Introduction to Risk

What is Risk? Risk fundamentally is a product of Consequence and Likelihood. Risk is subjective and will really depend on the perception and experience of the risk assessor/s. A Day to day example could  be, say  crossing a busy road while not at the designated traffic light pedestrian crossing. For the delinquent crosser he assumes the likelihood of him getting hit by a car would be next to no chance. However, the majority if looking at it independently might think otherwise, it’s too risky most would say no.

Risk Ranking

Now for an Oil and Gas company, risk assessments (e.g. HAZID, HAZOP, Construction Risk Assessments (CRA), etc.)  are the cornerstone of our design, installation and operating philosophies. Risk assessments workshops draws upon the experience of the vast majority to arrive at a risk value that would be acceptable by all. This is performed via the Risk Ranking steps.

As mentioned before, risk is very subjective and depends on the perception and experience of the groups; as such an objective and standardised Risk Ranking are critical for the organization during the decision making process. The remaining of this article will be focusing on the guidelines and experiences during the Risk Ranking steps. Other guidelines, best practices and discussion on further risk related topics will be covered in our future articles, as part of our continued knowledge sharing series.

Risk Matrix/ Risk Assessment Matrix

Taking example of risk assessments such as HAZID (hazard identification), HAZOP (hazard and operability) or CRA (Construction Risk Assessment); a standardized risk ranking across the organization can be achieved by using a Risk Matrix (also referred as Risk Assessment Matrix [RAM]). The Risk Matrix helps risk assessors to evaluate the likelihood, and the severity of a hazard/ deviation, and ultimately the risk level.

An example of Risk Matrix is shown below, and it is coupled with visual colouring aids, based on the company’s risk tolerability. As a common practice, the traffic light colours are adopted to provide strong visual signals. Below shows a common 5×5 Risk Matrix template.

Figure 1 – 5 x 5 Risk Matrix Example

The x-axis of the matrix is the impact (severity) grid, while the y-axis is used to depict the likelihood potential. There are semi-qualitative descriptor based on the organisations risk tolerance or regulatory requirement to help guide risk assessors to choose.

Risk Matrix is a simple yet strong tool for the risk assessor, if correctly used. However, there are a few significant pitfalls as well. Firstly as mentioned above, the risk ranking is user perspective approach, and a same matrix could be interpreted differently by another users, unless each condition is clearly described. The other pitfall is with regards to whether credits shall be taken for the controls, and how to do that consistently.

Best practices for Risk Ranking

Assuming that the hazard and the causes of the hazards have been clearly identified, the following steps are suggested during the risk ranking steps:

1. Describe your Consequence based on Worst Case Scenario;
2. Define the Safeguards;
3. Initial Risk ranking; this needs to be defined as:
   1. Severity ranking;
   2. Likelihood ranking;
4. Recommendations to further reduce or mitigate risk;
5. Residual Risk.

Step 1 – Describe your Consequence (worst case)

Once the causes and hazard have been identified, the consequence shall be described as the Worst Case Scenario. The goal should be to work through to a final outcome when barriers fail (barriers could fail). The final outcome should be a description on whether it is to people, environment, asset damage, etc. based on the client’s focus areas. Double jeopardy conditions should not be considered.

It is also highlighted that the final consequence description shall be by consensus of the risk assessment team, based on the local situation.

Taking example from Oil and Gas Industry, a good consequence description could be something like “Corrosion over time could lead to potential loss of hydrocarbon containment  leading to jet fire/ explosion resulting in personnel fatalities, environmental impact and asset damage”, instead of just “Leak from corroded piping causing fire and explosion.”

