Avoiding disaster engineering technology and the law
Download
1 / 81

- PowerPoint PPT Presentation


  • 272 Views
  • Uploaded on

Avoiding disaster Engineering, Technology and the Law M. G. Lay What should reasonably be expected The unwitting witness The lecture will describe how normal producing organisations could be expected to operate, pre- disaster , and therefore, what could be expected of them,

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about '' - jana


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Avoiding disaster engineering technology and the law l.jpg

Avoiding disasterEngineering, Technology and the Law

M. G. Lay

What should reasonably be expected

MGLay presentation


The unwitting witness l.jpg
The unwitting witness

The lecture will describe how normal producing organisations could be expected to operate,

  • pre-disaster, and therefore,

  • what could be expected of them,

    • during a disaster,

    • immediately after a disaster, and

    • much later.

  • and, hence, what could be expected of your witness – a normal but unwitting participant in a disaster.

MGLay presentation


Organisational structure l.jpg
Organisational structure

What is a normal, producing, organisation? From a structural viewpoint:

  • A producing organisation is a complex, operating, value-adding system:

    • comprised of a set of interlinked but self-contained processes(defined in Note to clause 4.1 of ISO 9000).

  • A process is the transformation of an input into an output:

    • adding value during the transformation.

  • The output from one process is usually the input to another process. However, for the final process, the output is the organisation’s product.

MGLay presentation


Organisational attitudes l.jpg
Organisational attitudes

What is a normal, producing, organisation? From an attitudinal viewpoint, and despite the media and your particular clients, most organisations are:

  • competent and well-run,

  • effectively managed with good systems,

  • ethical & law-abiding,

  • as a first priority, focussed on their continuance,

  • driven by strategies and required outcomes,

  • continually learning and improving,

  • risk adverse.

MGLay presentation


On the deck of the titanic disasters are not the organisational norm l.jpg
On the deck of the Titanic(disasters are not the organisational norm)

Thus, this lecture will :

  • focus on the simple elemental processes that are the building blocks of complex organisations,

  • assume that people in such organisations will normally behave rationally and legally,

  • discuss strategies rather than outputs,

    all in the context of a disaster about to happen.

MGLay presentation


Process expectations 1 organisations are comprised of interacting processes l.jpg
Process expectations, 1(Organisations are comprised of interacting processes)

The expectations held for the output of each elemental process are developed from:

  • customer requirements

    • the producer will have given the consumer advance assurances about the product to be supplied

    • 1A. requirements not specified by the customer, but necessary for the use of the product (9001/Clause 7.2.1a)

  • company policy and objectives

    • the shareholders’/owners’ wishes will be known

      • and will usually relate to long term return on investment

  • (continued)

MGLay presentation


Process expectations 2 most organisations are ethical and law abiding l.jpg
Process expectations, 2(most organisations are ethical and law-abiding)

  • external requirements, which will include:

    • company law and related laws & regulations

    • OH&S regulations

    • accounting regulations

    • environmental protection regulations

      • the “triple bottom line”:

        * economic performance

        * environmental performance

        * social performance

    • industry practice

      • benchmarking

MGLay presentation


Managing processes a producing organisation is a complex system of processes l.jpg
Managing processes(a producing organisation is a complex system of processes)

Three world-wide trends are that organisations are:

  • prepared to enter long-term partnerships, beyond conventional contracts.

  • increasingly self-regulated:

    • despite the war stories, the alternative of regulation by government is too horrendous to even contemplate, let alone revisit

    • the independent reviewer provides a middle ground

    • qms makes self-regulation feasible

  • committed to quality management systems (qms).

MGLay presentation


Quality management systems 1 l.jpg
Quality management systems, 1

Quality management systems (qms) are now the norm throughout Australian industry

  • qms is a worldwide approach, with much international consistency and success,

  • an organisation without qms must be suspected of major deficiencies. It should be asked;

    • why does it not use qms?

    • which of its current problems could have been avoided by the proper use of qms?

MGLay presentation


Slide10 l.jpg

Mr A is an employee of Organisation B, where a disaster has occurred.

  • Mr A, does Organisation B have a qms?

MGLay presentation


Quality management systems 2 l.jpg
Quality management systems, 2 occurred.

In Australia, qms is governed by Standard

AS/NZS ISO 9001:2000

  • ISO is the International Standards Organisation and

    • the Australian Standard is, properly, a direct copy of the ISO standard.

  • The first Australian version was issued in 1987.

  • The current version is the third edition.

  • External formal certification via JASANZ accreditation is normal & rigorous.

  • MGLay presentation


    Slide12 l.jpg

    Mr A is an employee of Organisation B, where a disaster has occurred.

    • Mr A, a. does Organisation B have a qms? b. has it been certified?

    • Is it in accordance with ISO 9001?

    • In terms of clause 4.1 of ISO 9001, in which process did the disaster occur? (Answer: process C)

    • In the context of clause 4.1 of ISO 9001, please describe process C.

