Week 1 - Fundamentals of Risk Management

avatar
Created by
Miguel Clutario

Cards (36)

  • Who is the target audience for when thinking about health and safety in industry?
    1. Employees
    2. Contractors
    3. Customers
    4. Suppliers
    5. Members of the community
  • What are the objectives of process risk?
    1. Sustainable operational excellence
    2. Stakeholder, reputation and political risk management
  • What the key 7 pillars, or focus areas of process risk?
    1. Safety and Health
    2. Projects/contractors
    3. Supply Chains
    4. Environmental impacts
    5. Social impacts
    6. Cybersecurity
    7. Financial performance
  • What are the 3 foundations of process risk?
    1. Professional practice
    2. Humans and Risk
    3. Fundamentals of Risk Management
  • What the key Risk Management Activities to apply to each of the 7 focus areas of process risk?
    1. Identify, assess and treat risks
    2. Monitor and review risk management
  • What are the four areas of health and safety which are interrelated with each other?
    1. Occupational Health
    2. Worker well-being
    3. Personal safety
    4. Process safety
  • What are some examples of Occupational Health risks?
    • Musculoskeletal disorders
    • Hearing loss
    • Exposure to excessive vibration
    • Exposure to illness or disease causing substances (both chemical and biological)
  • What are some examples of worker wellbeing risks?
    • Psychological factors including occupational stress, anxiety and depression
    • Psychological factors including fatigue, physical activity/ inactivity, diet/obesity
    • Social factors such as bullying, harassment, level of conflict, inclusion/exclusion, empowerment/ disempowerment
  • What scenarios does personal safety focus on?
    • May result in injuries to one or a few workers over time (e.g. slips, trips and falls)
    • Typically manifest over a very short timeframe but occur more frequently within a given system.
  • What scenarios does process safety characterise on?
    • A loss of control of a hazardous process and/or containment of a hazardous material that could result in a catastrophic number of injuries and fatalities severe environment damage and extensive asset damage
    • Rare events that result from design flaws and/or a drift into failure that occurs over longer timeframes (e.g. hours, shifts, days, months) and manifests from issues at all organisational levels
  • What are the parts of a Risk Assessment?
    1. Risk Identification
    2. Risk Analysis
    3. Risk Evaluation
  • What are the 5 key features of an inherently safer design?
    1. Eliminate - eliminate the risk
    2. Minimise - minimise the use of the risk
    3. Substitute - substitute risk for something else
    4. Moderation - shift a less hazardous process to reduce T, P, concentrations, etc.
    5. Simplify - eliminate the unnecessary complexity to make process control and detection of deviations easier
  • What is defence in depth?
    Defence in depth seeks to prevent and mitigate potential process safety accidents by installing several levels of independent barriers (or controls) to:
    • Prevent unwanted releases
    • Protect people and the environment if the prevention controls aren't effective
  • What else does defence in depth seek to do?
    To maintain maximum levels of barrier (control) effectiveness so they continually avert danger
  • What is resilience engineering? (in your own words)
    • building a response to emergent situations, which are beyond the designs of an inherently safe system and the barriers used to prevent and mitigate unwanted accidents
  • What are the three key aspects to enhancing resilience?
    1. Accidents can emerge from novel or unexpected interactions between system components
    2. Humans are best equipped to solve novel problems in real-time and make the timely adaptations needed to successful manage unexpected events
    3. To allow humans to be successful the system needs to be designed to increase the number of things that can go right (not just prevent things from going wrong).
  • What are the five steps of safety culture? (From top to bottom)
    1. Generative - managing safety is incorporated into everything we do
    2. Proactive - we predict problems that may occur and work on them so they don't occur
    3. Compliance - we have systems in place that comply with regulatory and organisation rule
    4. Reactive - safety is important, we do a lot every time we have an accident
    5. Pathological - who cares as long as we don't get not caught
  • What is risk?
    Uncertainty that matter because it can affect the attainment of objectives
