RISK MANAGEMENT

CHAPTER- 2

RISK MANAGEMENT

European Safety Council - International Diploma in Health and Safety Engineering Page 54
 RISK MANAGEMENT

Contents
Element 1- Overview................................................................................................................................... 56
Element 2- How risk assessment fits into the management concepts used in organisations. ................... 57
2.1 Risk assessment ................................................................................................................................ 57
2.2 Identifying or Risk factors ................................................................................................................. 57
2.3 Evaluate the risks and design an action plan. ................................................................................... 58
Element 3 – Factors that influence intolerable and tolerable risks ............................................................ 62
3.1 Political risk factors ........................................................................................................................... 62
3.2 Social risk factors .............................................................................................................................. 63
3.3 Integrating social and political risk into organisational management .............................................. 64
3.4 Risk management process ................................................................................................................ 65
Element 4- Hierarchy of risk control ........................................................................................................... 68
Element 5- Factors that influence perception, attitudes and behaviours .................................................. 71
Element 6- Formal and informal leadership ............................................................................................... 75
6.1 Difference between formal and informal leadership ....................................................................... 76
Element 7- Risk perception and society ...................................................................................................... 78
7.1 Perception of risk and behavioural risk ............................................................................................ 78
References .................................................................................................................................................. 82

European Safety Council - International Diploma in Health and Safety Engineering Page 55
 RISK MANAGEMENT

Element 1- Overview
The day to day interactions of man within his environment is compounded by several risk
factors which can pose threats to safety and health with that environment due to social,
physical or economic factors. The ability therefore to define hazards and associated risks
surrounding organisational activities and proscribing management techniques to identify,
evaluate and mitigate these risks within a defined workspace will be a competence every
organisation must imbibe in order to entrench a safety culture that will generate growth and
ensure employee safety and health.
It is our objective in the scope of this study to assess risk and underscore how it fits into
organisations management concepts, score the influence of social political and cultural risk in
factoring acceptable and intolerable risks. The factors that influence management and
employee perception, attitudes and behaviours to risks and also formal and informal leadership
in management principle.

Definition of terms

Hazards- are any source of potential damage, harm or adverse health effects on something or
someone within an environment.

Harm - physical injury or damage to health.

Risk is the chance or probability that a person will be harmed or experience an adverse health
effect if exposed to a hazard. It may also apply to situations with property or equipment loss, or
harmful effects on the environment.

Risk management - Risk management is a step by step approach to manage workplace hazards.
It is a key component in any organizational management that identifies, evaluates and
determines the methods of reducing risks to an acceptable level to protect employees, visitors,
third party contractors, casual labourers, people who remain physically present at the
workplace and the environment. Risk management also protects assets and envision how to
avoid losses.

European Safety Council - International Diploma in Health and Safety Engineering Page 56
 RISK MANAGEMENT

Element 2- How risk assessment fits into the management concepts used in
organisations.

Learning Outcomes
At the end of this section learners should be able to;

• Define risk assessment

• Illustrate the steps in risk assessment
• Relate risk assessment to organization's management concept
• Explain ways of identifying hazards

2.1 Risk assessment

A risk assessment is a detailed look at your work environment to identify those things,
situations, processes, etc. that may cause harm, particularly to people. After identification is
made, you analyse and evaluate how likely and severe the risk is. This therefore means that risk
assessment does not end with identification but evaluates the severity of the risk as well as try
to predict its occurrence over a period. Employers are required by law to identify hazards in the
workplaces under their control and assess the risk presented by the hazards. In order to achieve
an effective risk management process, it is necessary to have a clear understanding of the legal
context, concepts, risk analysis, assessment and control processes and the role played by all
involved in the process. It is also desirable to base risk management on solid and tested
methods.
To carry out an effective risk assessment within the OSH, there are five steps to take a thorough
look at.
1. Identifying hazards or risk factors i.e. anything that may cause harm
2. Determine who may be at risk of harm, and in what way
3. Evaluate the risks and design an action plan.
4. Make a record or documentation of the findings
5. Review the risk assessment

2.2 Identifying or Risk factors

It is the duty of all employers to assess the health and safety risks faced by their workers within
their organisation. Your employer must thoroughly and systematically check for possible
physical, mental, chemical and biological hazards or risks.

One common classification of hazards or risks includes:

Physical hazards: resulting from activities e.g. lifting, awkward postures, slips and trips, noise,
dust, machinery, computer equipment, etc.

European Safety Council - International Diploma in Health and Safety Engineering Page 57
 RISK MANAGEMENT

Mental hazards: These include hazard sources like e.g. excess workload, long hours, working
with high-need clients, bullying, etc. These are also called 'psychosocial' hazards, affecting
mental health and occurring within working relationships.

Chemical hazards: comprising hazard sources e.g. asbestos, cleaning fluids, aerosols, etc.

Biological hazards: These includes such health hazards like tuberculosis, hepatitis and other
types of infectious diseases faced by healthcare workers, home care staff and other healthcare
professionals.
The management by these categories classify OSH within their organisations and then proceed
to the next phase of assessment.

Determine who may be at risk of harm, and in what way

Identifying individuals at risk starts with your organisation's own staff into full- and part-time
employees. Employers should assess risks faced by agency and contract staff, visitors, clients
and other members of the public on their premises.

