Risk Reliability and Safety

GENG5507

What is risk?
Must-read reference

[AS ISO 31000:2018

Risk Management –Guidelines

2
What is risk?

• It is defined in AS/NZS ISO 31000:2018 as

“the effect of uncertainty on objectives”
• Notes:
– An effect is a deviation from the expected. It can be positive,
negative or both and can create or result in opportunities and
threats.
– Objectives can have different aspects and categories, and can
be applied at different levels.
– Risk is usually expressed in terms of the risk sources, potential
events, and their consequences and their likelihood.

Updated 13/7/2019 3
To manage risk we use
the risk management
process

Figure from
ISO
31000:2018

4
Updated 13/7/2019
 Other important terms (all from ISO
31000:2018)

• Risk management – coordinated activities to direct and

control an organization with regard to risk.
• Risk source – element which alone or in combination has
the potential to give rise to risk.
• Event – occurrence or change of a particular set of
circumstances.
– Note 1: An event can have one or more occurrences , and can have
several causes and several consequences
– Note 2: An event can also be something that is expected which does not
happen, or something that is not expected that does.
– Note 3: An event can be a risk source.
5
Updated 13/7/2019
 Other important terms (all from ISO
31000:2018)

• Consequence – outcome of event affecting objectives

– Note 1: A consequence can be certain or uncertain and can have
positive or negative direct or indirect effects on objectives.
– Note 2: Consequences can be expressed qualitatively or quantitatively.
– Note 3: Any consequence can escalate through cascading and
cumulative effects.
• Likelihood – chance of something happening
– Note 1:In risk management, the work 'likelihood' is used to refer to the
chance of something happening, whether defined, measured or
determined objectively or subjectively, qualitatively or quantitatively, and
described using general terms or mathematically (such as a probability
or a frequency over a given time period).

6
Updated 13/7/2019
 Other important terms (all from ISO
31000:2018)

• Control – measure that maintains and/or modifies risk

– Note 1:Controls include, but are not limited to, any process, policy,
device, practice or other conditions and/or actions which maintain or
modify risk.
– Note 2: Controls may not always exert the intended or assumed
modifying effect.
• Stakeholder– person or organization that can affect, be
affected by, or perceive themselves to be affected by a
decision or activity.
– Note 1:The term 'interested party' can be used an an alternative to
stakeholder.

7
Updated 13/7/2019
Principles of risk management (ISO
31000:2018)

Updated 13/7/2019
Leadership and Commitment are
at the heart of the risk
management framework

Updated 13/7/2019
Reminder: please read
reference, absorb AND
PRACTICE the processes and
principles in this Standard

10
 Risk Reliability and Safety
GENG5507

The ISO 31000 risk management process

What is ISO 31000?

• ISO is the International Standards Organisation. It is one of a number of

Standards bodies, others major ones include SA, IEC, ANSI, API, DIN, BSI,
ASTM
• These Standards cover
– Management Systems (e.g. ISO 9001, ISO 14001, BS OHSAS 18001)
– Technical Processes

• ISO 31000 is the internationally recognised standard for Risk Management. It

was updated as ISO 31000:2018, previously 2009.
• ISO 31000:2018 provides more strategic guidance than ISO 31000:2009 and
places more emphasis on both the involvement of senior management and
the integration of risk management into the organization.

2
Applicability of ISO 31000

• ISO 31000 can be …..

• Used by any public, private or community enterprise, association, group or
individual
• Applied throughout the life of an organisation, and to a wide range of
activities, including strategies and decisions, operations, processes,
functions, projects, products, services and assets.
• Applied to any type of risk, whatever its nature, whether having positive or
negative consequences.

3
The Risk Management
Process

Figure from ISO

31000: 2018
Updated 13/7/2019 4
Scope, context and criteria
• Every organization and situation is different, it is vital that the risk
management (RM) process is fit for purpose and appropriately scoped for the
specific context.
• The RM process may be applied at different levels (e.g. strategic, operational,
programme, project or other activities).
• Be clear about scope.
• Be clear about the objectives you are seeking to achieve (and their alignment
with organizational objectives).
• Defining the external and internal context requires an understanding of the
environment in which the organization operates.
• Organizational factors can be a source of risk.
• Organizations need to define criteria to evaluate the significance or risk, these
should be customized to the specific purpose and scope of the organization's
activity and reflect their values, objectives and resources.

