ISO 17666-2016 Space systems - Risk management《航空航天系统 风险管理》.pdf

1、 ISO 2016 Space systems Risk management Systmes spatiaux Management des risques INTERNATIONAL STANDARD ISO 17666 Second edition 2016-11-15 Reference number ISO 17666:2016(E) ISO 17666:2016(E)ii ISO 2016 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO 2016, Published in Switzerland All rights re

2、served. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either

3、ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Ch. de Blandonnet 8 CP 401 CH-1214 Vernier, Geneva, Switzerland Tel. +41 22 749 01 11 Fax +41 22 749 09 47 copyrightiso.org www.iso.org ISO 17666:2016(E)Foreword iv Introduction v 1 Scope . 1 2 Normati

4、ve references 1 3 T erms, definitions and abbr e viat ed t erms 1 3.1 Terms and definitions . 1 4 A bbr e viat ed t erms 3 5 Principles of risk management . 3 5.1 Risk management concept 3 5.2 Risk management process 3 5.3 Risk management implementation into a project 3 5.4 Risk management documenta

5、tion . 4 6 The risk management process . 4 6.1 Overview of the risk management process 4 6.2 Risk management steps and tasks . 6 6.2.1 Step 1: Define risk management implementation requirements. 6 6.2.2 Step 2: Identify and assess the risks . 9 6.2.3 Step 3: Decide and act . 9 6.2.4 Step 4: Monitor,

6、 communicate, and accept risks .10 7 Risk management implementation .11 7.1 General considerations .11 7.2 Responsibilities .11 7.3 Project life cycle considerations 12 7.4 Risk visibility and decision making 12 7.5 Documentation of risk management.12 8 Risk management requirements 13 8.1 General 13

7、 8.2 Risk management process requirements .13 8.3 Risk management implementation requirements 15 Annex A (informative) Risk register example and ranked risk log example .16 Annex B (informative) Risk management plan (DRD) 18 Bibliogr aph y .20 ISO 2016 All rights reserved iii Contents Page ISO 17666

8、:2016(E) Foreword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for

9、which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on al

10、l matters of electrotechnical standardization. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of ISO documents should be noted. T

11、his document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any

12、or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents). Any trade name used in this document is information given for the convenience of use

13、rs and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformit y assessment, as well as information about ISOs adherence to the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the followin

14、g URL: www.iso.org/iso/foreword.html. The committee responsible for this document is ISO/TC 20, Aircraft and space vehicles, Subcommittee SC 14, Space systems and operations. This second edition cancels and replaces the first edition (ISO 17666:2003), of which it constitutes a minor revision. Annex

15、B has been added in this edition and contains a DRD for consideration when preparing the risk management plan.iv ISO 2016 All rights reserved ISO 17666:2016(E) Introduction Risks are a threat to the project success because they have negative effects on the project cost, schedule and technical perfor

16、mance, but appropriate practices of controlling risks can also present new opportunities with positive impact. The objective of project risk management is to identify, assess, reduce, accept, and control space project risks in a systematic, proactive, comprehensive, and cost-effective manner, taking

17、 into account the projects technical and programmatic constraints. Risk is considered tradable against the conventional known project resources within the management, programmatic (e.g. cost, schedule), and technical (e.g. mass, power, dependability, safety) domains. The overall risk management in a

18、 project is an iterative process throughout the project life cycle, with iterations being determined by the project progress through the different project phases, and by changes to a given project baseline influencing project resources. Risk management is implemented at each level of the customer-su

19、pplier network. Known project practices for dealing with project risks, such as system and engineering analyses, analyses of safety, critical items, dependability, critical path, and cost, are an integral part of project risk management. Ranking of risks according to their criticality for the projec

20、t success, allowing management attention to be directed to the essential issues, is a major objective of risk management. The project actors agree on the extent of the risk management to be implemented into a given project depending on the project definition and characterization. ISO 2016 All rights

21、 reserved v Space systems Risk management 1 Scope This document defines, extending the requirements of ISO 14300-1, the principles and requirements for integrated risk management on a space project. It explains what is needed to implement a project- integrated risk management policy by any project a

22、ctor, at any level (i.e. customer, first-level supplier, or lower-level suppliers). This document contains a summary of the general risk management process, which is subdivided into four (4) basic steps and nine (9) tasks. The implementation can be tailored to project-specific conditions. The risk m

23、anagement process requires information exchange among all project domains and provides visibility over risks, with a ranking according to their criticality for the project; these risks are monitored and controlled according to the rules defined for the domains to which they belong. The fields of app

24、lication of this document are all the space project phases. A definition of project phasing is given in ISO 14300-1. When viewed from the perspective of a specific programme or project context, the requirements defined in this document are tailored to match the genuine requirements of a particular p

25、rofile and circumstances of a programme or project. NOTE Tailoring is a process by which individual requirements or specifications, standards, and related documents are evaluated and made applicable to a specific programme or project by selection, and in some exceptional cases, modification and addi

26、tion of requirements in the standards. 2 Normative references There are no normative references in this document. 3 T erms, d efinitions and abbr e viat ed t erms 3.1 T erms and definiti ons For the purposes of this document, the following terms and definitions apply. ISO and IEC maintain terminolog

27、ical databases for use in standardization at the following addresses: IEC Electropedia: available at http:/ /www.electropedia.org/ ISO Online browsing platform: available at http:/ /www.iso.org/obp 3.1.1 acceptance of risk decision to cope with consequences, should a risk scenario materialise Note 1

