User Tools

Site Tools


Data Management

Visualisation of the relations between pages. Beta version. Click on 'Global Graph' in the top right corner of the screen. Hover over a node to see the relations with other nodes.


Data quality risk analysis


A data quality risk analysis is an analysis with regards to data quality.


Objective of a DQMS is that the data quality requirements are met. A risk analysis shows which situations or events could lead to these objectives not being met and which measures should be taken to reduce the risk to an acceptable level.


Purpose of a risk analysis is to determine actions that prevent data issues.

Life cycle

Phase Activity
Plan * Plan risk analysis
Do * Compose a risk analysis
* Use the risk analysis
Check * Review/Evaluate risk analysis
* Audit risk analysis
Act * Update risk analysis


Characteristic Requirement
Completeness The risk analysis contains the most important situations and events.
Effectiveness The risk analysis leads to preventive actions that produce results.



A risk analysis consists of the next elements:

  1. Asset that has effect on the objectives, e.g., supplier, input file, producer, applications, infra structure, communication, procedures, metadata, etc.
  2. Situation with regard to the asset that can cause an event
  3. Event that can take place that has a negative effect on the objectives
  4. Measures already taken to prevent or correct the situation or event
  5. Exposure: frequency that the situation can occur
  6. Probability: chance that the event will take place
  7. Severity: gravety of the effect on the objectives
  8. Risk-index: Exposure x Likelyhood x Severity
  9. Additional measures needed to decrease the risk-index if the risk index is too high (preventive actions).

The Fine and Kinney method shows which values should be assigned to exposure, probability and severity.

Exposure (E)

The factor exposure indicates the duration that a risk can occur. The scale varies from 0.5 to 10.

  • 0,5 Very rarely (less than once a year)
  • 1 Rarely (yearly)
  • 2 Sometimes (monthly)
  • 3 Occasionally (weekly)
  • 6 Frequently (daily)
  • 10 Constantly (multiple times a day)
Probability (P)

The probability or (mathematical) chance an incident will occur. The expectation is represented by ascribing a value from 0.1 to 10.

  • 0,1 Next to impossible / unthinkable
  • 0,2 Almost unimaginable
  • 0,5 Highly unlikely, but conceivable
  • 1 Unlikely, but possible in the long term
  • 3 Unusual (but possible)
  • 6 Possible
  • 10 To be expected
Severity (S)

The factor severity indicates the possible damage, effects and consequences linked to a hazard. The scale reaches from 1 to 40.

  • 1 Slight effect
  • 3 Important effect
  • 7 Severe effect
  • 15 Very severe effect
  • 40 Disaster
Risk-index (R)

The result of multiplying the parameters defines the risk-index: R = S x E x P.

Classification Risk-index
  • R < 21 Slight risk; acceptable
  • 21 < R = 71 Little risk; attention required
  • 71 < R = 201 Moderate risk; apply simple measures
  • 20 < R = 401 High risk; apply large measures immediately
  • R > 401 Risk is too high; stop activities / operations


Objective: Timely reporting to an external party.

Asset Situation Event Measures taken Exposure Probability Severity Risk-index Additional measures
Data supplier Unreliable Delayed delivery SLA 3 6 7 126 (high) Meet supplier monthly
Application Unavailble Delayed processing Incident procedure 3 0,5 1 1,5 (slight) None


data_quality_management_system/data_quality_risk_analysis.txt ยท Last modified: 2023/03/26 16:46 by peter