Employers must review work schedules and calendars in all the different locations and
situations where their staff are employed.
For example:
Home care overseers must take due account of their client's personal safety in the home, and
ensure safe working practices as well as lifting arrangements for their own home care staff.
In a shopping mall, hazards are found in repetitive tasks such as checkout, lifting loads, slips
and trips from spillages and obstacles in the shop and storerooms. Staff face the risk of violence
from customers and intruders, especially in the evenings.
In call centres, workstation equipment (i.e. desk, screen, keyboard and chair) must be adjusted
to suit each employee way of safe work.
Employers have special duties towards the health and safety of young workers, disabled
employees, night workers, shift workers, as well as pregnant or breastfeeding women.
Having classified the risk into target risk audience to see who is likely to get affected by such
occurrence, what to do next is evaluation.

2.3 Evaluate the risks and design an action plan.

This involves employers considering how likely each hazard identified could cause harm. This
will determine whether or not your employer should reduce the level of risk. There risk that
remains even after all precautions have been taken, and are usually deemed tolerable risk.
Employers must decide for each remaining hazard whether the risk remains high, medium or
low. Depending on risk type, employers must develop an adequate plan of action for employees
to reduce or mitigate this risk within the workplace as applies to the industry.

Make a record or documentation of the findings

European Safety Council - International Diploma in Health and Safety Engineering Page 58
 RISK MANAGEMENT

Employers depending on organisation size could either document by writing or verbally. Small
organisations with five or more staff are required to record in writing the main findings of the
risk assessment. Included in this record should be details of any hazards noted in the risk
assessment, and action taken to reduce or eliminate risk.
The purpose of the record is to provide proof that the assessment was carried out, and is used
as the basis for a later review of working practices. The risk assessment is a working document.
It should be able to read by staff and should not be locked away in a cupboard.

Review the risk assessment

A risk assessment must be reviewed from time to time in order to:
ensure that constituted and agreed safe working practices continue to be applied (e.g. that
management's safety instructions are respected by supervisors and line managers); and it must
consistently take account of any new working practices, new machinery or more demanding
work targets.

OSH risk assessment and organisational management concepts

Risk assessment within OSH has been described as the involvement of safety practitioners and
personnel in evaluating through identification and analysis to provide adequate measures to
reduce and mitigate harm posed by such occurrences. OSH like the underlying theories of
management concepts seeks to enhance employee proficiency so as to attain profitability and
achieve organisational goals.
To fully understand these narrative, let us look at certain concepts of effective risk
management as they are integrated into OSH.

Integrating OSH risk into decision making

One of the most important tests of true risk management effectiveness is the level of OSH risk
management integration into decision making. This takes into account how much of
management awareness and readiness to make decision centred around OSH. ISAR research
shows that companies capable of systematically integrating OSH risk into management planning
and budgeting decisions, investment decisions, core operational business processes and key
supporting functions to achieve long-term sustainable advantage. Let's consider an example of
a large investment fund, which makes investment decisions only after an independent risks
analysis and does simulations to test the effect of uncertainty on key project assumptions and
forecasts without taking OSH risk into consideration. Another example is also a large airline,
5which makes strategic decisions based on several quality alternatives with a risk assessment
performed for each alternative.

Strong risk management culture

The ability and psychology of business managers to make decisions in situations of great
uncertainty have a huge impact on OSH and risk management effectiveness. Nobel laureates,
D.Kahneman and A.Tversky, conducted some exceptional research in the field of risk

European Safety Council - International Diploma in Health and Safety Engineering Page 59
 RISK MANAGEMENT

perception, showing that most people, consciously or subconsciously, choose to be ignorant of

risks and this also applies to OSH. A robust risk management culture is therefore fundamental
to effective risk management. Let's look at the example of a large petrochemical company,
which used both online and face-to-face training to raise risk management awareness and
competencies across all staff levels. The company also allocated resources to integrating risk
management principles into the overall company culture. Consider also an example is a
government agency, which documented transparent discussion and sharing information about
OSH risks as one of their corporate values, which were later communicated to all employees.

Disclosing OSH risk information

An additional criterion for effective risk management and OSH is the willingness and ability of
an organization to document and disclose risk-related information both internally and
externally. A medium and large company not only documents the results of risk analysis in the
internal decision making processes, but also discloses information about OSH risks and their
mitigation to relevant stakeholders, where appropriate, in external reporting or on the intranet.
It is important to note that since actual risk and OSH information may be sensitive and contain
commercial secrets, the focus of disclosure should not be the risks themselves but rather on the
risk management framework, the executive commitment to managing risks, and the culture of
the organization.

Bear in mind that disclosure of risk management information allows companies to both make
and save money. An example is how the insurance market positively reacts to a company's
ability to disclose information about the effectiveness of its risk management and control
environment, offering a reduction in insurance premiums. Banks and investors also see risk
disclosure in a positive light, allowing companies to lower their financing costs.

Continuously improving risk management

A final criterion for effective risk management has to do with the continuous improvement of
the risk management framework and the OSH risk team itself. One investment portfolio was
able to do this with the help of regular assessment of the quality and timeliness of their risk
analysis, annual risk management culture assessments as well as periodic review of risk
management team competencies. For example, professional risk management certification
helps to boost risk team competencies. One of the reasons behind the need for constant risk
management improvement is the rapid development and entrenching of the risk management
discipline and OSH culture. The ISO 31000:2009 standard is currently being reviewed by more
than 200 specialists from 30 different countries. Some of the suggestions for the new version of
the standard include the greater need for integration of risk management into business
activities, including decision making and the need to explicitly take into account human and
cultural factors. These changes could significantly impact on many modern non-financial
organizations, raising questions about their risk management effectiveness.

