Subject 31: Risk Assessment and Management

The scope of the Risk Assessment and Management SSG includes risks associated with Physical Asset or Asset Management System / Process Failures, and recognises the overlap and interaction of various risk families. (It excludes Corporate Risks such as FOREX or Commodity Risk and general occupational safety risks). This SSG is applicable to:

  • asset intensive businesses, where significant expenditure, resources, performance dependency and/or risks are associated with the creation/acquisition, utilisation, maintenance or renewal/disposal of assets
  • organisations that have, or intend to manage or invest in, a significant portfolio of assets, or where the performance of an asset system and the management of assets are central to the effective delivery of service, product or other business objectives
  • organisations where there is a business or public accountability requirement to demonstrate best value in the safe management of assets and provision of associated services 

 

Version 1.0 June 2016

Buy SSG: 31

 

 

Contents  
Acknowledgements  2
1 INTRODUCTION TO SUBJECT SPECIFIC GUIDELINES
1.1 Purpose of the SSGs 
1.2 The SSGs In Context 
1.3 SSGs And The Issue Of Complexity Versus Maturity 
1.4 Further Reading 

4
4
4
4
4

2 APPLICABILITY SCOPE OF THIS DOCUMENT 
2.1 Applicability of this guidance 
2.2 Examples of application 
2.3 Scope 
2.4 Target Sectors 
2.5 How to use this guidance 

6
6
6
6
7
7

3 OVERVIEW OF RISK MANAGEMENT IN ASSET MANAGEMENT 
3.1 Risk Management Concepts 
3.2 Benefits of and Requirement for Risk Management
3.3 Risk Assessment and Management 
3.3.1 Generation of Risk Management Policies 
3.3.2 Development of Risk Management Processes 
3.3.3 Execution of Risk Management Processes 
3.3.4 Alignment of strategic, tactical and operational risks and risk registers 
3.3.5 Risk mitigation strategies and the 4Ts 
3.4 Risk Artefacts 

8
8
9
10
11
11
12
12
12
12

4 GENERATION OF RISK MANAGEMENT POLICIES 
4.1 What should a Risk Management Policy do? 
14
14

5 Development of Risk Management Processes 
5.1 Risk Identification 
5.1.1 Alignment with Organisational Objectives 
5.1.2 Consideration of the Asset Lifecycle 
5.1.3 Consideration of the Asset Hierarchy 
5.1.4 Developing the Risk Register 
5.2 Risk Evaluation 
5.2.1 Probability, Condition and Health 
5.2.2 Consequence and Criticality 
5.2.3 Risk Matrix 2
5.2.4 Considerations for Risk Evaluation 
5.3 Risk Mitigation 
5.3.1 Risk Treatment / Risk Mitigation Strategies 
5.3.2 Risk Zones and Risk Appetite 
5.4 Alignment of strategic, tactical and operational risks and risk registers 
5.5 Risk Monitoring and Review 
5.5.1 Risk management metrics 
5.5.2 Asset Performance and Condition Review 

16
16
16
17
18
18
19
20
24
28
29
36
37
37
37
38
40
41
6 EXECUTION OF RISK MANAGEMENT PROCESSES 
6.1 Business Processes 
6.2 Governance 
6.3 Asset Data and Information 
6.4 Tools and IT 
6.5 Training and education 
6.6 Risk-Based Maintenance Approaches 
6.6.1 Reliability Centred Maintenance RCM 
6.6.2 Application of Failure Modes, Effects and Criticality Analysis (FMECA) 
6.6.3 Application of Fault Tree Analysis (FTA) 

42
42
42
42
42
43
43
43
43
43

7 RISK LANGUAGE AND GLOSSARY 

44

8 CASE STUDIES
8.1 Hydro One: Risk-Based Asset Investment Planning 
8.1.1 Introduction 
8.1.2 Risk-Based Planning and Investment Optimisation Process 
8.1.3 Key Benefits 
8.2 Assessment of Water Distribution Network Augsburg, Germany 
8.2.1 Introduction 
8.2.2 Description of activity 
8.2.3 Evaluation 
8.3 OFGEM Risk Monetisation 
8.3.1 Asset Health and Probability of Failure 
8.3.2 Consequences of Failure and Asset Criticality 
48
48
48
48
52
53
53
53
56
57
57
57