Risk assessment
Learn how to assess the level of a risk with Dastra.
Dernière mise à jour
Learn how to assess the level of a risk with Dastra.
Dernière mise à jour
A risk can be evaluated with the following formula:
Where the probability is the frequency of occurrence of a hazardous event and/or a hazardous element, and the impact is the severity of the effects and/or the severity of the consequences of this hazardous event.
The impact of a risk is classified by default in 4 categories:
Catastrophic,
Significant,
Medium,
Low.
The probability of a risk is classified by default in 4 categories:
Very likely,
Likely,
Possible,
Unlikely.
It's possible to customize the risk levels in Dastra.
Depending on their level of probability and impact, risks can be classified into several categories:
Intolerable risks;
Risks that must be limited as much as possible;
Acceptable risks either because the probability and/or the severity of the risk is/are negligible compared to other risks.
Unacceptable risks are shown in red in Dastra.
Risks that should be limited as much as possible are represented in orange or yellow in Dastra.
Acceptable risks are shown in green in Dastra.
A "gross" risk is considered without all of the surrounding control systems - organization, various controls, documentation, etc.
A "net" (or residual) risk, on the other hand, is evaluated by taking into account all the systems already in place and effective.