Step 2 – Define the safeguards

With the consequence clearly defined, next step would be to identify the existing safeguards. The safeguard should be specific and distinct for the hazard/ causes listed. Instead of generic SOP; ideally, we should identify the specific safeguards targeting the actual hazards. Preventive and Mitigative safeguards (refer to upcoming Bowtie articles) should be listed in the orders of precedence. Most importantly, the safeguards should be independent and do not have the common mode of failures, else they can be only counted as one safeguard. Examples of good safeguards definition:

1. Material selection – stainless steel;
2. Integrity Management Plan;
3. Fire and Gas System to initiate Emergency Shutdown (ESD); and
4. Passive fire protection (firewall/ blastwall).

Step 3 – Initial Risk Ranking

Based on the consequence in step 1, the risk assessor can now chooses the corresponding impact ranking from the risk matrix. A critical concept is that the severity should be ranked without taking credit of the safeguards (worst case). The reason is that in many cases, existing safeguards do not reduce the severity of an incident. Taking example of corroded piping, if the leak happens, fire and explosion could occurs and personnel still be killed. The concept does not suggest ignoring the effective and credit of the safeguards, safeguards will be accounted for in the next step during thew likelihood ranking.

Another consideration is the selection between different categories of consequence. In this scenario, three (3) type of consequence are identified, i.e. personnel injuries/ fatalities vs environmental damage vs asset damage. General recommendation is that where there are multiple categories, personnel safety category shall always take precedence over other categories such as production and environment.

The risk assessor shall then review event and then based on experience determine the likelihood. In some situation, the team experience could skew towards individual views, so in the event of doubt, the team shall err on the conservative while assigning the likelihood. Usually the risk matrix are provided with qualitative or quantitative descriptors. Referring to the risk matrix in Figure 1, in the case, with the existing safeguards, the likelihood will be ranked as Possible, where the facility has experienced similar situation before. Other ways of determining the likelihood can be based on Safeguards Count method, where each independent and effective safeguard can be given credit to drop the likelihood by one level.

A combination of severity and likelihood ranking would put the risk now on Med Hi Level below:

Step 4 – Recommendations to further reduce or mitigate risk

Based on Step 3, Personnel Medium Hi Risk has been determined, and since the risk is ranked as Medium Hi, it requires demonstration of ALARP, further safeguards could be required, if deemed effective.  In this case, the risk assessors and the group could suggest further recommendations, e.g. firewater system curtain at high risk area (to be defined per Fire Risk Analysis).

Step 5 – Residual Risk

Residual risk is the final risk value considering additional mitigation measures (Recommendations) being applied. Most of the time the recommendations will reduce the likelihood while consequence remain as it is. Consequence does not change as the number of safeguards increases because the severity is assessed and ranked without considering safeguards as described in Step 3. This step can be optional but is very useful in demonstrating ALARP, so it is strongly encouraged.

Conclusion

By following the above suggested steps of Risk Ranking, an objective and standardized risk level can be determined, which can be used throughout the organisation (and external parties) to understand risks, and determine the next course of action. Its critical to rigorously document the risk ranking process,  it provides clear and common ground for any discussions down the road.  And moreover ever so often it provides clarity to the readers whom might have missed the Risk Assessment workshop.

This method and steps are tried and tested with clients, and is highly recommended for fellow risk assessors during the risk assessment.

Risk Level and Prioritisation of the Recommendations

The company I used to risk assessed for has a simple rule set to be followed. Any item in the red zone (High Risk) is not tolerable and must be accompanied with recommendations or risk reduction proposal. Effective Risk Ranking must be performed, and the risk level must be recorded for prioritization of recommendations. The recommendations needs to be tracked from proposal to implementation with multiple reviewers, approvals using pre-approved tool. Based on market survey,  not many commercially available tool have the “all-in-one” capability of adopting the risk ranking, prioritisation, tracking of recommendations, as well as alert users based on risk level. Our offered products (eehs tools), on the other hand, was designed by engineers well versed in the process, requirements, where all the risk ranking and prioritization features are built into the backbone of the architect. Our specifically designed dashboard provides immediate visual que for both the Actionee, Approvers as well as the Management Team. Please contact us at sales@prism-ehstools.com or visit https://greatventures.prism-ehstools.com/ to find out more.