Upload
ralf-randall
View
217
Download
1
Embed Size (px)
Citation preview
Jacques VanierICAO EUR/NAT Regional Officer
Almaty, 5 to 9 September 2005
SAFETY MANAGEMENT SYSTEMS
RISK VERSUS SAFETY
Almaty, 5 – 9 September 2005 2
SUMMARY
WHY THE SCIENCE OF SAFETY MANAGEMENT?
TERMINOLOGY
COSTS (ACCIDENTS, INCIDENTS, SAFETY)
RISK CLASSIFICATION & ANALYSIS
RISK MANAGEMENT
QUESTIONS
Almaty, 5 – 9 September 2005 3
WHY USE THE SCIENCEOF SAFETY MANAGEMENT?
People often overreact to perceived risk:
Train crash in the UK – 5 die
Within one month, more death on car accidents then in trains for 30 years!
In risk management one must not transfer risk from one area to another!
Almaty, 5 – 9 September 2005 4
TERMINOLOGY
HAZARD
RISK
MITIGATION
RISK MANAGEMENT
Almaty, 5 – 9 September 2005 5
TERMINOLOGY - HAZARD
Hazard - a scenario which, if it occurs, can have negative consequences to personnel, material (or the environment)
Hazard - an event that has the potential to result in damage or injury.
Almaty, 5 – 9 September 2005 6
TERMINOLOGY - RISK
Risk: a hazard, chance of or of bad consequences, loss or injury, exposure to mischance … (source: the Oxford dictionary)
Risk is two-dimensional: Likelihood of an occurrence (probability) Severity of consequences
“The degree of risk is based on the likelihood that damage or harm will result from the hazard and the severity of the consequences.”
RISK =probability
consequences
Almaty, 5 – 9 September 2005 7
TERMINOLOGY - MITIGATION
Mitigation is the action taken to lessen the severity, violence or effect of a change.
Almaty, 5 – 9 September 2005 8
TERMINOLOGY – RISK MANAGEMENT
Risk management: the identification, analysis and elimination (and/or mitigation to an acceptable level) of those hazards, as well as the subsequent
risks that threaten the viability of an organisation
Risk management serves to focus safety efforts on those hazards posing the greatest risks.
Almaty, 5 – 9 September 2005 9
BALANCING RISK
Risks can be balanced using cost-benefit methodology
Risk
Unacceptable region
Acceptableregion
Tolerableregion
(ALARP as low as
reasonably practicable)
Negligible Risk
Risk cannot be justified except in extraordinary circumstances
Tolerable only if risk reduction is impracticable or if its cost is grossly disproportionate to the improvement gained
Tolerable if cost of risk reduction would exceed the improvement gained necessary to maintain assurance that risk remains at this level
risk “limit”
risk “target”
Costs
Almaty, 5 – 9 September 2005 10
COST OF ACCIDENTS
Direct costs (related to physical damage)
Indirect costs: Loss of business; Loss of use of equipment Loss of staff productivity; Investigation and clean-up; Insurance deductibles; Legal actions and damage claims;
Industry and social costs
Almaty, 5 – 9 September 2005 11
COST OF INCIDENTS
Flight delays and cancellations;
Alternate passenger transportation, accommodation, complains;
Crew change and positioning;
Loss of revenue and reputation;
Aircraft recovery, repair etc. and
Incident investigation.
Almaty, 5 – 9 September 2005 12
COST OF ACCIDENT PREVENTION
Difficult to quantify;
SMS implementation cost-benefit analysis – complicated but should be done;
Requires senior management involvement.
If you think safety is expensive, If you think safety is expensive, try an accident!try an accident!
Almaty, 5 – 9 September 2005 13
COST OF SAFETY
Total Costs
Risk ReductionLosses
Protection
Costs
Almaty, 5 – 9 September 2005 14
TERMINOLOGY – RISK MANAGEMENT
Risk management: the identification, analysis and elimination (and/or mitigation to an acceptable level) of those hazards, as well as the subsequent
risks that threaten the viability of an organisation
Risk management serves to focus safety efforts on those hazards posing the greatest risks.
