3. The Risk Assessment Process
Establishing the context
(5.3)
Risk identification (5.4.2)
Risk analysis (5.4.3)
Risk evaluation (5.4.4)
Risk treatment (5.5)
Communication
and
consultation
(5.2)
Monitoring
and
review
(5.6)
Process (clause 5)
Risk Communication
Plan-Do-Check-Act Model
Risk-based Decision Making
Risk Assessment Triggers
Establishing Context
Risk Criteria
Risk Scoring System
Pareto Analysis
Risk Assessment Matrix
Risk Identification
Brainstorming
Checklists
DelphiTechnique
Design Safety Review
Hazard Identification (HAZID)
Nominal Group Technique
Risk Analysis
Bow Tie Analysis
Event tree
Fault tree
Failure Mode and Effects Analysis
(FMEA)
Hazard and Operability Study
(HAZOP)
Job Risk Assessment (JRA)
Layers ofProtection Analysis
(LOPA)
Preliminary Hazard Analysis
Striped Bow TieRisk Assessment
Structured What-if Technique
(SWIFT)
Risk Evaluation
As Low As Reasonable Practicable
(ALARP)
Risk Heat Map
Risk Indices
Risk Treatment
Business Impact Analysis
Cost/Benefit Analysis
Nonfinancial Benefits Analysis
Hierarchy of Controls
Multi-Criteria Analysis
Monitoring and Review
Key Performance Indicators (KPI)
Key Risk Indicators (KRI)
Risk Treatment Tracking
Risk PerformanceMeasurement
Risk Register
The ISO 31000 Risk Management Process with associated tools
4. The Risk Assessment Process
The purpose of the risk assessment matrix is to provide “a method to
categorize combinations of probability of occurrence and severity of harm,
thus establishing risk levels.” (ANSI/ASSE Z590.3-2011)
It is important that the risk rating criteria and matrix used by an organization
are consistent.
When developing or selecting a risk assessment matrix which expresses
numerical values, rating criteria should be standardized so that a lower risk
score or risk priority number (RPN) value indicates a lower risk level.
Thus, on a 10 point risk scale, a risk score of 1 is considered the lowest level, while a 10
is considered the highest risk.
Select Risk
Assessment Matrix
5. The Risk Assessment Process
Risk Matrix Examples
Select Risk
Assessment Matrix
Severity of Injury or Illness Consequence
Likelihood of
Occurrence or
Exposure for
select unit of Time
or Activity
Negligible Marginal Critical Catastrophic
Frequent Medium Serious High High
Probable Medium Serious High High
Occasional Low Medium Serious High
Remote Low Medium Medium Serious
Improbable Low Low Low Medium
6. The Risk Assessment Process
Risk Matrix Examples
Select Risk
Assessment Matrix
7. The Risk Assessment Process
Risk Matrix Examples
Select Risk
Assessment Matrix
Numerical Scoring Risk Matrix (5x5) Example from
ANSI/ASSE Z590.3-2011 (R2016)
Qualitative Risk Matrix (5x4) Example from
MIL-STD 882E
Semi-quantitative Risk Matrix (5x6) Example
from ANSI/ASSE Z690.3-2011
Category Risk Score Action
Very High Risk 15 or greater Operation not permissible. Immediate action necessary.
High Risk 10 to 14 Remedial actions to be given high priority.
Moderate Risk 6 to 9 Remedial action to be taken at appropriate time.
Low Risk 1 to 5 Remedial action discretionary.
Risk Scoring Levels and Action Required example
from ANSI/ASSE Z590.3-2011
8. The Risk Assessment Process
Establish Context
1. Define the purpose and scope of the risk assessment.
2. Set the boundaries for the assessment with internal (resources, knowledge,
culture and values among others) and external (legal, regulatory, economy,
perceptions of external stakeholders, etc.) parameters in mind.
3. Should be clear, concise and well understood by all stakeholders.
4. Clearly define and communicate the risk criteria and ‘acceptable risk’ level.
9. The Risk Assessment Process
Assemble Team
1. Context of the risk assessment assignment will determine the size and makeup
of the team.
2. Cross-functional group of individuals who are familiar and knowledgeable with
the hazards and operations.
3. May require outside expertise in more complex situations.
4. Good communication and skills are essential.
10. The Risk Assessment Process
Identify Hazards
and Risks
Hazards are the source of risk. Thus, if risks are to be assessed, hazards must
first be identified.
