EN 16991:2018

SLOVENSKI STANDARD
01-julij-2018
2EPRþMHQDG]RUDQDSRGODJLRFHQHWYHJDQMD
Risk based inspection framework (RBIF)
Risikobasierte Inspektion (RBIF)
Cadre d’inspection basée sur les risques (RBIF)
Ta slovenski standard je istoveten z: EN 16991:2018
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EN 16991
EUROPEAN STANDARD
NORME EUROPÉENNE
April 2018
EUROPÄISCHE NORM
ICS 03.100.01
English Version
Risk-based inspection framework
Cadre d'inspection basée sur les risques Risikobasierte Inspektion (RBIF)
This European Standard was approved by CEN on 22 October 2017.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this
European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references
concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN
member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management
Centre has the same status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2018 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN 16991:2018 E
worldwide for CEN national Members.

Contents Page
European foreword . 5
Introduction . 6
1 Scope . 7
2 Normative references . 7
3 Terms and definitions . 7
4 Abbreviated terms . 10
5 The RBI framework . 11
5.1 RBIF principles . 11
5.2 RBIF requirements . 12
5.2.1 General requirements . 12
5.2.2 Plant and process documentation . 13
5.2.3 Personnel requirements . 14
5.2.4 Requirements for performing CoF analysis . 15
5.2.5 Requirements for performing PoF analysis . 16
5.2.6 Requirements for risk assessment . 18
5.3 RBIF within the overall management system . 18
5.4 Compatibility with other known approaches . 19
6 The RBIF process . 19
7 Initial analysis and planning . 21
7.1 General description and scope . 21
7.1.1 General . 21
7.1.2 Planning and the preliminary analysis . 21
7.1.3 Definition of objectives . 21
7.1.4 Definition of systems, sub-systems (loops) and equipment to be considered . 22
7.1.5 Definition of the scope of analysis . 22
7.1.6 Definition of data sources available . 22
7.1.7 Definition of regulations to be considered . 23
7.1.8 Team specifications . 23
7.1.9 Tools to be used . 24
7.1.10 Accuracy of the acceptance of the methodology. 24
7.2 Requirements . 24
7.3 Inputs . 24
7.4 Procedure . 25
7.5 Output . 25
7.6 Warnings and applicability limits . 25
8 Data collection and validation . 26
8.1 General description and scope . 26
8.2 Requirements . 26
8.3 Input . 27
8.3.1 General . 27
8.3.2 Collect and validate documented data . 27
8.3.3 Collect relevant non-documented data . 28
8.4 Procedure . 28
8.5 Output . 29
8.6 Warnings and applicability limits . 29
9 Multilevel risk analysis (ranging from screening to detailed) . 30
9.1 General description and scope . 30
9.2 Risk analysis - screening level . 30
9.2.1 General. 30
9.2.2 Inputs . 31
9.2.3 Procedure . 31
9.2.4 Output . 31
9.3 Risk analysis - detailed assessment . 32
9.3.1 General. 32
9.3.2 Requirements . 33
9.3.3 Inputs . 33
9.3.4 Procedure . 34
9.3.5 Output . 36
10 Decision making/action plan . 38
10.1 General description and scope . 38
10.2 Requirements . 38
10.3 Inputs . 39
10.4 Procedure . 39
10.4.1 General. 39
10.4.2 Define degradation groups and relevant susceptible areas . 40
10.5 Output . 41
10.6 Warnings and applicability limits . 42
11 Execution and reporting . 42
11.1 General description and scope . 42
11.2 Input . 43
11.3 Procedure . 43
11.4 Output . 46
11.5 Warning/ application limits . 46
12 Performance review/Evergreening phase . 46
12.1 General description and scope . 46
12.2 Requirements . 47
12.3 Inputs . 47
12.4 Procedure . 48
12.4.1 General. 48
12.4.2 Work process efficiency benchmarking . 48
Annex A (informative) Assessments . 50
A.1 Example of a multilevel RBI analysis in power industry . 50
A.2 Example of screening and detailed risk assessment . 54
A.3 Reliability of risk assessment results in the screening phase . 58
A.4 Example of assessment of damage/failure probability . 59
A.5 Example of probability and consequence factors for qualitative analysis on the
screening and detailed levels . 60
A.6 Examples of types of in-service damage and their specifications . 61
A.7 Example of various types of damage and their specifications in relation to hierarchical
structure of the plant . 63
A.8 Example of classification of type of damage vs. prioritized methods of inspection . 65
A.9 Example for determination of PoF . 68
A.10 Example for determination of CoF . 70
A.11 Example of KPIs and objectives for selection . 76
A.12 Example of a RBI management system evaluation questionnaire [34] . 79
A.13 Example of formulation and degradation of components, structures and systems . 81
Bibliography . 83
European foreword
This document (EN 16991:2018) has been prepared by Technical Committee CEN/TC 319 “Maintenance”,
the secretariat of which is held by UNI.
