An Approach to Sustainability Risk Assessment in Industrial Assets

: Asset management, as a global process through which value is added to a company, is a managerial model that involves major changes in strategies, technologies, and resources; risk management; and a change in the attitude of the people involved. The growing commitment of companies to sustainability results in them applying this approach to all their activities. For this reason, it is relevant to develop sustainability risk assessment procedures in industrial assets. This paper presents a methodological framework for the inclusion of sustainability aspects in the risk management of industrial assets. This approach presents a procedure to provide general criteria, methodology, and essential mandatory requirements to be adopted for the identiﬁcation, analysis, and evaluation of sustainability aspects, impacts, and risks related to assets owned and managed by an industrial company. The proposed procedure is based on ISO 55,000 and ISO 31,000 standards and was developed following three steps: a preliminary study, identiﬁcation of sustainability aspects and sustainability risks/opportunities, and impact assessment and residual risks management. Our results could serve as a model that facilitates the improvement of sustainability analysis risks in industrial assets and could be used as a basis for future developments in the application of the standards to optimize management of these assets.


Introduction
The growing recognition of the importance of the environment and sustainability worldwide has led to the development of new forms of investment that apply socially responsible criteria. This path began to take shape with the creation of the Principles for Responsible Investment (PRI) [1]. Its objective is the introduction of environmental, social, and corporate governance factors, the so-called Environmental, Social, and Governance (ESG) criteria [2], in investment decision making, in order to manage extra-financial risks more efficiently and promote the sustainability of underlying investments.
ESG [2] factors are classified into three large groups: environmental criteria (E), social criteria (S), and corporate governance criteria (G).

‚
Environmental criteria (E) are related to the care and conservation of the environment. ‚ Social criteria (S) are related to the management of a company that considers the people who may be affected by its activity-from its employees or suppliers to the population as a whole or different communities likely to have a link with the company. The inclusion of sustainability aspects in asset management is even more innovative. Alsyouf et al. [24] emphasized the need to identify and apply asset management key performance indicators to assess the impact of ISO 55,000:2014 on organizational performance. Maletic et al. [25] suggested that it is mandatory to develop empirical evidence to support the effective management of assets with regard to sustainability performance. They proposed a set of good practices related to risk management, performance assessment, lifecycle management, and practices concerning the development of PAM policy and strategy. Managers should focus their efforts in these areas in order to enhance sustainability performance.
It is therefore necessary to develop a methodological framework for the inclusion of sustainability aspects in risk management of industrial assets in order to improve the performance of assets by managing them in a controlled environment, with identification of limits and management of information that offers a high level of certainty. In this paper, we provide general criteria and develop a methodology for the identification, analysis, and assessment of sustainable aspects, impacts, and risks related to industrial assets.
The remainder of this paper is organized as follows: First, theoretical framework of asset management and the research method is presented. Section 4 presents the procedure for sustainable risk management of industrial assets. In Section 5, a practical case is presented, and in Section 6, we discuss the theoretical and practical implications of the study. Finally, in Section 7, conclusions and future research lines are presented.

Theoretical Framework of Asset Management
The increase in interest in asset management not only in the academic world [26,27] but also in the professional world, both private and public sector [28][29][30], has been considerable in recent years, and research was oriented to the practice and focused on technical aspects [31,32], lacking a stronger research emphasis on the theoretical framework [33,34].
The existent body of knowledge of asset management is mainly composed of government guidelines and standards on asset management. These standards include the New South Wales' Total AM (TAM) [35], the International Infrastructure Management Manual (IMM) [36], the Federal Highway Administration (FHWA) [37], the Organization for Economic Cooperation (OECD) [38], the Federal real property AM initiative framework of the USA [39], the Royal Institute of Chartered Surveyors (RICS) [40], and the British Standard Institute (PAS 55) [13]. These guidelines set out recommendations and steps for asset management, which are the starting point for developing and applying specific techniques and tools for physical asset management at a lower abstraction level, but it is necessary to develop a conceptual framework to establish the basis for the development of strategic planning for asset management in the private and public sector [41].
A first approach to establish a conceptual model for strategic planning in asset management is the Bryson model [42], which is composed of ten steps and that stresses on thinking, acting, and learning to achieve success in the organization's strategies. Wit and Meyer [43] introduced a framework in four sequential stages: identifying the problem, diagnosing and analyzing the problem, formulating a solution, and, finally, realizing action. Each stage was divided into two sub-stages: missing and agenda setting, external and internal assessment, option generation and selection, and action taking and performance control, respectively.
Alhazmi [41] analyzed international guidelines and references on asset management [13,[35][36][37][38][39][40], and one of the highlights is that all standards conceive asset management as a process, in line with other management standards [44,45]. The first level of abstraction of the theoretical model proposed by Alhazmi is composed of three basic stages: the intended strategy, the monitoring of the implementation of the intended strategy, and the current assets. In the intended strategy, Alhazmi proposed a series of sub-stages: identification of the problem, diagnosing with the information coming from the external and internal environmental, generation options, and an evaluation of the options, which could be capital, operation, maintenance, or disposal investment. This part of the model is in line with most of the internationally recognized standards, except that the phase of generation of alternatives is included as part of another stage and that for example standards such as the FHWA or the USA do not attach or do not pay so much importance to the information from the external environment.
Within of the stage of intended strategy, Alhazmi emphasizes the program formulation, as a basis for the management of assets as portfolios, because assets can be relatively independent of one another but have various common themes in their management, as for instance resources. The asset portfolio must be aligned with the policy of the organizations as the last point of the planning phase.

