prEN ISO 17666
(Main)Space systems - Risk management (ISO/DIS 17666:2015)
Space systems - Risk management (ISO/DIS 17666:2015)
Systèmes spatiaux - Management des risques (ISO/DIS 17666:2015)
Vesoljski sistemi - Obvladovanje tveganja (ISO/DIS 17666:2015)
General Information
Relations
Standards Content (Sample)
SLOVENSKI STANDARD
01-februar-2016
Vesoljski sistemi - Obvladovanje tveganja (ISO/DIS 17666:2015)
Space systems - Risk management (ISO/DIS 17666:2015)
Systèmes spatiaux - Management des risques (ISO/DIS 17666:2015)
Ta slovenski standard je istoveten z: prEN ISO 17666
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
49.140 Vesoljski sistemi in operacije Space systems and
operations
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
DRAFT INTERNATIONAL STANDARD
ISO/DIS 17666
ISO/TC 20/SC 14 Secretariat: ANSI
Voting begins on: Voting terminates on:
2015-11-19 2016-02-19
Space systems — Risk management
Systèmes spatiaux — Management des risques
ICS: 49.140
ISO/CEN PARALLEL PROCESSING
This draft has been developed within the International Organization for
Standardization (ISO), and processed under the ISO lead mode of collaboration
as defined in the Vienna Agreement.
This draft is hereby submitted to the ISO member bodies and to the CEN member
bodies for a parallel five month enquiry.
Should this draft be accepted, a final draft, established on the basis of comments
received, will be submitted to a parallel two-month approval vote in ISO and
THIS DOCUMENT IS A DRAFT CIRCULATED
formal vote in CEN.
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
To expedite distribution, this document is circulated as received from the
IN ADDITION TO THEIR EVALUATION AS
committee secretariat. ISO Central Secretariat work of editing and text
BEING ACCEPTABLE FOR INDUSTRIAL,
composition will be undertaken at publication stage.
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/DIS 17666:2015(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
©
PROVIDE SUPPORTING DOCUMENTATION. ISO 2015
ISO/DIS 17666:2015(E)
© ISO 2015, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2015 – All rights reserved
ISO/DIS 17666
Contents Page
Foreword . Error! Bookmark not defined.
Introduction . Error! Bookmark not defined.
1 Scope . 1
2 Terms, definitions and abbreviated terms . 1
3 Principles of risk management . 3
4 The risk management process . 4
5 Risk management implementation . 10
6 Risk management requirements . 12
Annex A (informative) Risk register example and ranked risk log example . 16
Annex B (informative) Risk Management Plan (DRD) . 18
Bibliography . 20
ISO/DIS 17666 iii
ISO/DIS 17666
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies
(ISO member bodies). The work of preparing International Standards is normally carried out through ISO
technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International Standards
adopted by the technical committees are circulated to the member bodies for voting. Publication as an
International Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 17666 was prepared by the Technical Committee ISO/TC 20, Aircraft and space vehicles, Subcommittee
SC 14, Space systems and operations.
iv ISO/DIS 17666
ISO/DIS 17666
Introduction
Risks are a threat to the project success because they have negative effects on the project cost, schedule and
technical performance, but appropriate practices of controlling risks can also present new opportunities with
positive impact.
The objective of project risk management is to identify, assess, reduce, accept, and control space project risks
in a systematic, proactive, comprehensive, and cost-effective manner, taking into account the project’s
technical and programmatic constraints. Risk is considered tradable against the conventional known project
resources within the management, programmatic (e.g. cost, schedule), and technical (e.g. mass, power,
dependability, safety) domains. The overall risk management in a project is an iterative process throughout
the project life cycle, with iterations being determined by the project progress through the different project
phases, and by changes to a given project baseline influencing project resources.
Risk management is implemented at each level of the customer-supplier network.
Known project practices for dealing with project risks, such as system and engineering analyses, analyses of
safety, critical items, dependability, critical path, and cost, are an integral part of project risk management.
Ranking of risks according to their criticality for the project success, allowing management attention to be
directed to the essential issues, is a major objective of risk management.
The project actors agree on the extent of the risk management to be implemented into a given project
depending on the project definition and characterization.
ISO/DIS 17666 v
ISO/DIS 17666
1 Scope
This Standard defines, extending the requirements of ISO 14300-1, the principles and requirements for
integrated risk management on a space project; it explains what is needed to implement a project-integrated
risk management policy by any project actor, at any level (i.e. customer, first-level supplier, or lower-level
suppliers).
This Standard contains a summary of the general risk management process, which is subdivided into four (4)
basic steps and nine (9) tasks. The implementation can be tailored to project specific conditions.
