Georgi Popov - Risk Assessment

Risk Matrix:

Tool for ranking and displaying risks by defining ranges for consequence and likelihood. (ISO Guide 73/ANSI/ASSP Z690.1‐2011)

Risk Profile:

Description of any set of risks. (ISO Guide 73/ANSI/ASSP Z690.1‐2011)

Risk Priority Number:

A combined risk score of three or more risk factors such as severity, probability, and exposure or prevention effectiveness to produce a priority number used in risk ranking. (Authors)

Risk Professional:

A person skilled, knowledgeable, and experienced in the risk assessment and management process. (Authors)

Risk Reduction:

That part of the risk assessment process involving the elimination of hazards or selection of other appropriate risk reduction measures (protective measures) to reduce the probability of harm or its severity. (ANSI B11.0‐2020)

Risk Reduction Measure (Protective Measure):

Any action or means used to eliminate hazards and/or reduce risks. (ANSI B11.0‐2020)

Risk Register:

Record of information about identified risks. (ISO Guide 73/ANSI/ASSP Z690.1‐2011)

Risk Retention:

Acceptance of the potential benefit of gain, or burden of loss, from a particular risk. (ISO Guide 73/ANSI/ASSP Z690.1‐2011)

Risk Source:

Element which alone or in combination has the potential to give rise to risk. (ANSI/ASSP/ISO 31000‐2018)

Risk Tolerance:

Organization's or stakeholder's readiness to bear the risk after risk treatment in order to achieve its objectives. (ISO Guide 73/ANSI/ASSP Z690.1‐2011)

Risk Treatment:

Process to modify risk. (ANSI/ASSP/ISO 31000‐2018)

Safe:

“Safe” is viewed as having reached a level of acceptable or minimal residual risk. (ANSI/ASSP Z10.0‐2019)

Deciding that a thing is safe or not safe requires judgments of whether the probability of an undesired incident occurring and the severity of its outcome are acceptable. (Manuele 2013)

The state of being protected from recognized hazards that are likely to cause physical harm. There is no such thing as being absolutely safe, that is, a complete absence of risk. (Whiting 2013)

Safe‐Work Procedure(s):

Formal written documentation developed by the user that describes steps that are to be taken to safely complete tasks where hazardous situations may be present or hazardous events are likely to occur. (ANSI B11.0‐2020)

Safety:

Freedom from unacceptable risk. (ANSI/ASSP Z590.3‐2011(R2016))

Safety Professional:

Trained individual dedicated to the protection of people, assets, and the environment. (Authors)

Severity (of Consequence):

An estimate of the magnitude of harm or damage that could reasonably result from a hazard‐related incident or exposure. (ANSI/ASSP Z590.3‐2011(R2016))

The magnitude of potential consequences of a mishap to include: death, injury, occupational illness, damage to or loss of equipment or property, damage to the environment, or monetary loss. (MIL‐STD‐882E‐2012)

Author’s Cautionary Note: The author recommends not using emotive subjective and judgmental descriptors for Severities of Consequences. It is appropriate to use such terms for sizes or levels of risk when deciding priorities for risk treatment, e.g. if desired, the term “Catastrophic” could be used instead of “High” in the A1 cell of the matrix. But if used with Consequence Severities, there is an expectation to consider tolerability based on Consequence alone. Using them with severities encourages the restrictive and inappropriate practice of decision‐making based ONLY on Consequence Severity instead of Risk [Both Likelihood AND Consequence R = L * C]. (Whiting 2013)

Stakeholder:

Person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity. (ANSI/ASSP/ISO 31000‐2018)

Person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity. (ANSI/ASSP/ISO 45001‐2018)

Standard:

A required or recommended practice endorsed by a credible organization. (Authors)

Strategic Risks:

Risks that arise from trends in the economy and society, including changes in the economic, political, and competitive environments, as well as from demographic shifts. (The Institutes)

Supplier:

Any entity that provides or makes available equipment, material, or professional services. (ANSI/ASSP Z590.3‐2011(R2016))

An individual, corporation, partnership, or other legal entity or form of business that provides equipment or services. (ANSI B11.0‐2020)

System:

An integrated composite of people, products, and processes that provide a capability to satisfy a stated need or objective. (ANSI/ASSP Z590.3‐2011(R2016))

The organization of hardware, software, material, facilities, personnel, data, and services needed to perform a designated function within a stated environment with specified results. (MIL‐STD‐882E‐2012)

System Safety:

The application of engineering and management principles, criteria, and techniques to achieve acceptable risk within the constraints of operational effectiveness and suitability, time, and cost throughout all phases of the system life cycle. (MIL‐STD‐882E‐2012)

Task:

Any specific activity that is done on or around the machine during its life cycle. (ANSI B11.0‐2020)

Threat:

Potential source of danger, harm, or other undesirable outcome. (ANSI/ASSP/ISO 31010‐2019)

Often used in security‐related concerns, a threat is an indication of an approaching or imminent menace. A threat is a negative event that can cause a risk to become a loss, expressed as an aggregate of risk, consequences of risk, and the likelihood of the occurrence of the event. A threat may be a natural phenomenon such as an earthquake, flood, storm, or a man‐made incident such as fire, power failure, sabotage, etc. (adapted from Businessdictionary.com). Anything that might exploit a vulnerability of an asset. Examples include arson, theft, cyber‐attacks, sabotage, and terrorism (Rausand, 2011).

Trigger:

An event or action that initiates the exposure to a hazard allowing a pathway to a mishap. (Authors)

User:

An individual, corporation, partnership, other legal entity or form of business that utilizes a machine, machine production system, or related equipment. (ANSI B11.0‐2020)

Validation:

Final testing on the as‐built machine to confirm that the safety functions operate as designed to meet the requirements of the risk assessment. (ANSI B11.0‐2020)

Verification:

The process of checking that the design and development outputs have met the requirements of the risk assessment during the design phase. (ANSI B11.0‐2020)

Vulnerability:

Degree to which an asset is susceptible to harm, degradation, or destruction by being exposed to a hazard (adapted from Businessdictionary.com). A weakness of an asset that can be exploited by one or more threat agents. Vulnerability refers to the security flaws in a system that allow an attack to be successful (Rausand 2011).

Warning:

A means used to call attention to a hazard. (ANSI B11.0‐2020)

Workplace:

Place under the control of the organization where a person needs to be or to go for work purposes. (ANSI/ASSP/ISO 45001‐2018)