    • In the context of clause 4.1c of ISO 9001, please describe the criteria and methods being used to ensure effective operation of process C.

    MGLay presentation


    Quality management systems 3 l.jpg
    Quality management systems, 3 occurred.

    • In an organisation, qms operates at both strategic and operational levels

    • The core methodology is plan—do—check—act

    • qms does not imply:

      • uniformity

      • voluminous documentation

    • qms does imply

      • a focus on process management

      • understanding requirements

      • self-regulation

    MGLay presentation


    Slide14 l.jpg

    • Is the qms in accordance with ISO 9001? occurred.

    • In terms of ISO 9001, in which process did the disaster occur? (Answer: process C)

    • In the context of clause 4.1 of ISO 9001, please describe C.

    • In the context of clause 4.1c of ISO 9001, please describe the criteria and control methods being used to ensure effective operation of process C.

    • a. In the context of clause 4.1e of ISO 9001, were you monitoring, measuring and analysing process C? b. Was the associated documentation controlled in accordance with Clause 4.2.2?

    MGLay presentation


    Quality management systems 5 a documented process control regime l.jpg
    Quality management systems, 5 occurred.(a documented process control regime)

    Control mechanisms are required for document:

    • approval,

    • availability,

    • legibility and identification,

    • distribution, storage and retrievability,

    • review and up-dating,

    • change management and status definition,

    • obsolescence & disposition.

      Clause 4.2.4

    MGLay presentation


    Quality management systems 4 external process expectations and requirements were discussed earlier l.jpg
    Quality management systems, 4 occurred.(external process expectations and requirements were discussed earlier)

    Qms requires the relevant portions of an organisation’s process expectations and requirements to be explicitly:

    • established,

    • determined & given local relevance, and

    • adopted,

      by the Organisation.

      ISO 9001/clause 7.2.2

    MGLay presentation


    Slide17 l.jpg

    • a. In the context of clause 4.1e of ISO 9001, were you monitoring, measuring and analysing process C? b. Was the associated documentation controlled in accordance with Clause 4.2.2?

    • In the context of clause 7.1 of ISO 9001, what product was being produced at the time? Answer: product D.

    • In the context of clause 7.2.1 of ISO 9001, which requirements was product D meeting? Answer: requirements E.

    • In the context of clause 7.2.2 of ISO 9001, had requirements E been reviewed?

    • How do requirements E compare (benchmark) with those in use by similar organisations?

    MGLay presentation


    Quality processes 1 an organisation is a set of independent but interlinked processes l.jpg
    Quality processes, 1 monitoring, measuring and analysing process C? b. Was the associated documentation controlled in accordance with Clause 4.2.2?(an organisation is a set of independent but interlinked processes)

    With qms understood, we return to our core discussion of the processes occurring within an organisation. Reiterating:

    • the processes used must all be

      • identified,

      • their method of operation defined, and

      • their interactions determined.

    • qms is about the control of:

      • the individual processes, and

      • their interaction.

    • the control method and associated criteria must be defined.

    MGLay presentation


    Quality processes 2 the two classic performance measures l.jpg
    Quality processes, 2 monitoring, measuring and analysing process C? b. Was the associated documentation controlled in accordance with Clause 4.2.2?(the two “classic” performance measures)

    • Process control requires objectively measuring and analysing process performance with respect to process :

      • effectiveness

        • outputs compared with expectations,

        • an external measure

      • efficiency

        • outputs compared with inputs

        • an internal measure

    MGLay presentation


    Slide20 l.jpg
    Quality processes, 3 monitoring, measuring and analysing process C? b. Was the associated documentation controlled in accordance with Clause 4.2.2?(the expectations held for each process are developed from external, company and customer requirements)

    • Effectiveness measures will include feedback on how each of the above three sets of expectations –

      external, company, customer

      are met.

    • Efficiency measures relate to:

      • profitability

      • sustainability

    MGLay presentation


    Organisations using qms 1 l.jpg
    Organisations using monitoring, measuring and analysing process C? b. Was the associated documentation controlled in accordance with Clause 4.2.2?qms, 1

    As well as having a process control regime, an organisation purporting to operate under qms must have documented, implemented and maintained a:

    • quality policy and set of quality objectives,

    • quality manual for operating the qms,

    • set of quality procedures, and

    • record of events and actions.

      • particularly with respect to conformity with procedures and defined processes.

    MGLay presentation


    Slide22 l.jpg

    • In the context of clause 7.2.1 of ISO 9001, which requirements was product D meeting? Answer: requirements E.

    • In the context of clause 7.2.2 of ISO 9001, had requirements E been reviewed?

    • How do requirements E compare (benchmark) with those in use by similar organisations?

    • In the context of clauses 4.2.1d&e of ISO 9001, what documents & records exist concerning the operation and control of Process C?

    • In the context of clause 8.2.4 of ISO 9001, what do the records say about the conformity of process C & product D?

    MGLay presentation


    Slide23 l.jpg

    • How do requirements E compare (benchmark) with those in use by similar organisations?

