In this chapter, we discuss the planning of a risk analysis including the risk evaluation, that is, the risk assessment. The activity can be divided into the following two sub-activities; refer Figure 1.2:
The first step of a risk analysis is to define the objectives of the analysis. Why should we perform the analysis? Often, the objectives are based on a problem definition, as shown by the following example.
A manufacturing company conducts a series of tests everyday on its products and then stores the information in an Information and Communication Technology (ICT) system (called system ) that automatically adjusts the production process at start-up the next day. If this information is erroneous, a large quantity of products may not meet the quality requirements and hence cannot be released into the market. This will result in significant economic losses. If system fails, production must be stopped, again causing economic losses. To improve the reliability of system , management has decided to conduct a risk analysis with the following objective: