Risk analysis based on various methodologies
Risk analysis is defined as activities focused on reducing the negative impact of risk through activities changing its level. The analysis makes it possible to define, assess and monitor the level of risk both at the qualitative and quantitative level.
Conducting a risk analysis is of great importance mainly in the case of preparing security management systems and security policy.
Various methodologies are used in risk analysis. They are selected depending on the specifics of the entity and activities influencing the risk.
Various methods of risk analysis:
- HAZOP - threat analysis and operational capabilities
- FTA - Fault Tree Analysis
- ETA - event tree analysis
- PHA - Initial Hazard Analysis
- FMEA - analysis of the types and effects of possible errors
- LOPA - analysis of security layers
- QRA - Quantitative Risk Assessment
The most popular and most frequently used method of risk analysis is HAZOP, i.e. Hazard and Operability Studies, namely the analysis of threats and operational capabilities. It is most often used in the design of buildings and installations, their modernization and expansion.
HAZOP analysis - methodology
The test consists in making a special division of the analyzed building or installation into nodes with specific parameters. Then, using words such as "missing", "less", "more", "also", "part of", "inverse", "other than" are used to define deviations from the design.
When there is a deviation, the process of identifying the causes is performed and the probability of the deviation and its threat are assessed. The results are stored in a so-called HAZOP table.