103: Risk Acceptance Issue
Definition/Typical Issues
Were the risk acceptance criteria used during the change assessment set inappropriately? Were the risk acceptance criteria improperly applied? Were risks deemed acceptable that should have been reduced?
Examples
Example 1
- During a change assessment, the team used the incorrect risk matrix. As a result, they deemed some risks acceptable that should have been addressed with corrective or mitigative actions.
Example 2
- During a change assessment for a new instrumentation system, the personnel performing the assessment did not use the organization's standard risk matrix. Instead, they just reviewed the change and made a decision based on what they felt should be done. As a result, two recommendations were implemented for risks the company deemed acceptable (based on application of the risk matrix).
Typical Recommendations
- Ensure that a diverse team (able to reasonably assess the appropriate risks) is involved in the change assessment.
- Develop more objective criteria for judging risk levels (e.g., a simplified risk scoring scheme or listing requiring safeguards for specific situations).
- Provide guidance to team members to help ensure that the analyses are conducted properly.
- Develop the appropriate risk tolerance criteria or guidance for use in risk-based decision-making situations.
Cross-References
| Version 10 Element(s) | |
|---|---|
| Node ID | Node Name |
| 76 | Risk Acceptance Criteria LTA |
| Maritime Element(s) | |
|---|---|
| Node ID | Node Name |
| 87 | Risk Acceptance Criteria Issue |