Date post: | 04-Jun-2018 |
Category: |
Documents |
Upload: | ahmed-mohamed-khalil |
View: | 218 times |
Download: | 0 times |
of 16
8/13/2019 A_Z Risk Assessment
1/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!
isk Management Knowledgebase ..
Item Description
LARP As Low As Reasonably Practicable.
ALARP is a term often used by risk practitioners.
creditation The act of granting credit or recognition.
tion A specific task to address a risk.
tion Plan Corrective plan to be executed when a risk is realised.
tivity The smallest selfcontained unit of work used to define the logic of a pro!ect.
ert "arning that an incident has occurred.
nalysis Risk analysis is the systematic use of information to establish valid scenarios for how a ha#ard
could lead to harm and determine the probability of the associated adverse events and themagnitude of their conse$uences.
sessment The evaluation of risk with regard to the impact if the risk is realised and the likelihood of therisk being realised.
%ome types of risk lend themselves to a numerical diagnosis particularly financial risk. &orother risks for example reputational risk a much more sub!ective view is all that is possible.
set Anything on a organisation's books considered as having a positive monetary value. Assets areusually shown on the balance sheet.
Assets include holdings of obvious market value (cash) real estate*) hardertomeasure value
(inventory) aging e$uipment*) and other $uantities considered an asset by accounting
conventions.
sumption %tatement taken for granted or truth.
An Assumption is a belief which if verified should become a pro!ect decision.
surance An evaluated opinion) based on evidence gained from review) on the organisation+s
governance) risk management and internal control framework.
udit A methodical examination or review of a condition or situation.
Item Description
AT ,est Available Techni$ues
P- ,est Practicable -nvironmental ption
P/ ,est Practicable /eans
alancedcorecard
A management tool for summarising progress against key business performance measures.
An aid to organisational performance management. 0t helps to focus) not only on the financialtargets but also on the internal processes) customers and learning and growth issues.
ar Chart A view of pro!ect data that uses hori#ontal bars on a time scale to depict activity information.
aseline A copy of the pro!ect schedule for a particular time (usually before the pro!ect is started* thatcan be used for comparison with the current schedule.
8/13/2019 A_Z Risk Assessment
2/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!enefits The enhanced efficiency) economy and effectiveness of future business operations.
rainstorming The unstructured generation of ideas by a group of people.
udget The planned cost for an activity or pro!ect.
usiness Case A document used to !ustify the commitment of resources to a pro!ect.
usiness Process A group of business activities undertaken by an organisation in pursuit of a common goal.
Typical business processes include receiving orders) marketing services) selling products)delivering services) distributing products) invoicing for services) accounting for moneyreceived.
A business process usually depends upon several business functions for support) e.g. 0T)personnel) accommodation.
A business process rarely operates in isolation) i.e. other business processes will depend on itand it will depend on other processes.
usiness Recovery
ans
1ocuments describing the roles) responsibilities and actions necessary to resume business
processes following a business disruption.
usiness 2nit A segment of the business entity by which both revenues are received and expenditure are
caused or controlled) such revenues and expenditure being used to evaluate segmentalperformance.
Item Description
,A Cost ,enefit Analysis can provide an assessment of how much an organisation wants todevote to reducing the risks given its resources and competing demands.
Cost benefit analysis $uantifies in monetary terms as many of the costs and benefits of a
proposal as feasible) including items for which the market does not provide a satisfactory
measure of economic value.
-A Cost -ffectiveness Analysis can help determine where and how best to deploy the resourcesavailable for reducing risk and preventing harm.
ategories Common categories or groupings of risks are3
4 Political Change of government) cross cutting policy decisions (e.g. 5 the -uro*.
4 Professional Associated with the nature of each profession.
4 -conomic Ability to attract and retain staff in the labour market6 exchange rates affectcosts of international transactions6 effect of global economy on 27 economy.
4 %ocio cultural 1emographic change affects demand for services6 stakeholder
expectations change.
4 8ealth and %afety ,uildings) vehicles) e$uipment) fire) noise) vibration) asbestos)chemical and biological ha#ards) food safety) traffic management) stress) lone working) etc.
4 Technological bsolescence of current systems6 cost of procuring best technology
available) opportunity arising from technological development.