European Safety Council - International Diploma in Health and Safety Engineering Page 60
 RISK MANAGEMENT

Risk management, like any other element of corporate governance, must be integrated into the
overall management system of the organization. ISO 31000:2009 talks in explicit about the
need for risk management to be adaptive, dynamic, iterative in nature and able to react to
change. As organizational risk maturity increases, so the tools used by the organization to
manage risks and OSH in decision making. Professional risk managers should not only develop
risk management processes for their organizations, but also improve their own risk
management competencies.

It is recommended that executives and risk managers evaluate the current level of risk
management maturity in their organization using the criteria for effective risk management
presented in this article. If at least one of the pieces of the puzzle is missing, it is probably a bit
premature to talk about effective risk management being in place.

Exercises
1. What is the importance of risk assessment in the general management of an
organization?
2. Account for the 5 steps of risk assessment

European Safety Council - International Diploma in Health and Safety Engineering Page 61
 RISK MANAGEMENT

Element 3 – Factors that influence intolerable and tolerable risks

Learning Outcomes
At the end of this section learners should be able to;

• Explain social and political risk factors

• State how socio-political risk factors influence tolerability of risks
• Give the requirements for effective risks management
• Illustrate the influence of the socio-political risk factors with the aid of a diagram
Organisations face complex political and social challenges. These factors are wide-ranging and
have different impacts on organizations, depending on sector, geographic location, and type of
operation. Further, consideration of risk is substantively different if a company is considering
expanding its operations by opening a new venture or tackling challenges to existing
operations. Internally risk was more narrowly focused on internal financial controls and
employeeparticipation.Now,identifying,measuring and seeking preventive or mitigation
strategies to address social and political issues have become crucial to firms functioning
invarious countries. All companies and organisations are struggling to make business decisions
that integrate financial information with insight into social and political concerns that can
seriously affect their projects and bottom lines. Integration of social and political risks into the
financial equation has, however, remained a challenging factor.
Let us examine risk as either tolerable or intolerable in terms social, political and cultural values
as the case may apply.

3.1 Political risk factors

Political risk can generally be understood as execution of political power in a way thatthreatens
a company’s value. This in the context of OSH refers to the policies which reflect the basis on
which organisations classify risk as tolerable or intolerable. Two types ofpolitical risk are
relevant to companies doing business internationally: industry- or firm-specific political risk and
country-specific political risk. On the one hand mass anti-government protests, may not pose
apolitical risk to a firm if they do not affect
(a) government policies towards business, or
(b) the firm’s current or future operations or value
On other hand, changes affecting the legal framework governing contracts could have a
significant negative impact on the company. Industry- and firm-specific political risk is
experienced by one organisation or firm, such as threats by Bolivia’s President Evo Morales to
nationalize the country’s oil and gas sector. Companies including Brazil’s Petrobras and Spain’s
Repsol YPF have invested $3.5 billion into developing Bolivia’s natural gas fields, the second-
largest natural gas reserves in South America. Threats by Morales’ government have recently

European Safety Council - International Diploma in Health and Safety Engineering Page 62
 RISK MANAGEMENT

been translated into specific actions against foreign energy companies, beginning with (a)
forced audits of their financial documentation, and
(b)A clear demand to renegotiate concession agreements and revenue-sharing from gas field
development to give the government a majority stake within six months. Sector-, provincial-,
and country-specific political risk is spread more widely and interwoven. These risks can include
a civil war, drastic changes in foreign currency rules, or sweeping changes to the tax
code. These types of risks can be generated directly from the host country government, or
emerge from an unstable social situation within a country. Regardless of the source, an
Organisation attempting to understand potential political risk must recognize the difference
between (a) political issues that can affect corporate performance, and (b) dramatic situations
that do not impact financially on the company. Additionally, companies should understand the
potential damage to reputation, and associated costs, related to political risk. The distinction
between social and political risks is often blurred. We consider these issues to fall along a
continuous cycle. The subjects in Exhibit 2.1 are only some of the most critical social and
political risks facing global companies today. Although the Exhibit does nottry to list all risks, the
wide variety of risks it includes provides a sample of relevant issues facing companies. Each
organization should generate its own list of social and political risks, based on their relevance to
its business (es) and the business environments in which it/they operate(s).

