Add to collection(s) Add to saved
  1. Math
  2. Statistics And Probability
  3. Probability

Risk - ATAC

Safety Management Systems
March 21, 2011
Operational Risk Assessment and Control
Version 1
Definitions
Page 1
OPERATIONAL RISK ASSESSMENT AND
CONTROL
One of the main tools that one can use when setting up an operational risk assessment and control system is to try
and catalogue the various identified risks that you have in your operation.
DEFINITIONS
Assumption
Avoidance
Accepting the risk and proceeding.
Use of an alternative approach that does not have as high a level of risk.
Consequence
The possible negative outcomes of the current conditions that are creating
uncertainty.
a source of potential harm, or a situation with a potential for causing harm,
in terms of human injury; damage to health, property, the environment, and
other things of value; or some combination of these.
A table used in the prioritizing of analyzed risks
The analysis of a hazard by estimating its probability and severity, the result
of which is the Risk Index.
The measures to eradicate the hazard or to reduce the probability or the
severity of a risk, thereby reducing the Risk Index.
Possible action, such as procedural or equipment changes that are use to
lower the risk index.
An expression of how likely the risk is to cause loss, damage, or injury.
The potential consequences of a hazard, measured in terms of severity and
probability
Controlling risks involves the development of a risk reduction plan and then
tracking to the plan.
The sum of all proactive management-directed activities that are intended to
acceptably accommodate the possibility of failure.
A systematic way of identifying, analyzing, and managing risks.
Hazard
Hazard Matrix
Hazard Risk Index
Mitigation
Potential Remedial Action
Probability
Risk
Risk Control
Risk Management
Risk Management Process
System Safety
A risk management process wherein a systematic process is employed to
identify and control risks throughout the life cycle of a project, program or
activity.
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
Safety Management Systems
Operational Risk Assessment and Control
March 21, 2011
Version 1
Definitions
System Deficiency
Severity
Terminate
Tolerate
Transfer
Treat
Page 2
The circumstances which permit hazards of a like nature to exist within a
system.
Severity is a measure of the negative impact which could result from an
occurrence caused by a hazard.
Action will be taken to immediately cease operations until acceptable
correction action is taken.
Risks that have a Risk Index so low that they will be tolerated without further
action.
An attempt to pass the risk to another entity, external or internal.
Action will be taken to correct the situation and develop mitigation activities.
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
Safety Management Systems
March 21, 2011
Operational Risk Assessment and Control
Risk
Version 1
Page 3
RISK
In all types of undertaking there is the potential for events and consequences that constitute opportunities for
benefit or threats to success. The risks facing an organization and its operations can result from factors both
external and internal to the organization. Figure 1 summarizes examples of key risks in these areas and shows that
some specific risks can have both external and internal drivers and therefore overlap the two areas.
This risk management procedure is used to deal with strategic and operational risks. Flight school operational risks
are associated with an identified hazard.
TYPES OF RISK
In the realm of risk management there are several categories under which risk can be listed. See Figure 1.
Total risk is the sum of identified and unidentified risks.
Identified risk is that risk which has been determined through various analysis techniques. The first task of risk
management is to identify, within practical/imitations, all possible risks. This step precedes determining the
significance of the risk (severity) and the likelihood of its occurrence (probability). Unacceptable risk is that risk
which cannot be tolerated by the managing activity. It is a subset of identified risk which must be eliminated or
controlled.
Once the risk analysis and risk control exercises are complete, the identified risk can be broken down into three
subsets:
Controlled risk is the risk that has been identified and control measures are in place to mitigate either the severity
or likelihood of the hazard, resulting in an acceptable level of risk.
Eliminated risk is the result of taking steps to completely eliminate the hazard. Some of the actions that can be
taken to do this are through engineering fixes or ceasing the hazardous activity or operation.
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
March 21, 2011
Safety Management Systems
Version 1
Operational Risk Assessment and Control
Page 4
Risk
Residual risk is the risk left over after risk management efforts have been fully employed. It is not necessarily the
same as acceptable risk. Residual risk is the sum of acceptable risk and unidentified risk.
Acceptable risk is the part of identified risk which is allowed to persist without further engineering or management
action.
Unidentified risk is the risk not yet identified. Some unidentified risks are subsequently identified when a mishap
occurs. Some risk is never known.
Total Risk
Residual Risk
Control
Residual
Acceptable
Unidentified
Eliminate
Figure 1
RISK MANAGEMENT PROCEDURE
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
March 21, 2011
Safety Management Systems
Operational Risk Assessment and Control
Version 1
Page 5
Risk
This risk management process has 4 activities which must be performed continuously. These 4 activities are
defined in the sections below.
RISK IDENTIFICATION
The purpose of risk identification is to identify the organization’s exposure to uncertainty. Risk Management is the
direct responsibility of all staff and students at the flight school. Throughout all operations all operational
personnel will continuously watch for hazardous conditions or situations that may be occurring or developing.
