Category: Risk Management

Risk vs Risks

In the April 2014 issue of the Synergist, AIHA published an article I wrote entitled Risk vs. Risks – Risk Assessment Lessons from Weather Forecasting. This article discusses the three different but related concepts that individuals associate with the term risk:

  1. Probability – What is the risk?
  2. Relevance – Is the risk important to me?
  3. Significance – How much do I care about the risk?

It is difficult to draft requirements related to risk –  as we are attempting to do in ISO 45001 – when there is a lack of clarity and consensus about what the word “risk” means.

Click here if you would like to read this article.

Have thoughts about this topic?  You can comment below.

May 12, 2014 | 0 Comments More

“Risky” Risk Matrices

I don’t like risk matrices. 

I have written blog posts, given speeches, and written comments on several draft consensus standards pointing out the flaws in using risk matrices in EHS decision-making.  I continue to be frustrated by the insistence some registration auditors place on having them – even though there is no requirement in either ISO 14001 or OHSAS 18001 mandating their use.

Just last month, a registration auditor expressed his disapproval of a client’s aspect evaluation procedure because, as he put it,

“Where are the ranking numbers?”

So I was quite pleased when I stumbled upon the following YouTube video that set out in an explicit and graphic way why the majority of risk matrices are flawed.


 There are three common problems associated with using a risk matrix –

1.  As set out in this video, most numeric-based risk ranking tables are not based on a valid statistical approach and result in a biased analysis of the potential risks associated with the items being analyzed.  Many times, the results do not even pass a “common sense” test when they are reviewed after the number-crunching is complete (i.e. “Does this result make sense based on what we know about our operation?”).

2.  There is the temptation to use a risk matrix simply because there is insufficient information to do “a real analysis.”  Rather that developing real data, numbers are simply assigned to educated guesses.  The inevitable result is GIGO (Garbage In = Garbage Out).

3.  Risk ranking tables are used to compare items that can’t be directly compared.

So, can a risk matrix ever be used?

Sometimes, if certain conditions are met.

Want to find out more, click here to read what they are in the latest EHS Management System Update Newsletter – Apples or  Oranges – Which is Better?

Want to subscribe to this newsletter – use the sign-up box below.

© ENLAR Compliance Services, Inc. (2013)
June 5, 2013 | 0 Comments More

Managing PLCs in an OHSMS

Earlier this week, I was asked to respond to a question posed on the ASQ Ask the Experts blog. The question requested information about standards applicable to making modifications to PLCs (Programmable Logic Controllers).  In my response, I identified a number of potentially applicable regulations and standards.

As I pointed out in my answer, in order to meet the requirements of OHSAS 18001, an OHSMS must include management of change procedures that assess the potential hazards of PLC modifications prior to any changes being made.

As I thought about the management of change (MOC) procedures I have reviewed over the years, I realized that this has been important deficiency in most of them.  MOC procedures tend to focus on equipment (i.e. hardware) changes and often ignore changes to the software that operates the equipment.  This is a concern because more and more industrial equipment is computer – rather than human – controlled.

How should this issue be addressed in an OHSMS?

  1. Appropriate individuals within the company should become familiar with the PLC requirements set out in any applicable regulations and appropriate consensus standards. (Again, for a list of potentially applicable standards, check out the ASQ blog post.)
  2. Just as equipment is evaluated for developing appropriate lockout-tagout procedures, organizations should develop an up-to-date inventory of their PLCs – focusing first on those computer controls used for safety-related functions or in high-hazard processes (for example, mechanical presses, industrial robots, control of chemical reactions).
  3. Guidelines on maintaining and modifying PLCs (and other computer controls) should be incorporated into existing routine maintenance work orders (e.g. PM databases) and MOC procedures.  Appropriate limitations should be placed on PLC modifications based on the associated risks.
  4. Individuals responsible for maintaining, troubleshooting and modifying PLCs need to trained AND competent.
  5. Periodic reviews need to be conducted to ensure that procedures are being followed, PLCs are used correctly, security measures are in place (to prevent unauthorized “hacking”) and backup copies of PLC programs are retained.

