JP2008262348A - Risk identification plan support system, device and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a risk identification plan support system, device and program for increasing accuracy in risk identification. <P>SOLUTION: The names of risk classifications matching keyword requirements, the number of risk item lists, and a list of names of the risk item lists are displayed at the top of a search result screen as basic information. The analysis results of an analytical process applied are displayed at the bottom of the search result screen. In this case, the results of summary analysis conducted on the risk item lists found are displayed, and as a result the number of projects, the names of the projects, the number of risk identification techniques applied, the risk identification techniques applied, the incidence of risks associated with risk items (average, variance), the influence of risks associated with the risk items (average, variance), the number of each risk that occurred, and the total number of risks that occurred are displayed. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a risk identification plan support system, a risk identification plan support device, and a risk identification plan support program.

  In a project composed of various scenes such as software development, product development, construction planning, etc., it is a serious issue to appropriately identify risks that occur during the progress. Risk identification is often performed by using a predetermined risk identification technique while referring to risk identification information accumulated in the past.

  As a technology relating to such risk identification, for example, as in Patent Document 1, a checklist is referred to with reference to a risk casebook in which descriptions relating to past incidents, accident contents and damages, and magnitude of loss are made. There is a method of identifying risks using.

  For example, in Patent Document 2, in order to grasp in advance problems that may occur due to risk, risk information in which evaluation points are provided for each past risk item is accumulated in a shared database, and the evaluation points There has been proposed a system in which data having similarity in the bias can be searched.

  Here, the concepts of risk and project are explained.

(risk)
The risk is defined in the field of risk management, but the definition in Non-Patent Document 1 and Non-Patent Document 2 is well known.

  In Non-Patent Document 1, risk is defined as “combination of event occurrence probability and event result”. Here, the event, the probability of occurrence, and the result are also defined respectively. The event is “occurrence of a certain series of situations”, the probability of occurrence is “the degree that the event is likely to occur”, and the result is “it is caused by the event” . In addition, risk factors are defined as “things or actions that can potentially have consequences”. If further explanation is added, it can be said that the event is “a flow of a series of situations / a flow including a passage of time”. In addition, “something in the flow of time inevitably reaches a certain final point”, and this final reaching point becomes “result”.

  Further, in Non-Patent Document 2, the risk is “a combination of the likelihood of the situation and its result, or a combination of the probability of occurrence of the situation and its result”. Note that the concept of risk in this specification may be any case of the above documents.

(project)
Non-Patent Document 3 describes the characteristics of the project, and Non-Patent Document 4 describes the definition of the project. The concept of the project in this specification is the range described in those documents.
JP 2006-23789 A JP-A-2005-149414 TR Q 0008: Risk Management-Terminology-Guidelines for use in standards) ISO / IECGuide 73 (IDT) (explanatory recording) (JIS Handbook, 58-4, Risk Management, January 31, 2004, 1st Edition 1 Issued by the Japanese Standards Association) JIS Q 2001: 2001 Guidelines for building a risk management system (explained) (JIS Handbook, 58-4, Risk Management, January 31, 2004, 1st edition, 1st edition, Japan Standards Association) Project Management Knowledge System Guide (PMBOK Guide) 3rd edition, published by Project Management Institute, Inc, 2004 JIS Q 10006: 1998 Quality Management-Quality Guidelines in Project Management, JIS Handbook 58, Management System, January 31, 2001, published by the Japanese Standards Association

  It is an object of the present invention to provide a risk identification plan support system, a risk identification plan support device, and a risk identification plan support program that improve the accuracy of risk identification.

  To achieve the above object, the invention of the risk identification plan support system according to claim 1 manages a risk item group including one or more risk items, and acquires a risk item group related to an activity from the management means. And an analysis means for analyzing characteristics indicating effectiveness in identifying an activity risk for the risk item group acquired by the acquisition means, and a characteristic analyzed by the analysis means is displayed. Display means.

  The invention according to claim 2 is the invention according to claim 1, wherein the analyzing means is the probability of occurrence of the event by the risk item included in the risk item group acquired by the acquiring means, its degree of influence, and the number of occurrences thereof. , Analyzing at least one of the number of event occurrences in the entire risk item group.

  The invention according to claim 3 is the invention according to claim 1, wherein the analysis means analyzes the degree of leakage of the risk item with respect to the risk item group acquired by the acquisition means, and the display means is the analysis An evaluation value relating to the degree of leakage of the risk item analyzed by the means is displayed.

  The invention of claim 4 is the invention of claim 3, wherein the evaluation value is a first evaluation value derived based on the number of risk items included in the risk item group acquired by the acquisition means, It includes at least one of a second evaluation value derived based on the number of days that the risk item group has been used, a first evaluation information, and a third evaluation value derived based on the second evaluation information.

  Further, in the invention of claim 5, in the invention of claim 1, the analysis means analyzes the degree of inclusion of unnecessary risk items for the risk item group acquired by the acquisition means, and the display means An evaluation value relating to the degree of inclusion of the unnecessary risk item analyzed by the analyzing means is displayed.

  The invention of claim 6 is the invention of claim 5, wherein the evaluation value is a first evaluation value derived based on the number of risk items included in the risk item group acquired by the acquisition means, A second evaluation derived based on the proportion of risk items in which an event has occurred in the risk items included in the risk item group, a third evaluation derived based on the first evaluation value and the second evaluation value At least one of the evaluation values.

  The invention according to claim 7 is the invention according to claim 1, wherein the analysis means analyzes a risk item identification technique used for identifying risk items included in the risk item group acquired by the acquisition means. The display means displays a recommended risk item identification method based on the analysis result of the analysis means.

  The invention according to claim 8 is the invention according to claim 1, wherein the granting means for giving a predetermined priority to the information indicating the effectiveness of the analysis by the analysis means, and the risk item analyzed by the analysis means Ranking processing means for ranking groups based on a predetermined priority given by the granting means, the display means by the effectiveness and ranking processing means corresponding to the risk item Displays the ranked rank.

  The invention of claim 9 further comprises a creation means for creating a risk identification plan in the invention of claim 1, wherein the display means is acquired by the acquisition means when the risk identification plan is created by the creation means. Displayed risk item group.

  The invention of claim 10 further comprises a creation means for creating a risk identification plan according to the invention of claim 1, wherein the display means is a risk by the acquisition means when creating the risk identification plan by the creation means. When the item group is acquired, the characteristic analyzed by the analyzing unit is displayed corresponding to the risk item.

  The invention of claim 11 further comprises input means for inputting a risk identification result for the risk identification plan created by the creation means in the invention of claim 9 or 10, wherein the management means The risk identification result input from the input means is managed in association with the risk item.

  The invention according to claim 12 is the invention according to claim 1, wherein the risk item group is classified into a plurality of categories, and the acquisition means includes information on a category for classifying the risk item group, and the risk Acquire based on information about item groups.

  Further, the invention of the risk identification plan support device of claim 13 is an acquisition means for acquiring a risk item group related to an activity from a risk item group including one or more risk items, and a risk item group acquired by the acquisition means. Analysis means for analyzing the characteristics indicating effectiveness in identifying the risk of the activity, and display processing means for displaying the characteristics analyzed by the analysis means.

  Further, the invention of the risk identification plan support program according to claim 14 is an acquisition means for acquiring a risk item group related to an activity from a risk item group including one or more risk items, and the risk acquired by the acquisition means. It is made to function as an analysis means for analyzing a characteristic indicating effectiveness in identifying an activity risk for the item group, and a display processing means for displaying the characteristic analyzed by the analysis means.

  According to the risk identification plan support system of claim 1, leakage of risk items and noise are reduced as compared with the case without this configuration, and the accuracy of risk identification can be improved.

  Moreover, according to the risk identification plan support system of Claim 2, the analysis result of the summary information implemented with respect to the risk item group relevant to activity can be referred.

  In addition, according to the risk identification plan support system of claim 3, it is possible to refer to an evaluation value related to the degree of leakage of risk items performed on the risk item group related to the activity.

  Further, according to the risk identification plan support system of claim 4, it is possible to refer to detailed information about the evaluation value related to the degree of leakage of the risk item.

  Further, according to the risk identification plan support system of claim 5, it is possible to refer to an evaluation value relating to the degree to which unnecessary risk items that have been implemented for the risk item group related to the activity are included.

  Further, according to the risk identification plan support system of the sixth aspect, it is possible to refer to detailed information on the evaluation value relating to the degree of including unnecessary risk items.

  Further, according to the risk identification plan support system of the seventh aspect, it is possible to refer to the recommended risk item identification method.

  Moreover, according to the risk identification plan support system of claim 8, it is possible to rank the risk item group related to the activity based on a predetermined priority.

  Moreover, according to the risk identification plan support system of claim 9, when creating the risk identification plan, it is possible to refer to the risk item group related to the activity.

  According to the risk identification plan support system of claim 10, when the risk identification plan is created, the analysis result can be referred to together with the risk item group related to the activity.

  Further, according to the risk identification plan support system of the eleventh aspect, the risk identification result can be input to the created risk identification plan.

  According to the risk identification plan support system of claim 12, the risk item group can be acquired based on the information on the classification and the risk item group.

  In addition, according to the risk identification plan support apparatus of the thirteenth aspect, as compared with the case where the present configuration is not provided, risk item leakage and noise are reduced, and the accuracy of risk identification can be improved.