    • In the context of clauses 4.2.1d&e of ISO 9001, what documents & records exist concerning the operation and control of Process C?

    • In the context of clause 8.2.4 of ISO 9001, what do the records say about the conformity of process C & product D?

    • a. Is your Company committed to qms? b. Is it being properly applied?

    • a. How would you describe your Company’s approach to non-conformances? b. Do you self-regulate? c. Is it effective?

    MGLay presentation


    Organisations using qms 2 top management commitment l.jpg
    Organisations using by similar organisations?qms, 2(top management commitment)

    “Top management shall provide evidence of its commitment to:

    • the development and implementation of a qms, and

    • continually improving the effectiveness of the qms,

      by:

      • communicating to the organisation the importance of meeting customer, shareholder and regulatory requirements,

      • establishing a quality policy,

      • ensuring that quality objectives are established,

      • conducting management reviews,

      • ensuring the necessary resources are available.”

        ISO 9001,Clause 5.1

    MGLay presentation


    Slide25 l.jpg

    • In the context of clause 8.2.4 of ISO 9001, what do the records say about the conformity of process C & product D?

    • a. Is your Company committed to qms? b. Is it being properly applied? c. How is the Company’s support demonstrated? d. When was the last management review? e. Are you adequately resourced? f. How do your comments specifically apply to Process C?

    • a. How would you describe your Company’s approach to non-conformances? b. Do you self-regulate? c. Is it effective?

    • a. What is your position in the Company? b. What are you responsible for? c. Who do you report to? d. Do they support your qms activities?

    • What quality improvements were made in qms in the year before the disaster?

    MGLay presentation


    Organisations using qms 3 top management commitment l.jpg
    Organisations using qms, 3 records say about the conformity of process C & product D?(top management commitment)

    Top management must also ensure that the qms:

    • covers all functions and levels in the organisation,

      Clause 5.4.1

    • has defined responsibilities and authorities,

      Clause 5.5.1

    • has a manager with the right responsibility, authority and reporting channels, Clause 5.5.2

    • has regular reviews (particularly with respect to preventative and corrective actions).

      Clauses 5.6.1&2

    MGLay presentation


    Slide27 l.jpg

    • a. Is your Company committed to qms? b. Is it being properly applied? c. How is the Company’s support demonstrated? d. When was the last management review? e. Are you adequately resourced? f. How do your comments specifically apply to Process C?

    • a. How would you describe your Company’s approach to non-conformances? b. Do you self-regulate? c. Is it effective?

    • a. What is your position in the Company? b. What are you responsible for? c. Who do you report to? Do they support your qms activities?

    • What quality improvements were made via qms in your area the year before the disaster?

    • a. Who is responsible for Process C? b. When was it last reviewed, particularly with respect to preventative and corrective actions?

    MGLay presentation


    Poor alternatives to qms l.jpg
    (Poor) alternatives to properly applied? c. How is the Company’s support demonstrated? d. When was the last management review? e. Are you adequately resourced? f. How do your comments specifically apply to Process C?qms

    • qmsor crisis management

    • process control or tinkering

    • safety plans or insurance/litigation

    MGLay presentation


    Slide29 l.jpg

    • a. How would you describe your Company’s approach to non-conformances? b. Do you self-regulate? c. Is it effective?

    • a. What is your position in the Company? b. What are you responsible for? c. Who do you report to? Do they support your qms activities?

    • What quality improvements were made in qms in the year before the disaster?

    • a. Who is responsible for Process C? b. When was it last reviewed, particularly with respect to preventative and corrective actions?

    • Despite your Company’s commitment to qms, is there a tendency to put it aside in times of crisis?

    MGLay presentation


    Production and service 1 l.jpg
    Production and service, 1 non-conformances? b. Do you self-regulate? c. Is it effective?

    Processes under qms must:

    • be carried out under controlled conditions, which include:

      • work instructions

      • suitable equipment

      • monitoring devices

    • include objective and impartial audits of the qms,

      • which in turn must be formally reported

    • include verification that actions required by an audit are undertaken:

    MGLay presentation


    Slide31 l.jpg

    • a. What is your position in the Company? b. What are you responsible for? c. Who do you report to? Do they support your qms activities?

    • What quality improvements were made in qms in the year before the disaster?

    • Despite your Company’s commitment to qms, is there a tendency to put it aside in times of crisis?

    • a. Who was responsible for Process C? b. When was it last reviewed, particularly with respect to preventative and corrective actions?

    • Did Process C have adequate work instructions, equipment and monitoring devices?

    • a. How many quality audits were done on Process C? b. Please table the records. c. How many non-conformances were listed?

    MGLay presentation


    What is an audit audits have proved to be invaluable tools l.jpg
    What is an responsible for? c. Who do you report to? Do they support your qms activities?audit?(audits have proved to be invaluable tools)

    • A qmsaudit is a systematic examination against defined criteria to determine:

      • whether activities and related results conform to planned processes,

      • whether the processes are

        • implemented effectively, and

        • able to achieve the defined output expectations.