Risk identification is defined as the process of finding, recognizing and
recording risks
Key components of risk identification are the identification of the causes and
source of the risk (hazard in the context of physical harm), events, situations or
circumstances which could have a material impact upon objectives and the
nature of that impact. Once identified, existing controls for the risk should also
be identified. (ANSI Z690.3-2011)
11. The Risk Assessment Process
Analyze Risks
Risk analysis involves developing an ‘understanding’ of the risk. (ISO
31010/ANSI Z690.3)
The analysis of each hazard/risk includes:
determining the severity of consequences
estimating the likelihood of occurrence
assessment of the effectiveness of existing controls
an estimation of the risk level
12. The Risk Assessment Process
Evaluate Risks
Risk evaluation involves comparing the estimated risk levels with the defined risk
criteria to determine the significance of the level and type of risk.
It is based on the combination of estimated consequences and likelihood and
uses information from the hazard/risk identification and risk analysis phases to
make recommendations for decision makers.
13. The Risk Assessment Process
Treat Risks
Risks that are judged unacceptable must be ‘treated’ to reduce risk.
The risk treatment process involves:
the assessment of a risk treatment;
determining if residual risk levels are tolerable;
selecting new risk treatments for those residual risks that are not
acceptable;
and assessing the effectiveness of any new control measure.
Risk treatment involves the selection and implementation of one or more risk
control measures or enhancements to existing controls. Treatment options
include:
1. avoiding the risk by deciding not to start or continue with the activity
that gives rise to the risk;
2. removing the risk source;
3. changing the likelihood;
4. changing the consequences;
5. sharing the risk with another party such as insurance contracts and
risk financing; and
6. retaining the risk by informed decision.
14. The Risk Assessment Process
Document
Successful risk assessment processes are dependent on effective communication
among stakeholders prior to, during and after the process.
Virtually all aspects of the risk assessment process should be documented
Selecting the risk assessment matrix
Determining the purpose and scope (context)
Selecting the team
Identifying the hazards or operations to be assessed
Hazard/risk identification
Risk analysis
Risk evaluation
Communication and documentation
Monitoring and continuous improvement
15. The Risk Assessment Process
Monitor and Review
Hazards and operations continuously change and with these changes come new
and different risks.
Examples of these might include different equipment, processes, operating
environments, production rates, etc. Each of these changes could have an effect
on the existing controls and their effectiveness.
Thus, it may be appropriate to update risk assessments to consider these
possible changes.
17. Hazard Analysis vs. Risk Assessment
The fact that a hazard exists, does not necessarily mean that a
risk is produced.
Risks are derived or produced from hazards when their
exposures to people and/or assets pose a chance for loss.
For a risk to exist, the exposure to a hazard must pose a severity
of loss or harm, and a likelihood of occurring. If no person or no
asset is exposed to the hazard then there is no risk.
This chance for loss or ‘risk’ is measured by the likelihood of the event
occurring and the resulting severity or consequence of the loss.
20. Hazard/Risk Identification (HAZID/RISKID)
Hazard/risk identification involves finding, anticipating,
recognizing, and describing hazards that could affect the
achievement of an organization’s objectives.
Hazard identification can be used as a stand-alone technique or
as an initial step in more detailed risk assessment methodologies.
The Process of Hazard/Risk Identification
21. HAZID/RISKID – Identify Hazards
Identification of hazards is the most important step in risk
assessment. If hazards, the source of risk, are not recognized and
identified, risks cannot be assessed, reduced and managed.
The identification of existing and potential hazards within the
context of the assessment should be performed.
In addition to listing these hazards, a description or
characterization of the hazards should be included.
There are many references and resources for common categories
of hazards including the list in OSHA’s “Job Hazard Analysis”,
Appendix 2 found in Publication 3071 at
https://www.osha.gov/Publications/osha3071.pdf
Identify
Hazards
22. HAZID/RISKID – Identify Hazards
Common Categories of Hazards
Crane and lifting equipment
Slips, Trips and Falls
Electrical/Heat/Chemical burns
Power tools
Falls from height
Falling object
Fire outbreak/explosions
Struck by fixed/moving objects
Exposure to toxic/hazardous materials
Scaffolding
Structural collapse
Asphyxiation/respiratory
Trench/excavation
Drowning
23. HAZID/RISKID – Identify Hazards
The existence of a hazard alone does not necessarily translate to
a risk. Risk is derived from the ‘exposure’ to a hazard.
