Fluency in Risk Management: DoD Acquisition Risk Management, MIL-STD-882D, ANSI-GEIA-STD-0010, and ISO All the Same, Only Different?

Similar documents
ISO 14001, OHSAS 18001, and MIL-STD-882D and SE

Headquarters U.S. Air Force

20028 Joint Software Systems Safety Engineering Handbook Implementation Guide

Latest Reliability Growth Policies, Practices, and Theories for Improved Execution

System Safety in Systems Engineering V-Charts

DATA ITEM DESCRIPTION

System Safety. Robert Dare. ESD.83: Research Seminar in Engineering Systems Massachusetts Institute of Technology.

OPTIMIZING THE SELECTION OF VV&A ACTIVITIES A RISK / BENEFIT APPROACH

Report of the Reliability Improvement Working Group Table of Contents

Parts Management Implementation Spring LMI. PSMC Spring

Implementation of the Reliability & Maintainability (R&M) Engineering Body of Knowledge (BoK)

Voluntary Protection Programs (VPP) 101

Software System Safety

Defense Standardization Program Conference. Standardizing Software Development and Acquisition in DoD

Results of Mitigation Effectiveness Survey

So, How Will You Audit a Risk Assessment in ISO 9001:2015?

Data Management in a Performance Based Logistics Environment

Department of Defense MANUAL

05/14/2008 VS

Aeronautical Systems Center

Environmental, Safety, and Occupational Health Plan Fiscal Year 2016

FOR PLANNING PURPOSES ONLY!

National Aeronautics and Space Administration Washington, DC 20546

Process for Evaluating Logistics. Readiness Levels (LRLs(

DoD Environmental Information Technology Management (EITM) Program

Net-Ready Key Performance Parameter (NR-KPP) Implementation Guidebook

SAE Standards for Supportability: What s in a LORA Standard?

FMEA Failure Mode Effects Analysis. ASQ/APICS Joint Meeting May 10, 2017

DATA ITEM DESCRIPTION TITLE: TRAINING SITUATION DOCUMENT Number: DI-SESS-81517C Approval Date:

CIVIL AVIATION PUBLICATION CAP 15 SAFETY MANAGEMENT SYSTEMS

CORROSION PREVENTION AND CONTROL PLANNING GUIDEBOOK SPIRAL 3 September 2007

Improving Our Leaders Ability to Understand and Manage Risks, Issues, and Opportunities

Guidance for the Tailoring of R&M Engineering Data

2009 DoD Weapon System Product Support Assessment

Supplier Quality Manual

Department of Defense MANUAL

Report of the Reliability Improvement Working Group (RIWG) Volume II - Appendices

A Systems Approach to Risk Management Through Leading Indicators

HAZARD IDENTIFICATION AND RISK ASSESSMENT Revision Date: 04/2017

Flight Data Monitoring within an Integrated Safety Management System

APPENDIX A Configuration Change Management Concepts, Principles, and Guidance

ISO 14001:2015. Control of Environmental Aspects & Impacts.

FAA/HSAC PART 135 SYSTEM SAFETY RISK MANAGEMENT SAFETY ELEMENT RII TRAINING REQUIREMENTS (AW) JOB AID

A S D T R A N S L A T E D I N T O P L A I N E N G L I S H 8. O P E R A T I O N S

RISK MANAGEMENT POLICY

AS9003A QUALITY MANUAL

TECHNICAL REVIEWS AND AUDITS

Environmental Setting, Impacts, and Mitigation Measures

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY

Bricks for a Lean Systems Engineering Yellow Brick Road

THE COMPLETE GUIDE TO ISO14001

DEFENSE LOGISTICS AGENCY HEADQUARTERS 8725 JOHN J. KINGMAN ROAD FORT BELVOIR, VIRGINIA

Incorporating Test and Evaluation into Department of Defense Acquisition Contracts

Risk Management Strategy. Version: V3.0

9100 revision Changes presentation clause-by-clause. IAQG 9100 Team November 2016

April 2017 Latest update. ISO/DIS Understanding the new international standard for occupational health & safety

Counterfeit Parts: A Lockheed Martin perspective

Internal Policy. Policy Title: Applies to: Reference #

Journal of the University Librarians Association of Sri Lanka, Vol.15, Issue 1, June 2011

Alan F. Estevez. Principal Deputy Assistant Secretary of Defense for Logistics and Materiel Readiness

REPORT 2014/148 INTERNAL AUDIT DIVISION. Audit of the recruitment process at the Office of the High Commissioner for Human Rights

Risk Management and Corporate Governance in Local Government

Getting Started with Risk in ISO 9001:2015

DEPARTMENT OF DEFENSE Defense Contract Management Agency INSTRUCTION. Government Contract Quality Assurance (GCQA) Surveillance Planning

Risk Management Quick Reference Booklet (For more detail, see ATP 5-19)

