nasa risk management case study

Risk Management

NASA’s Risk Management program’s mission is to provide a unified risk management structure that applies to all agency activities and all applicable risks and interactions, and is integrated across organizational boundaries to ensure that risk management decisions are delegated and/or elevated to the appropriate level. It is also the program’s mission that every organization has access to the information needed from subordinate organizations to effectively manage risks at its level. Risk Management includes opportunity management — recognizing that spaceflight is an inherently risky endeavor and that the proper attitude towards risk management is to reach an optimal balance between minimizing the potential for loss while maximizing the potential for gain (opportunity).

The various forms of Risk Management that are being pursued at NASA include:

Strategic, program/project, institutional, acquisition, and enterprise RM.

All forms of Risk Management consist of two main processes:

• Risk- (and Opportunity-) Informed Decision Making  addresses informed selection of decision alternatives to assure effective approaches to achieving objectives.
• Continuous Risk (and Opportunity) Management  addresses implementation of the selected alternative to assure that requirements are met.

All forms of Risk Management are concerned with the management of both known and Unknown/Underappreciated (UU) risks. UU risks often are associated with organizational and management issues such as oversight effectiveness, attention to best practices and employment of robust margins.

Risk Management News

Cancellation of NPR 8705.5 Reflects Evolution of NASA Policy for Safety and Mission Success

NPR 8705.5, Technical Probabilistic Risk Assessment Procedures for Safety and Mission Success for NASA Programs and Projects was cancelled, a move consistent with the policy direction to be more objectives-driven, as defined in the recent update to  NPD 8700.1 , NASA Policy for Safety and Mission Success.

Changes to NPR 8000.4 Reflect Increased Relevancy of Cyber-Related Threats

Revision C of  NPR 8000.4 , Agency Risk Management Procedural Requirements went into effect on April 19, 2022. The changes made primarily reflect the increasing relevance of cyber-related threats and incidents across both government agencies and the private sector. The update reflects an action item from the NASA Enterprise Protection Board to the Office of Safety and Mission Assurance to make the subject of cybersecurity and cyber risk explicit within NPR 8000.4.

Revision B of NPR 8000.4

Changes to NPR 8000.4B, Agency Risk Management Procedural Requirements, went into effect on Dec. 6, 2017, thereby replacing NID 8000-108 and NPR 8000.4A.

NID 8000-108 Replaces NPR 8000.4A

OSMA Hosts Risk Management Summit to Address Key Challenges and Opportunities

The Office of Safety and Mission Assurance hosted a Risk Management (RM) summit to address key RM challenges and opportunities for the agency.

Agency Risk Management Working Group

The Agency Risk Management Working Group was established to promote Risk Management and best practices and implementation of agency-level Risk Management policies within NASA and to communicate risks to the Office of Safety and Mission Assurance. It addresses the opportunities, challenges and concerns noted by NASA centers that develop and implement center-level Risk Management policies, plans and processes.

The Agency Risk Management Working Group covers the spectrum of related activities across institutional Risk Management and program and project Risk Management. Best practices and lessons learned that are identified through this working group are shared to promote and enhance communication and collaboration across the centers.

Dr. Mary Skow

Agency risk management officer.

Learn more about Agency Risk Management Officer Dr. Mary Skow.

Dr. Homayoon Dezfuli

Risk management program manager.

Learn more about Risk Management Program Manager Dr. Homayoon Dezfuli.

Points of Contact

For details on contacting a Risk Management Point of Contact (PoC) for your location, click below.

SATERN Courses

This course covers in detail one of the two processes comprised in the NASA Risk Management process required by NPR 8000.4 . Its content is based on the NASA RIDM Handbook and it provides detailed guidance for implementing the RIDM requirements of NPR 8000.4, with a specific focus on programs and projects in the Formulation Phase. Content includes RIDM process interfaces, the technical details of the various steps in the RIDM process and a case study with opportunities for student participation that runs throughout the course to illustrate the key learning points. This course is intended for NASA program, project, mission support, institutional, systems engineering, and Safety and Mission Assurance personnel who wish to play a role in bringing about improved decision-making anywhere in the agency.

Policy and Guidance

Recommended reading, important links.

Dr. Mary R. Coan Skow, Ph.D., is the Agency Risk Management Officer. In this role, which she helped formulate and establish, Dr. Skow integrates risks from various boards and forums to achieve perspective on top-enterprise risks.  Additionally, she champions risk leadership initiatives through the facilitation of risk communication and clarifies risk posture. Dr. Skow also develops and implements best practices to integrate Enterprise Risk Management processes into day-to-day operations and decision-making, while investigating and developing methods to create and manage top risks for the agency. Prior to her current position, Dr. Skow served as the strategic evaluation program manager for the Chief Program Management Officer at NASA Headquarters, where she excelled at motivating diverse teams and initiating strategic initiatives. She previously held the role of portfolio analyst at Headquarters for the Office of the Chief Financial Officer, where she was responsible for understanding and working with the Exploration Systems Development Mission Directorate for the Human Landing System, Gateway and Spacesuit User Interface Technologies for Students (SUITS). Dr. Skow began her career at NASA as a graduate student in the co-op program at Kennedy Space Center working on In-Situ Resource Utilization. Following her co-op, she became a project manager at NASA Johnson Space Center for Environmental Control Life Support Systems. Dr. Skow graduated from the University of Rochester with a Bachelor of Science degree in chemical engineering. She received her PhD in chemical engineering with a focus in microelectronics from Texas A&M University. Dr. Skow actively participates in outreach programs, mentoring underprivileged children and college students and promoting NASA's mission to the next generation of scientists and engineers.

NASA/SP-2014-615

Organizational risk and opportunity management concepts and processes for nasa's consideration, risk management points of contact.

Every NASA center has a Risk Management Point of Contact (PoC). For more information, contact the PoC at your center.

Management's Responsibility for Internal Control

Office of management and budget.

Office of Management and Budget Circular No. A-123 defines management's responsibility for internal control in federal agencies. A re-examination of the existing internal control requirements for federal agencies was initiated in light of the new internal control requirements for publicly traded companies contained in the Sarbanes-Oxley Act of 2002. Circular A-123 and the statute it implements, the Federal Managers’ Financial Integrity Act of 1982, are at the center of the existing federal requirements to improve internal control.

Preparation, Submission, and Execution of the Budget

Office of Management and Budget Circular No. A-ll provides guidance on preparing the Fiscal Year 2016 budget and instructions on budget execution.

NASA and the Importance of Risk

Nasa administrator charlie bolden.

A message from NASA Administrator Charlie Bolden on NASA and the importance of risk.

Workshop Minutes

Enterprise risk and opportunity management.

Meeting minutes and presentations from the 2014 Enterprise Risk and Opportunity Management workshop.

NASA/SP-2011-3422

Nasa risk management handbook.

The purpose of this handbook is to provide guidance for implementing the Risk Management requirements of NASA Procedural Requirements document NPR 8000.4A, Agency Risk Management Procedural Requirements, with a specific focus on programs and projects, and applying to each level of the NASA organizational hierarchy as requirements flow down.

NASA/SP-2010-576

Nasa risk-informed decision making handbook.

The purpose of this handbook is to provide guidance for implementing the Risk-Informed Decision Making (RIDM) requirements of NASA Procedural Requirements document NPR 8000.4, Agency Risk Management Procedural Requirements, with a specific focus on programs and projects in the Formulation phase, and applying to each level of the NASA organizational hierarchy as requirements flow down. Appendix A provides a cross-reference between the RIDM-related requirements in NPR 8000.4 and the sections of this handbook for which guidance is provided. 

Agency Risk Management Procedural Requirements

This NASA Procedural Requirements document provides the requirements for risk management for the agency, its institutions, and its programs and projects as required by NPD 1000.0, Governance and Strategic Management Handbook; NPD 7120.4, Program/Project Management; and NPD 8700.1, NASA Policy for Safety and Mission Success. Risk management includes two complementary processes: Risk-Informed Decision Making and Continuous Risk Management.

