How system definition and interdependencies allow transparent, and scalable Risk Assessments.
Apr 16th, 2015
System definition and interdependencies allow transparent, and scalable Risk Assessments
Any civil or military system, consists of nodes (Fig. 1) which receive, process or transform, and produce resources. The nodes are generally interdependent, as we shall see later in detail. By defining the system the context of the risk assessment is defined in compliance with ISO 310000.

Fig. 1 Schematic representation of a generic node. The dotted arrows are there to back the rigor of the exercise, showing that system’s interdependencies are generally bidirectional. One flow direction is usually dominant in the generation of risk. The resources marked by the “internal loop” are those sometimes generated by processes within a node, but not going out as node’s outbound resource (products). Their inclusion can be practical, at the macro level in many industrial/construction processes where, for example, energy is generated within a process and recovered to assist in the production of the outgoing resource.
The system’s architecture must be carefully studied by people who intimately know the system . Risk assessment experts can only offer support in this phase as they do not know the structure’s intricacies. However, they may, in specific cases, help customers to solve and simplify the model to reflect reality while remaining as simple as possible.
The study begins by defining all the types of primary nodes. Then, the secondary ones are defined (Fig. 2) and so on, depending on the required level of detail. This procedure can be repeated to the local, micro levels, understanding it could go down to nano, pico, etc. In a preliminary phase the definition will probably stop at secondary level. The scalability of the model will thereafter allow to zoom in one or other of the nodes (or all) to set details depending on the needs.

Fig. 2 An example of secondary nodes drawn from a Air Force Base analysis. Just three secondary nodes are displayed. All interdependencies among the three secondary nodes are displayed. “Internal loops” generate the same set of internal processes and resources.
The system description is completed when the incoming resources, produced, processed, transported and the outgoing ones are listed in each node. In this phase it will be necessary to use engineering good sense and modelling tact in order to prepare lists compatible with the level of detail required by the customer and not to paralyze the work. The scalability of the system will eventually allow refining the descriptions.
The definition of the source of the resources and client-nodes allows processing in a reasonable manner the system’s interdependencies (internal-external).
Interdependencies between nodes (of given levels) have to be processed in a simple, but effective way, in order to avoid a “paralysis by analysis”.
Once the system is so defined it is easier to identify hazards on nodes and resources, thus setting up the first steps or a clean and well balanced risk and hazard register.
Tagged with: Air Force Base analysis, identify hazards, interdependencies, ISO 310000, resources, risk and hazard register
Category: Consequences, Risk analysis, Risk management, Uncategorized
Leave a Reply