An IEC 62305 risk assessment must be traceable and reproducible
A risk assessment is a compliance and liability document, not a piece of generated prose. Its figures must come from the standard's method and trace back to the inputs and coefficients behind them, so the same building always gives the same result and an auditor can follow every number.
An IEC 62305 risk assessment must be calculated from the standard's method, not generated by a language model. The risk figures have to come from the IEC 62305-2 method and trace back to the inputs and coefficients behind them, so the same inputs always give the same result and an auditor can follow every number. An assessment is a compliance and liability document, not a piece of generated prose. That is the whole of it: the numbers are computed by a known method, every figure can be followed to its source, and running it again on the same building produces the same answer.
This is a principle about trustworthy compliance numbers, and it holds whatever tool you use. A risk figure is only worth what stands behind it. If a number cannot be traced to an input and a standard coefficient, and cannot be reproduced on demand, it is not evidence, however confidently it is presented. This piece sets out what traceable and reproducible mean for a risk assessment, why a compliance artifact has to be defensible line by line, the difference between using AI to assist and using a model to produce the figures, and what to look for in any tool. New to the method itself? Start with the IEC 62305-2 risk method.
Every figure decomposes to a named input and a standard coefficient
Traceable has a precise meaning for a risk assessment, and it is stricter than showing your working. It means that every number in the result can be followed, without a gap, back to the fact and the clause it came from. The IEC 62305-2 method is built in layers, and traceability is the property that each layer can be opened to reveal the one beneath it.
Start at the top. Each computed figure, the risk of loss of human life R and the frequency of damage F, is the sum of its risk components, so it opens into the components that make it up. Each component opens further into the three terms that define it: a dangerous-event rate, a probability of damage and a loss. And each of those terms opens one layer more, into a named input you supplied and a coefficient taken from the standard. A collection area traces to the structure's dimensions and a defined geometric rule. A probability traces to the protection chosen and a value the standard assigns to it. A loss traces to the people, contents or service at stake and a factor the standard sets. Nothing in the chain is left as an assertion.
The test of traceability is concrete: pick any figure in the report, and you should be able to walk down from it to the building fact and the standard clause that produced it, with nothing unexplained on the way. If a number cannot be opened like that, it is not traceable, and an assessment that contains such a number is not fully auditable.
The same building must always give the same risk
Reproducibility is the companion property to traceability, and it is just as load-bearing. It means that the same inputs, run again, produce the same risk figures. This sounds obvious, but it is the foundation under three things an assessment has to support, and a result that cannot be reproduced fails all three.
Audit. An auditor's basic check is to take the inputs and confirm the figures follow from them. That check only works if the method is reproducible: the same inputs must land on the same numbers in the auditor's hands as in yours. If rerunning the assessment can produce different figures, there is nothing fixed for an auditor to verify against, and the audit has no anchor.
Revision control. Buildings and designs change, and an assessment is revised when they do. The value of a revision is that you can change one input, a dimension, a line length, a protection measure, and see exactly which risks moved and by how much. That comparison is only meaningful if everything you did not change stays identical. A method that varies on its own makes a revision impossible to read, because you can no longer tell the change you made from noise in the calculation.
Defending the result. When a verdict is questioned, by an authority, an insurer or a court, the strongest answer is to reproduce it: here are the inputs, here is the method, here are the figures again, identical. A number that cannot be recreated cannot be defended this way. You would be asking someone to trust a figure that even you cannot reliably reproduce, which is the opposite of what a compliance document is for.
AI that assists, versus a model that produces the numbers
There is a real and useful place for AI in an assessment. There is also a line it must not cross. The difference is between helping a person reach a calculated result and stating the result itself.
The distinction matters because the two failure modes of a model are exactly the two properties a risk assessment cannot do without. A model can vary, which breaks reproducibility, and it can state a figure it cannot justify, a hallucination in the precise sense, which breaks traceability. Neither is a flaw you can review your way out of, because the figure looks the same whether it was computed or invented. The only reliable guard is to keep the numbers on the method and let the model assist around them.
A compliance and liability artifact must be defensible line by line
A risk assessment is not an internal note or a first draft. It is filed for building approval, handed to insurers, cited by authorities and relied on when something goes wrong. That changes what the document has to be able to do. It is not enough for the conclusion to be right; every figure that leads to the conclusion has to be defensible on its own, because any one of them can be the line that is questioned.
Picture the moment the assessment is challenged. An auditor points at a single risk figure and asks how it was reached. The defensible answer is specific: this input fed it, this coefficient from the standard was applied, this clause governs it, and here is the same figure again from the same inputs. That answer is only available if the assessment was computed by a known method and the working is both visible and reproducible. Defensibility is not a quality of the writing. It is a property of how the numbers were made.
A report that reads with great confidence but cannot be taken apart and reassembled is not defensible, it only sounds defensible. The liability sits on the figures, so the figures are what must withstand scrutiny: traceable to their inputs, reproducible on demand, and tied to the clause behind them. Everything else in the document is commentary on those numbers.
What to look for in any IEC 62305 tool
The principle reduces to three questions you can ask of any tool, manual or automated. If a tool cannot answer all three, its output is not auditable, whatever else it does well.
None of these questions is about a brand or a category of product. They are properties of the output: traceable, reproducible, standard-based. A tool that has them produces an audit-ready report a reviewer can accept; a tool that lacks them produces a number you have to take on faith. For the method those numbers come from, see how an IEC 62305 risk is calculated, and for the standard as a whole, what is IEC 62305.
The numbers come from the method, every time
The principle is small enough to hold in one line: in a compliance and liability document, the figures must be calculated, traceable and reproducible, and a probabilistic model must never be the thing that states them. Traceable, so any number can be followed to its input and its coefficient. Reproducible, so the same building always gives the same risk and the result can be audited, revised and defended. AI has a real role assisting the work and explaining it. It does not have a role producing the risk values, because variation and unjustified figures are exactly what a risk assessment cannot carry.
This is how Lumex is built. The risk engine, Voltrace, computes the IEC 62305-2 method and shows a full coefficient trace behind every figure, so each risk opens down to the inputs and standard coefficients that produced it and the same inputs always give the same result. The AI layer, Lumex Assist, assists with inputs, explanation and narrative, and never writes a risk value. To see the engine run, read how an IEC 62305 assessment works, or explore the platform.