Managing Operational Risk

Capt. Sukhjit Singh

Outline

• Defining Risk
• Risk Assessment
• Risk Management
Event
 The traditional definition
of risk combines three elements:
then combines its
it starts with a
probability with its
potential event
potential severity

RISK

risk is the “effect of uncertainty on

objectives” (ISO 31000)
 What is
Risk?
The
A
possibility
possibility
that
A situation of harm or The
something
involving damage possibility
unpleasant
exposure against of financial
or
to danger. which loss.
unwelcome
something
will
is insured.
happen.
Three Primary Risk Parameters
PROBABILITY

IMPACT TIME

HOW LIKELY IS IT TO HAPPEN?

WHAT ARE THE CONSEQUENCES?

WHEN WILL IT HAPPEN?

Basic Definitions

A hazard is a physical situation or condition

that may lead to a major incident, either
directly or through an escalation of events.
A consequence is the outcome of an event
and has an effect on objectives.

Likelihood is the chance that something might

happen

A control is any measure or action that

modifies or regulates risk.
Risk assessment is a process that is
made up of three separate
processes

risk risk
risk analysis
identification evaluation
 ISM Code Section 1.2.2
“Safety-management objectives of the
Company should, inter alia:
.1 provide for safe practices in ship operation
and a safe working environment;
.2 establish safeguards against all identified
risks; and
.3 continuously improve safety-management
skills of personnel ashore and aboard ships,
including preparing for emergencies related to
both safety and environmental protection.”
 RISK
MANAGEMENT IS
THE PROCESS OF:
What is Risk
Management?
Restricting and
maintaining risks
Making decisions
within tolerable
about accepting
limits at
or altering risks.
proportionate
cost.
 ELEMENTS OF RISK MANAGEMENT

Identify

Assess

Define means to reduce risk

Establish priorities

Allocate resources
RISK MANAGEMENT
Communicate

Monitor
 Develop a risk
management
culture that:

Places a balanced
emphasis between risk
taking and risk mitigation

understands the need to

respond to risk in time

learns from its

experiences
Risk Management
Summary
Risks are inherent in innovations

Good planning and control will not guarantee

success

Anything that can go wrong will go wrong

Risk management is about minimizing the

chance of failure
Risk Control System
Define • Define go / no go criteria

• Define risk action

Define
responsibilities

• Involve external experts in

Involve
major risk reviews

• Avoid subjective assessments

Avoid
in risk situations

Define • Define risk reduction targets

• Ensure risks are controlled

Ensure
within exposure limits.
Why do we take risks?

Commercial pressure

Time saving:
• taking short cuts
• violating rules and
procedures
• laziness

Over confidence
Human Perceptions of Risk
Cumulative Effect
 Recording Near Misses
RISK MANAGEMENT
MAJOR
1
MEDIUM
10
ZERO
MINOR INCIDENTS
30
NEAR
MISS 600
Bird (1969)
The Probability / Impact Diagram
HIGH

PROBABILITY

LOW

LOW IMPACT HIGH

 Risk Matrix
CONSEQUENCES INCREASING LIKELIHOOD

People Assets Environment Not Heard of in Has Occurred Has Occurred Happens Happens
Industry in Industry in Port Several Times Several Times
per Year in per Year in Port
Industry
No Injury No Damage No Damage

Minor Injury Minor Damage Minor Effect

Major Injury Local Damage Localised Effect

Single Fatality Major Damage Major Effect

Multiple Fatalities Total Loss Massive Effect

RISK VALUES

Manage for Continuous Improvement

Incorporate Risk Reduction Measures

Intolerable
 Levels of Risk and ALARP
RISK CANNOT BE JUSTIFIED ON ANY GROUNDS

INTOLERABLE
REGION INTOLERABLE LEVEL
TOLERABLE ONLY IF RISK
REDUCTION IS IMPRACTICABLE
OR IF ITS COST IS GROSSLY
THE ALARP DISPROPORTIONATE TO THE
REGION IMPROVEMENT GAINED
RISK IS
UNDERTAKEN
ONLY IF A
BENEFIT IS
DESIRED
TOLERABLE IF COST OF
REDUCTION WOULD EXCEED
THE IMPROVEMENT GAINED