This European Standard shall be given the status of a national standard, either by publication of an identical
text or by endorsement, at the latest by October 2018 and conflicting national standards shall be
withdrawn at the latest by October 2018.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the following
countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus,
Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany,
Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland,
Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.
Introduction
Since the late 1990s, inspection and maintenance approaches in industry have been globally moving from
prescriptive, time-based towards risk-based ones. This trend has clearly been established by the wish to
increase the on-stream production time, to reduce unscheduled downtime due to corrective maintenance,
to avoid shutdown due to equipment failure and/or to reduce undesirable impacts on process safety.
This European Standard provides the essential elements of risk-based assessment of industrial assets
according to the approach developed and demonstrated in the European pre-standardization document
CWA 15740:2008 [1]. The CWA 15740 document was updated in 2011, and from 2014 its further
development continued within this document and the corresponding EU Project RIMAP (Risk-Based
Inspection and Maintenance Procedures for European Industry) [2] [3].
The document is intended for managers and engineers establishing the RBIM (Risk-based Inspection and
Maintenance) policies in the process, power, steel and other relevant industries. This document is intended
to be used in conjunction with the relevant internationally accepted practices, national regulations and RBI
company policies. The document aims to provide a common reference for formulating the RBI policies and
developing the corresponding inspection and maintenance programs.
The background of the RBIM methodology is provided by the EU project RIMAP (Risk-based Inspection and
Maintenance Procedures for European Industry) [4]. In this project, the industry independent methodology
has been validated for chemical, petrochemical, power and steel industries and summarized in the
respective RIMAP Application Workbooks [4].
The main goal of this European Standard and the former RIMAP project is to support the establishment and
application of risk-based inspection and maintenance programs in industrial plants in a documented and
efficient way, while at the same time maintaining or improving safety, health and environment
performance.
The RBIF addresses primarily static pressure equipment (e.g. tanks, piping), but is also applicable to
dynamic/rotating equipment (e.g. pumps, turbines, valves) and pressure relief devices, and it can be
extended to other types of equipment, if appropriate. It addresses primarily the equipment and/or systems
in the in-service phase of the operation, but can also be applied in the design-phase for analysis and/or
determination of maintenance/inspection strategies or life extension phases. Application of this RBIF in
industry will take into account also the general developments in the industry and maintenance practices
(e.g. The Industry 4.0).
1 Scope
This European Standard specifies the Risk-Based Inspection Framework (RBIF) and gives guidelines for
Risk-Based Inspection and Maintenance (RBIM) in hydrocarbon and chemical process industries, power
generation and other industries where RBI is applicable.
Although RBIF encompasses both inspection and maintenance, this document focuses primarily on Risk-
Based Inspection (RBI) and its applicability within the context of RBIM. The RBIF thereby supports
optimization of operations and maintenance as well as asset integrity management.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1
risk
combination of the probability of occurrence of harm and the severity of that harm
Note 1 to entry: The probability of occurrence includes the exposure to a hazardous situation, the occurrence of a
hazardous event, and the possibility to limit the harm.
Note 2 to entry: Other definitions, e.g. the one from ISO 31000 are recognized, but not used practically in the
document.
[SOURCE: ISO/IEC Guide 51:2014, 3.9]
3.2
risk management
coordinated activities to direct and control an organization with regard to risk
Note 1 to entry: Systematic application of management policies, procedures, and practices to the tasks of analysing,
evaluating and controlling risk.
[SOURCE: ISO Guide 73:2009, 2.1, ISO 31000:2009, 2.2]
3.3
equipment
individual item that is part of a system, equipment is comprised of an assemblage of components Examples
include pressure vessels, pressure relief devices, piping, boilers and heaters.
