on Risk & Safety

A listing in reverse chronological order of articles by:

Greg Hutchins (editor) — CERM Risk Insights series

Doug Lehr — Equipment Risk and Reliability in Downhole Applications series

Sanjeev Saraf — Operational Risk, Process Safety series

Cover Your Assets and Plausible Deniability

Guest Post by Ed Perkins (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

In an earlier post [1] we looked whether ‘plausible deniability’ was now a dead strategy in the face of enterprise risk management (ERM) and the likely impact of the US SEC (Securities and Exchange Commission) guidance [2] regarding disclosure obligations relating to operational and cybersecurity risks and cyber incidents. The SEC noted that “a number of disclosure requirements may impose an obligation on registrants to disclose such risks and incidents. [Read more…]

by Greg Hutchins Leave a Comment

Fixing Audit Findings

Guest Post by John Mason (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The audit is finished, the exit meeting conducted and the audit report has hit your desk. As discussed, there should be no surprises, there should be correctly categorized findings, and specific examples.

Now you have 3, 6, 9 or 12 months in which to fix them.

If you have findings that have to be addressed within 3 months, then you have got a nonconformity or a major corrective action (of course the names are different for every certification service provider). [Read more…]

by Greg Hutchins Leave a Comment

Requirements Development and Risk Management

Guest Post by Paul Kostek (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

One of the keys to a successful project is having a set of requirements that are well defined and stable. We’ve all worked on projects where a lack of defined and controlled requirements has led to scope creep which result in schedule delays.

The requirements development process must also include mitigations for the risks identified in the Risk Management Plan. To accomplish this the initial risk assessment must be completed before the requirements development process begins. [Read more…]

by Greg Hutchins Leave a Comment

Human Factors and Risk

Guest Post by Paul Kostek (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

There is an aviation old joke that in the future the airplane will have a crew of two, a pilot and a dog. The pilot to feed the dog and the dog to bite the pilot if he tries to touch anything.

I started this article after reading about United Airlines plan to bring in all 12,000 of its pilots for additional training outside of their normal training schedule. This was being done as a result of several incidents that raised concerns about pilot response to failures. [Read more…]

by Greg Hutchins Leave a Comment

Common Sense Essentials to Great Design

Guest Post by John Ayers (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

There are many design rules of thumb I have heard over the years. For example: KISS (keep it simple stupid); make it idiot proof; be realistic with tolerances; do not make assumptions that are not realizable (zero gap for instance); and many more. The most important rule of thumb I have experienced is “common sense”. To illustrate my point, I have a few examples that are below. [Read more…]

by Greg Hutchins Leave a Comment

Unintended Consequences of Risk Reporting

Guest Post by Geary Sikich and Joop Remme (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Introduction

In this article we posit three questions. The first question is: “Is it a social responsibility of companies that they undertake a comprehensive risk assessment?” The second question: “Does the notion of conscience and its application to the generation and use of risk information and information in general, create an obligation for the organization to disclose the results of the comprehensive risk assessment?” The third question “How do the people in the organization communicate the information from the comprehensive risk assessment to stakeholders and yet preserve security and protect the organization?” [Read more…]

by Greg Hutchins 2 Comments

Can You Calculate the Probability of Uncertainty?

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Many aspects of risk management are deeply rooted in mathematical formulae for determining probability. This heavy dependence on mathematics to determine probability of risk realization may create “false positives” regarding a risk that can be either positive or negative. There is also a limitation on how much data can be gathered and assessed in respect to the development of the probability equation regarding the risk being assessed. [Read more…]

by Greg Hutchins Leave a Comment

Minimizing Career Path Risk

Guest Post by John Ayers (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Some people say take what you love in college. Problem is, not too many high school seniors know what they love. Others say college should be an intellectual journey. Problem is many degrees will not prepare you for the real world in terms of making a good living. I believe college is to prepare you for a career which can support you and a family down the road. If important, intellectual studies can take place outside of work using the internet. [Read more…]

by Greg Hutchins Leave a Comment

US Government ERM Requirement Finalized

Guest Post by Greg Hutchins (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

We’ve been discussing how ISO 9001:2015 has adopted Risk Based Thinking that will impact 1.2 million companies. ISO 14001:2015 will impact 400,000 companies. Now, government agencies are adopting and putting into statute risk management.

We’ve been talking up the fact the US government is requiring Enterprise Risk Management (ERM), specifically Office of Management and Budget Circular OMB A 123, of all US departments. This is a game changer for federal agencies. In this article, we’ll look at some of the significant changes in ERM for Federal agencies. [Read more…]

by Greg Hutchins Leave a Comment

The Nine Circles of Planning Hell

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The Nine Circles of Planning Hell (Adapted from Dante’s Inferno)

Introduction

Inferno, the first part of Dante’s Divine Comedy that inspired the latest Dan Brown’s bestseller of the same title describes the poet’s vision of Hell. The story begins with the narrator (who is the poet himself) being lost in a dark wood where he is attacked by three beasts which he cannot escape. He is rescued by the Roman poet Virgil who is sent by Beatrice (Dante’s ideal woman). Together, they begin the journey into the underworld or the Nine Circles of Hell. [Read more…]

by Greg Hutchins Leave a Comment

Supply Chain Risk Management is the Hot New Career

Guest Post by Greg Hutchins (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The idea of supply chain risk management has been around for about 10 years. It is only in the last 5 years, that it has become popular. We are still at the early stage of supply chain risk management adoption and deployment.

In terms of total dollar amount, external suppliers provide a significant portion of a manufacturer’s product. For U.S. firms, 50% to 80% or more of the final price of a product can be the cost of purchased goods. In Japan, it can be even higher.

For these reasons, any supply disruption can kill a supply chain. As a result, supply chain risk management is now critical to a company’s competitiveness. [Read more…]

by Greg Hutchins Leave a Comment

It Is All About Survivability

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

If you want senior management to pay attention give them something that challenges their focus – and understand that their focus is not on how many computers you have or RTO, RPO stats. It is on business survivability – will we be in business tomorrow given the issues that we face today. [Read more…]

by Greg Hutchins Leave a Comment

Altered States: Risk Perception After the Event

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Heightened Awareness or Reactive, Backwards Looking?

From financial crises to energy catastrophes to earthquakes and threats of terrorism, we hear a lot about events that challenge our ability to identify and manage risk.

Unfortunately, some of the things that emerge from many of these events are reactive regulatory rules and requirements. [Read more…]

by Greg Hutchins Leave a Comment

Are You Playing Asset Roulette?

Guest Post by Keith Ridgeway (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Did you know on average around 30% of all organisations do not know what they own, where their assets are located or who is using them; and over 65% of information recorded on asset registers is incomplete, inaccurate or even missing. What’s more concerning is a number of these assets may not be statutory compliant e.g passenger/good/DDA lifts, fire, gas, pressure asset etc. [Read more…]

by Greg Hutchins 1 Comment

Black Swans, Grey Swans, White Swans

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

We hear a lot about things that are being called “Black Swans” today thanks to Nassim Taleb and his extremely successful book, “The Black Swan: The Impact of the Highly Improbable,” now in its second edition. I have written several articles centering on the “Black Swan” phenomenon; defending, clarifying and analyzing the nature of “Black Swan” events. And, I am finding that wildly improbable events are becoming perfectly routine events. [Read more…]