Methods
The approach to sustainability risk assessment in industrial assets was developed in three steps ( Figure 1). First, a literature review was conducted (Phase 0). This study included relevant scientific publications and international standards. In the next step (Phase 1), a framework was proposed to identify sustainability aspects and sustainability risks and opportunities. In the last step (Phase 2), strategies for systematically measuring and managing impact and residual risks were developed.
intended strategy, the monitoring of the implementation of the intended strategy, and the current assets. In the intended strategy, Alhazmi proposed a series of sub-stages: identification of the problem, diagnosing with the information coming from the external and internal environmental, generation options, and an evaluation of the options, which could be capital, operation, maintenance, or disposal investment. This part of the model is in line with most of the internationally recognized standards, except that the phase of generation of alternatives is included as part of another stage and that for example standards such as the FHWA or the USA do not attach or do not pay so much importance to the information from the external environment.
Within of the stage of intended strategy, Alhazmi emphasizes the program formulation, as a basis for the management of assets as portfolios, because assets can be relatively independent of one another but have various common themes in their management, as for instance resources. The asset portfolio must be aligned with the policy of the organizations as the last point of the planning phase.

Methods
The approach to sustainability risk assessment in industrial assets was developed in three steps (Figure 1). First, a literature review was conducted (Phase 0). This study included relevant scientific publications and international standards. In the next step (Phase 1), a framework was proposed to identify sustainability aspects and sustainability risks and opportunities. In the last step (Phase 2), strategies for systematically measuring and managing impact and residual risks were developed. Phase 0. Identify ISO 55,000 and ISO 31,000 as relevant standards and scientific studies to manage extra-financial risks more efficiently and promote the sustainability of investments [17,24,25]. These standards, guidelines, recommendation of current framework [17,24,25,41,46], and main interest issues found in last reviews addressing private and public sector are the theoretical background to develop the proposed procedure [33,[47][48].
The ISO 55,000 Asset Management standard is a series of three documents that were collectively developed by the global asset management community. The objectives of the three documents are: ISO 55,000: Overview, principles, and terminology of the field of asset management, including key concepts related to asset management systems.
This component of the standard is designed to provide its purpose, containing an overview, the principles that govern the standard, and the applicable terminology. Phase 0. Identify ISO 55,000 and ISO 31,000 as relevant standards and scientific studies to manage extra-financial risks more efficiently and promote the sustainability of investments [17,24,25]. These standards, guidelines, recommendation of current framework [17,24,25,41,46], and main interest issues found in last reviews addressing private and public sector are the theoretical background to develop the proposed procedure [33,47,48].
The ISO 55,000 Asset Management standard is a series of three documents that were collectively developed by the global asset management community. The objectives of the three documents are: ISO 55,000: Overview, principles, and terminology of the field of asset management, including key concepts related to asset management systems.
This component of the standard is designed to provide its purpose, containing an overview, the principles that govern the standard, and the applicable terminology. ISO 55,001 [49]: Requirements for the development, maintenance, and improvement of the management system for the organization's assets. Requirements that an organization must meet to certify the standard.
This part includes what is required, defining the terms of the asset management system's establishment, implementation, and improvement. ISO 55,002 [50]: Implementation guide, discussion, and examples.
In this last document, a guide is given for the implementation of the standard, providing the guidelines for the design and operation of an asset management system. ISO 55,000 is built in such a way that it can be easily integrated with the requirements of other management systems such as ISO 9001 [51]; therefore, its implementation would not conflict with the progress that has already been made. In addition, it allows the organization to establish its needs or requirements (level of obsolescence) of assets and asset systems, allowing analytical approaches for their management in different stages of the Asset Life Cycle, which are all the stages that the asset experiences during its life, as defined in ISO 55,000.
ISO 31,000 [52] is the international standard of reference for risk management and is made up of two documents: ISO 31,000: Provides general guidelines for risk management including risk identification, analysis, and subsequent evaluation. ISO 31,010 [53]: Presents various techniques and provides guidelines for their selection as well as the system that must be followed to prepare risk studies.
ISO 31,000 can be taken as a basis for evaluating health and safety risks in industrial parks [54], as well as for evaluating any type of risk, such as, in this case, risks in asset management.
The identification of significant sustainability aspects and sustainability risks/ opportunities is a relevant step (Phase 1). The developed proposal in this study provides a systematic approach to identify these, focusing on the goals and strategies of the company, its governance, and the applicable laws and regulations, as well as its effectiveness and efficiency with respect to sustainability interactions.
The coordination of the ISO 55,000 standards for asset management and the ISO 31,000 standards for risk management allow methodologies to be determined that consider a sufficient classification of assets, identification of risks, control measures, risk levels, and tolerance. Depending on the criticality of the risks, the actions to mitigate them are determined. These concepts were applied to develop a systematic procedure to measure and manage impact and residual risks (Phase 2).

