SoluDyne RISK

Risk Management

Prevent adverse events and be in accordance with ISO standards. Identify, estimate and control costs and revenues associated with risk. Manage your company’s risk exposure, achieve control and clarity. Create action plans to reduce risks, and follow up through task handling in SoluDyne.

Net Account

Best Practices & Other Governing Elements

05 - QIS

06 - Risk

B-12272 - Risk Matrix

0 Overview
01 Description
02 Example

00 Overview

This Best Practice describes the Risk Matrix functionality in SoluDyne. The Risk Matrix defines the risk levels by setting values for probability/frequency and consequence. 

01 Description
  1. Create a Risk Matrix from the New button.
    1. Enter ID, Title, Owner, Case Handler and Description.
  2. Create a Risk Matrix group under the register by right clicking on the register.
    1. Enter ID, Title, Owner, Case Handler and Description.
  3. Create a Risk Matrix below the group by right clicking on the register.
    1. Enter ID and Title.
    2. Enter required number of Risk levels.
      1. Enter ID, Title, Short Name, Colour and Description.  
    3. Enter Consequence Category, Consequence and Probability.
    4. Enter titles on Consequence Category, Consequence and Probability. Enter requested colour in the diagram.

A Risk Matrix can also be linked to flowchart by defining a Risk Matrix under System / SoluDyne Administration and APOS.

02 Example

 

Figure 1. Risk Matrix Register, Risk Matrix Group and Risk Matrix.

 

Figure 2. Risk Matrix with consequence and probability. 

B-12273 - Risk and Vulnerability Analysis

00 Overview
01 Description
01.01 Risk Register
01.02 Risk Group
01.03 Risk Analysis Area
01.04 Risk
02 Example

00 Overview
This Best Practice describes the Risk and Vulnerability Analysis functionality in SoluDyne.

01 Description

01.01 Risk Register

  1. Create a Risk Register by using the New button.
    1. Enter ID, Title, Owner, Case Handler and Description.
    2. Link the Risk Matrix, see B-12272 - Risikomatrise.

01.02 Risk Group

  1. Create a Risk Group below the register by right clicking on the register.
    1. Enter ID, Title, Owner, Case Handler and Description.
    2. Risk Matrix will be generated when Risk Analyses with risk are created.

      Divide the risk register into Risk Groups. Right click on the risk register to add Risk Groups. It is possible to create groups below groups. 

      A Risk Group can be used to divide into the following:

      • Main processes
      • Sub processes
      • Product Groups
      • Organization Units

01.03 Risk Analysis Area

  1. Create a Risk Analysis Area by clicking on Add Risk Analysis Area.
    1. Enter ID, Title, Valid for, Owner, Case Handler and Description.
  2. On the Trend tab it is possible to monitor change in risk over time.
  3. Divide the Risk Group in Risk Areas. A Risk Area can be used to divide into:
    1. Level 1: Parent ROS-analysis
    2. Level 2: ROS-analysis of plants and activities
    3. Level 3: Detailed ROS-analysis of sub system or components

      Level 1 og 2 are executed by the Risk Register in SoluDyne. Level 3 is analysed with fault tree and FMECA (Failure Mode, Effect and Criticality Analysis).

01.04 Risk

  1. Create a Risk and enter by clicking on it. Identify risk on each area and to risks in the risk area. 
    1. Fill in the fields.
      1. The relevant Risk Matrix is chosen in the Type-field, see B-12272 - Risikomatrise
        The Risk Matrix is generated automatically in accordance to the chosen Risk Matrix under Type.
      2. The Risk Level is automatically given in accordance to the chosen values.
      3. The title or the description must provide the receiver with the understanding of: 
        1. What can happen, risk/danger: Life boat is not available.
        2. What is the triggering factor, cause: Installations avtivities. E.g.: The risk that a life boat is not available by a potential muster due to installation activities.  

    2. Go through all risk / incident and;
      1. Identify and document cause
      2. Evaluate and set probability / frequency
      3. Evaluate and set severity / consequence 
      4. Document justification for the choice of probability and severity. 
      5. Map and document which effect the incident can have
      6. Map and document existing barriers
      7. Perform an assessment of vulnerability 
      8. Specify the level of uncertainty
      9. Suggest risk reducing barriers and measures
      10. Specify controllability, i.e. if the firm can have an influence on  the incident
      11. Fill in the fields.
    3. The relevant Risk Matrix is chosen in the Type-field, see B-12272 - Risikomatrise
      The Risk Matrix is generated automatically in accordance to the chosen Risk Matrix under Type.
    4. Go through all risk / incident and;
        1. Identify and document cause
        2. Evaluate and set probability / frequency
    5. On the Activity List tab it is possible to create activities and action plans in order to reduce the risk. The measures are monitored by case handling in SoluDyne. 