BROADLY
ACCEPTABLE
REGION

NEGLIGIBLE RISK
 RISK - CONSIDERATION OF FREQUENCY
AND CONSEQUENCE

A HAZARD COULD HAVE MANY

CONSEQUENCES WITH VARIOUS
FREQUENCIES
Conclusions
PEOPLE AND BUSINESS HAVE RISK
AVERSIONS

QUALITATIVE ANALYSIS – EVALUATES

RISK IN BROAD RANGES
 WHAT CAN GO HOW OFTEN?
WRONG? HAZARD FREQUENCY
IDENTIFICATION ESTIMATION

Simple HOW BAD WILL IT

Understanding BE? CONSEQUENCE
SO WHAT? RISK
ASSESSMENT
ANALYSIS
– Various tools

WHAT CAN WE DO
ABOUT IT? RISK
MANAGEMENT
RISK AWARENESS
AND
RISK ASSESSMENT
Risk Awareness
■ If seafarers are fully informed and aware of the risks to their health,
safety and welfare, they are much more likely to ensure they avoid the
risks and remain safe.
■ This knowledge is attained through risk assessment and in other ways
throughout our lives including training in theory and practical
application, information, observation, instructions, supervision and
personal experience.
Hazard and Risk
■ A hazard is a source of potential injury, harm or damage. It may come from many
sources, e.g. situations, the environment or a human element.
■ Risk has two elements:
– The likelihood that harm or damage may occur.
– The potential severity of the harm or damage.