SYSTEMS ENGINEERING PLAN (SEP) OUTLINE

SD-19 PARTS MANAGEMENT GUIDE

RISK MANAGEMENT GUIDE FOR DOD ACQUISITION

Top 5 Systems Engineering Issues within DOD and Defense Industry

RCM Theory and Concepts Workshop Module 2- RCM Process Overview

Understanding IEC 62304

Supply Chain. Example Policy. Author: A Heathcote Date: 24/05/2017 Version: 1.0

USING PILOTS TO ASSESS THE VALUE AND APPROACH OF CMMI IMPLEMENTATION. Goddard Space Flight Center (GSFC)

TECHNICAL REPORT. Configuration Management Standard. Issued Revised NOTICE

Instructions For Populating GFP Attachments

Frequently Asked Questions (FAQs) Standards Updates

Reliability Analysis Techniques: How They Relate To Aircraft Certification

SYSTEMS ENGINEERING REQUIREMENTS AND PRODUCTS

Joint Logistics Strategic Plan

DEPARTMENT OF DEFENSE STANDARD PRACTICE

REPORT 2015/082. Lebanon. in the United Nations Interim Force in FINAL OVERALL RATING: PARTIALLY SATISFACTORY

Using Measurement to Assure Operational Safety, Suitability, and Effectiveness (OSS&E) Compliance for the C 2 Product Line

Department of Defense INSTRUCTION

Independent Verification and Validation (IV&V)

Risk Module: Risk Management, Fault Trees and Failure Mode Effects Analysis Exploration Systems Engineering, version 1.0

Risk Assessment Mitigation Phase Risk Mitigation Plan Records Management (Chapter SDG&E-13)

Hazard Analysis. Techniques for. System Safety. Second Edition. Clifton A. Ericson, II Fredericksburg, Virginia. Wiley

The DCARC UNCLASSIFIED UNCLASSIFIED. DCARC Helpdesk Jen Horner (253) x1. Software and Web Development

Leveraging Your Service Quality Using ITIL V3, ISO and CMMI-SVC. Monday Half-Day Tutorial

Measures and Risk Indicators for Early Insight Into Software Safety

Standardization Template

Federal Acquisition Service

6 Risk assessment methodology

CHAPTER 604 INTERMODAL CONTAINER INSPECTION, REINSPECTION, MAINTENANCE, AND REPAIR

The United States Air Force Design-Build Plus User s Guide

Extending Systems Engineering Leading Indicators for Human Systems Integration Effectiveness

Improving Cybersecurity and Resilience through Acquisition [DRAFT] IMPLEMENTATION PLAN

Update on the revision of ISO/IEC 17025

FAA/HSAC PART 135 SYSTEM SAFETY RISK MANAGEMENT SAFETY ELEMENT REQUIRED INSPECTION ITEMS (RII) JOB AID

Transcription:

12619 - Fluency in Risk Management: DoD Acquisition Risk Management, MIL-STD-882D, ANSI-GEIA-STD-0010, and ISO 31000 All the Same, Only Different? Jeff Walker, Booz Allen Hamilton Environment, Energy Security & Sustainability Symposium May 2011

1 Fluency in Risk Management?

2 Introduction Documents Risk Management Guide for DoD Acquisition MIL-STD-882D DoD Standard Practice for System Safety ANSI-GEIA-STD-0010 Standard Best Practices for System Safety Program Development and Execution ISO 31000 Risk management Principles and guidelines Approaches Terminology Application

3 Risk Management Guide for DoD Acquisition Background Responsibility of the Deputy Assistant Secretary of Defense, Systems Engineering (DASD(SE)), August 2006 The purpose of addressing risk on programs is to help ensure program cost, schedule, and performance objectives are achieved at every stage in the life cycle The purpose of this guide is to assist DoD and contractor Program Managers (PMs), in effectively managing program risks during the entire acquisition process, including sustainment Refers the reader to MIL-STD-882D, Standard Practice for System Safety, for guidance regarding Environment, Safety, and Occupational Health (ESOH) hazards Risk management is a fundamental program management tool for effectively managing future uncertainties associated with system acquisition

4 Risk Management Guide for DoD Acquisition Approach Risk Management Process Risk Reporting Matrix

5 Risk Management Guide for DoD Acquisition Terminology Risks components: A future root cause (yet to happen), which, if eliminated or corrected, would prevent a potential consequence from occurring A probability (or likelihood) assessed at the present time of that future root cause occurring, and The consequence (or effect) of that future occurrence Application Programmatic risk Once a root cause has occurred, it becomes an issue and is handled separately

6 MIL-STD-882D DoD Standard Practice for System Safety Background Air Force Materiel Command/System Safety Office is Preparing Activity, February 2000 currently being updated Delineates the minimum mandatory requirements for an acceptable system safety program for any DoD system Mandated by DoD Instruction 5000.02 An approach useful in development, test, production, use, and disposal of DoD systems, subsystems, equipment, and facilities Consistent means of evaluating identified mishap risks Risk mitigations must consider total life cycle cost in any decision Residual mishap risk associated with an individual system must be reported to and accepted by the appropriate authority as defined in DoD

