Presentation is loading. Please wait.

Presentation is loading. Please wait.

Stan O’Neill Managing Director, The Compliance Group.

Published byPierce Lang Modified over 8 years ago

Similar presentations

Presentation on theme: "Stan O’Neill Managing Director, The Compliance Group."— Presentation transcript:

1 Stan O’Neill Managing Director, The Compliance Group

2 Risk Management ≠ Risk Elimination risk analysis + risk evaluation + controlling risks = risk management Identifying what might go wrong Calculating the size of the risk Doing something about it

3 Risk Assessment A basic human instinct Therefore subject to human subjectivity and variability Risk Assessment Methodologies Rigorous and Systematic Documented (and therefore able to be reviewed) Acted upon

4 constant ratios The most effective way to tackle the size of the top of the pyramid is to tackle the bottom of the pyramid

5 Almost all RA methods derived from FMEA FMEA Developed by US Aerospace Industry in 1940s (“how can we stop our rockets falling out of the skies?”) Variants on a theme Failure Modes, Effects and Consequences Analysis (FMECA) Hazard Analysis and Critical Control Points (HACCP) Hazard and Operability Studies (HazOp, CHazOp)

6

7 First understand Hazards Hazards are potential sources of harm. Hazards are things which present risk Hazards are easier to define than risks - risks are more abstract We can define risk by categorising hazards.

8 Risk has two components Chance of Harm Occurring Consequences of that Harm How likely is it that the hazard or harm will occur? If it does occur, what are the consequences? Key Considerations: The probability of occurrence of harm, (chance, possibility, uncertainty, etc.) The consequences or severity of that harm, (injury, cost, supply issues, etc.)

9 Risk is the combination of the probability of occurrence of harm and the severity of that harm Risk = Probability x Severity Risk = (P x S) Risk can be Quantified or Qualified Risk = (4 x 3) = 12 Risk = Medium… or Green… or….

10 ProbabilityThis Means the Hazard… Frequent… is Very Likely to Occur, > 20% Probable… will Probably Occur, 5 – 20% Occasional… should Occur at Some Time, Infrequently, 0.1 – 5% Remote… Unlikely to Occur in Most Circumstances < 0.1%

11 SeverityThis Means the Hazard May Result in…. CriticalVery Significant Impact on Agency, Stakeholders, Very Costly, Very Damaging Effects MajorSignificant Impact on Agency, Stakeholders, Costly, Damaging Effects MinorMinor Impact on Agency, No Expected Stakeholder Impact

12 Determines if a risk is acceptable or not A method which… identifies hazards in an organisation, process, product* estimates or calculates the risk associated with these hazards* assesses that risk by comparing it against predefined risk acceptability criteria** * aka Risk Analysis ** aka Risk Evaluation

13 HazardMinor Severity (1) Major Severity (2) Critical Severity (3) Frequent (4)4812 Probable (3)369 Occasional (2)246 Remote (1)123

14 HazardMinor SeverityMajor SeverityCritical Severity Frequent Probable Occasional Remote

15 HazardMinor SeverityMajor SeverityCritical Severity FrequentUnacceptableIntolerable ProbableUnacceptable Intolerable OccasionalAcceptableUnacceptable RemoteAcceptable Unacceptable

16 Red Means… The Risk is Intolerable. Eliminate the Hazard or build in systems/controls to ensure the effects of the hazard are not realised (e.g. install redundant systems) Amber Means… The Risk is Unacceptable. The Risk must be Reduced or Controlled to an acceptable level Green Means… The Risk is Acceptable. No Reduction or New Controls are Required

17 Risk Control performed after Risk Assessment Aims to reduce the risk associated with a hazard by putting additional controls in place May permit maintenance of the risk within specified levels… risk cannot be reduced but the hazard (or its effects) can be detected when it occurs.

