When to Use a Risk Matrix and Risk Tolerable Criteria

We don’t recommend using a risk matrix during PHAs/HAZOPs. matrices are good tools to teach risk concepts, but in a well led PHA/HAZOP they reduce quality more than they increase quality.

To see much more details, download and read this free paper:


We use a risk matrix and a risk tolerance criteria only when doing a LOPA (to address a confusing issue from a PHA/HAZOP) or when required to a QRA. One reason we might use LOPA is to confirm If a SIL-2 is needed (versus a SIL 1), though not always (and we never recommend a SIL 3… a different discussion). To read more on this side-topic, read:


By |2013-09-06T11:08:30+00:00September 6th, 2013|Uncategorized|2 Comments

About the Author:

William G. (Bill) Bridges is President of the Process Improvement Institute (PII). He has over 30 years of experience, including more than 20 in senior management and senior PSM advisory roles. Bill is considered one of the leading authorities on process safety engineering, risk management, and human error prevention.


  1. Martin November 5, 2013 at 7:35 am - Reply

    I do favour using a risk matrix, as it focusses the team on the potential consequences, forcing them to explicietely state that failure could lead to fatalities. Then it becomes clear why certain measures are necessary. As an example, during a PHA it was stated that due to a process upset a process vessel could become damaged. Upon reviewing the notes I requested for clarification, and it became clear that damage meant Loss of Containment, and a major accident event. Having clarified this, the recommendations were changed, focussing on prevention of LoC rather than improve process control by implementing an alarm. Focussing on effects creates focus on testing the design for safety, rather than improving the design, so0mething that should have been done in a design review

    • Bill Bridges November 26, 2013 at 7:42 am - Reply

      Martin: That is a good example. But note that we accomplish the exact same results without use of a risk matrix. We just carefully state consequences first, then causes, and lastly safeguards. Then we summarize verbal for the team. Then we ask for a risk judgment (is the risk low enough) and then if not we make recommendations. On recommendations we always look for inherently safer options first, then prevention, then detection and halting of the scenario, then detection and shutdown, and finally mitigation/containment (includes relief devices, dikes, etc.). Rather than require a risk matrix for all scenarios, we recommend only using them by exception; that exception rate is about 1 to 5% of the scenarios; and the best way to use a risk matrix is in concert with LOPA (outside of the PHA meeting). By doing 10,000 or so PHAs of entire units, this is what we have found works best. Thanks for your comments.

Leave A Comment