1 / 61

NOAA RISK MANAGEMENT

NOAA RISK MANAGEMENT. Presented by: Safety and Environmental Compliance Office. Agenda. NOAA Risk Management Fundamentals 1.1 Definition of Risk and Risk Management 1.2 Responsibility for NOAA Risk Management 1.3 Governance - Risk Management Policy

berny
Download Presentation

NOAA RISK MANAGEMENT

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NOAA RISK MANAGEMENT Presented by: Safety and Environmental Compliance Office NOAA SECO 10-23-2005

  2. Agenda • NOAA Risk Management Fundamentals • 1.1 Definition of Risk and Risk Management • 1.2 Responsibility for NOAA Risk Management • 1.3 Governance - Risk Management Policy • 1.4 Governance Structure for Risk Management • 1.5 Framework for Risk Management • 1.6 Factors governing the Risk Management decision • 1.7 The Risk Management Process • 2. Risk Management Best Practise • Relationship between Risk Management and Internal Audit • Practical Implications for Municipalities • Conclusion NOAA SECO 10-23-2005

  3. NRM NOAA SECO 10-23-2005

  4. Risk Management Fundamentals What is Risk? • Theimpact ofuncertainfutureeventsthat could influence the achievement of an organization’sobjectives. • Risk directly impacts on the service delivery objective of the organization, because it manifests as thechance of a lossdue to adverse events: • Interruptions to service delivery and loss of personnel property and equipment. • Consequences of loss of services, property and equipment and revenue on the (balance sheet, performance against budget) • Risk creates uncertaintyand makes planning difficult NOAA SECO 10-23-2005

  5. Risk Management Fundamentals What is Risk Management? • Risk management focuses on the ability of the organization to meet objectives in thefutureby identifying risk and makingdecisionsto manage these risks • Risk management starts with thestrategicplanningprocess • Risk Management is a dynamic, ongoing assessment, decision-making and implementationprocessthat isintegratedwithmanagementactivities • Risk Management usesinstrumentssuch as Job Safety Analysis (JSA’s), control processes, strategy/product changes, research/intelligence, risk shifting to control, eliminate or reduce risk. NOAA SECO 10-23-2005

  6. Risk Management Fundamentals Who is responsible for risk management ? NOAA Perspective EACH LINE/STAFF OFFICE and EVERY NOAA EMPLOYEE The ENTIRE NOAA ORGANIZATION is responsible for managing operational risk, from the Senior Executive to the employee in the field, the Organization must for this purpose, take all reasonable steps to ensure; • that the organization has and maintains effective, efficient and transparent systems of safety and risk management and internal control; and • of internal audit operating in accordance with any prescribed norms and standards. INTERNAL AUDITORS The internal auditors at the operational level of the organization or LECO’s must • Prepare a risk- based audit plan and internal audit program for each job/task; using job safety analysis (JSA) • Advice management and report to the audit findings to the safety committee on the implementation of the internal audit plan and matters relating to risk and risk management NOAA SECO 10-23-2005

  7. Risk Management Fundamentals Who is responsible for risk management ? Practical Perspective • Risk appears across all departments, disciplines, individuals and activities within our organization. • Every role/job deals with some aspect of risk • The Office Employee, Safety Audit Team, The Scientist, Ship’s Cook, Ship’s Captain, The Aircraft Pilot, Utility-Man and Electrician, etc all deal with risk on their own • In other words - Everyone is responsible! • Executives and Managers – Management of risk, decision making • Employees – Implementation, vigilance Management cannot transfer or outsource the responsibility for risk management ! NOAA SECO 10-23-2005

  8. NOAA RISK MANAGEMENT CONCEPT • All are responsible for using NRM. • Risk is inherent in all operations. • Risk can be controlled. NOAA SECO 10-23-2005

  9. NOAA RISK MANAGEMENT(NRM) will… • Expand operational capabilities in virtually all areas. • Significantly enhance overall decision making skills. • Power-down decision making. • Make NRM the leading edge of improved employee-management relations. • Provide a budgetary tool for fiscal decision making • Cut losses significantly. Risk Benefit NOAA SECO 10-23-2005