  In addition, according to the risk identification plan support program of the fourteenth aspect, compared with the case where the present configuration is not provided, risk item leakage and noise are reduced, and the accuracy of risk identification can be improved.

  Hereinafter, embodiments of a risk identification plan support system, a risk identification plan support apparatus, and a risk identification plan support program according to the present invention will be described in detail with reference to the accompanying drawings. First, the concept of main terms used in this embodiment will be defined.

(risk)
As described using Non-Patent Document 1 and Non-Patent Document 2, the concept of risk in the present embodiment may be any case described in these documents.

(Risk items)
A risk item is a concept that includes at least an event or event in the definition of risk. Further, in addition to this, it may include any one or all of the result of the event or situation, the probability of occurrence of the event or the likelihood of the situation, or the occurrence probability or risk factor.

(Risk classification)
The risk category may be a risk classification item, a risk item classification item, or a potential risk factor or risk factor classification item.

(Risk identification)
It is a process of identifying and documenting related risks, clarifying the characteristics of risks, characteristics of risk items, characteristics of risk elements, and creating a list. Here, at least the risk specific definition of Non-Patent Document 1 is included. In Non-Patent Document 1, risk identification is “a process of finding, listing, and characterizing risk elements. Elements may include risk factors or hazards, events, results, and probability of occurrence.” . Moreover, the definition of the risk discovery of nonpatent literature 2 shall be included. In Non-Patent Document 2, risk identification is defined as “a process of discovering and recognizing a situation affecting the organization and its result”.

(Risk identification plan)
Managing risk includes identifying the risk, qualitatively or quantitatively analyzing the risk, examining how to respond when the risk occurs, and monitoring the risk. In addition, plans to manage such risks may be considered.

  In this risk management plan, in particular, the plan relating to risk identification is the scope of the risk identification plan referred to in the present embodiment. The risk identification plan may be considered before risk identification begins, may be considered during risk identification, or may be considered after risk identification. These are, for example, preliminary plan examinations, examinations of revisions and revisions of plans during risk identification, and examinations of plans by reflection after the completion of risk identification.

(project)
As described using Non-Patent Document 3 and Non-Patent Document 4, the concept of the project is within the range described in those documents. In the present embodiment, a project related to the project will be described as an example. However, an actual project has a broader concept than the project in the present embodiment, and may be related to a human activity, for example. .

(Impact)
In this embodiment, the degree of influence is expressed by numbers. As the influence degree, for example, a numerical value defined in the influence degree table shown in FIG. 48 or the like is used. In general, the impact is a negative impact and a positive impact on the project goal.

  FIG. 48 shows an example of a negative influence degree table. That is, it defines a negative influence score (1 to 10) for the project purpose. Project goals include cost, time and quality. The degree of influence is defined by defining a negative degree in the sentence with respect to the project goal, and further defining the degree of influence on the degree of the sentence in terms of the score and the degree of influence.

  There are various expressions of degree. For example, the cost or time excess may be defined as a percentage, or may be defined by whether the project stakeholders are satisfied, likely to be, or not. In the example of this influence degree table, the influence degree is expressed by whether or not re-planning is possible.

  For example, as for the degree of influence on the risk item entered on the screen shown in FIG. 27 to be described later, if the largest degree of influence is input in consideration of which project objective it has the most influence when a risk occurs. Good. Here, a table about negative influences is given as an example, but positive influences may also be defined.

(Probability of occurrence)
The occurrence probability may be defined as an influence degree table. In other words, you may give a percentage expression of the probability to expressions such as “definitely occur”, “occurrably occur”, “occurrence is 50/50”, “relatively not occur”, and “rarely occur” . The occurrence probability may have a table expressing a combination with the influence degree.

  FIG. 1 is a diagram illustrating an example of the overall configuration of a risk identification plan support system.

  In the risk identification plan support system, a client 10 and a server 20 are connected via a network 30 constituted by a LAN (Local Area Network), a WAN (Wide Area Network), or the like. Here, one client 10 and one server 20 are connected here, but a plurality of these devices may be provided. Various other devices may be connected to the network 30.

  The client 10 is a general-purpose personal computer or the like handled by a user such as a risk identification planner. In this embodiment, a case where a Web browser is used for accessing the server 20 will be described. However, the server 20 may be accessed using means other than the Web browser.

  The server 20 is a server computer or the like that provides data, execution results of various processes, and the like to the client 10 in response to a request from the client 10. In the server 20 in this embodiment, a Web server is provided in order to respond to access from the client 10 via the Web browser 10.

  The client 10 and the server 20 include a CPU (Central Processing Unit) as the main control units 11 and 21, a display as the output units 12 and 22, a keyboard and a mouse as the input units 13 and 23, an external storage unit 14, It comprises a hard disk drive (HDD) 24, a ROM (Read Only Memory), a RAM (Random Access Memory), etc. as the main storage units 15 and 25, and these are connected to the buses 16 and 26. These components are controlled by the main control units 11 and 21 executing programs stored in the external storage units 14 and 24.

  Here, a part of the functional configuration of the server 20 shown in FIG. 1 will be described with reference to FIG.

  The functional configuration realized on the server 20 is largely divided into a risk information management unit 40 and a risk identification plan management unit 50.

  First, the risk information management unit 40 will be described. The risk information management unit 40 performs a function of managing risk items used in past projects and information related to the risk items, a risk item information database 41, a risk identification plan database 42, a project information database 43, and an evaluation. And an information database 44.

  First, the risk item information database 41 will be described in detail. FIG. 3 is a diagram conceptually showing the data structure in the risk item information database 41. In addition, although the risk item is included in the risk item list and is organized, it may not be such a grouping method. They may be arranged or combined according to some rules or arrangement.

  The risk item information database 41 is mainly composed of two elements: a risk item list and a risk category. The risk item list is an element including one or more risk items, and the risk classification is an element for classifying the risk item list.

  To briefly explain the relationship between these elements, some risk categories and risk item lists have old and new versions. The risk item list corresponding to the new version is associated with the old version of the risk item list, and the risk item list corresponding to the old version is associated with the new version of the risk item list. The oldest risk item list is always included in the risk category. Further, the reference relationship between the risk item lists indicates that a new risk item list has been created with reference to the reference risk item list, and either of them corresponds to the reference source or the reference destination.

  Here, the data structure in the risk item information database 41 will be specifically described with reference to FIGS. 4 to 6.

  The risk item information database 41 includes a risk category related information management table, a risk item list related information management table, and a risk item list information management table in order to realize the conceptual data structure. Here, FIG. 4 shows an example of the risk category related information management table, FIG. 5 shows an example of the risk item list related information management table, and FIG. 6 shows an example of the risk item list information management table.

  The risk category related information management table shown in FIG. 4 fulfills a function of managing information indicating how the risk category is related to other risk categories and risk item lists. In the risk category related information management table, corresponding to the risk category ID indicating information for identifying the risk category, the risk category name indicating the name, the upper risk category ID indicating the identifier of the upper risk category, and lower A lower risk category ID indicating the identifier of the risk category and a lower risk item list ID indicating the identifier of the risk item list corresponding to the lower level are held.

  The risk item list related information management table shown in FIG. 5 functions to manage information indicating how the risk item list relates to other risk item lists and risk categories. In the risk item list related information management table, the risk item list ID indicating the information for identifying the risk item list, the risk item list name indicating the name, and the identifier of the project related to the risk item list are indicated. Project ID, upper risk category ID indicating an upper risk category identifier, upper version indicating higher version information, lower version indicating lower version information, upper reference indicating risk item list information in a reference relationship, and Subordinate references are retained.

  The risk item list information management table shown in FIG. 6 has a function of managing one or more risk items included in the risk item list. The risk item list information management table includes a risk item corresponding to a risk item list ID indicating information for identifying the risk item list and a risk item number indicating an item number in the risk item list ID, and the risk item The probability of occurrence of an item, the degree of influence on the surroundings when the risk item occurs, the number of occurrences indicating the number of times a risk has occurred, and the risk identification technique used to identify the risk item are retained.

  Next, details of the risk identification plan database 42 will be described with reference to FIG. The risk identification plan database 42 includes a risk identification plan information management table.

  The risk identification plan information management table functions to manage risk identification plan information. The plan information for risk identification is a collection of information on matters that become risks during the progress of a project, etc., and this information includes the technique used for risk identification, its policy, and the like. In the risk identification plan information management table, in correspondence with the risk identification plan ID indicating information for identifying the risk identification plan, the risk identification plan name indicating the name, the project ID indicating information for identifying the project, A risk category ID indicating information for identifying a risk category, a reference risk item list ID indicating an identifier of a referenced risk item list, an applied risk identification technique list indicating a list of applied risk identification techniques, and a risk item list are identified. A risk item list ID indicating information for the purpose, and a plan message indicating a risk identification policy.

  Next, details of the project information database 43 will be described with reference to FIG. The project information database 43 includes a project information management table.

  The project information management table functions to manage information related to the project. In the project information management table, a project name indicating the name and a project start date indicating the project start date are stored in association with a project ID indicating information for identifying the project.

  The evaluation information database 44 functions to manage evaluation information used when analyzing the risk item list. Since the evaluation information database 44 is not particularly relevant in the first embodiment, details thereof will be described in the second embodiment.

  The above is the description of the risk information management unit 40. Note that the configuration of the table described with reference to FIGS. 4 to 8 is merely an example, and the present invention is not limited to this. The table configuration can be appropriately changed based on the system configuration and its scale. The same can be said for tables and data structures described in other drawings.

