Does your EHS Software System Speak Risk? How Risk is Applied to EHS
In previous articles, we've talked a lot about Risk Assessment and Risk Management. And with good reason - Risk is fast becoming the strongest and most comprehensive way to benchmark compliance, make more informed decisions, and enhance visibility into areas of improvement within the organization.
For Quality Management and Compliance, this is a common trend, but what about Environmental Health and Safety Management? Risk is equally as important in EHS processes, and can help drive better compliance to initiatives in tracking and improving safety within the organization. According to a recent report by Aberdeen Research, risk plays a large part in EHS Compliance:
These metrics show that risk is a growing factor in how organizations perceive their EHS compliance, and how they build their EHS processes. The question then becomes, "Where can we build in Risk Management Software tools into common EHS processes?" Here are just a few examples:
1. Risk Coupled with Incident Management Filters Critical Events: As safety professionals know, EHS systems most commonly have a way of tracking adverse safety events - "Incidents". Incidents can take many forms, whether Injuries or Illnesses; Fires or Explosions; Chemical spills or Hazardous Materials; the list goes on. As part of compliance, it is important to record incident data thoroughly and collect as much information as possible. This is partly good business practices, but also is a requirement of many regulatory reporting initiatives, such as those mandated by OSHA. Risk can be a critical factor in further identifying incident data. Using Risk Assessment, safety managers can filter incident data by risk factors such as severity or frequency. Risk matrices can help to make better decisions on how to handle incidents. More critical incidents rise to the top of the list, and have more importance than less critical events. This enables the safety team to address the more important issues within their Incident Management program.
2. Risk Provides Consistent, Quantitative Benchmarking for Job Safety/Hazard Analysis: Using Risk to ensure safety is not only beneficial as a reactive approach, but also in proactive planning. A good example is in Job Safety Analysis (JSA). JSA takes a job description, breaks the job to its individual steps and inputs the potential hazards of those steps. It then implements controls for these steps and seeks to improve the safety of a job at the most basic level. Risk is a prime way to assess the safety of job steps in a JSA. Leading JSA programs will look at the potential hazards and assign a risk level to those hazards. Then, by implementing a series of Personal Protective Equipment (PPE) and controls, they can seek to reduce the overall risk of that step. By reducing the risk within each step, you've automatic reduced the risk of that job as a whole. Risk is a great way to quantitative measure and benchmark Job risks in a systematic way.
3. Risk Can Provide a Quantitative Measure of Effectiveness in Corrective Action: In much the same way risk can be used to filter the level of action to be taken on an incident, it can also be used to determine if a Corrective Action was truly effective. As part of the Corrective Action process, a root cause analysis is designed to investigate the incident. The Corrective Action phase puts measures in place to correct the systemic issue, and Verification and effectiveness seeks to prove the corrective action worked. Risk in Corrective Action can be used as a way to benchmark effectiveness by measuring residual risk from a corrective action. By Measuring the residual risk, organizations can analyze the corrective action to determine whether the action taken reduced the risk of recurrence to acceptable risk level. The Corrective Action may have been effective, but if it still poses a high degree of residual risk, then it wasn't effective. Risk is a good way to "double-check" a Corrective Action before it is completed.
4. Risk Provides a Common Reporting Framework for the Enterprise: We've heard it all before - organizations are happy to be automating and streamlining their EHS processes, but if they cannot report on the data and affect change, then they've only completed half the journey. True Enterprise EHS systems provide valuable data, from the shop floor to the top floor. At the operational level, common EHS metrics are valuable, but at higher levels in the organization, it becomes meaningless jargon at some point. Executives speak Risk, plain and simple. They can effectively make decisions based on the top risks to the organization, and affect change based on this risk data. This is why Enterprise Risk Management (ERM) is such a valuable asset in an executive's toolbox. By translating EHS data into a common Risk element, EHS Managers can affect change within their department by illustrating where the top risks are and drill-down from there. Risk reporting is becoming a universal method for interpreting data, and spans the enterprise.
For many organizations, Risk Management drives decision making. EHS Management Systems can benefit from implementing elements of Risk Management and Risk Assessment, to help streamline their operations, provide better decision-making capabilities, and to increase visibility to the enterprise.