  10. NOAA RISK MANAGEMENT4 KEY PRINCIPLES Four principles govern all actions associated with risk management. These continuously employed principles are applicable before, during and after all tasks and operations. • Accept no unnecessary risks. • Make risk decisions at the appropriatelevel. • Accept risks when benefits outweighcosts. • Integrate NRM into operations and planning at all levels. NOAA SECO 10-23-2005

  11. 1. Identify the Hazards 6. Supervise and Review 2. Assess the Risks 5. Implement Risk Controls 3. Analyze Risk Control Measures 4. Make Control Decisions NOAA RISK MANAGEMENT6-STEP PROCESS NOAA SECO 10-23-2005

  12. NOAA RISK MANAGEMENTStep 1. IDENTIFY THE HAZARDS The purpose is to identify as many hazards as possible. A hazard can be defined as any real or potential condition that can cause mission degradation, injury, illness, death or damage to property. NOAA SECO 10-23-2005

  13. NOAA RISK MANAGEMENTHAZARD IDENTIFICATION TOOLS NOAA SECO 10-23-2005

  14. NOAA RISK MANAGEMENTHAZARD IDENTIFICATION TOOLS NOAA SECO 10-23-2005

  15. NOAA RISK MANAGEMENTStep 2. ASSESS THE RISKS Risk is the probability and severity of loss from exposure to the hazards. The assessment step is the application of quantitative or qualitative measures to determine the level of risk associated with a specific hazard. Use the Risk Assessment Code Matrix to help you prioritize the risks. NOAA SECO 10-23-2005

  16. NOAA RISK MANAGEMENTRISK ASSESSMENT CODE MATRIX EVENT PROBABILITY S E V E R I T Y NOAA SECO 10-23-2005

  17. NOAA RISK MANAGEMENTRISKS ASSESSMENT CODE Severity Catastrophic - Complete mission failure, death or loss of a system. Critical - Chief mission degradation, severe injury, occupational illness or major system damage. Major - Key mission degradation, injury, minor occupational illness, or minor system damage. Minor - Trivial mission degradation, injury, occupational illness, or minor system damage. Negligible - Less than minor mission degradation, injury, occupational illness, or minor system damage. NOAA SECO 10-23-2005

  18. NOAA RISK MANAGEMENTRISKS ASSESSMENT CODE Probability Frequent – Occurs often career/equipment service life (Continuously) Likely – Occurs several times in career/equipment life (Occurs frequently) Occasional – Occurs sometime in career/equipment life (Occurs sporadically) Seldom – Possible to occur in career/equipment life (Remote chance of occurrence) Unlikely – Can assume will not occur in career/equipment life (possible, but improbable) NOAA SECO 10-23-2005

  19. NOAA RISK MANAGEMENTStep 3. ANALYZE RISK CONTROL MEASURES Investigate specific strategies and tools that reduce, mitigate, or eliminate the risk. Effective risk control measures reduce or eliminate one of the three components (probability, severity or exposure) of risk. NOAA SECO 10-23-2005

  20. NOAA RISK MANAGEMENTStep 3. ANALYZE RISK CONTROL MEASURES (cont’d) Reject – We can and should refuse to take a risk if the overall costs exceeds its mission benefits. Avoid – Avoiding the risk altogether requires canceling or delaying the job, mission, or operation, but is an option that is rarely exercised. Delay – It may be possible to delay a risk if there is no time deadline or other operational benefit for a quick accomplishment of a risky task. Spread – Risk is commonly spread out by either increasing the exposure distance or by lengthening the time between exposure events. NOAA SECO 10-23-2005

  21. NOAA RISK MANAGEMENTStep 3. ANALYZE RISK CONTROL MEASURES (cont’d) Compensate – We can create redundant capability in certain circumstances (back-up plans) Reduce – The overall goal of NRM is to plan missions or design systems that do not contain hazards. A proven order of precedence for dealing with hazards and reducing the resulting risks is: • Plan or design for minimum risk • Incorporate safety devices • Provide Warning devices • Develop procedures and training NOAA SECO 10-23-2005