Therefore, in addition to identifying the hazards, the potential
exposure to people, property, assets, the environment, and other
things of value must also be identified.
Exposure to hazards can occur in various ways including:
direct contact with hazard
indirect contact with hazard
proximity to hazard
duration of exposure
magnitude of exposure
concentration or dose of exposure
Identify Exposures
and Failure Modes
24. HAZID/RISKID – Identify Hazards
Failure modes are the state or condition where a system fails to perform as
expected or deviates from its design tolerances resulting in a potential for
harm or a hazardous event.
Examples of failure modes include:
pre-mature operation (i.e. unexpected startup or release of energy)
failure to start operation (i.e. sump pump fails to operate when water
level rises beyond flood level)
failure to stop operations (i.e. press brake fails to stop when interlock
is activated)
failure during operation (i.e. local exhaust system fails during welding
operation)
degraded or deterioration of operation (i.e. leak in containment vessel)
exceeded capability/capacity of operation (i.e. over pressurization of
vessel)
reasonably foreseeable uses and misuses of operation (i.e. using forklift
to raise worker to reach component)
Identify Exposures
and Failure Modes
25. HAZID/RISKID – Identify Hazards
It is important to understand the circumstances, conditions, actions or
inactions that can cause exposure to a hazard or trigger a hazardous event.
Hazards can be acute in nature causing immediate harm from a
single exposure, while cumulative-type hazards develop
gradually from prolong or repeated exposure.
Basic causes may include:
Machinery - design, selection, condition, use, maintenance
Human – actions, inactions, knowledge, skill, capability, attention,
interaction, communication
Management – direction, supervision, enforcement, communication
Methods – design, system, process, procedure, task, consistency
Materials – elements/constituents, selection, handling, storage, use,
disposal
Environment – design/layout, condition, external factors
Identify Causes and
Triggers
28. Job Hazard/Safety Analysis (JHA/JSA)
Likely the most common hazard-based analysis technique used in
operational risk management is the Job Hazard Analysis (JHA) or
sometimes referred to as Job Safety Analysis (JSA).
Job hazard analysis is a simple hazard analysis tool that is used to
help stakeholders identify, analyze and manage existing and
potential hazards in the tasks they perform.
These methods are often used to review job tasks and identify
hazards that may have been overlooked in the design or re-design
phase of the machinery, equipment, tools, workstations, or
processes.
31. Introduction
‘Risk analysis’ is the second step of the risk assessment process.
Risk analysis consists of determining the consequences and their
probabilities for identified risk events, taking into account the
presence (or not) and the effectiveness of any existing controls.
The consequences and their probabilities are then combined to
determine a level of risk. (ANSI/ASSE Z690.3-2011)
The purpose of analyzing risk is to gain an understanding of the
risks that are of importance to the organization.
ANSI Z590.3 Hazard and Risk Analysis Process
33. Risk Factors
Risk factors are the components of risk derived from an
identified hazard that are estimated and measured to produce a
risk score.
Risk assessments generally have two-dimensional risk scoring
systems, which use two risk factors such as:
Severity of consequence (S)
Likelihood (L) or probability
(P) of occurrence.
34. Other Risk Factors
Risk factors used in various three and four dimensional models.
Exposure (E) is used as a general measure of exposure events/units.
Frequency of Exposure (F) is used as a number of exposure events
for a unit of time.
Time Duration of Exposure (T) is used as a time period that a single
exposure occurs.
Vulnerability (V) is sometimes used in security threat analyses, and
generally refers to weaknesses in a system that are factored into the risk
estimation.
Detection of Failure (D) is used in many FMEA models as a third risk
factor in the risk level scoring system. The detection rating is based on an
estimate of how easily the potential failure could be detected prior to its
occurrence.
Control Reliability (CR) is used in machine risk assessments and
factors the reliability of a selected control into the risk estimation.
Prevention Effectiveness (PE) is a risk factor sometimes used in
FMEA and other methods to evaluate a controls effectiveness in
preventing a failure from occurring.
35. Consequence Analysis
Consequences are the results, outcomes or losses of an event
caused by a hazard(s).