3.2 Social risk factors

Many social issues can affect an organisation doing business nationally and internationally,
whether in developing or developed countries. Some industries are more exposed to these risks
than are others. For example, businesses with big installations like factories, ports, mines, and
refineries can lead to dissatisfaction and unrest in a local population when:
• There is the perception that local expectations and agreements are not being met;
• The habitat is being polluted; or
• Business is carried out in a region of general political unrest, where the military is protecting a
site and using its presence to harass the local population for reasons unrelated to the business.
The local population can sometimes associate the company with these practices and begin to
target it as a proxy for the government or the military.
An example is the experience of US-based Freeport McMoran, which owns a large gold and
copper mine in Papua, Indonesia. The company lost approximately $48 million and 20% of its
share price due to contention with the populations surrounding the Freeport mine. Tension had
already escalated in the region because of a New York Times report on December 2005 that
Freeport, which employs 180,000 people and is one of Indonesia’s largest taxpayers, had paid
Indonesian military and police officers close to$20 million between 1998 and 2004,leading to an
investigation by the U.S.government and protests by the local population. Further ill-will arose
when poor residents near the Freeport mine, with little economic opportunities, began
prospecting for gold in the waste rock from the company’s operations. Due to possible health
concerns resulting from exposure to this material, the company moved to prohibit prospecting,
positioning private security guards around the mine, who allegedly had authority to shoot at
prospectors. The local community, was suspicious however of the cited health reasons, as it
already perceived that a large foreign company was making huge profits from use of its land.

European Safety Council - International Diploma in Health and Safety Engineering Page 63
 RISK MANAGEMENT

Impoverished local residents believed that they were being unjustly prevented from sharing,
even marginally, in the big company’s wealth. In reaction, the community began protests that
closed the mine for four days—at an approximate cost of $12 million a day.
Nigeria is another example of risks that can emerge on the arrival of a large company to a
relatively isolated or under-developed area. The arrival of petroleum companies created
unintended consequences when a sudden influx of people, often unskilled, looking for work at
the oil installation. When no jobs were available, some turned to violent behaviour. A number
of unemployed Nigerian youths began attacking oil pipelines, taking personnel hostage, and in
one case, seizing an offshore oil rig, demanding that they be given jobs.
Health, safety, and environmental issues affect all institutions. Recently, a debate has begun on
regulating emission levels at major U.S.ports. This would create unexpected additional costs for
both freight companies and importers and exporters of goods from places like the Ports of Los
Angeles and Long Beach. Companies working internationally face often costly employee and
community health issues for various reasons, some of which include lack of adequate medical
care in certain regions of the world.HIV infection has become a particular risk type for
companies in the extractive and transportation sectors, both heavily male-dominated, with
operations that attract increased prostitution. This increased level of HIV infection of
employees can quickly lead to sickness and eventual death. If left unchecked, this trend will
expose organisations that have trained workers and rely on their skills for production to
additional costs. Road accidents is a killer that will eclipse both AIDS and war by 2020 according
to the World Health Organization, this also represents a tremendous cost to companies reliant
on long-haul trucking. 80% of total road deaths occur in developing and 3rd world countries,
usually resulting from overcrowded vehicles and an unsafe mix of animals, people and vehicles
on the road.
Statistically, companies that rely on roads in these parts of the world will be exposed to loss of
their drivers or cargo due to unsafe road conditions. Some companies try to mitigate this risk by
training their own staff and contract drivers, as well as working with other companies and
multilateral organizations to address road safety.
All of these social issues emerged as risks to companies, and some risks took organisations by
surprise and came at a great cost. The largest of these costs, lost sales and profits, often results
from damage to reputation. Other risks that present a potential monetary liability seem
Rooted on the horizon. An example is climate change, which may present a potential future
monetary liability. Although there is still debate on climate change and liability is not a
certainty, its likelihood warrants some companies to consider it by factoring it into decision-
making.

3.3 Integrating social and political risk into organisational management

To manage risk effectively requires:
• Understanding the socio-political and corporate environments that might affect risk;
• Identifying risks;
• assessing and measuring their potential effects;
• identifying and analysing possible solutions;
• adopting the most appropriate risk management actions;

European Safety Council - International Diploma in Health and Safety Engineering Page 64
 RISK MANAGEMENT

• documenting and communicating results; and

• monitoring evolving risks.
In this section, we build on and modify the Risk Management Process model provided by
including social and political risk, and offering tools and techniques to enable companies to
integrate these new risks into management decisions.

3.4 Risk management process

To anticipate social and political risks, personnel must be aware of what comprises a risk to the
Organisation and understand how to identify these risks. Identification is a two-step scanning
process:
1) Generate a risk profile for the corporation. A variety of risks can materialize from factors
such as sector, industry characteristics, product, customers, geographic location, and
employment. A risk profile is a list of risks generated from these contextual issues.
2) Generate a risk catalogue for the corporation: risks can be specific to a particular project or
location. For example, a new shoe manufacturing plant in Bolivia will face different risks than an
existing refining facility in Oman. A risk catalogue is a more specific list of ‘red flag’ issues,
developed from the general risk profile, that are connected to a certain project or location.

European Safety Council - International Diploma in Health and Safety Engineering Page 65
 RISK MANAGEMENT

Table 2.1 socio-political risk continuum

To evaluate and respond to risks is significantly different for existing operations than for new
investments. Ongoing operations are often difficult or costly to uproot if a major risk
materializes. In some instances, such as extractive or other materials-based operations that
bring a company to a particular location and require large initial investment, the risk would
have to be imminent, or have the potential to exert enormous consequences, to warrant
relocating the operations or withdrawing. When ongoing operations face social and political
risks, they must find ways of minimizing their impact, while maximizing their potential for
continuing operations. This applies also to changes to operations that generate risk. However,
when new investments are considered, organisations can evaluate a variety of locations and
compare their risk impacts. In addition, evaluating risk for new operations can present
opportunities for pre-emptive mitigation and management of unavoidable risks. That is not
possible in ongoing operations.