Development of the Procedure Proposal to Sustainability Risk Assessment in Industrial Assets
Applying the aforementioned concepts, a procedure is proposed to address sustainability risk assessment in industrial assets.
This procedure aims to provide general criteria, methodology, and essential mandatory requirements to be adopted for the identification, analysis, and evaluation of sustainability aspects, impacts, and risks related to assets owned and managed by an industrial company.
This procedure is implemented and applied to the fullest extent possible, in compliance with any applicable laws, regulations, and governance rules, by countries or regions within a company for the purpose of setting up sustainable management systems and monitoring sustainable continuous improvement targets.
The definitions laid out in this procedure proposal are introduced for the aforementioned purposes. Any different definition, compliance, or responsibility established by national laws, regulations, and governance rules are in force and, in any case, prevail over the provisions contained in this procedure proposal.

Definitions and Acronyms
With a focus on sustainability and applying asset management systems developed in the ISO 55,000, ISO 55,001, and ISO 55,002 standards, the international reference standard for risk management, UNE-ISO 31,000, is also taken into account, which provides general guidelines for risk management, including risk identification, analysis, and subsequent evaluation. The UNE-EN 31,010 standard is also considered as it presents various techniques and provides guidelines for their selection; this is the system that must be followed to prepare risk studies.
From the information available, we can establish a basis for developing a risk assessment in industrial assets and propose acronyms and keywords, as presented in Table 1.

Acronyms and Keywords Description
Asset Any workplace, construction site or object which the company owns, manages, operates, or installs, directly or through contractors and subcontractors.

Continuous Improvement
Recurring activity to enhance performance.

Control
Any action of guidance, operation or of influence taken to directly, or indirectly manage a risk.

Control level
Effectiveness of control activities implemented to manage a risk.
Critical event A negative event, related to a specific sustainable aspect, taking place in an asset or as consequence of an activity with the potential to significantly impact sustainability.

Effect
Positive or negative deviation from what is expected.

Sustainable
Surroundings in which the organization operates, including the environment, humans and their relationship context.

Sustainability Aspect
Any element of the organization's activity, production or service that interacts or can interact with the organization due to sustainability issues, taken into account from a Life Cycle perspective.

Sustainability Significant Aspect
Any sustainability aspect with a strategic or material relevance for the organization and/or capable of significantly affecting, positively or negatively, the organization's sustainable performance.

Sustainability Impact
Any change to the organization due to sustainability issues, whether adverse or beneficial, totally or partially resulting from an Organization's Sustainability Aspect.

Sustainability Management System (SMS)
Part of the management system used to manage sustainability aspects, fulfill compliance obligations (including organizational voluntary sustainability targets) and address risks and opportunities.

Sustainability Performance
Result related to a sustainability aspect's management, measurable by means of an indicator against the organization's sustainability policy, targets, or other criteria.

Event
The occurrence or modification of a particular set of circumstances (as defined in ISO 73 [55]). With respect to this procedure, an event identified in the risk assessment might generate positive (opportunity) or negative impacts (risk).

Impact Magnitude
Outcome of the critical event, measured as the relevance of its qualitative/quantitative effects.

Indicator
Measurable representation of the condition, status or variation of a system (e.g., process, activity, phenomenon, sample).

Inherent Risk
Risk present in the absence of existing control activities.

Likelihood
Probability of occurrence of the critical event in a specific period.

Life Cycle Perspective (LCP)
Consecutive and interlinked stages of the production or service process directly and indirectly operated or influenced at any system level by the organization, from natural resources consumption, including energy, to products' and residues' end-of-life management.

Opportunity
An event with the potential to benefit the organization's sustainability performance.

Residual Risk
Level of risk remaining after consideration of the existing control level.

Risk
Potential adverse effect for the organization's sustainability performance.

Risk Assessment
Overall process of estimating the level of risk and deciding whether the risk is acceptable or not.
Risk treatment Mitigation activities to control or modify the risk.

Sustainability Aspects/Impacts
This procedure proposal considers the identification of sustainability aspects and sustainability risks and opportunities, related to the owned and managed assets and the activities performed by the company.
The company performs an annual assessment at different levels of its organization and reports the evaluation results in an aspect register, which contains all significant aspects and their relevant information and risk analysis results according to the present procedure proposal.
Companies, when implementing the present procedure proposal, might adopt additional specifications, to tailor and detail it according to their own technological and organizational features and to guide the sustainability risk analysis.
All the metrics indicated in this procedure proposal are for reference purposes.