Almaty, 5 – 9 September 2005 15
ORGANISATIONAL ACCIDENT STAGES
DANGERDANGERHazardsHazards
Losses
Unsafe acts
Local workplace factors
Organisational factors
Causes
Investigation
Latentcondition pathway
Defences
Event
System
Stages in the development and investigation of an organisational accident
Almaty, 5 – 9 September 2005 16
RISK MANAGEMENT PROCESS
Identify the hazards to equipment,
property, personnel or the organisation
Evaluate the seriousness of the
consequences of the hazard occurring
What are the chances of it happening?
Is the consequent risk acceptable andwithin the organisation’s safety
performance criteria?
YES
Accept the risk
NOTake action to reduce the
risk to acceptable level
HAZARD IDENTIFICATION
RISK ASSESSMENT
Severity/Criticality
RISK ASSESSMENT
Probability of occurrence
RISK ASSESSMENT
Acceptability
RISK MITIGATION
Almaty, 5 – 9 September 2005 17
HAZARD IDENTIFICATION
Design factors;
Procedures and operating practices;
Communications;
Personnel factors;
Organisational factors;
Work environment factors;
Regulatory oversight factors;
Defences.
Almaty, 5 – 9 September 2005 18
FUNCTIONAL HAZARD ASSESSMENT
Functional Hazard Assessment (FHA): determine how safe the system shall be!
Reminder! … a system consists of: People (humans, liveware: L); Equipment (hardware: H); Procedures (software: S) and Environment (E).
Almaty, 5 – 9 September 2005 19
THE FHA PROCESS
Almaty, 5 – 9 September 2005 20
RISK ASSESSMENT
Risk is the assessed potential for adverse consequences resulting from a hazard!
THREE CONSIDERATIONS INVOLVED: Probability Severity Rate of exposure
Almaty, 5 – 9 September 2005 21
RISK CLASSIFICATIONS & ANALYSIS
The assessment of severity of the consequences always involves:
some degree of subjective judgment;
the use of structured grouped discussions: guided by a standard risk classification scheme, and using participants with extensive experience in their
respective fields.
and …. should ensure that the outcome will be an informed judgment.
Almaty, 5 – 9 September 2005 22
STANDARD RISK CLASSIFICATION
Likelihood of event per operational hour per sector/unit
Severity Category
Qualitative Quantitative Cat 1 Cat 2 Cat 3 Cat 4Frequent Ps> 10-3 Low Low Low Serious
Probable 10-3 > Ps > 10-4 Low Low Medium High
Occasional 10-4 > Ps > 10-5 Low Low Serious High
Remote 10-5 > Ps > 10-6 Low Medium High High
Improbable 10-6 > Ps > 10-7 Medium Serious High High
Extremely improbable
Ps > 10-7 Serious High High High
Almaty, 5 – 9 September 2005 23
RISK MITIGATION
There is no such thing as absolute safety!
Risk has to be managed to a level “as low as reasonably practicable” (ALARP)
Almaty, 5 – 9 September 2005 24
“AS LOW AS REASONABLY PRACTICABLE”
Risk
Unacceptable region
Acceptableregion
Tolerableregion
(ALARP as low as
reasonably practicable)
Negligible Risk
Risk cannot be justified except in extraordinary circumstances
Tolerable only if risk reduction is impracticable or if its cost is grossly disproportionate to the improvement gained
Tolerable if cost of risk reduction would exceed the improvement gained necessary to maintain assurance that risk remains at this level
risk “limit”
risk “target”
Costs
Almaty, 5 – 9 September 2005 25
RISK MITIGATION STRATEGIES
Exposure avoidance (if risk exceeds benefits);
Loss reduction (reduce frequency of unsafe events);
Segregation of exposure (separation or duplication):
Isolate the effects of the risk; Build in redundancy.
Almaty, 5 – 9 September 2005 26
RISK MANAGEMENT – STATE LEVEL
Policy;
Regulatory change;
Priority Setting;
Operational Management;
Operational Inspections.
Almaty, 5 – 9 September 2005 27
RISK MANAGEMENT – BENEFITS
Avoiding costly mistakes;
Ensuring all aspects of the risk are identified;
Ensuring the legitimate interests of affected stakeholders are considered;
Providing decision-makers with solid defence;
Making decisions easier to explain;
Providing significant savings (time and money).
Almaty, 5 – 9 September 2005 28
QUESTIONS, COMMENTS
?
Jacques VanierICAO EUR/NAT Regional Officer
Almaty, 5 to 9 September 2005
SAFETY MANAGEMENT SYSTEMS
- END -