Professional Documents
Culture Documents
Prework W2
Prework W2
Prework W2
GENG5507
What is risk?
Must-read reference
2
What is risk?
Updated 13/7/2019 3
To manage risk we use
the risk management
process
Figure from
ISO
31000:2018
4
Updated 13/7/2019
Other important terms (all from ISO
31000:2018)
6
Updated 13/7/2019
Other important terms (all from ISO
31000:2018)
7
Updated 13/7/2019
Principles of risk management (ISO
31000:2018)
Updated 13/7/2019
Leadership and Commitment are
at the heart of the risk
management framework
Updated 13/7/2019
Reminder: please read
reference, absorb AND
PRACTICE the processes and
principles in this Standard
10
Risk Reliability and Safety
GENG5507
2
Applicability of ISO 31000
3
The Risk Management
Process
5
ISO 31000:2018 updated 13/7/19
Risk Assessment
• The purpose is to find, recognize and describes risk that might help or prevent
and organization achieving its objectives.
• There are a range of techniques for risk identification.
• Factors to consider include:
• Tangible and intangible sources of risk;
• Causes and events;
• Threats and opportunities;
• Vulnerabilities and capabilities;
• Changes in external and internal context;
• Indicators of emerging risks;
• The nature and value of assets and resources;
• Consequences and their impact on objectives;
• Limitations of knowledge and the reliability of information;
• Time related factors; and
• Biases, assumptions and beliefs of those involved.
7
ISO 31000:2018 updated 13/7/19
Risk Analysis
• The purpose is to comprehend the nature of risk and its characteristics
including, where appropriate, the level of risk.
• Factors to consider include:
• The likelihood of events and consequences;
• The nature and magnitude of consequences;
• Complexity and connectivity;
• Time-related factors and volatility;
• The effectiveness of existing controls;
• Sensitivity and confidence levels.
• Risk analysis may be influenced by any divergence of opinions, biases,
perceptions of risk and judgements.
• Additional influences are the quality of information used, the assumptions and
exclusions made, any limitations of the techniques and how they are executed.
• These influences should be considered, documented and communicated to
decision makers.
8
ISO 31000:2018 updated 13/7/19
Risk Evaluation
• The purpose is to support decisions.
• Risk evaluation involves comparing the results of the risk analysis with the
established risk criteria to determine where action is required.
• This can lead to a decision to:
• Do nothing further;
• Consider risk treatment options;
• Undertake further analysis to better understand the risk;
• Maintain existing controls;
• Reconsider objectives.
• Decisions should take account of the wider context and the actual or perceived
consequences to external or internal stakeholders.
• The outcome of risk evaluation should be recorded, communicated and then
validated at appropriate levels of the organization.
9
ISO 31000:2018 updated 13/7/19
Risk Treatment
• The purpose is to select and implement options for addressing risk.
• Risk treatment involved an iterative process of:
• Formulating and selecting risk treatment options;
• Planning and implementing risk treatment;
• Assessing the effectiveness of that treatment;
• Deciding whether the remaining (residual) risk is acceptable;
• If not acceptable, taking further treatment.
• Decisions should take account of the wider context and the actual or perceived
consequences to external or internal stakeholders.
• The outcome of risk evaluation should be recorded, communicated and then
validated at appropriate levels of the organization.
10
ISO 31000:2018 updated 13/7/19
Identifying options for risks with positive
outcomes
Engage in
activity
Enhance Enhance
likelihood of consequence
outcome
POSITIVE
OUTCOME Retain
Share residual
opportunity opportunity
11
Identifying options for risks with negative
outcomes
NEGATIVE
OUTCOME
13
ISO 31000:2018 updated 13/7/19
The Risk Management Process –
Monitoring & Review, Communication &
Consultation, Recording & Reporting.
