To obtain accurate results;

All kinds of data that may affect security must be collected,

The environmental conditions must be studied and defined,

The hazards must be identified in the light of collected data,

The hazards must be classified according to their severities and priorities,

The priorities for risk prevention must be determined.

The Risk Analysis is conducted following the order shown on the right;

The risk(s) are identified.

The probability and severity coefficients are determined for each risk;

The levels of probability are in the following order: low (1), medium (2), high (3), and very high (4).

The levels of severity are rated as low (1), medium (2), high (3), and very high (4).

Likelihood of each risk is identified. The situations regarding where, when and how the defined risk may occur are identified.

The probability value and the severity value determined for each risk are multiplied to obtain a risk coefficient.

A risk matrix is created for the facility.