  22. NOAA RISK MANAGEMENTStep 3. ANALYZE RISK CONTROL MEASURES (cont’d) The following options assist in identifying potential controls: Engineer Train and Educate Guard Warn Improve Task Design Motivate Limit Exposure Reduce Effects Selection of Personnel Rehabilitate NOAA SECO 10-23-2005

  23. NOAA RISK MANAGEMENTStep 4. MAKE CONTROL DECISIONS After controls have been selected to eliminate hazards or reduce their risk, determine the level of residual risk for the selected tasking, mission and/or course of action. NOAA SECO 10-23-2005

  24. NOAA RISK MANAGEMENTStep 4. MAKE CONTROL DECISIONS (cont’d) • Accept the plan as is. - Benefits outweigh risks (costs), and total risk is low enough to justify the proposed action if something goes wrong. The decision maker must allocate resources to control risk. Available resources are time, money, personnel, and/or equipment. • Reject the plan out-of-hand. - Risk is too high to justify the operation in any form. The plan was probably faulty in some manner, or the objective was not that important. • Modify the plan to develop measures to control risk. – The plan is valid, but the current concept does not adequately minimize risk. Further work to control the risk is necessary before proceeding. • Elevate the decision to higher authority. – The risk is too great for the decision maker to accept, but all measures of controlling risk have been considered. If the operation is to continue, a higher authority must make the decision if the mission or task is worth it, and accept the risk. NOAA SECO 10-23-2005

  25. NOAA RISK MANAGEMENTStep 4. MAKE CONTROL DECISIONS (cont’d) • Make Risk Decisions at the Appropriate Level – Factors below become the basis of a decision-making system to guide leaders: • Who will answer in the event of a mishap? • Who is the senior person at the scene? • Who possesses best insight into the full benefits and costs of a risk. • Who has the resources to mitigate the risk? • What level makes the most operational sense? • What level makes these types of decisions in other activities? • Who will have to make this decision in/during field operations? NOAA SECO 10-23-2005

  26. NOAA RISK MANAGEMENTStep 5. IMPLEMENT RISK CONTROLS Once the risk control decision is made, assets must be made available to implement specific controls. Part of implementing control measures is informing the personnel in the system of the risk management process results and subsequent decisions. Careful documentation of each step in the risk management process facilitates risk communication and the rational processes behind risk management decisions. • Make Implementation Clear • Establish Accountability • Provide Support NOAA SECO 10-23-2005

  27. NOAA RISK MANAGEMENTStep 6. SUPERVISE AND REVIEW Risk Management is a process that continues throughout the life cycle of the system, mission or activity. Leaders at every level must fulfill their respective roles in assuring controls are sustained over time. Once controls are in place, the process must be periodically reevaluated to ensure their effectiveness. NOAA SECO 10-23-2005

  28. NOAA RISK MANAGEMENTStep 6. SUPERVISE AND REVIEW (cont’d) Supervise – Monitor the operation to ensure: • Controls are effective and remain in place. • Changes which require further risk management are identified. • Action is taken when necessary to correct ineffective risk controls and reinitiate the risk management steps in response to new hazards. • Anytime the personnel, equipment or mission taskings change or new operations are anticipated in an environment not covered in the initial request management analysis, the risks and control measures should be re-evaluated. • Successful mission performance is achieved by shifting the cost versus benefit balance more in favor of benefit through controlling risks. NOAA SECO 10-23-2005

  29. NOAA RISK MANAGEMENTStep 6. SUPERVISE AND REVIEW (cont’d) Review – After assets are expended to control risks, then a cost benefit review must be accomplished to determine if risk and cost are in balance. • Is the actual cost in line with expectations? • What effect did control measures have on performance? • Was a mission feedback system established to ensure that the corrective or preventative action taken was effective? • Was documentation available to allow a review of the risk decision process? • What measurements were in place to ensure accurate evaluations of how effectively controls eliminated hazards or reduced risks. NOAA SECO 10-23-2005

