Risk acceptance methods and criteria: ALARP, CBA, MEM and GAME

22/10/2021

The objective of risk analysis is based, very briefly, on the need to identify the risks of an application, introduce risk reduction measures and thus improve the starting situation. In all cases, as Development Engineers or RAMS Engineers, we will have to balance two objectives, typically in conflict: the desire to do everything possible to eliminate all the risks detected vs the reality of having limited resources and, therefore, almost always, in practice it is not feasible to eliminate all risks.

The Common Safety Methods (CSM-RA) define the "risk acceptance principle" as the rules used to reach the conclusion whether the risk related to one or more specific hazards is acceptable or not. "It also defines" measures of security "as:" a set of actions that reduce the frequency of occurrence of a hazard or mitigate its consequences to achieve and / or maintain an acceptable level of risk ".

The question then is: How much risk do we eliminate before we stop? How do we balance the two goals? The level at which we stop is defined by a risk acceptance criterion and, therefore, what is known as residual risk is the risk that remains after having introduced the relevant measures. Risk acceptance criteria are those used as the basis for decision-making and its justification on acceptable risk. The residual risk is the riskg that is accepted in a given context based on the current values ​​of society and organizations.

Based on the two basic concepts of risk acceptance and residual risks, two analogous concepts appear: tolerability and acceptability. Tolerability refers to the willingness to live with risk to ensure certain benefits and to the confidence that it will be adequately controlled. In this sense, tolerating a risk means that we do not consider it insignificant or something that we could ignore, but rather something that we should keep under review and reduce further if we can. That a risk is acceptable, on the other hand, means that for the purposes of life or work, we are prepared to take it well as it is.

The acceptance of risks too areis it so associated or influenceds bys associated perceptionsto these risks. In this sense, many factors will influence our view of what we consider to be an acceptable risk. Some key factors to take into account and to be aware that they are part of a risk perception process are:

  • Benefits to be obtained in exchange for taking or taking the risk.
  • Degree of control over risk. For example, we may have the perception that a risk associated with a passenger is less under control than a risk associated with a driver.
  • Risk aversion: A catastrophe is worse than many small accidents (risk perception across industries varies and the type of hazard affects risk perception). In addition , a comparison is established between potential catastrophic risks and minor ones. To an industry with greater possibilityit isof catastrophes, the lower is the perception of the risk of the minor risks , by a concept of mental relativity.
  • Time until risk associated effects are experienced.

At Leedeo Engineering we define 5 qualitative criteria taviThose to be taken into account in the risk acceptance process: All avoidable risks must be avoided; Risks should be reduced whenever possible; The effects of events must be contained within the limits of the system or application; Further development of the solutions provided should not pose any additional risk; No single or independent failure / error should lead to an accident.


How do you apply risk acceptance in the rail industry?

If a railway company has decided to make a change, the Common Safety Methods and Risk Assessment (CSM-RA) on risk assessment and assessment should be applied . The CSM RA defines a risk assessment process that is mandatory if the change is "significant" (as defined by EU regulation 402/2013) and applies to technical, organizational and operational change.

The CSM-RA establishes three principles of acceptance, which can be used to determine the security measures necessary for a change to be secure enough:

  • The application of codes of good practice (set of written rules that, when applied correctly, can be used to control one or more specific hazards )
  • Comparison with similar reference systems (a system tested in use to have an acceptable level of safety and against which the acceptability of the risks of a system under evaluation can be assessed by comparison)
  • Explicit estimation of risk.

Normally, the application code of good practices or the comparison with similar reference systems is used to solve the CSM-RA. But when neither of the previous two can be applied, the explicit estimation of risk comes into play for the acceptance of risks. Indeed, when applying the CSM-RA with explicit risk estimation, it would generally be used to support the application of the other principles or when neither of the other two principles is applicable. Explicit risk estimation can be qualitative or quantitative.

Furthermore, the depth of the analysis must be proportional to the scope of the problem, with special interest when the proposed change is complex and the possible consequences of an accident are high.

The Railway RAMS according to the CENELEC EN 50126 standard, ruling that when the principle of explicit risk estimation is used, it is necessary to define the risk acceptance criteria that must be used to establish the acceptability of the risk level for thes consequences of the relevant hazards.