NASA Policy for Safety and Mission Success

This policy covers NASA's safety and mission success, including risk and risk acceptance. 

NASA Engineering and Program/Project Management Policy

This document provides the statement of policy and responsibilities for all of the management and engineering disciplines under the purview of the Office of the Chief Engineer, including NASA Procedural Requirements covering management of space flight, research and technology, information technology, and institutional infrastructure programs and projects; systems engineering; software engineering; technical standards; lessons learned; product data management/product life cycle management; and the use of the metric system. Additionally, this document consolidates the agency's crosscutting software policy and responsibilities across NASA Headquarters' offices and mission directorates.

NASA Internal Control

NASA's policy is to comply with Office of Management and Budget Circular A-123, Management's Responsibility for Internal Control, which provides government-wide requirements for internal control and accountability, based on the Federal Managers' Financial Integrity Act. Specifically, it is NASA's policy to

a. Develop and maintain internal control policies, procedures, plans and assessments to provide reasonable assurance that the objectives of effective and efficient operations, reliable financial reporting, and compliance with applicable laws and regulations are achieved.

b. Hold Officials-in-Charge and center directors responsible for the development, implementation and effectiveness of internal controls, and for annually assessing and reporting on the effectiveness of internal controls.

c. Ensure that internal control and accountability underpin decisive governance over organizational structure; policies and procedures; processes for managing programmatic, financial, and institutional activities; checks and balances; and tools and techniques to uphold the agency's integrity, efficiency and effectiveness.

d. Ensure that internal controls are well integrated into new or revised activities when making changes to ongoing activities and implementing new activities in programmatic and institutional operations or financial management processes.

Policy for NASA Acquisition

This NASA Policy Directive provides the overall policy framework for NASA's strategic acquisition process with appropriate references to other key processes and directives. This strategic acquisition process complies with NASA obligations as a federal agency and is applicable to each of NASA's major areas of investment (Flight Programs and Projects, Information Technology and Institutional Infrastructure, and Research and Technology) to ensure the efficient, effective use of the resources entrusted to the agency.

Governance and Strategic Management Handbook

This NASA Policy Directive has two primary aims: (1) to set forth NASA’s governance framework — principles and structures through which the agency manages mission, roles and responsibilities and (2) to describe NASA’s Strategic Management System — processes by which the agency manages strategy and its implementation through planning, performance and results.

RISK INFORMED DECISION MAKING (RIDM)

Sma-risk-osma-0013.

This course covers in detail one of the two processes comprised in the NASA Risk Management process required by  NPR 8000.4 . Its content is based on the NASA RIDM Handbook and it provides detailed guidance for implementing the RIDM requirements of NPR 8000.4, with a specific focus on programs and projects in the Formulation Phase. Content includes RIDM process interfaces, the technical details of the various steps in the RIDM process and a case study, with opportunities for student participation, that runs throughout the course to illustrate the key learning points. This course is intended for NASA program, project, mission support, institutional, systems engineering, and Safety and Mission Assurance personnel who wish to play a role in bringing about improved decision-making anywhere in the agency.

Course Number:  SMA-RISK-OSMA-0013

Length:  8.00 hours

Audience:  This course is intended for engineers and engineering project managers.

Homayoon Dezfuli

Dr. Homayoon Dezfuli is the Risk Management program manager in the Office of Safety and Mission Assurance at NASA Headquarters (HQ) in Washington, D.C. Dezfuli serves as a senior technical expert in the System Safety discipline and is responsible for NASA's policies and procedures for System Safety and Risk Management. He has been instrumental in developing and implementing advanced System Safety and Risk Management techniques and processes for the agency, in addition to leading several major policy and technical procedure development tasks.

Dezfuli has over 25 years of experience in System Safety and Probabilistic Risk Assessment (PRA) applications and methodology development. He co-authored the development of the NASA PRA Procedures Guide, NASA Risk-Informed Decision-Making Handbook, and NASA Systems Engineering Handbook. Dezfuli devised a safety goal implementation framework; the conceptual work he performed in this area helped shape the NASA safety goal policy being implemented for human space flights. He has authored many papers in the areas of safety, risk assessment and Risk Management. He currently is leading several high-priority projects at NASA HQ aimed at institutionalizing the Risk-Informed Decision-Making process at NASA.

Dezfuli has a Ph.D. in nuclear engineering from the University of Maryland.

The integration of all forms of risk management (Strategic Risk Management, Program/Project Risk Management, Institutional Risk Management, and Acquisition Risk Management) together with opportunity management into an overall Risk Management approach that cuts across the entire organization and applies to all the agency’s activities.

Acquisition Risk Management

The management of risks associated with the acquisition process and the oversight of contractors charged with delivering products and services to the acquiring organization.

Institutional Risk Management

The management of risks associated with development and maintenance of mission support capabilities including qualified technical staff, support staff, information technology, facilities and equipment.

Program/Project Risk Management

The management of risks across four mission execution domains: safety, technical performance, cost and schedule.

Strategic Risk Management

The management of risks that threaten to jeopardize the organization’s attempts to fulfill its strategic objectives as defined in its strategic plan.

• Order Status
• Testimonials
• What Makes Us Different

Nasa Project Management Challenges Harvard Case Solution & Analysis

Home >> Harvard Case Study Analysis Solutions >> Nasa Project Management Challenges

Nasa Project Management Challenges Case Solution

Individuals are important at NASA because they form teams and their contribution affects the performance of an entire team. They work together to achieve NASA’s common goals. It is a psychological fact that if an individual member of the team does not perform well then the overall project of NASA gets effected because of that underperforming team member. These individuals are considered as the driving force in NASA, because they design the strategies , they build the strategies, they modify the strategies, they test the strategies and they maintain the strategies. The strategy represents the space crafts and the flight of these space crafts.

The lesson learned programs are basically introduced to identify the mistakes regarding what had went wrong in the operations. The knowledge regarding the good as well as erroneous-functionalities occurring in the operations of NASA, helps in identifying some types of acts that help in reducing the errors from the operations. In addition to this, these programs provide information and knowledge from previous projects, which help the individuals in overcoming its shortcomings in the next upcoming projects, whose requirement are same as the previous one. This helps in understanding the great aspects of the project and helps in promoting a better project management, which tends to mitigate the risks and ultimately increases the efficiency.

At NASA, an individual’s sense of responsibility for risk management is important because it allows the individuals to perform their roles in the best possible way. This improves the effectiveness of the risk mitigation because when everyone does his or her best in mitigating the risks and with aversion level then  the risks associated with the entire project will eventually reduce to an acceptable level. The team is accountable for success, because the team is made up of individuals, so, the main focus of the team’s performance is broader and requires good individuals having critical and difficult skills, knowledge and experience to handle different types of elements involved in the whole process, in order to get success.

Good project managers need to be optimistic. You need to choose people who are able to work with him and carry the potential of helping him in achieving his goals, because he cannot do anything on his own. You need to know your job. You have the skills to do the job. You also need to make sure that the people who work in the opposite direction-understand their responsibilities.

To be a good project manager, leadership is an essential part, because without the leadership role; it would be nearly impossible for a project to have a good manager, because a leader can be a good manager of any project, in the hands of whom the project would have more chances to have better results.Leadership is important because the manager have vast teams-comprised of several individuals who are passionate, committed and responsible for-satisfactory results, which can only be achieved if they get proper guidance from their manager and what adds much to the success in an efficient guidance is the leadership quality of the manager.

Leadership integrity influences the project’s success rate as it influences how team members make day-to-day decisions. The integrity belongs to leadership,and it also guarantees that every member of the team understands the motivation behind the decision so that the decision could be made in the greatest interest of the project and none of the individual's personal interests get affected by the decision......................

This is just a sample partial case solution. Please place the order on the website to order your own originally done case solution.

Related Case Solutions & Analyses:

Hire us for Originally Written Case Solution/ Analysis

Like us and get updates:.

