Edition 2.02019-06
INTERNATIONAL STANDARD
NORMEINTERNATIONALE
Riskmanagement-Risk assessment techniques
Management du risque-Techniques d'appreciation du risque
THISPUBLICATIONISCOPYRIGHTPROTECTED Copyright2019IEC Geneva Switzerland
AlrtsrevedUlssthissifedftsplictionybrpducedrizednafmether IECrECsmberNnlomteeintorytqseryouhveayqstonsabC copyrightrnqyboininlrittisulionecctl orbyanymeanselectranic rmchanicelincluingphotocopyingandmicrofmwithout permissnnwritingfremyour local IEC member National Committee for further intormation.
Droits de reprcduction reserves.Sauf indication contraire aucune partie de cette publication e peut etreeproduite ni ulilisee sous quelque forme que ce soit et par aucun procede.electronique ou mecanique. y pris la photocopie etlesmicrofimssansTaoord ecritdeTIEC cuduComitenational de PEC dupays dudemandeurSivous avez des questions surlecopyghtdECousivousdesine blenirdesroitssuplmnaires urcetleublicatinisezles coorcdonnoes ci-apres ou contactez le Comite national de TIEC de votre pays de residence.
IEC Central Office3 rue de Varembe CH-1211 Geneva 20Switzerland
Tel.:4122 919 0211infoec.ch
About the IEC
Intenational Standards forall electricalelectronic and related technoicgies.
About IECpublications
lalest edition a coigendum or an amendment might have been published.
IEC publications search-webstore.iec.chladvsearchform The advanced searchenables to find IEC publications byamiee I also gives infomtin on projects replaced varietyof criteria (reference number,text,tochnicaland withdrawn publioaions.
Electropedia-
The wondsleading online dictionary on electrotechnclogy.anc French withequialent ems in16 addiicnal lnguages.(IEV) online. Alsokncwn as the Inemational Electrotechnicnl Vocabulary
IEC Just Published-wobstore.lec.chjustpublished
IECGlossary-std.jec.chglossary
Stay up to dale on alnew IEC publicatons Just Published detais allnew publicationsleasedAvaleble nline ndncea month by email.
67 000 electrotechnical terminologyentries in English andpublicationsissued sinoe2002.Someenties have been French exdradled from theTems and Doions clause of IEC collectd frm earier publications of IECTC 37 77 86andCISPR.
IEC Customer Service Centre-webstore.lec.ch/cscIfyou wishtogieusyourfeedback nthispulicatinoreedCentre: salesiec.ch.
further assistance please contact the Customer Service
A propos de FIEC
Normes intemationeles pour touit ce qui a trait a Ielectricite electronique et ux technologies appenentees. La Commission Electrolechnique Inlernationale (IEC) est la premiere crganisation mondiale qui elabore ef publie des
A propos des publications IEC
Le ccntenu technique des publications |EC est ccnstamment revu. Veuillez vous assurer que vous possedez Iedition laplus recente un corigendum cu amendement peut evoir ete publle.
Lepemirdicoaredlerotechologieen geaumnde spnbe avec plusde2000artidesteinologiquesenanlaisnElectrotechnique Intenationel (IEV) en ligne. adcitionnelles. Egalement appele Vocabulaire
Recherche de publications IEC-
webstore.lec.ch/advsearchfom
ibe detudes.). Elle done ausi des infoatlons sur les Larecherche avancee pemet derouverdes publications IEC en utlisant iferents crteres (numero de nerenoe tee projets et les publicalions remplacles ou retinees.
Glossaire IEC-stdiec.chiglossary
IEC Just Published-webstore.jec.chjustpublished
publicatlons IEC perues depuis 2002.Plus ceraies entres 67 000 entrees teminologiqueslectrotechnicues.en anglais etenfranaisraiesdesaricesTeestefitonsesanlerieures extraites dos publintions des CE 37 77 86 et CISPR de TIEC.
Reslez infomesurles nouveles publications IEC Published ditalleles nouveles publletions parues. Just
Service Clients-webstore.iec.ch/csc
Si vous desirez nous donner des mentaies sur ellepublication ou si vous avez dos questions contactez-nous: salesiec.ch.
