Safety Risk Analysis Report
- Safety Risk Analysis Report
- the safety work product
that reports the results of the
safety risk analysis task
As illustrated in the preceding figure, Safety Risk Analysis Report is part of the following inheritance hierarchy:
- Type: Concrete
- Superclass: Document
- Subclasses:
The typical responsibilities of a Safety Risk Analysis Report are to:
- Report the results of the safety analysis to its stakeholders.
The typical contents of the safety risk analysis report
are:
- Asset Analysis:
- Hazard Analysis:
- Risk Analysis:
- Appendices:
- Applicable Regulations, Laws, Certifications and
Standards
- Major Issues
- TBDs
- Assumptions
The typical stakeholders of the safety risk analysis report
are:
- Producer:
- Evaluators:
- Approvers:
- Maintainers:
- Users:
The safety risk analysis report typically can be started if
the following preconditions hold:
The safety risk analysis report typically has the following
inputs:
- Work Products:
- Stakeholders:
Guidelines
- Scope.
The scope of a safety risk analysis report can be:
- A business unit
- A data or contact center
- An application
- A reusable component
- Any other system
- Hazards vs. Threats vs. Vulnerabilities.
Care should be taken to properly differentiate hazards
(see above) from security threats (e.g., viruses, security
breaches) and vulnerabilities (e.g., inadequate system
redundancy, failsave design).
The safety risk analysis report is typically constrained by
the following conventions:
-
Content and Format Standard
-
MS Word Template
-
XML DTD
-
Evaluation Checklist
-
Example Safety Risk Analysis
Report