  Next, the risk identification plan management unit 50 will be described. The risk identification plan management unit 50 performs a function of performing risk identification plan processing using various data managed by the risk information management unit 40, and includes a search condition / application analysis information holding unit 51, an acquisition unit 52, Search / analysis result holding unit 53, display processing unit 54, analysis unit 55, recommended ranking control unit 56, risk identification plan creation unit 57, risk identification result input unit 58, risk identification plan main control unit 59.

  The search condition / application analysis information holding unit 51 has a function of holding search conditions input by the risk identification planner via the input unit 13, information on analysis processing to be applied, and the like, and a search / analysis result holding unit 53 fulfills the function of holding search results and analysis results thereof.

  The acquisition unit 52 has a function of acquiring a corresponding risk item list from the risk information management unit 40, and has a function of searching for a corresponding risk item list based on the search condition held in the search condition / application analysis information holding unit 51. And a selection unit 52b that performs a function of selecting a risk item list instructed by the risk identification planner via the input unit 13 (instruction specifying a folder or the like). That is, in the acquisition unit 52, the corresponding risk item list is acquired depending on whether the search is performed by the search unit 52a or the selection unit 52b. In this embodiment, the case where the corresponding risk item list is acquired by searching by the search unit 52a will be described, but the same applies to the case where the corresponding risk item list is acquired by selecting by the selection unit 52b. Can be processed.

  The display processing unit 54 has a function of displaying various screens on the output unit (display or the like) 12 of the client 10, and includes a screen generation unit 54a that generates a Web page screen composed of HTML (HyperText Markup Language) or the like. Configured. The display processing in the display processing unit 54 in this embodiment is performed by generating a Web page screen that can be displayed on the Web browser and transmitting it in response to a request from the Web browser of the client 10.

  The analysis unit 55 performs a function of analyzing the risk item list acquired by the acquisition unit 52, and performs a summary analysis unit 55a that performs a summary analysis, a leak score analysis unit 55b that analyzes a leak score, and a noise score A noise score analysis unit 55c that performs analysis and a recommended risk identification technique analysis unit 55d that performs analysis of a recommended risk identification technique are provided. In the analysis part 55, the characteristic which shows the effectiveness in identifying the risk of a project is analyzed, for example.

  Here, the outline of each analysis process performed by the analysis unit 55 will be briefly described.

  In the summary analysis by the summary analysis unit 55a, the occurrence probability (average, variance) of risk items, the degree of influence (average, variance), the number of occurrences (average, variance), the number of occurrences in the entire risk item list (average, variance), etc. Analysis of summary information including

  In the leak score analysis performed by the leak score analysis unit 55b, the degree of leakage of risk items included in the risk item list is analyzed. For example, if the number of risk items is small or the number of used items is small, the degree of omission in the risk item list is evaluated as high.

  In the noise score analysis by the noise score analysis unit 55c, an analysis of the degree to which unnecessary risk items are included in the risk item list is performed. For example, if the number of risk items is large or the ratio of the number of risked items to the total number of risk items is small, the noise in the risk item list is evaluated as high.

  In the recommended risk identification technique analysis performed by the recommended risk identification technique analysis unit 55d, a risk identification technique that is recommended over the risk identification technique used for risk identification is analyzed. This analysis is performed on the basis of the cost, risk of leakage, noise, and the like when performing risk identification. The above is a brief description of each analysis process performed by the analysis unit 55.

  The recommendation ranking control unit 56 performs a function of controlling the process of ranking the risk item list that matches the search by the search unit 52a based on a predetermined criterion, and recommends ranking the risk item list. The ranking processing unit 56a and a priority providing unit 56b that assigns a priority as a reference for the ranking to each analysis process or the like.

  The risk identification plan creation unit 57 has a function of creating a risk identification plan. Specifically, a risk identification plan is created (including correction) based on an instruction input via the input unit 13 by a risk identification planner, and is registered in the risk identification plan database 42. In some cases (such as when a new risk item list is created), data is also registered in the risk item information database 41.

  The risk identification result input unit 58 functions to input a result for the risk identification plan created by the risk identification plan creation unit 57. The risk identification result input unit 58 inputs a result for the risk identification plan based on an instruction input by the risk identification planner via the input unit 13 and registers the result in the risk item information database 41.

  The risk identification plan main control unit 59 fulfills a function of performing overall control of processing in the risk identification plan management unit 50. That is, various processing functions configured on the risk identification plan management unit 50 operate according to instructions from the risk identification plan main control unit 59. The risk identification plan main control unit 59 also controls input / output of data generated between the processing functions. This completes the description of the various processing functions that constitute the risk identification plan management unit 50.

  Here, the operation of the risk identification plan support system shown in FIG. 1 will be described. First, the operation when searching the accumulated risk item list will be described with reference to FIGS. Here, description will be made with a focus on the flowcharts shown in FIGS.

  The planner of risk identification first accesses the server 20 from the client 10. That is, a Web server operating on the server 20 is accessed using a Web browser or the like. Then, the risk management menu screen shown in FIG. 11 is displayed on the output unit 12 of the client 10 (step S101). The risk management menu screen has three selection items: “Search past risk item list”, “Plan risk identification”, and “Enter risk identification result”. The person selects a desired item from here and executes subsequent processing. Here, it is assumed that “search past risk item list” is selected.

  When “search past risk item list” is selected by the risk identification planner (step S102), a search condition input screen shown in FIG. 12 is displayed on the output unit 12 of the client 10 (step S103). ). The search condition input screen is a screen for inputting or selecting a search condition for selecting a past risk item list and an analysis process to be performed on the risk item list that matches the search condition. The search condition input screen is large and is divided into a keyword condition input area located at the top of the screen and an analysis processing selection area located at the bottom of the screen.

  In the keyword condition input area, a condition for searching a desired risk item list can be input by a keyword. Acceptable keywords are risk category and risk item. Here, the risk item list that matches both the risk category and the risk item input as the search condition (AND search) or matches either (OR search) is searched.

  In the analysis process selection area, an analysis process to be applied to the risk item list searched by the keyword condition can be selected. The types of analysis processing include "Summary analysis", "Leakage score analysis", "Noise score analysis", and "Recommended risk identification technique analysis". Check boxes provided alongside these analysis processes (multiple selections) The analysis process to be applied can be selected by selecting (Yes). In the search condition input screen shown in FIG. 12, “risk classification: schedule” and “risk item: schedule” are the keyword search conditions, and the analysis process performed by the summary analysis on the risk item list matched by the search It becomes.

  When the risk identification planner inputs or selects a keyword condition and analysis processing from the search condition input screen, the input or the like is accepted by the server 20 (step S104). Here, when the check box attached to the recommendation ranking is selected for this input or the like (YES in step S105), a recommendation ranking standard setting screen is displayed on the output unit 12 of the client 10 (step S105). S106). The recommended ranking criteria setting screen is a screen for setting criteria for ranking the analyzed risk item list. Details of the recommended ranking criteria setting screen will be described in a third embodiment.

  When the input to the recommended ranking reference setting screen and the search condition input screen is completed, the risk identification planer instructs the search (presses the search button). Then, the input search condition is accepted on the server 20 side (YES in step S107), the search condition / application analysis information holding unit 51 holds the search condition (step S108), and the search unit 52a. The search process based on the search condition is started (step S109). At this time, the search condition held in the search condition / application analysis information holding unit 51 has the data configuration shown in FIG. That is, a risk category keyword, a risk item keyword, an outline analysis, a leak score analysis, a noise score analysis, a recommended risk identification technique analysis, and a recommended rank reference ID are held in correspondence with the uniquely assigned search condition ID. For the risk category keyword and risk item keyword, the keyword input from the search condition input screen is held as it is, and each analysis process is held ON or OFF by selection or non-selection. Further, the recommended rank reference ID is held when recommended ranking is selected on the search condition input screen. The details of the recommended rank reference ID and the data corresponding to the ID will be described in the third embodiment.

  When the search process in step S109 is started, after the risk item list corresponding to the search condition is collected, the collected risk item list is held as a search result in the search / analysis result holding unit 53 (step S109). S110). At this time, the search result held in the search / analysis result holding unit 53 has the data structure shown in FIG. That is, a search condition ID, a risk category ID, a number of risk item lists, and a risk item list are held in correspondence with the uniquely assigned search result ID.

  In addition, here, when the risk item list to be matched with the keyword condition constitutes multiple versions, processing is performed to make the resulting product the latest version. The process may result in the oldest version.

  Here, the collected risk item list is a collection of the items previously collected as a risk item list by a search. However, a new risk item list may be obtained by reorganizing in a different manner or order according to the user's intention and the time when it was held in the database during the search process. Moreover, although it is gathered as a risk item list on the database, it may be a different way of gathering. Further, instead of the risk item list, it may have a tree structure or a network structure. Further, although it is considered to take out the risk item list in the search processing, a method of acquiring a collection of risk item lists stored in the folder may be used.

  When the search of the risk item list is completed in this way, the process proceeds to FIG. 10, and the analysis process for the risk item list collected by the search is started (step S111 to step S118). As described above, the analysis process selected in the analysis process selection area on the search condition input screen is executed. When the analysis process is started, it is determined whether to execute summary analysis, leak score analysis, noise score analysis, recommended risk identification technique analysis, and selected on the search condition input screen described in FIG. The analyzed processing is executed. That is, when no analysis process is selected on the search condition input screen, no analysis process is executed.