Identification of Significant Sustainability Aspects
For the identification of significant aspects, each company performs an analysis of its activities that may interfere or have an influence on sustainability. The organization takes into account:

‚
The context in which it operates, adopting a comprehensive approach that addresses multiple dimensions of concern (environmental, social, regulatory, technological, etc.). ‚ Needs and expectations of all stakeholders. ‚ Conformity obligations, both mandatory and voluntary. ‚ The foreseeable capacity of a sustainability aspect to significantly affect, positively or negatively, the organization's sustainability performance. ‚ The Life Cycle perspective, as a reference approach to be adopted to assess impacts, minimize environmental footprint and maximize resources circularity by extending the analysis to all stages of the production or service process directly and indirectly operated or influenced at any level by the organization.
The ultimate goal of the analysis of significant sustainability aspects is of understanding, on a scale appropriate to each organizational level, the most important issues that can affect or influence, positively or negatively, the way in which the company addresses its sustainability responsibilities and targets.
Reference pillars orientating the detection of significant sustainability aspects also include: ‚ The company's sustainability policy, stating, and detailing strategic objectives for the protection of the environment and of natural resources, the fight against climate change and its contribution to sustainable economic development, which have been recognized as strategic factors in the planning, operation, and development of the company's activities, as well as in consolidating the company's leadership in the energy markets. ‚ The prioritization of environmental issues resulting from the materiality analysis, periodically performed by the company in its sustainability report, where priorities to stakeholders and their significance for the company, in terms of dependence, influence, and urgency, is assessed.
Results of the above analysis produce the significant sustainability aspects list reported in the aspect register where, for each aspect, one or more of the following "significant for" items are indicated:

‚
Significant for: ‚ Company's sustainability policy. ‚ Stakeholders' expectations. ‚ Impact on the environment. ‚ Impact on the organization.
Assessment of significant sustainability aspects evaluates any level of the organization. This approach is reported in the aspect register by categorizing the aspects according to the structure described in the following. Organizational level To set up the aspect register, each company is in charge of identifying a list of sustainability aspects/impacts inherent to the activities performed at: The country level. ‚ The local level (a single one is referred to as a site unit).
‚ Aspect type When assessing significant sustainability aspects, the following aspect types are detected: ‚ Strategic (related to high-level goal and strategic decisions, aligned and in support of the company's sustainability vision). ‚ Governance (related to the company framework of sustainability guidelines/ policies/procedures and to stakeholders' relationship/engagement, including internal and external reporting). ‚ Compliance (related to compliance with applicable laws and regulations and with voluntary management systems' requirements). ‚ Operation (related to operational effectiveness and efficiency with respect to sustainability interactions).
In particular, for aspects detection and consequent risk evaluation according to the different aspect types, the following assignment is applied: -Strategic and governance aspects are of pertinence in the global level analysis. -Governance and compliance aspects are of pertinence in the country level analysis. -Compliance and operation aspects are of pertinence in the local level analysis.

Control Level
For detection of significant sustainability aspects, possible levels of control exercised by the company are explored and divided into: ‚ Direct (directly controlled aspects, typically, refer to activities under the direct responsibility or execution of the company). ‚ Indirect (indirectly controlled aspects, typically, refer to: (a) third-party activities or supplies; (b) aspects influenced by the company by means of awareness raising and stakeholder engagement actions).

Identification of Sustainability Risks and Opportunities
For each significant sustainability aspect under evaluation, one or more impacts for the organization and the associated critical events/opportunity (worst/best case scenario) are identified.
In particular, when detecting for impacts, the system's condition is considered amongst: ‚ Activity Condition ‚ Normal (normal condition: planned activities under standard running conditions). ‚ Abnormal (abnormal condition: planned activities under transient and extraordinary running conditions (this category might eventually be included in the previous one if common control procedures and levels are present)). ‚ Emergency (emergency condition: unexpected occurrences causing one or more critical events).
Furthermore, for each event, a risk (or opportunity) is identified as associated with the potential impact.
To ensure consistency among risk assessment applications by the company, risks/ opportunities are classified according to the clusters in Table 2.

