In process safety, risk is never zero. The objective is not elimination but systematic reduction of risk to a tolerable level, using appropriate control strategies. Understanding Levels of Risk (LoR) is essential for making defensible engineering decisions, prioritizing safeguards, and ensuring compliance with standards such as IEC 61511, IEC 61508.
What Are Levels of Risk (LoR)?
Levels of Risk classify hazards based on the combination of consequence severity and likelihood of occurrence. Each level carries a clear management expectation—what must be done, how urgently, and at what cost.
Risk is typically categorized into four broad levels:
1. Unacceptable Risk
A level of risk that is not permitted under any circumstances, regardless of operational, economic, or strategic benefits.
Key Characteristics
- Catastrophic consequences and/or high likelihood
- Violates legal, corporate, or societal risk tolerability limits
Control Strategy
- Operation must not proceed
- Immediate risk reduction is mandatory
- Risk reduction measures must be implemented regardless of cost
Typical Actions
- Process re-design
- Additional Independent Protection Layers (IPLs)
- High-integrity Safety Instrumented Functions (SIL systems)
- Shutdown or decommissioning until risk is reduced
This risk category is explicitly defined as unacceptable and demands action without debate.
2. Tolerable Risk (ALARP Region)
A level of risk that is undesirable but may be tolerated, provided that it is reduced to As Low As Reasonably Practicable (ALARP).
Key Characteristics
- Consequences and/or likelihood are of concern
- Risk reduction is required unless the cost is grossly disproportionate to the benefit
Control Strategy
- Apply risk reduction measures where practicable
- Balance cost, time, effort, and technical feasibility against risk reduction benefit
- Demonstrate ALARP through engineering judgment and documentation
Typical Actions
- Add or strengthen safeguards
- Improve reliability of existing IPLs
- Upgrade alarms, procedures, or operator training
- Apply SIL-rated safety systems where justified
The ALARP principle requires implementing a risk control unless the sacrifice is grossly disproportionate to the benefit achieved
3. Acceptable Risk
A level of risk that is sufficiently low, well understood, and adequately controlled.
Key Characteristics
- Meets corporate and regulatory tolerability criteria
- No immediate need for additional safeguards
Control Strategy
- Maintain existing controls
- Periodic review to ensure risk remains acceptable
- Improve controls only when low-cost or legally required
Typical Actions
- Routine inspection and maintenance
- Management of Change (MoC) discipline
- Performance monitoring
Even at acceptable risk levels, organizations are expected to continue reducing risk when it is reasonably practicable to do so
4. Negligible Risk or Broadly Accepted Risk
A level of risk that is below concern, with insignificant consequences and extremely low likelihood.
Key Characteristics
- Minimal safety impact
- No special controls required beyond normal good practice
Control Strategy
- Accept the risk
- No additional risk reduction justified
Negligible risk represents the lower bound of risk concern and typically requires no further action
| Level of Risk | Risk Category | Description | Management Expectation | Control Strategy Required |
|---|---|---|---|---|
| Level 1 | Unacceptable | Risk level is unacceptable regardless of benefits; consequences and/or likelihood are intolerable | Operation must not proceed | Immediate risk reduction mandatory; implement measures regardless of cost; redesign, add IPLs or SIL systems |
| Level 2 | Tolerable (ALARP) | Risk is of concern but may be tolerated if reduced as low as reasonably practicable | Risk must be reduced to ALARP | Implement risk controls unless cost is grossly disproportionate to benefit; justify residual risk |
| Level 3 | Acceptable | Risk is sufficiently low, insignificant, and adequately controlled | Risk can be accepted | Maintain existing safeguards; continue improvement where low-cost or legally required |
| Level 4 | Negligible | Risk is below concern with minimal consequences and very low likelihood | No further action required | Accept risk; manage through normal good engineering and operational practice |
Risk Control Strategy – The Layered Approach
Risk reduction is achieved through a hierarchy of controls, moving from inherent design to engineered systems and external protections.
Risk Reduction Layers
- Inherent safety and design measures
- Basic process control systems (BPCS)
- Alarms and operator actions
- Safety Instrumented Systems (SIS)
- Mechanical protection (relief devices)
- External risk reduction facilities (firewater, blast walls, emergency response)
Risk is progressively reduced until the residual risk falls within the tolerable or acceptable region, as illustrated by TÜV risk reduction concepts.
Relationship to HAZOP, LOPA, and SIL
- HAZOP identifies hazards and assigns qualitative risk levels
- LOPA quantifies risk and checks whether it meets tolerable criteria
- SIL Assessment assigns integrity requirements to safety functions when risk reduction cannot be achieved otherwise
Risk levels directly drive decision-making, not paperwork.
Certified Functional Safety Professional (FSP, TÜV SÜD), Certified HAZOP & PHA Leader, LOPA Practitioner, and Specialist in SIL Verification & Functional Safety Lifecycle, with 18 years of professional experience in Plant Operations and Process Safety across Petroleum Refining and Fertilizer Complexes.
