Anda di halaman 1dari 7

Risk Management


Risk Assessments
Top 10 Pitfalls & Tips for Improvement
By Bruce K. Lyon and Bruce Hollcroft

rganizations face a wide range of risks sessments, preparing for common challenges, and
each day that can affect their ability to expanding overall knowledge and skill in applying
achieve certain business objectives and stay risk assessment techniques.
in business. Risk assessment is an important and
sophisticated process used to assess an organiza- Effective SH&E Management Systems
tion’s risks so that it can mitigate and reduce risks The ultimate goal of an occupational SH&E man-
to an acceptable level. agement system is to continually improve perfor-
Over the past 30 years as risk control consul- mance, and to minimize risk and associated costs of
tants, the authors have performed, facilitated, occupational incidents as indicated by ANSI/ASSE/
participated in and observed thousands of risk as- AIHA Z10-2012, Occupational Health and Safety
sessments for almost all industry types and sizes. Management Systems, and similar management
Based on those experiences, they have concluded system standards and guidelines. For such a system
that many organizations fail to perform effective to reach this goal, risks must be continually identi-
risk assessments. fied, analyzed and evaluated to understand their po-
This article describes the authors’ top 10 reasons tential for occurring and their magnitude of loss, as
organizations fail to perform good risk assessments well as existing controls and needed improvements.
and provides advice on avoiding these failures. This key element is known as risk assessment.
Most of these obser-
IN BRIEF vations can be tied Risk Assessment & Recent Standards
•Risk assessment is a tool used to assess op- directly to key com- Risk assessments are common in Europe, Aus-
erational risks so an organization can effective- ponents found in two tralia, New Zealand, Canada and other parts of the
ly mitigate and manage risks to an acceptable consensus standards: world. In the U.K., risk assessments have been le-
level. Unfortunately, many organizations fail to •ANSI/ASSE gally required since 1999 by the Health and Safe-
perform quality risk assessments. Z590.3-2011, Preven- ty Executive. However, few risk assessments are
•In 2011, two consensus standards establish- tion Through Design, mandated in the U.S., with the exception of OSHA
ing guidance on the risk assessment process Guidelines for Ad- 29 CFR 1910.119, Process Safety Management of
were released: ANSI/ASSE Z590.3, Prevention dressing Occupational Highly Hazardous Chemicals, and EPA 40 CFR Part
Through Design, and ANSI/ASSE Z690.3, Risk Hazards and Risks in 68, Risk Management Plan.
Assessment Techniques. They represent a new Design and Redesign In 2011, two ANSI standards addressing risk as-
emphasis on the role of risk assessment in the Processes; sessment were released. ANSI/ASSE Z590.3, Pre-
safety profession. •ANSI/ASSE vention Through Design, Guidelines for Addressing
•SH&E professionals should become familiar Z690.3-2011, Risk As- Occupational Hazards and Risks in Design and Re-
with these standards, and strengthen their sessment Techniques. design Processes, represents a milestone in the safe-
proficiency and skills in performing risk as- This article reviews ty profession. Fred Manuele, who has deep roots in
sessments. key steps in perform- the safety through design movement, led efforts to
ing successful risk as- develop Z590.3, which began as a technical report
(ASSE TR-Z790.001) in 2009. ANSI/ASSE Z690.3,
Risk Assessment Techniques, one of three risk man-
Bruce K. Lyon, P.E., CSP, ARM, CHMM, is director of risk control with Hays agement standards adopted from ISO, provides
Cos., a commercial insurance brokerage firm. He holds a B.S. in Industrial Safety detailed guidance on selecting and applying risk as-
and an M.S. in Occupational Safety Management/Fire Science from the University sessment techniques as part of the risk management
of Central Missouri. Lyon is a professional member and past president of ASSE’s process. These standards provide a solid foundation
Heart of America Chapter and a recipient of the Region V Safety Professional of
the Year Award. He is advisory board chair to the University of Central Missouri’s for the safety profession to build on in terms of risk
Safety Sciences Program. assessments (Figure 1).