European Safety Council - International Diploma in Health and Safety Engineering Page 66
 RISK MANAGEMENT

Table 2.2 risk management process

Exercises
1. Describe risk management processes
2. Outline the socio-political risk factors you think would influence the tolerability of risks
3. What are the requirements for effective risk management?

European Safety Council - International Diploma in Health and Safety Engineering Page 67
 RISK MANAGEMENT

Element 4- Hierarchy of risk control

Learning Outcomes
At the end of this section learners should be able to;
• State the hierarchy of risk control
• Explain why elimination is the most effective of all control measures
• Describe multiple controls

Hazards are the reality of all working environments. Controlling the risks that these hazards present is at
the centre of creating a safe work environment. But how can you know how best to control a hazard?
There are a variety of control measures available, pick the wrong one and you could be at exposure of
more risks than you need to be. More than is safe for work. Not all control measures are equal within
the hierarchy of risk control.

Step 3 of the HSE's 5 steps to risk assessment which involves evaluating the adequacy of
existing control measures, and ascertain if more should be done to reduce risk. One of the best
ways to both assess existing controls and identify new control measures is to consider how
effective they are based on the hierarchy of risk control.

The hierarchy of risk control is employed when undertaking risk assessment activities, to
control hazards and minimise risk. Once management had calculated the level of risk, decisions
should be taken on the precautions or controls needed to reduce the risk.

To control risk, organisations need to do everything 'reasonably practicable'. By this, they must
learn to balance the level of risk against the measures needed to control the real risk in terms
of money, time or trouble. The objective is to reduce the risk as low as is reasonably
practicable, also known as ALARP.

Can risk be eliminated by getting rid of the hazard completely? If the hazard cannot be
eliminated, then in what way can the risks be controlled so that harm is unlikely?

Organisations probably already have some safety measures in place for a task or activity. Risk
control involves assessing the adequacy of existing controls or introducing new controls to
prevent harm. When controlling risks, there is a hierarchy of risk control which should be
followed and include:
• Elimination
• Substitution
• Engineering Controls
• Administrative Controls
• PPE

European Safety Council - International Diploma in Health and Safety Engineering Page 68
 RISK MANAGEMENT

The top control 'elimination' is most effective, and the list follows in order from most effective
to least effective.

Elimination

Elimination is the appropriate and most effective control. If a hazard is severe, and cannot be
reduced to an acceptable level, then it should be eliminated. There are also safer ways to do a
job that involves hazard elimination. For example, work at height can be eliminated if the work
can be safely carried out using extendable poles.

Substitution

Substitution is a popular control measure that can always be considered. With changes in
technology and advances in manufacturing, safer alternatives are always becoming quite
accessible. New equipment might have lower noise and vibration levels. A scaffold can be used
for safer access instead of ladders. A different substance might be less risk, for example, a
different cleaning solution.

Engineering Controls

Engineering controls are a good way of controlling hazards at source. Enclosures, barriers,
guards and insulation, fixed ventilation. Anything that can be designed and built to make the
work environment safer. This type of control usually provides a safer environment for
everyone, rather than an individual. For example, an enclosure separates a hazard from
everyone outside it and prevents the supposed risk associated with exposure. Ventilating
hazardous fumes or gases at source means cleaner and safer air for everyone within the
company.

Administrative Controls

At times, it's not possible to reduce the risk any further by changing the equipment or
substance. But management can still reduce the time people are exposed, through work
patterns, monitoring and supervision. Safe systems of work such as permits to work can be
used for high-risk activities. Training and inductions can be carried out to raise awareness.
Regular, scheduled activities can be used to maintain safety. Like inspections, testing, good
housekeeping and cleaning.

European Safety Council - International Diploma in Health and Safety Engineering Page 69
 RISK MANAGEMENT

PPE

This is the last line of defence. It can be assigned least effective on the list, but it doesn't mean
it's not important. Where risk remains, PPE can be a good way of protecting employees and
visitors. It can give protection if the correct PPE is selected for the hazard, and it is used and
maintained correctly.

Multiple Controls

Don't make the mistake of thinking you can only pick a single or particular control type for
complete protection. To reduce risk to a safe level, multiple controls may be required. Multiple
control measures can work well together. For example in a paint spraying activity, you might
substitute an oil-based paint for water-based paint (substitution). But you might still choose to
carry out the work in an enclosure with fixed ventilation (engineering controls). Put in place
work patterns and to reduce exposure by time to hazardous substances and a cleaning schedule
(administrative controls). And provide workers with gloves, overalls and goggles to prevent skin
and eye contact (PPE).

A combination of two or more controls from the hierarchy is usually needed to adequately
control the risk, particularly high risks, to a level that is 'reasonably practicable'. Remember,
risks should be as low as is reasonably practicable before work goes ahead.

Even if you have substituted a high hazard for a low one, you still have a legal responsibility to
reduce risk. Just because PPE is last on the list, doesn't mean it can't be a good way to control
risk, especially when used with other control measures. Sometimes, PPE can be vital to the
safety of users, especially in emergencies or difficult work environments.