Operational personnel are required to take appropriate action to ensure the safe completion of the operation in
question.
Risk identification is a methodical way to ensure all significant activities within the organization have been
identified and all risks and potential hazards flowing from these activities are defined. As shown in Figure 2 risks
can originate both internally and externally.
Potential areas of risks include but are not limited to:
Schedule
Students
Facility
Customers
Competitors
Sales
OEM
Resources
Technical
Quality
Market
Financial
Process
Manufacturing
Maintenance
Sub Contractors
Equipment
Aircraft
Hardware
Communication
Purchasing
Health & Safety
Software
Environmental
Regulatory
Design
Training
Technology
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
Safety Management Systems
Operational Risk Assessment and Control
Risk
March 21, 2011
Version 1
Page 6
Figure 2
Techniques to identify risks and hazards include structured or unstructured brainstorming, interviews, and
voluntary reporting. It is a good idea to condense related statements into one risk item and the categorize
statements with common factors such as subject matter, risk owner, type of safety issue, type and focus of risk
control action, or other appropriate categories.
Risk statements should include what could possibly occur and a brief description of the perceived consequences.
Additional contextual information may be recorded which would capture circumstances, events, safety issues, and
interrelationships within the business or program.
RISK ANALYSIS
In performing risk analysis the initial risk statement(s) should be expanded into a complete risk description. The
components of a complete risk description are defined in Table 1 below.
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
Safety Management Systems
Operational Risk Assessment and Control
Risk
March 21, 2011
Version 1
Page 7
If current methods to manage the risk appear to be inadequate then personnel who have the knowledge,
expertise, background, and resources to effectively deal with risks are responsible for developing the risk
mitigation plans. The components of risks mitigation planning are:
Determine approach:
1.
2.
3.
4.
5.
6.
Can the impact of the consequences be accepted?
Can the risks be transferred to a group more equipped to handle the risk?
Is it necessary to take immediate action?
Are their mitigation actions that can be taken to reduce the possibility of occurrence or reduce the
impact? Examples of risk reduction actions would be increasing staffing or obtaining schedule relief.
Is there a hazard to life or property?
Should all operations be stopped?
Define additional resources required, if any
Assign risk owner
Define criteria for closure and closure date,
Set specific review dates for risks review and go/no-go decisions or contingency planning
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
Safety Management Systems
Operational Risk Assessment and Control
Risk
March 21, 2011
Version 1
Page 8
RISK DESCRIPTION
Selected management actions should be documented in the complete Risk Description:
Name of Risk
Risk Owner
Scope of Risk
Nature of Risk
Stakeholders
Quantification of Risk
Risk Tolerance
Risk
Treatment
&
Control Mechanisms
Revised Quantification
of Risk
Potential Action
Improvement
for
Assumptions for
Quantification of Risk
and Revised
Quantification of Risk
The risk should be given a descriptive name to help identify it.
Person(s) or area responsible to implement action plans and monitor risk
reduction activities
Qualitative description of the events, their size, type, number, and
dependencies
Ex.
Strategic,
financial,
operational,
technological,
compliance,
communication, resources, schedule, etc.
Stakeholders and their expectations
Significance and Probability
Loss potential & financial impact of risk
Probability and size of potential losses/gains
Objective(s) for control of the risk
Means by which the risk is currently managed
Confidence in existing controls to manage risk
Identification of opportunities for monitoring and reviewing current methods
Using the results of the Risk Treatment and Control Mechanisms, a revised
Quantification of Risk is estimated to ensure that the risk is at an acceptable
level.
Recommendations to reduce the risk in the future. This is not required in the
short term. This can be viewed as actions that may be considered at a future
date.
All assumptions made in the quantification of risk should be listed here. This
will better explain how certain values were established.
Table 1 Risk Description
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
Safety Management Systems
Operational Risk Assessment and Control
Risk
March 21, 2011
Version 1
Page 9
RISK ESTIMATION AND PRIORITIZATION
Risk estimation is performed for each risk to quantify the severity of consequences or impact and likelihood of
occurrence.
SEVERITY:
Category
Severity
1
Catastrophic
2
Serious
3
Marginal
4
Negligible
Characteristics
The existence of the site or business is in danger. Mission and/or
strategy not completed. Death, loss of life or aircraft.
Significant impact on financial, strategic, and/or organization
activities.
Significant impact on regulatory compliance or customer
satisfaction
Serious increase in costs, severe injury or damage to equipment
Meaningful impact on financial, strategic, and/or organization
activities
Moderate impact on regulatory compliance or customer
satisfaction
Moderate impact on schedule and/or increase in costs
Minor injury or damage to equipment
Some but very limited impact on financial, strategic, and/or
organization activities
Low stakeholder concern
No meaningful effects over time
No injury or damage to equipment
PROBABILITY OF OCCURRENCE:
Category
Estimation
Description
A
Frequent
Highly probable will occur again.
