1、BRITISH STANDARD BS 8444-3: 1996 IEC 300-3-9: 1995 Risk management Part 3: Guide to risk analysis of technological systems ICS 03.120.10; 29.020BS8444-3:1996 This British Standard, having been prepared under the directionof the Management Systems Sector Board, was published under the authority ofthe
2、 Standards Board and comesinto effect on 15August1996 BSI 12-1998 The following BSI references relate to the work on this standard: Committee reference DS/1 Draft for comment 93/408655 DC ISBN 0 580 26110 7 Committees responsible for this British Standard The preparation of this British Standard was
3、 entrusted to Technical Committee DS/1, Reliability and maintainability upon which the following bodies were represented: Association of Consulting Engineers Association of Project Managers British Gas plc British Railways Board British Telecommunications plc Chartered Institution of Building Servic
4、es Engineers City University Civil Aviation Authority Consumer Policy Committee of BSI Consumers Association Cornfield University Defence Manufacturers Association Electricity Association Federation of the Electronics Industry GAMBICA (BEAMA Ltd.) Institute of Logistics Institute of Quality Assuranc
5、e Institute of Risk management Institute of Value Management Institution of Electrical Engineers Institution of Mechanical Engineers Institution of Plant Engineers London underground Ltd. Loughborough University of Technology Mercury Communication Limited Ministry of Defence National Computing Centr
6、e Ltd. Railtrack Railway Industry Association Royal Institution of Chartered Surveyors Royal Statistical Society Safety and Reliability Society Society of Environmental Engineers Society of Motor Manufacturers and Traders Limited University of Bradford West Midlands Enterprise Board Amendments issue
7、d since publication Amd. No. Date CommentsBS8444-3:1996 BSI 12-1998 i Contents Page Committees responsible Inside front cover National foreword ii Introduction 1 1 Scope 1 2 Normative references 1 3 Definitions 2 4 Risk analysis concepts 2 5 Risk analysis process 4 6 Audits 7 7 Risk analysis methods
8、 7 Annex A (informative) Methods of analysis 15 Figure 1 A simplified relationship between risk analysisand otherriskmanagement activities 11 Figure 2 The risk analysis process 12 Figure 3 Typical considerations in selecting type of analysis and depth of study 13 Figure 4 A risk matrix 14 Figure A.1
9、 Fault tree example 17 Figure A.2 Fault tree symbols 18 Figure A.3 Example of an event tree for a dust explosion 19 Table 1 Methods used in risk analysis 10 Table A.1 HAZOP II guide words 15 Table A.2 Sample HAZOP II worksheet for guideword “not, no” 16 List of references Inside back coverBS8444-3:1
10、996 ii BSI 12-1998 National foreword This Part of BS 8444 has been prepared by Technical Committee DS/1. It is identical with IEC 300-3-9:1995 Dependability management Part3:Application guide Section 9: Risk analysis of technological systems published by the International Electrotechnical Commission
11、 (IEC). This Part provides guidelines for selecting and implementing risk analysis techniques presented as risk analysis concepts, risk analysis process and risk analysis methods. It provides an input to risk management activities. A related British Standard to IEC 812:1985 is BS 5760 Reliability of
12、 systems, equipment and components Part 5:1991 Guide to failure modes, effects and criticality analysis (FMEA and FMECA). Additional information This standard is a guide and the use of the verbal forms “must” and “shall” in the text does not indicate mandatory requirements. A British Standard does n
13、ot purport to include all the necessary provisions of a contract. Users of British Standards are responsible for their correct application. Compliance with a British Standard does not of itself confer immunity from legal obligations. Cross-references Publication referred to Corresponding British Sta
14、ndard IEC 50(191):1990 BS 4778 Quality vocabulary Part 3 Availability, reliability and maintainability terms Section 3.2:1991 Glossary of international terms (Identical) BS 5760 Reliability of systems, equipment and components IEC 300-2:1996 Part 1:1996 Dependability programme elements and tasks (Id
15、entical) IEC 1025:1990 Part 7:1991 Guide to fault tree analysis (Identical) IEC 1078:1991 BS EN 61078:1994 Reliability of systems, equipment and components. Guide to the block diagram technique (Identical) Summery of pages This document comprises a front cover, an inside front cover, pages i and ii,
16、 pages1to20, an inside back cover and a back cover. This standard has been updated (see copyright date) and may have had amendments incorporated. This will be indicated in the amendment table on the inside front cover.BS8444-3:1996 BSI 12-1998 1 Introduction The process of risk management incorporat
17、es many different elements from the initial identification and analysis of risk, to the evaluation of its tolerability and identification of potential risk reduction options, through to the selection, implementation and monitoring of appropriate control and reduction measures. This is illustrated in
