In the past blogs, we covered how to set the scope, identify major risks and analyze them using the bowtie methodology.
In this edition, our focus is on evaluating the risk which was analyzed previously.
It is possible to evaluate risks in different ways, divided into two categories, the qualitative and the quantitative way. Using the quantitative way, the focus is set on numbers and data-driven values which are for example based on manufacturer specifications, historical data or any other reliable source, while qualitative data is driven by expert judgments and historical (non-numerical) data.
The quantitative approach
An example of a quantitative approach is LOPA (Layer Of Protection Analysis) or, in combination with bowtie, the bowtie-adapted LOPA. See figure 1 below. LOPA works with event frequencies and control failure probabilities (probability of failure on demand). Basically, LOPA takes the initial frequency of an event and multiplies this by the probability that the barriers in that specific scenario line would fail. This results in a current frequency of the unwanted outcome or consequence. If this value is lower, then the acceptable target frequency we have set before, then the risk is considered acceptable.