    • A qms audit is analogous to a financial audit.

    MGLay presentation


    Production and service 2 nonconfomances can arise form operators or auditors l.jpg
    Production and service, 2 responsible for? c. Who do you report to? Do they support your qms activities?(nonconfomances can arise form operators or auditors)

    Within qms,process nonconformities must have:

    • been noted & recorded,

    • had their causes determined,

    • had corrective actions determined and implemented,

    • had the results of any closure action assessed,

    • been reviewed for possible closure.

    MGLay presentation


    Quality processes 4 diligence it is not enough to observe a problem l.jpg
    Quality processes, 4 responsible for? c. Who do you report to? Do they support your qms activities?(diligence: it is not enough to observe a problem)

    Thus, the next qms steps - after measuring and analysing a process - involve:

    • noting each conformity or non-conformity,

    • taking appropriate action,

    • recording all relevant information,

    • making continual improvements based on these measurements and actions.

    MGLay presentation


    Slide35 l.jpg

    • a. Who was responsible for Process C? b. When was it last reviewed, particularly with respect to preventative and corrective actions?

    • Did Process C have adequate work instructions, equipment and monitoring devices?

    • a. How many quality audits were done on Process C? b. Please table the records. c. How many new non-conformances were listed.

    • For each non-conformance related to Process C, a. describe the cause ascribed to the non-conformance, b. list the corrective action taken to correct it, c. estimate how effective the correction was, and d. describe the current status of the non-conformance.

    • Did any “continual” improvements result from each Process C non-conformance?

    MGLay presentation


    Oh s management systems 1 occupational health and safety the human obligation l.jpg
    OH&S management systems, 1 reviewed, particularly with respect to preventative and corrective actions?(Occupational health and safety - the human obligation)

    OH&S is one component of an organisation’s operation. It is covered by AS/NZS 4810:2001 which:

    • provides a systematic approach to OH&S

    • has a special emphasis on hazards and risks.

    • is based on qms

      • and thus requires an OH&S policy

        (continued)

    MGLay presentation


    Slide37 l.jpg

    • For each non-conformance related to Process C, a. describe the cause ascribed to the non-conformance, b. list the corrective action taken to correct it, c. estimate how effective the correction was, and d. describe the current status of the non-conformance.

    • Did any “continual” improvements result from each Process C non-conformance?

    • The disaster that occurred in Process C had OH&S implications. To what extent were these foreseen or foreshadowed in a. the qms work instructions for Process C, b. the pre-disaster non-conformances for Process C and c. the pre-disaster audits of Process C?

    MGLay presentation


    Slide38 l.jpg

    • The disaster that occurred in Process C had OH&S implications. To what extent were these foreseen or foreshadowed in a. the qms work instructions for Process C, b. the pre-disaster non-conformances for Process C and c. the pre-disaster audits of Process C.

    • More specifically, the disaster that occurred in Process C highlighted hazards and risks in Process C. To what extent were these foreseen or foreshadowed in a. the qms work instructions for Process C, b. the pre-disaster non-conformances for Process C and c. the pre-disaster audits of Process C.

    • What is your Company’s OH&S policy?

    MGLay presentation


    Oh s management systems 2 l.jpg
    OH&S management systems, 2 implications. To what extent were these foreseen or foreshadowed in a. the qms work instructions for Process C, b. the pre-disaster non-conformances for Process C and c. the pre-disaster audits of Process C.

    (continued)

    • requires management commitment to OH&S,

    • has demonstrable OH&S conformance,

    • is able to be independently certified,

    • provides for

      • monitoring,

      • independent audits, &

      • continuous improvement.

    MGLay presentation


    Slide40 l.jpg

    • More specifically, the disaster that occurred in Process C highlighted hazards and risks in Process C. To what extent were these foreseen or foreshadowed in a. the qms work instructions for Process C, b. the pre-disaster non-conformances for Process C and c. the pre-disaster audits of Process C.

    • What is your Company’s OH&S policy?

    • Describe your management’s commitment to OH&S.

    • a. What OH&S non-conformances have you had recently? b. How many are relevant to Process C?

    MGLay presentation


    Slide41 l.jpg

    • What is your Company’s OH&S policy? highlighted hazards and risks in Process C. To what extent were these foreseen or foreshadowed in a. the qms work instructions for Process C, b. the pre-disaster non-conformances for Process C and c. the pre-disaster audits of Process C.

    • Describe your management’s commitment to OH&S.

    • a. What OH&S non-conformances have you had recently? b. How many are relevant to Process C? c. Which were open when the disaster occurred?

    • Have you had independent certification of your OH&S practices?

    • Describe how you monitored, audited and continuously improved OH&S for Process C.