[SOURCE: API RP 581:2016, 3.1.23]
3.4
inspection
examination for conformity by measuring, observing or testing the relevant characteristics of an item
[SOURCE: EN 13306:2010, 8.1]
3.5
maintenance
combination of all technical, administrative and managerial actions during the life cycle of an item intended
to retain it in, or restore it to, a state in which it can perform the required function
[SOURCE: EN 13306:2010, 2.1]
3.6
integrity operating window
IOW
established limits for process variables (parameters) that can affect the integrity of the equipment if the
process operation deviates from the established limits for a predetermined length of time (includes critical,
standard and informational IOW’s)
[SOURCE: API RP 584, 3.6]
3.7
preventive maintenance
maintenance carried out at predetermined intervals or according to prescribed criteria and intended to
reduce the probability of failure or the degradation of the functioning of an item
[SOURCE: EN 13306:2010, 7.1]
3.8
corrective maintenance
maintenance carried out after fault recognition and intended to put an item into a state in which it can
perform required function
[SOURCE: EN 13306:2010, 7.5]
3.9
reliability centred maintenance
method to identify and select failure management policies to efficiently and effectively achieve the required
safety, availability and economical operation
[SOURCE: EN 60300-3-11:2009, 3.1.23]
3.10
risk based inspection
RBI
risk assessment and management process to plan, implement and evaluate inspections in a structured and
documented way
3.11
probability of failure
PoF
likelihood of an equipment or component failure due to a single damage mechanism or multiple
mechanisms occurring under specific operating conditions
[SOURCE: API RP 581:2016, 3.1.57]
3.12
consequence of failure
CoF
outcome of a failure can be expressed in terms of safety to personnel, economic loss, and/or damage to the
environment
[SOURCE: EN 60300-3-11:2009, 3.1.23]
3.13
evergreening
dynamic process of keeping records and analysis updated and relevant for the current situation
3.14
area susceptible to damage/susceptible area
area in a plant where a certain degradation is more probable to occur
[SOURCE: API RP 581:2016, part 2]
3.15
degradation
detrimental change in physical condition, with time, use or external cause
Note 1 to entry: Degradation may lead to a failure.
Note 2 to entry: In a system context, degradation may also be caused by failures within the system.
[SOURCE: EN 13306:2010, 5.6]
3.16
degradation group
group of piping or equipment items exposed to the same internal/external environment and operating
conditions, with the same material selection and/or design, thus having the same potential degradation
mechanisms.
Note 1 to entry: Degradation grouping can allow the use of inspection data from any equipment in the selection to
assess the condition of the entire degradation group. Equipment in a degradation group are normally physically
connected to each other.
Note 2 to entry: Corrosion group and/or corrosion circuit and/or corrosion loop is also used if the relevant
degradation is corrosion type.
[SOURCE: adapted from DNV RP-G101: 2010]
3.17
condition monitoring locations
CML
designated areas on pressure vessels where periodic examinations are conducted. Previously, they were
normally referred to as “thickness monitoring locations (TMLs)”
[SOURCE: API 510:2006]
4 Abbreviated terms
Table 1 — Abbreviated terms
Abbreviated term Definition
ALARP As Low As Reasonably Practicable
API American Petroleum Institute
ASME American Society of Mechanical Engineers
CAD Computer Aided Design
CAM Computer Aided Manufacturing
CCD Corrosion Control Document
CMMS Computerized Maintenance Management System
CML Condition Monitoring Location
CoF Consequence of Failure
CUI Corrosion Under Insulation
ESV Emergency Shut-off Valves
FME(C)A Failure Mode, Effects (and Criticality) Analysis
HAZOP HAZard and OPerability (study/analysis)
HCF/LCF High Cycle Fatigue/Low Cycle Fatigue
HFF/LFF High Fluid Flow/Low Fluid Flow
HS(S)E Health, Safety (Security) and Environment
HSE Health, Safety and Environment
HT High Temperature
IOW Integrity Operating Window
IPF Instrument Protective Function
KKS Kraftwerk-Kennzeichensystem, Power Plant Classification
System [18]
KPI Key Performance Indicators
LoF Likelihood of Failure
NOTE: also referred to as Probability of Failure (PoF) in
some cases
LoPC Loss of Primary Containment
MEI Maintenance Execution Inspection
MOC Management Of Change
MOTBF Mean Operating Time Between Failure
Abbreviated term Definition
NCR Non Conformity Report
NDT Non-Destructive Testing/inspection
NII Non-Intrusive Inspection
PFD Process Flow Diagrams
