Risk Management with Gordon Wyllie

8/3/2019 Risk Management with Gordon Wyllie

1/7

MindGenius is a registered Trade Mark of MindGenius Ltd. Copyright MindGenius Ltd. 2011.

Risk Management with Gordon Wyllie

In this article I am going to discuss risk management. In particular, how to

understand the risk that you are facing so that you can decide whether or not the

risk is acceptable to you and if not, how you can take appropriate steps to reduce

the risk to an acceptable level.

We all face risks each day in some shape or form. Some we know about. Others we

don't. Of those risks that you know about, how do you actually manage them so

they are at an acceptable level?

The acceptable level is specific to a person or an organisation. It depends on their

risk appetite. The level of risk they are willing to carry.

Risk matrices based on the likelihood of the risk being realised and the severity of the ensuing consequences

are often used to rate risks. Superimposed on these are bands which indicate the desired level of action to be

taken and reflect the risk appetite of the person/organisation.
http://2.bp.blogspot.com/-tJfwCbWjiIo/TayNmQ96zaI/AAAAAAAAAjQ/lKy5UnNTfv4/s1600/Gordon_Wyllie.jpghttp://2.bp.blogspot.com/-tJfwCbWjiIo/TayNmQ96zaI/AAAAAAAAAjQ/lKy5UnNTfv4/s1600/Gordon_Wyllie.jpghttp://2.bp.blogspot.com/-tJfwCbWjiIo/TayNmQ96zaI/AAAAAAAAAjQ/lKy5UnNTfv4/s1600/Gordon_Wyllie.jpghttp://2.bp.blogspot.com/-tJfwCbWjiIo/TayNmQ96zaI/AAAAAAAAAjQ/lKy5UnNTfv4/s1600/Gordon_Wyllie.jpg


2/7


The risk rating and risk band is dependent on the likelihood and severity ratings you assign to it. To assign these

with any level of accuracy, you need to understand the nature of the risk that you face.

I use an approach to understanding risk which is based on the bow-tie methodology.

Having identified a risk, I start with identifying the event that would cause the risk to be realised, the

undesirable event. Let's take the case of a container of a toxic chemical. As long as the toxic chemical is

contained within the container, it will not do damage to people, assets or the environment outwith the

container. However, should a leak develop in the container, the toxic chemical will be released into the external

environment where it could cause damage or harm. So my undesirable event is a spillage of toxic chemical as at

this point the toxic chemical is no longer under my control.

In this case I have also identified the hazard associated with the risk, the toxic chemical.

There will be a number of failure modes and harm mechanisms associated with the risk so I set about identifying

these in turn.

First, I consider what might be the possible failure mechanisms that would cause the toxic chemical to be

spilled. In doing this I consider what might be some vulnerabilities that would be a contributing factor to the

undesirable event and what might be threats which would exacerbate such vulnerabilities.

The container is outside exposed to the elements. As it is made of mild steel it is prone to corrosion in the

presence of water. Also it does rain quite a lot in Scotland. So rain (weather) is a threat as the container is

vulnerable to corrosion I have a threat and a vulnerability in alignment, so I have identified a potential fault

mechanism.

Other failure mechanisms could be:

Container dropped and suffers damage

Container not manufactured to specification Container struck by vehicle
http://3.bp.blogspot.com/-tdqfLBtmXkI/Tas5D4882hI/AAAAAAAAAhs/L9NxziTGbp4/s1600/undesirable+event.pnghttp://3.bp.blogspot.com/-tdqfLBtmXkI/Tas5D4882hI/AAAAAAAAAhs/L9NxziTGbp4/s1600/undesirable+event.pnghttp://3.bp.blogspot.com/-tdqfLBtmXkI/Tas5D4882hI/AAAAAAAAAhs/L9NxziTGbp4/s1600/undesirable+event.png


3/7


However there may be barriers in place to prevent such failure mechanisms from occurring and causing the

undesirable event. These are called Prevention Controls.

Lets take the case of the corrosion failure mechanism. To prevent this the container has a coating of protective

paint. This protective paint is also reapplied every 2 years.

