WHAT ARE RISK MANAGEMENT PRINCIPLES Lianne Lefsrud, PhD, PEng, E: [email protected], T: @lefsrud Lisa White, PhD, PEng, E: [email protected]Engineering Safety and Risk Management Faculty of Engineering, University of Alberta based on course materials developed by Kathleen Baker, John Cocchio, Chris Coles, Vivian Giang, Renato Macciotta, Gord Winkel, and Lisa White How Are These Useful to You?
67
Embed
WHAT ARE RISK How Are MANAGEMENT These Useful PRINCIPLES€¦ · Risks. Medical Treatment Struck by Use of Tools or Equipment (good equipment available) inadequate ergonomic design
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Tixier, A. J. P., Albert, A., & Hallowell, M. R. (2017). Proposing and Validating a New Way of Construction Hazard Recognition Training in Academia: Mixed-Method Approach. Practice Periodical
on Structural Design and Construction, 23(1), 04017027. Revised for Graham Construction
EVERY ENERGY SOURCE IS A HAZARD
Identify specific undesirable or adverse consequences
(impact on PEAP) of your operation / facility / activity
HAZARD IDENTIFICATION
Identify Process Hazards, Substances, and Agents that Cause Those
Consequences
Type of Incident Odour or Irritation Irreversible Effects Life Threatening
This model is based on a model developed by Bird Jr., F.E. and Germain, G.L. (1992). Practical Loss Control Leadership. Loss Control Management. Det Norske Veritas Inc.
Adapted by ESRM Program at The U of Alberta, including the APEGA Model for Management System Elements.
• Risk is a combination of the likelihood of an event and its consequences, usually when there is at least a possibility of negative consequences.
• Risk assessment includes
• risk analysis (process of identifying hazards and estimating their consequences and probability),
• risk estimation (process of combining the probabilities and consequences), and
• risk evaluation (process of evaluating the risk to determine if it can be tolerated or accepted).
RISK IS …
• Risk management is systematic application of management policies, procedures, and practices to the tasks of analyzing, evaluating, controlling, and communicating risks.
• Risk management is a process that is underpinned by a set of principles. Also, it needs to be supported by a structure that is appropriate to the organisation and its external environment or context.
• A successful risk management initiative should be proportionate to the level of risk in the organisation (as related to the size, nature and complexity of the organisation), aligned with other corporate activities, comprehensive in its scope, embedded into routineactivities and dynamic by being responsive to changing circumstance
WHAT IS RISK MANAGEMENT?
ONE
Commit toProcess Safety
• Process Safety Culture
• Compliance with Standards
• Process Safety Competency
• Workforce Involvement
• Stakeholder Outreach
TWO
Understand Hazards and Risk
• Process Knowledge Management
• Hazard Identification & Risk Analysis
THREE
Manage Risk
• Operating Procedures
• Safe Work Practices
• Asset Integrity & Reliability
• Contractor Management
• Training & Performance Assurance
• Management of Change
• Operational Readiness
• Conduct of Operations
• Emergency Management
FOUR
Learn from Experience
• Incident Investigation
• Measurement & Metrics
• Auditing
• Management Review & Continuous Improvement
The Center for Chemical Process Safety established the
Guidelines for Risk Based Process Safety in 2007
THE 4 PILLARS & 20 ELEMENTS
OF RISK-BASED PROCESS SAFETY
RISK MANAGEMENT PROCESS
NO
NO
YES
YES
MLL
HML
HHM
MLL
HML
HHM
(9) Continue to
Monitor & Manage
Residual Risks
(7)
Reduce the Risks
(2)
Identify Hazards
(3)
Analyze for Risks
(1)
Do Planned Reviews
(6)
Can the Risk
be Reduced?
(4)
Evaluate Risks.
Are the Risks Acceptable?
(5)
Manage the Residual Risk
(8)
Discontinue
the Activity
9 SEQUENTIAL STEPS
New or existing projects
Step 3: L and C
Step 4: The risk matrix!
Step 5: Ongoing process
Step 6: Management Direction
(Adapted from APEGA Guidelines for
Management of Risk in Professional
Practice, version 1.0 – September 2006
• The control of risks is improved by
identifying and minimizing the
associated probability and severity of
consequences.
• The explicit consideration of risk
improves return on investment and
allocation of resources by helping the
professional practice to avoid harm,
minimize losses, and save time.
• The use of a comprehensive,
documented, transparent approach to
risk management demonstrates due
diligence.