5
ISO 31000:2018 updated 13/7/19
Risk Assessment

• This is the overall process of

risk identification, risk analysis
and risk evaluation.
• It should be conducted
systematically, iteratively and
collaboratively, drawing on the
knowledge and views of
stakeholders.

Figure from ISO

31000: 2018
Updated 13/7/2019 6
 IDENTIFY RISKS

Risk Identification What can happen?

When and where?
How and why?

• The purpose is to find, recognize and describes risk that might help or prevent
and organization achieving its objectives.
• There are a range of techniques for risk identification.
• Factors to consider include:
• Tangible and intangible sources of risk;
• Causes and events;
• Threats and opportunities;
• Vulnerabilities and capabilities;
• Changes in external and internal context;
• Indicators of emerging risks;
• The nature and value of assets and resources;
• Consequences and their impact on objectives;
• Limitations of knowledge and the reliability of information;
• Time related factors; and
• Biases, assumptions and beliefs of those involved.
7
ISO 31000:2018 updated 13/7/19
 Risk Analysis
• The purpose is to comprehend the nature of risk and its characteristics
including, where appropriate, the level of risk.
• Factors to consider include:
• The likelihood of events and consequences;
• The nature and magnitude of consequences;
• Complexity and connectivity;
• Time-related factors and volatility;
• The effectiveness of existing controls;
• Sensitivity and confidence levels.
• Risk analysis may be influenced by any divergence of opinions, biases,
perceptions of risk and judgements.
• Additional influences are the quality of information used, the assumptions and
exclusions made, any limitations of the techniques and how they are executed.
• These influences should be considered, documented and communicated to
decision makers.
8
ISO 31000:2018 updated 13/7/19
 Risk Evaluation
• The purpose is to support decisions.
• Risk evaluation involves comparing the results of the risk analysis with the
established risk criteria to determine where action is required.
• This can lead to a decision to:
• Do nothing further;
• Consider risk treatment options;
• Undertake further analysis to better understand the risk;
• Maintain existing controls;
• Reconsider objectives.
• Decisions should take account of the wider context and the actual or perceived
consequences to external or internal stakeholders.
• The outcome of risk evaluation should be recorded, communicated and then
validated at appropriate levels of the organization.

9
ISO 31000:2018 updated 13/7/19
 Risk Treatment
• The purpose is to select and implement options for addressing risk.
• Risk treatment involved an iterative process of:
• Formulating and selecting risk treatment options;
• Planning and implementing risk treatment;
• Assessing the effectiveness of that treatment;
• Deciding whether the remaining (residual) risk is acceptable;
• If not acceptable, taking further treatment.
• Decisions should take account of the wider context and the actual or perceived
consequences to external or internal stakeholders.
• The outcome of risk evaluation should be recorded, communicated and then
validated at appropriate levels of the organization.

10
ISO 31000:2018 updated 13/7/19
Identifying options for risks with positive
outcomes

Engage in
activity
Enhance Enhance
likelihood of consequence
outcome

POSITIVE
OUTCOME Retain
Share residual
opportunity opportunity

11
Identifying options for risks with negative
outcomes

Avoid the risk

Reduce Change
likelihood of consequence
outcome

NEGATIVE
OUTCOME

Share risk Retain risk

Elimination > Substitution > Physical Controls >

Signage, warnings, administrative, procedural
controls
12
 Risk Treatment Plans

• The purpose is to specify how the chosen treatment options will be

implemented.
• The information in the plan should include:
• The rationale for selection of the treatment options, including the
expected benefits to be gained;
• Those who are accountable and responsible for approving and
implementing the plan;
• The proposed actions;
• The resources required, including contingencies;
• The performance measures;
• The constraints;
• The required reporting and monitoring;
• When actions are expected to be undertaken and completed.

13
ISO 31000:2018 updated 13/7/19
The Risk Management Process –
Monitoring & Review, Communication &
Consultation, Recording & Reporting.

