Risk Tracking

As space missions are extremely risk-averse, systems engineers and program managers need to track technological risks to evaluate an acceptable risk posture or decide to mitigate risk. Risk management is an iterative process through the entire project lifecycle, as seen by the figure above [Atkins ESA]. Risk is an expected value composed of the likelihood of occurrence and consequence of occurrence. Likelihood rating categories are separated into:

1. Improbable (P<10-6)
2. Unlikely to occur (10 -3>P>10 -6)
3. May occur in time (10 -2>P>10 -3)
4. Probably will occur in time (10 -1>P>10 -2)
5. Likely to occur soon (P>10 -1)

Consequence rating categories are separated into:

1. Minimal or no impact
2. The additional effort required, no schedule impact, <5% system budget impact
3. The substantial effort required, < 1-month schedule slip, >2% program budget impact
4. The major effort required, critical path (> 1-month slip), >5% program budget impact
5. No known mitigation approaches, breakthrough required to resume schedule, >10% program budget impact

The magnitude of risk ranges between 1 – 25 and is binned into the following categories:

During the iterative process of monitoring and mitigating risk, the goal is to move every risky scenario down or left along with the risk matrix. The different zones require different levels of action. Red zones require new processes or a change in the baseline plan. The orange zone requires aggressive management and the consideration of alternative processes. The yellow zone requires some management actions. The green zone signifies that the current approach is sufficient. The risky scenarios to manage are a result of hazard analysis.

Hazard Analysis

Hazard analysis results in the identification of risks and the means of controlling or eliminating them. Hazard analysis also quantifies the risk for the Program/Project Manager [NASA Hazard Analysis Process]. The process of hazard analysis includes the identification of the following:

• • Hazardous conditions, events, or states
  • The effect of the hazardous state
  • The severity of the effect
  • All potential causes of the hazardous states
  • Controls for each of the hazard causes
  • Likelihood of each cause
  • Verification strategies for the controls.

The process closes by classifying, managing, and tracking the risk of hazard. Generic hazards include:

• • Collision or Impacts
  • Loss of Control
  • Contamination
  • Corrosion
  • Electrical Discharge/Shock
  • Environmental/Weather
  • Temperature Extremes
  • Gravitational Forces
  • Electromagnetic Interference
  • Radiation
  • Explosion
  • Fire/Overheat
  • Flight Termination Systems
  • Implosion/Loss of Pressure
  • High-Pressure Sources
  • Loss of Structural Integrity
  • Mechanical
  • Loss of Critical Function
  • Loss of Safe Return Capability
  • Loss of Habitable Environment
  • Pathological/Physiological/ Psychological
  • Inadequate HF Engineering
  • Lasers
  • Utility Outages.

Another type of hazard analysis is a job hazard analysis. “A job hazard analysis is a technique that focuses on job tasks as a way to identify hazards before they occur. It focuses on the relationship between the worker, the task, the tools, and the work environment. Ideally, after you identify uncontrolled hazards, you will take steps to eliminate or reduce them to an acceptable risk level” [OSHA].

Tools for hazard analysis include a Web-based, access-controlled NASA Hazard Management System (HMS), which provides a centralized repository for hazards regardless of origin and offers the ability to report and manage real-time hazards and controls. NASA HMS was created by Johnson Space Center.

Suggested Activity