As we move toward a future with more and more computer-controlled operations, having management system processes established to ensure they are functioning as intended will become increasingly important for managing both safety and organizational risks.

© ENLAR Compliance Services, Inc. (2012)
September 20, 2012 | 0 Comments More

But Is It True?

There is a renewed interest in management systems on metrics.

This interest seems to be driven by two organizational concerns – transparency and risk.  In particular, it appears to be driven by the risks associated with transparency.

I attended the ISO 9000 Conference earlier this week. 

One of the keynote speakers – Bennie Fowler from Ford Motor Company – discussed how Ford has refocused on its core principles in order to achieve a financial turn-around.  This includes a re-emphasis on the principle – “Quality is Job #1.”  At Ford, quality is now an integral part of executive strategy discussions.

One of the main drivers for this renewed emphasis on quality is transparency. 

Due to the “open communication” nature of the intranet, companies can no longer hide their quality problems. 

Today, delivering a quality product every time is key to survival.  If a company does not, its quality issues are likely to be reported on the intranet for all to see.

Other speakers discussed the on-going shift in focus from product quality to organizational quality.  According to surveys, consumers often buy products because of their perception of the company rather than because of any objective evaluation of the quality of a particular product. 

This means that organizational risks become marketing risks. 

This customer focus on organizational quality is one of the drivers in the increase in corporate sustainability reporting.  Customers are interested in whether a company is a good corporate citizen.  They want to make sure their brand loyalty is justified.

These sustainability reports often include an occupational safety and health component.  This usually consists of “some numbers” associated with injury rates. 

But are these numbers true?

If the studies that have been conducted on the accuracy of injury reporting are to be believed, maybe not. (Click here to go to a previous blog post about injury and illness reporting issues.)


There is no global standardization, no accountability (as in a third-party review of the data or processes used to develop the data) and definitely no transparency for injury and illness metrics.   There is no easy way to check the numbers being reported, nor is the information available to do so.  Right now, we simply have to take the company’s word for it that these “metrics” are accurate.

Quality is being driven by the risks of transparency; safety is not.

© ENLAR Compliance Services, Inc. (2012)
March 1, 2012 | 0 Comments More

Objectives & OHSAS 18001


At the end of the year, our attention often focuses on planning – the setting of goals and objectives for the coming year.  This can be exciting – plans for launching new projects or products – or it can be depressing – setting aside time to organize old files.


Planning is a key component of an OH&S management system.  The planning section of OHSAS 18001 consists of 3 elements –

  • Identifying hazards and risks (4.3.1)
  • Identifying legal and other requirements (4.3.2)
  • Establishing objectives and programs (4.3.3)

Many organizations put a great deal of time and attention into identifying both their hazards and risks and their legal and other requirements. Often, less attention is paid to establishing objectives and programs.

This lack of attention to objectives and programs may be due, in part, to a lack of clarity about how “objectives” actually fit into a management system.  This lack of clarity about objectives, and their interrelationship with risk management, has been an issue of much heated discussion.  It has lead to a lack of consensus in ISO’s attempt to develop consistent definitions across all of its management system standards (see discussion of ISO’s MSS initiative).

December 29, 2011 | 0 Comments More

Nature vs. Nuture in Safety

 Nature vs. Nurture is an on-going debate in many discussions of individual action.  Do we act the way we do because of our genes or our upbringing?  Are we who we are as the result of our inherent nature or the behavior of those around us?

This debate impacts occupational health and safety management systems as well.  We just don’t call it nature vs. nurture.  Instead we discuss safe workplaces (the inherent nature of the workplace) vs. behavior-based safety (the safe or unsafe activities of workers).

Although it is not yet clear how much of who we are is determined by heredity and how much by upbringing, it seems clear that both play a part.  As with the “nature vs. nurture” debate, occupational health and safety hazards are created by BOTH unsafe situations AND by unsafe acts.  You cannot focus solely on just one or the other in an OHSMS.

OHSAS 18001 makes this clear. 

By definition (see OHSAS 18001:2007 3.6), hazards include sources, situations AND acts with the potential for harm.  This includes unsafe conditions in the workplace.  This ALSO includes unsafe activities on the part of people.