28、 to entry: A risk can be accepted when its magnitude is less than a given threshold, defined in the risk management policy. Note 2 to entry: In the context of risk management, acceptance can mean that even though a risk is not eliminated, its existence and magnitude are acknowledged and tolerated. I

29、NTERNATIONAL ST ANDARD ISO 17666:2016(E) ISO 2016 All rights reserved 1 ISO 17666:2016(E) 3.1.2 risk communication all information and data necessary for risk management addressed to a decision maker and to relevant actors within the project hierarchy 3.1.3 risk index combined score used to measure

30、the likelihood of occurrence, magnitude, and severity of risk 3.1.4 individual risk risk identified, assessed, and mitigated as a distinct risk items in a project 3.1.5 risk management systematic and iterative optimisation of the project resources, performed according to the established project risk

31、 management policy 3.1.6 risk management policy organisations attitude towards risks, how it conducts risk management, the risks it is prepared to accept and how it defines the main requirements for the risk management plan 3.1.7 risk management process all project activities related to the identifi

32、cation, assessment, reduction, acceptance, and feedback of risks 3.1.8 overall risk risk resulting from the assessment of the combination of individual risks and their impact on each other, in the context of the whole project Note 1 to entry: Overall risk can be expressed as a combination of qualita

33、tive and quantitative assessment. 3.1.9 risk reduction implementation of measures that leads to reduction of the likelihood or severity of risk Note 1 to entry: Preventive measures aim at eliminating the cause of a problem situation, and mitigation measures aim at preventing the propagation of the c

34、ause to the consequence or reducing the severity of the consequence or the likelihood of the occurrence. 3.1.10 residual risk risk remaining after implementation of risk reduction measures 3.1.11 resolved risk risk that has been rendered acceptable 3.1.12 risk undesirable situation or circumstance t

35、hat has both a likelihood of occurring and a potentially negative consequence on a project Note 1 to entry: Risks arise from uncertainty due to a lack of predictability or control of events. Risks are inherent to any project and can arise at any time during the project life cycle; reducing these unc

36、ertainties reduces the risk.2 ISO 2016 All rights reserved ISO 17666:2016(E) 3.1.13 risk scenario sequence or combination of events leading from the initial cause to the unwanted consequence Note 1 to entry: The cause can be a single event or something activating a dormant problem. 3.1.14 risk trend

37、 evolution of risks throughout the life cycle of a project 3.1.15 unresolved risk risk for which risk reduction attempts are not feasible, cannot be verified, or have proven unsuccessful Note 1 to entry: It can also be defined as a risk remaining unacceptable. 4 A bbr e viat ed t erms The following

38、abbreviated terms are defined and used within this document. ECSS European Cooperation for Space Standardization IEC International Electrotechnical Commission 5 Principles of risk management 5.1 Risk management concept Risk management is a systematic and iterative process for optimising resources in

39、 accordance with the projects risk management policy. It is integrated through defined roles and responsibilities into the day-to-day activities in all project domains. Risk management assists managers and engineers when including risk aspects in management and engineering practices and judgement th

40、roughout the project life cycle. It is performed in an integrated, holistic way, maximising the overall benefits in areas such as: design, construction, testing, operation, maintenance, and disposal, together with their interfaces, control over risk consequences, and management, cost, and schedule.

41、This process adds value to the data that is routinely developed, maintained, and reported. 5.2 Risk management process The entire spectrum of risks is assessed. Trade-offs are made among different, and often competing, goals. Undesired events are assessed for their severity and likelihood of occurre

42、nce. The assessments of the alternatives for mitigating the risks are iterated, and the resulting measurements of performance and risk trend are used to optimise the tradable resources. Within the risk management process, available risk information is produced and structured, facilitating risk commu

43、nication and management decision making. The results of risk assessment and reduction and the residual risks are communicated to the project team for information and follow-up. 5.3 Risk management implementation into a project Risk management requires corporate commitment in each actors organisation

44、 and the establishment of clear lines of responsibility and accountability from corporate level downwards. Project management ISO 2016 All rights reserved 3 ISO 17666:2016(E) has the overall responsibility for the implementation of risk management, ensuring an integrated, coherent approach for all p

45、roject domains. Risk management is a continuous, iterative process. It constitutes an integral part of normal project activity and is embedded within the existing management processes. It utilises the existing elements of the project management processes to the maximum extent possible. 5.4 Risk mana

46、gement documentation The risk management process is documented to ensure that the risk management policies are established, understood, implemented, and maintained, and that they are traceable to the origin and rationale of all risk-related decisions made during the life of the project. 6 The risk m

47、anagement process 6.1 Overview of the risk management process The iterative four-step risk management process of a project is illustrated in Figure 1. The tasks to be performed within each of these steps are shown in Figure 2. Step 1 comprises the establishment of the risk management policy (Task 1)

48、 and risk management plan (Task 2), and is performed at the beginning of a project. The implementation of the risk management process consists of a number of “risk management cycles” over the project duration comprising Steps 2 to 4, subdivided into seven: Tasks 3 to 9. The period designated in the

49、illustration with “Risk management process” comprises all the project phases of the project concerned. The frequency and project events at which cycles are required in a project (only three are shown in Figure 1 for illustration purposes) depend on the needs and complexity of the project and need to be defined during Step 1. Unforeseen cycles are required when changes to, for example, the schedule, technologies, techniques, and performance of the project baseline occur. Risks at any stage of the project are controlled as part of the proje