    MGLay presentation


    Hazards risks 1 in an oh s context l.jpg
    Hazards & risks, 1 highlighted hazards and risks in Process C. To what extent were these foreseen or foreshadowed in a. the qms work instructions for Process C, b. the pre-disaster non-conformances for Process C and c. the pre-disaster audits of Process C.(in an OH&S context)

    Hazards and unacceptable risks must be:

    • identified,

    • assessed, stating their

      • potential

      • consequences

      • past experience

    • controlled, and

      • the controls evaluated

    • emergency responses defined.

    MGLay presentation


    Slide43 l.jpg

    • Have you had independent certification of your OH&S practices?

    • Describe how you monitored, audited and continuously improved OH&S for Process C.

    • a. What hazards and unacceptable risks were identified in the Organisation in the periods prior to and after the disaster? b. What was their potential? c. How were they controlled? d. Were any relevant to the disaster? e. Did they alter your emergency response policy?

    MGLay presentation


    Hazards risks 2 l.jpg
    Hazards & risks, 2 practices?

    Incidents associated with hazards must be:

    • investigated specifically

      • including operating conditions

    • investigated as system failures

      • including studying similar past events

    • used to initiate and complete corrective actions to either:

      • eliminate the risk,

      • minimise the risk, or

      • isolate the risk.

    MGLay presentation


    Slide45 l.jpg

    • a. What hazards and unacceptable risks were identified in the Organisation in the periods prior to and after the disaster? b. What was their potential? c. How were they controlled? d. Were any relevant to the disaster? e. Did they alter your emergency response policy? f. How many indicated system failures? g. Which were either minimised or isolated?

    MGLay presentation


    Best practice the safety case 1 l.jpg
    Best practice – the the Organisation in the periods prior to and after the disaster? b. What was their potential? c. How were they controlled? d. Were any relevant to the disaster? e. Did they alter your emergency response policy? f. How many indicated system failures? g. Which were either minimised or isolated?Safety Case, 1

    “A safety case is a documented demonstration of the way in which the hazards at a facility are managed to ensure acceptable risk.”

    Risk Engineering Society, IEAust, Victoria

    It is consistent with;

    • qms, and

    • performance-based management

      and is analogous to a Business Case:

    • providing assurance, and

    • being capable of independent audit.

    MGLay presentation


    Slide47 l.jpg

    • f. How many indicated system failures? g. Which were either minimised or isolated?

    • a. Did you have a Safety Case for Process C? b. If not, why not?

    • Had your Safety Case been independently audited?

    • a. How do you explain the disaster in the context of your Safety Case? b. How will you change the Safety Case?

    MGLay presentation


    Best practice the safety case 2 l.jpg
    Best practice – the either minimised or isolated?Safety Case, 2

    • A safety case must conclude that the system being considered meets its defined safety criteria and is therefore sufficiently safe to be :

      • acceptable, and

      • allowed to operate in accordance with its defined objectives and criteria.

        [The objectives and criteria will already exist within the qms documentation.]

        As it draws a conclusion, the safety case goes beyond a safety-assessor’s risk assessment.

    MGLay presentation


    Slide49 l.jpg

    • Had your Safety Case been independently audited? either minimised or isolated?

    • a. How do you explain the disaster in the context of your Safety Case? b. Was the disaster foreseen by it? c. If it had been, why did your preventative and/or mitigative measures fail? d. How will you change the Safety Case?

    • Who produced your Safety Case?

    • a. What would have been your pre-event numerical estimate of the risk of the disaster? b. What is the risk of its reoccurrence?

    • Was the disaster foreseeable?

    MGLay presentation


    Best practice the safety case 3 l.jpg
    Best practice – the either minimised or isolated?Safety Case, 3

    • Once all possible hazard causes are known,

      the next three key questions for a safety case are (Hawkesley):

      • What could go wrong? - foreseeing

      • Why won’t it? - preventing

      • But what if it did? - mitigating

        Two other questions are:

    • How wide is the coverage? – for whom?

    • Is anything exempted? – for what?

    MGLay presentation


    Best practice the safety case 4 l.jpg
    Best practice – the either minimised or isolated?Safety Case, 4

    Question 4, “but what if something did go wrong?” is intended to address:

    • consequence management, and

    • damage limitation

      but is often distorted to focus on liability:

    • management (e. g. control of information flows), and

    • assessment (e. g. minimisation of cost incurred)

      (recall the qms requirement for “top management” sign-off)

    MGLay presentation


    Best practice the safety case 5 l.jpg
    Best practice – the either minimised or isolated?Safety Case, 5

    A safety case can become:

    • if it is divorced from the rest of qms,

      • a contract between an operator and a single-purpose regulator.

    • although not produced for the purpose,

      • an imperfect tool for assigning liability when things do go wrong.

    MGLay presentation


    Best practice the safety case 6 l.jpg
    Best practice – the either minimised or isolated?Safety Case, 6

    • Safety case documents in a qms format are produced by the organisation doing the work.

      They cannot be:

    • produced by other bodies

    • imposed by other bodies

      There is a temptation for regulators to try to impose a safety case on an organisation.

