Overall Bow-Tie Diagram


Overview

The Bowtie method is a risk evaluation method that can be used to analyze and demonstrate causal relationships in risk scenarios. The method takes its name from the shape of the diagram that you create, which looks like a men’s bowtie.

Bow-tie Diagram without controls  

The bow-time diagram for the Event "Failed Integration with Failure Monitoring System Network" from the Overall Source is displayed below.

The selected Event is displayed at the center of the diagram (circle). The event background color varies based on the event's %risk. 

The Sources of the selected event are displayed on the left side of the diagram (green boxes). 

The Objectives of the selected Event are at the right (blue boxes).

You can also define and analyze controls in a Bow-tie Diagram with Controls

You can view and analyze the following information: 

  • L - Likelihood of Sources
  • V - Vulnerabilities of events to sources
  • C - Consequences of Events on Objectives
  • P - Priority of Events on Objectives

Focusing on the first source and objective on the diagram:

  1. The Likelihood (L) of the Source  "Inadequate Trained Staff" is 6.24% (overall or global likelihood)
  2. The Vulnerability (V) of the Event "Failed Integration with Future Monitoring System Network" to the source "Inadequately Trained Staff" is 6.64% 
  3. The Consequence  (C) of the Event "Failed Integration with Future Monitoring System Network" on the Objective "Loss of Company Reputation" is 46.70
  4. The Priority (P) of Objective "Loss of Company Reputation" is 4.28%  (overall or global impact)

The Likelihood of the event to a given source (L*V), and the Impact of the event (C*P) on a given objective are shown on the connecting lines to the source/objective boxes:

  • The Likelihood of the Event  "Failed Integration with Future Monitoring System Network" to the source "Inadequately Trained Staff" is 0.41%
  • The Impact of the Event "Failed Integration with Future Monitoring System Network"  on the Objective "Loss of Company Reputation" is 2.0% 

The summation of likelihoods  (∑ "L*V") of the event to each source is the Overall Likelihood of the event, and the summation of impacts (∑ "C*P")  of the event on each objective is the Overall Impact of the event.

The event "Failed Integration with Future Monitoring System Network" has Overall Likelihood and Impact 15.55% and 6.25% respectively. 

The Overall Event Risk is then computed by Likelihoods * Impacts, 15.55% * 6.25% = 0.97%

You can select another Event to analyze from the Events list at the left:

Select Participant or Group

The bow-tie for the "All  Participants" group is displayed by default.  By selecting from the "Participants  and Groups" dropdown, you can display the bow-tie analysis for another participants or group:

Define Event Color (Region) 

Default colors are already provided for the events on the diagram based on the event's %risk. 

You can change this by clicking

Here you can specify the limits: Rh (risk high) and Rl (risk low) both for percentage or monetary. 

Given the limits, you can specify the 3 regions/colors: 

  • High Risk 
  • Mid (in-between) Risk
  • Low Risk 

Export Bow-tie to Excel or Image Format

Click to export the bowtie into a .xlsx file. 

Click  link to download the diagram as an image file (.jpeg)

Show Monetary Values

You can show the Monetary Values for Impacts and Risks.

Clicking  will open a modal where you can specify the monetary values. 

Simulated vs Computed Event Likelihoods, Impacts, and Risks (Flaw of Averages)

The risk of an event is the product of the event's likelihood and impact.  However, the computed likelihood of an event may depend on the event being caused by more than one threat. If these threats are not mutually exclusive, then the computed likelihood, based on the occurrence of the event from several can exceed the actual likelihood.  If in the real world an event takes place due to one threat, it is irrelevant that it would have also occurred due to another threat had the first one not caused the event.  This 'if' condition is a non-linearity in computation. To arrive at the actual likelihood of an event, we can use simulations that will avoid the 'double counting'.

Similarly, an objective that suffers consequences from one event, may also suffer consequences from other events.  The consequences can be cumulative but they cannot exceed the entire value of the objective so that this is another non-linearity that can be addressed with simulation.

Riskion has an option to show computed and simulated results.

Calculated results are displayed by default, checking the Simulated checkbox displays the simulated results. 

If all events have at most one threat, or all threats are mutually exclusive,  then the computed and simulated event likelihoods will be the same --  but this is rarely the case.

If each objective has losses due to only one event, then the computed and simulated impacts will be the same -- but this is rarely the case.

Preferences

Click the button to open the display and simulation settings modal. 

  • Events Numbers - select from ID, Inder, or Rank 
  • Display Settings
    • Consequences simulation mode: Diluted or Undiluted 
    • WRT calculation (applicable only when a lower node is selected) 
    • Show Total Risk - show hide the Total Risk below the grid for Diluted 
    • Decimals 
    • Show cents of Monetary Values 
  • Simulation Settings
    • Number of trials
    • Seed
    • Keep Seed
    • User Source Groups
    • User Event Groups