Harvard Case Solutions

Search Case Solutions

• Accounting Case Solutions
• Auditing Case Studies
• Business Case Studies
• Economics Case Solutions
• Finance Case Studies Analysis
• Harvard Case Study Analysis Solutions
• Human Resource Cases
• Ivey Case Solutions
• Management Case Studies
• Marketing HBS Case Solutions
• Operations Management Case Studies
• Supply Chain Management Cases
• Taxation Case Studies

More From Harvard Case Study Analysis Solutions

• BMW AG: The Digital Auto Project (A)
• CYBER CRIME
• Is Intel’s Business Model Fit For The Future
• AGENCY.COM (A): Launching an Interactive Service Agency
• YouTube: Time to Charge Users
• Siemens Energy How to Engineer a Green Future?
• Big Data Analytics In Manufacturing Industry

Contact us:

Check Order Status

How Does it Work?

Why TheCaseSolutions.com?

Suggested Searches

• Climate Change
• Expedition 64
• Mars perseverance
• SpaceX Crew-2
• International Space Station
• View All Topics A-Z

Humans in Space

Earth & climate, the solar system, the universe, aeronautics, learning resources, news & events.

NASA’s Lucy Surprises Again, Observes 1st-ever Contact Binary Orbiting Asteroid

First Science Images Released From ESA Mission With NASA Contributions

Watch NASA Build Its First Robotic Moon Rover

• Search All NASA Missions
• A to Z List of Missions
• Upcoming Launches and Landings
• Spaceships and Rockets
• Communicating with Missions
• James Webb Space Telescope
• Hubble Space Telescope
• Why Go to Space
• Commercial Space
• Destinations
• Living in Space
• Explore Earth Science
• Earth, Our Planet
• Earth Science in Action
• Earth Multimedia
• Earth Science Researchers
• Pluto & Dwarf Planets
• Asteroids, Comets & Meteors
• The Kuiper Belt
• The Oort Cloud
• Skywatching
• The Search for Life in the Universe
• Black Holes
• The Big Bang
• Dark Energy & Dark Matter
• Earth Science
• Planetary Science
• Astrophysics & Space Science
• The Sun & Heliophysics
• Biological & Physical Sciences
• Lunar Science
• Citizen Science
• Astromaterials
• Aeronautics Research
• Human Space Travel Research
• Science in the Air
• NASA Aircraft
• Flight Innovation
• Supersonic Flight
• Air Traffic Solutions
• Green Aviation Tech
• Drones & You
• Technology Transfer & Spinoffs
• Space Travel Technology
• Technology Living in Space
• Manufacturing and Materials
• Science Instruments
• For Kids and Students
• For Educators
• For Colleges and Universities
• For Professionals
• Science for Everyone
• Requests for Exhibits, Artifacts, or Speakers
• STEM Engagement at NASA
• NASA's Impacts
• Centers and Facilities
• Directorates
• Organizations
• People of NASA
• Internships
• Our History
• Doing Business with NASA
• Get Involved
• Aeronáutica
• Ciencias Terrestres
• Sistema Solar
• All NASA News
• Video Series on NASA+
• Newsletters
• Social Media
• Media Resources
• Upcoming Launches & Landings
• Virtual Events
• Sounds and Ringtones
• Interactives
• STEM Multimedia

NASA’s Webb Telescope Improves Simulation Software

Salts and Organics Observed on Ganymede’s Surface by NASA’s Juno

25 Years Ago: STS-95, John Glenn Returns to Space

Counteracting Bone and Muscle Loss in Microgravity

NASA Conducts Annual Moon to Mars Architecture Concept Review

NASA, Small Companies Eye New Cargo Delivery, Heat Shield Technologies

NASA Honors Steve Jurczyk, Former Acting Administrator, Space Leader

NASA’s Educational CubeSats: Small Satellites, Big Impact

NASA Orbiter Snaps Stunning Views of Mars Horizon

Webb Follows Neon Signs Toward New Thinking on Planet Formation

Time Is Running Out to Add Your Name to NASA’s Europa Clipper

Aero Engineer Brings NASA into Hawaii’s Classrooms

La Movilidad Aérea Avanzada Ayuda al Transporte de Mercancías

NASA Selects Awardees for New Aviation Maintenance Challenge

Ham Radio in Space: Engaging with Students Worldwide for 40 Years

‘Digital Winglets’ for Real Time Flight Paths Born from NASA Tech

NASA Researcher Honored by Goddard Tech Office for Earth Science Work

Earthrise: Monthly e-Newsletter With Earth and Climate Science Resources

Ciencia destacada del año en el espacio del astronauta Frank Rubio

Misión récord de astronauta ayuda a planificar viajes al espacio profundo

Pruebas de la NASA con maniquí de Artemis I aportan información para futuras misiones tripuladas

Case studies catalog.

Alysha Bayens

Program coordinator, ocko.

The Goddard OCKO has a large collection of case studies covering a wide range of missions and technical topics, including launch decision making, procurement, instrument development, risk management and systems engineering. These case studies can be used to facilitate learning of critical knowledge and lessons that enable mission success. Click here to access the case study catalog.

Mitigating Supply Chain Vulnerabilities with Bitsight’s Third-Party Risk Management Solution

Like all government agencies, NASA takes cybersecurity very seriously, understanding that any security compromise can result in the postponement of multi-million-dollar missions and even loss of life. However, since the agency relies on more than 3,000 vendors to achieve its mission, threat actors have multiple pathways for infiltration.

“Bitsight has allowed us to automate our security monitoring process, resulting in about 50 percent time and efficiency savings. We can sign into Bitsight and get real-time information right from the easy-to-use dashboard.”

Protecting this extensive supply chain has been a longtime challenge for NASA

To identify potential vulnerabilities, they have traditionally relied on manual risk monitoring procedures, public disclosure statements, and breach notifications—which were usually only reported by larger vendors.

According to Kanitra Tyler, Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Service Element Lead at NASA and a 30-year veteran of the space administration, the team needed more in-depth, detailed, and real-time security information. “We use Interos, one of Bitsight’s valued partners for third-party risk management , which provides great insights into things like geopolitical and financial risk. But we needed to take a much deeper dive into our suppliers’ cybersecurity postures.”

Deeper Insights into NASA’s Extensive Supply Chain

In response to that need, enter Bitsight for Third-Party Risk Management (TPRM). With a deep integration with Interos—a leading governance, risk, and compliance (GRC) tool—Bitsight provides deeper insights into third- and fourth-party vendor risk profiles. Now, NASA can:

• Uncover high risk vendors that may be using banned services under Section 889 of the National Defense Act.
• Ensure vendors’ cybersecurity postures meet the administration’s specific requirements and guidance included in the NIST Cybersecurity Framework.
• Accelerate cyber risk assessments with better focus and prioritization of supply chain risk management.
• Work with suppliers to reduce their own risk and, as a result, pose fewer threats to NASA.
• Measure exposure to cyber risk using data-driven security ratings.

“At NASA, we focus on what we call the three P’s—pedigree, providence, and position,” explained Tyler. “Bitsight helps enormously with the first two. We can now easily identify the vulnerabilities associated with a particular vendor and how those vulnerabilities could impact our own security posture—before we begin working with them.”

Improved Efficiency, Stronger Security

NASA also struggled with taking proactive and corrective action when necessary due to the time it took to monitor its vendor portfolio. With countless vendors and the need to reassess and remediate vendor security issues, NASA needed a more efficient process.

Through Bitsight, NASA was able to improve its processes dramatically with daily alerts and easy-to-understand metrics on changes to vendors’ security postures – to help them prioritize risk. Per Tyler, “Bitsight has allowed us to automate our security monitoring process, resulting in about 50 percent time and efficiency savings. We can sign into Bitsight and get real-time information right from the easy-to-use dashboard.”

But for Tyler, Bitsight’s technology and data is only the beginning of what makes NASA’s relationship with Bitsight so valuable. The service and support Bitsight provides is equally important and has helped the agency remain protected from potential threats.

“I can think of at least three instances where Bitsight alerted us to major security issues that could affect NASA so that we would be better prepared,” she said. “In each instance, Bitsight provided us with detailed reports and advice that allowed us to make better decisions while protecting our supply chain.”

