Determining risk class

The results of determining the damage and chance of failure are combined in one table to determine the risk class. The table also shows which object parts support which processes.

In the example below, the classes High, Medium and Low are used to classify the damage and chance of failure.

Process	Sales	Sales	Sales
Subprocess	—	Advice	Offer
Product requirement	Compliance with the functional requirements	With an eye to the legal duty of care, the advice given and how the client decides to deviate from the advice must be recorded	The offer must contain the correct premium.
Damage	H	H	M
Arguments for damage	Loss of revenue if breakdown of the total sales process	High fines and negative press will result for the company if this functionality does not work (correctly).	An incorrect premium may result in loss of revenue.
Object part	System x	Subsystem 1	Subsystem 2
Chance of failure	L	H	L
Arguments for chance of failure	The chance that all subsystems will fail is extremely small.	This subsystem is accessed hundreds of times every day and is rebuilt with technology new to the company.	Is built with familiar and reliable technology.
Risk class	?	?	?

^{Risk table for the characteristic of functionality; risk class yet to be specified.}

Determining the risk class

In the example of risk classification below, the risk class is determined by finding the point at which the classification of the damage and the classification of the chance of failure meet. The risk classes (A, B and C) in the table are not distributed symmetrically. Application in actual practice has shown that many organisations feel it is more important to control a risk with high damage and low chance of failure than a risk with low damage and high chance of failure. However, organisations are free to adapt the distribution to their own situation.

^{Risk classification guideline.}

With Damage = H and Chance of failure = L, the combination of Functionality and System X is classified as risk class B.
With Damage = M and Chance of failure = H, the combination of Functionality and Subsystem 1 is classified as risk class B.

This results in the following risk table with detailed data.

Characteristic: Functionality

Process	Subprocess	Product requirement	Damage	Arguments for damage	Object part	Chance of failure	Arguments for chance of failure	Risk class
Sales	—-	Compliance with the functional requirements	H	Loss of revenue if breakdown of the total sales process	System X	L	The chance that all subsystems will fail is extremely small.	B
Sales	Advice	With an eye to the legal duty of care, the advice given and how the client decides to deviate from the advice must be recorded	H	High fines and negative press will result for the company if this functionality does not work (correctly).	Subsystem 1	H	This subsystem is accessed hundreds of times every day and is rebuilt with technology new to the company.	A
Sales	Offer	The offer must contain the correct premium.	M	An incorrect premium may result in loss of revenue.	Subsystem 2	L	Is built with familiar and reliable technology.	C

^{Risk table for the characteristic of functionality; risk class specified.}

In more detail

A combination of product requirement and object part can appear several times (with different characteristics) with different risk classes in the table. This may mean that the object part is defined at a level of abstraction that is too high. A solution to this problem is to split up the object part further. If further division of the test object is impossible, the stakeholders may agree to choose the highest risk class for the object part’s risk classification.