  When a series of analysis processing is completed, it is determined whether or not ranking is performed on the analyzed risk item list. When ranking is performed (YES in step S119), recommended ranking processing is executed. (Step S120). In this process, ranking is performed based on the criteria set on the recommended ranking criteria setting screen. Details of the recommendation ranking process will be described in a third embodiment.

  When the analysis process, the recommendation ranking process, and the like are completed, the search / analysis result holding unit 53 holds the analysis result (step S121). Note that the analysis result is retained only when an analysis process is selected at the time of search. At this time, the analysis result held in the search / analysis result holding unit 53 has the data structure shown in FIG. Here, FIG. 15 shows analysis results that are retained when the summary analysis is performed. The search result ID, the number of projects, the project list, the number of applied risk identification techniques, the applied risk identification technique list, The probability of occurrence (average, variance), the degree of influence (average, variance), the number of occurrences per risk item list (average, variance) and the total number of occurrences are included. In addition, when leakage score analysis, noise score analysis, and recommended risk identification technique analysis are performed, an analysis result different from the data structure shown in FIG. 15 is retained. The second embodiment will be described.

  When the search and analysis results are held, the search result screen shown in FIG. 16 is displayed on the output unit 12 of the client 10 (step S122). In other words, this is a screen displayed based on the above-described search results and analysis results. In this case, there are a plurality of risk item lists collected by keyword search, and all of them are included in one risk category, but the same applies to cases where they are included in a plurality of risk categories. At the top of the search result screen, the name of the risk category that matches the keyword condition, the number of risk item lists, and the list of risk item list names are displayed as basic information. The analysis result of the applied analysis process is displayed at the bottom of the search result screen. In this case, the result of the summary analysis is displayed, which includes the number of projects, project name, number of applied risk identification techniques, list of applied risk identification techniques, probability of occurrence (average, variance), risk The degree of influence (average, variance), the number of occurrences of risk, and the total number of occurrences of risk are displayed. If no check box attached to the analysis process is selected on the search condition input screen, the analysis result is not displayed and only basic information (search result) is displayed.

  Here, the detailed operation of the summary analysis process in step S112 of FIG. 10 will be described with reference to FIG. The leakage score analysis process in step S114, the noise score analysis process in step S116, and the recommended risk identification technique analysis process in step S118 will be described in the second embodiment.

  In the summary analysis process, summary information is analyzed for the risk item list held in step S110 of FIG. The summary information includes the number of projects involved in the risk item list, the list of project names, the number of applied risk identification techniques, the list of risk identification techniques, the average and variance of the occurrence probability of risk items, and the impact level of risk items. Average and variance, including the average and variance of the number of occurrences of risk in one risk item list, the number of occurrences of risk in all risk item lists

  When the overview analysis process is started, first, the risk item list ID to be analyzed is acquired from the search result (see FIG. 14) held in the search / analysis result holding unit 53. If there are a plurality of corresponding risk item list IDs, a plurality of risk item list IDs are acquired (step S201).

  Based on the acquired risk item list ID, the risk item information database (FIG. 5: risk item list related information management table) 41 and the project information database (FIG. 8: project information management table) 43 are searched, and the risk item list The number of projects related to the ID and information related to the project ID are acquired. The acquired information is held as an analysis result in the project number and project list in FIG. 15 (step S202).

  When the information about the project is collected, the risk item information database (FIG. 6: risk item list information management table) 41 is searched based on the risk item list ID acquired in step S201, and the risk identification for the risk item list ID is performed. Get information about the number of risk identification techniques used in the list. This acquired information is held as an analysis result in the number of applied risk identification techniques and the applied risk identification technique list in FIG. 15 (step S203).

  When the collection of information on the risk identification technique is completed, the risk item information database (FIG. 6: risk item list information management table) 41 is searched based on the risk item list ID acquired in step S201, and the risk item list ID is set to the risk item list ID. The corresponding risk occurrence probability and degree of influence are acquired (step S204). When the acquisition is completed, the probability of occurrence and the average and variance of the impact are calculated for each risk item. This calculated information is held as an analysis result in the occurrence probability (average, variance) and the influence (average, variance) in FIG. 15 (step S205).

  Finally, the risk item information database (FIG. 6: risk item list information management table) 41 is searched based on the risk item list ID acquired in step S201, and the number of occurrences of the risk corresponding to the risk item list ID is acquired ( Step S206). When the acquisition is completed, the average and variance of the number of occurrences are calculated for each risk item. At this time, the average and variance of the number of occurrences for all risk items are also calculated simultaneously. This calculated information is held as an analysis result in the number of occurrences (average, variance) per risk item list and the total number of occurrences in FIG. 15 (step S207).

  The above is the description of the operation of the summary analysis process. In the risk item list information management table in FIG. 6, only one risk item list (risk item list ID: RIL-0001-V3) is held. However, in the above-described processing, other risk item lists are also stored. It is described as being held.

  Next, the operation when displaying the risk item list detail screen from the search result screen will be described using FIG. 18 and FIG. The risk item list detail screen is a screen that displays detailed information on the risk items included in the risk item list. Here, the description will be given with a focus on the flowchart shown in FIG.

  Any risk item in the risk item list (inside the dotted frame in FIG. 16) displayed in the basic information of the search result screen by the risk identification planer who refers to the search result screen via the input unit 13 such as a mouse. This process begins when the name of the list is selected.

  On the server 20 side that has received this selection operation (step S301), the search unit 52a searches the risk item information database 41 and acquires detailed information on the selected risk item list (step S302). Then, the display processing unit 54 displays the risk item list detail screen shown in FIG. 19 on the output unit 12 of the client 10. The risk item list detail screen displays information on risk items included in the risk item list, in addition to the risk category, risk item list name, version, and reference. That is, on the risk item list detail screen, information held in the risk item list related information management table described in FIG. 5 and the risk item list information management table described in FIG. 6 are displayed.

  Next, the operation | movement at the time of performing a risk identification plan is demonstrated using FIGS. 20-24. Here, the description will be given with a focus on the flowchart shown in FIG.

  When the risk identification planner accesses the server 20 using the Web browser or the like of the client 10, the risk management menu screen described in FIG. 11 is displayed on the output unit 12 of the client 10 (step S401). Here, it is assumed that “plan risk identification” is selected.

  When "plan risk identification" is selected by the risk identification planner (step S402), a risk identification plan creation screen shown in FIG. 21 is displayed on the output unit 12 of the client 10 (step S403). The risk identification plan creation screen is a screen on which a risk identification planner creates (including corrections) a risk identification plan. Here, the risk identification plan creation screen will be described according to the input procedure by the risk identification planner.

  First, the risk identification planner selects an existing or new one in the field of the risk identification plan with a radio button (exclusive selection button) (step S403). To modify an existing risk identification plan, select New if an existing risk identification plan is to be created. Here, a newly added radio button is selected, and a bio patent search schedule / risk identification plan is input as its name.

  After completing the input in the risk identification plan column, it is determined whether or not an existing one has been selected. If existing is selected (YES in step S404), the existing data is read, and the data is displayed in each column described later (step S405). That is, when the existing one is selected, the risk identification planner performs an additional input or correction on the displayed data.

  Subsequently, the risk identification planner designates which project the risk identification plan belongs to in the project name column (step S406). In the case of an existing project, when the selection button is pressed, the name is displayed in the list, so that it is selected and specified, and in the case of a new project, the project name is input in the text input area. In this case, an existing project “Bio-company survey project (PJ-002)” is designated.

  Subsequently, the risk identification planner specifies in which risk category the risk for which risk identification is planned belongs in the column of risk category (step S407). In the case of an existing risk category, the name is displayed in the list when the selection button is pressed, so select it from the list and specify it. Enter in the text input area. In this case, the existing risk category “schedule” is designated.

  When creating a new risk item list for an existing version, press the select button in the upper version risk item list field and select the risk item list from the displayed list. (Step S408). In this case, nothing is specified.

  Subsequently, the risk identification planner designates a risk item list to be referred to in risk identification in the reference risk item list field (step S409). The designation of the risk item list to be referred to is performed by searching for a desired risk item list and selecting it. Here, when the search button is pressed, the same processing as when “Search past risk item list” in the above-described risk management menu is selected is performed. The risk item list to be referenced should be determined in consideration of the results of searching the risk item list and analysis results such as summary analysis, leakage score, noise score analysis, recommended risk identification technique analysis, etc. become. In other words, using the results of searching and analyzing past risk item lists (basic information, analysis results), selecting appropriate risk categories, selecting risk item lists that are likely to be effective for risk identification, etc. It is possible to specify such a risk identification technique and to determine a message such as a planning policy.

  In this case, “survey schedule / risk (RIL-0001-V3)” is selected as the risk item list to be referred to. When a selection button attached to the risk item list is pressed, a list of risk item lists is displayed. When a name is selected from the list and specified, the risk item list detail screen described in FIG. 19 is displayed, and detailed information on the risk item list can be obtained.

  Subsequently, the risk identification planner selects a risk identification technique used for risk identification in the column of applied risk identification technique (step S410). In this case as well, when a selection button provided in the same manner as described above is pressed, a list of risk identification techniques is displayed, which is selected and designated. When a plurality of risk identification techniques are used, a selection text input area and a selection button are added when the add button is pressed, and the risk identification technique may be designated in the same manner as described above. In this case, brainstorming and data survey are specified as the risk identification techniques to be applied. The risk identification technique to be applied is determined by referring to the reference risk item list described above.

