Bowtie Analysis and Barrier-Based Risk Management - Part 1

This article was originally published in the January-February 2018 issue of Pharmaceutical Engineering® magazine. Read the entire series:

Every business has legal, economical, and ethical objectives that range from mandatory safety to commercial goals to corporate citizenship. Businesses undertake a certain amount of risk to achieve these objectives. The balance between risk and reward is an ongoing challenge regardless of the activities involved. The bowtie technique can be used to visualize, assess, and manage risk.

By: David Hatch

ICH Q9 defines risk as "[t]he combination of the probability of occurrence of harm and the severity of that harm," and defines harm as "[d]amage to health, including the damage that can occur from loss of product quality or availability."1 ISO 31000 offers a broader definition of risk as the "effect of uncertainty on objectives."2 Hazards (assets or activities with the potential to cause adverse effects) exist and must be contained or controlled to avoid undesirable outcomes, particularly those that are unexpected. In the pharmaceutical industry, examples of hazards include flammable solvents or dust, and quality failures that lead to material reprocessing or rejection.

Safety, environmental concerns, quality, and asset management are not new topics, and proven standards exist to guide duty holders through their obligations. These can be very difficult to interpret, however, and problematic to implement. It’s also often a challenge to involve all stakeholders.

Bowtie analysis offers a simple but effective method to visualize risk and show that hazards are under control.

Bowtie Analysis

How and when the bowtie analysis originated is not completely clear, but the first bowtie diagrams appeared during a lecture on hazard analysis given at the University of Queensland, Australia, in 1979. In the early 1990s, the Royal Dutch Shell Group adopted the bowtie method as the company standard for analyzing and managing risk. Shell conducted extensive research in the application of the bowtie method and developed strict rules for the definition of all parts, based on their best practices. Shell’s primary motivation was the necessity of ensuring that appropriate risk barriers were in place throughout all worldwide operations.

Following Shell, the bowtie method rapidly gained support in the oil and gas industry, as the diagrams helped visualize oversight of risk-management practices. In the last decade, the bowtie method spread to the aviation, mining, maritime, chemical, and health care industries, to name a few.

Bowtie was created by merging two existing risk-analysis tools: fault trees, which illustrated the potential for multiple faults to lead to a single failure, and event trees, which illustrated the different effects that could be predicted from a single event. Together, these form a connected diagram that make relationships more obvious and provide a clear "line of sight" between causes (faults or failures) and effects.

At a high level, the bowtie for a hazard could look like Figure 1.



About the author

David Hatch is a Director of Process Safety Integrity and has more than 30 years of design, commissioning, operating and consulting experience in the life science, energy and chemical industries. This experience covers blue-chip operating companies, major multinational engineering contractors and control and safety system suppliers. He has a BSc(Hons) in chemical and process engineering from the University of Strathclyde, UK, is a Chartered Engineer, a Fellow of the Institution of Chemical Engineers in the UK, and an IChemE-certified Professional Process Safety Engineer. He holds several functional safety certifications, has contributed to the development of international alarm management standards including ANSI/ISA-18.2 and EEMUA 191, and was a co-author of "Functional Safety in the Life Science Industries," Pharmaceutical Engineering 28, no. 5 (September-October 2008). He can be contacted by email at


  1. International Conference on Harmonisation of Technical Requirements for Registration of Pharmaceuticals for Human Use. "Quality Risk Management: Q9." 9 November 2005.
  2. International Organization for Standardization: "ISO 31000: 2009—Risk Management Principles and Guidelines."