RiskAoA

From Wikipedia, the free encyclopedia
Jump to: navigation, search
RiskAoA, input and results display

RiskAoA is a United States Department of Defense (USDoD) project Risk Management tool, allowing the instantaneous review of portfolio (see Project Portfolio Management), proposal or alternatives Risk. It was designed by Air Force Research Laboratory (AFRL) Headquarters to perform proactive risk analysis for the Analysis of Alternatives (AoA) process. The prototype, "RiskHammer" was approved by the US Air Force Electronic Systems Center-Acquisition Center of Excellence (ESC/ACE) in 2002 (see Hanscom Air Force Base). RiskAoA is proprietary to the United States Government, but is available from Air Force Materiel Command (AFMC) Headquarters, the office of AFMC/A5, in accordance with Distribution B.

RiskAoA is a simple to use program that allows the predictive and quantitative assessment of the Risks associated with alternatives, capital assets planning or, any decision. The capability and algorithms for the program are unprecedented; making RiskAoA the most advanced alternatives management technology employed institutionally and the first demonstrating the predictive character of the risk discipline.[1]

RiskAoA is separate and distinct from other risk management tools-transforming qualitative statements of an alternative or option risk into a single quantitative value as useful as the cost and schedule associated with each alternative. The USDoD strives to maximize “value” or return on investment, using the fundamental properties of Cost, Schedule, Performance (CSP) and Risk (or CSPR) as metrics. Just as the cost of one proposal can be higher than another, or one schedule take longer, so risk can be prioritized with RiskAoA. It is further unique in being the only technology ever produced by AFRL Headquarters.

RiskAoA is also well suited for the Evaluation of Alternatives (EoA) process.

RiskAoA Objectives are:

1. Support assessment of risks and events associated with alternatives for capital decisions. This application provides a predictive ‘at-a-glance’ assessment of the number and magnitude of difficulties expected from different alternatives, and the trade-space between each alternatives costs, schedule and delivered capability. It is designed to address requirements from the Joint Capabilities Integration & Development System (JCIDS) process.

2. Provide easily reviewed documentation for support or defense of acquisition decisions. RiskAoA aids in justifying risk vs. return propositions from alternatives and proposals.

3. Provide the Risk Adjusted Life Cycle Costs (LCC) estimates required by the General Services Administration (GSA) for the Analysis of Alternatives.[2]

The USDoD uses a "Probability-Consequence Model” (also known as "Probability-Impact" as one of its key risk metrics.[3] A difficulty with this metric is the constructive “adding” of risk. Probabilities add as:

P1 + P2(1- P1) + P1(1- P1) (1- P2) +…; P1 is probability of event 1, P2 event 2, etc..

Multiplying these by a consequence that can be cost, time or action, makes the addition and summary of these risks challenging. Further complicating matters is the Probability Consequence Models inability to adjust for compound effects from the same risk. An example from network security: If a network of 10 computers comes under network attack, the risk depends on the defense mechanism. If only one of the computers succumbs to the attack and infects the entire network, the risk scenario is different from cases where each computer must be attacked and infected individually.

RiskAoA solves these issues by developing a function which uniquely identifies each probability series as a value relative to one another, utilizing a property of probability theory that the order of occurrences does not affect the result.

The program is easy to use requiring only a few entries: Documentation including naming the study, and identified risks, and 2-4 identifying the impacts of each risk. Risks are categorized High (H), Medium (M), Low(L), or Negligible(N). Optional fields are available for documentation and mitigation plans.

RiskAoA includes a forecasting tool, allowing users to determine the level of confidence in the results. The forecasting tool is based on two elements; the worst-case confidence in each of the alternative’s risks, and the number of these risks. Because of the nature of the RiskAoA approach, errors tend to cancel and be moderated. This makes the forecasting tool itself a worst-case model. If confidence of individual risks is greater than 50%, this approach is reliable.

RiskAoA algorithms were invented and developed by Gregory M. Tyler, and its user interface developed by the MITRE Corporation.[4] Since it first release in 2002, it has been validated by other DoD organizations: Air Force Material Command (AFMC) Reporting Units; Validated, Verified and Accredited (VV&A) by AFRL[5] and reviewed by AFMC/EN. It is endorsed DoD wide by the Office of the Under Secretary of Defense for Acquisition, Technology and Logistics[6] in 2007 and by the Defense Acquisition University.[7] and in 2013 by the Publicly Available Specification of the British Standards Institution, PAS-55, for physical asset management. [8]

RiskAoA is available to all members of the US DoD, and Federal Government employees, in accordance with Distribution B, by contacting AFMC/A5.

See also[edit]

References[edit]

  1. ^ https://acc.dau.mil/CommunityBrowser.aspx?id=126070
  2. ^ U.S. General Services Administration. IT Budget Submission Instructions: Guide for Major IT Initiatives (BY2009 Exhibit 300 & Exhibit 53). Washington, DC: Office of the Chief Information Officer, 2007
  3. ^ Risk Management Guide for DoD Acquisition, Aug 2006
  4. ^ RiskAoA program, users manual
  5. ^ http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA463123&Location=U2&doc=GetTRDoc.pdf AFRL Alternatives Planning Technology Aids Decision Makers
  6. ^ Defense ATL, Quantifying Risk across the Department of Defense, Jan-Feb 2007
  7. ^ https://dap.dau.mil/aphome/das/Lists/Software%20Tools/DispForm.aspx?ID=57>
  8. ^ http://reliabilityweb.com/index.php/tutorials/list/category/physical_asset_management/P30/,