When people discuss ‘Risk’ there are a lot of different assumptions made about what that means. For me, the study of risk and risk assessment techniques started in 1995. As a technologist and controls designer, I had to somehow wrap my head around the whole concept in ways I’d never considered. If you’re trying to figure out risk and risk assessment this is a good place to get started!
What is risk?
From a machinery perspective, ISO 12100:2010 defines risk as:
“combination of the probability of occurrence of harm and the severity of that harm”
Risk can have positive or negative outcomes, but when considering safety, we only consider negative risk, or events that result in negative health effects for the people exposed.
The risk relationship is illustrated in ISO 12100:2010 Figure 3:
ISO 12100–2010 Figure 3
Where
R = Risk
S = Severity of Harm
P = Probability of Occurrence of Harm
The Probability of Occurrence of Harm factor is often further broken down into three sub-factors:
- Probability of Exposure to the hazard
- Probability of Occurrence of the Hazardous Event
- Probability of Limiting or Avoiding the Harm
How is risk measured?
In order to estimate risk a scoring tool is needed. There is no one ‘correct’ scoring tool, and there are flaws in most scales that can result in blind-spots where risks may be over or under-estimated.
At the simplest level are ‘screening’ tools. These tools use very simple scales like ‘High, Medium, Low’, or ‘A, B, C’. These tools are often used when doing a shop-floor inspection and are intended to provide a quick method of capturing observations and giving a gut-feel assessment of the risk involved. These tools should be used as a way to identify risks that need additional, detailed assessment. To get an idea of what a good screening tool can look like, have a look at the SOBANE Déparis system.
Every scoring tool requires a scale for each risk parameter included in the tool. For instance, consider the CSA tool described in CSA Z434:
As you can see, each parameter (Severity, Exposure and Avoidance) has a scale, with two possible selections for each parameter.
When considering selection of a scoring tool, it’s important to take some time to really examine the scales for each factor. The scale shown above has a glaring hole in one scale. See if you can spot it and I’ll tell you what I think a bit later in this post.
There are more than 350 different scales and methodologies available for assessing risk. You can find a good review of some of them in Bruce Main’s textbook “Risk Assessment: Basics and Benchmarks” available from DSE online.
A similar, although different, tool is found in Annex 1 of ISO 13849–1. Note that this tool is provided in an Informative Annex. This means that it is not part of the body of the standard and is NOT mandatory. In fact, this tool was provided as an example of how a user could link the output of a risk assessment tool to the Performance Levels described in the normative text (the mandatory part) of the standard.
Consider creating your own scales. There is nothing wrong with determining what characteristics (parameters) you want to include in your risk assessment, and then assigning each parameter a numeric scale that you think is suitable; 1–10, 0–5, etc. Some scales may be inverted to others, for example: If the Severity scale runs from 0–10, the Avoidability scale might run from 10–0 (Unavoidable to Entirely Avoidable).
Once the scales in your tool have been defined, document the definitions as part of your assessment.
Who should conduct risk assessments?
In many organizations, I find that risk assessment has been delegated to one person. This is a major mistake for a number of reasons. Risk assessment is not a solo activity for a ‘guru’ in a lonely office somewhere!
Risk assessment is not a lot of fun to do, and since risk assessments can get to be quite involved, it represents a significant amount of work to put on one person. Also, leaving it to one person means that the assessment will necessarily be biased to what that person knows, and may miss significant hazards because the assessor doesn’t know enough about that hazard to spot it and assess it properly.
Risk assessment requires multiple viewpoints from participants with varied expertise. This includes users, designers, engineers, lawyers and those who may have specialized knowledge of a particular hazard, like a Laser Safety Officer or a Radiation Safety Officer. The varied expertise of the people involved will allow the committee to balance the opinion of each hazard, and develop a more reasoned assessment of the risk.
I recommend that risk assessment committees never be less than three members. Five is frequently a good number. Once you get beyond five, it becomes increasingly difficult to obtain consensus on each hazard. Also, consider the cost. As each committee member is added to the team, the cost of the assessment can escalate exponentially.
Training in risk assessment is crucial to success. Ensure that the individuals involved are trained, and that at least one has some previous experience in the practice so that they may guide the committee as needed.
When should a risk assessment be conducted?
Risk Assessment in the Lifetime of a Product
Risk assessment should begin at the beginning of a project, whether it’s the design of a product, the development of a process or service, or the design of a new building. Understanding risk is critical to the design process. Cost for changes made at the beginning of a project are minimal compared to those that will be incurred to correct problems that might have been foreseen at the start. Risk assessment should start at the concept stage and be included at each subsequent stage in the development process. The accompanying graphic illustrates this idea.
Essentially, risk assessment is never finished until the product, process or service ceases to exist.
What tools are available?