Figure from ISO

31000: 2018
Updated 13/7/2019 14
 Risk Reliability and Safety
GENG5507
Likelihood and Consequence matrices and
risk registers
Recall these definitions (ISO 31000:2018)

• Event – occurrence or change of a particular set of

circumstances.
• Consequence – outcome of event affecting
objectives
• Likelihood – chance of something happening
• Control – measure that maintains and/or modifies
risk

2
Updated 13/7/2019
Simple matrix representation

Probable
LIKELIHOOD
MEDIUM HIGH
RISK RISK

Unlikely
LOW MEDIUM
RISK RISK

Minor Major

CONSEQUENCE

• The number of divisions on each axis is

determined by the level of detail required.
3
Colour is often used
CONSEQUENCE
FAILURE Insignif Minor Moder Major Catastrop
RATE icant ate hic
Frequent >1/month Amber Amber Red Red Red
Likely 1/yr Green Amber Amber Red Red
Occasiona 1/10 yrs Green Green Amber Amber Red
l
Unlikely 1/100 yrs Green Green Green Amber Amber
Rare <1/1000 Green Green Green Green Amber
yrs

Red – very high risk, requires senior management attention, immediate action
required
Amber – medium risk, managed by specific monitoring or response procedures
Green – business as usual, manage with routine procedures. 4
 Example of consequence ratings
RANKING 1 2 3 4 5

Lost time injury/illness

-or-
Single fatality
severe, reversible Multiple fatalities
Minor injury -or-
Medical treatment case health effect resulting -or-
-or- permanent disability
SAFETY & -or- from acute, short term health effects resulting
minor reversible -or-
HEALTH reversible health effect exposure in multiple disabling
health effects of no exposures resulting in
of concern, no disability -or- illness leading to early
concern irreversible health effect
progressive chronic mortality
of concern
condition, infectious
disease

Moderate Severe long term

Serious medium term
Limited environmental Minor on-site environmental impacts, environmental impacts,
environmental impacts,
impact, no regulatory environmental impact, extends beyond site severe breach of
major regulatory
ENVIRONMENT reporting, minor reportable to regulators, boundary, regulatory regulations with
violations, long term
closure delays of 1-2 closure delays of 3-6 violations with fines, operation suspended,
closure impacts of >10
years years significant closure closure severely
years
delays of 6-10 years impacted

PRODUCTION
(variance to <1% 1-2% 2-5% 5 - 10 % > 10 %
budget)

COST
(variance to <1% 1-2% 2-5% 5 - 10 % > 10 %
budget)
5
 Risk Matrix used in this course
Likelihood of occurrence
5x5 Risk Matrix for use in the GENG 5507 Risk
Reliability and Safety Class UWA

Happened several
times per year in the
Happened several industry or incident Incident has
Never heard of in Heard of in industry times in industry or has occurred several occurred several
industry has happened in our times in our times at our location
company company or at least
once in our location

Environment Assets/Business
Disruption
Limited environmental No disruption to process,
impact, spill contained minimum cost for repair
on site (cost <1, 000 A$)
Reputation
Public awareness of the
incident may exist, there is
no public concern
Incident is highly Incident is unlikely Incident could occur Incident will Incident is expected
unlikely but may but possible to at the location probably occur in to occur in most
occur under occur at the location during the lifecycle most circumstances circumstances at the
Health and Safety exceptional during the lifecycle phase at the location location during the
circumstances phase during the lifecycle lifecycle phases
during the lifecycle phase
phase
A B C D E
First aid case-or-minor
reversible health effects of
1 L L L M M
no concern

Minor environmental Possible brief disruption of Some local public concern, Medical treatment case-or-
impact, reportable the process; isolation of slight local media or reversible health effect of
2 L L L M M
incident no permanent equipment for repair (cost political attention concern, no disability
effect (<100 bbl) <10,000 A$)