  30. NOAA RISK MANAGEMENTStep 6. SUPERVISE AND REVIEW (cont’d) Feedback – Feedback informs all involved as to how the implementation process is working and whether or not the controls were effective. Feedback can be in the form of briefings, lessons learned, cross-tell reports, benchmarking, database reports, accident illness reports, etc. NOAA SECO 10-23-2005

  31. The 5M concept is a commonly used tool to graphically illustrate the relationship that exists in any typical process. In this case, the dynamic interaction of the man, the machine and the media (environment) converge to produce either a successful mission or if unsuccessful, a mishap. Management provides guidance, policy and standards. NOAA RISK MANAGEMENTTHE 5M CONCEPT NOAA SECO 10-23-2005

  32. NOAA RISK MANAGEMENTTHE 5M CONCEPT (cont’d) Man–category encompasses all NOAA employees. It includes training, selection, proficiency, habit patterns, performance and personal factors. In risk assessment, the operator is always an essential element, i.e., and the human who operates the machine within a media under management criteria. Some of these human elements are: • Selection:right person emotionally/physically trained in event proficiency, procedural guidance and habit pattern. NOAA SECO 10-23-2005

  33. NOAA RISK MANAGEMENTTHE 5M CONCEPT (cont’d) • Performance:awareness, perceptions, saturation, distraction, channelized attention, stress, peer pressure, confidence, insight, adaptive skills, pressure/workload, fatigue (physical, motivational, sleep deprivation, circadian rhythm, klutz). • Personal Factors:Expectancies, job satisfaction, values, families/friends, command control, discipline (internal and external), modeling, pressure (over tasking) and communication skills. NOAA SECO 10-23-2005

  34. NOAA RISK MANAGEMENTTHE 5M CONCEPT (cont'd) Media – is the environment with which employees operate. This includes climate, terrain and noise/distractions. These external, largely environmental forces vary and must be considered when assessing risk: • Climatic: Temperature, seasons, precipitation, aridity and wind. • Operational: Routes, surfaces, terrain, vegetation, obstructions and constrictions. • Hygienic: Vent, noise, toxicity, corrosives, dust and contaminants. • Vehicular/Pedestrian: paved, gravel, dirt, ice, mud, dust, snow, sand, hilly, curvy. NOAA SECO 10-23-2005

  35. NOAA RISK MANAGEMENTTHE 5M CONCEPT (cont'd) Machine– the Machine category encompasses any tool and/or equipment an employee may use or operate. The machine category includes it’s design, it’s maintenance, technical orders and its user perception. This can be as simple as a necropsy knife to a multi-million dollar aircraft and consist of: • Design: engineering and user friendly (ergonomics). • Maintenance: Training, time, tools and parts. • Logistics: supply, upkeep and repairs. • Tech Data: clear, adequate, useable and available. NOAA SECO 10-23-2005

  36. NOAA RISK MANAGEMENTTHE 5M CONCEPT (cont'd) Management – is the final coordinating category. Management provides the enforcement and establishment of standards, procedures and controls. It drives the interaction between MAN, MEDIA, MACHINE and MISSION. Management dictates the process by defining Standards, Procedures and Controls. There is significant overlap between Man, Machine, Mission and Media because these elements interrelate directly, but the critical element is Management. Any breakdown within the man, machine, mission or media must viewed as an effect of management performance. When outcome fails to meet anticipated goals, these NOAA SECO 10-23-2005

  37. NOAA RISK MANAGEMENTTHE 5M CONCEPT (cont'd) 5 M’s must be thoroughly reassessed. Management is the controlling factor in defining the process of either production success or failure. Mission – The desired outcome. Successful missions, or mishaps do not just happen, they are indicators of how well a system is functioning. The basic cause factors for mishaps fall into the same categories as the contributors to successful missions - Man, Media, Machine and Management. NOAA SECO 10-23-2005