As mentioned earlier in this post, the book ‘Risk Assessment: Basics and Benchmarks” provides an overview of roughly 350 different scoring tools. You can search the Internet and turn up quite a few as well. The key thing with all of these systems is that you will need to develop any software based tools yourself. Depending on your comfort with software, this might be a spreadsheet format, a word processing document a database, or some other format that works for your application.
There are a number of risk assessment software tools available as well, including ISI’s CIRSMA™ and DSE’s DesignSafe. As with the scoring tools, you need to be careful when evaluating tools. Some have significant blind spots that may trip you up if you are not aware of their limitations.
Remember too that the output from the software can only be as good as the input data. The old saw “Garbage In, Garbage Out” holds true with risk assessment.
Where can you get training?
There are a few places to get training. Compliance InSight Consulting provides training to corporate clients and will be launching a series of web-based training services in 2011 that will allow individual learners to get training too.
The IEEE PSES operates a Risk Assessment Technical Committee that is open to the public as well. See the RATC web site.
The Answer to the Scale Question
The Exposure Scale in the CSA tool has a gap between E1 and E2. Looking at the definitions for each choice, notice that E1 is less than once per day or shift, while E2 is more than once per hour. Exposures that occur once per hour or less, but more than once per day cannot be scored effectively using this scale.
Also, notice the Severity scale: S1 encompasses injuries requiring not more than basic first aid. One common question I get is “Does that include CPR*?”. This question comes up because most basic first aid courses taught in Canada include CPR as part of the course. There is no clear answer for this in the standard. The S2 factor extends from injuries requiring more than basic first aid, like a broken finger for instance, all the way to a fatality. Does it make sense to group this broad range of injuries together? This definition doesn’t quite match with the Province of Ontario’s definition of a Critical Injury found in Regulation 834 either.
All of this points to the need to carefully assess the scales that you choose before you start the process. Choosing the wrong tool can skew your results in ways that you may not be very happy about.
*Cardio-Pulmonary Resuscitation
+DougNix is Managing Director and Principal Consultant at Compliance InSight Consulting, Inc. (http://www.complianceinsight.ca) in Kitchener, Ontario, and is Lead Author and Managing Editor of the Machinery Safety 101 blog.
Doug’s work includes teaching machinery risk assessment techniques privately and through Conestoga College Institute of Technology and Advanced Learning in Kitchener, Ontario, as well as providing technical services and training programs to clients related to risk assessment, industrial machinery safety, safety-related control system integration and reliability, laser safety and regulatory conformity.
Loading ...
Hi Doug,
Very good article on a subject that is as far reaching as it is broad. It is also one that for a company initailly starting out on this task is very daunting. Not only where does one start, but then where does one end. All of the standards mentioned help in this process, but at the end the answers tend to be subjective in nature and are based on the knowledge of the person or induviduals involved in the assement itself.
At the machinery manufacturing company I worked for as the Corporate Product Safety Manager for 25 years, I had the lead Mechanical Engineer, lead Electrical Engineer, the lead Hydraulic/Pneumatic Engineer and the lead Technical Writer involved with the risk assessments for each particular job from the beginning. As each machine progressed from the design phase to the assembly and testing phases, Service Technicians and Operators were also involved as now, what was designed and manufactured, was actually put to test. Machinery manufacturers are not necessarily “Process people” and most times the machines, once in the field, are changed and operated in different fashions than what was originally designed or intended. This in itself makes the risk assessment process more daunting as one looks into the foreseeability of something adverse happening. There are simply times where an incident “unforeseen” to the manufacturer happens. At that point it is time to reevaluate your risk assessment for that particular machine or at least that segment of your particular machine. That may point out that your machine is fine from a safety or risk standpoint, but that an operational or maintenance task needs to be addressed. Again, my feeling is that with most aspects of risk assessments being “subjective” in nature’ it behooves the personnel doing the assessments to be well trained and versed on the machines themselves and the tasks required to operate and maintain them. And as with anything else, once you have a few risk assessments “under your belt” they become easier to do. I also agree with some of the comments you have received already and your responses to them. I can guarantee you that to some people breaking a finger or losing a fingernail may not be very significant, whereas to someone else it may be catastrophic. “Subjectivity” lures its ugly head again.
Mike, thanks for the kind words!
You are absolutely right about how daunting getting started can be. I know that’s how I felt when I first heard about risk assessment. There are so many more resources available now than there were when I got started in the mid-90’s.
I think that the key is in defining the intended use and the foreseeable misuses of the product. This allows the manufacturer to deal with what they know, and prevents them from having to try to ‘blue sky’ every possible crazy thing that someone might try to do. I think that products in the industrial marketplace are much more subject to unanticipated modifications and misuses than in the consumer market. This is because most plants have people on staff that can make changes, sometimes major changes, to machines in the workplace. These modifications often happen with a minimum of planning, and sometimes ‘on-the-fly’, bypassing the risk assessment and safety management processes altogether. In the consumer marketplace people sometimes do odd things with products, but rarely do they make the major changes that you see in industry. The other big issue is that machinery is often kept in service for long periods of time. 20–30 years is not unheard of for heavy machinery. A few years ago I had a client ask me to do a safety review on an 1100 ton power press that was built in 1932 and was still in service in 2005! In the consumer market, few products last beyond 15 years, so having very old products still in service is much less likely to occur.