Moderate Plant partly down, process Regional public concern, Lost time injury/illness-or-
environmental impacts, can possibly be restarted negative local media or severe reversible health
3 L L M M H
extends beyond site (cost<100,000 A$) political attention effect from acute, short term
boundary, repeated exposure
exceedance of statutory
or prescribed limit
Serious medium term Partial loss of plant, plant National public concern, Single fatality –or-
environmental impacts, shut-down for up to 4 weeks extensive negative national permanent disability –or-
4 M M M H H
extended exceedance (cost <1,000,000 $A) media or political attention exposures resulting in
of statutory or irreversible health effect of
prescribed limit concern

Severe environmental Total loss of plant or plant International public Multiple fatalities –or- health
damage extending over shut-down for more than 4 concern, negative media or effects resulting in multiple
5 M M H H H
large area weeks (cost<10,000,000 $A) political attention, disabling illness learning to
intervention from early mortality
Government

6
 Generally
Risk cannot be justified save
intolerable in extraordinary
region circumstances

Increasing individual risks and societal

Basic safety limit

Drive risks towards the

‘broadly acceptable’ region
ALARP or
Tolerable region
Residual risk

concerns
tolerable only if
further risk reduction
impractical
Basic safety objective
Risk reduction
not likely to be
required
Broadly
accepted region

In addition there is the concept of ALARP for safety

“As low as reasonably practicable”.
See https://www.nopsema.gov.au/ web site 7
Risk register

• Each risk is assessed with respect to likelihood and

consequence
• Generally these values are multiplied together to
give a risk ranking
• Risks and their rankings are stored in the risk
register
• Risks with high rankings are prioritised for treatment

8
Risk registers are widely used

• All organisations are required to maintain risk

registers
• Projects have risk registers
• There are often risk registers for specific risks e.g.
Safety and Health
• http://www.safety.uwa.edu.au/management/risk-
register
• Your MPE projects should have a risk register

9
Updated 13/7/2019
 GENG5507
PW2.5 RISK ASSESSMENT
Risk assessment

• Has three stages:

• Risk identification
• Risk analysis/ assessment
• Risk evaluation

Risk evaluation supports decisions. It

considers the results of the
analysis to determine if additional
action is required.
AS ISO 31000:2018

2
Identify risks

• Risk identification depends on the

context. If the context changes, it
is likely risks will have changed.
• The purpose of risk identification is
to FIND, RECOGNISE and
DESCRIBE risks that might help or
prevent an organization achieving
its objectives.

AS ISO 31000:2018

3
Risk identification
• How do we know what risks to assess? We need to identify
hazards first. How to do this?
– Specific hazards
– Specific hazardous sequences
– Specific events
– Scenarios (also known as chains of events)

• In addition, organisations need to consider related to achieving their

objectives such as:
– Changes in external and internal contexts
– Emerging risks,
– Threats and opportunities.

4
In Engineering we are
Hazards can be categorized as follows:
often focussed on
identifying technical
hazards Chemical (e.g. toxic chemicals released from a
For more information see Unit
chemical process)
Textbook – Modarres et al. Section
8.2.1 Thermal (e.g. high energy explosion or fire)

Mechanical (e.g. kinetic or potential energy from

moving object)

Electrical (e.g. potential different, electric or

magnetic fields, electric shock)

Ionizing radiation (e.g. nuclear radiation)

Nonionizing radiation (e.g. radiation from a

microwave or the sun)

Biological (e.g. resistance to antibiotics, invasive

inspects)

5
Example hazard checklist from industry

6
Analyze risks (from ISO/AS 31000_
ANALYSE RISKS
Identify existing controls
Determine consequences
Determine likelihood
Determine level of risk

Risk analysis provides an input to

decisions on whether risks need to be
treated and the most appropriate and
cost-effective risk treatment
strategies.
Risk analysis involves consideration
of the sources of risk, their positive
and negative consequences and
estimation of likelihood.
In most circumstances existing AS ISO 31000:2018
controls are taken into consideration.
7
Estimation of likelihood for risk assessment
• Component reliability analysis (Chapter 3*)
– Based on estimation of parameters for distributions of life/ failure or
other features of interest
• System reliability analysis
– Reliability block diagrams (Ch. 4.1*)
– Fault Tree Analysis (Ch 4.2*)
– Event Tree Method (Ch 4.3*)
• Failure Mode and Effects Analysis FMEA/FMECA (Ch 4.5*)
• Specialist methods
– Probability of failure of a Safety Instrumented System (SIS) using
LOPA (Layer of Protection analysis)
– Probability of Failure on Demand (PFD)
• We will cover these methods in the coming weeks.
8
* Refers to the Unit Textbook – Modarres et al.
Risk assessment