P&ID Piping and Instrumentation Diagram
PHA Process Hazard Analysis
PoD Probability of Detection
PoF Probability of Failure
NOTE also referred to as Likelihood of Failure (LoF) in
some cases
PRV Pressure Relief Valve
QA Quality Assurance
QRA Quantitative Risk Assessment
QMS Quality Management System
RBI Risk Based Inspection
RBIF Risk Based Inspection Framework
RBIM Risk Based Inspection and Maintenance
RBWS Risk Based Work Selection
RCA/RCFA Root Cause Analysis/Root Cause Failure Analysis
RCM Reliability Centred Maintenance
RIMAP Risk based Inspection and Maintenance Procedures
5 The RBI framework
5.1 RBIF principles
The risk-based approach shall apply a multidisciplinary engineering analysis to ensure that targets related
to health, safety, business and environment criteria are met. These targets shall be met by implementing
optimized inspection, monitoring and maintenance programs based on an appropriate risk-based
methodology covering the following items:
— planning of the primary work products of RBI assessments and management approach in such a way
that risks at system and/or equipment level are managed, considering risks from the Health, Safety &
Environment (HSE) and/or the economic/business perspective;
— defining the RBI framework which meets the requirements of good engineering practices and
industrial reference standards in handling hazardous materials and containment;
— complying with applicable legal or normative regulations and guidelines.
5.2 RBIF requirements
5.2.1 General requirements
The general requirements of the RBIF are:
— the objectives and risk criteria shall be clearly defined;
— the assessment and the applied procedure shall comply with the applicable legal and regulatory
requirements;
— an adequate level of input information shall be available for the assessment;
— the assessment shall be performed by a multidisciplinary team including personnel with the
appropriate required competence and qualifications;
— the integrity and safety assessment and the applied procedures shall provide results, which are:
a) realistic, but with conservative treatment of uncertainties and assumptions;
b) representable in a risk matrix, auditable and consistent with both the objectives and applied risk
criteria supporting RBI planning and decision making on the target system or equipment.
— the assessment shall reflect the real conditions in the plant and be kept in “evergreening” status;
— change management shall be made according to an accepted and recognized standard − such as EN
ISO 9000 [5];
— in the case when computer models/tools are used, these shall be validated and their decision logic shall
be documented and authorized by the risk managers.
The RBI process is divided into the main RBI application level and an inspection and maintenance strategy
level. The main RBI application level is shown in Figure 1 and takes into account the following factors:
— the level of risk;
— the opportunity to eliminate failure causes;
— the risk to personnel during execution of inspection and maintenance;
— the risk of introducing new failure causes while trying to eliminate the existing ones.
In cases where change of the inspection and maintenance strategy is not possible, technical (e.g. robotics)
or organizational (e.g. training) measures may be introduced to reduce the risk and to avoid introducing
any new failures.
The decision tree serves three important purposes:
— to ensure a systematic evaluation of needs for inspection and maintenance activities;
— to ensure consistency of the evaluation between different units, plant systems and similar units at
different locations;
— to simplify the documentation of reached conclusions.
When the inspection and maintenance strategy has been determined, the method, intervals, and extent of
inspection shall be determined so that risks remain acceptable and costs are optimized (ALARP). This
needs to be aligned to the organization’s asset management strategy and kept up-to-date. This is achieved
by establishing risk reduction measures for the items that exceed the acceptance limits and, where possible,
by mitigating measures like inspections and maintenance for items that remain below these limits for the
period of assessment. The risk reduction effect of alternative measures as well as the costs of these
measures shall also be determined.

Figure 1 — Main RBI application level and decision tree
The approaches and methodologies used in RBIF can be compatible with the generic requirements
resulting from basic ISO Standards such as EN ISO 9000-series[5], EN ISO 14000-series [6], ISO 55000 [7]
and in-particular, ISO 31000-series [8] (IEC/ISO 31010 [9], ISO/IEC Guide 51 [10], ISO Guide 73 [11]).
