In our last blog, we discussed how the risk identification phase looks like according to ISO 31000. One thing we noted is “The bowtie is not a specialized hazard identification method” which is true, but we do offer a risk or hazard identification tool in our BowTieServer tool.

How to identify risk in BowTieServer

The HAZID Module in BowTieServer guides you through the steps:

1 – Start a new session and fill in the details about this HAZID session

2 – Add a new hazard

In this step, you identify the hazards. Think about the operation you want to do or are already doing, and what the potential dangers are. In fact, you are already brainstorming about all the elements of the bowtie i.e. threat, consequences, top events and barriers. You do not necessarily make the bowtie here. If you make a bowtie for this hazard is defined in the next step.

3 – Make an initial risk assessment

We need to use the risk matrix also in the risk identification phase to make a distinction into the high risk and the low risks.

4 – Make bowties for the high-risk scenario’s

In BowTieServer you can define what you consider as high risks and what are low risks. In this step, the software makes bowties for all the scenario’s with a high-risk assessment. Click on this button to create the bowties, and fill out the hazard, top event, threats, and consequences:

5- Now your bowties are in BowTieServer

The bowties are not complete yet, because we miss the barriers.

Next time

When you have followed all the above steps you have completed the risk identification phase with BowTieServer. When you further develop the bowties, you are already in the risk analysis phase. Learn more about risk analysis according to ISO 31000 in our next blog.