Risk Response Categories to Consider

Written By Heather Stokes
Risk Strategies.jpg

Background

It is the foundation of professionalism and the primary duty of every manager and safety professional, regardless of position, seniority, or rank, to put the safety of employees above all other considerations, including production targets and bonus considerations.  As a professional, we should display and act in such a manner that others can see we nurture certain virtues more carefully than the non-professional.

Having identified the hazards in the workplace, the next logical step is the identification of appropriate actions for mitigating the associated risks. 

The question remains, “What are my options if I discover a risk?”  The standard approach to “Stop and Fix” just does not cut it any longer.  The workplace risk industry recommends following one of 4 risk responses, which will be discussed in this article.

The basic elements of a successful injury and illness prevention program are:

  • Management leadership

  • Operator participation

  • Hazard identification and assessment

  • Selecting the correct response strategy

  • Education and training

  • Effectively managing change by re-analysing and updating the controls

  • Program evaluation and improvement

Every one of these elements are interdependent on the others and no one is more important than the other in ensuring the success of the injury and illness prevention program. It should also be noted that the most effective injury and illness prevention programs are totally transparent, contained in a written format, widely communicated, and monitored for implementation by inspections and audits on a regular basis.  These activities should be structured to ensure that the team matures and gets better at reducing errors.  By ensuring early identifications, gaps are identified sooner, with more certainty, and meaningful corrective actions can be taken.

Deciding which one of the four potential risk response strategies will be suitable, depends on a wide diversity of issues internal to the organization.  In addition, external factors could impact the organization (i.e. using a crane when there are high winds or lightning), however the main determining factor should be how the identified risk compares with what the company defined as tolerable risk.  

The Strategies

Response strategy 1 – Terminate

The first option for responding to risk is to remove the risks completely by using the response strategy named terminating the risk. Some scholars also call this elimination or avoiding of the risk.

The name implies that this strategy option requires that the particular action be avoided completely, or not to commence with the action at all.   When you choose the terminate option, you are shutting out any chance that the risk will pose a threat.  Companies often select this strategy option if the risk of impacting employee safety is high and the consequences of a potential accident can be catastrophic.

An often-followed example of risk termination/avoidance is to stop production in an area where this risk warrants this strategy.  It may also be employed by individuals or task teams that is conducting a pre-task risk assessment and they discover that they are not able to reduce the risk to a tolerable level.  Teams should be encouraged to stop work in such circumstances and call for assistance.

Although this may seem like a very desirable option, it is not practical under all circumstances. Companies that employ the terminate/avoid option too often may end up operating well below tolerable risk levels and consequently operate at a loss. However, in cases where there is absolutely zero tolerance for the risk in question, such as working on the face of a nuclear reactor with high REM levels, then the terminate/avoid risk response strategy will be the appropriate approach.

Response strategy 2 – Treat

Treatment of risk should be the risk response strategy one should consider in cases where termination is considered a disproportionate response to the risk. Most of the readers will be familiar with this response type, as most mitigation activities falls under this strategy.

The treat response strategy is implementing of several controls that is aimed at reducing the likelihood or consequence of the identified risk to a tolerable level. This implies that the strategy should include both preventative and mitigation type of controls as well as a monitoring plan to ensure the continued effectiveness of the controls.  Specific attention should be paid to critical controls in the monitoring and escalation strategy to achieve this.  A critical control can be defined as “a control that is crucial to preventing the event or mitigating the consequences of the event. The absence or failure of a critical control would significantly increase the risk despite the existence of the other controls.”

In order to ensure that suitable and sufficient controls are in place it is prudent to make use of an objective and systematic approach and to use a system to measure the effectiveness of the controls and the net risk reduction.  One such approach is the hierarchy of control.

The hierarchy of control is a systematic approach for deciding on suitable risk controls in the workplace. The hierarchy of control follows a step-by-step approach to eliminate or reduce risks by ranking risk controls from the highest level of protection and reliability through to the lowest and least reliable protection.  The details of this system form the body of a different article by the same authors.

In cases where the risk in question is positioned slightly higher than the company’s risk appetite, treatment is considered a reasonable strategy to reduce the risk to a tolerable level.

Response strategy 3 – Transfer

An option for responding to a risk that cannot be terminated or treated is to transfer the risk. This strategy does not eliminate or reduce the risk as explained in the first two risk strategies, but instead delegate or transfer the risk to a third-party.  It should be noted that this response strategy is not often a suitable response in respect of safety risk.

The most common methods for transferring risk are purchasing of insurance or contractually transferring the risk to another party.

Some organization transfer risk by contracting the work out to a specialised contractor.  The thought process is that the contracted firm has the experience, tools, processes and skilled personnel to undertake the activity and thus could have a lower risk exposure in conducting the tasks.  This may not always result in a lowering of risk, especially when a tough negotiated price is agreed upon for the work as it may alter the preferred treatment techniques used by the contractor as a result of cost considerations. 

It should be noted that, in the context of risks management, the aim of the risk transfer strategy is to at least reduce the impact of the risk, should it materialize.

Response strategy 4 – Tolerate

The last risk response strategy being discussed in this article is the option to tolerate the risk posed by the hazard.  This may seem to be a strange strategy as it implies that someone will do nothing about the risk.  This is not entirely true for the use of this strategy.  One must remember that every risk that is treated or transferred will have a residual risk.  It is this residual risk that needs to be assessed to establish if it is within tolerable levels, otherwise the company may tolerate risks that is outside its risk appetite.

Tolerating risks that is not within the range that the regulators will accept, often result in an increased legal risk, and therefore determining the tolerable level of risk should be very carefully done. Factors to consider when determining tolerable risk forms the content of a different article by the same authors.

This risk response strategy is often used for risks with a probability and impact that will result in a consequence that is within tolerable levels, if the risks do realize a negative consequence.

Conclusion

Managing the safety and health risk in any organization is not a part time job, neither can it be delegated to the safety professional.  It remains the responsibility of line managers to manage the day to day risks encountered.  To do this effectively the line managers must understand and own the different risk response strategies available to them.  The role of the safety professional is to provide professional assistance and guide or coach the line managers and supervisors to understand and correctly implement these risk response strategies.

Line management remain responsible to treat the risk using the appropriate response strategy listed above.

Selecting the correct risk response strategy should at least satisfy the probability and impact requirements that is indicated on the graphic below:

Risk Strategies 2.jpg.png

Remembering that there is no silver bullet to ensure that risk strategies are effective, line managers should at least verify the commitment of the key stakeholders by developing realistic objectives, timelines and assign suitable budgets for implementation of selected control measures from the various risk response strategies.

 If you are developing or need help to improve your Risk Management & Health and Safety management system, or looking for a consultancy support, we would be happy to help you. 

Please feel free to contact us at: drcmarx@gmail.com or roger.belair@onsitehse.com

If you would like to read our previous articles, the please click on the following link:

Risk-Based-Decision-Making

https://www.linkedin.com/pulse/importance-risk-based-decision-making-safety-risk-management-marx/

Hazard Identification Risk Assessment Process

https://www.linkedin.com/pulse/hazard-identification-risk-assessment-hira-process-carl-marx/

Heather Stokes
Previous

Workplace Violence and Harassment - COR Element 17
Next

Health and Safety Representative and Joint Health and Safety Committee