The risk management process requires information exchange among all project domains and provides
visibility over risks, with a ranking according to their criticality for the project; these risks are monitored and
controlled according to the rules defined for the domains to which they belong.
The fields of application of this standard are all the space project phases. A definition of project phasing is
given in ISO 14300-1.
When viewed from the perspective of a specific programme or project context, the requirements defined in this
Standard should be tailored to match the genuine requirements of a particular profile and circumstances of a
programme or project.
NOTE Tailoring is a process by which individual requirements or specifications, standards, and related documents are
evaluated and made applicable to a specific programme or project by selection, and in some exceptional cases,
modification and addition of requirements in the standards.
2 Terms, definitions and abbreviated terms
2.1 Terms and definitions
For the purposes of this Standard, the following terms and definitions apply.
2.1.1
acceptance of (risk)
decision to cope with consequences, should a risk scenario materialise
NOTE 1: A risk can be accepted when its magnitude is less than a given threshold, defined in the risk management policy.
NOTE 2: In the context of risk management, acceptance can mean that even though a risk is not eliminated, its existence
and magnitude are acknowledged and tolerated.
2.1.2
(risk) communication
all information and data necessary for risk management addressed to a decision maker and to relevant actors
within the project hierarchy
2.1.3
(risk) index
score used to measure the magnitude of the risk; it is a combination of the likelihood of occurrence and the
severity of consequence, where scores are used to measure likelihood and severity
2.1.4
individual (risk)
risk identified, assessed, and mitigated as a distinct risk items in a project
2.1.5
(risk) management
ISO/DIS 17666 1
ISO/DIS 17666
systematic and iterative optimisation of the project resources, performed according to the established project
risk management policy
2.1.6
(risk) management policy
describes the organisation’s attitude towards risks, how it conducts risk management, the risks it is prepared
to accept and defines the main requirements for the risk management plan
2.1.7
(risk) management process
consists of all the project activities related to the identification, assessment, reduction, acceptance, and
feedback of risks
2.1.8
overall (risk)
risk resulting from the assessment of the combination of individual risks and their impact on each other, in the
context of the whole project
NOTE: Overall risk can be expressed as a combination of qualitative and quantitative assessment.
2.1.9
(risk) reduction
implementation of measures that leads to reduction of the likelihood or severity of risk
NOTE: Preventive measures aim at eliminating the cause of a problem situation, and mitigation measures aim at
preventing the propagation of the cause to the consequence or reducing the severity of the consequence or the likelihood
of the occurrence.
2.1.10
residual (risk)
risk remaining after implementation of risk reduction measures
2.1.11
resolved (risk)
risk that has been rendered acceptable
2.1.12
risk
undesirable situation or circumstance that has both a likelihood of occurring and a potentially negative
consequence on a project
NOTE: Risks arise from uncertainty due to a lack of predictability or control of events. Risks are inherent to any project
and can arise at any time during the project life cycle; reducing these uncertainties reduces the risk.
2.1.13
(risk) scenario
sequence or combination of events leading from the initial cause to the unwanted consequence
NOTE: The cause can be a single event or something activating a dormant problem.
2.1.14
(risk) trend
evolution of risks throughout the life cycle of a project
2.1.15
unresolved (risk)
risk for which risk reduction attempts are not feasible, cannot be verified, or have proven unsuccessful: a risk
remaining unacceptable
2 ISO/DIS 17666
ISO/DIS 17666
2.2 Abbreviated terms
The following abbreviated terms are defined and used within this Standard.
ECSS European Cooperation for Space Standardization
IEC International Electrotechnical Commission
3 Principles of risk management
3.1 Risk management concept
Risk management is a systematic and iterative process for optimising resources in accordance with the
project’s risk management policy. It is integrated through defined roles and responsibilities into the day to day
activities in all project domains. Risk management assists managers and engineers when including risk
aspects in management and engineering practices and judgement throughout the project life cycle. It is
performed in an integrated, holistic way, maximising the overall benefits in areas such as:
design, construction, testing, operation, maintenance, and disposal, together with their interfaces;
control over risk consequences;
management, cost, and schedule.
This process adds value to the data that is routinely developed, maintained, and reported.
3.2 Risk management process
The entire spectrum of risks is assessed. Tradeoffs are made among different, and often competing, goals.
Undesired events are assessed for their severity and likelihood of occurrence. The assessments of the
alternatives for mitigating the risks are iterated, and the resulting measurements of performance and risk trend
are used to optimise the tradable resources.
Within the risk management process, available risk information is produced and structured, facilitating risk
communication and management decision
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.