BENEFITS OF RISK MANAGEMENT
Control of
risks is
improved
Demonstrates
due diligence
Avoids
harm,
minimizes
losses, and
saves time
• Risk management may help to uncover
hidden risks in situations that appear
straightforward at first glance.
• Risk management and communication
promotes of two-way dialogue with
stakeholders regarding new operations,
products, policies, or decisions; allowing
them to understand and be part of the
process.
• Investors, lenders, insurers, clients, and
customers are increasingly drawn to
professional practices that are able to
manage risks effectively.
BENEFITS OF RISK MANAGEMENT
Uncover
hidden
and
unknown
risks
Provides for
safe business
investment
Promotes
dialogue with
and
involvement of
stakeholders
Prevent incidents
Better inform strategic decisions
Help manage change
Increase operational efficiency
Reduce costs, increase competitiveness
Improve perception of the organization
Ensure compliance with government requirements
THE INTENT OF RISK MANAGEMENT IS:
• Strategic, operational and business planning
• Asset management and resource planning
• Design and product liability
• Environmental and public health issues
• Public risk and general liability
• Compliance
• Occupational health and safety
• Operations and maintenance systems
• Project management
• Purchasing and contract management
WHO USES RISK MANAGEMENT?
WHAT TOOLS DO
WE HAVE AVAILABLE?
Qualitative Methods
• Hazard identification
• Field Level Risk/Hazard Assessments (FLRA/FLHA)
• Checklists
• ‘What If?’ analysis
Semi-Quantitative Methods
• Bow-Tie Analysis
Quantitative Risk Analysis
• Event trees / Fault trees for consequence and probability analysis
• HAZOPS
• FMEA (Failure Modes and Effects Analysis)
• Layers of Protection Analysis
• Inherently Safer Design …
RISK MANAGEMENT TOOLS
There are three key purposes of the FLRA/FLHA:
1. It is for workers to assess hazards and to eliminate or control those hazards before starting to work (the job at hand).
2. It is used to share and communicate the nature of the job and the hazards associated with that job when working on a crew/team.
3. It is used to ensure understanding of the control measures to eliminate or mitigate the hazards when working on a crew/team.
In some uses, likelihood is a factor; however the underlying assumption is that if there is a hazard, then there is a high likelihood an incident will occur, so action must be taken to address the hazard.
FIELD LEVEL RISK/HAZARD ASSESSMENT
12ESMR ENGG404/406
Module 2-05: What is an Acceptable Level of Risk?
Risk Criteria: An Example of Putting Theory into Practice:
➢ Risk Criteria Table:
Ratings Impact on PEAP Probability
High
High P Disabling injury, loss of body part or
fatality. E Reportable violation, toxic release. A High repair cost (Typically > $100k). Pr Loss of function of facility for extended
period, with business consequences, major quality deviation.
High
• Repetitive event.
• At least once per year
• Several times in the life cycle of a project.
• Has happened frequently in similar circumstances.
• Greater than 50% chance of occurring.
Medium
Medium P Medical Aid injury. E Non-reportable spill, non toxic release. A Moderate repair cost (typically > $10k). Pr Short duration loss of function, serious
quality deviation, medium business impact.
Medium
• Infrequent event.
• May only happen occasionally (less than once per year).
• Has been observed in similar circumstances.
• 10 to 50% chance of occurring.
Low
Low P First aid injury. E Minor lead, non toxic fugitive emission. A Low repair cost (typically <$10k). Pr Brief interruption or minor quality
deviation.
Low
• Unlikely event.
• Never happened to date.
• May happen less than once in 10 years.
• Has never been observed but is still felt to be a possibility
• Less than 10% chance of occurring.
M H H
L M H
L L M
Co
ns
eq
ue
nc
e:
Inc
rea
sin
g S
eve
rity
of
the
Ha
za
rd
Increasing Probability
Simple Risk Matrix:
M H H
L M H
L L M
Co
ns
eq
ue
nc
e:
Inc
rea
sin
g S
eve
rity
of
the
Ha
za
rd
Increasing Probability
Simple Risk Matrix:
M H H
L M H
L L M
Co
ns
eq
ue
nc
e:
Inc
rea
sin
g S
eve
rity
of
the
Ha
za
rd
Increasing Probability
Simple Risk Matrix:
8ESMR ENGG404/406
Module 2-05: What is an Acceptable Level of Risk?