Other standards with which RBIF can also be compatible are EN 13306 [12], ISO/DIS 45001, ISO 22301
[13], IEC 61508/ IEC 61511 [14] [15] and ISO/IEC 17020 [16].
5.2.2 Plant and process documentation
The development of a Risk-Based Inspection plan for different equipment items shall follow a well-defined,
rigorous, and logical process to ensure that all pertinent information has been considered, and no critical
factors are overlooked.
The RBI process shall be clearly documented in a written procedure. This documented procedure shall be
referenced, approved and controlled. The procedure shall define each step to be taken during the risk
assessment process including the data journey and data quality needs of all data sets used for the risk
assessment. The procedure shall explain in detail how PoF and CoF are established, and how this is used to
determine the risk level and inspection plans.
It is essential that all RBI assessments are clearly documented, with all factors contributing to the final risk
assessment defined. The minimum documentation shall include:
— team members performing the assessment and their competence;
— previous assessment date;
— reassessment interval;
— list of factors used to determine risk (severity, probability of failure and exposure);
— list of assumptions made during the assessment;
— risk assessment results for unmitigated risks;
— actions required to move to new mitigated risk levels; and
— optionally: risk assessment results for mitigated risks levels.
The aforementioned documents will help to review the processes, the changes in the processes and to
update the inspection related information.
5.2.3 Personnel requirements
The RBIF requires competent personnel at all levels as well as appropriate routines for the execution of the
assessment. The RBI program shall define the personnel participating in each stage of the risk assessment,
including their required qualifications, training, plant-specific knowledge and experience. The RBI team
should include:
— a team leader (facilitator);
— a materials and damage mechanism specialist with sufficient qualification and experience to
understand the process, predict failure mechanisms and identify limitations in inspection techniques;
— an inspection/NDT and maintenance specialist;
— a plant operation and process specialist;
— reliability, risk assessment, HSE, financial and business personnel; and
— other specialist(s) as needed.
However, not every competence area has to be covered by a different person, as individuals may possess
competence in multiple disciplines.
The RBI team shall include with written evidence the following areas of expertise: inspection, maintenance,
materials and damage mechanism, process technology, RBI, operations and facilitation. For each area of
expertise, requirements related to competence and experience shall be defined, allowing for the case that
some persons may provide expertise in multiple disciplines/areas.
In particular cases, depending on the type of industry, the personnel may require other special
competencies. In addition, local rules and legislation may set competency requirements. Due consideration
should also be given to the independency of the RBI team members and width of background skills and
expertise collated in the team. Although one or more of the skills may be possessed by one person, but it is
emphasized that RBI planning is a team effort and usually needs a facilitator.
5.2.4 Requirements for performing CoF analysis
5.2.4.1 General requirements
The CoF assessment shall start with a good description of the system or item that is considered in the RBI
process. Relevant system data such as location, dimensions, materials and process data such as
temperature, pressure and fluid/gas properties shall be available.
The actual analysis is done on relevant damage mechanisms and failure modes of the system or equipment.
The analysis should then lead to a credible classification of the potential consequences of that failure mode.
The HSE aspects shall be included, as a minimum, in order to assess the CoF. If the RBI process is used for
assuring HSE rather than for financial optimization, the averaging of individual aspects (HSE and/or
business consequences) is not allowed.
A potentially hazardous event will only lead to health and safety consequences if people are present in the
hazardous zone at that time and have no means of averting or protecting themselves against the hazard. It
is therefore essential to take these two “mitigating” factors into account for a realistic consequence
assessment of a failure mode. However, sometimes a hazardous event can lead to a domino effect involving
complex situations which should be considered.
Consequence values might be derived from existing quantitative risk assessments or other risk assessment
analysis considering consequences of release. For assessing the CoF , CoF and CoF the mass
safety health environment
of fluid, which is released due to a leak, is usually the main factor. In the case of release, the inventory of
isolatable sections of a process plant shall be considered. The inventory is the total mass of the fluid
present in a single isolatable section. The mass (volume, density) of the whole inventory shall be utilized in
the assessment instead of the individual smaller mass of fluid in each item of equipment. These sections are
often defined by Emergency Shut-off Valves (ESVs). The main CoF requirements [4] for RBIF are explained
in the subchapters below.