Consequences most often refer to the damage or harm caused to
people, assets/property or the environment.
The assessment team determines the nature and type of
consequences that could result for exposure to a particular
hazard or event.
A single hazard or event may produce a number of impacts with
various magnitudes (levels of severity), and could affect multiple
assets or stakeholders.
The assessment’s context determines the types of consequence
analyzed and stakeholders affected.
Risk should be evaluated for the worst credible case rather than worst
conceivable risk.
36. Consequence Analysis
Consequences are the results, outcomes or losses of an event
caused by a hazard(s).
As a primary risk factor, the ‘severity levels’ of consequences to
be used in an assessment must be determined upfront, during the
development of the context. This will include the types of
consequences and levels of severity.
It is important that severity categories are clearly defined so that
consequences can be consistently ranked or scored by the risk
assessment team. Severity Category Injury/Illness Levels Financial Loss Levels
Catastrophic (4) Fatality(s) or permanent total
disability
More than $1M
Critical (3) Hospitalizations, permanent-
partial or temporary disability
in excess of three months
$100K - $1M
Marginal (2) Recordable Injury/Illness,
minor injury, lost workday
incident
$10K - $100K
Negligible (1) First Aid or minor medical
treatment
$0 - $10K
An example of risk severity
categories with descriptions
38. Consequence Analysis
N.B. For Quantitative Risk Assessment (QRA), there is a different
approach for consequence analysis. See the following resources for
more information:
https://www.dnvgl.com/Images/Introduction%20to%20Consequence%20
Modelling%20presentation%20slides_tcm8-86022.pdf
https://www.epa.gov/cameo/aloha-software
https://arshadahmad.files.wordpress.com/2016/09/raam-p7l2aloha.pdf
https://arshadahmad.wordpress.com/process-safety/quantitative-risk-
assessment/
https://arshadahmad.wordpress.com/mkkh1213-risk-assessment-accident-
modeling/
https://www.icheme.org/media/1557/a5-leaflet-flyer-
4pp_consequenciesmodellingtechniques_web.pdf
39. Likelihood Analysis
Determining probability or likelihood generally involves:
1. a review of relevant historical data to identify events or
situations which have occurred;
2. predictive type techniques such as fault tree analysis and
event tree analysis and;
3. a structured systematic process guided by a qualified,
knowledgeable expert(s).
Any available data used should be relevant to the focus of the
assessment.
40. Likelihood Analysis
Descriptions of likelihood of risk
Risk Level Likelihood of
Occurrence (L)
Description
5 Frequent Almost certain to occur. Has occurred more than once
within the last 12 months. Conditions exist for it to
occur.
4 Probable Very Likely to occur. Has occurred once within the
last 12 months. Conditions often exist for it to occur.
3 Occasional Likely to occur if conditions exist. Has occurred within
the last 24 months. Conditions can exist for it to occur.
2 Moderate May occur if conditions exist. Has occurred within the
last 36 months. Conditions sometimes exist for it to
occur.
1 Unlikely Unlikely to occur. Has not occurred within last 5 years.
Conditions rarely exist for it to occur.
Category description Time Period Frequency
Improbable Century Every 100 Years or more
Remote Decade Every 10 – 100 years
Occasional Annually Every 1 – 10 years
Probable Monthly Every 1 – 12 months
Frequent Weekly Every 1 – 4 weeks
41. Likelihood Analysis - Exposure
Where historical data shows a very low frequency of occurrence,
it may be difficult to properly estimate probability. Therefore, it
may be necessary to consider exposure frequency, time, and duration to
a certain hazard or event in the likelihood analysis.
Exposure is an indication of the extent to which the organization
is subject to the consequences based of the amount of exposure
in numbers.
Exposure can be measured as the frequency of an event or
exposure, its duration, and/or the assets exposed to risk.
Some of the variables for exposure might include:
the number of employees or people exposed
how frequent an activity is performed
the miles driven or number of vehicles used in transportation
the number of customers or products for a product risk assessment
the number of locations or facilities for a property risk assessment
42. Likelihood Analysis - Exposure
Descriptions of likelihood of risk considering the frequency of exposure and occurrence
44. Severity and Probability Descriptions- Example
Risk Level Likelihood of
Occurrence (L)
Description
5 Frequent Almost certain to occur. Has occurred more than once
within the last 12 months. Conditions exist for it to
occur.