Aspect Type Risk/Opportunity Cluster Categories Description
Strategic (S) (S1) Megatrends and forecasts (S2) Regulatory development (S3) Best sustainability practices and technology innovation (S4) Strategic planning and resource allocation (S1) Inability/ability to oversee and stay in touch with the main developments in the global sustainability debate, focusing on the environment, such as increasing pollution, climate change, resource scarcity, biodiversity threats, etc. (S2) Inability/ability to anticipate changes in laws, rules, or requirements on sustainability issues with which the company must comply and that may have a material impact on company operations and performance. (S3) Ineffectiveness in identifying the sustainability practices that may significantly improve the company's performance including related benchmarking; this applies particularly to technology innovation as it is one of the main drivers of the company's sustainable development. (S4) The company's business strategies are/are not: driven by creative and intuitive input; based on current assumptions about the external context; effectively programmed in the form of written plans, schedules, and budgets; communicated consistently and often throughout the organization; responsive to sustainability change and organizational learning; the company's organizational structure does not support current or intended future developments of business strategies; the company's resource allocation process does not establish and sustain competitive advantage or maximize returns for shareholders.
Governance (G) (G1) Policies and procedures framework (G2) Human resources workforce and competence (G3) Internal reporting (G4) External reporting (G1) Failure to conform with internal regulations such as policy, organizational procedures, etc., that apply at the global, country, and local level. (G2) The workforce is insufficient to achieve the established goals, or it is lacking knowledge to perform as expected. (G3) Information and reports required by the management control system are incomplete, delayed, and/or inadequately supporting management in its operational decisions and with regard to general decision making. (G4) Reports and information required by regulatory agencies are incomplete, inaccurate, or untimely, exposing the company to fines, penalties, and sanctions.
Compliance (C) (C1) Compliance with law, regulations, and mandatory prescriptions (C2) Compliance with voluntary commitments and SMS' requirements (C3) Purchasing and supply robustness and awareness (e.g., vendor rating procedures and contractual clauses) (C4) Frauds and illegal acts prevention (C5) Reputation (C1) Failure to conform with sustainability laws and external regulations that apply at the international, country, and local level. (C2) Failure to conform with the commitments taken by the group voluntarily, e.g., group sustainability targets or to the prescriptions of the sustainability management systems. (C3) Failure to establish or request specifications in the process of selecting suppliers and contractors based on sustainability and safety performances. (C4) Management fraud, employee fraud, counterparty or third-party fraud, corruption, or other illegal/ unauthorized acts, which could lead to reputation degradation in the marketplace, sanctions, and financial losses. (C5) The image of the company could be viewed in a negative way by the public and relationship of trust with shareholders could be damaged. Operations affecting sustainability, related to the environment, may have a negative impact, resulting in damages for the local ecosystems, public health, and wildlife. Depending on the sustainability matrices affected, impacts may include: (O1) Atmospheric pollution due to air emissions resulting from industrial combustion processes, use of machinery, cars, boilers in the offices related to group activities. (O2) Soil contamination due to accidental leakages of chemicals, oil spills, abandonment of waste, unappropriated management of fuel stockings, run-off water inside the plant site, etc.
(O3) Water and groundwater pollution due to release of chemicals, wastewater, accidental spillage. (O4) Fire; noise and vibrations due to industrial processes and use of machinery (e.g., cogeneration plant); electromagnetic fields in the surroundings of distribution lines and cabins; odors. (O5) Use of natural/scarce resources such as water, wood, soil, sand, and minerals at a rate not corresponding to natural recovery. (O6) Use of any substance or chemical which has health or physical hazards, according to the country's regulation. (O7) Improper waste management in one or more stages of the waste management process (characterization, minimization, collection, separation, treatment, and disposal). (O8) Land mismanagement that may cause habitat losses (e.g., deforestation) or fragmentations, loss of species under conservation. (O9) Company operations causing emissions of greenhouse gas (CO2, CH4, and SF6) and ozone-depleting gasses (CFC, F-gas, and freon), both responsible for dangerous effects on climate systems, e.g., increase in global temperature; climate change risks may also include failure to adapt, sea level rising, etc.

Evaluation of the Inherent Risk
The inherent risk (or opportunity) related to each sustainability impact under evaluation is calculated by means of combining the two following elements, as determined for the occurrence of the most critical associated event: Likelihood.

‚ Magnitude
The impact magnitude consequent to a critical event is evaluated by estimating its potential effects on possible affected targets within the sustainable and/or organizational context.
Potentially affected targets to consider are: -Environment. Within the environment context, typical targets (and corresponding critical events) are air, soil, surface/underground water (pollution/restoration), and exposed population's acute and chronic effects on health (increase/decrease); habitats and biodiversity, landscape, heritage/historical sites, natural resources, ozone layer (depletion/recovery); global warming (increase/decrease), etc. -Compliance (mandatory and voluntary). Within the organizational context, for the considered targets, critical events of reference are: (increase/decrease in) sustainability limits violation or targets failing, liability complaints, and/or litigations, etc.
-Reputation (including stakeholders' expectations). Within the organizational context, for the considered targets, critical events of reference are (an increase/decrease in) stakeholders' oppositions such as protests, complaints, and/or negative media publications; the enhancement of stakeholders' relationship/engagement, etc. -Finance. Within the organizational context, for the considered targets, critical events of reference are incurred costs due to corrective actions, fines or loss of revenue, as well as saving or earning opportunities. -Organization. Within the organizational context, for the considered targets, critical events of reference are: increase/decrease in the organization's efficiency in terms of processes' effectiveness, targets' reachability, and personnel performance.
Each impact might be positive or negative. Negative impacts can be specified, according to the criteria in Table 3, as five relevance levels: In cases of multiple effects and different relevance ratings, the "highest rate" (i.e., worst case for a risk, best case for an opportunity) is assigned to the impact. -Performance enhancement.
Positive savings or gains.
Increase in organization's efficiency: internal business processes perfected and streamlined.