4 Contractual Associated with the failure of contractors to deliver devices or products tothe agreed cost and specification.
4 -nvironmental ,uildings need to comply with changing standards6 disposal of rubbishand surplus e$uipment needs to comply with changing standards.
4 Physical Theft) vandalism) arson) building related risks) %torm) flood) other relatedweather) damage to vehicles) mobile plant and e$uipment.
8/13/2019 A_Z Risk Assessment
3/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!4 perational Relating to existing operations 5 both current delivery and building andmaintaining.
hange Control Pro!ect change control methods aim to ensure that the impact of any change is wellunderstood) carefully considered) and consciously approved) rather than executed as adhoc
changes that could !eopardise success.
hange Control. The procedure to ensure that all changes are controlled) including the submission) analysis)decision making) approval) implementation and post implementation of the change.
hange /anagement /anaging change refers to the making of changes in a planned and managed or systematic
fashion. The aim is to more effectively implement new methods and systems in an ongoingorganisation.
hart of Accounts A numbering system) usually based on corporate chart of accounts of the primary
performing organisation) used to monitor costs by category.
ompliance Conforming to a specification) standard or law that has been clearly defined.
ompound Risk A risk made up of a number of interrelated risks.
onflict /anagement The ability to manage conflict effectively.
onstraints Applicable restrictions that will affect the scope of the pro!ect.
ontingencyanning
This an important element of control measures as it is the means by which organisationsplan for business continuity 9 recovery after events which they could not control.
,y their nature) risks may or may not materialise and their impacts may vary from
expectations.
Contingency planning can be important to ensure that all (or the most important andrepresentative* eventualities can be ade$uately addressed.
ontinuous Risk
entification
This is necessary to identify new risks which did not previously arise) changes in existing
risks) or risks which did exist ceasing to be relevant to the organisation.ontrol Charts Control charts display the results) over time) of a process. They are used to determine if the
process is in need of ad!ustment.
ontrol /easures The purpose of control measures is that whilst continuing within the organisation with theactivity giving rise to the risk) action (control* is taken to constrain the risk to an acceptablelevel.
Typical measures might include improvement in areas of /anagement6 Planning6 Reporting6
Communications6 /onitoring6 Audit6 %afety6 Procedures6 Policies6 %tandards6 -$uipment60.T.) Resources6 Training6 and) %upport.
0n designing control) it is important that the control put in place is proportional to the risk.
Apart from the most extreme undesirable outcome (such as loss of human life* it is normallysufficient to design control to give a reasonable assurance of confining likely loss.
-very control action has an associated cost and it is important that the control action offersvalue for money in relation to the risk that it is controlling.
:enerally speaking the purpose of control is to constrain risk rather than to eliminate it.
ost ,enefit Analysis The analysis of the potential costs and benefits of a pro!ect to allow comparison of thereturns from alternative forms of investment.
ost /anagement The effective financial control of the pro!ect through evaluating) estimating) budgeting)monitoring) analysing) forecasting and reporting the cost information.
ost ;ariance The difference between the budgeted and actual cost of work performed.
ountermeasure An action or process that is currently in place to contain a risk to an acceptable level or to
8/13/2019 A_Z Risk Assessment
4/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!reduce the threat.
ounterparty Risk The risk that the other party to the specific transaction will not fulfil its contractual
obligations.
ritical Path %eries of consecutive activities that represent the longest path through the pro!ect.
ritical %uccessactor(C%&*
A measure of success or maturity of a pro!ect or process. 0t can be a state) a deliverable ora milestone. An example of a C%& would be 'the production of an overall technologystrategy'
em 1escription
PA The 1ata Protection Act gives individuals certain rights regarding information held aboutthem.
0t places obligations on those who process information while giving rights to those who arethe sub!ect of that data. Personal information covers both facts and opinions about theindividual.
ecision A 1ecision is either a validated assumption or an answered $uestion.
ecision log This is used to log all pro!ect decisions. The answers to $uestions are logged as decisions."hen "orking Assumptions are ratified as decisions) they are logged.
ependencies 1ependencies are relationships between tasks.