Exercises
1. List and explain the hierarchy of risk control in order of importanc/effectiveness
2. Describe multiple controls measures in risk management

European Safety Council - International Diploma in Health and Safety Engineering Page 70
 RISK MANAGEMENT

Element 5- Factors that influence perception, attitudes and behaviours

Learning Outcomes
At the end of this section learners should be able to;

• Distinguish between perception, attitudes and behaviours

• Highlight key factors influencing individual attitudes
• List 3 criteria used in attribution framework
• Explain the influence of race and culture on behaviour
• Outline the types of perception
The way individuals address a situation single-handedly or say in a group is influenced by many
factors. The key factors influencing an individual’s attitude in personal as well as social and
organisational life are:

• Abilities
• Gender
• Race and culture
• Attribution
• Perception
• Attitude

Let’s take a look at these major elements that impinge a person’s behavior inside and outside of
the organization.

Abilities

These are the traits or character a person learns from the environment around as well as the
innate traits a person is gifted with by birth. These traits are broadly classified as −

• Intellectual abilities
• Physical abilities
• Self-awareness abilities
To enable us to understand how these affect a person’s behavior, we need to know what these
abilities are.

European Safety Council - International Diploma in Health and Safety Engineering Page 71
 RISK MANAGEMENT

Intellectual abilities − It personifies or depicts a person’s intelligence, verbal and analytical

reasoning abilities, memory capacity as well as verbal comprehension.

Physical abilities − It personifies or depicts a person’s physical strength, stamina, body

coordination as well as motor skills.

Self-awareness abilities − It refers to how an employee feels about the task assigned, while a
manager’s perception of his abilities decides the kind of work that needs to be allotted to an
individual.

Thus the psychological, physical, self-assurance traits owned by a person defines the behavior
of a person in social and personal life. For instance: Steve has a high IQ level, whereas Suntan
can lift a bike and is a strong guy.

Gender

Research has proven that men and women both stand equal in terms of job performance and
mental capabilities. Society still however, emphasizes differences between the two genders.
Absenteeism is one area in an organization where differences are found as women are
considered to be the primary caregiver for children. A factor that might influence work
allocation and evaluation in an organization is the manager’s perception and personal values.

For example − An organization encourages both genders to work efficiently towards the
organisation's goal and no special promotion or demotion is given or tolerated for any specific
gender.

Race & Culture

Race is a group of people sharing similar physical features. It is used to define types of persons
according to perceived traits. For example − Indian race, African race. Culture on the other hand
can be defined as the traits, ideas, customs and traditions one follows either as an individual or
as a group. For example − Celebrating a festival.

Race & culture have always played an important role in influencing behaviour and perception
both at the workplace as well as in the society. The common mistakes such as attributing
behaviour and stereotyping according to individual’s race & culture basically influences an
individual’s behaviour.

European Safety Council - International Diploma in Health and Safety Engineering Page 72
 RISK MANAGEMENT

In today’s culture of working diversity, the management as well as staff should learn and accept
different cultures, values, and common protocols to create more comfortable corporate
culture.
For example − An organisation invites candidates for a job post and hires one on the basis of
eligibility criteria and not on the basis of the country a person belongs to or the customs one
follows.

Perception

Perception is an intellectual process of transforming sensory stimuli and instincts into

meaningful information. It is the process by which we interpret something that we see or hear
in our mind and use it later to judge and give a verdict on a situation, person, group, etc.

It can be divided into six types namely −

• Perception of sound − The ability to receive sound by identifying vibrations.

• Perception of speech − The competence of interpreting and understanding the sounds

of language heard.

• Perception of touch − Identifying objects through patterns of its surface by touching it.

• Perception of taste − The ability to detect flavor of substances by tasting it through

sensory organs known as taste buds.

• Perception of other senses − Other senses include balance, acceleration, pain, time,
sensation felt in throat and lungs etc.

• Perception of the social world − It permits people to understand other individuals and
groups of their social world.

For example − Kunle goes to a restaurant and likes their customer service, so she will perceive
that it is a good place to hang out and will recommend it to her friends, who may or may not
like it. However, Farida's perception about the restaurant remains good.

Attribution

European Safety Council - International Diploma in Health and Safety Engineering Page 73
 RISK MANAGEMENT

Attribution is the process of observing behavior followed by determining its cause based on an
individual's personality or situation.

Attribution framework uses the following three criteria −

• Consensus − Underscores the extent to which people in the same situation might react
similarly.

• Distinctiveness − Underlines the extent to which a person’s behaviour can be associated

to situations or personality.

• Consistency − Defines the frequency measurement of the observed behaviour, that is,
how often does this behaviour occur.

The framework mentioned says it is all about how an individual behaves in different situations.

For example − Rabiatu invites sherifat and two more friends for a movie and they agree to bunk
and watch the movie, this exemplifies a consensus. By bunking of class saying that they are not
interested in their lectures, this exemplifies distinctiveness. A little change in the situation, like
if Rabiatu frequently starts bunking the class then his friends may or may not support him. The
frequency of their support and their rejection describes consistency.

Attitude

Attitude is the abstract learnt reaction or of a person’s entire response to his cognitive process
over a time span.

For example − A person who has worked with different companies might develop an attitude of
indifference towards organizational citizenship.

Now we have a clear idea about what are the factors responsible for the way we behave. We
never think about these elements and how they affect our daily life but we can’t ignore the fact
that they are responsible for the way we walk, talk, eat, socialize.

