Can a risk assessment reliably predict if you will have an accident today?

Statistics is one of those areas which can look very impressive in mathematical circles.  In a nutshell,  given sufficient samples and assuming all the factors are considered,  past trends can be a reasonable indicator of future events.  However, as weather forecasters know all to well,  the field of statistics can only result in a probability.  It may be predicted that the chances of rain today are 80%.  But there is always a chance of 20% that it will not rain.  Reliance on probabilities to precisely forecast individual specific events is therefore  flawed because a probability is by definition based on an uncertain set of factors and the probability is only valid given sufficient samples.

In the natural world risk is a reality.  Throughout history, humans have endeavoured to mitigate against risks to their safety,  from avoiding sabre toothed lions to carefully depressurising a vessel before drilling into it for maintenance.  Those risks that cannot be adequately mitigated need to be avoided or simply accepted (i.e move far away from sabre toothed lions or don’t ever drill into a pressure vessel).

In hazardous industries , risk assessments are a fundamental part of the management of safety.  Risk assessments endeavour to identify those serious risks that demand attention.    A common approach used in industry to quantify risk is to consider the probability of an incident on a scale of 1 to 5,  and at the same time the consequences should the incident occur,  also on a scale of 1 to 5.  The product of the two numbers is the overall risk figure.  The risk can be plotted on a graph or so called “heat map” where the top right quadrant shows risks with a high probability and a serious consequence,  and the bottom left quadrant shows low probability and low consequence.

In general,  because with finite resources companies cannot concentrate on all risks they tend to look at the “top 10” or some other ranking.  These top 10 risks are typically found in the “hot” zone of the heat map (top right quadrant).

This approach is simple, practical and quite useful.  It is however flawed in three main respects:

(1) The probability of a risk occurring is based on judgement, is a statistical metric and is therefore imprecise in predicting specific future events.

(2) The risks with very low probabilities and very high consequences are sometimes not in the “Top 10”.  (For example a nuclear accident,  high consequences, low probability).

(3)  The risk can change over time for any number of reasons such as plant modifications, operational changes or new factors.  The time between the risk assessment and the actual work in hazardous environments can be the difference between an accident taking place or apparent “safe work”.

Leading indicators of safety are sometimes used to statistically predict the underlying probability of an incident.  Whether or not this is a reliable tool is a whole debate in its own right,  but companies often use these because they are practical and useful.  For example the number of accidents per manhour worked,  or the number of near misses etc are both leading indicators that can predict an increase in the underlying probability of an accident.  Furthermore, a near miss usually results in some actions taken to avoid the incident in future,  thereby over time reducing risk.  When these indicators increase, further action needs to be taken (so the theory says) to address those factors that are resulting in unsafe conditions.  Again this approach can be flawed if it not realised that leading indicators are also statistically derived and therefore imprecise.  Also, management are often totally unaware of what action is actually required to contain rising indicators,  especially if the causes are behavioural or cultural in nature.

Software systems that address safety holistically need to consider several factors.  They need to recognise the value of leading indicators and have a good incident and near miss management capability and handle behavioural based safety observations and measurements.  They need to recognise the importance of assessing safety related risks at multiple levels – in the engineering and design process (e.g. HAZOP outputs), as well as in the actual operations (e.g. permit to work).  They need to recognise the dynamic nature of operational environments and have good change management processes to measure the impact of modifications on operational risk.  Finally, they need to have the capability to relate patterns and links in the data to warn people of risks that are the combined result of multiple simultaneous factors.  For example,  maintenance work on equipment + recent modification to equipment + previous incidents related to equipment + standing work procedure in use = overall risk.   This overall risk is something for example that is not evident to people who inspect the work sites,  but is the result of advanced system analytics that can correlate data intelligently to derive new insights.   Few EHS systems achieve this level of vital insight  which is likely to be successfully developed only by those vendors who focus on operational safety systems.

Clearly the whole subject of risk in a safety context is vast and cannot be covered in a short article of this nature.  My only advice is to be extremely sceptical of inappropriate statistics and oversimplified risk management processes.  Be extremely thorough in approach and have multiple strategies to manage safety.  Finally seek systems that have a holistic view on safety and at the same time are practical and easy to use.  Once the system is in place, look to continuously improving the quality of risk information by adding modules such as incident management, permit to work, engineering change management and advanced analytics that generate new safety related insights.