A 1ependency is a recognition that one task relies on another task in some way.
rect Cost 1irect costs (labour) material) and other direct costs* that can be consistently related towork performed on a particular activity.
1irect costs are best contrasted with indirect costs that cannot be identified to a specificactivity.
rective Controls These controls are designed to ensure that a particular outcome is achieved.
They are particularly important when it is critical that an undesirable event is avoided typically associated with 8ealth and %afety or with security.
-xamples of this type of control would be to include a re$uirement that protective clothingbe worn during the performance of dangerous duties) or that staff be trained with re$uiredskills.
saster Recovery
anning
A series of processes that focus only upon the recovery processes) principally in response to
physical disasters.
owntime Total period that a service or component is not operational) within an agreed service times.
conomy The economy) both domestically and internationally) is another important element of the
risk environment.
"hilst for most organisations the general economy is a given) it does affect the markets in
which they have to function in obtaining or providing goods and services.
0n particular the economy can have an effect on the ability of an organisation to attract andretain staff with the skills which the organisation needs.
stimation Risk estimation is the determination of the probability of an adverse event and themagnitude of its conse$uences.
valuation These reviews detect lessons to be learnt from pro!ects for application in future work) andmonitoring activities.
xposure The conse$uences) as a combination of impact and likelihood) which may be experienced bythe organisation if a specific risk is realised.
8/13/2019 A_Z Risk Assessment
5/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!xternal 0ssues 0ndividuals and businesses may create risks that affect people other than themselves) which
are not taken into account when decisions are taken (e.g. causing pollution*.
-$ually) there will be less incentive for individuals or businesses to reduce risks if they willnot benefit wholly from risk reduction measures) even if society as a whole would gain.
xternal Risk
8/13/2019 A_Z Risk Assessment
6/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!stogram A histogram is a graphic display of resource usage over a period of time. 0t allows the
detection of overused or underused resources. The resource usage is displayed in colouredvertical bars.
storical 1ata Past information used to help forecast future issues6 for example) historical price)
price9earnings ratio) revenues and revenue growth) earnings and earnings growth.
em 1escription
entifying Risks 0n order to manage risk) an organisation needs to know what risks it faces) and to evaluatethem. 0dentifying risks is the first step in building the organisation+s risk profile.
mpact 0mpact if the risk occurs. Categories can be 8igh9/edium9Low. ther typical categories are3
4 Catastrophic (8igh*
4 /a!or (8igh*
4 /oderate (/edium*
4 /inor (Low*
4 0nsignificant (Low*
mpact Analysis 0mpact analysis is essentially a means of systematically assessing the potential impactsresulting from various events or risks.
This is intended to help you understand the degree of potential loss (and various otherunwanted effects* which could occur. This will cover not !ust direct financial loss) but other
issues) such as reputational damage.
mplication An explicit statement of work or condition needed to achieve an ob!ective or task.
direct Cost 1irect costs (labour) material) and other direct costs* that can be consistently related towork performed on a particular activity.
1irect costs are best contrasted with indirect costs that cannot be identified to a specificactivity.
herent Risk The exposure arising from a specific risk before any action has been taken to manage it.
This is the current risk rating.
novation %omething new which may lead to better services9products) achievement of ob!ectives orbetter value for money.
/any systems and processes are still paperbased and staffintensive. The underlying
assumption is that customers will fill in forms and that staff will process them by routinerather than by riskmanaged exception.
ternal Control Response) which is initiated within the organisation) to risk is called internal control and mayinvolve one or more of the following3
4 tolerating the risk6
4 treating the risk in an appropriate way to constrain the risk to an acceptable level oractively taking advantage) regarding the uncertainty as an opportunity to gain a benefit6
4 transferring the risk6
4 terminating the activity giving rise to the risk.
terventions 0nterventions should be evidence based) though the lack of conclusive evidence should not
block action proportionate to that risk.
0nterventions should tackle as directly as possible the specific failures) concerns and otherproblems identified (and the specific causes and conse$uences of the ha#ards and risks*.
