| One of the most critical steps of the risk | | | | appropriateness and effectiveness of the |
| management process is the instituting of | | | | instituted risk control measures. This risk |
| appropriate measures that will be used to control | | | | management committee should be sufficiently |
| the identified significant risks. There are a number | | | | empowered to be able to direct the adaptation of |
| of risk control strategies that can be followed. A | | | | new and more relevant risk control measures as |
| comprehensive and effective control strategy | | | | this becomes necessary. |
| often includes a combination of control measures | | | | Despite the fact that training is always a good |
| and mechanisms. No hard and fast rules can be | | | | investment it should never be viewed as a |
| given here as the exact control measure mix will | | | | method to control risks. No amount of training will |
| be determined by the situation prevailing at the | | | | be sufficient to avoid risks. The method utilised to |
| time. | | | | avoid risks should be to redesign the process and |
| When implementing a control strategy the | | | | remove the high risk portion form the process |
| prescribed hierarchy of control should be followed. | | | | rather than training operators to avoid exposure. |
| This just means that a set priority order of | | | | Control Strategies |
| control measures should be followed. | | | | Some controls are more effective than others. In |
| Hierarchy of Control | | | | the list following, the types of control strategies |
| The hierarchy or preferred order of selecting | | | | for reducing risk are listed in descending order of |
| control measures is contained in the International | | | | effectiveness. |
| Labor Organization Convention C176. This | | | | Terminate |
| convention stipulates as follows: | | | | One of the surest ways to control a risk from |
| - Eliminate any recorded risk; | | | | having a negative consequence id to terminate |
| - Control the risk at source; | | | | the activity that is associated with the risk. The |
| - Minimise the risk; and | | | | risk manager should ask the question whether the |
| - In so far as the risk remains-- | | | | high risk step on the process is really necessary |
| - Provide for personal protective equipment; and | | | | for the successful completion of the task. Very |
| - Institute a programme to monitor the risk to | | | | often it is realised that these steps can be |
| which employees may be exposed. | | | | terminated. |
| It is essential to recognize than no control is | | | | Treat |
| 100% effective. A fixed, automated fire | | | | In order to control risks a treatment strategy is |
| suppression system may work 92 times out of | | | | often the only practical solution. A typical |
| 100. A regular inspection program to check a | | | | treatment strategy would be to install sound |
| remote conveyor belt may identify an overhead | | | | silencers over machinery that generates high |
| idler 65 times out of 100. | | | | levels of noise. The noise is still there but cannot |
| The general guideline for critical controls is that | | | | have a negative consequence on employees as it |
| the more dependent the controls are on human | | | | is treated. The various methods of treating the |
| action the less effective they are when required. | | | | risk includes instituting engineering controls |
| At least two effective controls, sometimes also | | | | Transfer |
| called barriers are required for any critical risk to | | | | It is a valid control to transfer the risk to another |
| ensure an acceptable level of control. | | | | party. Other parties may be in a better position |
| Care should be taken not to just list standards | | | | to deal with the consequences of the risk. A |
| and codes of practice as existing controls. Just | | | | typical example of this is to be found in the |
| having a standard or a code op practice for | | | | insurance industry where the insured party cannot |
| example, is no guarantee that the hazard is | | | | afford to have a loss of say $ 1 000 000-00 but |
| sufficiently controlled to bring the risk down to | | | | the large underwriter can afford it as long as it is |
| tolerable levels. | | | | recovered over time in premiums paid. |
| Where a decision has been made to implement a | | | | Other parties may also be better positioned to |
| control measure, someone has to be responsible | | | | prevent the risks from realising at all. This is |
| for this and for reviewing its effectiveness. Due | | | | particularly true in technically complex industries |
| to the level of responsibility and authority allocated | | | | where the company can deliver the service as an |
| to managers and supervisors, they should be | | | | expert to the general industry type company, |
| responsible for the controls implemented in their | | | | examples are computer servers. |
| workplaces. | | | | Tolerate |
| Broadly defined, risk control techniques are | | | | From time to time it may be necessary to |
| designed to minimize, at the least possible costs, | | | | tolerate a risk. This strategy is a very complex |
| those risks to which the organization is exposed. | | | | and complicated intricate decision as some |
| Risk control methods, include risk avoidance and | | | | consequences of risk will never be tolerable. Here |
| the various approaches to reducing risk through | | | | one should typically look at the risk types that will |
| loss prevention and control efforts. The general | | | | cause disastrous consequences. |
| guideline for developing controls is that the more | | | | We all live with the fact that, for practical |
| dependent the controls are on human action the | | | | purposes, not all product, process or service will |
| less effective they are when required. On the | | | | be risk-free. How do we describe this state? Our |
| other hand, by redesigning equipment, processes | | | | first approach was to use the term acceptable |
| or the work environment the more reliable the | | | | risk. But we quickly rejected this term from the |
| risk reduction will take place. By eliminating | | | | philosophical point of view that no risk is |
| identified risks the required control measures | | | | acceptable, although the individual or society may |
| should less. | | | | choose to live with that level risk because of the |
| Should it not be possible to eliminate the risk it is | | | | perceived benefits. |
| always more effective and reliable to control the | | | | In practice we are always seeking to reduce the |
| risk at source. This implies that the risk is not | | | | risks and what would be acceptable to one |
| eliminated but rather arrested before it can have | | | | generation becomes unacceptable to the next. In |
| any negative impact. | | | | other words tolerable risk can be described as |
| If it is not be possible to eliminate the risk or | | | | risk which is accepted in a given context based on |
| control the risk at source, the control measure | | | | the current values of society. The concept of |
| developed and instituted should be aimed at | | | | tolerable risk has stimulated various methodologies |
| minimizing the consequence of the risk. This | | | | on how the risks reduction process is achieved. |
| implies that, in the event of the risk resulting in an | | | | This in turn led to a greater understanding of |
| undesirable consequence, the effect of the | | | | when a risk is tolerable in a safety context. |
| consequence should be minimised by the control | | | | Conclusion |
| measure implemented. | | | | It may be necessary to use more than one |
| The hierarchy of control requires that, in so far as | | | | control measure to manage exposure to risk in |
| the risk remains after having eliminated, controlled | | | | complex situations. Some control measure that is |
| at source and minimising the consequence of the | | | | lower on the hierarchy of control may need to be |
| risk, personal protective equipment should be | | | | used until a permanent solution can be achieved. If |
| issued. Should one issue all personnel with personal | | | | this option is taken it is extremely important to |
| protective equipment without considering the | | | | clearly communicate to all interested and affected |
| residual risk, it implies that the first three steps in | | | | parties that the solution is temporary. The |
| the control hierarchy have been ignored. | | | | communication should include a clear statement |
| On of the more important aspects of utilising this | | | | about the duration of the interim measures. |
| hierarchy of control is to institute a programme | | | | The primary problem with interim measures is |
| to monitor the risk to which employees may be | | | | that over time, they tend to turn into permanent |
| exposed. This monitoring programme should be so | | | | solutions. Extra care should be taken to prevent |
| designed as to provide regular feedback to the | | | | this. |
| risk management committee as to the | | | | |