1 / 110

Incident Analysis and Risk Assessment: Preventing Future Incidents

This article explains the importance of incident analysis and risk assessment in identifying the causes of past incidents and preventing future ones. It provides a step-by-step process for conducting a risk assessment and offers recommendations for corrective actions.

rance
Download Presentation

Incident Analysis and Risk Assessment: Preventing Future Incidents

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Risk Assessment Road Map06/2009

  2. Has something gone wrong with a current activity? Or, are you considering a new activity?

  3. The Incident Analysis Approach

  4. Incident Analysis: Establishes a cause for an incident that has already happened. Focuses on analyzing the reasons for the incident and development of strategies to prevent future incidents. Risk Assessment: Focuses on identification of potential exposures to prevent incidents from happening. Breaks business decisions down into bite sized pieces to enable pre-planning for loss control and mitigation strategies. The Difference BetweenIncident Analysis and Risk Assessment

  5. If something has gone wrong with an activity, you may want to analyze the incident (what went wrong) before moving forward.

  6. Why Analyze Incidents? • To establish cause and prevents future incidents. • To determine ALL causes and contributing factors to the incident. • To identify corrective actions. • To assess the risks of future activities.

  7. Identify Systems Failures/Causes • Rarely a Single Cause. • Be Objective, Consistent. • Avoid Blame Finding. • Systems/Causal Factors. • Management • Equipment • Environmental • People

  8. Systems Contributing To An Incident People Management INCIDENT Equipment Environment

  9. Management • Policies & Procedures • Training & Other Resources • Accountability Practices

  10. People • Training • Level of experience • Moral or morale • Competency • Past incidents

  11. Equipment • Maintenance Records • Repairs • Modifications • Availability of Proper Equipment

  12. Environment • Distractions • Visibility • Conditions • Hazards • Terrain • Other Users

  13. Recommend Corrective Actions • Based on specific systems failures/causes. • Plan and recommend changes that will prevent further incidents of this nature. • Analyze the risks associated with the changes. • Follow up to ensure changes are instituted and maintained.

  14. The Risk Assessment Road Map Process

  15. What is Risk Assessment? A strategic approach to planning, at all levels and across all functions of an organization, that identifies exposures of activities and assists in making risk adjusted business decisions every day. GET RID OF SILOS

  16. What is the specific activity?

  17. What is Your Agency’s Appetite for Risk?

  18. What is a Risk Appetite? • Risk appetite is the degree of uncertainty an agency is willing to accept to reach its goals. • Risk appetite is a key factor in evaluating strategic options. • Risk Assessment helps management consider risk appetite when setting goals that align with overall agency strategy, and managing risks related to that strategy.

  19. Work with your agency’s management to decide: • What is your agency’s risk tolerance? • How much or what are you willing to risk to accomplish the mission or activity? • How much can your agency afford to lose in any one occurrence or in the aggregate?

  20. What Does Your Agency Do? (Mission, Goals, Objectives)

  21. Does the activity fit the Agency mission, goals, objectives?

  22. No If the answer = Take to management for consideration Move on Management decides yes = Stop Management decides no =

  23. Yes If the answer = What could go wrong? Who could be harmed? Make a list - write it down. These are your loss exposures.

  24. What could happen? • Could there be bodily injury, property damage or other liability exposures caused by this service or activity? • Is there any impact on workload? Could there be any damage to our systems?

  25. What is Risk? The danger or probability of loss.

  26. Loss Exposure Possibility of financial loss as the result of a particular peril striking a thing of value.

  27. Components of a Loss Exposure • The type ofvalueexposed to loss. • The perilthat causes the loss. • The extent of the potential financial consequences of that loss.

  28. Values Exposed to Loss • People • Property • Freedom from Liability (Alleged Wrongdoing)

  29. Perils Causing Loss Natural Perils: Human Perils: Economic Perils:

  30. Potential Financial Consequences Make sure that you don’t give away the farm!

  31. THINK ABOUT WHAT CAN GOWrong!

  32. Why is this important? An unrecognized loss exposure cannot, except by chance, be effectively managed. Is this your agency?

  33. Methods Of Identifying Exposures: • Previous contracts of similar type and their outcomes. • Standardized surveys/questionnaires • Financial statements • Records and files • Loss Reports/Claims • Flowcharts • Personal inspections • Experts

  34. Rate the Risks of Loss and Weigh the Value of Opportunities

  35. Rate the severity of the risk of each potential loss exposure. How bad can each loss be? What could it cost?

  36. Rating the Severity of Loss Exposures

  37. What is the likelihood that each of these potential loss exposures will happen?

  38. Rating the Likelihood of Occurrence

  39. Determine the risk rating/level of risk for each potential loss exposure. Severity Likelihood

  40. Risk Rating (RR) = Level Of Risk • E = Extreme Risk - involve senior management immediately, emergency situation, consider not doing the activity. • H = High Risk - management attention required for business and policy decisions, risk control, insurance types and limits, etc. • M = Moderate Risk - management should be kept informed of risk control, insurance types and limits, etc. • L = Low Risk - manage by routine procedures, insurance types and limits could be flexible.

  41. Now That You Have Rated The Risks Of Loss.…Think About The Value Of OPPORTUNITIES

  42. EXPLOITING OPPORTUNITIES • What opportunities will be missed if the activity is not done? • What is the upside and downside of these opportunities? • By considering the full range of potential events—rather than just risks—the risk assessment process ensures that management can identify and take advantage of positive events quickly and efficiently.

  43. Weighing the Value of Opportunities

  44. If RR = E or H Is the Activity Necessary? No If the Answer = Management Business Decision No = Stop Management Decides Yes = Move On

  45. For Each Thing That Could Go Wrong… What Tools Are Available To Manage the Risks?

  46. Statutory Immunities: Research Statutes Do any immunities apply to the activity? No = Move on to Loss Prevention/Risk Control Measures

  47. Statutory Immunities Yes If the Answer is: Do you have a legal opinion on statutory immunities? What are the limitations and/ or exclusions? No = Management business decision on legal opinion Yes = Move on to Loss Prevention/Risk Control Measures

  48. Loss Prevention/Risk Control Measures

  49. What are Loss Prevention/Risk Control Methods? • Avoid the risk altogether. • Prevent the frequency of loss. • Reduce the severity or cost of loss. • Segregate to prevent one event from causing loss to the whole. • Contractually transfer the risk.

  50. Avoid Exposure Entirely eliminates any possibility of loss. It is achieved either by abandoning or never undertaking an activity or an asset.

More Related