2
Updated 13/7/2019
Simple matrix representation
Probable
LIKELIHOOD
MEDIUM HIGH
RISK RISK
Unlikely
LOW MEDIUM
RISK RISK
Minor Major
CONSEQUENCE
Red – very high risk, requires senior management attention, immediate action
required
Amber – medium risk, managed by specific monitoring or response procedures
Green – business as usual, manage with routine procedures. 4
Example of consequence ratings
RANKING 1 2 3 4 5
PRODUCTION
(variance to <1% 1-2% 2-5% 5 - 10 % > 10 %
budget)
COST
(variance to <1% 1-2% 2-5% 5 - 10 % > 10 %
budget)
5
Risk Matrix used in this course
Likelihood of occurrence
5x5 Risk Matrix for use in the GENG 5507 Risk
Reliability and Safety Class UWA
Happened several
times per year in the
Happened several industry or incident Incident has
Never heard of in Heard of in industry times in industry or has occurred several occurred several
industry has happened in our times in our times at our location
company company or at least
once in our location
Incident is highly Incident is unlikely Incident could occur Incident will Incident is expected
unlikely but may but possible to at the location probably occur in to occur in most
occur under occur at the location during the lifecycle most circumstances circumstances at the
Environment Assets/Business Reputation Health and Safety exceptional during the lifecycle phase at the location location during the
circumstances phase during the lifecycle lifecycle phases
Disruption during the lifecycle phase
phase
A B C D E
Limited environmental No disruption to process, Public awareness of the First aid case-or-minor
impact, spill contained minimum cost for repair incident may exist, there is reversible health effects of
1 L L L M M
on site (cost <1, 000 A$) no public concern no concern
Minor environmental Possible brief disruption of Some local public concern, Medical treatment case-or-
impact, reportable the process; isolation of slight local media or reversible health effect of
2 L L L M M
incident no permanent equipment for repair (cost political attention concern, no disability
effect (<100 bbl) <10,000 A$)
Moderate Plant partly down, process Regional public concern, Lost time injury/illness-or-
environmental impacts, can possibly be restarted negative local media or severe reversible health
3 L L M M H
extends beyond site (cost<100,000 A$) political attention effect from acute, short term
boundary, repeated exposure
exceedance of statutory
or prescribed limit
Serious medium term Partial loss of plant, plant National public concern, Single fatality –or-
environmental impacts, shut-down for up to 4 weeks extensive negative national permanent disability –or-
4 M M M H H
extended exceedance (cost <1,000,000 $A) media or political attention exposures resulting in
of statutory or irreversible health effect of
prescribed limit concern
Severe environmental Total loss of plant or plant International public Multiple fatalities –or- health
damage extending over shut-down for more than 4 concern, negative media or effects resulting in multiple
5 M M H H H
large area weeks (cost<10,000,000 $A) political attention, disabling illness learning to
intervention from early mortality
Government
6
Generally
Risk cannot be justified save
intolerable in extraordinary
region circumstances
concerns
tolerable only if
further risk reduction
impractical
Basic safety objective
Risk reduction
not likely to be
required
Broadly
accepted region
8
Risk registers are widely used
9
Updated 13/7/2019
GENG5507
PW2.5 RISK ASSESSMENT
Risk assessment
• Risk identification
• Risk analysis/ assessment
• Risk evaluation
2
Identify risks
AS ISO 31000:2018
3
Risk identification
• How do we know what risks to assess? We need to identify
hazards first. How to do this?
– Specific hazards
– Specific hazardous sequences
– Specific events
– Scenarios (also known as chains of events)
4
In Engineering we are
Hazards can be categorized as follows:
often focussed on
identifying technical
hazards Chemical (e.g. toxic chemicals released from a
For more information see Unit
chemical process)
Textbook – Modarres et al. Section
8.2.1 Thermal (e.g. high energy explosion or fire)
5
Example hazard checklist from industry
6
Analyze risks (from ISO/AS 31000_
ANALYSE RISKS
Identify existing controls
Determine consequences
Determine likelihood
Determine level of risk
9
GENG5507
Safety management at UWA
Melinda Hodkiewicz 1
Safety management system at UWA
Copied 2/2/2022
Melinda Hodkiewicz 2
AS/ NZS ISO 45001: 2018 OHS Management –
Occupational Health and Safety Standard
• ISO 45001 is an International
Standard that provides
guidance to organisations and
individuals responsible for
safe work systems.,
• The UWA Safety
Management System is
aligned to AS ISO 45001
• A key element of AS ISO
45001 is the Plan-Do-Check-
Act principle.
Melinda Hodkiewicz Ref: UWA Safety and Health Leadership and Governance 3
Framework
Plan-Do-Check-Act
• The PDCA principle is an iterative process for
continuous improvement.
• It is the basis of many management system
standards.
• Plan – Determine and assess risks and
opportunities, and establish objectives necessary to
deliver results in accordance with the relevant policy.
• Do – Implement the planned process.
• Check – Monitor and measure activities and
processes with regard to the policy and objectives,
and report on the results.
• Act – Take actions to continuously improve the
safety and health performance to achieve the
intended outcomes.
Melinda Hodkiewicz Ref: UWA Safety and Health Leadership and Governance 4
Framework
Key features of the web site to explore
• Read the UWA Safety and Health Strategic Plan 2021-2025
• Safety and Health Policy
• Hazards, Incidents and Emergencies page
• There will be questions about materials on these pages in this weeks and
future Eng weekly quizzes.
Melinda Hodkiewicz 5
Risk Reliability and Safety
GENG5507
2
The opportunities ….
5
Drivers for change - Demographics
6
The risks ….
7
Risk management process