Part of the mystery of why traditional safety fails so miserably to generate improvements is less a real mystery than connected to the basic misunderstanding about how to achieve an outcome. It has been observed that safety is an outcome, not a process, and is obvious that to get to a destination you must travel some path. Taking that analogy to the safety domain, you could say that the problem of traditional safety is that it consistently takes the same path and hopes to find itself at a different destination. Risk-management differs in that it not only takes the best path to a destination, but that at its core it recognises that over time both the destination might differ, and so too might the best path to any given destination. This idea of cyclic improvement over time, usually just referred to as cyclic improvement, is at the heart of the value proposition of risk-management.
Rejecting traditional models and focusing on risk-management is the only sensible approach to this topic, but one last meaningful lesson can be taken from traditional methods. That lesson is that a pig remains a pig whether you put lipstick on it or not, a fact confirmed by traditional safety at every turn. Semantics do not define value, they only ever describe it, and no amount of terminology can be twisted to produce value that is not extant.
Risk-management is about focusing on how risk interacts in an operational system, whether the system be a workplace, a society, or any other definable system.
The risk-focused view of the model steps beyond the traditional definition of hazard (though it maintains the scope to address all traditional hazards). We still have a trio of risk groups: Physical (Unsafe Condition); Worker Behaviour (Unsafe Act); and Organisational Behaviour (Unsafe Behaviour). We still identify and qualify the risks, and we still provide a critical scoring system to rank the risks comparatively. Where the model differs significantly is that it separates the hierarchal model of most hazard-centric models and creates controls as separate profiles that can apply and address any number of risks, reducing the management of controls significantly, and installing the concept of the multiple-level relationship into the model.
In “Covenants of the Rose” (2004), Larry L Hansen wrote, “Accidents are patterned and predictable performance symptoms, the final visible evidences of systemic failings and organizational deficiencies.” This is a core recognition of the risk-centric model, and it embraces the idea by defining an array of potential linkages (relationships) for the risk to participate across an integrated system that includes profiles, activities and reactive events. These linkages are the foundation for the analysis potential presented, and this analysis is what leads to avenues for cyclic improvements.
The idea behind cyclic improvement in risk-management is twofold: it recognises that imperfections exist in every iteration of any risk-management process and could be improved; and it recognises that changing contexts for encounters with risks will demand modification of controls over time, regardless of current efficacy. This boils down to a basic approach of risk-management, which is to attempt to manage based upon present knowledge bases, in the most efficient way, without entrenching that process. Or, harkening back to our analogy, risk-management is about travelling a path that can change both to accommodate a new destination, or to accommodate the discovery of new mechanisms to make that path more efficient.
One of the lynchpin elements of the risk-management system is its linkage model, which is the heart of its performance benefits. Where most business groups operate in information silos that tend to be highly partitioned, operational risk-management require a high degree of accessible integration to execute the benefits of linkage analysis.
An example of how powerful this model is can be written in a straightforward way: In a risk-management model, it is possible (assuming all data is of reasonable quality, and that it exists) to analyse the risks an employee faces daily and measure the frequency of exposure, thus producing a matrix to show the stress status of controls (which controls are relied upon most to prevent risk encounter and harm). By knowing the control spread, and which are most critical to prevent the most dire outcomes, one can generate specific inspection routines and focus meetings and planning documents to address the risks that are encompassed. Testing employee awareness comes down to generating a document to show the control requirements and the risks, and comparing that to knowledge gained by way of training controls, meetings they attended, inspections they have done, etc. When that employee changes to some new occupation, based upon linkages that run though both occupation job task definitions and training controls, it is possible to focus additional training to address only the risks not previously known, reducing budgetary costs while ensuring focused awareness. More interestingly, because of how risk-management links to all integrated modules of the broad data-set, you can even generate a best-fit for opening occupations, identifying existing resources that might require no or little additional training, and so might be underutilised – improving productive capacity by maximising the return on investment.
The cyclic improvements are not only made to control and risk profiles over time, but the linkages assist in creating a self-evolving system where systemic failure potential is reduced. This occurs because the risk-management model recognises all operational activities are integrated by a desire to reduce risk exposure, improving productive returns.
A system that will self-improve always beats a static record-keeping system.
No comments:
Post a Comment