4 Probable Very Likely to occur. Has occurred once within the
last 12 months. Conditions often exist for it to occur.
3 Occasional Likely to occur if conditions exist. Has occurred within
the last 24 months. Conditions can exist for it to occur.
2 Moderate May occur if conditions exist. Has occurred within the
last 36 months. Conditions sometimes exist for it to
occur.
1 Unlikely Unlikely to occur. Has not occurred within last 5 years.
Conditions rarely exist for it to occur.
Risk Level Severity of
Consequence (S)
Description
4 Catastrophic One or more fatalities; multiple serious
hospitalizations; incident resulting in more than $250 K
3 Critical Disabling injury or illness; permanent impairment;
incident resulting in more than $ 50 K
2 Marginal Medical treatment or restricted work; recordable
incidents; incident resulting in more than $ 1 K
1 Low First aid or non-treatment incidents; incident resulting
in less than $ 1 K
Risk Level Risk Score Action
Very High 12 or greater Operation not permissible; immediate action required
High 8 to 10 Remedial action required; high priority
Moderate 4 to 6 Remedial action suggested
Low 1 to 3 Remedial action discretionary
45. Assessment of Controls
The adequacy and effectiveness of existing control measures
greatly affect the level of risk and must be assessed.
This assessment of controls should include determining the type
of controls for each specific risk, and a judgment of their
effectiveness based on the Hierarchy of Controls.
Risk Formula
Severity x (Likelihood x Protection Factor) = Risk
Protection Factor (PF) Multiplier
Elimination 0.1
Substitution 0.4
Engineering - Multiple 0.6
Engineering - Single 0.7
Warning 0.8
Administrative 0.9
PPE 0.95
No Controls 1
Example of controls’ protection factor
48. Risk Scoring
Standard/
System
Values Risk Factors Matrix
Type
Risk Levels/Categories
ANSI B11.0
-2010
Qualitative Probability (P)
of Occurrence
x
Severity (S) of
Harm
4 x 4 4 risk levels
High
Medium
Low
Negligible
ANSI Z10-
2012
Qualitative Likelihood (L)
or Exposure
x
Severity (S) of
Injury or Illness
5 x 4 4 risk levels with actions
required
High
Serious
Medium
Low
ISO 31010/
ANSI
Z690.3-2012
Semi-
quantitative
Likelihood (L)
x
Consequence
(C)
5 x 6 5 risk levels
I (Highest)
II
III
IV
V (Lowest)
MIL-STD
882E
Qualitative Probability (P)
x
Severity (S)
6 x 4 5 risk levels
High
Serious
Medium
Low
Eliminated
ANSI
Z590.3 PtD
Semi-
quantitative
Severity (S)
x
Probability (P)
5 x 5 4 descriptive risk levels
Very high risk
High risk
Moderate risk
Low risk
Examples of risk scoring systems
49. Risk Scoring
Risk scoring systems with three or four risk factors are becoming
more common, adding a third or fourth factor such as failure
detectability, control effectiveness, vulnerability or other.
When three or more risk factors are used, a risk priority number
(RPN) is produced.
To more accurately score risk levels, Manuele proposes that
severity receive a 50% weighting to reflect the impact severity has
on incident outcomes. In the following equation, the rating for
occurrence probability and rating for frequency of exposure are
added together and then multiplied with severity.
Severity x (Probability + Frequency of Exposure) = Risk
Risk Priority Number = Severity x Likelihood x Detection
51. Risk Evaluation
Risk evaluation is the process of comparing estimated risk levels
with an established baseline - the defined risk criteria in context
of the assessment - to determine the appropriate action (ISO
31010/ANSI/ASSE Z690.3-2011).
Risk is evaluated using the estimated risk levels of consequences
and likelihood of occurrence developed in the hazard/risk
identification and risk analysis phases.
The understanding of the nature and magnitude of risk derived
from the risk analysis is used to decide whether a particular risk is
acceptable and what future actions are required.
52. Risk Assessment Criteria
Risk criteria are the reference points against which the
significance of risk are evaluated and measured. Such criteria are
derived from the organization’s culture and industry, external and internal
context, applicable laws, standards and other requirements.
Such criteria must be clearly defined and communicated by an
organization to consistently evaluate operational risks, and make
proper risk-based decisions.