5.2.4.2 Recognized models
The CoF assessment method shall be verified/benchmarked against state–of-the-art (established)
consequence models which are generally being used, accepted and referred to in open literature such as
IEC/ISO 31010 [9].
5.2.4.3 Requirements related to CoF
safety
The CoF assessment shall be documented and approved by the responsible authorities recognized a in
safety
accordance with the applicable (e.g. national) regulations, if necessary.
The methods can be based on at least one or more of the following aspects (depending on the type of
equipment and fluid):
— released mass flow rate;
— type of release (instantaneous discharge of total contained quantity or by leakage at a specified rate);
— flammability;
— toxicity;
— energy release (pressure or heat); and
— kinetic energy of projectiles (kinetic energy of equipment fragments with a potential of domino effect).
5.2.4.4 Requirements related to CoF
health
The CoF assessment shall be documented and approved by the responsible authorities recognized in
health
accordance with the applicable (e.g. national) regulations, if necessary, as in 5.2.4.3.
The methods can be based on at least one or more of the following aspects (depending on the type of
equipment and release):
— properties of the release that affect health;
— released mass; and
— acute or long-term effects on persons / population.
5.2.4.5 Requirements related to CoF
environment
The CoF assessment shall be documented and if necessary approved by the responsible authorities
environment
recognized in accordance with the applicable (e.g. national) regulations as in 5.2.4.3.
The environmental impact shall include effects on soil, air, surface water and ground water.
The methods can be based on at-least one or more of the following aspects (depending on the type of
equipment and release):
— properties of the release that affect the environment;
— released mass;
— direct and indirect effect on flora and fauna; and
— remediation effort.
5.2.4.6 Requirements related to CoF
business
The CoF assessment should be documented in a similar manner to the other consequences.
business
It is required to consider the financial effect of a failure on assets and total or partial loss of production.
Damage to assets typically includes material and labour costs of repair and/or replacement of equipment.
Costs associated with product value could be: lost revenues caused by production losses due to shutdown
and/or loss of containment, reduced margin in case of off-spec products or reduced throughput and
reprocessing costs, etc. The consequences of failure can also result in financial impact on so-called
'intangible' assets such as reputation.
5.2.5 Requirements for performing PoF analysis
5.2.5.1 General requirements
The main RBIF requirements for the PoF analysis are:
1) recognized models;
2) conservatism of simplified approaches;
3) auditability of results;
4) multi-level approaches (screening – detailed, in level of asset hierarchy); and
5) additional aspects to be considered.
These requirements are explained in detail below.
5.2.5.2 Recognized models
The PoF assessment method shall be verified/benchmarked against a recognized (established) degradation
model, which is generally being used, accepted and referred to in open literature (e.g. the standards like
IEC/ISO 31010) [9].
5.2.5.3 Conservatism of simplified approaches
Available methods for assessing Probability of Failure may vary in their level of detail. The results from a
simplified approach such as risk screening shall be conservative when compared to the results from a more
detailed analysis.
5.2.5.4 Auditability of results
The results shall be auditable by peer review; therefore the methodology, the input data, the decision
criteria and the results shall be documented (the results may be recorded in an approved document).
5.2.5.5 Multi-level approaches (screening - detailed, in level of asset hierarchy)
Qualitative, semi-quantitative or quantitative approaches (ranging from screening to detailed) shall be
used. The use of descriptive terms, such as “very high” to “very low” or similar can be used only if an
objective interpretation of these terms is provided. The approach can be multi-level both in terms of
“qualitative/quantitative” and in terms of level of asset hierarchy.
5.2.5.6 Additional aspects to be considered
The PoF assessment shall be structured with well-defined boundary conditions. The PoF assessment should
be performed in such a way that the following aspects are covered, to screen the operation and identify the
relevant degradation mechanisms:
— identify susceptibility to degradation mechanisms;
— establish realistic (“best estimate”) damage rates;
— determine the susceptibility to failure and/or assess the probability that a given level of damage will
exceed the damage tolerance of the equipment and result in a failure;
— analyse possible interaction or synergy effects for all active and potential degradation mechanisms;
— assess the effect of the inspection and monitoring program in the past as well as the one planned for
the future;
— determine the confidence level in the damage rate e.g. considering t
...