  Subsequently, the risk identification planner designates the name of the risk item list to be newly created in the field of the risk item list (step S411). If there is an old version for the new risk item list, the selection button is pressed to select from the list. In this case, a bio patent search schedule / risk is created as a new risk item list.

  Subsequently, the risk identification planner inputs a policy or the like regarding the risk identification plan in a message in the description of the risk identification plan (step S412). In this case, a policy is set to instruct to conduct brainstorming from the beginning and to examine past materials without considering individual risk identification techniques.

  When necessary items are entered into the input field, the risk identification planer presses a setting button provided at the bottom of the screen to instruct registration of the input information. Then, on the server 20 side that has received this press, the risk identification plan creating unit 57 registers the input contents in the risk identification plan database 42 (steps S413 and S414). At this time, the risk identification plan ID is automatically numbered and associated with the registration information. The risk identification plan creation unit 57 registers information on the newly created risk item list in the risk item information database 41 as well as registration in the risk identification plan database 42 (step S415).

  Here, when the risk identification plan information is registered in step S414, the risk identification plan information management table in the risk identification plan database 42 contains data based on the input contents from the risk identification plan creation screen shown in FIG. Registration is performed. The data contents held in the risk identification plan information management table described in FIG. 7 are based on the input contents from the risk identification plan creation screen shown in FIG.

  When the new risk item list is registered in step S415, the data structure in the risk item information database 41 has the configuration shown in FIG. This is obtained by adding the above-described risk identification plan to the data structure described in FIG. As shown in FIG. 22, a risk item list: RIL-0004 is newly created by setting a risk identification plan. Further, the relevance that the added risk item list refers to RIL-0001-V3 is also shown.

  The conceptual data structure in FIG. 22 will be specifically described by the data contents held in the risk item list related information management table shown in FIG. The data content held in the risk item list related information management table shown in FIG. 23 is the risk item list: RIL-0004 relative to the data held in the risk item list related information management table described in FIG. It has been added.

  Further, along with data registration in the risk item list related information management table, a risk item list: RIL-0004 is newly added to the risk item list information management table described in FIG. Specifically, a risk item list: RIL-0004 is added to the risk item list information management table described in FIG. 6 so as to be held in the risk item list information management table shown in FIG. In this case, values such as the number of occurrences, the degree of influence, the number of occurrences, etc. are held for each risk item in the newly added risk item list: RIL-0004, which is input as a result of risk identification described later. This value is retained after the process is performed, and this value is not set in the risk identification plan creation process described above.

  Next, the operation when inputting the risk identification result will be described with reference to FIGS. 25 to 28. Here, the description will be given with a focus on the flowchart shown in FIG.

  When the risk identification planner accesses the server 20 using the Web browser or the like of the client 10, the risk management menu screen described with reference to FIG. 11 is displayed on the output unit 12 of the client 10 (step S501). Here, “input risk identification result” is selected.

  When the risk identification planner selects “input risk identification result” (step S502), the risk identification plan menu screen shown in FIG. 26 is displayed on the output unit 12 of the client 10 (step S503). ). On the risk identification plan menu screen, a risk identification plan to be input as a result of risk identification is selected. Here, when the risk identification planner presses the selection button provided in the risk identification plan column, a list of the names of the risk identification plans is displayed. Specify the risk identification plan to be entered. Here, the bio patent search schedule / risk identification plan is selected.

  When the decision button provided at the bottom of the screen is pressed after selecting the risk identification plan (step S504), the risk identification result input screen shown in FIG. 27 is displayed on the output unit 12 of the client 10 (step S504). S505). The risk identification result input screen is large and is divided into a risk identification plan area located at the top of the screen and a risk identification result input area located at the bottom of the screen. The risk identification plan area is an output item, and the input area of the risk identification result is an input / output item.

  The risk identification plan area includes the project name, risk category name, referenced risk item list name, applied risk identification technique, higher version risk item list name, lower version risk item list name, upper reference risk item list name The risk item list name of the lower reference and the plan message are displayed, and the text input area for inputting the risk identification result for the risk item is displayed in the risk identification result input area. In addition, an edit button for instructing start of editing of the text input area, a registration button for instructing registration after editing, a clear button for clearing the input contents to the text input area, and the like are provided at the bottom of the screen.

  When the risk identification result input screen is displayed, the risk identification result is input by the risk identification planner. That is, the risk identification result is input for each risk item (step S506). In the input area of the risk identification result shown in FIG. 27, only the risk item number, risk item, occurrence probability, influence degree, and the like are displayed, but other items are displayed by adjusting the slider.

  Here, for example, when a “detail button” attached to the item of the reference item list in FIG. 27 is pressed, the screen shown in FIG. 28 is displayed. In the screen shown in FIG. 28, the details of the reference item list are displayed in the rectangular area of “risk identification plan (details)”. That is, the upper version, the lower version, the upper reference, and the lower reference in the screen shown in FIG. 27 are replaced with information display areas related to the survey schedule / risk (RIL-0001-V3). The risk identification planner conducts brainstorming with reference to the contents of the research schedule / risk (RIL-0001-V3), and bio patent search schedule risk (RIL-0004) in the input area of the risk identification result immediately below the brainstorming The risk items, occurrence probability, impact level, etc. are input. The probability of occurrence and the degree of influence input at this time are not actually measured, but are estimated values at the time when risks are identified. When brainstorming is performed, this screen is displayed on the projector in the conference room, and risks are identified while referring to the contents of the reference item list. That is, the risk item, occurrence probability, degree of influence, etc. of the bio patent research schedule risk (RIL-0004) are entered while referring to the research schedule / risk (RIL-0001-V3). Of course, you can use this screen when you are studying individually, or when you gather information by conducting a data survey or interviewing an expert, refer to this screen and enter your personal information by brainstorming. You may make it perform. Further, when interviewing an expert directly, this screen may be displayed at the time of the interview, and this screen may be used in the form of both an interview with the expert and a brainstorming to the expert.

  Here, when the download button located at the bottom of the screen is pressed, the value of the reference risk item list is read into the list in the input area of the risk identification result. It should be noted that reading may be performed from an external file or a risk item list of a higher version into a list in the input area of the risk identification result.

  Here, it has been described that such a screen is displayed when the detailed button provided in the reference risk item list in the screen of FIG. 27 is pressed, but in addition to this, in the screen of FIG. If a risk item list is designated as an upper version, lower version, upper reference, or lower reference in any of the fields, a detailed button is displayed along with the risk item list. The same screen as that described above is performed.

  When the risk identification result is input, the risk identification planer presses a registration button provided at the bottom of the screen to instruct registration of the input information. Then, on the server 20 side that has received this press, the risk identification result input unit 58 registers the input content in the risk item information database 41 (step S507). That is, data is registered in the risk item list information management table described with reference to FIG. The data contents held in the risk item list information management table described with reference to FIG. 24 are based on the input contents from the risk identification result input screen shown in FIG.

  Next, Example 2 will be described. In the second embodiment, details of the leak score analysis process in step S114, the noise score analysis process in step S116, and the recommended risk identification technique analysis process in step S118 will be described.

  First, details of the evaluation information database 44 that is not described in the first embodiment will be described with reference to FIGS. 29 to 31.

  The evaluation information database 44 includes a leakage score (number of risk items) information management table, a leakage score (number of project days) information management table, a leakage score (overall evaluation) information management table, a noise score (number of risk items) information management table, and noise. A score (risk occurrence ratio) information management table, a noise score (overall evaluation) information management table, and a risk identification technique information management table are configured.

  The leakage score (number of risk items) information management table has a function to hold the evaluation score of the leakage score based on the number of risk items. As the table configuration, the leakage score by the number of risk items, the number of risk items per risk item list Hold. According to the settings stored in the leakage score (number of risk items) information management table shown in FIG. 29 (a), if the number of risk items included in the risk item list is small, it is suspected that there are many leakages of risk items. Therefore, those with a small number of risk items, specifically those with 5 or less risk items are given a high score of 3 points, and those with a certain number of risk items, specifically the number of risk items If there are 11 items or more, it is considered that there is little leakage, and 1 point which is a low score is given, and if it is between 6 items and 10 items in the meantime, 2 points will be given to the score.

  The leakage score (project days) information management table has a function of holding evaluation points of leakage scores based on the project days, and holds a leakage score and project days according to the project days as its table configuration. According to the setting contents held in the leakage score (project days) information management table shown in FIG. 29B, it is suspected that there are many risk items being leaked when the number of days since the project started is small. Those with a small number of days, specifically those with 30 days or less, are given a high score of 3 points, and those with a certain number of days have passed, specifically those with 121 days or more have passed. 1 point, which is a low score, is given, and if it is between 31 days and 120 days, 2 points are given to the score.

  The leakage score (overall evaluation) information management table functions to hold the overall evaluation score of the leakage score, and holds the overall leakage score and the total leakage score as its table configuration. The total leakage score is a value obtained by adding the leakage score based on the number of risk items and the leakage score based on the project days. According to the setting contents held in the leakage score (overall evaluation) information management table shown in FIG. 29 (c), if the total leakage score is 2 points or less, 1 point is given to the overall leakage score, and similarly 3 points. If it is between 5 points, 2 points will be given, and if it is 6 points or more, 3 points will be given.