Achieving a balanced view on sustainability

Over the past few years we have witnessed the growing realisation by thought leaders that our way of life in the 21^st century is unsustainable. It is accepted that in the end all resources on the planet will come to an end (some will be certainly be depleted sooner than others) but before then our total consumption as society will be reduced as limiting resources such as energy, minerals, food and so on fail to keep up with demand. Yet, over centuries, humans have shown an amazing tenacity to survive, and an ability to adapt to a changing environment, so should we be at all concerned to maintain the status quo or simply accept environmental and social change as inevitable and rather focus on our ability to adapt?

Today in business we are now witnessing an increased awareness around sustainability, in part driven by governance requirements whereby companies have to provide integrated reports for their stakeholders. Yet frequently I find that some of this discussion is somewhat abstract and even surreal as companies seemingly alternate their focus from factual issues on operations (such as the finite amount of ore in a mine) to what seems to be far less defined and imprecise future factors such as rising sea levels or the impact of greenhouse gases on climate change. This confusion and lack of understanding of what is important allows companies to “bolt on” sustainability statements in their annual reports that are more marketing and positioning statements than any substance, and which ultimately mislead stakeholders as to the real issues. Clearly some balance and perspective on the whole subject of sustainability is necessary, and this requires analysis of hard scientific, economic and social facts.

One of the problems is that of terminology and loose interpretation. In business terms, a company will usually have an expected lifetime – very few companies are expected to continue for centuries. Some companies such as a trading company or those set up to capitalise on a major sporting event such as the World Cup may expect a very short lifetime of one or two years. A mine may expect to survive for 10 or 20 years, a chemicals producer may plan for a 30 year lifetime. For each of these companies “sustainability” means something different, it could be in the context of months, years or decades. Furthermore, the relentless quarterly profit reporting of the investor markets dominate management’s attention with a short term perspective to measure performance. Volatility in financial performance can therefore result in priority short term tactical decision making that is at complete odds with longer term sustainability initiatives. But the glossy annual reports do not reveal this and therein lies the reason for integrated sustainability reporting.

A balanced approach required that businesses integrate their sustainability initiatives into their business strategy, risk and governance processes. In other words the sustainability initiatives must be developed together with the business strategy to achieve outcomes that are relevant, measurable and enduring (sustainable). This will ensure that the risk (for example) of economic or political change is considered with the correct risk and timeframe against (for example) rising sea levels or climate change. It will also ensure that businesses don’t “tack on” a glossy brochure to the annual report with pictures of forests in an attempt to convince shareholders that they are “green”.

Systems that support this integrated approach are required to manage the complexity of information and to ensure consistence and continuity of reporting. This must mean that pure financial, HR and resources (ERP) systems are not enough, they need to be complimented with systems that measure and report on longer term sustainability metrics. In the mining, manufacturing and energy sectors for example, such systems need to be able to measure and report on energy usage, emissions, safety and environmental impact; as well as production efficiencies and throughput. No longer is “Cost of Production” the only metric of a production manager, he or she needs to be measured on the impact of decisions on long term sustainability. Such information systems need to take core operational processes such as maintenance, safety, plant operations and measure and in addition report on sustainability metrics such as energy efficiency, waste, downtime etc. These metrics need to align to the business risks and aggregate in a way that allows management to control and take corrective actions as necessary at both a strategic and tactical level.

I am an engineer and as such am familiar with the terms megawatt, ton, cubic meters etc. And all too often I see industrial waste reported in these units. That is why I am puzzled when a major company (say a bank) puts solar panels on their office to power the TV set which uses less than 1KW in the canteen, and then devotes several paragraphs to this initiative in their sustainability report. What would be more effective is if the bank could report how investor funds have been used to achieve a 5% efficiency improvement in a power station, which correlates to thousands of TV’s consumption. Such reporting will require transparency and information systems that are designed with this goal in mind.

I have no problem with the initiative been taken by thousands of consumers to unplug their cell phone chargers when not in use. My concern is with balance and perspective – as long as you recognise where the really big waste and energy numbers are in the system then your decisions are at least informed and we have a real chance as society to tackle sustainability issues meaningfully.

What if your production meetings were productive?

 Daily throughout the world meetings are held quite often for the sake of meeting and nothing else. Agendas are often distributed ahead of time but few people prepare and even less participate, meaningfully during these sessions. Inevitably minutes are kept, actions are allocated but few are followed up and seldom are people held accountable.