Simple Risk Matrix:
M H H
L M H
L L M
Co
nse
qu
en
ce
: In
cre
asin
g S
eve
rity
of
the
Ha
zard
Increasing Probability
Simple Risk Matrix:
M H H
L M H
L L M
Co
nse
qu
en
ce
: In
cre
asin
g S
eve
rity
of
the
Ha
zard
Increasing Probability
Simple Risk Matrix:
M H H
L M H
L L M
Co
nse
qu
en
ce
: In
cre
asin
g S
eve
rity
of
the
Ha
zard
Increasing Probability
Simple Risk Matrix:
L M H
H
M
L
HIGH LOW
CONDUCTING A FIELD LEVEL RISK ASSESSMENT
What is a Checklist:
• A basic inspection tool for a planned inspection.
• Provides a way to manage how persons look into the activity or
operation to identify specific hazards.
• Developed by experts – acceptable parameters / conditions are
satisfied to maintain / reduce risks to acceptable levels.
• Two broad groups:
• prior to and during the execution of work
• to check for compliance (see 5-11: Planned Inspections)
CHECKLISTS FOR EXECUTING WORK
What are the Hazards: something that can
do harm
What are the Consequences: what was
harmed and how badly
EVENT TREE ANALYSIS
What are the Likelihoods: probability of
occurrence of various outcomes
What are the Risks: Σ Consequences *
Likelihoods
This is subjective and will change depending on the company!
Risk Criteria: L, M, H Likelihood and Consequence
WHAT IS AN ACCEPTABLE LEVEL OF RISK?
Simple Risk Matrix
Terms Used: Likelihood = Probability = Frequency
Term
s U
sed:
Consequence =
Im
pact
= S
everity
WHAT IS AN ACCEPTABLE LEVEL OF RISK?
MLL
HML
HHM
MLL
HML
HHMIn
cre
as
ing
Co
ns
eq
ue
nc
e
Increasing Likelihood
Risk Matrices: Categorizing the Level of Risk
WHAT IS THE LEVEL OF RISK?
MLL
HML
HHM
MLL
HML
HHMIn
cre
as
ing
Co
ns
eq
ue
nc
e
Increasing Likelihood
Risk = Consequence x Likelihood
Simple Risk Matrix demonstrates the relationship
Risk Matrices: Management Direction
WHAT DOES MANAGEMENT
DIRECTION MEAN?
MLL
HML
HHM
MLL
HML
HHM
Inc
rea
sin
g C
on
se
qu
en
ce
Increasing Likelihood
Risk = Consequence x Likelihood
Simple Risk Matrix demonstrates the relationship
LL LOW = Proceed with caution
MMMEDIUM = Do not proceed until
further protective features are
included
HH HIGH = Do not proceed
If deemed too high,
management direction will
dictate how to reduce risks
(likelihood and consequence)
from a given activity
FARM FEEDLOT
CASE STUDY ANALYSIS
GROUP ACTIVITY
• Using a field level risk assessment form, what hazards are present in your case study?
• What are the associated risks (consequences, likelihood)?
UNCOVERING HIDDEN HAZARDS
UNCOVERING HIDDEN HAZARDS
“Seen” Hazards: hazards that are identified and controlled using engineered, administrative controls or personal protective equipment to
bring the risk to a level that is as low as reasonably practicable
“Normalized” Hazards: common hazards in one's work environment that are tolerated by workers independent of the risk
associated with them
“Unseen or Overlooked” Hazards: hazards that are unidentified by workers, are not detected by monitoring systems, engineered or
administrative controls
DEFINITIONS
• Cognition
• Emotional
• Organizational
WHY HAZARDS BECOME NORMALIZED
• Workers depend on sensory cues to identify hazards 1
• Mental shortcuts can either help or hinder the workers ability to identify of hazards 2, 3
1. Pocock DC. Sight and knowledge. Transactions of the Institute of British Geographers.1981 Jan 1:385-93.
2. Kasperson RE, Renn O, Slovic P, Brown HS, Emel J, Goble R, Kasperson JX, Ratick S. The social amplification of risk: A conceptual framework. Risk analysis. 1988
Jun 1;8(2):177-87.
3. Finucane ML, Alhakami A, Slovic P, Johnson SM. The affect heuristic in judgments of risks and benefits. Journal of behavioral decision making. 2000 Jan 1;13(1):1.
Sensory
Cues
COGNITION
• Technical risk level of a hazard can be very different from the perceived risk 4
• Risk = Hazard + Outrage 4
• Angry drivers experience lapses in concentration, minor losses of vehicle control, close calls, aggressive driving and risky behaviour 5
• Frustration causes neural transmitters to go into survival mode instead of allowing us to reason 6
4. Sandman PM. Responding to community outrage: Strategies for effective risk communication. AIHA; 1993.
5. Dahlen. E.R., Martin. R.C., Ragan. K., and Kuhlman. M.M. 2004. Driving anger, sensation seeking, impulsiveness, and boredom proneness in the prediction of unsafe driving.