As Tyler put it: “Flying to space is our primary mission and core area of expertise, not cybersecurity. For that, we want to partner with someone who understands that discipline and how to manage it well. Bitsight is that partner.”

“Flying to space is our primary mission and area of expertise, not cybersecurity. For that, we want to partner with someone who understands that discipline and how to manage it well. Bitsight is that partner.”

Thank you for visiting nature.com. You are using a browser version with limited support for CSS. To obtain the best experience, we recommend you use a more up to date browser (or turn off compatibility mode in Internet Explorer). In the meantime, to ensure continued support, we are displaying the site without styles and JavaScript.

• View all journals
• My Account Login
• Explore content
• About the journal
• Publish with us
• Sign up for alerts
• Perspective
• Open access
• Published: 07 September 2023

Updates to the NASA human system risk management process for space exploration

• Erik L. Antonsen   ORCID: orcid.org/0000-0002-1042-7011 1 ,
• Erin Connell 2 ,
• Wilma Anton 3 ,
• Robert J. Reynolds 3 ,
• Daniel M. Buckland   ORCID: orcid.org/0000-0001-5274-3840 4 , 5 &
• Mary Van Baalen   ORCID: orcid.org/0000-0002-0915-9726 5  

npj Microgravity volume  9 , Article number:  72 ( 2023 ) Cite this article

1094 Accesses

3 Altmetric

Metrics details

• Aerospace engineering
• Research management
• Risk factors

This paper describes updates to NASA’s approach for assessing and mitigating spaceflight-induced risks to human health and performance. This approach continues to evolve to meet dynamically changing risk environments: lunar missions are currently being designed and the ultimate destination will be Mars. Understanding the risks that astronauts will face during a Mars mission will depend on building an evidence base that informs not only how the humans respond to the challenges of the spaceflight environment, but also how systems and vehicles can be designed to support human capabilities and limitations. This publication documents updates to the risk management process used by the Human System Risk Board at NASA and includes changes to the likelihood and consequence matrix used by the board, the design reference mission categories and parameters, and the standardized evaluation of the levels of evidence that the board accepts when setting risk posture. Causal diagramming, using directed acyclic graphs, provides all stakeholders with the current understanding of how each risk proceeds from a spaceflight hazard to a mission-level outcome. This standardized approach enables improved communication among stakeholders and delineates how and where more knowledge can improve perspective of human system risks and which countermeasures can best mitigate these risks.

Introduction

As the scope of human spaceflight expands, the risk to space travelers expands as well. Together with international partners, the National Aeronautics and Space Administration (NASA) has crewed the International Space Station (ISS) for the last 23 years. After the retirement of the Space Shuttle in 2011, the ISS became NASA’s primary effort of human spaceflight, and systems and approaches were tailored specifically to ISS mission parameters and risks. These ISS missions in low Earth orbit (LEO), which can stretch from 30 days to one year, are one type of design reference mission (DRM) that NASA evaluates for risk to human health and performance. With the flight of the first astronauts on commercial vehicles to the ISS in 2021 and the launch of Artemis I in 2023, plans to return humans to the moon, and a human mission to Mars rapidly approaching, mission types that have historically been considered futuristic are now far into their design and development phases. It is well understood that human spaceflight is a specialized endeavor that is organized and regulated differently than terrestrial environmental and occupational health risks. As astronauts go further from Earth and are subjected to other human spaceflight hazards, those differences increase and require specialized attention.

As NASA conceptualizes and designs the vehicles, suits, systems, and missions that will allow humans to travel beyond the ISS, the processes for addressing and communicating risk posture and mitigation needs must also evolve 1 . New challenges will be encountered because new vehicle designs and mission tasks will place unprecedented demands on astronauts’ capabilities during a mission 2 , 3 , and health risks are expected to escalate with lengthening duration of exposure to the spaceflight environment and distance from Earth 4 , 5 , 6 , 7 . Those same extended spaceflights are expected to increase risk to the long-term health (LTH) of astronauts after the mission 8 . Finally, the Artemis missions, which will return astronauts to the Moon, consists of an integrated set of flight programs that have separate program managers and teams. In this context, a “program” describes a formally funded NASA spaceflight program such as the Space Shuttle Program, the ISS Program, or the Commercial Crew Program. In Artemis, the Orion Program’s vehicle will carry astronauts to the lunar vicinity to dock with the Gateway Program’s lunar orbital space station, and descent to the lunar surface is under the purview of the Human Landing System Program. Integrating these 3 flight programs adds to the already complex crew-vehicle design challenges of any one of those vehicles and increases the level of mission complexity as well. An interdisciplinary approach will be required to integrate these flight programs and will result in complex systems that weigh the health, performance, and medical needs of astronauts against the engineering realities of the vehicle, habitat, and spacesuits 9 , 10 , 11 , 12 , 13 .

Romero and Francisco 14 published the last public update to the process for managing spaceflight-induced risk to humans (hereafter referred to as human system risk), which was used by the Human System Risk Board (HSRB) at NASA Johnson Space Center until 2018. Subsequent changes to this process were generated in response to changes in human spaceflight needs, and a new Human System Risk Management Plan (RMP) JSC 66705 Revision A that documented the changes, was released internally at NASA in October, 2020 15 . The HSRB uses the processes described here to provide transparent guidance during discussions of prioritization that explicitly state the priorities of the Health and Medical Technical Authority (HMTA) as a non-advocate. The goal of these processes is to systematically reduce total risk to astronaut crews. The HSRB piloted several updates to these processes that were evaluated to determine if they could be implemented by the board, including.

updates to definitions of key terms to improve alignment and communication among stakeholders.

formal definitions of risk drivers and a risk mitigation framework.

updates to the design reference missions (DRM) categories and their parameters used by NASA to align risk discussions with changing mission priorities.

changes to the process for assessing the levels of evidence used by the HSRB.

established principles for prioritizing risk characterization and mitigation efforts that were agreed upon by the stakeholder community.

directed acyclic graphs (DAGs) to improve communication and enable configuration-managed causal diagramming of risks.

The HSRB assesses human system risk by DRM category, which is defined by destination, operating environment, and expected mission duration. DRMs are used to provide continuity of expected high-level mission parameters in lieu of the constantly changing attributes of specific mission proposals and future undefined missions that are determined at the Mission Directorate level within NASA. Because only a small number of humans have flown in space, significant uncertainty exits regarding how short-term and long-term exposure to the spaceflight environment changes human health and performance. Changes to human health and performance can adversely impact an astronaut’s ability to perform critical tasks tied to mission objectives and can affect their ability to be recertified for flight status after their spaceflight mission. Human system risks also address the long term health (LTH) effects of exposure to the spaceflight environment, effects that extend beyond the end of a flight program. The HSRB must ensure that the knowledge gained through human spaceflight and complementary advances in applicable terrestrial medicine are captured, documented, and applied to reduce the risks crewmembers will face during current spaceflights and future exploration missions. To accomplish this, a formal continuous risk management process is used to ensure that new evidence gleaned from flight operations and research effectively feeds back into risk assessment. This information is intended to help NASA make risk-informed decisions that protect the astronauts and the mission. The details of that process, described below, include updates to the formal definitions and processes that the HSRB uses to track risk posture for the 30 human system risks and concerns (as of July 2023) that are currently being managed by the board.

Risk management process update

Key definitions updates.

The HSRB has a variety of stakeholders who include experts in many fields such as spaceflight operations, engineering, medical, life sciences, performance, human factors and human system integration (HSI), and more. At times, these experts can have different interpretations of commonly used terminology at NASA. To address this, Rev. A of the RMP included formal definitions to ensure that the use of specific terms carry a common meaning among different experts.

A human system risk is a recognized potential undesired flight crew health or performance outcome that has a clear consequence and attendant likelihood (likelihood and consequence [LxC]) supported by evidence for a given DRM category.

A human system concern is a potential undesired human health or performance outcome for the crew for which there is insufficient evidence to allow an LxC assessment for any DRM.

