SIST EN 9239:2016
(Main)Aerospace series - Programme Management - Guide for the risk management
Aerospace series - Programme Management - Guide for the risk management
This document enables to answer specific needs in the field of Aeronautics although it does not
present any sectorial characteristic and may therefore apply to the needs of other areas.
However, the specificity of some areas can lead to the use of existing sectorial standards such as
EN ISO 17666 Space systems – Risk management (ISO 17666:2003).
This document:
— proposes the main steps for setting up Risk Management framework within programme
Management. This guideline may serve as a basis for writing a Risk Management specification;
— describes a process for controlling programme risks within the defined boundaries that are
considered as tolerable. This standard process can be used as a methodological guide for writing
the programme Risk Management Plan;
— recognises the need for knowledge management related to Risk Management, in order to
capitalize and to share lessons learnt with other programmes, as well as the maturity assessment
of the Risk Management;
— identifies useful documents for Risk Management;
— proposes an example of a typical checklist of risks related to a programme;
in addition:
— addresses opportunities. An opportunity is an uncertain event with positive consequences on the
programme.
Luft- und Raumfahrt - Programme Management - Richtlinien zur Durchführung des Risikomanagement
Série aérospatiale - Management de Programme - Recommandations pour la mise en oeuvre du management des Risques
Aeronavtika - Vodenje programov - Navodilo za obvladovanje tveganja
Ta dokument podaja odgovore na posebne potrebe na področju aeronavtike, čeprav ne
predstavlja nobenih sektorskih značilnosti in se zato lahko uporablja na drugih področjih.
Vendar specifičnost nekaterih področij lahko vodi do uporabe obstoječih sektorskih standardov, kot je
EN ISO 17666, Vesoljski sistemi – Obvladovanje tveganja (ISO 17666:2003).
Ta dokument:
– predlaga glavne korake za vzpostavitev okvira za obvladovanje tveganja znotraj programskega upravljanja. Ta smernica se uporablja kot osnova za pisanje specifikacije za obvladovanje tveganja;
– opisuje postopek za tveganja programskega upravljanja znotraj opredeljenih mej, ki se štejejo za sprejemljive. Ta postopek standarda se uporablja kot metodološki vodič pri pisanju programskih načrtov za obvladovanje tveganja;
– prepoznava potrebo po obvladovanju znanja v zvezi z obvladovanjem tveganja za kapitalizacijo in deljenje izkušenj, pridobljenih v drugih programih, ter po oceni zrelosti za obvladovanje tveganja;
– opredeljuje uporabne dokumente za obvladovanje tveganja;
– predlaga primer običajnega kontrolnega seznama za tveganja, povezana s programom;
in
– obravnava priložnosti. Priložnost je negotov dogodek s pozitivnimi posledicami za program.
General Information
Relations
Standards Content (Sample)
SLOVENSKI STANDARD
01-julij-2016
Aeronavtika - Vodenje programov - Navodilo za obvladovanje tveganja
Aerospace series - Programme Management - Guide for the risk management
Luft- und Raumfahrt - Programme Management - Richtlinien zur Durchführung des
Risikomanagement
Série aérospatiale - Management de Programme - Recommandations pour la mise en
oeuvre du management des Risques
Ta slovenski standard je istoveten z: EN 9239:2016
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
49.020 Letala in vesoljska vozila na Aircraft and space vehicles in
splošno general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
EN 9239
EUROPEAN STANDARD
NORME EUROPÉENNE
May 2016
EUROPÄISCHE NORM
ICS 49.020
English Version
Aerospace series - Programme Management - Guide for the
risk management
Série aérospatiale - Management de Programme - Luft- und Raumfahrt - Programme Management -
Recommandations pour la mise en oeuvre du Richtlinien zur Durchführung des Risikomanagement
management des Risques
This European Standard was approved by CEN on 13 May 2016.
CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this
European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references
concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN
member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management
Centre has the same status as the official versions.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION
EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2016 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN 9239:2016 E
worldwide for CEN national Members.
Contents Page
1 Scope . 4
2 Normative references . 4
3 Terms and definitions . 5
4 Framework of Risk Management in the programme . 6
4.1 General. 6
4.2 Customer’s requirements . 6
4.3 Roles and Responsibilities. 6
4.4 Multidisciplinary groups . 7
5 Risk Management process . 7
5.1 Steps of risk management . 7
5.2 Process synoptic . 13
5.3 Consolidation of risk . 14
5.4 Maturity of programme Risk Management approach . 14
6 Risk Management tools . 14
7 Awareness and Training . 15
8 Documentation . 15
9 Opportunity management concept . 16
9.1 Opportunity management process . 16
9.2 Identification of opportunities . 16
9.3 Assessment and prioritization of opportunities . 16
9.4 Opportunity treatment . 16
9.5 Secondary risks . 16
Annex A (informative) List type per category . 17
Annex B (informative) Example of risk sheet . 19
Annex C (informative) Example of qualitative and quantitative assessments . 20
Annex D (informative) Example of 3 colour code criticality and acceptability matrix:
general risk mapping . 22
Annex E (informative) Example of Risks Portfolio . 23
Annex F (informative) Risk assessment report . 24
Annex G (informative) Maturity of programme risk management: assessment criteria . 25
Bibliography . 29
European foreword
This document (EN 9239:2016) has been prepared by the Aerospace and Defence Industries
Association of Europe - Standardization (ASD-STAN).
