Copyright DB Netz AG, licensed under CC-BY SA 3.0 DE (see full text in CC-BY-SA-3.0-DE)
ARCH.013 Identify risks to business effectiveness (business loss-risk mapping)
SM-2749
-
Populate Confluence page for activity definition: ARCH.013 Identify risks to business effectiveness (feared event-undesired state mapping)
Finished
Goal | Provide a consistent starting point for business risk analysis |
---|---|
Requirements met by this process step | RiL 0120 series (DB quality management system) |
Inputs | Selected parts of the RiL 0120 series relevant to this activity AMOD-106 Enterprise goals including measures of effectiveness |
Outputs | AMOD-130 Business loss and risk state model |
Methodology | This process step consist in preparing the risk model basis which will be enriched iteratively with steps ARCH.020 Identify & classify operational deviations, ARCH.014 Evaluate risks to business effectiveness and ARCH.028 Define operational safety measures The main intended pattern of the state model is the representation of a <non business risk state> that makes transition to a <business risk state> which can then lead to an <business loss state>. as shown by the upper part of the below diagram Complementary patterns of the model (shown above) are:
The viewpoint definition for AMOD-130 indicates the detail of how this is captured in the analysis model. A set of buissness risks assigned to the respective business loss which are identified using the relevant source material and regulations (with reference to existing material in the DB quality management system), define a standard set of business losses are used for defining the business loss states and related business risk state(s) in the model as starting point. A Risk Model is to be created for each business risk state identified in relation to an business loss state. Different risk models may be needed for one business risk state if for the same business risk state, there exist:
Remarks:
The set of the risk state models defined as starting basis will be then completed by potentially additional business risk states or new conditions for transitions between states found out after performing the 1st part of ARCH.020. The worst case consequence of a particular business loss related to a business risk in question is considered in the given severity level. When creating a risk model, the following steps have to be carried out:
The business risk state must be expressed in terms of physical conditions that could lead to an accident, excluding any notion of a system or safety function failure. They can include reference to abstract concepts that are not safety-related, for example an operational plan. Then the following is to be done just formally without any content consideration
Note: the intention here is not to create a working state model of the entire business, rather to reduce down to an abstract set the critical business losses and the mechanisms by which they happen, so that sufficient mitigations can be built into the operational concept. The focus is on creating a good experience for our customers by avoiding delays, making the railway user-friendly, and anticipating deviations that we can mitigate to maintain service quality. |
Tools and non-human resources | Team for Capella |
Cardinality | One-off with possibility of revisions |
Completion criteria | The output view is complete i.e. sufficient losses and not-allowed states have been covered The output view includes elements that are required by DB regulations, where applicable The output view conforms to its modelling rules |
Design review | ARCH.R.2 Operational review - consolidated |
Step done by (Responsible) | RAMS architect |
Provides input to/assists (Contributes) | RAMS engineer |
Uses outputs (Informed) | None directly |