  The noise score (number of risk items) information management table has a function to hold the evaluation score of the noise score based on the number of risk items. As the table configuration, the noise score according to the number of risk items and one risk item list Holds the number of risk items. According to the settings stored in the noise score (number of risk items) information management table shown in FIG. 30 (a), a risk that is unlikely to occur if the number of risk items included in the risk item list is too large. Since it is suspected that there is a high possibility that items are included, those with a large number of risk items, specifically those with 21 or more risk items are given a high score of 3 points, and some risk items If there are numbers, specifically, if the number of risk items is 10 or less, 1 point is given as a low score, and if it is between 11 items and 20 items, 2 points are given to the score.

  The noise score (risk occurrence rate) information management table functions to hold the evaluation score of the noise score based on the risk occurrence rate, and the table configuration includes the noise score according to the risk occurrence rate, and per risk item list Holds the number of risk items. According to the settings stored in the noise score (risk occurrence ratio) information management table shown in FIG. 30 (b), it may occur when the ratio of the number of risked items to the total number of risk items is small. Since it is suspected that there is a high possibility of including low-risk risk items, those with a low risk occurrence rate, specifically those with an occurrence rate of 50% or less, are given a high score of 3 points, to some extent If there is a risk occurrence rate, specifically, if the occurrence rate is 71% or higher, 1 point is given as a low score, and if it is between 51% and 70%, 2 points are given to the score .

  The noise score (overall evaluation) information management table functions to hold the overall evaluation score of the noise score, and holds the overall noise score and the total noise score as the table configuration. The total noise score is a value obtained by adding the noise score based on the number of risk items and the noise score based on the risk occurrence rate. According to the setting contents held in the noise score (total evaluation) information management table shown in FIG. 30C, if the total noise score is 2 points or less, 1 point is given to the total noise score, and the same If between 3 and 5 points, 2 points will be given, and if 6 points or more, 3 points will be given.

  The risk identification technique information management table functions to hold evaluation points assigned to the risk identification technique, and holds evaluation points and risk identification techniques as its table configuration. According to the setting contents held in the risk identification technique information management table shown in FIG. 31, a high evaluation score is given for an identification technique that is low in risk identification and requires less leakage and noise. In addition, a low evaluation score is given to an identification technique having a lot of leakage and noise.

  Note that the evaluation information database 44 described with reference to FIGS. 29 to 31 is merely an example, and the table configuration can be changed as appropriate. These tables may be changed by function calculation or mathematical expression calculation. For example, in this case, the total evaluation score is a simple total value, but a coefficient expressing a weight may be applied, or some constant may be added. Moreover, although a comprehensive evaluation score is calculated based on two values, there may exist more than that. In FIG. 29 to FIG. 31, there are three evaluation stages, but the present invention is not limited to this stage.

  Here, the setting contents of each table held in the evaluation information database 44 are set based on an empirical rule, survey analysis, or the like by an administrator or the like. Each setting content held in these tables is input from, for example, the evaluation information setting screen shown in FIG. In this case, the leak score is selected in the tab at the top of the screen, so an entry field for information on the leak score is displayed, but by switching the tab to the noise score and risk identification technique, other information about the information is displayed. Input is also possible.

  Subsequently, prior to the description of each operation in the leakage score analysis process, the noise score analysis process, and the recommended risk identification technique analysis process, the process in each step of FIG. 9 and FIG. Different points will be described.

  First, the contents shown in FIG. 33 are input to the search condition input screen displayed in step S103 of FIG. That is, the search is performed by selecting the check boxes provided for the score analysis process, the noise score analysis process, and the recommended risk identification technique analysis process. Note that the search condition based on the input content is held with the content indicated by “search condition ID: LUC-0002” in FIG. 13 described in the first embodiment.

  In this case, the analysis result held in step S121 in FIG. 10 is held in the data structure shown in FIGS.

  FIG. 34 shows analysis results that are retained when leakage score analysis is performed. Search result ID, risk item list ID, number of risk items, leakage score based on the number of risk items, project days, leakage due to project days Includes score and overall leak score.

  FIG. 35 shows analysis results that are retained when noise score analysis is performed. Search result ID, risk item list ID, number of risk items, noise score based on the number of risk items, items in which risk has occurred Number, risk rate, noise score by risk rate, and overall noise score.

  FIG. 36 shows analysis results that are retained when the recommended risk identification technique analysis is performed, and includes a search result ID, a risk item list ID, an applied risk identification technique, and a recommended risk identification technique.

  The search result screen displayed in step S122 of FIG. 10 has the configuration shown in FIG. The difference from the search result screen illustrated in FIG. 16 in the first embodiment is the lower portion of the screen and various analysis result portions. That is, in the column of various analysis results indicating analysis results, leakage score analysis, noise score analysis, and recommended risk identification technique analysis are displayed as applied analysis, and immediately below that, the risk items searched by the keyword condition are displayed. The leakage score, noise score, and analysis result of the recommended risk identification technique for each list will be displayed. The search result screen shown in FIG. 37 includes the search result (search result ID: LUR-0002) described in FIG. 14 of the first embodiment and the analysis result (search result ID: LUR-) described in FIGS. 0002).

  Here, the detailed operation of the leakage score analysis process in step S114 of FIG. 10 will be described with reference to FIG.

  In the leak score analysis process, leak score analysis is performed on the risk item list held in step S110 of FIG. When the leak score analysis process is started, first, the risk item list ID to be analyzed is acquired from the search result (see FIG. 14) held in the search / analysis result holding unit 53. If there are a plurality of corresponding risk item list IDs, a plurality are obtained (step S601).

  When the risk item list ID to be analyzed is acquired, a leakage score is derived based on the number of risk items included in the risk item list ID. In this process, first, the risk item information database (FIG. 6: risk item list information management table) 41 is searched based on the risk item list ID acquired in step S601, and the number of risk items included in the risk item list is acquired. (Step S602). Thus, when the number of risk items is determined, the leakage score in the case of the number of risk items is acquired from the leakage score (number of risk items) information management table described with reference to FIG. For example, in the case of “risk item list ID: RIL-0001-V3”, it is found from the risk item list information management table in FIG. 6 that the number of risk items is 5, and from the leakage score (risk item list) information management table. It can be seen that the leakage score is 3 in the case of the number of risk items. The leakage score derived in this way is held as an analysis result in the leakage score and the number of risk items in FIG. 34 together with the number of risk items (step S603).

  When the leakage score based on the number of risk items is derived, the leakage score based on the number of project days is subsequently derived. In this process, first, the risk item information database (FIG. 5: risk item list related information management table) 41 and the project information database (FIG. 8: project information management table) 43 are searched based on the risk item list ID acquired in step S601. The start date of the project related to the risk item list ID is acquired. Then, after calculating the elapsed days of the project from the acquired project start date (step S604), the leakage score (project days) information management table described with reference to FIG. Get the score. For example, in the case of “risk item list ID: RIL-0001-V3”, it is understood from the risk item list related information management table in FIG. 5 and the project information management table in FIG. 8 that the project ID is PJ-002. It can be seen that the project start date is April 08, 2004. If the current date is February 22, 2007, the project days are 1051 and the leakage score based on the project days is 1. The leakage score derived in this way is held as the analysis result in the leakage score by the project days and the project days in FIG. 34 together with the project days (step S605).

  Finally, a total leakage score is derived from the leakage score based on the number of risk items derived in step S603 and step 605 and the leakage score based on the project days. The leak score based on the number of risk items and the leak score based on the project days are totaled, and the total leak score based on the total value is acquired from the leak score (overall evaluation) information table described in FIG. The leak score derived in this way is held as an analysis result in the total leak score in FIG. 34 (step S606).

  Next, the detailed operation of the noise score analysis process in step S116 of FIG. 10 will be described using FIG.

  In the noise score analysis process, the noise score is analyzed for the risk item list held in step S110 of FIG. When the noise score analysis process is started, first, the risk item list ID to be analyzed is acquired from the search result (see FIG. 14) held in the search / analysis result holding unit 53. If there are a plurality of corresponding risk item list IDs, a plurality are obtained (step S701).

  When the risk item list ID to be analyzed is acquired, a noise score is derived based on the number of risk items included in the risk item list ID. In this process, first, the risk item information database (FIG. 6: risk item list information management table) 41 is searched based on the risk item list ID acquired in step S701, and the number of risk items included in the risk item list is acquired. (Step S702). Thus, when the number of risk items is found, the noise score in the case of the number of risk items is acquired from the noise score (number of risk items) information management table described with reference to FIG. For example, in the case of “risk item list ID: RIL-0001-V3”, it can be seen from the risk item list information management table in FIG. 6 that the number of risk items is 5, and the noise score (risk item list) information management table It can be seen that the noise score is 1 in the case of the number of risk items. The noise score derived in this way is held as an analysis result in the noise score and the number of risk items in FIG. 35 together with the number of risk items (step S703).

