How To Determine “Acceptable” Risk

Start with these best practices in assessing risk, direct from UL experts.

Noted science fiction writer Ray Bradbury, author of Fahrenheit 451, once said that living at risk is jumping off the cliff and building your wings on the way down. Accordingly, we are all building wings. In fact, anyone involved in risk management will tell you that risk is always present, that we are all living at risk; the goal is to reduce it to an acceptable level.

Risk explains the likelihood and consequences of a hazard. ISO 12100 defines it as the probability of occurrence of harm and the severity of harm. Risk assessment is the overall process of identifying all the risks to and from an activity and assessing the potential impact of each risk. It determines the potential impact of an individual risk by measuring or otherwise assessing both the likelihood that it will occur and the impact if it should occur. Then it combines the result according to an agreed-upon rule to give a single measure of potential impact.

“Risk gets ranked,” says Kevin Connelly, business development manager, energy and industrial systems at UL. “UL recommends using a published method of ranking; there are many of them. Some organizations may have proprietary methods. But if you are just starting out, it’s not necessary to develop your own.”

The standards that refer to risk assessment are legion. They range from industrial standards such as EN-ISO 13849 or ASME A17.7, to process standards, financial standards, or simply good engineering practices. All these dictate risk assessment.

Of course, taking steps to protect workers and business, while complying with applicable laws, are crucial to an organization’s ability to operate and compete in today’s competitive, global economy. Whether a machine builder or an end user, focusing on risks that can cause real harm will have the greatest impact on business operations and procedures, and can also provide cost savings. But where does one start? What standards apply? How do you know where and what to look for? What processes do you use?

Connelly refers to a flowchart contained in ISO 14798, a standard that establishes general principles and specific procedures for assessing risk, as a good starting point for best practices in risk assessment process development.

Here is a sequential synopsis:

  • Determine the reason for risk assessment.
  • Form the risk assessment team.
  • Determine the risk assessment subject.

-  Identify scenarios, harmful event causes, and effects.
-  Estimate risk.
-  Evaluate risk.
-  Assess risk mitigation.

  • Reduce risk.

“The process is iterative,” says Connelly. “You must periodically go back and assess whether the risk is acceptable.”

Behold the Saw Blade
Consider the risk assessment process for a common industrial item: the saw blade. Can the saw blade be a hazard? With dismemberment as a possible outcome of use, the answer would have to be yes. This answer gives us a valid reason to trigger the risk assessment process.

“Probably the most critical step in the risk assessment process is next: the development of the team,” says Connelly. Consider the following points in this step:

  • The team should be multidisciplinary in order to analyze and assess all risks.
  • It should take into account the systems involved in the risk being assessed: chemical, mechanical, electrical, and so on.
  • Communication must be a point of emphasis within the team. Success is directly related to how well the team communicates within itself.
  • Members need to understand that risk assessment is a process, not a one-and-done task. Work must be reflected upon and revisited to assure the validity of risk mitigation over time.

When estimating risk, it is important to lead with severity. This provides focus to the work. ISO 14798 estimates risk in four categories:

  • High: results in death, system loss, or severe environmental damage.
  • Medium: results in severe injury, significant occupational illness, or major system or environmental damage.
  • Low: results in minor injury, minor occupational illness, or minor system or environmental damage.
  • Negligible: will not result in any of the above.

Probability is the other factor to consider. Five levels of probability are typically cited in risk estimation:

  • Highly probable: likely to occur frequently
  • Probable: likely to occur several times in the lifecycle
  • Occasional: likely to occur at least once in the lifecycle
  • Improbable: very unlikely to occur in the lifecycle
  • Highly improbable: probability cannot be distinguished from zero

Perform the risk evaluation by estimating the probability of risk against the severity of its outcome.