Negative/Low
-Limited and localized impacts, remediable without leaving effects on any environmental matrix.
-No exceedance of limits established by regulations and permits. -No prevision of financial sanctions due to the sustainability event.
-Not existent or minor stakeholder concern. -No adverse media coverage.
Losses < EUR 100,000 Decrease in the organization's efficiency (to a limited extent): establishment of inconsistent procedures that create confusion and rework.

Negative/Medium
-Generates non-permanent or medium-term impacts. -Any impact onsite and/or offsite in a protected area (location recognized for its natural, ecological, and/or cultural value).
-Non-compliance with legal or permit requirements that could result in fines, complaint by fund/bank financing the project, civil lawsuit and/or criminal lawsuits without restriction of personal freedom against one or more persons of company staff.
-Regional/local stakeholder concern. -Negative media involvement at regional/local level.

‚ Likelihood
Likelihood estimates the probability of occurrence of an impact and its associated critical event based on a nexus of consequence and historic records.
Likelihood can be evaluated according to the criteria in Table 4. There is a direct correlation between the event and the impact's occurrence.
‚ Inherent risk Inherent risk related to each sustainability aspect/impact is calculated as: Inherent Risk = MagnitudeˆLikelihood and its relevance is assigned according to the scoring levels in Table 5. The relevance of each environmental impact is defined on the basis of the result of its inherent risk. As reported in Table 6, it can be assumed: -Not relevant aspect: when its inherent risk is lower than 2 (IR, Low) -Relevant aspect: when its inherent risk is equal or greater than 2 (IR, Medium-Low, Medium, Medium-High, High). Based on their presence, control levels and corresponding mitigation effectiveness are assigned according to the criteria and values detailed in Table 7.

Evaluation of Residual Risk
The Residual Risk is obtained by the formula:

Residual Risk = Inherent Riskˆ(1´Control Level effectiveness)
with resulting values included, for the scoring criteria here, in a range from 0 to 9.

Residual Risk Treatment (Action Plans)
Based on the Residual Risk results, Risk Acceptance, and consequent needs for Risk Treatment are defined according to the specified criteria, such as those reported below and in Table 8 for the reference score values adopted: Action Level 1: No specific Action Plan is formally required: ‚ Low Risk = Residual Risk lower than 2 As long as the inherent risk scenario and the existing controls remain unchanged, no actions are required.

‚
Tolerable Risk = Residual Risk equal and greater than 2 and lower than 3 As long as the inherent risk scenario and the existing controls remain unchanged, no actions are required. In any case, the effectiveness of the existing controls must be periodically monitored, and specific actions can be implemented if deemed appropriate. Action Level 2: A specific Action Plan is formally required: If not already present, the company considers the opportunity to issue a specific operational procedure or technical instruction, including it in the SMS continuous improvement plan.
Action Level 3: An Action Plan and Recovery Actions are urgently required: ‚ Urgent action = Residual Risk equal and greater than 7 and lower or equal than 9: An Action Plan with short term actions is urgently required to reduce the risk, defining at least: -Activities to ensure that the Residual Risk is significantly downgraded. -Measurable indicator/s with monitoring plans and assigned target/s. -Unit/s responsible to carry out the Action Plan. -Monitoring plans and completion date.
If not already present, the company considers the opportunity to issue a specific operational procedure or technical instruction, including it in the SMS continuous improvement plan. Applying all the points presented in this procedure proposal, a template such as the one represented in Figure 2 can be made for the aspect register.

Practical Case
A practical application case is developed below for the assessment of health and safety risk in the environment category, for a construction asset of a liquefied natural gas plant (LNG). A liquefied natural gas plant is an installation designed to store, regasify, and regulate, according to the required pressure, natural gas to be injected into distribution networks or receiving installations for gas consumption by domestic and/or industrial consumers.

Practical Case
A practical application case is developed below for the assessment of health and safety risk in the environment category, for a construction asset of a liquefied natural gas plant (LNG). A liquefied natural gas plant is an installation designed to store, regasify, and regulate, according to the required pressure, natural gas to be injected into distribution networks or receiving installations for gas consumption by domestic and/or industrial consumers.
The asset is identified in Table 9. Figure 3 presents the likelihood of risk occurrence involved in the asset, and Figure 4 presents the consequences of risk impact. Table 9. Asset data.

Type Description
Asset Construction of LNG storage plant.