  38. Date Worksheet Prepared: _________________ NOAA SECO 10-23-2005

  39. RISK MANAGEMENT WORKSHEET NOAA SECO 10-23-2005

  40. WORKSHEET INSTRUCTIONS Block 1-4 Self-explanatory 5. Identify Hazard: Objective is to ID those things most likely to have a negative impact on the mission. 6. Assess Risk: Determine risk of each hazard using the Risk Assessment Matrix. In Block 6, enter the risk level for each hazard, i.e., 5-Negligible, 4-Critical, 3-Minor, 2-Major, or 1-Catastrophic. 7. Develop Controls: Develop one or more controls for each hazard to reduce its risk. As needed, specify who, what, where, when, and how for each control. 8. Determine Mission/Task Risk: From Block 8, identify hazard with highest residual risk. This is the overall risk for the task/mission. Circle the appropriate risk level in Block 9. 9. Make Risk Decision: Decide to accept or not accept the residual risk for this mission/task. Unit commander will determine authority and level for risk acceptance. Decisions for high and extremely high risk levels should be elevated up the chain of command. 10. Implement Controls: Decide how each control will be put into effect/communicated to the personnel who will make it happen (written instructions, operating instructions, checklists, dry-runs). Enter in Block 10. 11. Supervise: Show how each control will be monitored to ensure proper implementation (i.e., continuous supervision, spot checks, etc.). Enter in Block 11. 12. Evaluate: After mission/task is complete, determine effectiveness of each control in reducing the risk of the targeted hazard. Indicate in Block 12 Y (yes) if the control was effective or N (no) if the control was ineffective. For those controls which were not effective, determine why and what to do the next time this hazard is identified. For example change the control or change how the control will be implemented/supervised. NOAA SECO 10-23-2005

  41. NRM Cheat Sheet Action 2: Assess hazard severity Action 4: Complete assessment Action 3: Assess mishap probability Action 2: Establish accountability Action 3: Provide support Action 1: Make implemen- tation clear Action 1: Supervise Action 2: Review Action 3: Feedback 6 1 2 5 4 3 NRM Cheat Sheet STEP 1 IDENTIFY THE HAZARD Action 1: Mission/task analysis Action 2: List Hazards Action 3: List Causes HAZARD SEVERITY CATEGORIES I Catastrophic - Complete mission failure, death, or system loss. II Critical – Chief mission impact, severe injury, or major system damage. III Major - Key mission impact, minor injury, or minor system damage. IV Minor – Trivial mission impact, minor injury, or minor system damage. V Negligible - Little mission impact, injury, or damage. STEP 2 ASSESS THE RISK Action 1: Assess hazard exposure HAZARD PROBABILITY CATEGORIES A Frequent - Item: occurs often. Fleet: continuous. Individual: occurs often. All: continuous. B Likely - Item: occurs several times. Fleet: frequently. Individual: occurs several times. All: frequently. C Occasional - Item: will occur. Fleet: several times. Individual: will occur. All: sporadic. D Seldom - Item: could occur. Fleet: will occur. Individual: could occur. All: seldom. E Unlikely - Item: will not occur. Fleet: could occur. Individual: will not occur. All: very rarely. STEP 3 ANALYZE RISK CONTROL MEASURES Action 2: Determine control effects Action 1: Identify control options Action 3: Prioritize risk control measures STEP 4 MAKE CONTROL DECISIONS Action 2: Make Risk Decisions Action 1: Select Risk Controls STEP 5 IMPLEMENT RISK CONTROLS STEP 6 SUPERVISE AND REVIEW Severity NOAA SECO 10-23-2005