■ A key tool in ensuring that all involved in the work have a clear understanding and
awareness of any hazards and their associated risks is the carrying out of a toolbox
talk before the work commences.
■ Application of the knowledge in the workplace is influenced by our values, beliefs,
attitudes and behaviours and by the views of others.
Risk Assessment
The risk assessment process identifies hazards present in a work undertaking, analyses
the level of risk, considers those in danger and evaluates whether hazards are
adequately controlled, taking into account any measures already in place.
Effective risk assessments:
■ correctly and accurately identify all hazards;
■ identify who may be harmed and how;
■ determine the likelihood of harm arising;
■ quantify the severity of the harm;
■ identify and disregard inconsequential risks;
■ record the significant findings;
■ provide the basis for implementing or improving control measures; and
■ provide a basis for regular review and updating.
Risk Assessment
■ Any risk assessment must address risks to the occupational
health and safety of seafarers.
■ The assessment of risks must be ‘suitable and sufficient’ but the
process need not be overcomplicated.
■ This means that the amount of effort that is put into an
assessment should depend on the level of risks identified and
whether those risks are already controlled by satisfactory
precautions or procedures to ensure that they are as low as
reasonably practicable.
■ The assessment is not expected to cover risks that are not
reasonably foreseeable.
 Risk Assessment
■ There are no fixed rules about how risk assessment should be undertaken.
■ The assessment will depend on
– the type of ship,
– the nature of the operation, and
– the type and extent of the hazards and risks.
■ The intention is that the process should be simple, but meaningful. The relevant legislation
regarding risk assessments should be referred to when deciding on what methodology will be
employed.
■ There is a requirement that seafarers must be informed of any significant findings of the
assessment and measures for their protection, and of any subsequent revisions made. It is
therefore advisable that copies are carried on board each vessel and that there is a process for
regular revisions to be carried out.
■ In particular, the risk assessment must be reviewed and updated as necessary, to ensure that
it reflects any significant changes of equipment or procedure or the particular circumstances
at the time, e.g. the weather or level of expertise of those carrying out the task.
Risk assessment level 1 - Generic
■ The ISM Code requires that the safety management objectives of
the Company should, amongst other things, assess the risks
associated with all identified hazards in respect of its ships,
personnel and the environment, and establish appropriate
safeguards.
■ These risk assessments, sometimes known as generic risk
assessments, should therefore be carried out at a high level in
the Company with appropriately knowledgeable and experienced
personnel, and the results used to ensure that appropriate
safeguards and control measures are contained within the
Company’s safety management system in the form of policies,
procedures and work instructions.
 Risk assessment level 2: task based
■ There are vessel- and task-specific risk assessments that must be
carried out on board each vessel.
■ Whilst it is clear that the Company can assess the generic risk of,
for example, working at height, working with electricity, movement
about ship, etc., it is not possible for them to conduct a risk
assessment for changing a navigation light bulb up the main mast
on a given vessel on a given day because they would not be able
to take into account all the factors that were applicable at that
time on that vessel. For this reason, it is essential that any generic
risk assessments are used in context, and not seen as being
suitable for specific tasks. For this, task-based risk assessments
(TBRAs) should be carried out on board each vessel by those
involved in the work.
Task-Based Risk Assessments (TBRAs)
Two distinct types of TBRA may be used.
■ First, a range of vessel-specific generic TBRAs that can be used for all
routine and low-risk tasks can be developed. These should be
periodically reviewed, but frequency would very much depend on the
particular circumstances on the vessel and the level of risk.
■ The second type of TBRA would be used for specific high-risk jobs
that are not routine, such as working aloft or enclosed space entry.
These should relate to the specific persons who will be involved in the
work and valid only for the duration of that job.
In both cases, the assessments should be carried out by a competent
person or persons who understand the work being assessed. It is also
preferable that seafarers who will be involved in the work should also be
involved in the assessment process.
Risk assessment level 3: toolbox talk
■ A toolbox talk is another form of risk assessment carried out in support of a
TBRA. Its prime purpose is to talk through the procedures of the job in hand
and the findings of the TBRA with the seafarers involved.
■ When carrying out a toolbox talk, it is important to actively involve those
carrying out the work and others who may be at risk, i.e. seafarers, sub-
contractors and others on board ship who may be affected by the work.
■ Full and active participation should be encouraged and any questions or
concerns discussed and taken into consideration. Once finished, confirm
that all fully understand their role in the task and the precautions in place
(‘closed-loop communication’). This should then be recorded along with
details of any relevant risk assessment referred to.
■ A toolbox talk should be conducted prior to any work being carried out that
involves more than one person and where there is significant risk to
persons or assets.
Risk assessment stage 4:
personal assessment of risk
■ This is an informal assessment of day-to-day risks carried out as you are going about
your work and life in general.
■ It is a technique used to ensure that we perform even the most mundane of tasks
without getting hurt. It is used to maintain awareness of our environment at all times
and aid in the identification and control of immediate hazards as we go about our
work. Use of personal assessment of risk should be developed and encouraged.
■ This is about taking a few minutes to step back, look at the job to be done, consider
what could go wrong and how it may occur, and what steps you can personally take to
avoid any incident occurring.
■ As the work is proceeding, you should also monitor the worksite for any change in
conditions that might alter the hazards and controls in place. If there is any concern,
stop the work, re-assess the controls and, if necessary, re-plan and re-assess the task.
This approach may also be called a ‘dynamic risk assessment’. If the person does not
believe that the dynamic risk assessment is sufficient move back to level 2.
STEPS TO RISK ASSESSMENT
■ Step 1: Identify the hazards
■ Step 2: Determine risk and control measures
■ Step 3: Evaluate the risks and Decide if risk is
tolerable
■ Step 4: Record your findings and implement them
■ Step 5: Prepare risk control action plan
■ Step 6: Review adequacy of action plan and update
if necessary
 Clearly Define the Task
or Job
Breakdown the Job / Task Input Resources
into basic steps

Identify Hazards for Each Step

Establish Controls

Implement Additional
Check Effectiveness of Controls
Controls and Communicate

Establish Resultant Risk

Review effectiveness
Establish Additional Control Measures and
Establish Additional Control Measures of controls while Job
Amend JSA
is being performed
Communicate JSA
Communicate RA toto all
all involved
involved
in Job / Task
Monitor for other
Do job
Do job as
as per
per JSA
RA
Hazards
Hierarchy of Controls
A Simple Risk Estimator
Task Completion
■ In all cases, on completion of the task, it is important to record or
feedback any lessons learned and make improvements for next
time including, where appropriate, reviewing and updating
existing risk assessments. Everyone should be encouraged to
contribute.
■ It is recommended that a proactive hazard-reporting system with
empowerment and expectation for immediate corrective action is
also in place and that information on hazards and risks is shared
as widely as possible.
Be SAFE

Spot the HAZARD

Assess the RISK
Find a Safer WAY
Everyday