8/13/2019 A_Z Risk Assessment
7/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!voluntary
xposure%ome organisations can be exposed to risks which they can do little to mitigate or preventthemselves (e.g. exposure to natural radon emissions*.
sues Typical issues in risk assessment are3
Lack of -$uipment6 Competition6 8uman -rror6 Lack of &inance6 ,reach of Contract6 Loss of
%upplier6 Poor Communication6 Theft (by employees or external*6 0nvestment 1ecisions6Terrorism6 0nsufficient %kills6 &ood %afety6
0ndustrial Relations6 0nade$uate %taffing6 -$uipment &ailure6 2nsafe "orking6 PoorRecruitment6 Computer &ailure6 Poor /anagement Controls6 and) 0nade$uate 1ocumented
Procedures.
An 0ssue is a risk which has came to fruition. This is of immediate concern and must bedealt with promptly. A key point to remember is that an issue is something that has
happened.
em 1escription
8/13/2019 A_Z Risk Assessment
8/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!em 1escription
0% /anagement 0nformation %ystems. /0% refers broadly to a computerbased system that
provides managers with the tools for organising) evaluating and efficiently running theirdepartments.
anagementevelopment All aspects of staff planning) recruitment) development) training and assessment.
anagement of Risk Risk management is the process by which an organisation reaches decisions on the steps itneeds to take to ade$uately control the risks which it generates or to which it is exposed.
Risk management covers all the processes involved in identifying) assessing and !udging
risks) assigning ownership) taking actions to mitigate or anticipate them) and monitoringand reviewing progress.
The management of risk is not a linear process6 rather it is the balancing of a number ofinterwoven elements which interact with each other and which have to be in balance witheach other.
The management of one risk may have an impact on another. /anagement actions whichare effective in controlling more than one risk simultaneously may be achievable.
arginal Cost The cost of providing the service now) based upon the investment already made.
aster %chedule A summary schedule which identifies ma!or activities and milestones.
A plan containing the main milestones which highlight key points of a pro!ect.
atrix Assessment needs to be done by evaluating both the likelihood of the risk being realised)and of the impact (or severity* if the risk is realised.
A categorisation of high) medium) low in respect of each may be sufficient) and should bethe minimum level of categorisation 5 this results in a ?x? risk matrix.
A more detailed analytical scale may be appropriate) especially if clear $uantitativeevaluation can be applied to the particular risk.
@x@ matrices are often used) with impact on a scale of insignificant minor) moderate) ma!or)
catastrophic and likelihood on a scale of rare) unlikely) possible) likely) almost certain.
There is no absolute standard for the scale of risk matrices the organisation should reach a!udgement about the level of analysis that it finds most practicable for its circumstances.
Colour (Traffic Lights* can be used to further clarify the significance of risks.
ethodology A documented process for management of pro!ects that contains procedures) definitions and
roles and responsibilities.
etrics /etrics are a set of measurements that $uantify results. Performance metrics $uantify the
units performance. Pro!ect metrics tell you whether the pro!ect is meeting its goals.
,usiness metrics define the business' progress in measurable terms.
ssion %tatement ,rief summary) approximately one or two sentences) that sums up the background)
purposes and benefits of a business or pro!ect.
odels /odels can help organisations control their complex risk management tasks.
A model is a simplified representation) usually visual) of some aspects of a system.
onitoring /onitoring might be appropriate if the ha#ard is new or unknown and its effects unclearalthough within certain boundaries (such that more limiting precautionary actions would be
un!ustified*.
Trigger points for action and targets may need to be set. There may be unintendedconse$uences of risk mitigation actions that should be reviewed. 1efinitions of success could
8/13/2019 A_Z Risk Assessment
9/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!also be established and reviewed
em 1escription
etwork Analysis
8/13/2019 A_Z Risk Assessment
10/16
8/13/2019 A_Z Risk Assessment
11/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!o!ect Pro!ects are different from Fbusiness as usual+ activities because they have a number of
distinguishing features3
4 they bring about change
4 pro!ects may offer investment opportunities
4 they have unknown elements) which therefore3
4 create risk
A Pro!ect is a defined activity with a recognised start date) end date with clearly defineddeliverables.
o!ect ,oundary The boundary of a pro!ect which is defined to indicate how the pro!ect interacts both withother pro!ects and nonpro!ect activity both in and outside of the organisation.
o!ect Lifecycle The events) from beginning to end) necessary to complete a pro!ect.
