
The risk assessment process starts with inherent (or raw) risk analysis of the task hazard pair. Risk reduction strategies are applied (existing and new), and residual risk after proper application of the application of the strategy or method is documented. This process continues until effective risk reduction is achieved (likely low or negligible risk level). Where function safety is applied as a risk reduction measure, the required performance level of the safety function is established.
A team approach is the best strategy to perform a risk assessment. The minimum team members must accurately represent production and maintenance tasks, however a well-rounded team of various stakeholders yields the best results by balancing professional biases.
Documenting residual risk is a key component to a risk assessment. While the goal is elimination of all risks, practically speaking there are always residual risks of some form or another. Where there are reasonably foreseeable residual risks (including foreseeable misuse, control system disorder, and operator error), additional safeguarding must be applied. When the additional safeguarding does not meet the level of risk faced (i.e. Information for use, administrative controls, awareness means generally speaking), the importance of recognizing the resulting residual risk and enforcing the lower-level controls is of paramount importance.