The risk posture is an agreed upon understanding of the state of a human system risk that is based on the best available evidence. This is decided by the HSRB based on assigned DRM-specific LxC scores and their drivers and underlying assumptions. Risk posture is communicated through associated risk scores, colors, dispositions, and rationales. The HSRB uses risk posture to communicate human system risk for a given mission.

Risk disposition represents the HSRB’s official position on the current state of the risk for a given DRM that assumes known countermeasures and monitoring will be implemented. Eight options exist for HSRB risk disposition: requires characterization, requires mitigation, requires mitigation/standards refinement, accepted, accepted with monitoring, accepted with optimization, transferred, and retired. A risk is accepted by the board when countermeasures are deemed effective and efficient or no further risk reduction is considered appropriate at that time. These dispositions are fully described in the RMP 15 .

Spaceflight hazards—In their 2020 report, Romero and Francisco 14 reviewed the 5 spaceflight hazards listed below, which guide the derivation of risks: Altered gravity, Radiation, Isolation and confinement, Hostile closed environment, and Distance from Earth.

These hazards are the evolving aspects of the spaceflight environment that are harmful to humans. They are understood to be the fundamental causes of spaceflight-induced risks to humans in the sense that they induce new challenges from the moment a human is launched into space. “New” here refers to a comparison with challenges faced by humans on Earth. For the purposes of risk management, it is not sufficient to simply list and describe these spaceflight hazards; we must also understand their potential impact to astronauts and mission-level outcomes.

The challenge of aligning perception of the terms used by various sets of experts within NASA also extends to the risks themselves. Different experts carry different mental models of what a specific human system risk is, what factors contribute to the development of that risk, and the importance that a given risk should carry when prioritizing research investments or operational capabilities within the constraints of budget and flight capacity. Therefore, the processes, DRMs, risk assessments, and other RMP aspects have been refined to improved clarity.

The continuous risk management process

The HSRB implements formal processes to track and manage human system risks. An overview of the risk management process using continuous risk management principles is shown in Fig. 1 .

HSRB Human systems risk board.

This process was described by Romero and Francisco and has not significantly changed with this update in risk management process 14 . The HSRB reviews each human system risk every 1–2 years and formalizes this process through configuration managed steps that include identifying, analyzing, planning, deciding, tracking, and implementing risk products within a continuous process of documentation and communication. Although the high-level continuous risk management process has not changed, many of the details and guidance that the HSRB provides have been updated, which are summarized here along with rationale and context.

The identify phase has 2 parts: to identify if there are any new risks or concerns that should be formulated and tracked; and to identify new evidence that may influence understanding of the risk posture that warrants further analysis. Once new evidence has been collected for a risk update at the HSRB, the analyze phase begins. Once the analyze phase is complete, the information must be used to drive decisions on risk mitigation. This is performed in the plan, review, track, and communicate steps. Analyze includes 7 steps.

Identifying risk drivers

Understanding risk DRM applicability

Delineating relevant risk impact categories

Assigning LxC scores

Assigning risk dispositions and rationale

Communicating supporting level of evidence (LoE)

Summarizing risk posture information

The steps that have relevant updates are explained below.

Risk drivers

The risk drivers were defined and included in the RMP updates to ensure that stakeholders understand how risk can change with different mission parameters. Early in the systems engineering processes for mission design, requirements are generated that ultimately define the level of risk that will be encountered in a mission 10 , 16 . If mission attributes change later in the design process and requirements are not revisited, the initial assessment of risk may no longer be a valid representation of the risk expected during a given mission.

Risk drivers describe how the spaceflight hazards modify risk posture depending on variation in mission attributes. Risk drivers are not risk-specific, they change depending on the mission objectives and can increase multiple human system risks. Identifying the potential drivers of human system risks allows (1) a clearer understanding of the origin of the risk and potential areas for risk mitigation, (2) an improved understanding of the potential relationships between risks, and (3) an improved ability to prioritize risks for stakeholders. Table 1 lists the risk drivers pertinent to human system risks; these are taken from the Human System RMP Revision A 15 .

Design reference missions (DRMs)

Recognition and articulation of risk drivers are intended to give stakeholders insight into the attributes of the DRMs being assessed. As NASA’s mission interests change, programs may modify significant portions of their concepts of operations, which in turn affects the level of human system risk for a mission. Table 2 shows the updated set of DRMs used by the HSRB, including associated assumptions relevant to risk assessment. The factors considered are derived from the risk drivers above and are presented in a fashion conducive to quantitative analysis.

These DRMs are broken into the 4 primary mission types that are relevant to current or anticipated programs. The LEO DRM includes short-duration missions similar to commercial spaceflight missions, and long-duration missions similar to ISS missions. The lunar orbital DRM includes short- and long-duration missions that apply to Orion and Gateway. The lunar orbital + surface DRM include both Orion and Gateway with the addition of the human lander system and lunar surface extravehicular activities (EVAs). The Mars DRM includes preparatory and planetary missions to account for the simulation and testing of new technologies that are likely needed prior to the full-scale Mars mission. Because the preparatory DRM is an analog of the Mars mission, it is considered to have different mission attributes than the actual planetary Mars missions.

Risk impact categories

Because risk consequence can impact the crew and/or NASA mission objectives, risk impact categories were created to enable construction of a risk matrix that reflects both possibilities. The 3 risk impact categories are used in the LxC matrix in Fig. 2 . As defined, a risk may be applicable to multiple categories.

LXC Likelihood and consequence.

In-Mission Risk—the risk posture for crews during a mission is defined from successful launch until successful and safe egress from the landing vehicle. The crew health impact subcategory identifies health issues, and the mission objectives impact subcategory identifies crew task performance issues that may result in loss of mission objectives if realized.

Flight Recertification—in some cases, exposure to the spaceflight environment affects the crewmember’s physical or mental health after a mission, delaying their flight certification and flight recertification status. This applies throughout the career of an astronaut. Although this is not often used in practice, it is included because this risk not only affects the crew, it also affects NASA’s available pool of veteran astronauts who qualify for different flight programs.

Long Term Health (LTH)—is the lifelong effect of spaceflight on physical and mental health and performance of astronauts. The LTH category now consists of the health outcomes impact subcategory, which includes medical conditions resulting from career exposures to the spaceflight environment, and the quality-of-life impact subcategory, which identifies decrements in the ability of an astronaut to perform daily living activities after a mission because of career exposure to the spaceflight environment.

Likelihood x Consequence (LxC) scoring and colors

Central to the risk assessment is determining the LxC score as applied to each DRM and to the different risk impact categories. Each LxC score is assessed by considering the level of supporting evidence and is assigned a color in the risk matrix. Accompanying an LxC score is a risk disposition that defines the HSRB’s overall position on the state of the risk assuming known countermeasures and monitoring that will be implemented in each DRM. Each risk has a summary table that includes these parameters, and the HSRB uses a risk roll-up chart to communicate a comparative assessment of all the risks. The HSRB updated the risk matrix from the 3 × 4 matrix shown in Romero and Francisco 14 to a 5 × 5 matrix that is based on the risk matrices more commonly used by NASA programs 15 . The 5 × 5 matrix and scale definitions, shown in Fig. 2 , add s granularity to risk assessments and help s improve communication with spaceflight programs.

The determination of the LxC scores is based on the following approach using the best available evidence applicable to the particular DRM being assessed: For each risk and DRM, the most probable consequence within the applicable risk impact categories described above is scored from 1 to 5 based on the definitions provided. The associated likelihood for the consequences is then scored from 1 to 3 based on both qualitative and quantitative definitions provided. The choice of the most probable consequence in the assessment helps focus the risk on more reasonable scenarios than extremely low likelihood worst case scenarios. The assigned scores consider uncertainty based on the state of the evidence evaluated. Each risk will be assessed at least 8 LxC scores based on 4 DRM categories broken down into 2 mission types (short and long) for at least 1 risk impact category (up to 3). These scores are plotted in the 5 × 5 grid of likelihood and consequence (in Fig. 2 ) and will have an associated color and number. The evidence assessment and the resulting LxC scores are reviewed by the HSRB along with the other risk information to support risk posture determination (discussed below). The number in the LxC grid, which is called the risk prioritization score, is discussed further in the section on risk prioritization principles below. Next to the grid is a timeframe box that shows 3 categories for the expected need timeframe for mitigation.