o!ect Planning Pro!ect planning is a discipline for stating how to complete a pro!ect within a certaintimeframe) usually with defined stages) and with designated resources. This often includes3
4 %etting ob!ectives (these should be measurable*
4 0dentifying deliverables
4 Planning the schedule
4 /aking supporting plans
4 0dentifying Risks
o!ect Riskanagement
A subset of pro!ect management that includes risk identification) risk $uantification) riskresponse development and risk response control in an effort to identify) analyse andrespond to pro!ect risks
em 1escription
A Euality Assurance. The process of evaluating overall pro!ect performance on a regular basisto provide confidence that the pro!ect will satisfy the relevant $uality standards.
ualitative Risknalysis
A generic term for sub!ective methods of assessing risks.
uality A trait or characteristic used to measure the degree of excellence of a product or service.
uality Criteria The characteristics of a product that determines whether it meets certain re$uirements.
uality Plan A document setting out the specific $uality practices) resources and se$uence of activitiesrelevant to a particular product) service) contract or pro!ect.
uantitativechni$ues
Euantitative techni$ues (in terms of monetised costs and benefits) and risk scores* shouldaid in risk management.
uestion A Euestion reflects the need to know or the need for clarity. Euestions should be answered.
em 1escription
AC0 chart RAC0 is a model for assigning roles and responsibilities. RAC0 (pronounced raysee*) stands
for3
4 Responsibility People who are expected to actively participate in the activity andcontribute to the best of their abilities.
4 Accountability The person who is ultimately responsible for the results.
4 Consultation People who have a particular expertise can contribute to specific decisions.4 0nform People who are affected by the activity9decision and therefore need to be kept
8/13/2019 A_Z Risk Assessment
12/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!informed) but do not participate in the effort.
A: status Traffic lights for status (Red ma!or problems) Amber little or no progress) :reen on
target*. %ome extended models also have a white (not started* and blue (completed*.
&P Re$uest &or Proposal. A bid document used to solicit proposals from prospective sellers of
products or services.&E Re$uest &or Euotation. -$uivalent to a Re$uest for Proposal but with more specific
application areas.
0 Return n 0nvestment is how much profit or cost saving is realised. An R0 calculation issometimes used along with other approaches to develop a business case for a given
proposal.
ationale The motivation behind a given principle.
ecurring Costs -xpenditures which occur on a repetitive basis.
esidual Risk The exposure arising from a specific risk after action has been taken to manage it andmaking the assumption that the action is effective.
This is the target risk rating after control measures have been implemented.
esource An item re$uired to accomplish an activity. Resources can be people) e$uipment) facilities)funding or anything else needed to perform a task.
eview Processes should be put in place to review existing risks) consider potential new risks anddeliver assurance on the effectiveness of control.
Review of risks and review of the risk management process are distinct from each other and
neither is a substitute for the other. The review processes should3
4 ensure that all aspects of the risk management process are reviewed regulary6
4 ensure that risks themselves are sub!ected to review with appropriate fre$uency6
4 make provision for alerting the appropriate level of management to new risks or tochanges in already identified risks so that the change can be appropriately addressed.
sk Risk is most commonly held to mean something to be avoided. 2ncertainty of outcome)whether positive opportunity or negative threat) of actions and events.
Risk is the chance) great or small) that damage or an adverse outcome will occur from aparticular ha#ard. 0t is the combination of likelihood and impact) including perceived
importance.
A Risk is an event which has not happened but if it does come to fruition it would adverselyaffect the outcome of the pro!ect) a deliverable) funding or timescales of the pro!ect.
sk Analysis Risk analysis is the systematic use of information to establish valid scenarios for how aha#ard could lead to harm and determine the probability of the associated adverse eventsand the magnitude of their conse$uences.
sk Assessment The evaluation of risk with regard to the impact if the risk is realised and the likelihood of
the risk being realised.
%ome types of risk lend themselves to a numerical diagnosis particularly financial risk. &orother risks for example reputational risk a much more sub!ective view is all that ispossible.
sk Avoidance Planning activities to avoid risks that have been identified.
sk /anagement Risk management is the process by which an organisation reaches decisions on the steps it
needs to take to ade$uately control the risks which it generates or to which it is exposed.