      • If this is done, the intended safety case becomes another regulation, and loses all its qms attributes and benefits.

    MGLay presentation


    Risk and probability 1 l.jpg
    Risk and probability, 1 either minimised or isolated?

    Risk can be calculated and given numerical values using probability theory.

    So it is easy to forget that risk is still a subjective concept. For example:

    • Once the dice is thrown, the probability of a given number showing, changes from 1/6 to 1.

    • Our decisions on the same 1/6 probability will change with the size of the wager.

    • Although each throw of the dice is an independent event, when we look at the results from a set of throws, some order emerges.

    • There will always be insufficient data to estimate that order accurately.

    MGLay presentation


    Risk and probability 2 even more subjectively l.jpg
    Risk and probability, 2 either minimised or isolated?(even more subjectively)

    • We will never be able to foresee all hazards.

    • Some relevant events will be outside our control.

    • Once an unlikely event occurs, any earlier prediction that it was unlikely becomes a mistake.

      On empirical evidence:

    • Damage is emotionally worse when it

      • is caused by events over which the property owner had no control.

      • occurs to large groups of people.

    • Risk is rarely symmetric (liabilities vs value-adds).

    • People do not avoid low risk events.

    MGLay presentation


    Slide56 l.jpg

    • Who produced your Safety Case? either minimised or isolated?

    • a. What would have been your pre-event numerical estimate of the risk of the disaster? b. What is the risk of its reoccurrence?

    • Was the disaster foreseeable?

    • Could the disaster have been avoided?

    • a. Does your organisation adopt best practice procedures in risk management? b. Have you been trained in risk management?

    • a. In retrospect, were there early warning signals of the imminent disaster? b. Were there early signs of the disaster which could have led to actions causing a reduction in its consequences?

    MGLay presentation


    Risk and probability 3 even more subjectively l.jpg
    Risk and probability, 3 either minimised or isolated?(even more subjectively)

    • However, because of point 6, people do not want to be associated with a disaster – at the least it damages their promotion prospects. So the low risk threshold depends on event consequences.

    MGLay presentation


    Risk and probability 4 l.jpg
    Risk and probability, 4 either minimised or isolated?

    In a more specific context, it is often forgotten that the consequences of unwanted events occurring can be modified by:

    • Adopting “best practice” processes, particularly in risk management

    • Staff training and risk profiling sessions

    • Responding to the unwanted event rapidly, as:

      • early warning signals are seen and understood, and

      • the event progressively unfolds.

    MGLay presentation


    The road safety example 1 l.jpg
    The road safety example, 1 either minimised or isolated?

    Typical “accepted” risks are (fatalities / person / year) from Lay, Handbook of Road Technology, Vol 2:

    • safe behaviour (public health), 1 in 1 000 000

    • pay money to reduce 1 in 10 000

    • in a year of car travel 1 in 10 000

    • per car per year 1 in 5 000

    • publicly unacceptable, 1 in 1 000

    • in a lifetime of driving 1 in 200

    MGLay presentation


    Humans intrude l.jpg
    Humans intrude either minimised or isolated?

    Human misfits living outside of qms include:

    • “Blind eyes” who shoot messengers

    • “Bureaucrats” who bury or compartmentalise warning messages

    • “Conservatives” who oppose change

    • “Cowboys”, who consider themselves immune from procedures or risks

    • “Other worlds” who don’t want to know

    • “Tyrants” who cure risks by threats and punishments

    • “Walking disasters” who create hazards

    • “Wimps” who avoid responsibility

    MGLay presentation


    Slide61 l.jpg

    • a. Does your organisation adopt best practice procedures in risk management? b. Have you been trained in risk management?

    • a. In retrospect, were there early warning signals of the imminent disaster? b. Were there early signs of the disaster which could have led to actions causing a reduction in its consequences?

    • a. To what extent did in inappropriate human behaviour contribute to the disaster? b. Did the right people give and/or receive the right messages? c. Did some people act inappropriately?

    MGLay presentation


    The road safety example 2 l.jpg
    The road safety example, 2 risk management? b. Have you been trained in risk management?

    The primary causes of a road crash are (from Lay, Handbook of Road Technology, Vol 2) :

    • Drivers alone (e.g. run off straight road), 65%

    • Drivers and road (e.g. hit roadside post), 25%

    • Drivers and vehicles (e.g. wheels lock during braking), 5%

    • Road factors alone (e.g. slippery surface), 2%

    • Vehicle factors alone (e.g. brakes fail), 2%

    MGLay presentation


    The chain or the mattress a matter of redundancy l.jpg
    The chain or the mattress? risk management? b. Have you been trained in risk management?( a matter of redundancy)

    In the context of failure theory:

    • Most practical systems are full of redundancies and inherent checks and balances (as with a mattress where the failure of one spring need not cause disaster).

    • Few practical systems are determinant, where one event will cause total disaster (as with the links in a chain).