With major changes in business especially around accountability e.g. King III, allocation of performance based indicators in all industries and departments from production to HR it is impossible for meetings to have all the required information to be meaningful and productive. A simple example would be the morning production meeting in a plant environment which covers production for the past 24 hours or week. An agenda should have been sent out before the time covering the following:-

 • Welcome

 • Outstanding issues from previous meeting

 • Production output

• Production logs

• Outstanding permits to work

 • Incidents

 • HR : attendance registers/leave/shifts etc

 • Close

Many of these would be printed in hard copy and taken into the meeting. Once circulated any changes would require a new copy and little input back from invitees can be included and re-distributed. On commencement of the meeting outstanding issues from previous meetings are discussed and steps taken usually all performed manually, production outputs are presented in a hardcopy form from whatever process control system that is available. Separate output KPI’s are then checked to see if and why there were variations and what the root cause of these was. Production logs are then examined to shed light on these variations usually from a log book with suspect hand writing and accuracy. Should there have been a negative variance and something similar had happened in the past which was resolved where would this information be? This would usually be an action for the plant manager or operator to follow up on. However if this information was online and available to the meeting a fix could immediately be implemented.

Being able to access all the different systems that support various parts of the organisation is virtually impossible and hard copies are made and distributed to all, or is it?

With modern technology, why can’t all the information from these system be readily available during the meeting?

This would ensure that all information is current and available, ensuring decisions can be taken using the correct information, as well as allocating various actions to individuals or teams with reminders being sent electronically which serves as a reminder after the meeting. The multitude of different systems e.g. permit to work, incident reporting, production etc. complicates running meetings effectively. Seldom if ever are outstanding issues prioritised and followed up. With an electronic meeting system these can be represented in the form of a dash board highlighting critical areas while none critical can be lower down the agenda. An incident raised on a particular system is often seen in isolation while the need for understanding the total process is critical for the organisation. E.g. an incident reported in the SHEQ department should have an impact on risk assessments, permits, process management etc. and this can be managed effectively using the electronic meeting system with the status of the progress shown within all these areas. 

 Much is discussed but little achieved, not because of lack of ability but due to information being resident in disparate systems and not available when required. Due to this shortfall, numerous issues cannot be resolved during the meetings and much is added onto the “to do” list or held over until the next meeting. This results in the next meeting spending time on unresolved issues from previous meetings and the cycle continues with little improvement.

In complex environments the need for an electronic meeting system cannot be underestimated in ensuring that production managers are in total control of the operations.

Delays in feedback on production and other related areas can no longer be tolerated as this affects the net worth of any organisation that is output driven and who strives for high levels of safety and staff satisfaction. Meetings need to be productive with priority issues dealt with first ensuring that the levels of production remain high and resources utilised effectively.

Another important aspect is that this concept is not limited to mining and production but can be extended to all industries who have complex environments and require meetings to manage daily operations eg. Hospitals, financial institutions, parastatals etc.

In short management are accountable and need to be effective in managing all the diverse areas of the organisation and should consider an electronic meeting system to help them meet this requirement by being productive .

Is the implementation hurdle too high to jump?

 

Many technology projects fail to succeed because companies are unable to muster the resources to execute a successful implementation. This implementation effort often creates a major hurdle in the minds of decision makers. The perception that IT projects are difficult and prone to failure is a real concern when considering whether to approve a project. Statistics from research are frequently quoted that show a dismal failure rate of IT projects. Interestingly, much of this research was done in the late 1990’s and early 2000 when complex ERP implementations dominated IT projects. An example of such research is the Standish Groups finding in 1995 that about 31% of IT projects are cancelled before they are completed, and that only 16% of IT projects are completed on time and in budget. Unfortunately this risk weighs heavily with decision makers who are asked to approve capital on new projects, and accounts for the intense scrutiny of the solutions and vendors during the product selection phase. Ultimately projects that could add value to an organisation get rejected for the wrong reasons.

Most companies approach the risk of IT project failure through formal project management during the design, build and deploy phases of an implementation. An increasing number of companies are also including formal change management into the project – after all even though the project is based on technology, people have to work with the system.

Software vendors have approached the implementation challenge by simplifying the configuration process and using a template based approach. Templates allow best practice business processes to be pre-configured by the vendor (“out of the box”), leaving a relatively small customisation effort to the project. However this approach alone can also be flawed if change management is not taken into consideration – users will still have to adapt to the system no matter how efficiently the configuration process is managed. And best practice processes may not resemble what users are used to leading to rejection of the system – so this template approach also has its risks.

