Guides the reader through a risk assessment and shows them the proper tools to be used at the various steps in the process
This brand new edition of one of the most authoritative books on risk assessment adds ten new chapters to its pages to keep readers up to date with the changes in the types of risk that individuals, businesses, and governments are being exposed to today. It leads readers through a risk assessment and shows them the proper tools to be used at various steps in the process. The book also provides readers with a toolbox of techniques that can be used to aid them in analyzing conceptual designs, completed designs, procedures, and operational risk.
Risk Assessment: Tools, Techniques, and Their Applications, Second Edition includes expanded case studies and real life examples; coverage on risk assessment software like SAPPHIRE and RAVEN; and end-of-chapter questions for students. Chapters progress from the concept of risk, through the simple risk assessment techniques, and into the more complex techniques. In addition to discussing the techniques, this book presents them in a form that the readers can readily adapt to their particular situation. Each chapter, where applicable, presents the technique discussed in that chapter and demonstrates how it is used.
* Expands on case studies and real world examples, so that the reader can see complete examples that demonstrate how each of the techniques can be used in analyzing a range of scenarios
* Includes 10 new chapters, including Bayesian and Monte Carlo Analyses; Hazard and Operability (HAZOP) Analysis; Threat Assessment Techniques; Cyber Risk Assessment; High Risk Technologies; Enterprise Risk Management Techniques
* Adds end-of-chapter questions for students, and provides a solutions manual for academic adopters
* Acts as a practical toolkit that can accompany the practitioner as they perform a risk assessment and allows the reader to identify the right assessment for their situation
* Presents risk assessment techniques in a form that the readers can readily adapt to their particular situation
Risk Assessment: Tools, Techniques, and Their Applications, Second Edition is an important book for professionals that make risk-based decisions for their companies in various industries, including the insurance industry, loss control, forensics, all domains of safety, engineering and technical fields, management science, and decision analysis. It is also an excellent standalone textbook for a risk assessment or a risk management course.
Introduction to Risk Assessment
On any given day, in every corner of the world, people are actively working, going to school, driving or taking mass transit to work, relaxing at home or on vacation, or even working at home. Some people are even finding the time to sleep. Those who are working perform jobs that range from cleaning animal kennels to serving as the head of state of a country. Every job, in fact every activity a human performs, has a hazard associated with it. The common hazards we all are exposed to include:
- Slips, trips, and falls.
- Illness and disease.
- Food-borne illness.
- Transportation: car accidents, pedestrian accidents, and bicycle accidents.
- Sports: organized sports (football, basketball, soccer) accidents and individual sports accidents (skiing, water sports, skate boarding).
- Electrical-related accidents.
- Weather-related accidents.
- Identity theft.
- Internet intrusion.
On top of these more common hazards are specific/major hazards. For example, cleaning animal cages include:
- Being attacked by the animal.
- The bacteria, viruses, and parasites that might be in the animal waste.
- The design of the cage might pose problems: size, shape, material of construction, and sharp edges.
- The maintenance of the cage might pose problems: cleanliness, jagged metal or wood, and faulty locks/latches/gates/door.
- The condition of the floor.
- The electrical and/or HVAC system in the building.
- The building environmental conditions.
The major hazards associated with being a head of state include:
- Stress from decision making.
- Stress from the potential for war.
- Stress from political rivals.
- Potential for assassination.
- Potential for transportation accidents: airplane crashes (i.e. the President of Poland died in an airplane crash in Russia in 2010 (1).).
Hazardous occupations, for instance, firefighting, have numerous hazards associated with day-to-day activities. Risk assessment tools and techniques can be used to analyze individual jobs for risks. It is obvious that every activity the president does is analyzed for hazards. Jobs or tasks like firefighter, chemical plant worker, electrician, and even office workers are usually analyzed using tools such as job hazard analysis (2).