Levels of evidence definition and assessment

Underpinning any assessment of risk posture or assertions about risk is the supporting evidence. Spaceflight causes changes to the human body that become a source of risk, and the duration of the spaceflight drives the magnitude of that risk. The Level of Evidence (LoE) scoring process was revised in the current process for managing the human system risk because the prior process required clarification and improvement. The new process includes explicit standards for determining the quality of evidence considered, modifying the LoE scale to move from correlative language specific to epidemiology to causative criteria that is broadly applicable to the broader sources of evidence considered by the HSRB, and clarifying the value of various types of data and evidence when attempting to draw conclusions that are relevant to the human system in spaceflight. The evaluation of the evidence base results in an LoE score assigned alongside each assessed LxC score. These are documented and discussed in more detail in the RMP and in another publication 15 , 17 .

Summarization of risk posture

Table 3 shows an example of a summary of the risk information for a given DRM: in this case a LEO DRM and the risk to crew health due to electrical shock. The DRM category is identified in the far-left column, the next column shows the mission duration (short and long). The LxC information for the in-mission operations and LTH risk impact categories include information on the currently understood likelihood case and related consequence case. The most appropriate LxC option is chosen by the risk custodian team and approved by the HSRB. For both in-mission and LTH categories, risk dispositions, risk disposition rationales, and LoE score represent the risk posture. In this table the green color indicates low risk whereas yellow or red would indicate mid or high-level risk. A table like this is created for each DRM and used by the HSRB as a high-level communication and reference tool.

A risk roll-up table is created to provide insight into the full complement of risks. Table 4 shows the roll-up table for the 30 human system risks that is current as of July 2023. A high-level overview of all the risks is presented across all the DRMs under consideration. The color assignments are a function of the risk matrix shown in Fig. 2 . It is important to note that the colors are not an indication of whether a risk should be used to stop a mission from occurring. Instead, they are intended to convey only relative risk levels to help identify opportunities for investment of resources or to justify recommendations to decision-makers. Maintenance of this table also tracks reduction in risk over time.

Risk mitigation framework

Once risk has been assessed and scored, the question of how risk is mitigated becomes relevant. The framework for risk mitigation is designed to compel program and project managers to identify how a particular investment is expected to help mitigate human system risks. The 5 categories are used to help clarify expected benefit of risk mitigation activities. Deliverables such as scientific research, occupational or clinical surveillance measures, standards development, technology investments, flight rules, etc., must contribute to one of the following categories to be considered by the HSRB as useful for risk mitigation.

Risk Characterization —Deliverables in this category contribute to understanding the nature of the risk—how and why the risk occurs—and enables plans to decrease likelihood or consequence based on that understanding. Characterizing the risk requires an understanding of the magnitude of the impact of that risk on spaceflight crews. This helps identify when a risk is worth investing in and when it should be down-prioritized in favor of other risk investments.

Prevention (Hazard Control) —These deliverables identify ways to prevent risks from occurring or to decrease the likelihood they will occur. Examples include crew selection recommendations, human system integration recommendations, standards recommendations, clinical practice guidelines, and flight rules.

Consequence Reduction —Prevention of all risk is impossible, so countermeasures that intervene or treat a problem are required for human spaceflight, and as the distance from Earth increases, intelligent selection of these countermeasures may be mission enabling. These deliverables identify approaches that will reduce the severity of problems that could have adverse effects on crew health or on mission objectives. For example, countermeasures, healthcare monitoring, diagnosis and treatment resources, and clinical practice guidelines all provide intervention capabilities that reduce the consequence of an event that has occurred.

System Resilience (Improving Margin)— These deliverables identify system improvements that may directly or indirectly improve posture of human system risk by helping to improve crew resilience in accomplishing mission objectives. In this case ‘system’ refers to the vehicles, habitats, space suits and humans and how they are integrated together, which can be thought of as the total system margin to tolerate error or off-nominal operations. This category includes technologies that enable system improvements such as decreased need for valuable mass, power, volume, or data storage or bandwidth requirements. These savings increase the likelihood that risk mitigation technologies will be included within the tight mass and volume restrictions of exploration missions. In some cases, individual risks that are yellow or green may contribute a large or synergistic effect on the system as a whole. In these cases, continued risk mitigation and investment may be warranted to help reduce total system risk.

Risk Acceptance— Deliverables that provide information to support a decision regarding acceptance of a moderate or high risk are included in this category. These may include information on return on investment or cost and schedule limitations, which can initiate discussion about whether investments for the risk in question are best moved to other areas.

Although the first 3 categories are intuitive, the historical approach to risk-related research and data collection has been siloed, in part, by the structure of the risks themselves. The HSRB encourages research investments that target improved system resilience as a means of reducing overall system risk. The design of the crew health and performance system through rigorous human system integration processes is one approach to improving system resilience. Residual system risk is difficult to characterize when research focuses primarily on silos of specific risks alone. Additionally, the work that NASA performs to understand and mitigate risk is applied toward a specific goal — achieving acceptance of an appropriate amount of human system risk within the larger context of vehicle and mission risk. The HSRB encourages investments in activities that help determine when risk has been sufficiently reduced. Although eliminating all human system risk is an admirable goal, it would likely result in increases in vehicle or mission risk that would obviate the gains achieved 18 . As such, the HSRB does not advise further investments beyond an appropriate level of risk acceptance, because that would have a poor likelihood of return on investment.

High value risk mitigation targets

Using the 5 risk mitigation categories, risk custodian teams identify high value risk mitigation targets and recommend investments and countermeasures that should reduce risk. These typically include areas where major gaps in knowledge or capability exist, or other targets that could yield returns worthy of investments in time, money, and other resources. These recommendations represent the risk custodian’s and the HSRB’s perception of the best near-term targets for reducing risk from a total system perspective.

Risk prioritization principles

In the context of research investments, limited budget is available to address the myriad of potential research projects that could improve risk posture. Similarly, the systems engineering lifecycle and design process for vehicles, habitats and spacesuits have limited mass, power, volume, and data-bandwidth to accommodate all the potential countermeasures that can be envisioned to improve crew health and performance. Many subject matter experts (SMEs) have deep insight into specific spaceflight problems, but few have broad insight into the spectrum of needs and the full set of constraints placed on the crew health and performance system, therefore, the HSRB provides a non-advocate approach to help stakeholders prioritize investments and capabilities that are being considered for human spaceflight missions. Non-advocate in this context means that the HSRB is responsible for tempering the enthusiasm brought to any specific risk, project, or capability, and honestly weighing the potential value against the potential cost, which can include budget, schedule, changes in risk posture, or displacement of other important research or capabilities. The HSRB holds this responsibility because it is a health and medical technical authority board, and in this context the HSRB works with the stakeholders to define criteria that can help prioritize decisions. Briefly these include:

Risk Prioritization Score —The severities of risks are communicated at highest level using colors. However, for prioritization, the LxC scores, shown as the numbers in each of squares of the 5 × 5 matrix in Fig. 2 , identify the comparative urgency of resolving the risk. This single metric is used to identify “red risks”. For many years these scores were the sole discriminator for assessing priority, however, additional discriminating metrics should be considered.

Risk Hierarchy —The more fundamental risks likely require a certain level of mitigation before other dependent risks can be mitigated. For example, the basic human needs of food and nutrition must be met before mitigating the aerobic performance risk.

Risk Dependency —All the risks are simultaneously present in a mission despite the tendency to silo them for ease of research. Where possible, the risks whose nature or countermeasures are likely to affect many other risks should be prioritized over the risks that have few interconnections with other risks. For example, the design of the vehicle is a part of the human system integration architecture (HSIA) risk. This risk is mitigated, in part, by including experts in human systems integration at every step of the vehicle design, which also ensures that human system countermeasures for other risks are also included. As such, the HSIA risk is linked to the successful mitigation of all the other risks. Directed Acyclic Graphs (DAGs) were constructed to help identify these links between risks, and to show the currently understood causal flow from spaceflight hazards to mission-level outcomes for each risk. Points of known or suspected interconnection between each risk are mapped in the DAGs, which are configuration managed by the HSRB. These DAGs discussed in more detail elsewhere 19 and are summarized in the next section.