After enquiries and votes carried out in accordance with the rules of this Association, this Standard has
received the approval of the National Associations and the Official Services of the member countries of
ASD, prior to its presentation to CEN.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by November 2016, and conflicting national standards
shall be withdrawn at the latest by November 2016.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such
patent rights.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia,
France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta,
Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.
Introduction
Risk Management forms an integral part of programme management. It should be implemented right
from the start of the project feasibility phase and continue until material disposal. The ultimate goal is
to contribute to an appropriate definition of programme objectives (costs, schedules and
performances …) and to continuously ensure that they are met or enhanced, despite any events likely
to affect the programme through its lifecycle. By implementing methods, the programme manager can
manage risks in another way than by using intuitive and non-formalised procedures. The aim of this
document is to describe the implementation of Risk Management within the Programme Management
framework. It complements programme management guidelines EN 9200.
This document is to be used as a basis, for any given programme, for negotiating the requirements and
relationships between customers and suppliers; they should comply with to ensure Management of
Risk.
1 Scope
This document enables to answer specific needs in the field of Aeronautics although it does not
present any sectorial characteristic and may therefore apply to the needs of other areas.
However, the specificity of some areas can lead to the use of existing sectorial standards such as
EN ISO 17666 Space systems – Risk management (ISO 17666:2003).
This document:
— proposes the main steps for setting up Risk Management framework within programme
Management. This guideline may serve as a basis for writing a Risk Management specification;
— describes a process for controlling programme risks within the defined boundaries that are
considered as tolerable. This standard process can be used as a methodological guide for writing
the programme Risk Management Plan;
— recognises the need for knowledge management related to Risk Management, in order to
capitalize and to share lessons learnt with other programmes, as well as the maturity assessment
of the Risk Management;
— identifies useful documents for Risk Management;
— proposes an example of a typical checklist of risks related to a programme;
in addition:
— addresses opportunities. An opportunity is an uncertain event with positive consequences on the
programme.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.
EN 9200, Aerospace series — Programme management — Guidelines for project management
specification
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1
risk
uncertain event or circumstance which could have a negative impact on the objectives of the
programme
3.2
cause
event which is at the origin of a potential risk
3.3
severity
assessment of the significance of a risk impact with respect to the potential consequences on a
programme
3.4
impact
effects of a risk on the programme should it occur
3.5
criticality/level of risk
characteristic of the risk significance. It enables prioritization of the risks
Note 1 to entry: It is generally the combination of the severity and the probability of the risk.
3.6
detectability
ability or capacity to detect the direct trace of a risk or the triggering point of one of its causes
3.7
level of risk tolerance
criticality value beyond which specific actions to treat the risk are required
3.8
likelihood / probability/occurrence of the risk
assessment of the probability / likelihood or frequency of a risk to occur
3.9
risk portfolio
represented set of identified risks intended to be treated
3.10
lessons learnt - experience feedback
collection and exploitation, by all the stakeholders, of information concerning the events which have
occurred throughout programme, relating to risk management
3.11
residual risk
risk remaining after mitigating actions (protection, prevention, …)
3.12
opportunity
uncertain event or circumstance with potentially positive effects on the objectives (improvement) of a
programme
4 Framework of Risk Management in the programme
4.1 General
The framework of Risk Management in the programme should be set up right from the feasibility
phase through to disposal phase.
It covers the whole life cycle of the programme, all its components and activities.
It is led by the programme manager, who is responsible for defining the conditions within which it is
organised and operated.
It is based on multidisciplinary skills (law, technical, finance, logistics, …) in order to identify the
various aspects of risks and take into account the different points of view.
All programme stakeholders have a role, and should take an active part in Risk Management.
The Risk Management framework is described in a document (a specific chapter of Programme
Management Plan or a dedicated Risk Management Plan) approved established by the programme
manager.
4.2 Customer’s requirements
The customer should express in the programme management specification his requirements
concerning the implementation by his supplier, if necessary, of a risk management framework as well
as the rules related to risk information exchanged between customers and suppliers.
The supplier should comply with these requirements in one chapter of his Programme Management
Plan.
The supplier will detail in this chapter:
— programme framework in terms of Risk Management, in particular the roles and responsibilities
of each stakeholder in the program
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.