Many risk assessment processes

are documented in Standards
Examples include
• IEC 60812:2018 FMEA
• AS IEC 61882:2017 HAZOP
• ISO 17776: 2000 HAZID
• IEC 61025: 2006 FTA
• AS IEC 62503:2011 ETA
• IEC 61508/61511 Functional
safety AS ISO 31000:2018

9
 GENG5507
Safety management at UWA

Melinda Hodkiewicz 1
 Safety management system at UWA

Copied 2/2/2022
Melinda Hodkiewicz 2
 AS/ NZS ISO 45001: 2018 OHS Management –
Occupational Health and Safety Standard
• ISO 45001 is an International
Standard that provides
guidance to organisations and
individuals responsible for
safe work systems.,
• The UWA Safety
Management System is
aligned to AS ISO 45001
• A key element of AS ISO
45001 is the Plan-Do-Check-
Act principle.

Melinda Hodkiewicz Ref: UWA Safety and Health Leadership and Governance 3
Framework
 Plan-Do-Check-Act
• The PDCA principle is an iterative process for
continuous improvement.
• It is the basis of many management system
standards.
• Plan – Determine and assess risks and
opportunities, and establish objectives necessary to
deliver results in accordance with the relevant policy.
• Do – Implement the planned process.
• Check – Monitor and measure activities and
processes with regard to the policy and objectives,
and report on the results.
• Act – Take actions to continuously improve the
safety and health performance to achieve the
intended outcomes.

Melinda Hodkiewicz Ref: UWA Safety and Health Leadership and Governance 4
Framework
 Key features of the web site to explore
• Read the UWA Safety and Health Strategic Plan 2021-2025
• Safety and Health Policy
• Hazards, Incidents and Emergencies page
• There will be questions about materials on these pages in this weeks and
future Eng weekly quizzes.

Melinda Hodkiewicz 5
Risk Reliability and Safety
GENG5507

Driverless cars and systems

Driverless cars

2
The opportunities ….

• Reduced social costs associated with

– Safety: social and financial cost of crashes
– Time wasted in traffic jams
– Urban space for parking lots
– Additional transportation infrastructure

KPMG “Self-driving cars: the next revolution”, White Paper, no date.

3
Drivers for change - mobility

• High cost of mobility

– Avg cost over 5 years of a car driven 15,000 km/yr is
US$40k. Utilisation is <8%
– Cost of a new four-lane highway US$8-$12m/ mile
– Average US commute spends 250 hrs/year behind
the wheel
– In congested urban areas, 40% of petrol use is
looking for parking

KPMG “Self-driving cars: the next revolution”, White Paper, no date. 4

Drivers for change - safety

• In the US in 2010 there were ~6m vehicle crashes

resulting in 32,788 deaths.
• Vehicle crashes are the leading cause of death for
Americans aged 4-34
• Of the 6 million crashes, 93% are attributable to
human error

5
Drivers for change - Demographics

• The “Gen Now” generation (15-34) are less anxious

to get driving licences
• In the US in 1978 75% of 17 year olds had driving
licenses, in 2008 this had dropped to 50%.
• Gen Now are likely to be more comfortable with
digital technology

6
The risks ….

• But what are the risks ….

• Let’s discuss in this week’s Workshop

• Please prepare by looking at the Pre-work material

on LMS

7
Risk management process

UWA campus selected as

Google trial site

Selected student and staff

will test driverless vehicles
on site and drive car
regularly off site

Trial will last for 12 months

Figure from ISO31000:2018. Updated 8

13/7/2019
Aim of the workshop

• Explore how will we use the processes, tools and

techniques we have covered in the course to
develop a risk management plan for the Google-
UWA driverless trial.