Bow tie analysis

from Wikipedia, the free encyclopedia

The bow-tie analysis (derived from engl. Bow tie , cross tie ') is a method for documentation and evaluation of risk situations. The causes and consequences of the occurrence of a central event are clearly shown in a diagram, which serves as support for risk management .

Basics

Risk management is important for successful corporate management that should not be underestimated . Numerous different instruments are used to support decision-making. This also includes bow-tie analysis, a graphic model that shows a logical relationship between the causes and consequences of an adverse event. This method identifies the sequence of events, the cause of the error, weaknesses in the system, operational safety and the effects of system failure. When considering the risk, all potentially harmful events that may occur inside or outside the company must be taken into account. These can be displayed in individual bow-tie diagrams and thus form a basis for risk communication and the development of risk control measures.

Bow-tie analysis combines elements of various other methods. This includes in particular the error and event tree analysis as well as the cause-and-effect diagram . It was first used in connection with the hazard analysis at the University of Queensland in Australia in 1979. The origin in the business context was the offshore oil industry . In the wake of the devastating incident on the Piper Alpha platform in 1988, it was found that there was insufficient awareness of the dangers in the workforce and the risks involved. Hence the demand for transparency of the causes of apparently independent events was raised. Conditions had to be created to ensure systematic control of these hazards. This should be ensured by the bow tie analysis.

In the early 1990s, the Royal Dutch Shell Group adopted the bow tie method as a company standard for analyzing and managing risk. Shell facilitated extensive research into the application of the Bow-Tie method and developed a rigorous set of rules for defining all components based on their ideas of best practice. Shell was concerned with reassurance that adequate risk controls were consistently applied to all global operations. In the following years, the bow tie method spread outside of the oil and gas industry, e.g. B. in air and rail transport , in mining , shipping and in the chemical and healthcare sectors. Further research has found that the bow tie analysis is also a suitable model for the banking sector as well as the consumer goods distribution industry. Here, for example, supply chain problems can arise that limit availability and lead to negative economic consequences.

Elements of the method

The form used to document the components gives the method its name. The diagram is shown in the form of a fly and can be read from left to right. On the left are the potential hazards that trigger the potentially dangerous event in the middle. The thresholds for eliminating or weakening the causes are stored temporarily. On the right-hand side, the possible consequences of the event are documented, which then occur if the effect-related measures taken do not achieve the desired effect.

Top event

The central node typically represents an undesirable event, the so-called top event. The top event, also known as a damaging event , describes the event in which control over the corresponding danger is lost. What exactly can be a top event depends on the assessment of the respective user of the method. Most of these are incidents that have a fundamental impact on the company's operations. This is the case when there is a risk to the availability and discretion of the central processes, systems and data. A separate bow tie is created for each possible damaging event. Due to the effort involved, companies traditionally limit themselves to creating and maintaining diagrams for the most important five to ten dangers.

causes

An adverse event is usually caused by an accident or an accidental failure. The left side of the bow tie depicts these causes and threats in the form of a fault tree analysis . Alternatively, the derivation can also be made from a cause-and-effect diagram . In this case, the top event represents the effect achieved, which is influenced by the various factors.

Effects

On the right side are the possible effects that result from the occurrence of the top event. A cause-and-effect diagram can also be used for their analysis , optionally also an event tree analysis . This records all possible damage associated with the loss of control.

Barriers / security measures

Safety measures can be interposed on both sides of the bow-tie diagram. On the one hand, this can counteract the possible loss of control that causes the top event. This includes, in particular, measures and precautions to prevent potential incidents. This is to ensure that the current status is maintained. Possible preventive measures include:

  • Avoiding the potentially dangerous action,
  • Replacement of the potentially dangerous component,
  • Use of technical aids,
  • Administrative measures.

On the other hand, thresholds can also be implemented on the side of the possible consequences. The aim of such reactive measures is to prevent the damage caused by the top event from occurring. At least one must try to keep the severity of the damage as low as possible and regain control of the situation as quickly as possible. The following thresholds can be erected for this purpose:

  • Use of technical aids (alarms, ventilation systems),
  • Administrative measures (emergency plans, training),
  • Financial measures (insurance, formation of reserves).

To increase the effectiveness of the security measures, multi-level barriers can be created. The security measures are particularly important because they allow you to influence the risk situation. Therefore, developing these measures is a key aspect of risk management with bow tie analysis.

Variants and extensions

The bow tie analysis exists in different variants, the selection of which depends on the primary purpose of the analysis. The main areas of application are risk identification, risk assessment and risk communication. Furthermore, it must be known which elements the bow-tie diagram should consist of and which methods are used. One possible type of distinction is made according to the data used in quantitative and qualitative bow-tie analyzes. Quantitative bow-tie analyzes use a fault tree analysis in conjunction with an event tree analysis and the associated barriers to assess risks. It can u. a. Calculations of the priority of the risks are made through the probability of failure. Qualitative bow-tie analyzes, on the other hand, present simpler cause-effect relationships together with the barriers to communicate the risk to the outside world. Ultimately, it is up to the user which type of bow tie analysis he chooses for the purpose of his presentation of the risk. Nevertheless, additional qualifications are required, regardless of whether a qualitative or quantitative variant is used.

In order to further deepen the analysis, the thresholds can be examined more closely. The function of the thresholds can be overridden by the influence of so-called escalation factors. These considerations can in turn be used to build barriers that prevent the escalation factor from occurring. This achieves a two-stage security process that not only considers the prevention of the causes or effects, but also the possible failure of these measures. The various barriers can be detailed for better illustration. This includes the effectiveness of the threshold in terms of preventing the cause or effect. This shows whether further measures have to be taken or whether a particularly effective measure is sufficient. The type of barrier and the responsible employee can also be noted.

