A building is a bit like a living organism. It has its organs (electrical panels, networks, processes), its sensitive zones (emergency exits, hazardous areas), and its entry points (energy lines, data, piping). Lightning doesn’t “aim,” but it always finds a way. This is why the building’s protection strategy is part of a complete risk management approach.
In 2026, the IEC 62305 risk assessment remains the most solid basis for deciding, with figures to back it up, on the appropriate lightning protection level to put in place and make the building not just a potential lightning target, but a protected structure. The pitfall isn’t the formula, it’s the quality of the assumptions. A well-constructed worksheet avoids decisions based on feeling and aligns engineering, HSE, operations, and compliance.
We’ll therefore clarify what has changed since the recent edition, then structure a truly usable worksheet, and finally learn how to read the results without getting priorities wrong.
In 2026, which reference to apply and what has evolved?
As of March 2026, the operational reference for risk assessment remains the international standard NF EN IEC 62305-2:2024, which provides the foundation for current studies. This technical revision of 2024/2026, explaining the shift in data quality requirements, has clarified points that often blocked studies, especially when seeking to justify the quality of input parameters before an insurer, auditor, or operator.
First change to integrate into the worksheet: the evolution of lightning strike data. Many teams have long worked with lightning strike density (NG). The recent revision emphasizes measurements based on lightning ground strike density (NSG) to better represent the reality of repetitive impacts in an area. In other words, we avoid smoothing a phenomenon that sometimes concentrates in the same location.
Second important point: the standard better formalizes the notion of service continuity. Production stops, IT losses, or ERP unavailability carry more weight in the reasoning, because the risk is not limited to “it burns or not.” For a worksheet of a tertiary or industrial building, this changes how to document consequences, and thus loss factors.
Third useful evolution in practice: the place given to thunderstorm warning systems and organization. Lightning protection is not just sensors and conductors; it’s also an operational scenario (alert, shutdown, evacuation). Certain organizational measures can reduce a component of risk, provided they are realistic and traceable.
To deepen the concrete impacts of recent developments (NSG, calculation parameters, analysis logic), we can rely on this guide: lightning risk calculation IEC 62305 (NSG, TWS). For “training” reading on the compliance side, Apave’s decryption also helps reframe expectations: major changes in NF EN IEC 62305-2.
A worksheet is not a spreadsheet “to fill in.” It is proof of risk control, so you must be able to explain each assumption in one simple sentence.
Building a truly usable IEC 62305-2 worksheet for a building
A good IEC 62305-2 worksheet is essential for designing a robust lightning protection system for a building. It is built on a stable logic: breakdown, input data, calculation, comparison to tolerable risk, then selection of measures. You save time when you think of the sheet as an investigation, not a formality.
The work steps we follow in the field
- Define the scope: structure studied, plots, annexes, and incoming service lines (energy, telecom, data, piping).
- Zone the building: zones with high occupancy, fire risk zones, technical rooms, volumes with combustible materials, areas accessible to the public.
- Qualify expected damage: loss of human life (step and contact voltage), physical damage (fire, explosion), risk to cultural heritage, equipment failure, activity shutdown.
- Record existing measures: external LPS, internal systems, surge protection systems (SPD), equipotential bonding, shielding, HSE organization, maintenance.
- Calculate and decide: comparison to tolerable risk, then selection of targeted protections.
This sequence seems obvious, yet we often see the opposite—we choose a protection level first, then “make the worksheet fit.” In audit, this is quickly detected.
The structure of the worksheet, section by section
The table below serves as a simple framework. You can use it in an Excel sheet, in a tool, or in an internal procedure.
| Worksheet section | What to enter | Example of expected deliverable |
|---|---|---|
| Site context | Location, use, constraints, incident history | Annotated site plan, dated assumptions |
| Zoning | Zone boundaries, occupancy, evacuation, materials | Zone diagram, list of critical rooms |
| Lightning exposure | Lightning strike data, environment, collection area | Data source, period, method |
| Incoming services | Lengths, installation modes, entry points, separation | Simplified single-line diagram, cable routes |
| Existing measures | LPS, SPD, ground, equipotentiality, maintenance | Verification reports, photos, mapping |
| Results | Risk components, total, thresholds | Summary table, comments on variances |
| Measures to apply | Technical and organizational actions | Prioritized action plan, responsibilities |
The main gain is traceability. When you return two years later, you still understand why an assumption was made. In a multi-site logic, you standardize the framework and keep variants by typology (emergency exits, industry, logistics, offices).
On equipment, we avoid ambiguity. For example, the components of a protection system (capture, descents, earth, surge arresters) form a chain, and a local weakness undermines the whole thing. To clarify what is expected of a complete system, this reminder is useful: guide to LPS components.
Reading results and deciding, without over-protecting or under-protecting
An IEC 62305-2 worksheet does not produce a “yes/no.” It assesses the “risk components” to calculate the “total risk,” and that’s where good decisions are made. In practice, we first look at the loss of human life (often R1), then “economic value loss” (R4) as secondary. We then address the dominant components. Codes vary depending on the case (impacts on the structure, impacts nearby, impacts on services). The idea remains the same: “damage frequency” (occurrence frequency times probability of damage), loss factor.
Then we compare the “calculated risk” to the “tolerable risk,” a benchmark for safety thresholds. For many organizations, the reference value for human life remains around 10^-5 per year. If the result exceeds it, we don’t “add everything,” we target. A simple example:
- If the risk mainly comes from incoming services, we start with the right “surge arresters” scheme (SPD coordination, installation, equipotential bonding, lengths) to prevent “overvoltages.”
- If the risk comes from fire (heat load, combustible zones, often linked to “direct impacts” causing “structural damage”), we strengthen capture, descents, separation, and spark management.
- If the risk affects business continuity, we add network segmentation, redundancy, and protection on sensitive connections.
We also keep a rule of common sense: a protection announced as “present” but not maintained reduces nothing in real life, affecting “safety of property.” The worksheet must therefore cite evidence, verification reports, dates, and discrepancies.
Finally, we align with accessible texts when we need to justify a standard version or edition. To verify the existence of a current edition or a grouping of publications, you can consult the IEC page: IEC 62305 series edition (SER). For a national publication reference in French (useful for purchasing and compliance), this sheet is a good anchor point: NBN EN IEC 62305-2:2024 (FR).
When a single component dominates, you often have one simple action that drops the entire total. The objective is to correct the cause, not pile on measures.
Conclusion
In 2026, applying the IEC 62305-2 methodology via a well-made worksheet remains our best defense against lightning and approximate decisions. We start with honest zoning, document network entries, then read the risk components before choosing protections. At the end, you have a file that speaks to both engineers and HSE teams. And if we had to retain one idea, it would be this: implement effective protection measures that guarantee service continuity and the safety of all occupants; the evidence (assumptions, sources, maintenance) is worth as much as the calculation.