Exercises

European Safety Council - International Diploma in Health and Safety Engineering Page 74
 RISK MANAGEMENT

1. Compare and contrast attitude, behaviour and perception

2. State factors that influence risk perception
3. List criteria for attribution framework

Element 6- Formal and informal leadership

Learning Outcomes
At the end of this section learners should be able to;

• Name the attributes of a good leader

• Compare and contrast formal and informal leadership

If you consider yourself to be a leader, even if you aren’t officially designated as the leader of a
group, it may turn out that you are considered to be a leader by the people you are in a group
with. If you do find yourself in this position then you might want to explore the difference
between being a formal leader vs. being an informal leader.
It might also be interested in this information if you operate any sort of small business or team.
Basically because knowing who your informal leaders are is just as important as knowing who
you’ve assigned to a leadership role.
Neither of these is necessarily the best leader i.e. informal or formal leaders; the best leaders
can be either formal or informal leaders. And the best leadership situations are sometimes the
ones in which the formal and informal leader of the same group can work mutually.
Who is a leader?
Firstly, it is important we define what it means to be a leader. It’s a term that gets paraded
about a lot but it does have an official meaning. A leader is anyone who directs a group.
This kind of individuals exists in every single group, even groups that are supposed to be
cooperative. The best leaders know how to work with the unique type of group that they are
leading.
What is formal leadership?
Formal leadership is leadership given on the basis of their position with a group. They are
assigned to be leadership position as part of their role in the group. Examples of formal leaders
would be the classroom teachers or the manager within an Organisation.
The formal leader has a job to organize and direct group members to meet the goals of the
organization or team. Formal leaders are often the best leaders in a company but that's not
always the case.
What is informal leadership?

European Safety Council - International Diploma in Health and Safety Engineering Page 75
 RISK MANAGEMENT

In contrast to formal leadership, the informal leader is someone who does not have the official
authority to direct the group. In spite of this, the group chooses to follow the lead of this
person. For example, the class clown may be someone that the students in the class take cues
from even though the teacher is the official leader of the classroom.
Informal leadership result because of a person is charismatic and outgoing so that people want
to listen to him, because she is easy to talk to, or because she exhibits certain knowledge and
ideas that seem useful to the group. Such an individual may specifically choose to take on a
leadership role or this may just naturally happen as part of the dynamics of the group. The
informal leader can be the best leader in the group because of the fact that the group has
chosen him or her naturally due to the traits they see in them.

6.1 Difference between formal and informal leadership

The difference between formal and informal leadership goes well beyond just the fact that the
formal leader has been given official authority to lead the group. This is evident when we take a
look at the teacher / class clown example. After all, the goals of the class clown are in direct
competition with the goals of the teacher. It is important for formal leaders and informal
leaders to figure out a way to work together if a group is going to truly have solid leadership.
Creating a positive balance between informal and formal leaders begins with an understanding
of their different roles. Formal leaders direct individuals in meeting the goals of the company,
organization or team. Informal leaders may or may not do this as they tend to follow their own
agenda.
In the case of the teacher and class clown, the teacher is encouraging the group to follow the
rules of the school whereas the class clown is encouraging the kids to have fun. They are each
the best leader in their respective areas.
It’s important to understand the issue of loyalty when figuring out how formal and informal
leaders can work together. This is because these two types of leaders have different loyalties as
the group has different levels of loyalty to each of them.
The formal leader’s loyalty is to the organization or team (the teacher’s is to the school and
manager to the company) whereas the informal leader’s is generally to the group itself. (The
informal leader may be self-involved but needs to please the group to become a leader.)
As a result of this, the loyalty of the group tends to be with the informal leader rather than with
the formal leader even though the formal leader may be able to issue consequences or provide
rewards that the informal leader cannot.
Leadership beyond position
Certain persons find that they are frequently in the role of leader even though they never apply
for official leadership positions. These people tend to be smart, charismatic, and likeable people
who are empathetic enough to relate to big groups. If you find yourself in this position, consider
these things:

European Safety Council - International Diploma in Health and Safety Engineering Page 76
 RISK MANAGEMENT

• Every call to be a leader is a positive thing. It implies you are a strong character with a
group and that people like you. You may not want the burden or responsibility but it’s
really an honour.
• You are not under pressure to play this role. Don’t let a group pressure you into any
activities or choices you don’t want to make. They may see you as the best leader for the
group but that doesn’t mean that you have to do anything special in your role as an
informal leader.
• Synergy with the formal leader will make your role simpler. There will be less conflict
within the group and less pressure on you in terms of the group’s demands and needs.
• Reward for your role. Why are you not applying for leadership roles if you’re constantly
being seen as a leader? Think carefully about this. It usually has to do with either self-
esteem issues or problems with being an authority figure. You might want to rethink your
position and get paid for your work.
Conversely, if you want to be a leader but never get chosen as one then start figuring out who
the informal leaders are in your groups and figure out how to take cues from that about
becoming one yourself.