Risk assessment is inherently subjective. Even when there is hard data available, the final decisions are usually made with a degree of subjectivity. A judgement must be made, and judgements are subjective. The big challenge is that most of the time we have no hard data. Understanding the level of uncertainty in each assessment is important and difficult. The less hard data we have, the greater the uncertainty. Consequently, the outcome of much of the risk assessment work that is done is uncertain. When unforeseen things go wrong, it’s really easy to point a finger at the risk assessment team and assume that they weren’t competent because they didn’t foresee whatever it was. Some incidents cannot be easily foreseen because they are only possible is certain, very rare circumstances, but they will still occur.
Risk assessment gives us a chance to head off the foreseeable, and even some of the less-easily-foreseen injuries and incidents. That alone makes it worthwhile.
Great summary Doug, specially the point about having a number of affected parties involved to minimise individual bias. I am always harping on this topic in my training courses. Most people are confused about risk assessment, any wonder! Another key point we have to get across i think, is that risk assessment is not just risk estimation, but also requires determining whether the risk has been controlled so far as is practicable or if other control measures are required. This implies that the risk assessor knows what is possible to minimise risk (by design, not by human behaviour) We are running a series of half day workshops on risk assessment around Oz this year with the IICA (our equivalent of the US ISA)and i will reference your material if that is OK Doug, cheers Frank
Thanks Frank! I’d be pleased to have you reference my material! Drop me an email offline, or call me when it’s convenient!
The metric shown from CSA Z434 is one that offers the greatest simplicity as it is essentially “yes, no”, without offering shades of gray. The issue of first aid was clarified in ANSI RIA R15.06 to mean that the distinction is based on what our OSHA classifies as being first aid versus a reportable. This was done, again, for the purpose of clarity and ease. CSA Z434 is based on ANSI RIA R15.06, hence the similarity.
Once people become more familiar with risk assessment, they feel comfortable using models with shades of gray. One can use any metric, so long as at the end, the standard and legal requirements are fulfilled. The grand-daddy of risk assessment is a MIL standard, which is still used today. It uses a scale of 4 for severity and a scale of 5 for probability (exposure and ability to avoid combined), to come to risk scores which are then equated with actions required and management authority requirements. For severity, the “injury” potential listed (4 grades) as well as property damage potential, environmental damage, and reputation damage. So that it is understood that there are multiple reasons for risk to an employer: employee injury, damages costs, environmental damage, and reputation damage. Any one of these triggers a certain reaction depending on the probability. There are a number of very good books on the topic of risk assessment.
Both the ANSI RIA R15.06 and CSA Z434 risk assessment models are being updated to correlate with ISO 13849–1.
Roberta
Thanks for your comments, Roberta! It’s always good to hear your thoughts, particularly with your deep involvement with the RIA 15.06 standard.
While I can appreciate the idea that the scales were developed for simplicity of use, the gap in the Exposure scale is one that many of my clients have found to be a problem. Hazards with exposure frequencies falling in between the two factors in the scale can be very difficult to score, and the gap in the scale tends to add more uncertainty scoring, leading to a possible loss of credibility for the output of the tool. I believe that we need to eliminate these gaps to make the tool useful, and to make the application of the tool more straightforward for the novice.
Regarding the inclusion of CPR in the severity assessment, while RIA may have been able to clarify the requirement in the US based on OSHA’s definition of what constitutes an reportable injury, this is not the case in Canada. Ontario’s definition of a Critical Injury is different than many of the other Provinces and Territories, and none of these deal specifically with inclusion of CPR. In Ontario, a loss of consciousness will result in the accident being reportable (follow the link in the post to Regulation 834), but this could occur with or without the person’s heart or breathing stopping. This would tend to show that cases that require CPR are NOT included in ‘Basic First Aid’ type injuries. Also, the loss of a single finger or toe is NOT REPORTABLE in Ontario (!!) while it is in other jurisdictions. That might indicate that this type of injury should be considered to be a ‘Basic First Aid’ type of severity!! I don’t know about you, but I f I lose a finger or a toe at work you can bet that I’ll be heading to the ER, and that will make the injury reportable in any case.
I think the question of whether an injury is reportable or not is primarily a bureaucratic one, while the issues of how to classify the severity of injury are not. I believe that the two need to be kept separate and apart. While I would like it to be as clear cut as what you indicate it is in the USA, that is not the case here.
Thanks again for your comments! I really appreciate hearing from my readers!