      1. Suggest risk reducing measures
      2. Create an action plan with due dates and costs
      3. Evaluate if contingency plan and contingency organisation must be changed
      4. Decide where risk reducing activities shall be implemented:
        • Present for the management
        • Evaluate based on:
          • Risk Index and uncertainty
          • Level on controllability
          • Cost-benefit
    6. On the Trend tab it is possible to monitor change in risk over time.

02 Example

 

Figure 1. Risk Group. It is possible to create Risk Groups below Risk Groups.

  

Figure 2. Risk Analysis Area.

 

Figure 3. Trend.

 

Figure 4. Risk.

B-12458 - Administrate user access to ROS analyses

00 Overview
01 Description
01.01 Change of class permissions in the system access control
01.02 Adjust node permissions for specific user groups 
02 Example

00 Overview

This Best Practice describes how it is possible to limit reading access to certain ROS analyses below a Risk Register. A ROS analysis is created under a Risk Register.

01 Description

Access to ROS analyses are provided by first giving the relevant user group access to the risk register class and all below class, like Risk Group and Risk Analyse under CAR in Soludyne expanding menu. Then the node permissions are adjusted/limited on the Risk register the user group should not have access to. 

01.01 Change of class permissions in the system access control

The following classes must be activiated and the relevant user group must have "Read" access under SolyDyne tilgangskontoll:

Class Title
5624 Risk Register 
5625 Risk Group
5630 Risk Analysis
1065 Risk

For more information about changing of user rights in System Access Control, see B-11692 - Navigering i Systemtilgangskontroll.

01.02 Adjust node permissions for specific user groups

If three Risk Registers exist; 'Risk Register A', 'Risk Register B' og 'Risk Register C', the node permissions must be adjusted for each register. 

If the "Read" access is removed for the user group User on "Risk Register B", this user group will not have read access to anything that is put in this register. Another alternative is to navigate down a level in the Risk Register and adjust/limit the node permissions for the Risk Group if it is not desirable to have too many Risk Registers.

For more information on change of node permissions, see B-11787 - Node- og tregrupperettigheter

02 Example 

Limit permissions: Read, Write, Delete, Create New and Search for "Risk Register C" for the user group "Customer":

  • Open SoluDyne expanding menu
  • Click on CAR
  • Open 'Risk Register C'
  • Click on på Info on SoluDyne Toolbar and chose Properties
  • Click on Node Permissions
  • Remove tick on "Customer" for Read, Write, Delete, Create new and Search
  • Click Save
  • Click Publish

Note! As standard will everything under node permissions be ticked off, but this does not mean that that all user groups have access. The user groups still have to have permission certain classes, e.g. Risk Register.

 
Figure 1. Node permissions

B-12760 - Print Tree Report Containing Risk

00 Overview
01 Description

02 Example

00 Overview

This Best Practice describes how single risk(s) appear in the flowchart report (Print Tree).

01 Description

The linked risk(s) appears both in the table of contents and following the process description in the Print Tree report.

  • For more information on generating a Print tree from a Main Process, see B-12748 - Print Tree Report on Main Process
  • For more information on generating a Print tree from a Sub Process, see B-12750 - Print Tree Report on Sub Process
  • For more information on generating a Print tree from a Flowchart with Roles, see B-12751 - Print Tree Report on Flowchart with Roles

 02 Example

 

 

  1. The risk Level is indicated on the front page of the report.

 

  1. Item 3 on the index shows the linked risk assessment.

  

  1. Example of a linked Risk in a Print Tree Report.

B-12767 - Print Tree Report Containing Risk Analysis

00 Overview
01 Description

02 Example

00 Overview

This Best Practice describes the Risk Analysis Report in the Print Tree.

01 Description

The linked Risk Analysis appears both in the table of contents and following the process description in the Print Tree report.


02 Example

 

  1. The risk level is indicated on the front page of the report.

 

  1. Item 3 on the index shows the linked Risk Assessment.

   

  1. Example of a linked Risk Analysis in a Print Tree Report.
  2. Scroll down to see additional information for each Risk.

  

  1.  Risk information.

NOTE: Single Risk information will be shown for each Risk linked under the Risk Analysis.

B-12769 - Establishing a Risk Group

00 Overview
01 Description

02 Example

00 Overview

This Best Practice describes how to establish a Risk Group in SoluDyne.

01 Description

Risk Groups are established under Risk Registers. It is possible to create groups below groups. 