Change management is one of those “soft issues” that excite industrial psychologists yet perplex engineers and technologists. The discipline is based on an understanding of human motivation and psychology. Several change management models exist, for example the McKinsey’s 7-S model, Lewins change management model and Kotters 8 step change model. Each model has slightly different emphasis but they are all based on an approach to most efficiently motivate people to make a transition to a new state.

The success rate of implementation projects can be dramatically improved by incorporating formal change management into the project scope. Kotters model for example requires a sense of urgency (for the change) as the first step. Unfortunately, in some projects, for example implementation of safety and health systems, the sense of urgency is sometimes precipitated by a serious accident. This is the sad reality of human nature, akin to fitting burglar guards after your first break-in. The remaining steps proposed by Kotter include building a team for the change, constructing the vision of the end state, communication, empowerment, creating short term goals, being persistent and finally ensuring the change is permanent and the solution is sustainable.

By fusing change and project management into the implementation project, companies reduce the risk of failure. Projects will be completed on time and budget, and more importantly the end users will be more accepting of the system and the system will be sustainable. Unfortunately this does take effort and there are no short cuts. The software vendors will make their implementations simple through templates and proven methodologies. The client company is responsible to ensure that change management is done well. Ultimately, when this approach is followed the outputs are predictable and the risks are easily managed.

In summary, when you are considering a technology based solution and feel that the hurdle of a successful implementation is too high ask for the vendors implementation methodology and experiences, ensure good project management is in place and above all don’t neglect change management because it is people at the end of the day who will make the system succeed or fail.

The Cart before the Horse : Paper based Permit systems exposing Plant /Mine management to possible liability.

It has mystified me over the years the amount of money, effort and resources that are invested into getting  paper based permit to work systems working properly.  Yet many organisations still argue that they need to get their paper based systems working before they consider “upgrading” to a computer based permit system.  There is evidently a misunderstanding as to the benefits of such an electronic system over the paper system.  These can be summarised at a high level as follows:-

-          Accurate permits with minimal time to produce

-          Policies and procedures are built into the rules in the system and are improved according to experience on an on-going basis

-          Authority levels are always adhered to

-          Required PPE and isolations are accurately specified provided in accordance with the hazards

-         The flexibility to make audited and controlled changes “on the fly” should working conditions change

-          Constant training by the system reminds the permit issuer of what is required

-          Management of contractors including induction and competencies, thereby ensuring only accredited contractors can accept permits and hence perform the work.

The need to get a paper based system into operation as a prerequisite to an electronic system introduces unnecessary risk.  Paper systems seldom can reliably manage the permit lifecycle process due to human error, lack of training and hence adherence to policies and procedures.  The time to implement paper systems, because of the inherent limitations takes considerable longer than implementing an electronic version.    The auditability of these paper systems is usually costly with the poor results. Maybe people are conservative and are comfortable with this process and are resisting change.  Reasons to do it in this way could include the following:-

-          We have always done it this way so why do it differently?

-          We need to first get our policies and procedures  in place,   and then once instilled we will consider an electronic version.

-          We don’t believe electronic signatures are valid, and having passwords will increase the administration of the IT department?

-          Who would own the system if it is electronic?

-          Wouldn’t an electronic system be too complex and we don’t have a computer literate work force?

-          Surely by going electronic ahead of a stable paper based system is putting the cart ahead of the horse?

The answer to many of these concerns is based on perceptions about IT systems in general, especially around complexity and the inflexibility attributed to them.   Historically the implementation of these systems (usually business systems) has far exceeded the planned implementation times and costs.  The resultant complexity and inflexibility of these IT based systems has resulted in only highly skilled individuals managing and running them.

Few companies have fully documented policies and procedures around permit to work operations and in many cases even less is understood or adhered to by employees who are constantly under work pressures to solve operational issues while the permit system is quite often viewed as an unnecessary evil, and are completed in the shortest time with little thought going into the process.  Considering errors on a permit can result in injury or even worse fatalities. Can companies afford this type of behaviour?

In modern day operations little if anything is cast in stone so changes to paper based systems can only occur once all involved have been trained on the new requirements, while with an electronic system this change immediately becomes effective once the system has been updated.

If a person can read then an electronic system should be practical.  Detailed “wizards” can drive the process and incorporate everything that needs to be considered when issuing a permit.  These include the following:-

-          Competencies of permit issuers and contractors

-          Selection of the type of permit eg. Cold work, hot work etc, without having to find the correct book or template

-          Identification of inherent risks and any others that may be present

-          Linking of associated permits and key Locks

-          Selection of appropriate PPE

-          Adherence to applicable isolations

-          Control of the process from permit preparation to completion of the work and the permit being handed back and accepted (This final step seldom if ever happens with a paper based system)

In any organisation external and internal factors drive change and any system should be flexible enough to adapt and evolve with these changes.  In my view not having everything ready up front should NOT be an excuse for trying to perfect a paper based system, on the contrary it should be the reason for implementing a flexible electronic permit system.

