Risk Assessment Process

The risk assessment process starts with a typical failure effect, such as a loss of engine power, notes a cause, for example, an engine stalling (specifying which aircraft parts are involved and any warnings or automatic procedures in place), and then defines how probable this is (such as “likely,” see Table 19.9). Each failure effect is then mapped to an operational hazard, for example, the aircraft might start to loose altitude, so that the probability of each hazard occurring can be assessed, with each hazard then in turn being mapped on to possible accidents. The resulting accident list then records which hazard leads to which accidents and their severity in terms of the outcomes in Table 19.10. Finally, given this information, the accident sequence and mitigation table can be constructed to establish the residual risks associated with each hazard using Tables 19.11 and 19.12. The following subsections illustrate this process for typical effects, hazards, accidents, and mitigations.

