Assurance cases , of which safety cases are one example , can be used to better understand and communicate risk and how it is managed . These cases can be used to produce an argument that a system meets safety goals ( e . g . in the safety case ), by providing evidence that supports the argument that the goal is achieved while taking the system context into account . Such assurance cases are most useful when used throughout the system development cycle . The cases also need to be actively maintained to reflect change , be challenged and communicated in order to better support the goals . They also need to address possible confirmation bias . One approach is to enhance the assurance case to include not only the risk analysis , but also explicitly an analysis of the confidence in the case itself 27 . Assurance cases in conjunction with a systems approach offer a way to improve trustworthiness .
Although risk management can improve outcomes , resilience management can contribute by having a positive impact when the unexpected does occur .
When a disruption occurs despite the efforts to mitigate the risk , resilience comes into play and enables the system to absorb the shock and to continue operating , perhaps in a reduced capacity , yet one that meets fundamental needs . Resilience includes the ability to take actions before a disruption occurs to anticipate it , to recover from a disruption and to learn and improve in anticipation of the next disruption . Resilience is not just technical – it includes organizational aspects as well . The resilience lifecycle is shown in Figure 4-1 :
Figure 4-1 : Resilience lifecycle .
27
Tim Kelly , “ Safety Cases ,” in Handbook of Safety Principles . Journal of Innovation 27