Risk management covers all the processes involved in identifying) assessing and !udging
8/13/2019 A_Z Risk Assessment
13/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!risks) assigning ownership) taking actions to mitigate or anticipate them) and monitoringand reviewing progress.
The management of risk is not a linear process6 rather it is the balancing of a number ofinterwoven elements which interact with each other and which have to be in balance with
each other.
The management of one risk may have an impact on another. /anagement actions whichare effective in controlling more than one risk simultaneously may be achievable.
sk /atrix Assessment needs to be done by evaluating both the likelihood of the risk being realised)
and of the impact (or severity* if the risk is realised.
A categorisation of high) medium) low in respect of each may be sufficient) and should bethe minimum level of categorisation 5 this results in a ?x? risk matrix.
A more detailed analytical scale may be appropriate) especially if clear $uantitativeevaluation can be applied to the particular risk.
@x@ matrices are often used) with impact on a scale of insignificant minor) moderate) ma!or)
catastrophic and likelihood on a scale of rare) unlikely) possible) likely) almost certain.There is no absolute standard for the scale of risk matrices the organisation should reach a
!udgement about the level of analysis that it finds most practicable for its circumstances.
Colour (Traffic Lights* can be used to further clarify the significance of risks.
sk /odeling /odels can help organisations control their complex risk management tasks.
A model is a simplified representation) usually visual) of some aspects of a system.
sk wner All risks) once identified) should be assigned to an owner who has responsibility for ensuringthat the risk is managed and monitored over time.
A risk owner) in line with their accountability for managing the risk) should have sufficient
authority to ensure that the risk is effectively managed.The risk owner is not usually the person who actually takes the action to address the risk.
sk Profile The documented and prioritised overall assessment of the range of specific risks faced bythe organisation.
sk Ranking Allocating a classification to the impact and likelihood of a risk.
sk Rating The results from the estimations of likelihood and 0mpact are combined into a risk rating.
Likelihood G 0mpact H Risk Rating
sk Reduction Action taken to reduce the likelihood and impact of a risk.
sk Register A file that holds all information on identifying and managing a risk.
sk Response Responding to changes in risk during a pro!ect.
1eveloping a plan of action to enhance opportunities and decrease threats.
sk Review A designated team is established (either inhouse or contracted in* to consider all theoperations and activities of the organisation in relation to its ob!ectives and to identify theassociated risks.
The team should work by conducting a series of interviews with key staff at all levels of the
organisation to build a risk profile for the whole range of activities.
sk %trategy The overall organisational approach to risk management. This should be documented andeasily available throughout the organisation.
sk Transfer A contractual arrangement between two parties for delivery and acceptance of a product
8/13/2019 A_Z Risk Assessment
14/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!where the liability for the costs of a risk is be transferred from one party to the other.
em 1escription
&A0RP %o &ar As 0s Reasonably Practicable
%&A0RP is a term often used in the 8ealth and %afety at "ork Act and in Regulations.
" %tatement f "ork. A description of product and service to be procured under contract6 astatement of re$uirements.
RP %ummary Risk Profile
%RP is a simple mechanism to increase visibility of risks. 0t is a graphical representation ofinformation normally found on a risk register.
This graph should be updated in line with the risk register on a regular basis. The profileshows risks in terms of probability and severity of impact with the effects of mitigatingaction taken into account.
The %RP is often referred to as a probability9impact matrix.
The position of the risk tolerance line on the matrix would depend on the organisation andits pro!ect.
"T analysis %ketch out your %trengths) "eaknesses) pportunities and Threats.
cope %ome organisations may be fairly insular in their risk identification processes if they perceivethat the ma!or element of risk arises from within the organisation.
ther organisations may need to consider a much wider scope if they consider that theymay face risks from a wider environment.
1epending on the nature of the organisation+s business risk identification may range fromalmost exclusively internal activity to activity that depends on international information.
The scope can be defined as the sum of work content of a pro!ect. 0t can also be the limitsof a persons assigned tasks or deliverables on a pro!ect or the limit of pro!ect deliverables.
elfAssessment An approach by which each level and part of the organisation is invited to review itsactivities and to contribute its diagnosis of the risks it faces.
