Stan ONeill

Managing Director,
The Compliance Group
Risk Management Risk Elimination
risk analysis
+ risk evaluation
+ controlling risks
= risk management
Identifying what might go wrong
Calculating the size of the risk
Doing something about it
Risk Assessment
A basic human instinct
Therefore subject to human subjectivity and variability

Risk Assessment Methodologies
Rigorous and Systematic
Documented (and therefore able to be reviewed)
Acted upon
c
o
n
s
t
a
n
t

r
a
t
i
o
s

Fatality
Serious
Accident
Minor
Incident
Learning
Event
The most effective way to tackle the size of the top of the
pyramid is to tackle the bottom of the pyramid
Almost all RA methods derived from FMEA

FMEA Developed by US Aerospace Industry in
1940s (how can we stop our rockets falling out of
the skies?)

Variants on a theme
Failure Modes, Effects and Consequences Analysis
(FMECA)
Hazard Analysis and Critical Control Points (HACCP)
Hazard and Operability Studies (HazOp, CHazOp)
First understand Hazards

Hazards are potential sources of harm.
Hazards are things which present risk
Hazards are easier to define than risks - risks
are more abstract
We can define risk by categorising hazards.




Risk has two components
Chance of Harm Occurring
Consequences of that Harm
How likely is it that the hazard or harm will occur?
If it does occur, what are the consequences?
Key Considerations:
The probability of occurrence of harm, (chance,
possibility, uncertainty, etc.)
The consequences or severity of that harm,
(injury, cost, supply issues, etc.)




Risk is the combination of the probability of
occurrence of harm and the severity of that harm

Risk = Probability x Severity
Risk = (P x S)

Risk can be Quantified or Qualified

Risk = (4 x 3) = 12
Risk = Medium or Green or.

Probability This Means the Hazard
Frequent is Very Likely to Occur, > 20%
Probable will Probably Occur, 5 20%
Occasional should Occur at Some Time,
Infrequently, 0.1 5%
Remote Unlikely to Occur in Most Circumstances
< 0.1%
Severity This Means the Hazard May Result in.
Critical Very Significant Impact on Agency, Stakeholders,
Very Costly, Very Damaging Effects
Major Significant Impact on Agency, Stakeholders, Costly,
Damaging Effects
Minor Minor Impact on Agency, No Expected Stakeholder
Impact
Determines if a risk is acceptable or not
A method which
identifies hazards in an organisation, process,
product*
estimates or calculates the risk associated with
these hazards*
assesses that risk by comparing it against
predefined risk acceptability criteria**
* aka Risk Analysis ** aka Risk Evaluation
Hazard Minor Severity
(1)
Major Severity
(2)
Critical Severity
(3)
Frequent (4) 4 8 12
Probable (3) 3 6 9
Occasional (2) 2 4 6
Remote (1) 1 2 3
Hazard Minor Severity Major Severity Critical Severity
Frequent
Probable
Occasional
Remote
Hazard Minor Severity Major Severity Critical Severity
Frequent Unacceptable Intolerable Intolerable
Probable Unacceptable Unacceptable Intolerable
Occasional Acceptable Unacceptable Unacceptable
Remote Acceptable Acceptable Unacceptable
Red Means
The Risk is Intolerable. Eliminate the Hazard or
build in systems/controls to ensure the effects
of the hazard are not realised (e.g. install
redundant systems)
Amber Means
The Risk is Unacceptable. The Risk must be
Reduced or Controlled to an acceptable level
Green Means
The Risk is Acceptable. No Reduction or New
Controls are Required

Risk Control performed after Risk Assessment
Aims to reduce the risk associated with a hazard
by putting additional controls in place
May permit maintenance of the risk within
specified levels risk cannot be reduced but the
hazard (or its effects) can be detected when it
occurs.
Detection
High High Likelihood that Controls will Detect the
Hazard or its Effects
Medium Medium Likelihood that Controls will Detect the
Hazard or its Effects
Low Low Likelihood that Controls will Detect the
Hazard or its Effects
None Detection Controls are Absent
The combination of Risk Assessment & Risk
Control
Risk Management allows for mechanisms to
communicate Risk knowledge to the right
people/stakeholders, and for the Periodic Review
of the Risk Assessment process
Performing Periodic Review uses additional data
(experience) to revisit hazards and their
probabilities
Risk Management should be viewed as an on-
going Quality Management process
Risk Assessment
Hazards identified, risk estimated, decision re.
risk acceptability made
Risk Control
Risk Reduction or Risk Maintenance Controls
Initiated until Risk is Acceptable or Adequately
Controlled
Risk Knowledge Is Communicated
Periodic
Review
R
i
s
k