  After the derivation of the noise score based on the number of risk items, the noise score is derived based on the risk occurrence rate. In this process, first, the risk item information database (FIG. 6: risk item list information management table) 41 is searched based on the risk item list ID acquired in step S701, and the number of risk items included in the risk item list, the risk The number of risk items in which at least one risk has occurred among the items is acquired (step S704). Then, a risk occurrence ratio is calculated based on the acquired number of risk items and the number of risk items where a risk has occurred, and a noise score is derived. Specifically, the risk occurrence ratio is calculated by calculating the formula: (number of risk items in which risk has occurred) ÷ (number of risk items) × 100% (step S705), and the noise score is calculated based on the risk occurrence ratio. (Risk occurrence ratio) The information management table is searched, and a noise score corresponding to the occurrence ratio is acquired. For example, in the case of “risk item list ID: RIL-0001-V3”, it can be seen from the risk item list information management table in FIG. 6 that the number of risk items is five. From this, it can be seen that the number of risk items in which the risk has occurred is three. Then, if both numerical values are substituted into the above formula, the risk occurrence ratio is calculated to be 60%. Further, it can be seen from the noise score (risk item list) information management table that the noise score is 2 in the case of the risk occurrence rate. The noise score derived in this way is held as an analysis result in the noise score and the risk occurrence ratio according to the risk occurrence ratio in FIG. 35 together with the risk occurrence ratio (step S706).

  Finally, a total noise score is derived from the noise score based on the number of risk items derived in steps S703 and S706 and the noise score based on the risk occurrence rate. The noise score based on the number of risk items and the noise score based on the risk occurrence ratio are totaled, and the total noise score based on the total value is acquired from the noise score (total evaluation) information table described with reference to FIG. The noise score derived in this way is held as an analysis result in the total noise score in FIG. 35 (step S707).

  Next, the detailed operation of the recommended risk identification technique analysis process in step S118 of FIG. 10 will be described using FIG.

  In the recommended risk identification technique analysis process, the recommended risk identification technique score is analyzed for the risk item list held in step S110 of FIG. When the recommended risk identification technique analysis process is started, first, the risk item list ID to be analyzed is acquired from the search result (see FIG. 14) held in the search / analysis result holding unit 53. If there are a plurality of corresponding risk item list IDs, a plurality are obtained (step S801).

  When the risk item list ID to be analyzed is acquired, the risk identification technique for each risk item included in the risk item list ID is acquired. That is, the risk item information database (FIG. 6: risk item list information management table) 41 is searched based on the risk item list ID acquired in step S801, and the risk identification applied to each risk item included in the risk item list. A technique is acquired (step S802).

  When acquisition of the applied risk identification technique is completed, subsequently, an evaluation score corresponding to the risk identification technique is acquired from the risk identification technique information management table described with reference to FIG. 31 based on the risk identification technique. Then, a recommended risk identification technique is derived based on the evaluation points. For example, if a risk identification technique with a low evaluation score has been applied, a risk identification technique with the lowest evaluation score among those not applied is selected and used as a recommended risk identification technique. The recommended risk identification technique derived in this way is held as an analysis result in the recommended risk identification technique and the applied risk identification method in FIG. 36 together with the applied risk identification technique (step S803).

  The above is the description of the second embodiment. In the second embodiment, the case where the leak score analysis, the noise score analysis, and the recommended risk identification technique analysis are performed simultaneously has been described. Of course, these analysis processes can also be performed separately.

  Next, Example 3 will be described. In the third embodiment, details of the recommendation ranking process in step S120 of FIG. 10 will be described.

  First, the input contents on the search condition input screen will be described with reference to FIG. This screen is the same as the screen described in FIG. 12 of the first embodiment, and the difference is in the input contents. That is, in the search condition input screen shown in FIG. 41, a check box attached to each of the score analysis process, noise score analysis process, and recommended risk identification technique analysis process and a check box attached to the recommendation ranking are selected. . When the recommended ranking check box is selected, the risk item list that matches the search is ranked based on a predetermined criterion. The predetermined standard is a priority given to the analysis result made on the risk item list. In other words, when performing the recommendation ranking, one or more analysis processes need to be selected. The search condition based on the input content is held with the content indicated by “search condition ID: LUC-0003” in FIG. 13 described in the first embodiment.

  In the search condition input screen, when a check box attached to the recommended ranking is selected, a screen for setting a reference for ranking is displayed. This is a recommended ranking reference setting screen that is not described in step S106 in FIG.

  As shown in FIG. 42, on the recommended ranking criteria setting screen, a pull-down menu is provided in addition to each item of leakage score, noise score, recommended risk identification technique, and keyword. Is done. When a pull-down menu is selected, no priority, 1, 2, 3, 4 are displayed. In addition, this value shows that a priority is so high that the numerical value is small.

  In addition to pull-down menus, radio buttons are also used for setting priorities. For example, in the case of a leak score, the priority can be set to either the order with the least leak or the order with the most leak. For the noise score, the priority is set to either the order with the least noise or the order with the most noise. The recommended risk identification technique can be prioritized in either a difficult technique order or an easy technique order. Also, priority can be set for keywords. Here, for example, in the recommended ranking criteria setting screen shown in FIG. 42, 1 is set as the priority of the keyword, 2 is set as the priority of the leak score, and the order of less leak is specified in the leak score analysis. After the ranking is determined based on the keyword that is the first criterion, the ranking is determined based on the leakage score that is the second criterion from the ones with less leakage. For example, if a plurality of risk item lists that match the keyword are selected, the higher ranks are assigned to those with the least leak using the leak score. That is, by performing this ranking, higher rankings are performed in order from the analysis result intended by the risk identification planner.

  Here, prior to the description of the operation of the recommendation ranking process, differences from the first embodiment will be described regarding the processing in each step of FIGS. 9 and 10 described in the first embodiment.

  First, the contents shown in FIG. 41 are input to the search condition input screen displayed in step S103 of FIG. 9 as described above.

  Further, the data structure shown in FIG. 43 is added to the search condition held in step S108 of FIG. That is, information corresponding to the recommended rank reference ID in FIG. 13 described in the first embodiment is additionally held as recommended rank reference information. In this data structure, priority of leak score, order of least leak, order of leak, priority of noise score, order of less noise, order of noise, corresponding to recommended rank criterion ID, recommended risk identification Technique priority, difficult technique order, easy technique order, keyword priority, and keywords are retained. This holds contents input from the recommended ranking criteria setting screen described in FIG. Here, none, 1, 2, 3, or 4 is held in the value indicating the priority, and any one selected by the radio button is held as either ON or OFF. Holds a keyword.

  In step S121 of FIG. 10 in this case, the recommendation ranking result made for the risk item list that matches the search is held in the data structure shown in FIG. In this data structure, information including a risk item list ID and a recommendation order is held corresponding to the search result ID.

  Further, the search result screen displayed in step S122 of FIG. 10 has the configuration shown in FIG. The difference from the search result screen illustrated in FIG. 16 in the first embodiment is the lower portion of the screen and various analysis result portions. That is, in the column of various analysis results indicating analysis results, leakage score analysis, noise score analysis, and recommended risk identification technique analysis are displayed as applied analysis, and immediately below it are risk items searched by keyword conditions. Along with the analysis results of the leakage score, noise score, and recommended risk identification technique for each list, ranking is performed according to the analysis results. The search result screen shown in FIG. 45 includes the search result (search result ID: LUR-0003) described in FIG. 14 of the first embodiment and the analysis result (search result) described in FIGS. 34 to 36 of the second embodiment. ID: LUR-0003), which is displayed based on the recommended ranking result described with reference to FIG.

  Here, the detailed operation of the recommendation ranking process in step S120 of FIG. 10 will be described with reference to FIGS.

  When the recommendation ranking process is started, the risk item list held in step S110 of FIG. 9 is acquired. That is, the risk item list ID to be ranked is acquired from the search result (see FIG. 14) held in the search / analysis result holding unit 53. If there are a plurality of corresponding risk item list IDs, a plurality of risk item list IDs are acquired (step S901).

  Subsequently, a priority list in which the priorities that are the criteria for ranking are collected is created (step S902). The created priority list has a data structure shown in FIG. In this data structure, the reference is held corresponding to the priority. This is created based on the recommended ranking criteria information described in FIG. In this case, a value based on the input content from the recommended ranking reference setting screen described with reference to FIG. 42 is held.

  When the priority list is created, the risk item list ID acquired in step S901 is ranked based on the priority list created in step S902. First, ranking is performed based on a high priority standard (step S903). In this case, RIL-0001-V3, RIL-0002, and RIL-0003-V2 are ranked based on the first reference with priority 1 set and the second reference with priority 2 set. Done. That is, since a keyword is set for priority 1, first, a risk item list including a “keyword: survey” word is searched. Here, it is assumed that RIL-0001-V3 and RIL-0002 match the keywords. This result is held as intermediate data shown in FIG.

  Subsequently, it is determined whether there is another priority (step S904). This determination is made by referring to the priority list. In this case, since there is a second reference in which priority 2 is set, it is determined that there is another priority. If there is no other priority (NO in step S904), the recommendation ranking result described in FIG. 44 is created based on the intermediate data described in FIG. 47 (step S907), and this process ends. .

  Here, if there is another priority (YES in step S904), it is determined whether or not there is one in the same ranking among the rankings based on the first reference (step S905). ). For example, in this case, RIL-0001-V3 and RIL-0002 correspond to the keywords based on the first criterion, so that it is determined that there are those in the same order. If none of the items has the same rank (NO in step S905), the process of step S907 is executed in the same manner as described above, and then the process ends.

