Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
VULNERABILITY
ASSESSMENT AND
ANALYSIS (VAA)
What is is VAA?
VAA?
What

Decision support
methodology to
help identify
and prioritize
vulnerabilities
which may
cause ma...
What is VAA?

Identifies key
vulnerabilities
to deliver safe
and reliability
operations
What is VAA?
Establishes a prioritized defect
list for subsequent functional
review and remediation
How does VAA work?
Based on a
Hazop style
brainstorming
approach
How does VAA work?
Involves small
groups of
engineering and
operating staff,
plus individual
interviews
How does VAA work?
Produces a
substantial
amount of
information
What’s the purpose of VAA?

To analyze, categorize, and
prioritize vulnerabilities
It takes a team
VAA uses the
perceptions, and
experience, of those
involved with
maintaining and
operating the facility
to...
And then what happens?
More detailed
information is
obtained in
subsequent
studies

FMEA
SIL

RCA

RCM
Fault
Trees
Level o...
An over-arching methodology
VAA can be
used on any
process during
any phase
An integrated approach
When
vulnerabilities
are discovered
that are not
immediately
manageable

…the action
items flow int...
VAA is a blend

Hazop, PHA,
Maintainability, Spares,
Production Data,
Operability,
Design Review,
Availability Analysis

U...
Typical output
Methodology
1) Pre-Assessment
2) Facilitated Assessment & Analysis

3) Post Assessment Phase
Pre-Assessment
- Identifying the VAA objectives
- Determining measures of success

- Finalizing what elements of the
metho...
Pre-Assessment
Objectives and
measures of
success must be
tailored to the
organization
and its needs
Possible objectives could include:
- Identify all critical vulnerabilities
- Identify and rank all key assets based on a
c...
Facilitated Assessment and Analysis
VAA starts with the
fullest description of
the system /
process and then
questions eve...
Post Assessment
- Ranking vulnerabilities by risk category
- Prioritizing assessment recommendations
- Developing an actio...
Post Assessment
Risk mitigation
activities that are
low cost or result in
cost savings
should get special
attention
Post Assessment
Other vulnerabilities
might require further
assessment using
quantitative methods
in order to identify
app...
Deliverables
The VAA process
delivers a
comprehensive
report documenting
the study, resulting
assessment and
identified ac...
Deliverables
A typical report may include:
- Visual vulnerabilities map.
- Listing system or area
- Vulnerability by categ...
Summary
VAA is an overarching methodology
designed to expose
and discover
vulnerabilities across
a wide segment of
possibl...
Summary
FMEA, Risk Assessment, HAZOP Faultree and
RCM have a purpose at design stage.
Once a facility is operating traditi...
Summary
VAA delivers broad focus incorporating
dynamics of a production facility from all
parts of the organization, picki...
About ARMS Reliability
Since 1995, ARMS Reliability has been at the forefront
of proactive asset management strategies for...
Vulnerability Assessment and Analysis (VAA) Overview
Vulnerability Assessment and Analysis (VAA) Overview
Vulnerability Assessment and Analysis (VAA) Overview
Upcoming SlideShare
Loading in …5
×

Vulnerability Assessment and Analysis (VAA) Overview

1,003 views

Published on

This presentation provides an overview of ARMS Reliability Vulnerability Assessment and Analysis (VAA) process and how it can help.

Published in: Technology, Business
  • Be the first to comment

Vulnerability Assessment and Analysis (VAA) Overview

  1. 1. VULNERABILITY ASSESSMENT AND ANALYSIS (VAA)
  2. 2. What is is VAA? VAA? What Decision support methodology to help identify and prioritize vulnerabilities which may cause major losses.
  3. 3. What is VAA? Identifies key vulnerabilities to deliver safe and reliability operations
  4. 4. What is VAA? Establishes a prioritized defect list for subsequent functional review and remediation
  5. 5. How does VAA work? Based on a Hazop style brainstorming approach
  6. 6. How does VAA work? Involves small groups of engineering and operating staff, plus individual interviews
  7. 7. How does VAA work? Produces a substantial amount of information
  8. 8. What’s the purpose of VAA? To analyze, categorize, and prioritize vulnerabilities
  9. 9. It takes a team VAA uses the perceptions, and experience, of those involved with maintaining and operating the facility to assess and categorize the vulnerability of key assets to the potential of mal-operation or malfunction.
  10. 10. And then what happens? More detailed information is obtained in subsequent studies FMEA SIL RCA RCM Fault Trees Level of Protection Analysis
  11. 11. An over-arching methodology VAA can be used on any process during any phase
  12. 12. An integrated approach When vulnerabilities are discovered that are not immediately manageable …the action items flow into the appropriate secondary methodology
  13. 13. VAA is a blend Hazop, PHA, Maintainability, Spares, Production Data, Operability, Design Review, Availability Analysis Understanding of the process under study, condition of equipment & consequences of failure Team of senior representatives e.g. design, project, operating staff
  14. 14. Typical output
  15. 15. Methodology 1) Pre-Assessment 2) Facilitated Assessment & Analysis 3) Post Assessment Phase
  16. 16. Pre-Assessment - Identifying the VAA objectives - Determining measures of success - Finalizing what elements of the methodology will be included - Ensuring access to information - Developing an assessment schedule
  17. 17. Pre-Assessment Objectives and measures of success must be tailored to the organization and its needs
  18. 18. Possible objectives could include: - Identify all critical vulnerabilities - Identify and rank all key assets based on a common “vulnerability maturity matrix” - Develop the business case for making vulnerability reduction investments - Enhance awareness / make VAA an integral part of business strategy
  19. 19. Facilitated Assessment and Analysis VAA starts with the fullest description of the system / process and then questions every part of it
  20. 20. Post Assessment - Ranking vulnerabilities by risk category - Prioritizing assessment recommendations - Developing an action plan - Capturing lessons learned and best practices - Conducting periodic assessments to report progress
  21. 21. Post Assessment Risk mitigation activities that are low cost or result in cost savings should get special attention
  22. 22. Post Assessment Other vulnerabilities might require further assessment using quantitative methods in order to identify appropriate risk reduction actions
  23. 23. Deliverables The VAA process delivers a comprehensive report documenting the study, resulting assessment and identified actions
  24. 24. Deliverables A typical report may include: - Visual vulnerabilities map. - Listing system or area - Vulnerability by category - Prioritized action list - Action by type
  25. 25. Summary VAA is an overarching methodology designed to expose and discover vulnerabilities across a wide segment of possible impacts
  26. 26. Summary FMEA, Risk Assessment, HAZOP Faultree and RCM have a purpose at design stage. Once a facility is operating traditional analytical methods are not as effective in identifying vulnerabilities across different groups and changing situations.
  27. 27. Summary VAA delivers broad focus incorporating dynamics of a production facility from all parts of the organization, picking up informal “work-arounds”, changes to operating practices, changes in equipment condition, and tribal knowledge of people involved in day to day activities.
  28. 28. About ARMS Reliability Since 1995, ARMS Reliability has been at the forefront of proactive asset management strategies for a range of blue chip companies throughout the world Through a unique blend of consulting, education and software solutions, we enable our clients to make better decisions to improve their reliability. www.armsreliability.com

×