  • What is risk created by?
    • Variability
    • Incomplete knowledge
    • Known and unknown threats and opportunities
  • Describe the implications of the 2013 Fonterra whey protein crisis.
    • Ministry for Primary Industries in NZ announced whey protein product by Fonterra might be contaminated with Clostridium botulinum, which can cause botulism
    • When recalled, turns out it was a harmless, nonpathogenic bacterium
    • consequences were very significant - including financial losses, loss of brand reputation and supply chain disruption
  • Describe the 2005 Buncefield incident and its implications.
    • Result of a faulty level gauge and inoperable high-level switch, where petrol subsequently overflowed from a storage tank
    • Resulting vapour cloud explosion and enormous fire
    • 40 casualties and significant property damage in the surrounding community
    • 5 companies were subsequently charged with offences arising out of the investigation, and collective fine was more than 4 million pounds
  • Describe the 2010 Deepwater Horizon drilling rig explosion and implications.
    • Drilling rig experienced uncontrolled release of gas (a blowout) while trying to cap Macondo well.
    • Gas ignited and resulting explosion and fire caused catastrophic damage
    • Rig sunk after 2 day, and unsealed well continued to spill oil into the Gulf of Mexico for 3 months
    • Largest oil spill recorded in US history
    • 11 men killed
    • Leased by BP, owned by transocean
    • Costed BP in of $65 Billion
    • Several investigations, including a President's National Commission
  • ISO 31000 describes some pertinent reasons why risk management is important, what are these reasons?
    Risk management:
    • creates and protects value
    • is part of decision making
    • explicitly addresses uncertainty
    • takes human and cultural factors into account
    • facilitates continual improvement of the organisation
  • What is the 3 tiered system of knowledge?
    1. Phronesis & Praxis
    2. Techne
    3. Episteme & Sophia
  • A study by Ernst and Young (2013) examined how company financial performance varied with the level of risk maturity of the company. What did it reveal?
    • Companies with more mature risk management practices generated higher growth
  • What is the ISO Standard for risk management?
    Risk management is about identifying, assessing and treating the uncertainties that matter because they can affect the achievement of objectives
  • What is a hazard?
    A potential source of harm (e.g. electricity, gas at pressure, hot fluids)
  • What is a threat?
    Something that can release a hazard (e.g. corrosion)
  • Sketch the Risk Management Process as presented in ISO 31000, showing key activities undertaken.
    See below:
  • What are the stages of Risk Treatment that have been added in the extended risk management process?
    Risk Treatment:
    1. Treatment Identification
    2. Control Analysis
    3. Implementation Assurance
  • What is an unwanted event?
    An unplanned release of a hazard (e.g. loss of containment of a hazardous material, loss of control of a hazardous energy source or loss of awareness of the situation).
  • What framework is useful for determining the scope for a risk management activity?
    • Loss reduction approaches (expected future outcomes, preventing negative outcomes)
    • Risk Optimisation approaches (possible, future outcomes, enhancing positive outcomes)
    • Resilience enhancement approaches (unexpected outcomes, preventing negative and enhancing positive outcomes)
  • What is the meaning of ALARP?
    As Low As Reasonably Practicable
  • What is the dominant factor governing human behaviour (and thus human errors) in industry?

    Organisational and system factors
  • Is zero risk the ultimate aim for engineers working on projects? Why?
    No it's not - it is unachievable and undesirable
    • All aspects of life involve risk, so some degree of risk taking is inevitable, but we should only take appropriate risks in relation to the level of return we expect of require
  • What are the differences between the Risk reduction mindset and risk optimisation mindset?
    • The loss reduction approach is the dominant historical view that focusses on the prevention of negative outcomes, and which views risk as the chance or probability of loss or an adverse outcome.
    • Risk optimisation approach considers both the upside and downside associated with uncertainty across a range of key performance areas (cost, safety, environment, employee satisfaction, community relations, etc.).