Practical Case
A practical application case is developed below for the assessment of health and safety risk in the environment category, for a construction asset of a liquefied natural gas plant (LNG). A liquefied natural gas plant is an installation designed to store, regasify, and regulate, according to the required pressure, natural gas to be injected into distribution networks or receiving installations for gas consumption by domestic and/or industrial consumers.
The asset is identified in Table 9. Figure 3 presents the likelihood of risk occurrence involved in the asset, and Figure 4 presents the consequences of risk impact. Table 9. Asset data.

Type
Description Asset Construction of LNG storage plant. high >40% It is expected that the event will occur. If it does not occur it will be a surprise.

Description
No possibility of the event happening.
Very remote chance of the event happening. Practically impossible.
It will be a surprise if the event occurs.
The event can occur.
The event has a high chance of occurring.   Figure 5 presents the risk score. The risk score is selected, given the probability of the event and an impact magnitude with a range from 1 (low) to 25 (critical). The quantified risk falls into three main zones, which help to prioritize the risks based on the level of severity and neutralizing the possible consequences:   Figure 5 presents the risk score. The risk score is selected, given the probability of the event and an impact magnitude with a range from 1 (low) to 25 (critical). The quantified risk falls into three main zones, which help to prioritize the risks based on the level of severity and neutralizing the possible consequences: -A low-risk zone is considered acceptable (green). -A moderate-risk zone may or may not be acceptable (orange). -A high-risk zone is considered to be critical or unacceptable (red). Figure 5 presents the risk score. The risk score is selected, given the probability of the event and an impact magnitude with a range from 1 (low) to 25 (critical). The quantified risk falls into three main zones, which help to prioritize the risks based on the level of severity and neutralizing the possible consequences: -A low-risk zone is considered acceptable (green). -A moderate-risk zone may or may not be acceptable (orange). -A high-risk zone is considered to be critical or unacceptable (red). The results are presented in Table 10 (inherent risk score results) and Table 11 (inherent risk score results post-mitigation).   The results are presented in Table 10 (inherent risk score results) and Table 11 (inherent risk score results post-mitigation). After evaluating the risk score (post-mitigation), we can calculate the Residual Risk, without using any additional controls.: Residual Risk = Inherent Riskˆ(1´Control Level effectiveness) RR = 3ˆ(1´0.4) = 1.8 The Residual Risk is lower than 2; therefore, no more actions are required.
In the event that we have several RRs, it would be convenient to aggregate them in a new index.

Discussion
The risk assessment evaluation process in its completeness is summarized in Figure 6.
Residual Risk = Inherent Risk × (1 − Control Level effectiveness) RR = 3 × (1 − 0.4) = 1.8 The Residual Risk is lower than 2; therefore, no more actions are required. In the event that we have several RRs, it would be convenient to aggregate them in a new index.

Discussion
The risk assessment evaluation process in its completeness is summarized in Figure  6. As mentioned in the practical case, the Residual Risks (RR) resulting from the application of the present proposal can be aggregated into a Risk Index (RI) in order to synthetize the Residual Risk status (current and targeted) based on common risk clusters (as listed in Table 2).
The Risk Index is applicable at different levels, such as: (i) per asset (e.g., combined heat and power (CHP) plant); (ii) per technology product (e.g., PV, lighting, charging station); (iii) per country level; and (iv) per global level.
To ensure consistency among different levels of aggregation, the following order should be considered (from the lowest to the highest): Site (asset/technical product) > Product Lines > Country level > Global level.
Rationale for Risk Indexes and related formulas are detailed below.

Risk Index at Site level
The Risk Analysis has been performed at the site/asset level. Risks have been categorized according to the 22 categories listed in Table 2, and corresponding RR values have been evaluated and normalized, obtaining nRR values in the range 0-9.
At this point, if several risks fall into the same category, the highest nRR is selected among them for the Risk Index evaluation applied to the site.
Instead, in case no risk is identified for a specific risk category (as may be the case for strategic or governance risk categories at the site level), the corresponding nRR value is set to zero.
In this way, a set of 22 nRR values, one for each risk category, is associated with the site.
Each nRR value belongs to a specific Residual Risk Relevance level from 1 to 5, as described in Table 8.
The Site Risk Index, representative of the risk status of the site, is than calculated as follows: given that: R = number of Risk Categories, equal to 22 (1) N(n) = number of risk values of level n, n ranging from 1 to 5: N(5) = number of nRR identified as "urgent".
N(4) = number of nRR identified as "material" (4) N(3) = number of nRR identified as "not acceptable" N(2) = number of nRR identified as "tolerable" N(1) = number of nRR identified as "low" N(1) to N(5) are Site Risk Index (SR) Equation (8) SR ‚ Risk Indexes at product lines/country level The Risk Index, referring to the product lines (i.e., the set of assets of same technology) or the country (i.e., set of assets/technical products in the same country), is derived by:

1.
Considering the set of values of the Site Risk Index encompassed in the product lines/country perimeter.

2.
Adopting an expert judgment approach to perform a multicriteria analysis based on (i) the information collected during the assessment process; (ii) knowledge of the business; (iii) the importance of each site/technical products in the product lines/country perimeter and the significance of the associated impacts in the overall landscape; and (iv) any other technical evaluations of concern. 3.
Integrating the evidence from the risk analysis performed at the global level.