This is often effectively conducted through a workshop approach with skilled facilitators.
A particular strength of this approach is that better ownership of risk tends to be established
when the owners themselves identify the risks.
elfinsurance A decision to bear the losses that could result from a disruption to the business as opposedto taking insurance cover on the risk.
takeholders A person having an interest in some aspects of the organisation (or pro!ect*.
Risk management actions) which appear good value and effective in the abstract) may not
be acceptable to stakeholders.
0t is important to communicate with stakeholders about the way in which the organisation ismanaging risk to give them assurance that the organisation will deliver in the way whichthey expect.
tandard A welldefined convention or measure which must be complied with.
trategy The overall organisational approach to risk management. This should be documented andeasily available throughout the organisation.
trawman A person used as a cover for some $uestionable activity.
ystems Risk 1isruption and outright system failures in both internal and outsourced operations.
8/13/2019 A_Z Risk Assessment
15/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!em 1escription
arget 1ate 1ate imposed on an activity or pro!ect.
ask Also called an activity. Tasks take place over a period of time and generally consumes
resources.
erminate Risks %ome risks will only be treatable) or containable to acceptable levels) by terminating theactivity.
This option can be particularly important in pro!ect management if it becomes clear that the
pro!ected cost 9 benefit relationship is in !eopardy.
errorism Risksurance
Compensation for losses resulting from acts of terrorism.
est Plan A document describing the scope) approach) resources) and schedule of intended testingactivities.
0t identifies test items) the features to be tested) the testing tasks) who will do each task)and any risks re$uiring contingency planning.
est %cript Commonly used to refer to the instructions for a particular test that will be carried out by anautomated test tool.
me %heet A means of recording the actual effort expended against pro!ect and nonpro!ect activities.
o1o list A To1o list is a list of tasks. -ach user has a To1o list.
This can comprise) but is not limited to) tasks in a pro!ect plan) actions from meeting) issuesto be resolved) risks to be managed or tasks delegated through line management.
olerability Level The amount of risk which is !udged to be tolerable and !ustifiable can be called the risktolerability level.
An accepted level of risk in order to achieve certain benefits.
olerable Risk A risk may be tolerable without any further action being taken.
-ven if it is not tolerable) ability to do anything about some risks may be limited) or the costof taking any action may be disproportionate to the potential benefit gained.
0n these cases the response may be to tolerate the existing level of risk. This option may besupplemented by contingency planning for handling the impacts that will arise if the risk isrealised.
op Ten The most important risks that an organisation is currently facing.
otal Cost fwnership (TC*
Calculated including depreciation) maintenance) staff costs) accommodation) and plannedrenewal.
racking Collecting actual time) cost and resource information.
ransfer Risks &or some risks the best response may be to transfer them. This might be done byconventional insurance) or it might be done by paying a third party to take the risk in
another way.
This option is particularly good for mitigating financial risks or risks to assets.
The transfer of risks may be considered to either reduce the exposure of the organisation orbecause another organisation is more capable of effectively managing the risk.
rust People tend to be more concerned if) not having personal control over the risks involved)
they also do not trust those responsible for managing the risk on their behalf.
People may be concerned about a risk because of the organisation general reputation) evenif there is no evidence that the risk in $uestion has been mismanaged or poorly regulated.
8/13/2019 A_Z Risk Assessment
16/16
Petroleum Refining& Petrochemical Eng. Dept. Third Year Students
Industrial Safety in Chemical Industries RPE 3!Trust only develops over time) and can $uickly be lost.
em 1escription
ncertainty ,oth ha#ards and risks are often sub!ect to uncertainty.
2ncertainty is the condition in which the number of possible outcomes is greater than the
number of actual outcomes and it is impossible to attach probabilities to each possibleoutcome.
&or instance) the harmful effects of a ha#ard may be only estimated within a certain range6
and the probability of a harm occurring may not be known.
Risk assessments should include an analysis of potential uncertainty surrounding the riskestimate) which may be substantial if risks are unpredictable or evidence is weak.
rgency /easure of the business criticality of an incident or problem based on the impact and on thebusiness needs of the Customer.
ser A 2ser is a persons uni$ue identification (01* on the system.