Scaling Bowtie Registers and Critical Controls with Register Types
Businesses that are moving to a critical control management approach encounter a key challenge in propagating the approach downward (particularly for larger businesses with upstream and downstream divisions and multiple business units).
The risk specialists often sit at a higher level within the business. They develop the risk assessments, identify the Major Accident Events (MAEs), and set the critical control assurance frameworks needed. But the risk profile itself (which gives rise to the MAEs) reaches throughout the business, right down to local site level.
What often results is a sticky change management process of getting the local sites to take ownership of their risks and critical controls.
The new Master Bowties functionality in RiskView goes a long way toward resolving these pains. Bowties can be developed and standardised at a higher level within the business, and the local owners of risk then “pull down” their local version of the risk.
This approach will work well for many businesses. For some, however, the reality is that local risk owners are rarely equipped with the resources and time to manage risk. A good example would be a mining business with its own logistics or multimodal facilities: the site may only operate a few days out of the week (when a shipment is due), and there may only be a handful of company personnel on site for that time.
In a case like the one above, even managing a local copy of a standardised bowtie will be pushing resources to their limit. More importantly, it may not always be the right focus point: for example, if there is a principal hazard relating to vehicle traffic collisions, and that risk is well defined at a regional level, why does every part-time depot need to develop a unique register from the available Master Bowties Surely the time would be better spent focusing on the actual critical controls that have been identified for that hazard?
This is the alternate approach that the new Register Type functionality will support. It is designed for businesses where there are many sites, depots, departments and other business units that have a common risk profile. It works particularly well for businesses where there is a safety case, principal hazard management plan, or other standardised critical control management approach which resides at a high level within the business.
If the safety case (or other kind of documented approach) has already determined which MAEs and risks are present across a division of the business, there is little to be gained by having local site managers re-engineer and re-design the risk assessments within. The critical controls have already been identified and approved by the Regulator (or by the Board). What the local site people need is a clear understanding of what critical controls to audit (and how).
The functionality works by having a new definable entity called Register Type. The Register Type has a number of properties associated with it: principally, the Register Type will define the Master Bowties and critical controls which are present in that type of register. Take the example of an explosives distribution business: there will be many depots within one region of the business, and each depot will have a standardised list of the critical controls that are present in their operation (e.g. magazine access controls, pre-start checks, etc).
Rather than create a series of registers for each depot, and then populating each depot register with bowties, the Register Type will allow RiskView users to link to a standardised set of bowties and critical controls. The site is then presented with their list of critical controls and the control assurance program they are expected to implement.
This process will also intersect with the Master Bowties functionality, particularly if there are larger sites which have the risk expertise to flesh out their risk profile and assurance programs in more detail.
From a setup perspective, the initial legwork is the same for the Register Type approach. We still need to conduct a risk assessment and populate the bowtie diagram. We still need to define the relevant Major Accident Events, and identify the Critical Controls. We still need to develop Performance Standards for auditing those controls, and specify when and how the audits will take place.
From there, the Register Type becomes the vehicle for pushing the Master Bowties and Critical Controls down consistently to the site level. One or more Register Types are defined for key areas of the business. The Register Type has properties such as Critical Controls nominated. The site registers are then linked to the Register Type.
Verification activities (audits) then proceed in the same way that they would if all the risk bowties were present in each register. The Verification Templates can sit at the top level of the business or at an intermediate level.
The local site manager’s role in the process starts when he or she receives the Critical Controls list from the Register Type. Their work then includes identifying and managing the audit work that goes along with each critical control.
This allows for a more efficient distribution of the critical control management approach downward. The risk expertise can reside at the top level of the business, with the entry point for site managers being the critical control assurance program, and the entry point for site personnel being the audit email notification they receive.
To summarise some of the benefits that the Register Type functionality will bring:
- Allows the business to identify risks at the high and intermediate levels within the business (where the high-level risk expertise resides), and easily define where those risks exist in sites or registers below (where the local control expertise resides).
- Supports rapid site-specific implementation of critical control assurance frameworks based on top-down expertise
- Prioritises the required time and resource commitment required from site managers, by allowing them to focus on the relevant risks and critical controls rather than re-inventing the underpinning risk assessments (e.g. unnecessarily maintaining their own unique risk assessments when all they really need to manage is their critical control assurance work).
- Accelerates the adoption of a critical control management approach for a business that already has well-defined MAEs and critical controls.
- Provides a framework for developing a critical control management approach for a business that does not already have well-defined MAEs and critical controls.
The Register Type functionality will be released in the coming months for all RiskView users. The Master Bowties functionality will be available in a prior release.