Chapter 3The risk analysis process: planning

In this chapter, we discuss the planning of a risk analysis including the risk evaluation, that is, the risk assessment. The activity can be divided into the following two sub-activities; refer Figure 1.2:

  • Problem definition, information gathering and organisation of work (we refer to this as the problem definition activity)
  • Selection of analysis method.

3.1 Problem definition

The first step of a risk analysis is to define the objectives of the analysis. Why should we perform the analysis? Often, the objectives are based on a problem definition, as shown by the following example.


A manufacturing company conducts a series of tests everyday on its products and then stores the information in an Information and Communication Technology (ICT) system (called system c03-math-0001) that automatically adjusts the production process at start-up the next day. If this information is erroneous, a large quantity of products may not meet the quality requirements and hence cannot be released into the market. This will result in significant economic losses. If system c03-math-0002 fails, production must be stopped, again causing economic losses. To improve the reliability of system , management has decided to conduct a risk analysis with the following objective:

Get Risk Analysis, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.