Strengths and weaknesses

The use of bow tie analysis has various advantages and disadvantages. A positive note is the structure of the analysis, which offers an understandable form and an orderly procedure. Depending on the goal of the application and the information available, the analysis should support the delivery of qualitative results in order to improve risk identification and achieve a quantitative risk assessment. Based on the clear graphical structure of causes, events and effects, the bow tie analysis also promotes structured thinking so that the cause-effect relationships become clear. The graphic representation is suitable for risk communication, as it makes it easier to understand the risks and the relationships. Bow tie analysis is inspired by four different methods. Therefore there are good connections to other, especially analytical methods. Organizations can choose the analysis best suited to their needs so that they can identify the causes, events and effects. In addition, the flexibility of the method is a great strength of the method. The bow tie method can be used in many ways by adapting it to the respective situation and the purpose of the analysis. Both qualitative and quantitative data can be processed in the analysis. There are also various options for expansion by adding further details to the individual elements. The time required to use the method depends on the complexity and the expected results. The risk identification can be carried out with the help of the bow tie analysis in a relatively short time. For the risk assessment, on the other hand, the time required to carry out is significantly higher, since the data requirement is also greater here. The methodological and technical requirements of the analysis should be mentioned as a disadvantage. In addition to knowledge of fault tree and event tree analysis, in-depth technical competence is required, in particular for risk assessment. There are also no specific recommendations for action to identify risks and create appropriate countermeasures. Ultimately, however, the quality of the final analysis depends on the quality of the analysis process and on the analysts or experts. For this reason, companies must ensure that their employees are appropriately qualified in the area of ​​management and controlling. In addition, it depends on the size of the company how high the personnel expenditure is for carrying out the bow-tie analysis. Various factors of uncertainty exist when using bow tie analysis. This includes, for example, the model uncertainty. This arises when creating a bow tie analysis. The required qualitative or quantitative data can be collected by collecting expert knowledge. However, this knowledge contains uncertainties and subjective assessments, which can impair the credibility of the risk analysis. Another uncertainty is the data uncertainty. A special look should be taken here on the quality of the data, because these are often not reliable or not available. Therefore, associating probabilities and failure rates with the elements of the analysis can be difficult. Another problem with bow-tie diagrams is that by being limited to graphing different scenarios without regard to the dynamic aspect of real systems, they remain limited. As soon as new relevant data exist, the bow-tie diagram should therefore be revised and updated. Difficulties in using the barriers can also arise. As intuitive as the development of measures may seem, it should be noted that a clear distinction must be made between top events and barriers. A top event should not represent a failed security system. Instead, the security system must be inserted as a threshold to which an escalation factor can in turn be added. Since this distinction is not made in error and event trees, this is a possible source of error. In general, it should be avoided to duplicate the information and to use measures both as a barrier and as an error mechanism. The bow tie analysis only contains linear dependencies, which is why the complex, non-linear cause-effect relationships from reality can only be mapped to a limited extent. Possible feedback effects are not taken into account. In addition, there is a separate bow tie analysis for each top event, but the connection between the individual analyzes is not discernible. Effects are often the cause of other top events, but this cannot be shown in the bow tie diagram. Bow-tie analysis is therefore a suitable complement to other techniques, but cannot completely replace additional analyzes.

Conclusion

The bow tie analysis is suitable for risk identification and assessment as well as for risk management. The greatest advantage, however, is the possibility of using the bow tie diagram as a clear basis for communication and thereby increasing awareness of the risk management measures. In addition, the flexible application options allow adaptation to the respective purpose. In order to generate the greatest possible benefit for risk management, it is advisable to use bow-tie analysis in conjunction with other analysis techniques.

literature

  • Bernsmed, K .; Frøystad, C .; Meland, PH; Nesheim, DA; Rødseth, Ø. J. (2018): Visualizing Cyber ​​Security Risks with Bow-Tie Diagrams. In: Liu, P .; Mauw, S .; Stolen, K. (eds): Graphical Models for Security, GraMSec (2017): Lecture Notes in Computer Science. Vol. 10744, Cham: Springer.
  • Cardwell, G. (2008): The application of the Four Essentials Bow Tie Diagram to enhance business success. In: Total Quality Management, Vol. 19: 1-2, pp. 37-45.
  • CGE Academy (2017): The bowtie method. URL: https://www.cgerisk.com/knowledgebase/The_bowtie_method , last accessed June 12, 2018.
  • CGE Risk Management Solutions (2011): The Bow Tie method in 5 minutes. URL: https://www.youtube.com/watch?v=P7Z6L7fjsi0 , date of the last access: July 18, 2018.
  • Cruz, MG; Peters, GW; Shevchenko, PV (2015): Fundamental Aspects of Operational Risk and Insurance Analytics. A Handbook of Operational Risk. John Wiley & Sons, Inc., Hobokoen, New Yersey, pp. 60-85.
  • de Ruijter, A .; Guldenmund, F. (2016): The bowtie method: A review. In: Safety Science, Vol. 88, pp. 211-218. Lyon, BK; Popov, G. (2016): The art of assessing risk. In: Professional Safety, 61 (03), pp. 40-51.
  • Romeike, F. (2018): Risk Management. Wiesbaden: Springer Gabler, pp. 74-81.