  If there are those that have the same order (YES in step S905), rankings based on the next highest priority are performed on the same order (step S906). That is, the ranking is performed for those having the same ranking based on the second reference with the priority 2 set. In this case, since the second criterion is a leak score, and a higher rank is assigned from the least leak, RIL-0001-V3 is given a higher rank than RIL-0002. This result is updated to the intermediate data shown in FIG. Thereafter, the processing from step S904 to step S906 is repeated until there is no risk item list corresponding to the priority set in the priority list described in FIG.

  Although the above is an example of typical embodiment of this invention, this invention is not limited to the Example shown to the said and drawing, It can implement suitably deform | transforming within the range which does not change the summary. .

  For example, the processing in the client 10 and the server 20 described in the above embodiments may be implemented by a program installed in a computer. This program can be provided not only by a communication means such as a network but also by storing it in a recording medium such as a CD-ROM.

It is a figure which shows an example of the whole structure of a risk identification plan assistance system. It is a figure which shows a part of functional structure of the server 20 shown in FIG. It is the 1st figure which showed notionally the data structure in the risk item information database 41 shown in FIG. It is a figure which shows an example of the table structure of a risk classification related information management table. It is a figure which shows an example of a table structure of a risk item list related information management table. It is a figure which shows an example of a table structure of a risk item list information management table. It is a figure which shows an example of a table structure of a risk identification plan information management table. It is a figure which shows an example of a table structure of a project information management table. It is a 1st flowchart which shows the flow of operation | movement at the time of searching the risk item list accumulate | stored in the past. It is a 2nd flowchart which shows the flow of operation | movement at the time of searching the risk item list accumulate | stored in the past. It is a figure which shows an example of the screen layout of a risk management menu screen. It is a figure which shows an example of the screen layout of a search condition input screen. It is a figure which shows an example of a data structure when a search condition is hold | maintained internally. It is a figure which shows an example of a data structure when a search result is hold | maintained internally. It is a figure which shows an example of a data structure when the analysis result (summary analysis) in step S112 of FIG. 10 is hold | maintained internally. It is a figure which shows an example of the screen layout of a search condition input screen. It is a flowchart which shows the flow of operation | movement of the summary analysis process in FIG.10 S112. It is a flowchart which shows the flow of operation | movement at the time of displaying a risk item list detailed screen. It is a figure which shows an example of the screen layout of a risk item list detailed screen. It is a flowchart which shows the flow of operation | movement at the time of performing a risk identification plan. It is a figure which shows an example of the screen layout of a risk identification plan creation screen. It is the 2nd figure which showed notionally the data structure in the risk item information database 41 shown in FIG. It is a figure which shows an example of a table structure of a risk item list related information management table. It is a figure which shows an example of a table structure of a risk item list information management table. It is a flowchart which shows the flow of operation | movement at the time of inputting the result which identified the risk. It is a figure which shows an example of the screen layout of a risk identification plan menu screen. It is a figure which shows an example of the screen layout of the result input screen of risk identification. It is a figure which shows an example of the screen layout of the result input screen of risk identification. FIG. 3 is a first diagram showing data (table) managed in an evaluation information database 44 shown in FIG. 2. FIG. 3 is a second diagram showing data (table) managed in the evaluation information database 44 shown in FIG. 2. FIG. 6 is a third diagram showing data (table) managed in the evaluation information database 44 shown in FIG. 2. It is a figure which shows an example of the screen layout of an evaluation information setting screen. It is a figure which shows an example of the screen layout of a search condition input screen. It is a figure which shows an example of a data structure when an analysis result (leakage score analysis) is hold | maintained internally. It is a figure which shows an example of a data structure when an analysis result (noise score analysis) is hold | maintained internally. It is a figure which shows an example of a data structure when an analysis result (recommended risk identification technique analysis) is hold | maintained internally. It is a figure which shows an example of the screen layout of a search result screen. It is a flowchart which shows the flow of operation | movement of the leak score analysis process in FIG.10 S114. It is a flowchart which shows the flow of operation | movement of the noise score analysis process in step S116 of FIG. It is a flowchart which shows the flow of operation | movement of the recommended risk identification technique analysis process in step S118 of FIG. It is a figure which shows an example of the screen layout of a search condition input screen. It is a figure which shows an example of the screen layout of a recommendation ranking reference | standard setting screen. It is a figure which shows an example of the data structure of recommendation ranking reference information. It is a figure which shows an example of a recommendation ranking result. It is a figure which shows an example of the screen layout of a search result screen. It is a flowchart which shows the flow of operation | movement of the recommendation ranking process in step S120 of FIG. It is a figure which shows an example of the intermediate data produced in the recommendation ranking process. It is a figure which shows an example of the table structure of an influence degree table.

Explanation of symbols

10 Client 20 Server 11, 21 Main control unit 12, 22 Output unit 13, 23 Input unit 13, 24 External storage unit 15, 25 Main storage unit 16, 26 Bus 30 Network 40 Risk information management unit 41 Risk item information database 42 Risk Identification plan database 43 Project information database 44 Evaluation information database 50 Risk identification plan management unit 51 Search condition / application analysis information holding unit 52 Acquisition unit 52a Search unit 52b Selection unit 53 Search / analysis result holding unit 54 Display processing unit 54a Screen generation unit 55 Analysis Unit 55a Summary Analysis Unit 55b Leakage Score Analysis Unit 55c Noise Score Analysis Unit 55d Recommended Risk Identification Technique Analysis Unit 56 Recommended Ranking Control Unit 56a Recommended Ranking Processing Unit 56b Priority Assignment Unit 57 Risk Identification Plan Creation Unit 58 Squirrel Identification result input section 59 risk identification plan main control unit

Claims (14)

A management means for managing a risk item group including one or more risk items;
Obtaining means for obtaining a risk item group related to the activity from the management means;
Analysis means for analyzing characteristics indicating effectiveness in identifying risk of activity for the risk item group acquired by the acquisition means;
A risk identification plan support system comprising: display means for displaying the characteristics analyzed by the analysis means. The analysis means includes
2. At least one of an occurrence probability of an event due to a risk item included in the risk item group acquired by the acquisition means, an influence degree thereof, an occurrence frequency thereof, and an event occurrence frequency in the entire risk item group is analyzed. The risk identification plan support system described. The analysis means includes
Analyzing the degree of leakage of risk items for the risk item group acquired by the acquisition means,
The display means includes
The risk identification plan support system according to claim 1, wherein an evaluation value related to a degree of leakage of the risk item analyzed by the analysis unit is displayed. The evaluation value is
A first evaluation value derived based on the number of risk items included in the risk item group acquired by the acquisition means;
A second evaluation value derived based on the number of days the risk item group has been used,
The risk identification and identification plan support system according to claim 3, comprising at least one of a third evaluation value derived based on the first evaluation information and the second evaluation information. The analysis means includes
Analyzing the degree to which unnecessary risk items are included for the risk item group acquired by the acquisition means,
The display means includes
The risk identification plan support system according to claim 1, wherein an evaluation value relating to a degree to which the unnecessary risk item analyzed by the analysis unit is included is displayed. The evaluation value is
A first evaluation value derived based on the number of risk items included in the risk item group acquired by the acquisition means;
A second evaluation derived based on a ratio of risk items in which an event has occurred in the risk items included in the risk item group;
The risk identification plan support system according to claim 5, comprising at least one of a third evaluation value derived based on the first evaluation value and the second evaluation value. The analysis means includes
Analyzing the risk item identification method used to identify the risk items included in the risk item group acquired by the acquisition means,
The display means includes
The risk identification plan support system according to claim 1, wherein a risk item identification method recommended based on an analysis result by the analysis means is displayed. An assigning means for giving a predetermined priority to the information indicating the effectiveness of the analysis by the analysis means;
A ranking processing means for ranking the risk item group analyzed by the analyzing means based on a predetermined priority given by the giving means;
The display means includes
The risk identification plan support system according to claim 1, wherein the effectiveness and the ranking ranked by the ranking processing means are displayed corresponding to the risk item. A preparation means for preparing a risk identification plan;
The display means includes
The risk identification plan support system according to claim 1, wherein the risk item group acquired by the acquisition unit is displayed when the risk identification plan is generated by the generation unit. A preparation means for preparing a risk identification plan;
The display means includes
2. When the risk identification group is acquired by the acquisition unit when the risk identification plan is generated by the generation unit, the characteristics analyzed by the analysis unit are displayed corresponding to the risk item. Risk identification plan support system. Input means for inputting a risk identification result for the risk identification plan created by the creation means;
The management means includes
The risk identification plan support system according to claim 9 or 10, wherein the risk identification result input from the input unit is managed in association with the risk item. The risk item group is classified into a plurality of categories,
The acquisition means includes
The risk identification plan support system according to claim 1, wherein the acquisition is performed based on information on a classification for classifying the risk item group and information on the risk item group. An acquisition means for acquiring a risk item group related to an activity from a risk item group including one or more risk items;
Analysis means for analyzing characteristics indicating effectiveness in identifying risk of activity for the risk item group acquired by the acquisition means;
A risk identification plan support apparatus comprising: display processing means for displaying the characteristics analyzed by the analysis means. Computer
An acquisition means for acquiring a risk item group related to an activity from a risk item group including one or more risk items;
Analyzing means for analyzing characteristics indicating effectiveness in identifying risk of activity with respect to the risk item group acquired by the acquiring means;
A risk identification plan support program for functioning as display processing means for displaying characteristics analyzed by the analysis means.

Images