  42. NRM Cheat Sheet2 The 5 M Model Management Man Machine Mission Media RISK CONTROL OPTIONS MATRIX Engineer Guard Improve Task Design Limit Exposure Selection of Personnel Train and Educate Warn Motivate Reduce Effects Rehabilitate MACRO CONTROL OPTIONS LIST Reject Avoid Delay Transfer Spread Compensate Reduce ORDER OF PRECEDENCE 1. Design for Minimum Risk 2. Incorporate Safety Devices 3. Provide Warning Devices 4. Procedures & Training THE INVOLVEMENT CONTINUUM User Ownership Co-ownership STRONGER Team Member Input Coordination Comment And Feedback Robot WEAKER THE POWER OF COMMAND Sustained consistent behavior STRONGER On-going personal behavior Accountability actions and follow up Follow up inquiries by phone and visits Verbal support in staff meetings Sign directives WEAKER NRM Cheat Sheet 7 PRIMARY HAZARD IDENTIFICATION TOOLS Operations Analysis - a block diagram, flow chart, or timeline that describes the operation. Preliminary Hazard Analysis - an examination for sources of hazards, usually related to energy. What If Analysis - a group brainstorming technique. “What if this happens?” Scenario Process - stories describing conceivable mishaps and consequences. Logic Diagrams - “tree” shaped diagrams examining hazards in detail: positive, negative, and risk event diagrams. Change Analysis - compares changes to a baseline to determine significance. Cause and Effect Diagrams - fishbone diagram to examine many causes of a mishap. • HAZARDS ARE CAUSED • BY ENERGY • Force Acceleration • Chemical Vibration • Electrical Environmental • Kinetic Pressure • Potential Thermal • Radiation Humans NOAA SECO 10-23-2005

  43. WORK AT WORKING SAFELY Training is the key to success in managing safety in the work environment. Attitude is also a key factor in maintaining a safe workplace. Safety is, and always will be, a team effort. Safety starts with each individual employee and concludes with everyone leaving at the end of the day to rejoin their families, for additional information on Risk Management contact: Ben Bond, PA, CSP Occupational Safety & Health Manager SECO 301-713-2870 x 114 ben.bond@noaa.gov www.seco.noaa.gov NOAA SECO 10-23-2005

  44. Introduction NRM INTEGRATION WORKSHEET NOAA SECO 10-23-2005

  45. NRM INTEGRATION WORKSHEET • Introduction This worksheet is designed to support and enhance the application of the various tools and job aids developed to support the NOAA Risk Management (NRM) integration process. It serves as a checklist, worksheet, and record of the various steps involved in the process. Each of the various steps is optional and the user decides which elements to use or not use. NOAA SECO 10-23-2005

  46. STEP 1 - IDENTIFY INTEGRATION OBJECTIVES • Conduct an assessment to detect organizational changes that may influence selection of integration objectives (i.e. new SUPERVISOR, MANAGER, increased in number of personnel, budget constraints, etc.). List potential change issues below and briefly assess their potential positive or negative impact. NOAA SECO 10-23-2005

  47. STEP 1 - IDENTIFY INTEGRATION OBJECTIVES NOAA SECO 10-23-2005

  48. 2. Identify possible integration objectives a. Horizontal objectives (those designed to impact across the entire organization or major parts of it. Examples are generalized job aids or generic training programs.) Attempt to develop at least five horizontal objectives. • __________________________________ • __________________________________ • __________________________________ • __________________________________ • __________________________________ NOAA SECO 10-23-2005

  49. 2. Identify possible integration objectives cont’d. • Vertical objectives (those designed to impact entirely or predominately on a single process or functional area. Examples are process redesign or specialized NRM training for a specific group in a single operating area.). Attempt to develop at least five vertical objectives. • _______________________________________ • _______________________________________ • _______________________________________ • _______________________________________ • _______________________________________ NOAA SECO 10-23-2005

  50. STEP 2 - ANALYZE INTEGRATION OBJECTIVES Consider using the decision matrix to assist in evaluating the various integration objectives. Step 1. Tailor the matrix (see below) by entering the integration objectives in the space at the top. If necessary, use two or more matrix forms to accommodate all objectives. Step 2. Select the assessment criteria from those suggested and/or add any other criteria you consider important. Enter these criteria down the left side of the matrix. NOAA SECO 10-23-2005

More Related