Need Timeframe —The time available to mitigate a risk varies by the specific mission type and specific risk. For example, the risk of radiation-induced carcinogenesis is managed and accepted for both long and short missions in LEO. However, the radiation exposure significantly increases for Mars missions or long-duration lunar missions. A longer lead time will be available to effectively mitigate this risk than the lead time available to effectively mitigate risks from EVA given the earlier calendar dates for lunar surface missions.

In-Mission Risk vs. LTH Risk —Although LTH effects that occur either during or after an astronaut’s career must be mitigated, it is incumbent on NASA to prioritize in-mission risks over LTH risks to crews. Astronauts accepted a 1:90 risk of loss of life at the later phases of the Space Shuttle program, and as high as 1:10 in the early phases of the program 20 . NASA enables human spaceflight in the best achievable risk posture; however, if LTH concerns were to over-ride in-mission concerns, astronauts would never fly.

Expected Investment Benefit —Historically NASA is the leading source of research investment in human needs in spaceflight. Because of this, NASA has focused their investments on developing resources that can mitigate spaceflight risk. Other agencies and funding sources support research that targets human health and performance challenges on Earth. These are often much larger investments than NASA is able to provide. If technology developed by other funding sources is likely to reduce a risk faster or more successfully than NASA specific investments, that risk should receive less priority when considering NASA’s limited funding availability. For example, astronauts are exposed to higher levels of radiation during spaceflight than on Earth and this may induce a greater risk of developing cancer. The National Institutes of Health invests far more in attempting to cure cancer than NASA can or should. Therefore, rather than also funding research into cancer treatments, NASA should prioritize their investments into strategies such as characterizing the unique effects of space radiation or optimizing vehicle shielding.

The HSRB uses the principles described to reduce total risk to astronaut crews. If risk mitigation efforts in the human domain are over-stated, this could displace mass or volume that may be needed for other mission systems, and this could raise total mission risk while appearing to improve the human system risks.

Causal diagramming

To provide a metric for quantifying risk dependencies, a pilot program was instituted to construct DAGs for each of the 30 human system risks. This is described more completely elsewhere 15 , 19 , 21 , however, it is discussed here for context. One of the biggest challenges when a wide variety of experts discuss the risk reduction process is the lack of a shared mental model of the causes of spaceflight-induced risk. It is a common bias for SMEs to overstate the importance of their own area of expertise while understating the importance of other domains. This is a natural part of attempting in good faith to contribute to the larger systems problems faced by NASA. It is also difficult for non-experts to understand why a particular research project or medical capability may be important. To help address this problem, the DAGs show the causal flow of risk that begins with immersion in the spaceflight environment at launch, and through the many dependent contributing factors that lead to increased likelihood of adverse mission-level outcomes. Each of these DAGs were created using strict criteria and structure to enable like-to-like comparison of the risks and to map the known or suspected interactions between the risks at the level of contributing factors or countermeasures.

In the context of risk, the DAGs depict the relationship between important contributing factors that affect health and performance. ‘Health’ in this case refers to the absence of medical conditions that are likely to harm or cause decrements in performance needed to achieve mission objectives. ‘Performance’ typically refers to the individual crewmember’s ability to successfully complete tasks as assigned over the course of a mission. It is known that health and performance does change during spaceflight, but it is helpful to elucidate how those changes can lead to unsuccessful task performance and possibly loss of mission objectives.

Figure 3 illustrates the causal chain of performance visualized as a DAG. Task performance is often thought to start with individual readiness, however, in the human system risk domain the causal chain begins with the hazards astronauts are exposed to when they are launched into space. Exposure to those hazards leads to the issues identified as the human system risks, which affect individual health over time during a mission through physiologic changes and deconditioning. During short-duration spaceflight, the effects on an individual may be minor, but for long-duration spaceflight they can lead to incapacitation over time. Health decrements can contribute to decrements in an individual’s performance, but additional factors including the team and the systems involved can affect the performance of mission critical tasks. Individual health and vehicle and habitat factors cause changes to individual readiness. Those, along with team functionality, cause changes to crew capability. Additionally, the effects of system design and limitations impact the realistic chances of successfully performing a mission critical task. These are shown as vehicle and habitat factors, independent of effects on individual readiness or crew capability. For example, if the task is to repair a broken exercise device but spare parts for the device are not available because of mass constraints, the likelihood of successful task performance drops no matter the readiness of individuals or crew to perform the needed repairs. How the vehicle or habitat is designed can affect both individuals and an entire crew, for example the lack of individual quarters for sleep and privacy. However, vehicle and habitat factors can affect the likelihood of successful task performance, or in the case of mission critical tasks they can cause loss of mission objectives. If enough mission objectives are lost, then loss of mission may occur. Figure 3 is not an official HSRB DAG but is used here to communicate the concept. The point of this DAG is to ensure that SMEs consider multiple causes of decreased performance when thinking about risk, and how these effects on performance can lead to mission-level outcomes. Other nodes could be reasonably included in this DAG depending on their importance to the intended story. A graphical story such as this has been created for each of the 30 risks and the process is more thoroughly documented elsewhere 19 . Each of the DAGs are formally managed and tracked by the HSRB as part of the continuous risk management process 15 . The benefit of these diagrams primarily lies in communication, but they can help identify how and where specific factors contributing to a human system risk affect the larger system. In this sense, these diagrams are used to help highlight where gaps in knowledge or capability exist.

This notional-directed acyclic graph shows the progression from the hazards of the spaceflight environment encountered at the time of launch through to mission-level outcomes that include loss of mission objectives and loss of mission.

Outlook and summary

This paper illustrates the evolution of the human system risk management process in recent years. These updates build on the formalized processes that are already in place. Updates to the risk scoring mechanisms and matrix ensure that the risk matrix more clearly conveys the current risk posture. Detail was added to the definitions, processes, and principles that the HSRB uses to provide guidance on how to approach human system risk management. Although the current updates were implemented in response to recognized limitations of prior approaches, they are not likely to solve all the challenges faced in this arena. It is fully expected that after several years of implementing these updates, further revisions will be needed. The process of continuous risk management used by the HSRB must continue to evolve in the face of changing needs of NASA and of the larger spaceflight industry. Extrapolation of these processes to commercial entities would likely require significant discussion of the driving goals of each business and whether the level of detail involved in this process would be useful outside of NASA. However, NASA concepts and approaches may be valuable for other health and science agencies to review as they make updates and evolve their human health risk assessment processes and procedures. The authors hope that this update will continue to raise public awareness of the current approaches used for managing human system risk at NASA and stimulate discussion about how to improve these processes for future space missions.

Reporting summary

Further information on research design is available in the Nature Research Reporting Summary linked to this article.

Data availability

Data sharing is not applicable to this article as no datasets were generated or analyzed during the current study. The Human System Risk Board at NASA maintains a public website where further information and documentation can be found: https://www.nasa.gov/hhp/hsrb . The governing document for risk management JSC-66705 can be found at the NASA Technical Reports Server at https://ntrs.nasa.gov/citations/20205008887 . Formal guidance on the NASA DAGs is publicly available at https://ntrs.nasa.gov/citations/20220006812 . The HSRB approved DAGs for each Human System Risk are publicly available at https://ntrs.nasa.gov/citations/20220015709 .

Safe Passage: Astronaut Care for Exploration Missions . (National Academies Press, 2001).

Engineering, life sciences, and health/medicine synergy in aerospace human systems integration: the Rosetta Stone Project . (National Aeronautics and Space Administration, NASA Headquarters, 2018).

Valinia, A. et al. Safe Human Expeditions Beyond Low Earth Orbit (LEO) NASA/TM−20220002905 NESC-RP-20-01589 . https://www.nasa.gov/nesc/workshops/safe-human-expeditions-beyond-leo (2022).