A number of existing risk criteria measures are available,
however, it is essential that an organization carefully select
and/or develop its own risk criteria to reflect its values, goals,
industry setting, and overall culture.
In general, risk criteria should include a risk scoring system that
includes risk factors, defined scales of risk levels and a risk
matrix for an organization to measure risk for the purpose of
prioritizing and making proper decisions.
53. Risk Assessment Criteria
The primary purpose of risk assessment is to identify hazards,
and assess and reduce their risk to an acceptable level.
To achieve this, a measurement system that includes a baseline
(an organization’s acceptable risk level) and a method of scoring
(a risk scoring system) must be established.
Thus, risk criteria must begin with these two risk factors:
likelihood and severity.
Several other risk factors can be added to further define risk such
as exposure or frequency of exposure, duration of exposure,
vulnerability, failure detectability, control reliability, and
prevention effectiveness.
54. Risk Assessment Matrices
A key part of a risk scoring system is the risk assessment matrix.
Many organizations use risk assessment matrices or heat maps
based on defined risk criteria to visually compare risk levels
within the graduated risk level categories.
A matrix helps visualize and communicate risk levels to decision
makers by providing a means for categorizing combinations of
likelihood and severity and their risk levels.
They are often used as a screening tool when there are many
risks to evaluate.
Risk assessment models and their matrices may be classified as
qualitative, semi-quantitative or quantitative.
When defining the risk criteria and risk scoring system to be used,
stakeholders must take into consideration the level of detail desired, and
data and resources available.
55. Risk Assessment Matrices
Qualitative risk models are based on qualitative or subjective
descriptions rather than numerical or statistical data, and require
less precise information to be developed and used.
Qualitative risk models define severity of consequence, likelihood
and level of risk using descriptive words such as “high”,
“medium” and “low” which are evaluated according to qualitative
criteria.
Semi-quantitative risk models use qualitative data; however the
values are expressed as numerical risk ratings using a formula to
produce a risk level or score.
Risk level scores produced can be linear or logarithmic based on
the formula selected. One advantage of a semi-quantitative
model is that more precision can be given by adding definitions
that include some numerical ranges for severity of consequences
and likelihood of occurrence.
56. Risk Assessment Matrices
Quantitative risk models use data to define values for severity of
consequences and likelihood of occurrence, and produce risk
level values in specific numerical units.
As described in ANSI Z690.3, ‘full quantitative analysis’ may not
be possible or desired if there is insufficient information or data
available about the system or activity to be analyzed, or the
efforts required exceed the needs of the assessment.
57. Risk Assessment Matrices
Qualitative Risk Matrix (5x4) Example from
MIL-STD 882E
Semi-quantitative Risk Matrix (5x6) Example from
ANSI/ASSE Z690.3-2011
Numerical Scoring Risk Matrix (5x5) Example from
ANSI/ASSE Z590.3-2011 (R2016)
59. Risk Assessment Matrices
Semi-quantitative risk matrix example
Severity of Injury or Illness Consequence
Likelihood of
Occurrence or
Exposure for
select unit of Time
or Activity
Negligible
(1)
Marginal
(2)
Critical
(3)
Catastrophic
(4)
Frequent
(5)
5 10 15 20
Probable
(4)
4 8 12 16
Occasional
(3)
3 6 9 12
Remote
(2)
2 4 6 8
Improbable
(1)
1 2 3 4
60. Risk Assessment Matrices
Risk matrix example –
MIL-STD-882E, the Department of Defense Standard Practice for System
Risk Assessment Matrix
Severity
Probability
Catastrophic
(1)
Critical
(2)
Marginal
(3)
Negligible
(4)
Frequent
(A) High High Serious Medium
Probable
(B) High High Serious Medium
Occasional
(C) High Serious Medium Low
Remote
(D) Serious Medium Medium Low
Improbable
(F) Medium Medium Medium Low
Eliminated
(E) Eliminated
62. Risk Assessment Matrices
Standard/
System
Values Risk Factors Matrix
Type
Risk Levels/Categories
ANSI B11.0
-2010
Qualitative Probability (P)
of Occurrence
x
Severity (S) of
Harm
4 x 4 4 risk levels
High
Medium
Low
Negligible
ANSI Z10-
2012
Qualitative Likelihood (L)
or Exposure
x
Severity (S) of
Injury or Illness
5 x 4 4 risk levels with actions
required