91-100%
B
Probable
Likely to occur in a relatively
short period of time or between
41 and 90%.
C
Possible
Likely to occur in a lengthier
time period or between 21 to
40% chance of occurrence.
D
Remote
Not likely to occur or less than a
Indicators
Has occurred several times
before and has high probability of
occurring again
Potential of it occurring several
times in a relatively short time
period or has occurred recently
Could occur one of more times
over a period of time, could be
difficult to control, has this ever
occurred in the past?
Has not occurred and is not likely
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
March 21, 2011
Safety Management Systems
Version 1
Operational Risk Assessment and Control
Page 10
Risk
E
Improbable
20% chance of occurrence.
Adequate controls are in place
to prevent the likelihood of
occurrence.
So unlikely it can be assumed
occurrence
may
not
be
experienced. Less that 0.5%
probability of occurrence.
to occur.
Has not occurred
probably not occur
and
will
RISK PROFILE
Based on the combination of impact and likelihood of occurrence the risk profile is created which ranks each
identified risk so as to give a view of the relative importance or the risk.
Risk Index
(A) Frequent
(B) Probable
(C) Possible
(D) Remote
(E) Improbable
1
Catastrophic
1A
1B
1C
1D
1E
2
Serious
2A
2B
2C
2D
2E
3
Marginal
3A
3B
3C
3D
3E
4
Negligible
4A
4B
4C
4D
4E
RISK RESPONSES
Defined below are the possible responses to the risk indices:
Risk Index
Response
Cease operation immediately. Operations suspended until corrective action taken
to lower HRI to a lower color coding
Increased supervision or controls required before any further operation. This is
1C, 2B, 3A
temporary (short term mitigation) only and the hazard is to be formally addressed
within 30 days to develop long term mitigation.
Increased supervision or controls required before any further operation. This is
1D, 2C, 2D, 3B, 3C
temporary (short term mitigation) only and the hazard is to be formally addressed
within 90 days to develop long term mitigation.
Operation can continue. Hazard will be reviewed on operational audits and/or
safety reviews. System and activities to be monitored during normal operations
1E, 2E, 3D, 3E, 4A, 4B
for possible change in HRI due to changes of procedures, resources, equipment,
etc.
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
1A, 2A, 1B
Safety Management Systems
Operational Risk Assessment and Control
Version 1
Page 11
Risk
4C, 4D, 4E
March 21, 2011
Current HRI requires no further action.
RISK MONITORING AND REPORTING
Periodic reviews are conducted to review for the occurrence of new risks and to review the affectivity of risk
mitigation plans.
The risk management status report should include:
1.
2.
3.
The prioritized list of current risk items
The mitigation plan for each risk, and
The mitigation status or each risk item.
SAMPLE RISK TABLE
Name of Risk
Risk Owner
Scope of Risk
Nature of Risk
Stakeholders
Quantification of Risk
Risk Tolerance
Risk Treatment and Control
Mechanisms
Weather related – Lack of Operational Control
Director of Flight Operations
 Missing Weather information
 Weather General
 Excessive Crosswinds
Operational, compliance, resources, financial, schedule
School and students
2C
Lack of operational control, in regards to proper weather information dissemination
and use, can lead to missions being launched without required information or
meeting pertinent regulations and operational standards. Results can range from
aborted flights and missed rescheduling opportunities to occurrences to accidents.
 Multiple computers, in sufficient numbers, with proper internet access
available in flight planning.
 Student’s weather packages to be checked by authorizing instructor as per
FTOM 5.4.4.
 Flight Watch procedures to be followed as per company policy number
xxxx.
 Spot check by standard’s department on a regular basis not to exceed 28
calendar days.
 Any missions negatively affected by weather will be reported to the safety
officer for review.
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
Safety Management Systems
Operational Risk Assessment and Control
Version 1
Page 12
Risk
Revised Quantification of
Risk
Potential
Action
for
Improvement
March 21, 2011
3D
Incorporate any lessons learned by the safety officer reviewing weather related
problems into ground school briefings.
_____________________________________________________________________________________________
Copyright © Doiron Aviation Consulting.
All rights reserved. This document may not be duplicated, scanned, digitized or copied in any way without the
written permission of Doiron Aviation Consulting.
Related documents
speed and capacity of air travel
speed and capacity of air travel
Daily Flight Crew Briefing Checklist
Daily Flight Crew Briefing Checklist
Task Hazard Analysis Worksheet
Task Hazard Analysis Worksheet
Advanced Aviation Technology Course * Airport
Advanced Aviation Technology Course * Airport
Affecting Voluntary Reporting Across Many Cultures
Affecting Voluntary Reporting Across Many Cultures
The-PennDOT-Bureau-of-Aviation-is-once-again-partnering
The-PennDOT-Bureau-of-Aviation-is-once-again-partnering
Form for reporting violation of confidentiality and IPR - EASA
Form for reporting violation of confidentiality and IPR - EASA
Download