I’m the type of person who prefers my neighborhood hardware store over the big box home improvement places. Sure, there are fewer options, but that makes choosing easier. What’s more, the employees at my local store are infinitely more helpful, asking what I want and walking me directly to the tools I need.
Today’s post will help you better understand exactly the Risk Management tools you need for different situations. We’ll look at 3 essential risk models in your EHS or quality management toolkit: the bowtie, the risk matrix and the decision tree.
When to Use the Bowtie Model
The bowtie model helps you visualize the causes and effects of incidents that are rare but carry potentially disastrous consequences, often called loss of control incidents.
A few examples of how different industries use this risk model:
- Aviation companies use it to analyze plane crashes.
- Chemical companies use it to prevent chemical explosions.
- Oil and gas companies use it to look at oil spill risks.
So how does it work? At the center of the bowtie is your loss of control incident, let’s say for example an oil spill. On the left side of the bowtie you have preventive controls, which would include things like well control equipment, maintenance procedures and operator training.
On the right side of the bowtie are your recovery controls, which outline how you would mitigate the effects of the event if it actually occurred. These would include your containment equipment, oil spill response plan and relief well plan. Essentially, all the things that will help you contain the crisis and prevent further escalation.
When to Use a Risk Matrix
A risk matrix is used when you need to quantify the risk associated with a particular risk item. This tool plots the likelihood and potential impact on a simple color-coded chart.
Assigning numerical values to differing levels of frequency (likelihood) and severity (impact) allows you to quantify the risk level associated with a given process or condition. When the calculated risk exceeds pre-defined levels of acceptability, companies should add more controls or explore an alternative method.
Examples of when you might choose to use a risk matrix include:
- Verification that a Corrective Action has reduced risk to acceptable levels to see if you need to take further action.
- Analyzing the risk associated with various steps in a job procedure during Job Safety Analysis (JSA) to determine whether to use additional safety controls.
- Quantifying the risk associated with a food processing step to determine if a Critical Control Point (CCP) is needed.
- Evaluating regulatory compliance gaps to prioritize implementation of new controls.
When to Use a Decision Tree
A decision tree looks like a flow chart and typically can take one of two forms: 1) exploring the outcomes of various alternatives or 2) providing a set of questions to help people make the right choice.
In the first example, companies use decision trees to quantify the costs and consequences of different modes of action. Each possibility branches out into further possibilities until you reach defined endpoints, often with a total cost assigned to each outcome. Companies use this type of decision tree, for example, when exploring a new initiative or mitigating risk during change management efforts.
The second type uses a succession of yes or no questions to help people apply company policies to a situation. For example, companies could create a decision tree for determining when and how to apply confined space entry procedures, which might depend on whether the hazard has already been assessed and whether there are lock out/tag out considerations. Each question would be a different node on the decision tree, where the endpoint tells the person how to handle the situation.
Using the right tool can make all the difference when it comes to mitigating risk. With the right tools—whether it’s a risk matrix, bowtie model or decision tree—you can improve the quality of decision-making at your company, using risk as a universal measuring stick.