The term risk assessment is often misused. In the
Bruce Hollcroft, CSP, ARM, CHMM, is director of risk control with Hays Cos. authors’ experience, some have referred to hazard
He holds a B.S. in Industrial Safety from the University of Central Missouri. Hol- inspections, hazard surveys and compliance au-
lcroft is a professional member of ASSE and past president of both the Heart of dits as risk assessments. According to ANSI/ASSE
America and Columbia-Willamette chapters. He also has chaired the Oregon
Governor’s Occupational Safety and Health Conference. Z690.1-2011, Vocabulary for Risk Management, risk
assessment has three distinct components:
28 ProfessionalSafety DECEMBER 2012
Figure 1
Risk Management Process
•risk identification, which involves finding, rec-
ognizing and recording hazards; Establishing  the  context  (5.3)  
•risk analysis, which entails understanding con-
sequences, probabilities and existing controls;
•risk evaluation, which encompasses comparing Risk  assessment  (5.4)
levels of risk and considering additional controls.
Since risk assessment is fundamental to the risk
Risk  identification  (5.4.2)
management process, SH&E professionals must be
clear on what a risk assessment entails and how it Communication  and   Monitoring  and  review  
consultation  (5.2) (5.6)
is performed. This article describes 10 reasons why Risk  analysis  (5.4.3)
organizations fail to perform good risk assessments,
and reviews key strategies to avoid these problems
Risk  evaluation  (5.4.4)
and improve the risk assessment process.
The authors selected these particular failures
based on their direct and indirect work experience
as safety consultants in the insurance and SH&E Risk  treatment  (5.5)
consulting industries. Although the method used
to select these common failures is not based on
statistical data, the selected failures correlate with
Note. Adapted from ANSI/ASSE Z690.2-2011, p.21, by ANSI/ASSE, 2011,
primary requirements found in ANSI/ASSE Z590
Des Plaines, IL: Author.
and Z690.

Reason 10: Fail to Perform a Formal Assessment In the U.S., many organizations have relied on
In many cases, risk assessments are simply checklist-and-hazard-inspection methods that fo- Risks must be con-
not performed. Consider, for example, the Deepwater cus on regulatory compliance, and prescribed haz- tinually identified,
Horizon explosion. According to estimates, the losses ards and conditions to evaluate workplace safety analyzed and evalu-
from the offshore oil rig disaster caused 11 fatalities, and health. Unfortunately, such methods do not ated to understand
cost $40 billion and released 4.9 million barrels of oil provide a true measure of risk. their potential for
into the Gulf. BP’s internal investigation team con- An organization should have a strategy to deter- occurring and their
cluded that a key cause of the explosion was that no mine where, when and how risks must be assessed magnitude of loss,
risk assessment had been performed on the cement as described in ANSI Z690.3 Section 4.2, Risk As- as well as existing
slurry barrier application. According to the team’s re- sessment and the Risk Management Framework controls and needed
port, “The investigation team has not seen evidence (p. 12). Basic criteria for establishing the need for improvements.
of a documented risk assessment regarding annulus risk assessment may include:
barriers” (BP, 2010, p. 36). The accuracy of cement •projects or tasks that have not had a formal risk
slurry barriers was described as “critical” in the re- assessment;
port, yet no formal risk assessment was performed. •new facilities, processes or equipment;
Unfortunately, BP is not alone. In ASSE’s (2011) •when several risks are present or introduced
webinar, “Prevention Through Design: Guidelines that make it necessary to apply risk priorities in an
for Addressing Occupational Hazards and Risks in organized manner;
Design and Redesign Processes,” presenter Bruce •when a risk could have serious consequences
Main quoted a study conducted by a Fortune 500 and where control measures are unclear;
company which indicated that 65% of serious in- •where there is a planned change to equipment,
cidents had no previous risk assessment. This machinery or a particular process (as outlined in
number may be indicative of other Fortune 500 ANSI Z10, 5.1.2, Design Review and Management
companies, and supports the authors’ experience of Change).
that many smaller companies perform few, if any, Lack of proper risk assessment can lead to cata-
risk assessments. strophic results.
Organizations can cite many reasons to not per-
form risk assessments: Reason 9: Fail to Define the Context
•belief that since no significant incidents have & Objectives of the Assessment
occurred, the organization has adequately assessed Without appropriate guidance, a risk assessment
and managed risks by informal means; may wander aimlessly and far from its intended
•reliance on insurance coverage and outside risk purpose. A quality risk assessment starts with es-
control services to manage risks; tablishing the objectives and context by defining
•misconception that simple hazard identification basic parameters, scope and criteria.
and correction methods are adequate; The purpose and scope of a risk assessment
•hazards-based and compliance-type approach; should be determined by those who will use the
•fear of discovering and documenting certain resulting information to make informed deci-
risks that may be difficult to address or mitigate; sions. The purpose should be concise and avoid
•lack of knowledge and/or resources to perform complex statements; it should be written so that
a risk assessment internally; everyone on the team can continuously refer to it
•no mandate or corporate requirement to per- in order to stay focused and avoid wandering too
form risk assessment. DECEMBER 2012 ProfessionalSafety 29
Figure 2 The  ALARP  Principle
The ALARP Principle
of these unidentified risks later caused a serious
Immediate action required. Operation fire and explosion. Had the organization defined
Unacceptable Region 4 not permissible, except in rare and
extraordinary circumstances. and communicated acceptable risk levels and risk
assessment criteria, the risk may have been identi-
Remedial action is to be given fied and the incident avoided.
ALARP Region high priority. Manuele (2010) suggests that safety professionals
Steps must be taken to reduce risk have not yet fully embraced the concept of accept-
to as low as reasonably practicable. Remedial action to be taken at
appropriate time.
able risk. Some organizations promote zero risk as
their primary SH&E goal. However, some residual
1 Remedial action is discretionary. risk will always remain. As described in ANSI/
Negligible Risk Procedures are to be in place to ASSE/AIHA Z10, Appendix F, safety and health
ensure that this risk level is management goals should be specific, measurable,
actionable, realistic and time-oriented. A zero risk
Note. Adapted from ANSI Z690.3, by ANSI/ASSE, 2011, Des Plaines, IL:
Adopted from ANSI Z690.3; Manuele goal is not realistic and should be redefined to an
Author. achievable and acceptable level for the organization.
What is an achievable and acceptable level of risk?
  far from the intended goal. Following is a sample ANSI Z690.3 explains that the potential for harm
purpose statement once used by the authors (al- must be reduced until the cost of further reduction is
The potential for though words such as “emergencies/disasters” disproportionate to the benefit gained—to the level
harm must be and “impact” many need to be more precisely de- of as low as reasonably practicable (ALARP, Figure
reduced until the fined): “The purpose of this risk assessment is to 2). The criteria used to determine this level should
cost of further re- determine the potential emergencies/disasters that include the organization’s SH&E goals and the use
duction is dispro- could have the most impact on the organization.” of cost-benefit analyses of risks and their treat-
portionate to the Communicating the purpose and scope to the ment; it also will be influenced by its culture and
benefit gained— risk assessment team should include a common industry setting (ANSI/ASSE 2011c, p. 21). Typi-
to the level of as understanding of terminology to be used. For ex- cally, as an organization matures and improves its
low as reasonably ample, when using qualitative risk analysis, a clear risk control measures, the acceptable risk level will
practicable. explanation of the terms used and their meanings move closer to the negligible risk level.
should be communicated and understood by the
assessment team and management (ANSI/ASSE Reason 7: Fail to Assemble the Best Team
2011c, p. 18) to Perform the Risk Assessment
Determining the assessment’s scope can be even Depending on the assessment’s scope, a team of
more complicated than its purpose, but it is as im- objective, knowledgeable, experienced and comple-
portant to the success of the risk assessment. The mentary personnel should be created. Unfortu-
endeavor needs a tightly defined beginning and end nately, some risk assessments are performed from
so the team is not tempted to take it further than a less-than-objective viewpoint or a single perspec-
intended or make it too complicated. tive. For example, a company near the Port of Oak-
For example, the assessment of potential emer- land, CA, initially failed to include security in its risk
gencies/disasters might need some limitations. assessment for emergency planning purposes. After
Should the assessment address only emergencies/ the authors suggested that security be involved, civil
disasters at facility sites or should it include offsite unrest and train derailments were identified as sig-
events? Should it include natural, man-made or nificant risks. Soon after, Occupy Oakland occurred
technological emergencies/disasters, or all of them? and the area was closed, but the company was pre-
Setting the scope too narrow might prevent a haz- pared because it had included security.
ard and the resulting risk from being identified and In some cases, risk assessments are performed
assessed; setting it too broad could prevent the risk just to document them in order to meet some inter-
assessment from achieving its true purpose. Again, nal or external requirement. Such assessments are
input from those who will use the risk assessment to often performed by limited teams and may be led
make decisions is crucial. by a dominant individual who is primarily focused
on completing the task. Experience has shown that
Reason 8: Fail to Understand an this leads to incomplete risk assessments where
Organization’s Acceptable Risk Level some hazards are not identified and risks are not
An organization must define its acceptable risk fully assessed.
levels and incorporate them into the risk assess- Teams of three to 10 competent members seem
ment process. Otherwise, paralysis by analysis will to work well. Such teams usually offer sufficient
lead to wasting time and resources on acceptable perspectives on a risk assessment, yet are not too
risks, and possibly stall or short-circuit the process. large to manage and keep focused. Team members
For example, an organization with new manage- should be selected based on their knowledge, expe-
ment declared that every facility would perform a rience and commitment to the effort, and will vary
thorough risk assessment. With no specific guid- depending on the hazards and risks being assessed.
ance about the type or level of risks to include, For example, a team assessing a product might
many risks, including trivial ones, were collected; include representatives from research and devel-
unfortunately, resources were consumed without opment, design, engineering, production, quality,
identifying some important and serious risks. One legal, sales, service, risk management and safety.
30 ProfessionalSafety DECEMBER 2012
A transportation risk assessment might include a tion. Certain techniques have specific applications.
driver, routing/scheduling, DOT compliance, ser- For example, hazard analysis and critical control
vice and maintenance, risk management and safe- points is often used in food and beverage pro-
ty. These members can be directed to gather input cessing. ANSI/ASSE Z690.3 describes 31 different
from their departments if the process is not confi- techniques (pp. 22-25; Figure 3), while ANSI/ASSE
dential because external parties often contribute to Z590.3 features eight. Three risk assessment tech-
the risk assessment. niques are highlighted in ANSI Z590.3 as being
Risk assessments are excellent opportunities for more practical for most risk situations: preliminary
employee involvement, which is critical to the suc- hazard analysis, what-if/checklist analysis, failure
cess of any safety effort. Employee involvement is modes and effects analysis (FMEA) (Figure 3).
required by all safety management system stan- The technique selected should be justifiable and
dards (e.g., ANSI/ASSE Z10, OHSAS 18001, OSHA appropriate for the situation; provide useful results;
VPP). It also is required by some state OSHA regu- and be traceable, verifiable and consistent. Selec-
lations and specific regulations such as OSHA’s tion criteria should be based on the assessment’s
process safety management standard. Employee defined context and objectives (Reason 9) and
involvement leads to a better risk assessment. should consider the following:
•complexity of problem;
Reason 6: Fail to Use the •type and range of risks;
Best Risk Assessment Techniques •potential magnitude;
To achieve desired results, an organization must •risk assessment team’s degree of experience;
properly match the technique used to the expo- •available data;
sure. Many techniques are not well understood or •regulatory requirements.
used properly. Experience is important in proper In some cases, more than one technique may be
selection and application. needed. For example, an organization can use brain-
In some cases, it may be necessary to use more storming to develop a list of concerns and qualified
than one method. For example, a large die-casting risks, then prioritize risks using a risk matrix (Figure
operation relied strictly on checklist audits to iden- 4, p. 32); this can be followed by a breakdown of
tify and correct hazards. The checklists were not each concern using a fishbone diagram or cause-
regularly reviewed or updated, and did not include and-effect analysis.
specific risks such as condition and control of alu- However, specific concerns, such as ergonomic
minum for the furnace. As a result, scrap alumi- risk factors, may not be fully identified or measured
num containing moisture was placed in the furnace using standard risk assessment techniques. Specific
and a serious explosion of molten metal critically tools that focus on ergonomic risks, such as the rapid
injured several employees. upper limb assessment, the Snook tables, NIOSH’s
Many different risk assessment techniques exist, lifting formula and similar tools, are available to as-
some complex (quantitative) and specific, and oth- sess ergonomic-related risk factors.
ers more basic (qualitative) and broad in applica- The assessment and its output should be consis-

Figure 3 The technique

Risk Assessment Tool Attributes selected should
be justifiable and
Relevance  of  Factors   appropriate for the
Can  Provide   situation; provide
Type  of  Risk  Assessment   Resources   Nature  and  
Description   Quantitative  
Technique   and   Degree  of   Complexity   useful results; and
Capability   Uncertainty   be traceable, verifi-
able and consistent.
Checklists   A  simple  form  of  risk  identification   Low   Low   Low   No  
Preliminary  Hazard  Analysis   Identify  hazards  and  situations  that  cause  them   Low   High   Medium   No  
What-­‐If   Used  by  team  to  identify  risks   Medium   Medium   Any   No  
What  if/Checklist  Analysis   team  identify  risks  using  lists   Medium   Medium   Any   No  
Fault  Tree  Analysis   Tree  diagram  starting  with  undesired  event   High   High   Medium   Yes  
MORT   Identifys  post-­‐incident  design/procedural  causes   Medium   Medium   Medium   No  
HAZOP   Criticalities  of  deviations  assessed   Medium   High   High   No  
FMEA   Identifies  failure  modes  and  their  effects   Medium   Medium   Medium   Yes  
Note. Adapted from ANSI Z690.3, Table A.2, by ANSI/ASSE, 2011, Des Plaines, IL: Author. DECEMBER 2012 ProfessionalSafety 31

Figure 4
Risk Assessment Matrix
Frequency   Severity  (consequences  of  incident)  
(likelihood  of   Incidental   Minor   Serious   Major   Catastrophic   vidual have limited value as well. An individual’s
occurrence)   <  $10K   $10  to  25K   $25  to  100K   $100  to  500K   $500K  >   experience level, knowledge and skill in hazard
Every  year   5   10   15   20   25  
1  to  5  years   4   8   12   16   20  
identification will dictate the assessment’s direction
5  to  10  years   3   6   9   12   15   and focus. If an organization does not use a well-
>  10  years   2   4   6   8   10   rounded assessment team to capture a broader
Almost  never   1   2   3   4   5   spectrum of risks (Reason 7), the assessment is left
to the individual risk assessor’s comfort level with
tent with the risk criteria established in the assess- certain types of exposures (e.g., machine guarding,
ment’s scope and purpose. As noted, ANSI/ASSE electrical, ergonomics, industrial hygiene), which
The assessment Z690.3 contains extensive information on 31 differ- limits the results. Depending on complexity, a false
and its output ent risk assessment techniques. Annex A provides a sense of security may develop, with critical risks re-
should be consis- table (Comparison of Risk Assessment Techniques) maining unidentified and untreated.
tent with the risk that lists each technique’s application and attributes The potential effect of combined risks also may
criteria estab- to help users make the proper selection, and Annex be missed. Risk assessment teams that identify and
lished in its scope B provides greater detail on each technique’s uses, catalog individual hazards as line items may miss
and purpose. strengths and limitations. the potential for certain risks occurring at the same
time and producing synergistic effects.
Reason 5: Fail to Be Objective & Unemotional For example, FMEA typically takes each failure as
in the Risk Assessment Process a single event and analyzes each failure individu-
An objective, experienced facilitator can keep the ally for its causes and effects. Certain combinations
risk assessment focused on its purpose and goals. of risks create greater risk. For instance, in the meat
Sometimes, team members can be too close to the processing industry, cold temperatures combined
situation or be less-than-objective due to past ex- with hand-arm vibration from pneumatic hand
perience. An experienced facilitator can keep the tools increase risk of soft-tissue damage (ANSI/
process objective. ASSE 2011a, Section 7.4.5).
If team members have a memorable experience, Sound risk assessments account for the com-
they may exaggerate the real potential frequency bined or synergistic effects of multiple risks rather
and severity. Reading a dramatic article, hearing a than view them as mutually exclusive. Whole-sys-
dynamic speaker or a recent news feature also can tem risk must be considered in the assessment pro-
skew perceptions. In addition, each member has cess to properly manage actual risk.
personal issues that tend to be overvalued. This
can interfere with the process, especially if it comes Reason 3: Fail to Consider the Hierarchy
from a member with a strong personality. of Controls & Fail to Prioritize Based on Risk
The effects of such issues can be moderated by PPE and administrative measures should not be
a well-rounded assessment team or an experienced the default choice. Although they may be the easi-
facilitator. The right comparisons can be made, and est to implement, they are the least effective and
questions can be asked to bring the perception back reliable. Failure to properly apply the hierarchy of
in line with reality. This must be done with much controls often results in a failure to control risk to
care and consideration so as to not discredit or alien- an ALARP level. An organization should have a
ate a member with a strong position on an issue. strategy for prioritizing control measures based on
Reason 4: Fail to Identify Hazards That Create risk level and degree of exposure to optimize ef-
Risks & Consider Combined Whole-System Risk forts and resources.
If a hazard is not recognized or is simply missed, ANSI/ASSE Z590.3 addresses the hierarchy of
the resulting risk is not assessed. The authors have controls, as well as selecting and implementing risk
observed some assessments that identified physical reduction and control methods. ANSI/ASSE Z690.3
hazards, yet failed to uncover less obvious hazards also covers controls assessment. Both require con-
such as occupational health exposures. Therefore, sideration of the hierarchy on initial risk assessment
the SH&E professional should consider the systems and those performed after controls are implemented.
approach while performing risk assessments. The hierarchy presents controls in order from most
Consider this example. A large manufactur- effective to least effective (Figure 5). Applying this
ing operation initiated a corporate-wide effort to hierarchy properly should become second nature for
identify and manage its risks. The scope of the as- every SH&E professional and standard practice for
sessment process was broad and was conducted organizations. It serves to assess risk more accurate-
by plant personnel who had limited training. The ly and helps continuously improve controls.
assessors identified safety-related hazards, but
did not recognize potential health risks related Reason 2: Fail to Perform Risk Assessment
to operations such as coating and finishing tasks. During the Design/Redesign Phase
Industrial hygiene and ergonomic risks were pres- ANSI/ASSE Z590.3-2011 emphasizes the impor-
ent, but were not identified. Other significant risks tance of using risk assessment during the design/
were missed in some plants. The inconsistencies redesign stage. While this seems obvious, organi-
and missed risks had to be addressed in a second zations rarely perform a thorough risk assessment
assessment by an outside consulting group. during design and redesign phases.
Risk assessments performed by a single indi- Consider this example. While designing a new
manufacturing facility, a large global organization
32 ProfessionalSafety DECEMBER 2012
Figure 5
Hierarchy of Controls
mitigate risks. Instead, they wait to address risks
until project completion or installation, and many
times not until an incident or significant loss oc-
curs. This approach is aided by:
•inadequate education and training in safety
principles for most designers and engineers;
•tradition and culture;
•lack of forethought and planning time built into
the design process.
As outlined in ANSI/ASSE Z590.3, organizations
should develop strategies for conducting design
safety reviews at the design stage and risk assess-
ments at critical life-cycle phases of facilities, instal-
lations and equipment. It also should incorporate
Note. Adapted from ANSI/ASSE Z590.3-2011, p. 24, risk assessment into the management of change
by ANSI/ASSE, 2011, Des Plaines, IL: Author. process and include risk assessment requirements
for suppliers.
Risk assessment at the design/redesign phase
held a planning session to determine the tasks, may be the most overlooked risk management tool
resources and timetables needed to open the new available to organizations. Simply put, risk assess-
operation. The planning session involved produc- ments should be a standard practice during the de-
tion, engineering, maintenance, quality, human re- sign and redesign phase.
sources, SH&E personnel and one of the authors.
As the planning team worked through the steps, Reason 1: Fail to Communicate . . .
the author suggested that a risk assessment was Before, During & After the Risk Assessment
necessary. The group did not see this as a feasible Successful risk
Successful risk assessment depends on effective
time to conduct an assessment and was more com- assessment de-
communication with stakeholders before, during
fortable performing it after the facility, equipment pends on effective
and after the process, otherwise the result will be
and employees were in place. The group believed communication
a less-effective assessment. A quality risk assess-
the corporate design and engineering department with stakeholders
ment involves stakeholders throughout the pro-
was addressing necessary requirements. before, during and
cess and seeks their input. Stakeholders include
On its Prevention Through Design website, after the process.
internal personnel, as well as customers, investors,
NIOSH states: A quality risk as-
partners, suppliers and vendors.
sessment involves
One of the key elements of this standard is Investigators determined that NASA’s space
that it provides guidance for “life cycle” as- shuttle Columbia explosion on Feb. 1, 2003, which
sessments and a design model that balances claimed seven lives, was partially due to a lack of
the process.
environmental and occupational safety and effective communication of critical safety informa-
health goals over the life span of a facility, tion. They concluded that organizational causes,
process or product. The standard focuses on including lack of communication, contributed to
the four key stages of occupational risk man- the incident.
agement. The pre-operational, operational, Cultural traits and organizational practices
post incident and post-operational stages are detrimental to safety were allowed to develop,
all addressed within. including: reliance on past success as a sub-
The fact that operations, equipment and products stitute for sound engineering practices . . . or-
have a life cycle and that risk may change during ganizational barriers that prevented effective
various stages of the cycle should be considered
in the risk assessment. Figure 6 depicts how ANSI Figure 6
Z590.3 illustrates the typical design concept through
decommissioning process. The standard explains Typical Design Concept
the use of risk avoidance in the early design phase:
In the early design phases, there are no risks,
Through Decommissioning
yet, to be avoided, eliminated, reduced or
controlled. Designers start with a blank sheet
of paper, or a blank screen in a CAD system.
They have opportunities to avoid hazards al-
together in the design concept, preliminary
design and detailed design stages. (p. 45)
In the authors’ experience, many ill-conceived
workplace designs force at-risk practices and con-
ditions that lead to operator error and injury. How-  
ever, many organizations do not even think about Note. Adapted from ANSI/ASSE Z590.3-2011 , by ANSI/ASSE, 2011, Des
assessing risk during design and redesign stages, Plaines, IL: Author.
thus missing an opportunity to save money and DECEMBER 2012 ProfessionalSafety 33
communication of critical safety information (ANSI/ASSE Z690.3-2011). Des Plaines, IL; Author.
and stifled professional differences of opin- ANSI/ASSE. (2011d). Vocabulary for risk manage-
ion; lack of integrated management across ment (ANSI/ASSE Z690.1-2011). Des Plaines, IL: Author.
program elements; and the evolution of an ANSI/ASSE/AIHA. (2012). Occupational health and
safety management systems (ANSI/ASSE/AIHA Z10-
informal chain of command and decision-
2012). Des Plaines, IL: Author.
making processes that operated outside the ASSE. (2011, Nov. 30). Prevention through design:
organization’s rules. (CAIB, 2003, p. 9) Guidelines for addressing occupational hazards and risks
Communication is a provision of both ANSI/ in design and redesign processes [Webinar]. Retrieved
ASSE Z690.3 and ANSI/ASSE Z590.3. Commu- from
nication also is required by virtually all safety and .php?id=7823
health management standards such as ANSI/ASSE BP. (2010, Sept. 8). Deepwater Horizon accident investi-
gation report. Retrieved from
Z10, OHSAS 18001 and OSHA VPP, yet it is sel- assets/bp_internet/globalbp/globalbp_uk_english/
dom done well. As a result, poor communication incident_response/STAGING/local_assets/down
is often identified as a major contributor to poor loads_pdfs/Deepwater_Horizon_Accident_Investi
outcomes such as injuries. gation_Report.pdf
As with many other functions, people should British Standards Institution (BSI). (2007). Occupa-
make it a priority to communicate effectively when tional health and safety management systems: Require-
performing risk assessments. Those involved should ments (OHSAS 18001:2007). London: Author.