Exercises
1. Who is a leader?
2. Give the similarities of, and differences between formal and informal leadership
3. State 7 attributes of a good leader

European Safety Council - International Diploma in Health and Safety Engineering Page 77
 RISK MANAGEMENT

Element 7- Risk perception and society

Learning Outcomes
At the end of this section learners should be able to;

• Define risk perception

• Distinguish between perception of risk and behavioural risk
• State important factors that contribute to risk perception
• Highlight 5 unintentional behaviours that cause risky behaviour
• Relate overconfidence and gaining advantage to intentional risky behaviour
Risk and perception
There are two common elements in descriptions related to the concept of risk: the first element
of them is “loss” and the other is that there is either a possibility or an ambiguity related to
such loss (Dorofee et al 1996).
Risk is not enshrined in our destiny but merely a choice and the result of our actions based on
our courage (Bernstein 1996). Perception is the methods, through which an individual organizes
the information based on selected stimulants and creates a concept of the world pertaining to
this information (Wells and Prensky, 1996: 252). According to another definition, perception is
the process of selecting, organizing and interpreting the information brought together by an
individual (Kotler 2000).

7.1 Perception of risk and behavioural risk

Perception of risk
The ideology of perceived risk is defined as the subjective assessment of the expected value of
estimated results of each option during a decision making process, based on its level of
significance (Conchar et al 2004). According to this definition, the concept of perceived risk is
the subjective evaluation of anticipated or potentially emerging loss during the decision making
process. The perception of risk might differ from one person to person in the society and even,
in some cases, from one situation to another for the same person. Some individuals might take
no risks other than acceptable ones whereas some individuals are inclined to take risks that
might compromise their safety. As we examine the concept of perceived risk;

European Safety Council - International Diploma in Health and Safety Engineering Page 78
 RISK MANAGEMENT

risk management and risk control strategies are supplemented by evaluating, determining and
examining the mind-sets of individuals on the concept of hazards and also by improving risk
information communication between employees, technical experts and administrators (Orhan,
2000). Studies and research on “how people perceive risk”, “how they decide on taking or
avoiding risks” or “whether there is a correlation between the real level of risk and perceived
level of risk” are continuing. In studies conducted on this context, experts suggest that
individuals are inclined to trust their risk evaluation and personal experience. Being accustomed
to qualitative characterization of risk, controlling the risk, possible catastrophic results and level
of information are among the factors that contribute to risk perception and possibility of taking
the risk.
Important factors that contribute to risk perception are considered as follows (Yavuz 2012).
Whether the risk is voluntary or involuntary,
Whether the risk can be controlled or not
Whether the risk is foreseeable or not
Immediate and future results of the anticipated risk
Whether the risky situation has an alternative,
Type and structure of the risk,
Benefit of avoiding the risk,
Appearance of the risk in real life and media,
Possibility of facing risks individually,
Re calling past experiences,
Confidence index against regulatory authorities
Risky Behaviour
According to data released by International Labour Organization, 88% of occupational accidents
are caused by risky behaviour, 10% are caused by risky nature of work and 2% are caused by
are unforeseeable factors.
To enable us understand the underlying reasons of risky behaviour both intentional and
unintentional behaviours shall be evaluated. When intentional behaviours are assessment,
most of them are caused by 5 unintentional behaviour. In relation to controlling unintentional
behaviour, the following factors shall be evaluated:
1-Boredom: The employee might not be aware that risky behaviour conducted by him are due
to lack of interest and stimulants caused by repetitive work and lack of stimulation.

European Safety Council - International Diploma in Health and Safety Engineering Page 79
 RISK MANAGEMENT

2-Fatigue: A physically exhausted individual also feels mental fatigue. This could cause the
employee to lose concentration and interest in his/her discharge of duties.
3-Stress: Researches have shown that psychosocial factors such as stress are an important
factor that contributes to occupational accidents. Although individual factors that causes stress
might vary from one person to another, many researchers Suggest that most of the factors that
contribute to stress in workplaces are common and include long working hours, heavy
workload, overwhelming responsibilities, and problems in employee and manager
relationships, ambiguity of roles in the workplace.
4-Lack of Information: Employee’s lack of information or wrong information in terms of how
they can correctly perform his/her works.
5-Operational Blindness: This might be defined as employee’s blindness and oblivion of possible
risks caused by repetitive work conducted by the employee for a very long time.
Intentional behaviour which is a sub-category of risky behaviour is more complex and harder to
control. Intentional risky behaviour is defined as risky situations in which the employee takes
those risks despite being aware of them.
1-Over-confidence: The most evident cause of intentional risky behaviour are caused by over-
confidence. Experienced employees perform continuously unsafe practices despite their know-
how and express that they have not been harmed by this practice despite them being in use for
many years..
2-Gaining Advantage: Being able to meet employer demands, to qualify for salary raises and
performance add-ons, completing the work faster etc. (Orhan, 2000).

European Safety Council - International Diploma in Health and Safety Engineering Page 80
 RISK MANAGEMENT

Table 6.1 Risk perception and societal factors

Exercises
1. What factors contribute to unintentional behaviours?
2. Distinguish between intentional and unintentional behaviours
3. Explain risk perception and how it relates to the society.

European Safety Council - International Diploma in Health and Safety Engineering Page 81
 RISK MANAGEMENT

References
https://toughnickel.com/business/Formal-vs-Informal-Leaders
https://www.haspod.com/blog/management/the-hierarchy-of-risk-control
https://worksmart.org.uk/health-advice/health-and-safety/hazards-and-risks/what-are-five-
steps-risk-assessment
https://oshwiki.eu/wiki/Occupational_safety_and_health_risk_assessment_methodologies

European Safety Council - International Diploma in Health and Safety Engineering Page 82