The acceptance of technological innovations have been accepted in numerous countries and across multiple industries eg banks , public sector etc.  Not long ago the UK HSE has acknowledged the value of computer based permit to work systems in their latest safe work guidelines.

Manual signatories on a permit can require a PhD in writing analysis to see who the person is or was after an incident!  Seldom, if ever can you identify who the original contractor was that accepted a permit.  What recourse would any organisation have should a fatality occur and you cannot identify the individual from the scrawl on the permit?  Who would be held responsible?

Unfortunately for management,  in many cases the plant manager (In South Africa the Section 16.1 or 16.2 responsible person) are responsible and would be liable should any incident occur on the plant or mine.  Few are aware of the implications of the shortfalls of a paper based system, thinking that the SHEQ department have this under control. To be blunt there is little if any control with a paper based permit system.  I am not in any way saying there is no merit to a paper based system because it is definitely a step in right direction considering not having one at all.  In today’s business it is however “Old School” and may even be challenged as not having done everything “reasonably practical” to ensure safe work.

To conclude:

Can you risk the lives of your workers and contractors and personal potential liability by trying to perfect a paper based system?

Can you afford to spend time and financial resources on a system that is sub-standard and will be replaced in the future?

If you believe that a paper based system or perfecting it has major limitations then why don’t you put the “Cart in front of the Horse”?

Major organisations have seen the merit of an electronic permit to work system and have implemented these quick and effectively and adapt to changes in working conditions immediately.  They are constantly changing the way permits are being issued as well as the process.  Can you afford not to be running an electronic permit to work system?

Why does IT lack credibility?

A respected industry commentator recently made the observation that the IT industry, as opposed to engineering lacks a certain credibility due to over hyped marketing, exaggerated promises and unreliable products.  Hapless consumers of IT products have become used to rebooting, upgrading, patching and the never ending quest for finding “the latest version” in the hope that this will somehow solve their specific problem.

If engineers designed and built aircraft, industrial machinery, buildings, cars etc with the same reliability as a first version software product the world would become a very unpredictable and unsafe place indeed. 

Engineers are proud of their profession and form organisations which promote the concept of professionalism and guard against charlatans and pretenders.  The IT industry also has such professional bodies, but somehow these seem to be less effective.  Why is this?  Why is it that the average business leader perceives IT as a bunch of computer geek’s who have no discipline, produce sub standard products and who are rarely able to get something right the first time?   Is it perhaps because it is actually a fair comment on the industry?

I recall the words of a process control engineer many years ago who reminded me that the world’s most successful IT companies were actually very similar to the best engineering businesses.  They were characterised by formal processes and showed a high level of maturity in areas such as project management, change control, documentation, skills development and retention, quality control and many other areas.  He was a strong advocate of ISO standards in software engineering. 

The problem with IT is that the barriers to entry are so low.  “I started my company from my garage” is both a source of pride and inspiration to entrepreneurs.  It’s a pity though that many IT companies fail to shrug off the “born in a garage” mind-set; and when challenged with strong growth, new technology, competitors or just more demanding consumers they simply fall in a heap.

It is good to report that many companies have recognised this and have identified the lack of engineering practices in their company as being a serious business risk.  Therefore initiatives such as CMMI, ISO, ITIL etc are becoming more prevalent.

When contemplating the services of an IT company it is important to know the philosophy and approach of the business to sustainability and quality.  While CMMI is in itself not a silver bullet, it’s implementation is nevertheless a sign off commitment by management to improving the underlying quality of the products and services provided.  Yet, many IT companies in South Africa don’t know the first thing about CMMI.

Smaller software companies (and even the bigger ones) should always be asked what QA and management systems they have before purchasing products and services.  The little garage businesses may make a lot of noise, may even be successful for a while; but their inevitable fate is obscurity unless their growth is accompanies by a serious commitment to the same best practices adopted by the more established engineering profession.   And the problem is not isolated to smaller companies – don’t be fooled by size – the biggest companies can fall into the same trap.

The credibility gap in the IT sector is real and in many instances deserved.  It is up to the consumer of products and services to become educated and more demanding before this will change significantly.