Accident Analysis and Prevention. 37 (2005). 341-348
6. Sylvestre. C. 2017. The neuroscience of personal safety. AusIMM Bulletin. https://www.ausimmbulletin.com/feature/neuroscience-personal-safety/
(after Sylvestre)
EMOTIONAL
• Voluntariness (right to refuse)
• Controllability (your job)
• Familiarity (normalization of risks)
• Benefits (livelihood)
• Understanding (over confident)
• Trust (company will take care of you)
• Incident history (memory of past event)
• Anger (distracted from tasks)
FACTORS AFFECTING RISK TOLERANCE
• “Safety Culture”- How things are done around here
• Reward or penalty motivational factors
• Over worked or under worked
• Supervisors and co-workers
• Internal communication
• Time constraints
• Peer pressure
6. Aksorn T, Hadikusumo BH. The unsafe acts and the decision-to-err factors of Thai construction workers. Journal of Construction in Developing Countries. 2007 Jan 1;12(1):1-25.
ORGANIZATIONAL
• Within the Worker’s Control
• Within the Organization’s Control
WHY ARE HAZARDS UNSEEN?
Within the Worker’s Control:
• Unfamiliarity with tools and equipment
• Hazard that are unassociated with the primary task
• Perceived low levels of risk
• Stopping hazard recognition prematurely
• Selective attention or inattention
• Task unfamiliarity
Jeelani, I., Albert, A., and Gambatese, J, A., 2017. Why do construction hazard remain unrecognized at the work interface? Journal of Construction Engineering and
Management. 143 (5).
CAUSES OF UNSEEN HAZARDS
Within the Organization’s Control:
• Latent or stored energy hazards
• Visually unperceivable/ obscure hazards
• Infrequent or unexpected hazards
• Unknown potential hazards
• Hazard source detection failure
• Multiple hazards associated with a single source or task
• Hazards without immediate outcome
Jeelani, I., Albert, A., and Gambatese, J, A., 2017. Why do construction hazard remain unrecognized at the work interface? Journal of Construction Engineering and
Management. 143 (5).
CAUSES OF UNSEEN HAZARDS
GROUP ACTIVITY
• Brainstorm a list of unseen or overlooked hazards in your case study. Add these to
your Field Level Risk Assessment
• Pick 1-2 examples to share with the larger group
Within the Organization’s Control:
• Latent or stored energy hazards
• Visually unperceivable/ obscure hazards
• Infrequent or unexpected hazards
• Unknown potential hazards
• Hazard source detection failure
• Multiple hazards associated with a single source or task
• Hazards without immediate outcome
Jeelani, I., Albert, A., and Gambatese, J, A., 2017. Why do construction hazard remain unrecognized at the work interface? Journal of Construction Engineering and
Management. 143 (5).
CAUSES OF UNSEEN HAZARDS
Within the Worker’s Control:
• Unfamiliarity with tools and equipment
• Hazard that are unassociated with the primary task
• Perceived low levels of risk
• Stopping hazard recognition prematurely
• Selective attention or inattention
• Task unfamiliarity
Revised form Hollnagel, E., Woods, D. D., & Leveson, N. (2007). Resilience engineering: Concepts and precepts. Ashgate Publishing, Ltd.
SAFETY MANAGEMENT PROCESSES BUILD RESILIENCE
• Resilience engineering looks at how the organisation or system functions as an
interdependent whole:
• Respond. Knowing what to do, or being able to respond to regular and
irregular changes, disturbances, and opportunities by activating prepared
actions or by adjusting current mode of functioning.
• Monitor. Knowing what to look for, or being able to monitor that which is or
could seriously affect the system’s performance in the near term – positively
or negatively. The monitoring must cover the system’s own performance as
well as what happens in the environment.
• Learn. Knowing what has happened, or being able to learn from experience,
in particular to learn the right lessons from the right experience.
• Anticipate. Knowing what to expect, or being able to anticipate
developments further into the future, such as possible disruptions, novel
demands or constraints, new opportunities, or changing operating
conditions.
Hollnagel, E., Woods, D. D., & Leveson, N. (2007). Resilience engineering: Concepts and precepts. Ashgate Publishing, Ltd.