18、 Figure 1. Risk analysis, which is the subject of this section of IEC 300-3, is a structured process that identifies both the likelihood and extent of adverse consequences arising from a given activity, facility or system. Within the context of this standard, the adverse consequences of concern are
19、physical harm to people, property or the environment. Risk analysis attempts to answer three fundamental questions: What can go wrong (by hazard identification)? How likely is this to happen (by frequency analysis)? What are the consequences (by consequence analysis)? This standard is intended to re
20、flect current good practices in selection and utilisation of the risk analysis techniques and does not refer to new or evolving concepts which have not reached a satisfactory level of professional consensus. This standard is general in nature, so that it may give guidance across many industries and
21、types of systems. There may be more specific standards in existence within these industries that establish preferred methodologies and levels of analysis for particular applications. If these standards are in harmony with this publication, the specific standards will generally be sufficient. This st
22、andard only covers the risk analysis portion of the broader risk assessment and risk management activities. The latter may become the subject of future standards. To the extent possible, this standard has built on the concepts and terminology given in the documents listed in clause2 and other standa
23、rds. There are numerous instances where these documents are not entirely consistent or where they principally apply to one industry alone. In these cases, this standard may use one of the approaches/definitions available or may present a more general one. 1 Scope This section of IEC 300-3 provides g
24、uidelines for selecting and implementing risk analysis techniques, primarily for risk assessment of technological systems. The objective of this standard is to ensure quality and consistency in the planning and execution of risk analyses and the presentation of results and conclusions. This standard
25、 contains guidelines for risk analysis, presented as follows: risk analysis concepts, risk analysis process, risk analysis methods. This section of IEC 300-3 is applicable as: a guideline for planning, executing and documenting risk analyses; a basis for specifying quality requirements for risk anal
26、ysis (this can be particularly important when dealing with external consultants); a basis for evaluating risk analyses after completion. Risk analysis carried out to this standard provides an input to risk management activities (seeFigure 1). NOTEThis standard does not provide specific criteria for
27、identifying the need for risk analysis, or specify the type of risk analysis method that is required for a given situation. Nor does it offer detailed guidelines for specific hazards or include insurance, actuarial, legal, or financial interests. 2 Normative references The following normative docume
28、nts contain provisions which, through reference in this text, constitute provisions of this section of IEC 300-3. At the time of publication, the editions indicated were valid. All normative documents are subject to revision, and parties to agreements based on this section of IEC 300-3 are encourage
29、d to investigate the possibility of applying the most recent editions of the normative documents indicated below. Members of IEC and ISO maintain registers of currently valid International Standards. IEC 50(191):1990, International Electrotechnical Vocabulary (IEV) Chapter 191: Dependability and qua
30、lity of service. IEC 300-2, Dependability management Part2:Dependability programme elements and tasks. IEC 812:1985, Analysis techniques for system reliability Procedure for failure mode and effects analysis (FMEA). IEC 1025:1990, Fault tree analysis (FTA). IEC 1078:1991, Analysis techniques for dep
31、endability Reliability block diagram method.BS8444-3:1996 2 BSI 12-1998 3 Definitions For the purposes of this section of IEC 300-3, the terms and definitions of IEC 50(191) apply. In addition, the following terms and definitions apply: 3.1 harm 1) physical injury or damage to health, property or th
32、e environment 3.2 hazard 1) source of potential harm or a situation with a potential for harm 3.3 hazardous event event which can cause harm 3.4 hazard identification process of recognizing that a hazard exists and defining its characteristics 3.5 risk 1) combination of the frequency, or probability
33、, of occurrence and the consequence of a specified hazardous event NOTEThe concept of risk always has two elements: the frequency or probability with which a hazardous event occurs and the consequences of the hazardous event. 3.6 risk analysis systematic use of available information to identify haza