Electropedia-
INTERNATIONAL STANDARD
NORME INTERNATIONALE
Risk management-Risk assessment techniques
Managementdurisque-Techniquesd'appreciationdurisque
INTERNATIONALELECTROTECHNICAL COMMISSION
COMMISSIONELECTROTECHNIQUEINTERNATIONALE
ISBN 978-2-8322-6969-3
CONTENTS
FOREWORD. 6INTRODUCTION... Scope.. .82 1 Normative references ..9 ..93 Terms and definitions4 Core concepts .104.1 4.2 Uncertainty. Risk 10 115 Uses of risk assessment techniques 116 Implementing risk assessment. Pian the assessment. 126.1 6.1.1 Define purpose and scope of the assessment. 126.1.2 Engage with stakeholders. Understand the context. 136.1.3 6.1.4 Define objectives. 13 136.1.5 Consider human organizational and social factors 136.2 6.1.6 Manage information and develop models. Review criteria for decisions .16 146.2.1 General 166.2.2 6.2.3 Collecting information. Analysing data. 16 166.2.4 Developing and applying models 176.3 6.3.1 Apply risk assessment techniques. Overview 18 186.3.2 Identifying risk. 196.3.3 6.3.4 Determining sources causes and drivers ofrisk Investigating the effectiveness of existing controls....6.3.5 Understanding consequences and likelihood... 206.3.7 6.3.6 Analysing interactions and dependencies..... Understanding measures of risk.. 226.4 Review the analysis... 256.4.1 6.4.2 Verifying and validating resuls. Uncertainty and sensitivity analysis .25 256.4.3 Monitoring and review... .266.5 6.5.1 Apply results to support decisions. Overview 26 266.5.2 Decisions about the significance of risk .276.6 6.5.3 Record and report risk assessment process and outes Decisions that involve selecting between options. .27 .287 Selecting risk assessment techniques. 287.1 Selecting techniques.. General. 28Annex A (informative) Categorization of techniques..... 7.2 31 29A.1 Introduction to categorization of techniques .... .31A.2 A.3 Application of categorization of techniques Use of techniques during the ISO 31000 process... .37 .31
Annex B (informative) Description of techniques.. .40B.1 B.1.1 Techniques for eliciting views from stakeholders and experts. General 40 40B.1.2 Brainstorming.. 40B.1.3 B.1.4 Delphi technique. Nominal group technique.. .43 42B.1.5 Structured or semi-structured interviews..... 44B.2 B.1.6 Techniquesforidentifying risk.. Surveys.. .45B.2.1 General..B.2.2 B.2.3 Checklists classifications and taxonomies... Failure modes and effects analysis(FMEA) and failure modes effectsand criticality analysis(FMECA). .49B.2.4 B.2.5 Hazard and operability (HAZOP) studies...... Scenario analysis .50 52B.2.6 Structured what if technique (SwIFT) 54B.3 B.3.1 Techniques for determining sources.causes and drivers of risk.... General. .55 55B.3.2 Cindynic approach.. .56B.4 B.3.3 Techniques for analysing controls. Ishikawa analysis (fishbone) method 60B.4.1 General.. ...60B.4.2 B.4.3 Hazard analysis and critical control points (HACCP). Bow tie analysis. ...62 .60B.4.4 Layers of protection analysis (LOPA). ..4B.5 B.5.1 Techniques for understanding consequences and likelihood General. ...6 66B.5.2 Bayesian analysis. .66B.5.3 B.5.4 Business impact analysis (BIA). Bayesian networks and influence diagrams. ...0 .68B.5.5 Cause-consequence analysis (CCA).B.5.6 B.5.7 Event tree analysis (ETA). Fault tree analysis (FTA).. .74B.5.8 Human reliability analysis (HRA). 78B.5.9 B.5.10 Markov analysis. 79B.5.11 Privacy impact analysis (PIA)/ data protection impact analysis (DPIA) Monte Carlo simulation. .81 .83B.6 Techniques for analysing dependencies and interactions. Causal mapping. .85B.6.2 B.6.1 Cross impact analysis. 85 87B.7 Techniques that provide ameasure of riskB.7.1 B.7.2 Toxicological risk assessment.. Value at risk (VaR) 89 .91B.7.3 Conditional value at risk(CVaR)or expected shortfall (ES).B.8 B.8.1 Techniques for evaluating the significance of risk General. ...4 94B.8.2 practicable (SFAIRP)..94