Comparative Analysis with Previous Research
Risk management is an essential element for industrial asset management [9,56]; in fact, a risk-based approach becomes an effective tool in the decision-making process during the adoption of physical asset management practices. In fact, Maletič et al. [25] emphasize the importance of the development of risk management measures, which contribute positively to a better sustainability performance of the physical asset management system. Our approach is in line with other frameworks for measuring industrial sustainability performance [25,[57][58][59]. A scientific study of framework addressing the production sector [47] identified seven different frameworks [2,8,9,27,46,[60][61][62]. Asset life cycle and control levels are relevant aspect in all these frameworks, but sustainability risks are not fully analyzed in all cases. As already mentioned, the scientific literature shows different models of industrial asset management focused on the life cycle [27,41], planning and control of activities related to assets [46], management of intangible assets [63], or on the treatment of risk in maintenance activities [17,64]. Our proposed procedure lets sustainability risk assessment in industrial assets and could be integrated into previous developed frameworks.

Limitations, Implications, and Recommendations
The difficulty of identifying sustainability aspects and sustainability risks/opportunities in a system under uncertainty such as an industrial environment could be a limitation from the point of view of the effectiveness of the procedure presented in this work. This result is in agreement with other studies and methodologies studying industrial sustainability [65][66][67][68].
The risk matrices of the presented approach follow the application of the ISO 3100 and were developed to avoid risk ranking reversal errors as Baybutt reports [69,70], but the limitations of this study are directly related to the design of these risk matrices' development and the uncertain process of evaluation. Previous studies propose the use of fuzzy logic to incorporate uncertainty in the assessment and definition of risk matrices [71][72][73].
In addition, investment planning and management (AIP-assets investment planning) [74] based on ISO 55,000 standards is a strategic practice of asset management, which values investments in a way that is aligned with the strategic objectives of the company. Information and goals are integrated through finance, purchasing, operations, engineering, and maintenance. The industrial sector could apply this approach to capital investments of physical assets: determine the investment amount, calculate expected return, evaluate the risk that the asset will not achieve the return, and consider, in the context of other risks, that the investment is meant to be reduced or eliminated. As Roda et al. [48] and ISO 55,000 state, asset management adds value to company. Proposed procedure could integrate into current framework of asset management at tactical and operational level. Our procedure considers importance of sustainability, safety, social responsibility issues, and environmental issues. As other authors confirm, these items should be integrated in strategic planning of the asset portfolio [33].
Another important consideration in asset and risk management is compliance with the legal requirements of each country and the procedures and policies of each company.
It must be taken into account that risks and opportunities change over time; therefore, it is important that the evaluation is carried out periodically and that it promotes the change necessary to achieve the objectives. For change management, the following must be taken into account:

‚
Changes in the organization's structures, roles, or responsibilities. ‚ The asset management policy, objectives, or plans. ‚ Processes or procedures of asset management activities. ‚ New assets, asset systems, or technology (including obsolescence). ‚ Factors external to the organization (including new legal and regulatory requirements).
In our procedure proposal to sustainability risk assessment in industrial assets, one of the main pillars for the identification of sustainable aspects is the company's sustainability policy. The procedure, after the identification of sustainability risks and opportunities and the consequent evaluation, allows us to establish a series of control levels to mitigate the inherent risk and to establish actions to manage the residual risks. These results make it possible to adjust and improve the company's policy and achieve better sustainable asset management. This procedure has been stated for organizations that may have assets at a global level, country level, and local level but can be used for asset management in public administrations, establishing a similar hierarchy for the administrations according to their scope, thus allowing for the introduction of sustainable aspects into asset management [24,25,30].

Conclusions
Considering the approach to sustainability risk assessment in industrial assets presented and the results obtained from the practical case, our findings suggest the following:

‚
Our approach could prevent or reduce undesirable events and effects and determine new opportunities regarding sustainability risks in industrial assets. ‚ This systematic procedure could be used as a continuous improvement tool.
‚ Application of the approach could provide a better strategic vision for the business in order to improve competitiveness.
The proposal can also be used as a basis for future developments in the application of the ISO 55,000 and ISO 31,000 standards to optimize the management of industrial assets, seeking a balance between risk management, excellence in operations, and efficiency in the cost, with a strategic approach according to: ‚ Improvement in the organization of work and human resources in assets. ‚ Alignment of asset management with the strategic objectives of the company. ‚ Efficient management of operating costs. ‚ Risk reduction in assets. ‚ Optimization of the asset investment plan.
It is necessary to apply the presented procedure to real cases and evaluate the approach of this study by incorporating uncertainty into the evaluation process and design of the risk matrices.