18 Detection HighHigh Likelihood that Controls will Detect the Hazard or its Effects MediumMedium Likelihood that Controls will Detect the Hazard or its Effects LowLow Likelihood that Controls will Detect the Hazard or its Effects NoneDetection Controls are Absent

19 The combination of Risk Assessment & Risk Control Risk Management allows for mechanisms to communicate Risk knowledge to the right people/stakeholders, and for the Periodic Review of the Risk Assessment process Performing Periodic Review uses additional data (experience) to revisit hazards and their probabilities Risk Management should be viewed as an on- going Quality Management process

20 Risk Assessment Hazards identified, risk estimated, decision re. risk acceptability made Risk Control Risk Reduction or Risk Maintenance Controls Initiated until Risk is Acceptable or Adequately Controlled Risk Knowledge Is Communicated Periodic Review Risk Management

21 Many formal tools are available… HACCP - Hazard Analysis and Critical Control Points HAZOP – Hazard Operability Analysis FTA – Fault Tree Analysis FMEA – Failure Mode & Effects Analysis FMECA - Failure Mode, Effects & Criticality Analysis PHA - Preliminary Hazard Analysis

22 multi-discipline team decompose the system Identify what could go wrong : ‘Hazards’ Assess seriousness of each Hazard Design measures to contain each Hazard

23 Define the Scope Site / Organisation Business Process Specific Operation Corporate entity Split into more managable sub-systems, e.g. Organisation – into business processes Business Process – into process steps Specific Operation – into major systems Systems – into functional components List the components decompose the system Identify what could go wrong : ‘Hazards’ Assess seriousness of each Hazard Design measures to contain each Hazard multi-discipline team

24 Brainstorm what could go wrong List potential failure modes ‘Hazards’ Hazards are not always obvious Use system history as well as team’s imagination and expertise Various simple question based tools, e.g.: Word Models (HazOp) Cause / Consequence Diagram decompose the system Identify what could go wrong : ‘Hazards’ Assess seriousness of each Hazard Design measures to contain each Hazard multi-discipline team

25 A Difficult Step Different Methods Break this step into various sub-questions, e.g. Severity of Consequence Likelihood of hazard occurring Probability of detection System redundancy Simple tools provide good guidance on relative risk within a system, but not absolute risk. What can help? Word models, Team’s experience decompose the system Identify what could go wrong : ‘Hazards’ Assess seriousness of each Hazard Design measures to contain each Hazard multi-discipline team

26 Use Relative Seriousness as guide for controlling measures: Highest level risks – look for intrinsically safe solutions Lowest level risks – perhaps these are risks that we can live with Design it Away, e.g. Build redundancy into systems Simplify a business process to remove unnecessary human intervention Test it Away Manage it Away, e.g. Implement additional inspections or verification processes decompose the system Identify what could go wrong : ‘Hazards’ Assess seriousness of each Hazard Design measures to contain each Hazard multi-discipline team

27 Important to test all changes to a system: May remove one hazard to introduce ten new! Testing with the risk assessment method can be used to select best candidate solution decompose the system Identify what could go wrong : ‘Hazards’ Assess seriousness of each Hazard Design measures to contain each Hazard multi-discipline team

28 RA of whole system RA of sub- system C

29 Improved understanding of a process Identification and understanding of process limitations Acceptance by organisation or process limitations

30 RA is completed as a ‘tick-in-the-box’ Report then written, approved and filed Full-stop. Failure to identify significant risks – undermines confidence in the organisation (hero to zero) Lack of return from investment in the process Inappropriate inputs into process

31 FMEA for parametric release Risk management for non-dedicated premises Assessing equipment for preventative maintenance and calibration programme

32 Assessment of inherent weakness of a piece of equipment (focus of document) Assessment of incorrect filter integrity test cycle parameters (inappropriate supportive information) Poorly structured risk assessments Use of the phrase “there is no risk” Lack of lateral thinking (pressure differential example) Failure to manage, only assess.