7 MIL-STD-882D DoD Standard Practice for System Safety Approach Risk Reporting Matrix Risk Management Process 1. Documentation of the system safety approach 2. Identification of hazards 3. Assessment of mishap risk 4. Identification of mishap risk mitigation measures 5. Reduction of mishap risk to an acceptable level 6. Verification of mishap risk reduction 7. Review of hazards and acceptance of residual mishap risk by the appropriate authority 8. Tracking of hazards and residual mishap risk

8 MIL-STD-882D DoD Standard Practice for System Safety PROBABILITY OF OCCURRENCE 1 CATASTROPHIC HAZARD SEVERITY CATEGORIES 2 CRITICAL 3 MARGINAL 4 NEGLIGIBLE A - FREQUENT 1 3 7 13 B - PROBABLE 2 5 9 16 C - OCCASIONAL 4 6 11 18 D - REMOTE 8 10 14 19 E - IMPROBABLE 12 15 17 20 Mishap Risk Assessment Value: Mishap Risk Category & Acceptance Authority: 1 5 HIGH - Acceptance of Risk by the Component Acquisition Executive 6-9 SERIOUS Acceptance of Risk by the Program Executive Officer 10-17 MEDIUM Acceptance of Risk Project Manager. 18-20 LOW - Acceptance of Risk Project Manager.

9 MIL-STD-882D DoD Standard Practice for System Safety Terminology Risks components: Hazard? Mishap Application Environment, safety, and occupational health risks

10 ANSI-GEIA-STD-0010 Standard Best Practices for System Safety Program Development and Execution Background Developed by the G-48 (TechAmerica), February 2009 Began as a draft update of MIL-STD-882D Intended enhancements Clarify basic elements of system safety program and the process flow Modernize the document and its tools to bring them abreast of contemporary best practice Introduce the concept of risk summation Parallel path to prepare a non-military system safety standard independent of MIL-STD-882 Demonstrates risk matrix tailoring through examples

11 ANSI-GEIA-STD-0010 Standard Best Practices for System Safety Program Development and Execution Approach Risk Reporting Matrix Appendix offers seven examples to demonstrate the spectrum of risk matrix options tailored to the system Risk Management Process Program Initiation Hazard Identification and Tracking Risk Assessment Risk Reduction Risk Acceptance

12 ANSI-GEIA-STD-0010 Standard Best Practices for System Safety Program Development and Execution Terminology Risks components: Source Mechanism Outcome Application System safety risk and ESOH risk

13 ISO 31000 Risk management Principles and guidelines Background Developed by the ISO Working Group on Risk Management, November 2009 Companion document - ISO Guide 73, Risk Management Vocabulary Provides principles, framework and a process for managing any form of risk Can be applied to any public, private or community enterprise, association, group or individual Risk management framework as an integral component of management system Assists organizations in developing their own approach to management of risk, but is not a certification standard Provides an internationally recognized benchmark, providing sound principles for effective management ISO Guide 73 will further ensure that all organizations are on the same page when talking about risk

14 ISO 31000 Risk management Principles and guidelines Approach Risk Reporting Matrix No Matrix Offered, but definition included in Guide 73 Risk Management Process Develop framework Communication and Consultation Establish the Context Risk Assessment Risk Treatment Monitoring and review Recording the Risk Management Process

15 ISO 31000 Risk management Principles and guidelines Terminology ISO Guide 73, Risk Management Vocabulary Risks components: Sources Causes Events Application Establishes principles, framework, and process for any system

16 Comparison DoD Risk Guide MIL-STD- 882D ANSI-GEIA- 0010 ISO 31000 Public/Private Public Public Private Private Risk Type Programmatic ESOH System Safety & ESOH Any Process Elements 5 8 5 7 Risk Matrix Applicability to Environmental Issues 5x5 3 Levels 4x5 4 Levels Multiple None Yes Yes Yes Yes

17 Comparison Risk Management Processes MIL-STD-882D DoD Risk Guide ANSI-GEIA-0010 ISO 31000 1. Document approach 2. Identify hazards Risk Identification Program Initiation Hazard Ident & Tracking 3. Assess Risk Risk Analysis Risk Assessment 4. Identify Mitigations Risk Mitigation Planning 5. Reduce Risk Risk Mitigation Plan Implementation 6. Verify Risk Reduction Risk Reduction 7. Risk Acceptance Risk Acceptance 8. Track Residual Risk Risk Tracking See Above Establish Framework, Comm & Consultation, Establish Context Risk Assessment Risk Treatment Monitoring & Review, Recording the Process

18 Comparison Risk Model MIL-STD-882D DoD Risk Guide ANSI-GEIA-0010 ISO 31000 Hazard Future root cause Source Sources Causal Factor? Probability of future root cause Mechanism Causes Mishap Consequence or effect Outcome Events

19 Conclusion More is similar than different all drive risk decisions Terminology, scope and order of presentation may vary, but all risk management models are essentially the same Establish a repeatable, documented structure Identify Risks Evaluate Risks Develop Mitigations Verify Mitigations Accept Risk Environmental engineer should be undaunted in translating findings between methodologies

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback