Understanding the Critical Risk Management Cycle is key to Converting Management Safety Efforts into Performance

Welcome to our CEO, Tom Reeves, as he shares the 3rd of 4 blogs with ideas to consider. Add your reactions to the post below and use the the contact button above so we can continue the discussion!

When faced with the implementation of an integrated management system – meaning a management system for health and safety, quality, and environmental – organizational must design the system with performance in mind.  It’s not enough to have the individual parts – the parts or processes must work together.

The critical risk management cycle helps organizations understand now aligning processes for risk identification and assessment flow into processes for risk controls and the verification of risk controls.

One of the most effective tools for risk identification is a Job Safety Analysis with a risk component – often called a Risk Assessment.   In the risk assessment, the basics of the job tasks, hazards, risk before controls, controls, and residual risk (remaining risk with controls) are detailed.

Risk Assessment is a great tool for assessing a single job.  But, withing a management system, the Risk Assessment kicks off a series of processes.  For instance, all of the risks can be compiled into a common Risk Registry.  This gives leadership a clear view of the organization’s most significant risks.

Once risks are assessed, controls can be implemented.   Many controls are implemented in the field, such as engineering controls like guarding or warnings such as signs and lights.   Other controsl are administrative in nature and exist in a Document Control process or Training or Learning Management System.   There should be a direct tie back of risk controls to risk assessment.

Controls must also be verified.   Verification, from proactive to reactive, can occur in inspection, preventive and predictive maintenance, audits, and, most reactively, in incident reports and lagging metrics.

When deficiencies are detected, root cause can be assessed, and corrective actions implemented.

Many organizations have implemented independent processes to the parts.  That’s necessary to pass audits.   But for those organizations that truly want to perform and relentlessly reduce risk, an integrated approach is necessary.