33 Risk Assessment ≠ Risk Management Risk Management ≠ Risk Elimination Risk assessments are invariably qualitative and subjective. Less can be more

34 Quality Risk Management ICH Q9 Briefing Pack http://www.ich.org/cache/html/3158-272-1.html

35 Questions? Contact details:  stanoneill@compliancegroup.eu

Download ppt "Stan O’Neill Managing Director, The Compliance Group."

Similar presentations

Operation & Maintenance Engineering Detailed activity description

Operation & Maintenance Engineering Detailed activity description
Development of Tools for Risk Assessment and Risk Communication for Hydrogen Applications By Angunn Engebø and Espen Funnemark, DNV ICHS, Pisa 09. September.

Development of Tools for Risk Assessment and Risk Communication for Hydrogen Applications By Angunn Engebø and Espen Funnemark, DNV ICHS, Pisa 09. September.
Introduction to Risk Management 26 September 2014 Peter Fowler CPPD.

Introduction to Risk Management 26 September 2014 Peter Fowler CPPD.
TMS-RA04-A-01-02Page 1 of 20 The Risk Assessment Process.

TMS-RA04-A-01-02Page 1 of 20 The Risk Assessment Process.
RISK INFORMED APPROACHES FOR PLANT LIFE MANAGEMENT: REGULATORY AND INDUSTRY PERSPECTIVES Björn Wahlström.

RISK INFORMED APPROACHES FOR PLANT LIFE MANAGEMENT: REGULATORY AND INDUSTRY PERSPECTIVES Björn Wahlström.
Where does Failure Mode and Effects Analysis (FMEA) come from?  Developed by the Aerospace industry in the1960s  Spread to the Automotive industry 

Where does Failure Mode and Effects Analysis (FMEA) come from?  Developed by the Aerospace industry in the1960s  Spread to the Automotive industry 
Combining Product Risk Management & Design Controls

Combining Product Risk Management & Design Controls
Reliability Risk Assessment

Reliability Risk Assessment
PURPOSE OF DFMEA (DESIGN FAILURE MODE EFFECTS ANALYSIS)

PURPOSE OF DFMEA (DESIGN FAILURE MODE EFFECTS ANALYSIS)
The Australian/New Zealand Standard on Risk Management

The Australian/New Zealand Standard on Risk Management
SWE Introduction to Software Engineering

SWE Introduction to Software Engineering
Risk Management Infection prevention and control (IP&C) professionals have, amongst other things, duty to identify unsafe and hazardous IP&C practices.

Risk Management Infection prevention and control (IP&C) professionals have, amongst other things, duty to identify unsafe and hazardous IP&C practices.
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.

Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.
Tony Gould Quality Risk Management. 2 | PQ Workshop, Abu Dhabi | October 2010 Introduction Risk management is not new – we do it informally all the time.

Tony Gould Quality Risk Management. 2 | PQ Workshop, Abu Dhabi | October 2010 Introduction Risk management is not new – we do it informally all the time.
Lucas Phillips Anurag Nanajipuram FAILURE MODE AND EFFECT ANALYSIS.

Lucas Phillips Anurag Nanajipuram FAILURE MODE AND EFFECT ANALYSIS.
Hazards Analysis & Risks Assessment By Sebastien A. Daleyden Vincent M. Goussen.

Hazards Analysis & Risks Assessment By Sebastien A. Daleyden Vincent M. Goussen.
Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.

Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.
Risk analysis – FMEA Workshops. FMEA 1 Simple risk assessment process!!  Identifying risk  Simple method for grading risk  Determines appropriate risk.

Risk analysis – FMEA Workshops. FMEA 1 Simple risk assessment process!!  Identifying risk  Simple method for grading risk  Determines appropriate risk.
Quality Risk Management ICH Q9 Content

Quality Risk Management ICH Q9 Content
ICH Q9: Quality Risk Management

ICH Q9: Quality Risk Management

Similar presentations

Ads by Google