The three main methods commonly used to define risk acceptance criteria are ALARP, GAME and MEM.
The three main methods commonly used to define risk acceptance criteria are ALARP, GAME and MEM.




ALARP (As Low As Reasonably Practicable) and CBA ( Cost Benefit Analysis ).

The ALARP method, widely used in Spain, talks about reducing risks to as low a level as possible. Well, this "being possible" lowthatthatcriterion is resolved in an explicit risk estimation? Applying a cost variable associated with the implementation of a measure. Therefore, in some way we balance the cost of applying an improvement and, therefore, its economic viability, with the benefits in terms of safety of applying this measure. In this sense, depending on which culture or society, it can be considered a "too cold" calculation, since it is easy to end up summarizing the process in which we are putting a price on human lives for a catastrophe. Unlike GAME or MEM, this methodology does not need a "neighbor" reference system or other external variables to obtain risk acceptance.

Together with the method ALARP always known system is associated CBA Cost Benefit Analysis ( Estusio Cost - Benefit). The CBA compares the expected costs of one or more options with the expected benefits to support a decision about which option to implement. When costs and benefits can be quantified, a cost benefit ratio (BCR) is often calculated to inform the decision. The approach followed will depend on the type of decision and the criteria applied to it.

Companies in the rail industry use the CBA to help make safety-related decisions and can effectively help determine whether or not a particular measure is necessary to ensure safety to the extent possible (ALARP compliance).

For example, the UK railway and the RSSB (Rail Safety and Standard Board ) incorporate safety benefits into a CBA by multiplying the expected risk reduction associated with a measure by the value of the fatality prevention figure ( VPF), valued in 2020 at around € 2.3M. The risk, and therefore any risk reduction, is quantified in units of deaths and injuries weighted according to the following table. The risk estimate used is a collective risk estimate (not an individual risk estimate) that is the aggregate risk estimate of one or more control measures or hazardous events. Collective risk includes all people who are exposed to risk to varying degrees.

The Preventing Fatality Value (VPF) is the multiplier used by the UK railway to convert the consequences against safety into an equivalent monetary value when performing a cost benefit analysis. The figure is published by the Department of Transportation and updated annually by the RSSB.


The cost benefit comparison is generally presented as a ratioa ratio cost / benefit. If the cost is clearly less than the safety benefit, this provides a strong indication that the measure is likely to be reasonably feasible (ALARP), and there should be a convincing argument why such an option would not be adopted. Conversely, when the cost is substantially greater than the safety benefit, this would support a judgment that the measure is extremely disproportionate and therefore not reasonably feasible.



GAME ( Globalement au moins equivalent )

The GAME method has the great advantage that its application can be considered relatively simpler than the rest since it leverages the acceptance of risk against an existing system, product or installation, of reference and similar to the new system that you want.and install.

As long as the new system is less risky than the existing system, we will have risk acceptances covered with the methodologymethodology GAME.

This methodology, used in French-speaking countries, uses the experience of the past and requires that the performance in terms of project safety is not worse than that of similar systems (the reference systems). The application of the GAME method can be both from a qualitative and quantitative point of view.

GAME requires continuous improvement in the risk of new systems compared to existing systems ("at least"). Furthermore, it does not consider particular risks - the distribution of risks may be different between different systems ("globally").


MEM ( Minimum endogenous mortality )

MEM is a method to obtain absolute values ​​for the acceptance of risks based on the natural mortality rate of society. Used widely in Germany asmethodologymethodologyrisk acceptance, it is considered an acceptable risk if it is lower than the mortality of human individuals in the general population. As we can see, as in GAME, we are facing a comparison strategy but this time we are not carrying it out against a reference system and similar characteristics, but we are doing it against a generic security objective that represents the average of the risks of the different technical systems of society.

The MEM method incorporates the lowest natural mortality rate and uses it to ensure that the total additional technical risk to an individual does not exceed a value equivalent to this natural risk.


At Leedeo Engineering , we are specialists in the development of RAMS projects, supporting RAM and Safety tasks at any level required, and both at the infrastructure or on-board equipment level.



Are you interested in our articles about RAMS engineering and Technology?

Sign up for our newsletter and we will keep you informed of the publication of new articles.