BUILDING RESILIENCE
Tailoring intervention tools to your organizations’ maturity level would best drive engagement and improvement
Knowing what has happened
• Awareness – simple knowledge of a ‘better’ alternative to current state
• Creation of need – active personal desire to achieve the new state
• Making the outcome believable – believing that the new state is sensible for those involved
• Making the outcome achievable – making the process of achieving the new state credible for those involved
• Personal vision – definition by those involved of what they expect the new situation to be
• Information about successes – provision of information about others who have succeeded
Hudson, P., 2007. Implementing a safety culture in a major multi-national. Safety Science, 45(6), pp.697-722.
Sharp, J.V., Strutt, J.E., Busby, J. and Terry, E., 2002, January. Measurement of organisational maturity in designing safe offshore installations. In ASME 2002 21st International Conference on Offshore
Mechanics and Arctic Engineering (pp. 383-390). American Society of Mechanical Engineers.
TAILOR INTERVENTIONS TO DRIVE ENGAGEMENT AND IMPROVEMENT
Hudson, P., 2007. Implementing a safety culture in a major multi-national. Safety Science, 45(6), pp.697-722.
Sharp, J.V., Strutt, J.E., Busby, J. and Terry, E., 2002, January. Measurement of organisational maturity in designing safe offshore installations. In ASME 2002 21st International Conference on Offshore
Mechanics and Arctic Engineering (pp. 383-390). American Society of Mechanical Engineers.
Knowing what to do
• Plan construction/operation – creation by those involved of their own action plan
• Measurement points – definition of indicators of success in process
• Commitment – signing-up to the plan of al involved
Knowing what to look for
• Do – start implementing action plan
• Review – review progress with concentration upon successful outcomes
• Correct – reworking of plan where necessary
Knowing what to expect
• Review – management review of process at regular (and defined in advance)
intervals
• Outcome – checks on internalisation of values and beliefs in outcome state
TAILOR INTERVENTIONS TO DRIVE ENGAGEMENT AND IMPROVEMENT
GROUP ACTIVITY
Given the:
1) list of hazards/risks that you identified in your Field Level Risk Assessment and
2) potentially unseen or overlooked hazards in your case study
What controls would you put in place to reduce the consequences and/or likelihood of
these risks?
What resiliency elements would better equip your organization to more effectively
understand and manage your risks?
BESIDES TECHNICAL RISK …
• Risk = consequences X likelihood
• Located in technical/management systems
• Common in engineering, epidemiology, toxicology
www.dappolonia.com/pdfs/pprofile148.pdf
AND TECHNICAL RISK
MANAGEMENT PROCESSES
APEGA. (2006). Guideline for Management of Risk in Professional Practice. Association of Professional Engineers and Geoscientists of Alberta.
RISK IS ALSO
SOCIAL-PSYCHOLOGICAL
• Risk is a function of interpretation X response
• Located in cognition, communication
• Common in psych, behavioral economics, public opinion studies, etc
DECISION MAKING IS
RATIONAL AND EMOTIONAL
insights.unimelb.edu.au/vol4/15_harris.html
RISK EVALUATION IS
PRIMARILY EMOTIONAL
Peters, E.M., Burraston, B. and Mertz, C.K., 2004. An emotion‐based model of risk perception and stigma susceptibility: Cognitive appraisals of emotion, affective reactivity, worldviews, and risk perceptions in the generation of technological stigma. Risk Analysis, 24(5): 1349-1367.
Slovic, P. (1987). Perception of risk. Science, 236(4799), 280-285.
RISK PERCEPTIONS CAN LEAD TO FEAR OR ACCEPTANCE ≠ PHYSICAL RISK
• Typically external from an organization to the public
• Growing need for communication of risks from an organization to employees
and contractors
• External communication tools can be applied to internal risk communication
TAILINGS DISCHARGE AREA
EXTERNAL AND INTERNAL RISK COMMUNICATION
“Risk communications is defined as any exchange of information
concerning the existence, nature, form, severity or acceptability of
health or environmental risks.”
Enlightenment: making people able to understand risks and become ‘risk
literate’
Behavioural changes: making people aware of potential risks and help them
to take protective actions
Trust building: assisting risk management agencies to generate and sustain
trust
Conflict resolution: assisting risk managers to involve major stakeholders
and affected parties to take part in the risk management process
Health Canada (https://www.canada.ca/en/public-health/services/reports-publications/2007/strategic-risk-communications-framework-within-context-health-canada-phac-s-integrated-risk-
management.html)
Renn., O. (2019). Risk Governance Framework. https://irgc.epfl.ch/risk-governance/page-139715-en-html/