A Risk Group can be used to divide the following:

  • Main processes
  • Sub processes
  • Product Groups
  • Organization Units 

For more information on setting up the Risk Register, see B-12768 - Best Practice for Establishing a Risk Register.

02 Example

 

  1. Open the SoluDyne Menu.
  2. Open "CAR".
  3. Select the  Risk Register under which the Risk Group will be placed.

  

  1. Right click on the Risk Register.
  2. Select "New Node".
  3. Select "Risk Group."

 

  1. Fill in all the required information.
  2. Save or publish.

NOTE: Owner and Responsible are automatically inherited from the parent node, but can be changed as required.

B-12770 - Establishing a Risk Analysis

00 Overview
01 Description

02 Example

00 Overview

This Best Practice describes how to establish a Risk Analysis in SoluDyne.

01 Description

Risk Analyses are established under Risk Group(s). For more information on establishing a Risk Group, see B-12769 - Best Practice for Establishing a Risk Group.

On the Trend tab it is possible to monitor change in risk over time.

02 Example

 

Risk Analysis can be added in two ways:

  1. Right Click on the Risk Group, select "New Node", Select "Risk Analysis".
  2. Select "Add Risk Analysis" under the Risk Analysis Tab in the main window view.

 

  1. Fill-in all the required information (The ID is generated automatically, but can be edited if required).
  2. Add as many Risk Analyses as required.
  3. Save or publish.  

 

  1. Example of the Trend view, where it is possible to monitor change in risk over time.

B-12771 - Establishing a Risk

00 Overview
01 Description

02 Example

00 Overview

This Best Practice describes how to establish a Risk in SoluDyne.

01 Description

Risks are added under Risk Analysis. For more information on establishing a Risk Analysis, see B-12770 - Best Practice for Establishing a Risk Analysis.

02 Example

 

Risks can be added in two ways:

  1. Right click on the Risk Analysis and select "New Node" - "Risk".
  2. Select "Add Risk" under the Risks Tab in the main window view.

 

  1. Fill out all required information.

 

  1. The Risk Level will update automatically based on the inputs. (Colours and Levels are customised when setting up the Risk Matrix, see B-12272 - Risk Matrix.)
  2. Save intermittently.

 

  1. Publish the Risk when all information is added.

 

  1. Additional Risks are added in the same way.
  2. When all Risks are added, publish the Risk Analysis.

  

  1. Example of a published Risk.

NOTE: For more information on linking risks to processes, see B-12758 - Best Practice for Linking Risk(s) to Processes.

B-12772 - Linking a Process from a Risk Node

00 Overview
01 Description

02 Example
02.01 - Linking a Flowchart from a Risk Analysis Node
02.02 - Linking a Flowchart from a Risk Node


00 Overview

This Best Practice describes how to link risks to processes in SoluDyne.

01 Description

Linking risk(s) to processes helps the organisation manage the associated risk by:

  • Emphasising the need for the user's attention to the risk elements of the process;
  • Differentiating the training frequency requirements of the processes using risk. In other words, high risk processes require more frequent training.

Linking risk to processes can be done either from the risk or process node. For more information on linking a risk from a flowchart node, see B-12773 - Best Practice for Linking a Risk from a Flowchart.

Both risk analyses and single risks can be linked to a sub process, a flowchart, or an activity within a flowchart.

For more information on establishing risk analyses and risks, see B-12759 - Best Practice for Establishing a Risk Analysis

For more information on establishing a flowchart, see B-12493 - Best Practice for Modeling Flowchart with Roles

02 Example

02.01 - Linking a Flowchart from a Risk Analysis Node

In this case, the entire risk analysis (including all associated risks) will be linked to the process.

 

  1. Navigate to the required Risk Analysis.
  2. Ensure that the Risk Analysis is in edit-mode.

 

  1. In the "Applies To" field, type the process ID or key words for the required process.
  2. Select the process from the list of drop down related search results.  

 

  1. Publish when completed.  

NOTE: Risk Analyses do not appear as traffic lights on processes.

02.02 - Linking a Flowchart from a Risk Node

In this case, the single risk will be linked to the process. This is typically used where only one or two risks in a risk analysis apply to a particular process.

  

  1. Navigate to the required Risk.
  2. Ensure that the Risk is in edit-mode.

 

  1. In the "Applies To" column, type the process ID or key words for the required process.
  2. Select the process from the list of drop down related search results.  

 

  1. Publish when completed.  

 

  1. Navigate to the linked process.
  2. Control that the risk has appeared.

NOTE: Single Risks will automatically appear as a traffic light on the process, with the traffic light colour indicating the risk level.











Save