Antonsen, E. L. et al. Estimating medical risk in human spaceflight. npj Microgravity 8 , 1–10 (2022).

Article   Google Scholar  

Douglas, G. L., Zwart, S. R. & Smith, S. M. Space Food for Thought: Challenges and Considerations for Food and Nutrition on Exploration Missions. J. Nutr. 150 , 2242–2244 (2020).

Article   PubMed   Google Scholar  

Crucian, B. et al. Alterations in adaptive immunity persist during long-duration spaceflight. npj Microgravity 1 , 15013 (2015).

Article   PubMed   PubMed Central   Google Scholar  

Blue, R. S. et al. Supplying a pharmacy for NASA exploration spaceflight: challenges and current understanding. npj Microgravity 5 , 14 (2019).

Kahn, J. et al. Health Standards for Long Duration and Exploration Spaceflight: Ethics Principles , Responsibilities, and Decision Framework . (The National Academies Press, 2014).

Landon, L. B. et al. The Behavioral Biology of Teams: Multidisciplinary Contributions to Social Dynamics in Isolated, Confined, and Extreme Environments. Front. Psychol. 10 , 2571 (2019).

Mindock, J. et al. Systems Engineering for Space Exploration Medical Capabilities. in AIAA SPACE and Astronautics Forum and Exposition 5236 (2017).

Hanson, A. et al. A Model-Based Systems Engineering Approach to Exploration Medical System Development. in 2019 IEEE Aerospace Conference 1–19 (IEEE, 2019). https://doi.org/10.1109/AERO.2019.8741864 .

McGuire, K. et al. Using Systems Engineering to Develop an Integrated Crew Health and Performance System to Mitigate Risk for Human Exploration Missions. in ICES-2021-298 11 (2021).

Abercromby, A. et al. Integrated Extravehicular Activity Human Research & Testing Plan: 2019; NASA/TP-2019-220232 . https://www.nasa.gov/sites/default/files/atoms/files/nasa-tp-2019-220232.pdf (2019).

Romero, E. & Francisco, D. The NASA human system risk mitigation process for space exploration. Acta Astronautica 175 , 606–615 (2020).

Antonsen, E. Human System Risk Management Plan, JSC-66705 Rev. A. (Johnson Space Center, NASA, 2020). https://ntrs.nasa.gov/citations/20205008887 . Accessed: Feb. 21, 2021.

Hirshorn, S. R. V. NASA Systems Engineering Handbook . https://ntrs.nasa.gov/search.jsp?R=20170001761 (2017).

Ward, J. et al. Levels of Evidence for Human System Risk Evaluation. NPJ Microgravity (2023).

Walton, M. & Antonsen, E. L. The integrated medical model: A Case study in communication. In Engineering, Life Sciences, and Health/Medicine Synergy in Aerospace Human Systems Integration: The Rosetta Stone Project (eds Williams, R. S. & Doarn, C. R.) 65–85 (National Aeronautics and Space Administration, Washington, DC, 2017).

Antonsen, E. L. et al. Directed acyclic graph guidance documentation - Human system risk board. NASA Technical Memorandum NASA TM/20220006812 (2022).

Bagian, J. P. How safe is safe enough for space and health care?: Communication and acceptance of risk in the real world. JAMA Neurol. 76 , 399 (2019).

Antonsen, E. L. et al. Directed acyclic graphs: A tool for understanding the NASA human spaceflight system risks. NASA Technical Publication NASA/TP-20220015708 (2022).

Kintz, N. M. & Palinkas, L. A. Communication delays impact behavior and performance aboard the International Space Station. Aerosp. Med. Hum. Perform. 87 , 940–946 (2016).

Chappell, S. P. et al. NEEMO 18–20: Analog testing for mitigation of communication latency during human space exploration. In 2016 IEEE Aerospace Conference , 1–12 (2016).

Bell, S. T., Brown, S. G. & Mitchell, T. What we know about team dynamics for long-distance space missions: A Systematic review of analog research. Front. Psychol. 10 , 811 (2019).

Landon, L. B. & Paoletti, J. Extreme roommates: Exploring group living skills as a unique team skill. In Psychology and Human Performance in Space Programs: Research at the Frontier (eds Landon, L. B., Slack, K. J. & Salas, E.) 217–235 (CRC Press, 2020).

Landon, L. B., Slack, K. J. & Barrett, J. D. Teamwork and collaboration in long-duration space missions: Going to extremes. Am. Psychol. 73 , 563–575 (2018).

Landon, L. B., Rokholt, C., Slack, K. J. & Pecena, Y. Selecting astronauts for long-duration exploration missions: Considerations for team performance and functioning. REACH 5 , 33–56 (2017).

Downs, M. & Norcross J. Crew performance and EVA requirements. In Handbook of Lunar Base Design and Development (eds Eckart, P. & Aldrin, A.) 1–24 (Springer International Publishing, 2020).

Belobrajdic, B., Melone, K. & Diaz-Artiles, A. Planetary extravehicular activity (EVA) risk mitigation strategies for long-duration space missions. NPJ Microgravity 7 , 16 (2021).

Conkin, J. et al. Evidence report: Risk of decompression sickness. NASA Johnson Space Center, https://humanresearchroadmap.nasa.gov/evidence/reports/DCS.pdf?rnd=0.890854045697886 (2016).

Conkin, J. et al. Probabilistic assessment of treatment success for hypobaric decompression sickness. NASA Technical Publication NASA/TP-2014-218561 (2014).

Chancellor, J. C. et al. Limitations in predicting the space radiation health risk for exploration astronauts. NPJ Microgravity 4 , 8 (2018).

Blue, R. S. et al. Challenges in clinical management of radiation-induced illnesses during exploration spaceflight. Aerosp. Med. Hum. Perform. 90 , 966–977 (2019).

Elgart, S. R. et al. Radiation exposure and mortality from cardiovascular disease and cancer in early NASA astronauts. Sci. Rep. 8 , 8480 (2018).

Blue, R., Nusbaum, D. & Antonsen, E. L. Development of an accepted medical condition list for exploration medical capability scoping. NASA Technical Memorandum NASA/TM-2019-220299 (2019).

Download references

Acknowledgements

The authors would like to thank J. Charvat (KBR), N. Narty (JES Tech), and A. Monti (JES Tech) for review and editing comments. Special thanks to Kerry George, ELS for assistance with technical editing.

Author information

Authors and affiliations.

Center for Space Medicine, Department of Emergency Medicine, Baylor College of Medicine, Houston, TX, USA

Erik L. Antonsen

Leidos Innovations, Houston, TX, USA

Erin Connell

KBR, Houston, TX, USA

Wilma Anton & Robert J. Reynolds

Duke University, Durham, NC, USA

Daniel M. Buckland

NASA Johnson Space Center, Houston, TX, USA

Daniel M. Buckland & Mary Van Baalen

You can also search for this author in PubMed   Google Scholar

Contributions

EA, EC, WA, RR, DB, MVB provided subject matter expertise regarding NASA risk management processes and updates. EA, EC, and WA wrote document JSC-66705 that updated NASA requirements in October 2020. EC created the figures and tables. EA wrote the manuscript. All authors read and approved the final manuscript.

Corresponding author

Correspondence to Erik L. Antonsen .

Ethics declarations

Competing interests.

The authors declare no competing interests.

Additional information

Publisher’s note Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Supplementary information

Reporting summary, rights and permissions.

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/ .

Reprints and Permissions

About this article

Cite this article.

Antonsen, E.L., Connell, E., Anton, W. et al. Updates to the NASA human system risk management process for space exploration. npj Microgravity 9 , 72 (2023). https://doi.org/10.1038/s41526-023-00305-z

Download citation

Received : 05 March 2023

Accepted : 06 July 2023

Published : 07 September 2023

DOI : https://doi.org/10.1038/s41526-023-00305-z

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Quick links

• Explore articles by subject
• Guide to authors
• Editorial policies

Sign up for the Nature Briefing newsletter — what matters in science, free to your inbox daily.