what-when-how
In Depth Tutorials and Information
are limited to Boolean variables and uncorrelated relations, and they do not include
repairing notions and temporal dependencies [15].
As previously stated, risk analysis applied to the technical layer alone does not
produce an accurate depiction of every contributing factor for a given critical event.
A higher degree of analysis must be used to consider all relevant factors: a global
risk analysis. At the global level, the constraining external processes for an opera-
tional system are divided into four categories or layers:
1. Decisions and actions layer
2. Internal organizational layer
3. External organizational layer
4. Natural environment layer
he decisions and actions layer represents processes linked with the decision mak-
ing at the individual level, the internal organizational layer represents processes
linked with the management of the enterprise, the external organizational later
represents processes linked with the climate in which this enterprise evolves, and
the natural environment layer represents processes linked with the evolution of the
physical and natural climate [15].
Understandably, there exists the need to accurately identify the relations between
these defined layers with an operational system of interest. Additionally, it is highly
important to identify the relations existing between the technical layer and the
human/organizational layer. he technical layer is typically qualiied as a closed-
loop system consisting of limitations or constraints, multiple causality relations,
and identifiable interactions [15]. On the other hand, the human/organizational
layer is typically qualified as a dynamic, open-loop system where limits are difficult
to determine and the systems experience high rates of change. A high-level low
chart illustrating the steps taken in global risk analysis with respect for decision-
making support is displayed in Figure 9.7.
On top of performing global risk analysis, it may be desirable to incorporate
barriers into the system. A risk reduction barrier is defined as an entity installed
in the system to prevent the occurrence of a risky scenario [15]. Risk reduc-
tion barriers are categorized as preventive or protective; a preventive barrier is
typically located upstream for the purpose of preventing or limiting the critical
event and a protective barrier is typically located downstream for the purpose
of reducing the consequences of the critical event. Risk reduction barriers can
be further categorized based on the contributing resources into the three fol-
lowing categories:
◾
Organizational barrier: composed of management activity
◾
Human barrier: composed of human activity
◾
Technical barrier: composed of a safety device
◾
Combined barrier: combination of barriers
