VULNERABILITY ASSESSMENT AND ANALYSIS (VAA)

What is VAA?

Decision support methodology to help identify and prioritize defects for elimination.

What is VAA?

Identifies critical equipment and/or systems

What is VAA?

Identifies key vulnerabilities to deliver safe and reliability operations

What is VAA?

Establishes a prioritized defect list for subsequent functional review and remediation

What is VAA?

How does VAA work?

Based on a Hazop style brainstorming approach

How does VAA work?

Involves small groups of engineering and operating staff, plus individual interviews

How does VAA work?

Produces a substantial amount of information

What’s the purpose of VAA?

To analyze, categorize, and prioritize vulnerabilities

And then what happens?

More detailed information is obtained in subsequent studies

FMEAFault Trees

SIL

Level of Protection Analysis

Why?

To validate the risk issues raised in the qualitative Hazop review

An over-arching methodology

VAA can be used on any process during any phase

An integrated approach

When vulnerabilities are discovered that are not immediately manageable

…the action items flow into the appropriate secondary methodology

Classical Hazop methodology

Team of senior representative

s e.g. design,

project, operating staff

Understanding of the process under study, condition of equipment &

consequences of failure

VAA is a blend

Typical output

Methodology

1) Pre-Assessment

2) Facilitated Assessment & Analysis

3) Post Assessment Phase

Pre-Assessment

- Identifying the VAA objectives-Determining measures of success- Finalizing what elements of the

methodology will be included- Ensuring access to information-Developing an assessment schedule

Pre-Assessment

Objectives and measures of success must be tailored to the organization and its needs

Possible objectives could include:

- Identify all critical vulnerabilities- Identify and rank all key assets based

on a common “vulnerability maturity matrix”

- Develop the business case for making vulnerability reduction investments

- Enhance awareness / make VAA an integral part of business strategy

Facilitated Assessment and Analysis

VAA Facilitation Workflow

Facilitated Assessment and Analysis

VAA starts with the fullest description of the system / process and then questions every part of it

Post Assessment

- Ranking vulnerabilities by risk category- Prioritizing assessment

recommendations- Developing an action plan- Capturing lessons learned and best

practices- Conducting periodic assessments to

report progress

Post Assessment

Risk mitigation activities that are low cost or result in cost savings should get special attention

Post Assessment

Other vulnerabilities might require further assessment using quantitative methods in order to identify appropriate risk reduction actions

Deliverables

The VAA process delivers a comprehensive report documenting the study, resulting assessment and identified actions

Deliverables

A typical report may include:- Visual representation of

vulnerabilities and criticalities- Identification of vulnerabilities by

system or area- Vulnerability by category- Prioritized action list- Action by type

Summary

VAA is an over-arching methodology designed to expose and discover vulnerabilities across a wide segment of possible impacts

Summary

FMEA, Risk Assessment, and RCM have a purpose

But that purpose is best served after the VAA

When VAA comes 1st it delivers focus more broadly on consequences from all parts of the system or process

About ARMS Reliability

Since 1995, ARMS Reliability has been at the forefront of proactive asset management strategies for a range of blue chip companies throughout the world

Through a unique blend of consulting, education and software solutions, we enable our clients to make better decisions to improve asset reliability.

www.armsreliability.com