I then identify and add other preventive controls that might exist.

Next I look at the harm mechanisms that could exist should the undesirable event happen. It is interesting to

note that there is not a one-to-one relationship between the failure mechanisms and the harm mechanisms.

So what might be some harm mechanisms if there is a spillage of the toxic chemical? Well people could be

harmed if they are present when the undesirable event occurred, especially if they come into contact without


4/7


appropriate protective equipment (PPE). If the toxic chemical is not removed in a timely manner then assets in

contact with it, or the environment could suffer damage.

As before, there may be barriers in place which may mitigate the consequences. These are referred to a

Recovery Controls. By adding these, you can build up a picture of the consequences associated with the risk.

Now that you have mapped out the key factors associated with the risk you can quantify the risk using the risk

matrix methodology from a position of knowledge rather than gut feel.

You should have more confidence in your rating and it will also provide evidence of what your risk assessment

was based on if questioned at a later date.

If you felt the risk was unacceptable what could you do to treat the risk and make it more acceptable? Looking

at the map you can see that there is no preventive control associated with the forklift operations and their

potential to damage the container. So a risk treatment option could be to erect protective barriers around the

container. This would reduce the likelihood of the undesirable event occurring from this fault mechanism.


5/7


Now this is all very fine in an ideal world, but things change or do not always operate in the way they were

intended.

Your risk is effectively being managed by the controls, preventive and recovery, that you have in place. Will they

always remain effective? That can depend on many things.

Let's look at the Preventive Controls scenario. The corrosion is prevented by the protective paint covering which

is reapplied every 2 years. What happens if the repainting of the container doesn't happen? What if the paint

gets scratched just after it has been re-painted?

These scenarios would reduce the effectiveness of the controls thereby increasing (escalating) the likelihood of

corrosion occurring. One way over this is to schedule a 6 monthly inspection of the protective paint covering of

the container. This is called an Escalation Preventive Control.


6/7


Likewise the effectiveness of the Recovery Controls may degrade over time. For example, the neutralising

chemicals may have a limited shelf life. So you would put in a place a schedule of replacing these chemicals at

appropriate intervals.

'Emergency' procedures are activities which are not part of normal business. Therefore people do not get a

chance to practice using them therefore can become rusty. You would introduce a series of 'Emergency'

procedure training/simulation events.


7/7


As an added advantage, these controls and escalation control activities can feed directly into your audit, inspection

and training programs to give them a more targeted and focused outcome.

Here are some additional things I do with MindGenius:

Add branch notes to provide more details descriptions of activities

Use attachments to link to procedures, guidelines, work instructions

Apply categories (H,M,L) to identify the key mechanisms which effect likelihood and severity. I use the filter tofocus in on the key failure and harm mechanisms.

Add a title for the risk using Floating Text. In describing the risk I use the X, Y, Z approach to describe the risk.

The issue/concern X that happens because of Y resulting in Z. E.g. People harmed and assets/environment

damaged because of a spillage of toxic chemical due to the container being ruptured.

Copy map and use for what-if scenarios for risk treatment, impact of change

Use bowtie template map for ensure a consistent approach to analysing risk Can start with a harm mechanism,

hazard, undesirable event, consequence. The others will emerge as the analysis progresses

Use question lists to cover different perspectives on severity so I take a comprehensive view. E.g. dont just

consider injury. What about financial impact, bad publicity, loss of production/capability, legal and regulatory

consequences?

So there you have it. An approach to documenting and understanding the mechanisms associated with the risks that

you face and have to manage.

Using this approach you will be more aware of the controls that you have in place to manage risk. If you share this

information with others, then they will understand why such controls are in place, what these controls are intended

to achieve, how they should use/operate these controls and the potential ramifications if they are not implemented

or applied properly.

Such an approach increases people's awareness of risk and increases the knowledge and ownership of risk within an

organisation.

I hope this article will encourage you to use MindGenius to help you better understand the risks you face and

ultimately manage them more effectively.

Documents

Risk Management with Gordon Wyllie