|
A systematic approach to process improvement requires proactively searching for
opportunities to improve the process at every step, not simply identifying
deficiencies after an undesired event. The steps in the system safety process are
depicted graphically in the graphic below. It is a formal, but flexible, process that
generally follows the steps in the FAA Safety Risk Management Order (8040.4).
1. Define Objectives
The first step in the system safety process is to define the objectives of the
system under review. These objectives are typically documented in business plans
and operating specifications
2. System Description
A description of the interactions among people, procedures, tools, materials,
equipment, facilities, software, and the environment. This also includes
descriptions of data available
3. Hazard Identification: Identify Hazards and Consequences
Potential hazards may be identified from a number of internal and external sources.
Generally, hazards are initially listed on a Preliminary Hazard List (PHL), then
grouped by functional equivalence for analysis. Prior to risk analysis you must
also include the consequence (undesired event) resulting from the hazard scenarios.
Hazard scenarios may address the following: who, what where, when, why and how.
This provides an intermediate product that expresses the condition and the consequences
that will be used during risk analysis.
4. Risk Analysis: Analyze Hazards and Identify Risks
Risk analysis is the process whereby hazards are characterized for their likelihood
and severity. Risk analysis looks at hazards to determine what can happen when.
This can be either a qualitative or quantitative analysis. The inability to
quantify and/or the lack of historical data on a particular hazard does not exclude
the hazard from the need for analysis. Some type of a risk assessment matrix is
normally used to determine the level of risk.
5. Risk Assessment: Consolidate and Prioritize Risks
Risk assessment is generally defined as the process of combining the impacts of
risk elements discovered in risk analysis and comparing them against some
acceptability criteria. Risk assessment can include the consolidation of risks
into risk sets that can be jointly mitigated, combined, and then used in decision making.
Risk management is defined as the process by which risk assessment results
are integrated with political, social, economic, and engineering considerations for
decisions about need/methods for risk reduction.
6. Decision Making: Develop Action Plans
This step begins with the receipt of a prioritized risk list. Review the list
to determine how to address each risk, beginning with the highest prioritized risk.
There are four basic options for dealing with risk: transfer,
eliminate, accept, or mitigate (TEAM).
Generally, design engineering follows the "safety order of precedence:"
-
1) Design for minimum risk,
-
2) Incorporate safety devices,
-
3) Provide warning devices, or
-
4) Develop procedures and training, which may result in alternative action plans.
7. Validation and Control: Evaluate Results of Action
Plan for Further Action
Validation and control begins with:
-
(1) Evaluating the results of scheduled analyses on the effectiveness of actions taken
(to include identification of data to be collected and identification of
triggering events if possible; then developing a plan to review the data collected) and
-
(2) Determining the status of each prioritized risk. If the residual risk is acceptable,
then documentation is required to reflect the modification to the system, and the
rationale for accepting the residual risk. If it is unacceptable, an alternate action
plan may be needed, or a modification to the system/process may be necessary.
8. Modify System/Process As Needed
If the status of a risk should change, or if the mitigating action does not produce
the intended effect, a determination must be made as to why. It may be that the
wrong hazard was being addressed, or the system/process needs to be modified.
In either case, the next step is to re-enter the system safety process at the hazard
identification step.
|