M
a
n
a
g
e
m
e
n
t

Many formal tools are available

HACCP - Hazard Analysis and Critical Control Points
HAZOP Hazard Operability Analysis
FTA Fault Tree Analysis
FMEA Failure Mode & Effects Analysis
FMECA - Failure Mode, Effects & Criticality Analysis
PHA - Preliminary Hazard Analysis

multi-discipline team
decompose
the system
Identify
what could
go wrong :
Hazards
Assess
seriousness
of each
Hazard
Design
measures to
contain each
Hazard
Define the Scope
Site / Organisation
Business Process
Specific Operation
Corporate entity
Split into more managable sub-systems, e.g.
Organisation into business processes
Business Process into process steps
Specific Operation into major systems
Systems into functional components
List the components

decompose
the system
Identify
what could go
wrong :
Hazards
Assess
seriousness
of each
Hazard
Design
measures to
contain each
Hazard
multi - discipline team
Brainstorm what could
go wrong
List potential failure modes
Hazards
Hazards are not always obvious
Use system history as well as teams imagination
and expertise
Various simple question based tools, e.g.:
Word Models (HazOp)
Cause / Consequence Diagram

decompose
the system
Identify
what could go
wrong :
Hazards
Assess
seriousness
of each
Hazard
Design
measures to
contain each
Hazard
multi - discipline team
A Difficult Step
Different Methods Break
this step into various
sub-questions, e.g.
Severity of Consequence
Likelihood of hazard occurring
Probability of detection
System redundancy
Simple tools provide good guidance on relative
risk within a system, but not absolute risk. What
can help?
Word models, Teams experience
decompose
the system
Identify
what could go
wrong :
Hazards
Assess
seriousness
of each
Hazard
Design
measures to
contain each
Hazard
multi - discipline team
Use Relative
Seriousness as guide for
controlling measures:
Highest level risks look for intrinsically safe solutions
Lowest level risks perhaps these are risks that we can
live with
Design it Away, e.g.
Build redundancy into systems
Simplify a business process to remove unnecessary
human intervention
Test it Away
Manage it Away, e.g.
Implement additional inspections or verification processes
decompose
the system
Identify
what could go
wrong :
Hazards
Assess
seriousness
of each
Hazard
Design
measures to
contain each
Hazard
multi - discipline team
Important to test all
changes to a system:

May remove one hazard
to introduce ten new!

Testing with the risk assessment method can be used to
select best candidate solution
decompose
the system
Identify
what could go
wrong :
Hazards
Assess
seriousness
of each
Hazard
Design
measures to
contain each
Hazard
multi - discipline team
RA of whole
system
RA of sub-
system C
sub-system A
Medium Risk
sub-system B
No Risk
sub-system C1
Low Risk
sub-system C2
Low Risk
sub-system C2
High Risk
sub-system C
High Risk
The System
Improved understanding of a process
Identification and understanding of process
limitations
Acceptance by organisation or process limitations

RA is completed as a tick-in-the-box
Report then written, approved and filed
Full-stop.
Failure to identify significant risks undermines
confidence in the organisation (hero to zero)
Lack of return from investment in the process
Inappropriate inputs into process
FMEA for parametric release
Risk management for non-dedicated premises
Assessing equipment for preventative
maintenance and calibration programme
Assessment of inherent weakness of a piece of
equipment (focus of document)
Assessment of incorrect filter integrity test cycle
parameters (inappropriate supportive
information)
Poorly structured risk assessments
Use of the phrase there is no risk
Lack of lateral thinking (pressure differential
example)
Failure to manage, only assess.


Risk Assessment Risk Management
Risk Management Risk Elimination
Risk assessments are invariably qualitative and
subjective.
Less can be more
Quality Risk Management ICH Q9 Briefing Pack
http://www.ich.org/cache/html/3158-272-1.html
Questions?
Contact details:
stanoneill@compliancegroup.eu