Some organizations seem to forget this distinction when they develop their processes and procedures for hazard identification.  They focus almost exclusively on looking at sources of hazards – such as those associated with machinery, facilities, physical stressors and chemical agents.  The behavior of people, driven by the psychology of human behavior, is often ignored.

What is being missed?  Here are some examples –

June 14, 2011 | 0 Comments More

OHSMS Principles

Standards are based on principles. 

ISO 9001 is based on quality principles. ISO 19011 is based on auditing principles.  Last week, I participated in a conference call for ISO 14046 in which we discussed what principles are important to the development of a water footprint.  For this discussion we started with the sustainability principles set out in a publication entitled, Guide to Corporate Ecosystem Valuation, which was recently developed by the World Business Council for Sustainable Development.

Just as principles are important for many of the ISO standards, OHSAS 18001 is also based on several principles.

April 19, 2011 | 1 Comment More

“HELP – I’m out of RAM”

OHSAS 18001 requires that your organization’s procedure for hazard identification and risk assessment take into account “human behavior, capabilities and other human factors”. 

Many organizations partially address this requirement by establishing an ergonomics program in order to address physical human factors.  Only a few organizations explicitly address mental human factors as a part of their hazard identification and risk assessment. 

Yet, mental human factors are very real and can be just as important as physical human factors.  In some cases, they are even more important. 

February 12, 2010 | 0 Comments More

The “Human Element” in Risk Assessment

The hazard identification/risk assessment section of OHSAS 18001 (Section 4.3.1) requires that your procedures take into account “human behavior, capabilities and other human factors.”

The need for considering “the human element” was brought home to me by the recent flurry of articles and news reports covering the hazards associated with using cell phones when driving.  According to these reports, a study conducted by the National Highway Traffic Safety Administration found that talking on a cell phone while driving is as dangerous as drinking alcohol and driving.

These news reports, and similar ones on the use of tanning beds by teenagers and the lack of hand hygiene in health care, lead me to wonder:

  • Why do people use cell phones while they are driving?
  • Why do teenagers pay to use tanning beds?
  • Why do doctors treat patients without washing their hands?

Why do individuals make such seemingly “irrational” decisions?

August 13, 2009 | 0 Comments More

Risk Management & the 4th of July

I spent the 4th of July at Disney.  It was the first time I have been to Disney in several years.  The fireworks display was truly impressive.  After the fireworks were over, we made our way back to our hotel using Disney’s transit system.   I was once again struck by Disney’s ability to efficiently manage large crowds of people.

Disney Fireworks

Disney Fireworks

Unfortunately, early Sunday morning tragedy struck Disney’s transit system when two monorail trains collided – killing one of the train operators.  According to news reports, the Occupational Safety and Health Administration (OSHA) is currently conducting an investigation into this accident. 

I was contemplating this accident – and the resulting negative publicity for Disney – as I reviewed the latest draft of ISO 31000 – ISO’s newly developed Risk Management standard.

One of the weaknesses of many risk management programs is failing to fully evaluate the risks associated with events that are rare (low likelihood) but with the potential for severe (highly negative) consequences.  In Section 5.5.2, ISO 31000 suggests that such events may warrant risk treatment even when it appears that action may not be justifiable on strictly economic grounds.  The typical assumption being that the event will never happen; therefore, the time and money expended to evaluate and address the risk will be wasted.

This monorail accident appears to be this type of an event. 

It was clearly rare.  According to Disney, this is the first fatal crash in the 38-year history of the monorail’s operation.   

Yet, the consequences of this accident are likely to be severe –

  • death of an employee
  • reduced confidence in – and utilization of – the transit system by guests
  • the costs incurred associated with an OSHA fatality investigation – even if no fines are imposed
  • negative publicity for a company that is very concerned about maintaining a positive public image

Take ISO 31000’s advice to heart in your own risk management programs – including the risk assessments conducted to meet the requirements of OHSAS 18001.  Be sure that your low likelihood risks are evaluated – including those associated with abnormal or unusual activities.  As the accident at Disney proved, just because an event hasn’t happened yet, that doesn’t mean it may not happen tomorrow.

© ENLAR® Compliance Services, Inc. (2009)

July 7, 2009 | 0 Comments More