
-
Develop
strategies to mitigate hazards, threats, or
perils that impact or might impact your
organization
and its people, operations, property, and
environment.
-
Develop
strategies to prepare for hazards, threats,
or
perils that impact or might impact your organization
and its people, operations,
property, and environment.
-
Develop
strategies to respond to hazards, threats,
or
perils that impact or might impact your organization
and its people, operations,
property, and environment.
-
Develop
strategies to recover from hazards, threats,
or
perils that impact or might impact your organization
and its people, operations,
property, and environment.
|
|