The focus of this book is analyzing complex systems, tasks, and combinations of tasks for hazards and the associated risks. Most of the major accidents that occur each year result from a series of events that come together in an accident chain or sequence and result in numerous deaths, environmental consequences, and property destruction. These accidents can occur anytime in the system's life cycle. One of the events from history that demonstrates this is the sinking of the Swedish ship Wasa (pronounced Vasa) on 10 August 1628 (3). The ship was fabricated between 1626 and 1628. In those days engineering of the ships was performed by the shipwright and he used his experience to determine factors such as the center of mass and the amount of ballast the ship should have. Because of various events, pressure was put on the shipbuilders to complete the ship ahead of the planned delivery time. The ship was completed and ready for sail on 10 August 1628. The ship was very ornately decorated and was heavily laden with armament. As the ship left port on its maiden voyage on that calm morning, a gust of wind hit the ship, filling her sails. The ship heeled to port and the sailors cut the sheets. The ship righted itself, but then another gust of wind hit the ship and it tipped to port far enough that water entered the gun ports. This was the event that led to the loss of the ship and approximately 30-50 lives. However, the loss of the ship was probably due to one of two design flaws: first the ship was probably too narrow for its height and, second, the ship did not carry enough ballast for the weight of its guns on the upper decks. A contributing factor was the height above sea level of the gun ports that allowed water to enter the ports when the ship listed to port. Since, as stated above, engineering of ships was more seat of the pants than a systematic design process, the real reason(s) for the disaster could only be speculated. The ship was raised from her watery grave in 1959 and has since been moved to a beautiful museum facility in Stockholm. The ship itself can be studied, but other factors such as whether the guns were properly secured, how many provisions were on the ship, and so forth will remain a mystery. Accidents can occur in any phase of a system's life cycle. For the Wasa accident, it occurred in the ship's initial phases.
A much more recent accident occurred on 23 February 2018, in Dallas, Texas, in which Atmos Energy, the country's largest natural gas distributor, caused an explosion and fire via a natural gas leak, killing one 12-year-old girl and injuring others (4). Atmos Energy also operates in Colorado, Kansas, Kentucky, Tennessee, Virginia, Louisiana, and Mississippi. The incident involved piping that leaked due to pressure on the piping. The accident investigators found that heavy rain caused underground pressure that pushed rock formations upward, which in turn caused pressure on the system, which caused the leakage. Aging pipes have since been replaced with a more flexible, high-grade plastic. Weather and aging pipes were the primary drivers in the event.
Risk assessment tools and techniques, if applied systematically and appropriately, can point out these types of vulnerabilities in a system. The key term here is "systematic." A risk assessment must be systematic in nature to be most effective and should begin early in the life cycle of complex systems. Preliminary hazard analysis (PHA) is an example of a tool that can be applied at the earliest phase of system development. As the design of a system progresses, other tools can be applied, such as failure mode and effects analysis (FMEA) and fault tree analysis (FTA). Probabilistic risk assessment (PRA) and human reliability analysis (HRA) are techniques used to analyze very complex systems. These tools usually require a well-developed design, an operating philosophy, and at least working copies of procedures to provide enough material to perform analyses. However, even mature systems benefit from risk assessments. The analyses performed on the Space Shuttle program after the Columbia accident are a good example (5). These assessments pointed out vulnerabilities of the spacecraft that were previously unidentified or viewed as being not as important.
Using the Six Sigma/total quality management philosophy of continuous improvement, risk assessment techniques applied throughout the design life of a system can provide insights into safety that might arise at various points of the system life cycle (6). Reliability engineers use the bathtub curve to illustrate the classic life cycle of a system (Figure 1.1) (7). In the first part of a system's life, there is a higher potential for early failure. The failure rate then decreases to steady state until some point in the future when systems wear out or old age failure occurs.
FIGURE 1.1 Bathtub curve.
Manufacturers usually warranty a system (a car, for instance) for the period of time from birth till just before system wears out. This way they maximize their public image while minimizing their risks or obligations.
Risk analysts are also interested in such curves, but from a safety perspective. Accidents commonly occur early in a system's life cycle because of several reasons including:
- Mismatch of materials.
- Hardware/software incompatibilities.
- Lack of system understanding.
- Operator inexperience or lack of training.
The system then enters a long phase of steady-state operation that as long as no changes perturbate the system, it remains safe. In later system life, accidents occur for the same reason as why systems wear out - components wear out. However, in terms of accident risk when a component fails in old age, it might lead to a catastrophic failure of the system, for instance, the Aloha Flight 243 accident (8). In this case the aircraft structure had become fatigued with age and failed during takeoff. In addition, latent conditions can lay dormant for many years in a system (9). These conditions could be a piece of bad computer code or a piece of substandard pipe that when challenged leads to failure. Performing risk assessments on systems throughout their life cycle can help elucidate these vulnerabilities. Once these vulnerabilities are found, measures can be taken to eliminate them and/or measures can be taken to mitigate the consequences of failures. This is the most important step of any risk assessment, that is, eliminating the vulnerabilities and reducing the risk of a system.
Risk assessment terminology will be presented throughout the book. However, at this time several key terms will be defined.
Risk has been defined many ways and for the purposes of this book risk is defined as "the probability of an unwanted event that results in negative consequences." Kaplan and Garrick use a set of three questions to define risk (10):
- What can go wrong?
- How likely is it?
- What are the consequences?