    MGLay presentation


    The curse of the yarra or the waters strike back l.jpg
    The curse of the Yarra risk management? b. Have you been trained in risk management?(or the waters strike back)

    I have been involved in four major problems associated with crossing the Yarra, each of which supports my thesis that disasters, at a sub-project role, are rarely isolated events.

    They are more likely to be the symptoms of a widespread disease.

    The four crossings are Kings Bridge, Westgate Bridge, Bolte Bridge and the City Link tunnels.

    MGLay presentation


    Kings bridge l.jpg
    Kings Bridge risk management? b. Have you been trained in risk management?

    • The designers were focussed on foundation problems, the steel used was poorly chosen, the welding methods were unsuitable for the steel, and the design details were inappropriate for the steel/welding used. If just one of these had not occurred, the bridge would not have failed.

    MGLay presentation


    Westgate bridge l.jpg
    Westgate Bridge risk management? b. Have you been trained in risk management?

    The design brief tried to avoid welding, the designers thought worrying about constructablity beneath their dignity, the builders thought the bridge could be modified without recourse to the designers, site communications were non-existent, major mistakes were made in design details, and early warnings of failure were ignored. Fixing just one of these would have avoided bridge failure.

    MGLay presentation


    Bolte bridge and city link tunnels l.jpg
    Bolte Bridge and City Link Tunnels risk management? b. Have you been trained in risk management?

    • It is not possible for the author to put his views on these in writing.

    • Instead, consider any report on any major failure. Have you read of any that have said “The failure was caused by item F failing”. No, the norm is to be presented with a long catalogue of problems. The disaster is just the end play in a sad saga.

    MGLay presentation


    Slide68 l.jpg

    • a. In retrospect, were there early warning signals of the imminent disaster? b. Were there early signs of the disaster which could have led to actions causing a reduction in its consequences?

    • a. To what extent did in inappropriate human behaviour contribute to the disaster? b. Did the right people give and/or receive the right messages? c. Did some people act inappropriately?

    • Have there been other instances of related minor or major disasters in the Organisation or associated-industry in recent times?

    MGLay presentation


    Zero tolerance to disasters l.jpg
    Zero tolerance to “disasters” imminent disaster? b. Were there early signs of the disaster which could have led to actions causing a reduction in its consequences?

    A strongly developing concept which underlies the recent strengthening in support for qms, OH&S, etc is the principle that no disasters should be tolerated, and their risk of occurrence should be reduced to zero.

    • This approach should be applied to planning, designing, operating and assessing. It is an attempt to change the state of mind from

      • passive acceptance, to

      • active avoidance.

    MGLay presentation


    Back in the real world real answers to unreal questions l.jpg
    Back in the real world: imminent disaster? b. Were there early signs of the disaster which could have led to actions causing a reduction in its consequences?(real answers to unreal questions)

    So what answers would we expect to receive from:

    • a normal employee

      • holding a responsible position

      • in an Australian,

      • “normal, producing organisation”

      • which has just experienced a typical moderate major disaster

      • including damage to people and property?

    • recognising that at the coal-face poor decisions are usually driven by time savings rather than cost cutting.

    MGLay presentation


    Slide71 l.jpg

    Mr A is an employee of Organisation B, where a disaster has occurred.

    • Mr A, a. does Organisation B have a qms? b. has it been certified? answer:Yes & yes.

    • Is it in accordance with ISO 9001? answer:We up-dated it last year. [Was that certified?]

    • In terms of clause 4.1 of ISO 9001, in which process did the disaster occur? answer:In Process C.

    • In the context of clause 4.1 of ISO 9001, please describe process C. answer: The best description of process C is given under procedure F in our Quality Plan. Process C is

    MGLay presentation


    Slide72 l.jpg

    relatively labour intensive occurred.. [Quality Plans are defined in Note 1 to Clause 7.1 of ISO 9001.]

    • In the context of clause 4.1c of ISO 9001, please describe the criteria and methods being used to ensure effective operation of process C. answer: The best description of the criteria and methods is given under procedure F in our Quality Plan. [The need for this content is discussed in Clause 7.1c of ISO 9001.]

    • a. In the context of clause 4.1e of ISO 9001, were you monitoring, measuring and analysing process C? b. Was the associated documentation controlled in accordance with Clause 4.2.2? answers:Yes & Yes.

    MGLay presentation


    Slide73 l.jpg

    • In the context of clause 7.1 of ISO 9001, what product was being produced at the time? answer:Product D.

    • In the context of clause 7.2.1 of ISO 9001, which requirements was product D meeting? answer:Requirements E.

    • In the context of clause 7.2.2 of ISO 9001, had requirements E been reviewed? answer:Yes.

    • How do requirements E compare (benchmark) with those in use by similar organisations? answer:I am not aware of any identical work elsewhere. This is a very competitive business. [Is he saying that they all compromise safety?]

    • In the context of clauses 4.2.1d&e of ISO 9001, what

    MGLay presentation


    Slide74 l.jpg

    • documents & records exist concerning the operation and control of Process C? answer: A complete set.

