Skip to main content
Risk Matrix

Risk Matrix & Assessment

Reliatic implements a 5×5 Probability of Failure × Consequence of Failure risk matrix aligned with API 581 quantitative methodology and ISO 31000 governance principles. Risk scores are live—they recalculate automatically when inspection data, thickness readings, or damage mechanism parameters change.

The 5×5 Risk Matrix

Risk Score = PoF Level × CoF Level. The platform computes both axes quantitatively from asset data; qualitative overrides are permitted with justification but require engineer sign-off.

Consequence of Failure →
1
2
3
4
5
5
5
10
15
20
25
4
4
8
12
16
20
3
3
6
9
12
15
2
2
4
6
8
10
1
1
2
3
4
5
CoF →
← PoF
Critical (20–25)
High (15–19)
Medium (8–14)
Low (1–7)

Probability of Failure (PoF)

Under the API 581 Annex 2A methodology, PoF is calculated as the product of a generic failure frequency (from the API 581 equipment database) and a damage factor (DF). The DF is computed from thickness loss fraction, time in service, and inspection effectiveness category.

PoF calculation — API 581 Annex 2A
PoF = Gff × Df_thinning

Where:
  Gff   = generic failure frequency (API 581 Table 3.1)
  Df    = damage factor

Df_thinning = f(
  art,        // allowable remaining thickness fraction
  time,       // inspection age (years)
  insp_eff,   // NDE effectiveness category A–E
  n_insp      // number of qualifying inspections
)

Example (V-2041, CS carbon steel, HCl service):
  Gff:      6.1e-5 failures/yr
  Df:       420
  PoF:      2.56e-2 → Level 4 (High)
5
Very HighExpected > 1 per year

Thinning DF > 1000 or corrosion rate > 3× expected

4
High0.1–1 per year

Thinning DF 100–1000

3
Medium0.01–0.1 per year

Thinning DF 10–100

2
Low0.001–0.01 per year

Thinning DF 1–10

1
Very Low< 0.001 per year

Thinning DF < 1

Consequence of Failure (CoF)

CoF is assessed across three categories. The highest category score is used. Category thresholds are configurable to match your organisation's risk tolerance and regulatory environment (Settings → Operations → Risk Matrix → CoF Thresholds).

LevelLabelSafetyFinancialEnvironmental
5CatastrophicFatality or permanent disability> $10MMajor release, off-site impact
4CriticalSerious injury, hospitalisation$1M–$10MSignificant release, on-site
3ModerateMedical treatment required$100K–$1MMinor release, contained
2MinorFirst aid treatment$10K–$100KNegligible, no reportable
1NegligibleNo injury< $10KNo release

Governance Thresholds

Each risk band maps to a specific governance response. Thresholds are configurable per tenant but must be approved by the platform administrator. Changes are logged in the immutable audit trail.

CriticalScore 20–25

Governance event fired immediately. Asset state → LOCKED. Mitigation Action or Risk Acceptance required within 48 hours. Escalation to VP-level if not actioned.

HighScore 15–19

Governance event created. Governed artifact required within 14 days. Escalation to senior engineer if unactioned.

MediumScore 8–14

Risk event logged. Planned mitigation required in next maintenance window. Review in 90 days.

LowScore 1–7

Monitor and review on standard inspection cycle. No governance event required unless score trend is increasing.

Critical threshold enforcement: The LOCKED state cannot be bypassed by any user role. Once an asset reaches a Critical risk score, the governance workflow must be completed before operational sign-off is available. This is an enforced platform invariant.

Risk Assessment Workflow

Navigate to an asset, then select Risk → New Assessment to initiate a structured assessment. The platform guides the assessor through each step and validates completeness before the score is committed.

01
Select Damage Mechanisms

Identify applicable damage mechanisms from the platform library (corrosion, fatigue, SCC, erosion, etc.). Each mechanism carries a default PoF contribution that is adjusted by inspection history.

02
Calculate Probability of Failure (PoF)

For API 581 assessments: PoF = generic failure frequency × damage factor (DF). The DF is calculated from corrosion allowance consumed, time-in-service, inspection effectiveness, and NDE results.

03
Evaluate Consequence of Failure (CoF)

CoF is calculated across four categories: Safety, Environmental, Financial, and Production Loss. The highest category determines the CoF level used in the matrix.

04
Plot on Risk Matrix

PoF level (1–5) × CoF level (1–5) = Risk Score. The score determines the risk band and associated governance response.

05
Assign Inspection Plan

Inspection type, NDE method, and interval are derived from the risk score. High-risk assets receive shorter intervals and more rigorous NDE coverage.

06
Re-assess Residual Risk

After mitigation or inspection, the assessment is rerun with updated inputs. Residual risk must fall to an accepted band before the governance event is closed.

Matrix Configuration

Administrators can adjust the following parameters under Settings → Operations → Risk Matrix Configuration. All changes create an immutable audit record with the approving administrator's identity and timestamp.

CoF category thresholds

Adjust the financial, safety, and environmental breakpoints for each CoF level to match your organisation's risk appetite.

Governance threshold scores

Set the minimum score at which each governance response is triggered. The minimum Critical threshold is 15 (cannot be set above 25 or below 10).

Deviation extension window

Maximum days allowed for a compliance deviation before escalation. Default 90 days per standard; configurable 1–365 days.

Advance warning window

Days before a due date at which the status changes to Due Soon and notifications are sent. Default 30 days.

Re-assessment interval

Maximum interval between mandatory risk re-assessments regardless of score level. Default 3 years per API 581 recommendations.

← Reliability EngineeringFMEA Documentation →
Risk Matrix & Assessment — Reliatic Documentation — Reliatic