High
Serious
Medium
Low
ISO 31010/
ANSI
Z690.3-2012
Semi-
quantitative
Likelihood (L)
x
Consequence
(C)
5 x 6 5 risk levels
I (Highest)
II
III
IV
V (Lowest)
MIL-STD
882E
Qualitative Probability (P)
x
Severity (S)
6 x 4 5 risk levels
High
Serious
Medium
Low
Eliminated
ANSI
Z590.3 PtD
Semi-
quantitative
Severity (S)
x
Probability (P)
5 x 5 4 descriptive risk levels
Very high risk
High risk
Moderate risk
Low risk
Examples of risk matrices and scoring systems
63. Risk Reduction – As Low As Reasonably Practicable/Acceptable
ISO 31010 presents a simple concept of dividing risks into three
bands used in evaluating risk. These categories can be described as
follows:
unacceptable - where the activity is to be avoided or reduced
before continuing
marginal or ALARP – where the costs and benefits of
further risk treatment are evaluated before continuing
acceptable – where the risk level is considered negligible
requiring no further risk treatment
Acceptable risk level can be defined as the risk level an organization
is willing to tolerate in its current context. Acceptable risk levels, as
well as unacceptable levels tend to be lowered as an organization
becomes more effective in their risk management efforts, reducing
risk and improving control technologies.
64. Risk Reduction – As Low As Reasonably Practicable/Acceptable
The ALARP Model from ANSI/ASSE Z690.3-2011
65. Risk Reduction – As Low As Reasonably Practicable/Acceptable
Weighing all relevant matters including:
1. the likelihood of the hazard or the risk
occurring; and
2. the degree of harm that might result; and
3. what the person concerned knows, or
ought reasonably to know, about—
the hazard/risk; and
ways of eliminating/minimizing the
risk; and
4. the availability/suitability of ways to
eliminate/minimize the risk; and
5. after assessing the extent of the risk and
the available ways of eliminating or
minimizing the risk, the cost associated
including whether the cost is grossly
disproportionate to the risk.
68. Risk Reduction – Hierarchy of Controls (HOCs)
The Hierarchy of Controls is a model
for identifying the risk reduction
effectiveness of control types.
It is defined by ANSI Z590.3,
Prevention through Design as:
A systematic approach to avoiding,
eliminating, controlling, and reducing
risks, considering steps in a ranked and
sequential order, beginning with
avoidance, elimination, and substitution.
Residual risks are controlled using
engineering controls, warning systems,
administrative controls, and personal
protective equipment.
The most effective risk reduction is achieved
through avoidance of the risk or elimination by
design or redesign. Lower level controls should
only be selected after practical applications of
higher level controls are considered.
69. Risk Reduction – Hierarchy of Controls (HOCs)
A common example of the Hierarchy of Controls
70. Risk Reduction – Hierarchy of Controls (HOCs)
Two Stage Iterative Approach to the Hierarchy of Controls and Risk Reduction from ANSI
B11.0-2015 – Safety of Machinery
76. Risk Treatment
Risk treatment is defined by ISO Guide 73 (ANSI/ASSE Z690.1-
2011) as the ‘process to modify risk’.
Risk treatments that deal with negative consequences are sometimes
referred to as “risk mitigation”, “risk elimination”, “risk prevention”
and “risk reduction”. (ANSI/ASSE Z690.1-2011)
Risk treatment involves the selection and application of risk
reduction measures for a risk which is judged to be unacceptable. It
is the end result or output of the risk assessment process used to
control the identified hazard and reduce its risk.
Without acting upon the risk assessment’s findings and treating risk,
a risk assessment is of no value, and in fact may lead to negligence
of the organization (Popov, Lyon, Hollcroft, 2016).
Decisions on treating a risk will likely depend on the costs and
benefits of risk and the costs and benefits of implementing
improved controls (refer to ALARP concept).
77. Risk Treatment
Risk treatment can involve:
avoiding the risk by deciding not to start or continue with the activity that
gives rise to the risk;
taking or increasing risk in order to pursue an opportunity;
removing the risk source;
changing the likelihood;
changing the consequences;
sharing the risk with another party or parties [including contracts and risk
financing; and
retaining the risk by informed decision.
78. Risk Treatment
Risk treatment requires the risk assessment team or decision makers
to determine the options available, and their degree of risk
reduction, reliability, and associated cost to implement and maintain.