    • In the context of clause 8.2.4 of ISO 9001, what do the records say about the conformity of process C & product D? answer:There were a few non-conformances but most had been closed when the disaster occurred. [Question 21 returns to explore the issues raised by this answer. For the moment, note that a. disasters rarely occur in splendid isolation and b. it is common for people to fail to perceive what in retrospect are the “obvious” signs of an impending disaster.]

    MGLay presentation


    Slide75 l.jpg

    • a. Is your Company committed to qms? b. Is it being properly applied? c. How is the Company’s support demonstrated? d. When was the last management review? e. Are you adequately resourced? f. How do your comments specifically apply to Process C? answer:a. Yes, but they get upset when it causes delays. b. Yes, but I wouldn’t say it was first priority. c. Everywhere you look there are signs about quality – but I bet there are none in the Boardroom. d. Just before the next certification. e. The quality group always want more staff, but they’re another overhead. f. It’s easy to be wise in hindsight.[These issues are pursued further in the answers to questions 17-23].

    MGLay presentation


    Slide76 l.jpg

    • a. properly applied? c. How is the Company’s support demonstrated? d. When was the last management review? e. Are you adequately resourced? f. How do your comments specifically apply to Process C? How would you describe your Company’s approach to non-conformances? b. Do you self-regulate? c. Is it effective? answer:We self-regulate and we are very honest and also very practical in our approach. [practical: we don’t let it delay the job - most jobs carry small compromises].

    • a. What is your position in the Company? b. What are you responsible for? c. Who do you report to? d. Do they support your qms activities? answer:I am a manager and I am responsible for Process C. I report to the Works Manager. Everyone supports qms but the bosses get aggressive when it results in unscheduled stoppages. [most current jobs are highly programmed with insufficient allowance for unplanned delays.]

    • What quality improvements were made in qms in the year before the disaster? answer:We reduced the number of process alarms as the important ones were being masked.[Who determined which alarms were important?]

    MGLay presentation


    Slide77 l.jpg

    • a. Who is responsible for Process C? b. When was it last reviewed, particularly with respect to preventative and corrective actions? answer:I am responsible. We reviewed the process about six months ago and that’s when we decided to make the changes I mentioned in my previous answer.[There is rarely a sense of urgency in these matters.]

    • Despite your Company’s commitment to qms, is there a tendency to put it aside in times of crisis? answer: Until the disaster, we haven’t had a crisis.

    • Did process C have adequate work instructions, equipment and monitoring devices? answer:Yes. [And still the disaster occurred.]

    MGLay presentation


    Slide78 l.jpg

    • a. How many quality audits were done on Process C? b. Please table the records. c. How many non-conformances were listed? answer:There were two audits. Here are the records. There were five non-conformances.[There is rarely a problem having non-conformances raised.]

    • For each non-conformance related to Process C, a. describe the cause ascribed to the non-conformance, b. list the corrective action taken to correct it, c. estimate how effective the correction was, and d. describe the current status of the non-conformance. answer: Here is the list:

      NC1&2, trivial alarms, alarms decommissioned, effective, closed.

    MGLay presentation


    Slide79 l.jpg

    NC3, no test record, record obtained, no link to product used, still open

    NC4&5, no same-day sign-offs, retrospective sign-offs, work verified by others, closed.

    [The closures are not too convincing and might be rejected by a future audit.]

    • Did any “continual” improvements result from each Process C non-conformance? answer:We decommissioned the alarms.[!]

    • The disaster that occurred in Process C had OH&S implications. To what extent were these foreseen or foreshadowed in a. the qms work instructions for Process C, b. the pre-disaster non-conformances for Process C and c. the pre-disaster audits of Process C?

    MGLay presentation


    Slide80 l.jpg

    answer: used, still opena. The OH&S link was good at a general level. b. Perhaps that alarm might not have been disconnected? c. There hadn’t been an audit since the alarm was disconnected.

    We will skip many of the OH&S, Safety Map and Risk Management responses. Of course, the staff followed the requirements as well as could be expected and, of course, the plans did not cover all the eventualities that did arise. The disaster was, after all, unforeseen.

    • a. What hazards and unacceptable risks were identified in the Organisation in the periods prior to and after the disaster? b. What was their potential?

    MGLay presentation


    Slide81 l.jpg

    • c. How were they controlled? d. Were any relevant to the disaster? e. Did they alter your emergency response policy? f. How many indicated system failures? g. Which were either minimised or isolated?

    • answer: a. After the event we did discover that the disabled alarm, if it had been noted amongst all the other alarms, would have alerted someone to the fact that the installation crew had omitted a key step. I’m not sure whether anyone would have realised the significance of the omission. b. There would have been no disaster if the installation had been done as specified, or, if someone in authority had known of the omission and its significance and then acted. c. In retrospect, they weren’t. d. Yes. e. How do you protect against humans? f. About 4. g. None.

    MGLay presentation


    ad