曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
formally documenting the acceptance of the residual mishap risk of the system by the appropriate
authority. The program manager should update this residual mishap risk and the associated
hazards to reflect changes/modifications in the system or its use. The program manager and
using organization should jointly determine the updated residual mishap risk prior to acceptance
of the risk and system hazards by the risk acceptance authority, and should document the
agreement between the user and the risk acceptance authority.
A.4.4.8 Tracking hazards and residual mishap risk. Track hazards, their closures, and
residual mishap risk. A tracking system for hazards, their closures, and residual mishap risk
must be maintained throughout the system life cycle. The program manager must keep the
system user apprised of system hazards and residual mishap risk.
MIL-STD-882D
APPENDIX A
23
A.4.4.8.1 Process for tracking of hazards and residual mishap risk. Each system must
have a current log of identified hazards and residual mishap risk, including an assessment of the
residual mishap risk (see A.4.4.7). As changes are integrated into the system, this log is updated
to incorporate added or changed hazards and the associated residual mishap risk. The
Government must formally acknowledge acceptance of system hazards and residual mishap risk.
Users will be kept informed of hazards and residual mishap risk associated with their systems.
A.4.4.8.1.1 Developer responsibilities for communications, acceptance, and tracking of
hazards and residual mishap risk. The developer (see 3.2.2) is responsible for communicating
information to the program manager on system hazards and residual mishap risk, including any
unusual consequences and costs associated with hazard mitigation. After attempting to eliminate
or mitigate system hazards, the developer will formally document and notify the program
manager of all hazards breaching thresholds set in the safety design criteria. At the same time,
the developer will also communicate the system residual mishap risk.
A.4.4.8.1.2 Program manager responsibilities for communications, acceptance, and
tracking of hazards and residual mishap risk. The program manager is responsible for
maintaining a log of all identified hazards and residual mishap risk for the system. The program
manager will communicate known hazards and associated risks of the system to all system
developers and users. As changes are integrated into the system, the program manager shall
update this log to incorporate added or changed hazards and the residual mishap risk identified
by the developer. The program manager is also responsible for informing system developers
about the program manager’s expectations for handling of newly discovered hazards. The
program manager will evaluate new hazards and the resulting residual mishap risk, and either
recommend further action to mitigate the hazards, or formally document the acceptance of these
hazards and residual mishap risk. The program manager will evaluate the hazards and associated
residual mishap risk in close consultation and coordination with the ultimate end user, to assure
that the context of the user requirements, potential mission capability, and the operational
environment are adequately addressed. Copies of the documentation of the hazard and risk
acceptance will be provided to both the developer and the system user. Hazards for which the
program manager accepts responsibility for mitigation will also be included in the formal
documentation. For example, if the program manager decides to execute a special training
program to mitigate a potentially hazardous situation, this approach will be documented in the
formal response to the developer. Residual mishap risk and hazards must be communicated to
system test efforts for verification.
A.5 SPECIFIC REQUIREMENTS
A.5.1 Program manager responsibilities. The program manager must ensure that all
types of hazards are identified, evaluated, and mitigated to a level compliant with acquisition
management policy, federal (and state where applicable) laws and regulations, Executive Orders,
treaties, and agreements. The program manager should:
A.5.1.1 Establish, plan, organize, implement, and maintain an effective system safety
effort that is integrated into all life cycle phases.
MIL-STD-882D
APPENDIX A
24
A.5.1.2 Ensure that system safety planning is documented to provide all program
participants with visibility into how the system safety effort is to be conducted.
A.5.1.3 Establish definitive safety requirements for the procurement, development, and
sustainment of the system. The requirements should be set forth clearly in the appropriate
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册下(124)