Feasible control options that may reduce or eliminate the risk from
the identified hazard(s) are identified using internal and external
resources.
Existing internal sources include the OSH professional, experienced
stakeholders and operators familiar with the hazard and control
methods. Input from affected workers knowledgeable in the
operation, equipment or process is advised.
External resources such as manufacturers' literature and engineering
reports; OSH-related research from institutes, and professional
organizations such as ASSE and AIHA; regulatory standards and
guidance; industry best practices; industry consensus standards;
National Institute for Occupational Safety and Health (NIOSH)
publications are also available.
79. Risk Treatment
Risk treatment plans can involve a single control or multiple risk
reduction measures to accomplish the risk reduction desired.
Concepts such as ‘inherently safe design’, ‘layers of protection’,
‘recognized and generally accepted good engineering practices’
and ‘safer technology and alternatives’ along with the hierarchy
of controls should be incorporated into the risk treatment plan.
Risk treatment selection requires a balancing of the overall costs,
and the financial and non-financial benefits, including legal and
regulatory requirements. This requires some investigation into
the suppliers of the risk treatment, and associated costs including
purchase price, installation, training, maintenance and services
costs, as well as the expected life span of the treatment.
Risks with extremely high severity potential, but low likelihood may warrant
risk treatment even when the costs of the treatment are not justified in a
typical cost benefit analysis.
81. Documenting and Communicating Risk
Risk assessment results should be well documented to
demonstrate the methods, communicate the results and to be
referred to and understood by different people at different times.
In ANSI Z590.3-2011, 7.12, Document the Results, it suggests
documenting the names, titles, and qualifications of the risk
assessment team, the methods, hazards identified, risks, controls
and follow-up actions.
A risk register is one well accepted method of documenting the
risk assessment and its results.
The Risk Assessment has little value if it is not effectively communicated to
all affected stakeholders. Communication must start from the beginning,
during the context phase throughout the process and include monitoring and
verifying risk reduction results.
82. Documenting and Communicating Risk
Risk Register
Case
#
Location Task
Hazard
#
Hazard
Current
State
Risk
Level
Additional
Controls
Completion
Date
Future
State
Risk
Level
1 QC Lab Plasma cutter 1.1
Electrical
Shock 14.00 Adm. 2/20/15 12.00
1 QC Lab Plasma cutter 1.2 burns 15.20
Adm.,
PPE 3/15/15 12.00
1 QC Lab Plasma cutter 1.3 arc flash 11.20 Adm. 2/20/15 9.80
1 QC Lab Plasma cutter 1.4 noise 19.00 Eng. 3/15/15 8.40
1 QC Lab Plasma cutter 1.5 fire 14.00 Adm. 3/15/15 12.00
1 QC Lab Plasma cutter 1.6 dust 11.20 Adm. 3/15/15 9.60
2 QC Lab
Weld
Destruct 2.1
ergo-
strains 14.00 Adm. 4/15/15 12.00
2 QC Lab
Weld
Destruct 2.2 vibration 19.00 Elim. 4/15/15 4.80
2 QC Lab
Weld
Destruct 2.3 noise 11.20 PPE 4/15/15 10.80
2 QC Lab
Weld
Destruct 2.4 struck by 15.20 PPE 2/20/15 14.40
2 QC Lab
Weld
Destruct 2.5 dust 16.00 Multi-Eng. 4/15/15 8.40
2 QC Lab
Weld
Destruct 2.6
struck
against 11.40 Multi-Eng. 3/15/15 6.30
2 QC Lab
Weld
Destruct 2.7
falls same
level 16.00 Eng. 3/15/15 11.20
3
Finishin
g Wash Station 3.1 hot liquid 9.00 Sub. 4/15/15 6.30
3
Finishin
g Wash Station 3.2
struck
against 14.25 Elim. 4/15/15 0.20
3
Finishin
g Wash Station 3.3
chem-
corrosive 11.20 Sub. 4/15/15 4.20
3
Finishin
g Wash Station 3.4
hot
surfaces 14.25 Elim. 4/15/15 2.10
3
Finishin
g Wash Station 3.5 mechanical 9.60 Multi-Eng. 3/15/15 4.80
3
Finishin
g Wash Station 3.6
ergo-
strains 11.20 Elim. 4/15/15 0.20