34、rds and to estimate the risk to individuals or populations, property or the environment (SeeFigure 1.) NOTERisk analysis is also sometimes referred to as probabilistic safety analysis, probabilistic risk analysis, quantitative safety analysis and quantitative risk analysis. 3.7 risk assessment overa
35、ll process of risk analysis and risk evaluation. (See Figure 1.) 3.8 risk control process of decision-making for managing and/or reducing risk; its implementation, enforcement and re-evaluation from time to time, using the results of risk assessment as one input 3.9 risk estimation process used to p
36、roduce a measure of the level of risks being analysed. Risk estimation consists of the following steps: frequency analysis, consequence analysis and their integration 3.10 risk evaluation process in which judgements are made on the tolerability of the risk on the basis of risk analysis and taking in
37、to account factors such as socio-economic and environmental aspects 3.11 risk management systematic application of management policies, procedures and practices to the tasks of analysing, evaluating and controlling risk. (See Figure 1.) 3.12 system composite entity, at any level of complexity, of pe
38、rsonnel, procedures, materials, tools, equipment, facilities and software. The elements of this composite entity are used together in the intended operational or support environment to perform a given task or achieve a specific objective 4 Risk analysis concepts 4.1 Objective and basic concepts of r
39、isk analysis Risk is present in all human activity; it can be health and safety related (involving, for example, both immediate and long-term health effects of exposure to toxic chemicals), economic (resulting in, for example, destruction of equipment and lost production due to fires, explosions or
40、other accidents) or affect the environment. The objective of risk management is to control, prevent or reduce loss of life, illness, or injury, damage to property and consequential loss, and environmental impact. Before risk can be effectively managed, it should be analysed. The analysis of risk is
41、a useful tool for: a) identifying risks and approaches to their solution; b) providing objective information for decision making; c) meeting regulatory requirements. 1) These definitions deviate from those given in ISO/IEC Guide 51:1990, which is currently under revision.BS8444-3:1996 BSI 12-1998 3
42、The results of a risk analysis can be used by a decision-maker to help judge the tolerability of risk and aid in choosing between potential risk-reduction or risk avoidance measures. From the decision-makers perspective some of the principal benefits of risk analysis include: a) systematic identific
43、ation of potential hazards; b) systematic identification of potential failure modes; c) quantitative risk statements or ranking; d) evaluation of possible modifications to reduce risk or achieve better dependability levels; e) identification of the important contributors to risk and weak links in a
44、system; f) better understanding of the system and its installation; g) comparison of risks to those of alternative systems or technologies; h) identification and communication of risks and uncertainties; i) help in establishing priorities for improving health and safety; j) a basis for preventive ma
45、intenance and inspection to be rationalised; k) post-accident investigation and prevention; l) selection between alternatives such as different risk-reduction measures and technologies. All these play an important role in effective risk management, whether the objective is improving conditions relat
46、ed to health and safety, prevention of economic loss, or compliance with government regulations. Risk analysis often requires a multidisciplinary approach, since it may cover such areas of expertise as: a) systems analysis; b) probability and statistics; c) chemical, mechanical, electrical, structur
47、al or nuclear engineering; d) physical, chemical, or biological sciences; e) health sciences, including toxicology and epidemiology; f) social sciences, including economics, psychology, and sociology; g) human factors, ergonomics and management science. 4.2 Risk management and risk categorization Ri
48、sk analysis is a part of the risk assessment and management process as illustrated in Figure 1 and consists of scope definition, hazard identification, and risk estimation. Hazards may be grouped into four general categories, namely: a) natural hazards (floods, earthquakes, tornadoes, lightning, etc
49、.); b) technological hazards (industrial facilities, structures, transportation systems, consumer products, pesticides, herbicides, pharmaceuticals, etc.); c) social hazards (assault, war, sabotage, communicable disease, etc.); d) lifestyle hazards (drug abuse, alcohol, smoking, etc.). These groups are clearly not mutually exclusive, and in analysing technological hazards it is often necessary to consider the influence of factors from other categories (particularly natural hazards) and other systems, as part of the risk analysis. Risk can a