consider who could help them conduct the risk as- Cantrell, S. & Clemens, P. (2009, Nov.). Finding all
sessment more effectively. For example, they could the hazards: How do we know we are done? Professional
Safety, 54(11), 32-35.
ask members of their departments for input. Alter-
Christensen, W.C. & Manuele, F.A. (2000). Safety
natively, they should think about who might be in- through design. Itasca, IL: National Safety Council.
terested and benefit from the risk assessment that is Clemens, P.L. (2000, April). Many hazard analyses
being performed, and share the outcome. conceal whole-system risk. Professional Safety, 45(4),
Conclusion Clemens, P. (2005, May). Zero-injury workdays: An
SH&E professionals should have a firm under- effective metric? Professional Safety, 50(5), 40-41.
standing of the risk assessment process and tech- Columbia Accident Investigation Board (CAIB).
niques described in ANSI/ASSE Z590.3 and ANSI/ (2003). Columbia accident investigation board report (Vol.
ASSE Z690.3. To avoid the 10 failures described, 1). Washington, DC: NASA. Retrieved from www
SH&E professionals should consider these prin- DeRosier, J., Stalhandske, E., Bagian, J.P., et al.
ciples and practices in the risk assessment process: (2002, May). Using healthcare failure mode and effects
10) Perform a formal risk assessment. analysis: The VA national center for patient safety’s
9) Define the assessment’s context and objectives. prospective risk analysis system. The Joint Commission on
8) Understand the acceptable risk level. Accreditation of Healthcare Organizations, 28(5), 248-267.
7) Assemble the best team to perform the risk EPA. (2004). Risk management plan (RMP) rule.
assessment. Washington, DC: Author. Retrieved from www.epa
6) Use the best risk assessment technique(s). .gov/oem/content/rmp
5) Be objective and unemotional in the risk as- Health and Safety Executive. Frequently asked ques-
tions. London: Author. Retrieved from
sessment process.
4) Identify hazards that create risk, and consider Heidel, D. (2011, Sept. 22). Prevention through design
whole-system risk. standard [Web log]. Washington, DC: U.S. Department
3) Apply the hierarchy of controls and prioritize of Health and Human Services, CDC, NIOSH. Retrieved
based on risk. from
2) Perform risk assessment during the design/ ptd-2
redesign phase. Lyon, B.K. (2001, Oct.). Behavior sampling of theme
1) Communicate before, during and after the risk park ride operators. Professional Safety, 46(10), 35-42.
assessment. Manuele, F.A. (2008). Advanced safety management:
Well-executed risk assessments enable organi- Focusing on Z10 and serious injury prevention. Hoboken,
NJ: John Wiley & Sons.
zations to make the right decisions, protect their Manuele, F.A. (2008, Oct.). Prevention through
assets, and properly manage their risks as they op- design: Addressing occupational risks in the design and
erate, grow and improve their businesses. SH&E redesign processes. Professional Safety, 53(10), 28-40.
professionals must be leaders in the risk assess- Manuele, F.A. (2010, May). Acceptable risk: Time for
ment process. PS SH&E professionals to adopt the concept. Professional
Safety, 55(5), 30-38.
References OSHA. (1992). Process safety management of highly
hazardous chemicals. Washington, DC: U.S. Department
ANSI/ASSE. (2011a). Prevention through design: of Labor, Author. Retrieved from
Guidelines for addressing occupational hazards and risks oshaweb/owadisp.show_document?p_table=
in design and redesign processes (ANSI/ASSE Z590.3- ­STANDARDS&p_id=9760
2011). Des Plaines, IL: Author. OSHA. (2003). Voluntary protection programs: Policies
ANSI/ASSE. (2011b). Risk management principles and procedures manual. Washington, DC: U.S. Depart-
and guidelines (ANSI/ASSE Z690.2-2011). Des Plaines, ment of Labor, Author. Retrieved from
IL; Author. OshDoc/Directive_pdf/CSP_03-01-003.pdf
ANSI/ASSE. (2011c). Risk assessment techniques
34 ProfessionalSafety DECEMBER 2012