FMEA (Failure Mode and Effects Analysis) is one of the most famous techniques for analysing risks. In FMEA an interdisciplinary team derives risks from the requirements which are then evaluated in a structured way. For each risk three values are specified:
The Risk Priority Number (RPN) is then calculated by multiplying these three values. If the RPN is lower than a certain threshold the risk is seen as acceptable and no further actions need to be taken. If the RPN is too high additional actions must be taken to either decrease the probability of occurrence or to increase the probability of detection by the system.
Whenever an action was defined to reduce a certain risk a re-evaluation needs to be done. If the RPN for risk + action is still too high another action must be defined.
While preforming Risk Analysis we obviously create different types of information which are related to each other. So, why not using the requirements management solution with its dedicated support for managing such relations not only for the requirements but also for Risk Analysis?
Using the traceability capabilities of such a solution eases up approvement processes with certification authorities tremendously.
And if you need to create a nice looking report for the certification authority, just click a button (or generate them in batch mode while you relax at home…):
Life could be so easy…
By: Andreas Plette