From this comparison, develop classes of risk:

At this point the question must be posed: is the residual risk as low as reasonably possible? According to these measures, the saw blade has a Class II severity and, without measures, a probability of A. Perhaps a light curtain is an option. This may reduce the probability from A to B, but the risk level remains Class I, so further measures are required. The team considers guarding as an additional measure. This may reduce the probability from B to C, but the risk level still remains at Class I. (Remember, the severity is constant in this case.) Further measures are still required.

So the team adds interlocking. This reduces the probability to D, and now as 2D the saw blade is reduced to a Class II level risk. This is still not the Class III that all risk mitigation aspires to, but a mitigation that may be sufficient. As a Class II risk, review will continue to be required on a periodic basis, but certain hazards may be considered acceptable as Class II risks, based on community standards and industry practice.

“When you believe the risk has been sufficiently mitigated, the risk assessment is essentially complete,” says Connelly. “The team has to discuss the case and agree, and periodically they will have to revisit the case.”

Risk Assessment and Asset Owners
Connelly says that asset owners need to pay close attention to any risk assessments they receive. “Responsibilities for risk can be transferred to the asset owner or integrator,” he says. For example, it may be assumed that machine guarding is installed at the end of an installation. Who is responsible for that? The risk assessment may assume proper maintenance. But who is responsible and how frequently? What about testing? How and how often will that occur? Additionally, required training is an important issue.
“The risk assessment doesn’t eliminate risk,” cautions Connelly.“ A smart asset owner will always review the process and conclusions.” Risk assessments should be reviewed periodically because of the many factors that may have changed and impacted the initial assessment, such as product, process, environmental, and regulatory issues.

Connelly concludes with four best practices for anyone considering risk assessments:

  • Review the risk assessment closely.
  • Review every change since the last review.
  • Review any additions to confirm they do not affect the risks.
  • Ensure that maintenance/repair operations haven’t affected the risks.

After all, you wouldn’t want a saw blade severing the wings you are building.

To view a recorded webinar on this topic, titled “Risk Assessment: Best Practices in Assessing Risks,” please click here.

Have an Inquiry for Siemens about this article? Click Here >>
 
 

4 Comments on “How To Determine “Acceptable” Risk

  1. We are slowly and painfully, yet surely coming out of a Great Recession. Sadly, it is not a unique event, worse than most, and not as bad at the Great Depression. Is it not time that thoughtful men and women come together and assess in a surely passionate, but honest group the “Risk Assessment” and then propose and have implemented reasonable things that must be done to reduce the frequency, severity and mitigate the effects?

    Who should be on the team? Industrial experience demonstrates that it is not the smart design engineer nor the operator on the midnight shift who has the answer, but rather that each brings a valuable perspective and intelligence; the sum of the team is greater than the parts. So the Economic Team should for example include economists, business people, labor union staff, the “common man”, and dare I say, politicians, too.

    The informal process of patchwork policies has not worked.

  2. To me, this article is very helpful conceptually in laying out a systematic approach to managing risk, but the article contains so many errors and inconsistencies that much careful thought is needed to deduce what the writer intended to say. For example, (1) in the table column ’4-None’ row ‘C-Occasional’ it should say 4C not 3D; (2) the statement ‘the saw blade has a Class II severity’ is wrong and confusing–first of all, the saw blade is severity level 1, not level 2, and secondly, severity is a level–not a class–and mixing these terms is confusing; this same mixup of terms occurs several more times in the same paragraph; (3) The statement that interlocking ‘…reduces the probability to D, and now as 2D’ is in direct conflict with the preceding statement that ‘Remember, the severity is constant in this case’: If severity is constant, it cannot change from level 1 to level 2.

    Otherwise, thank you for the article.

  3. The saw-blade is an interesting example. But the way to deal with the hazard is to remove the risk to ones self and transfer the risk to a tool. That was done in a Nisan plant, by means of a rule requiring the use of a “push stick” with the saws, to keep the operators hands away from the saw. It was not a suggestion, it was a rule. The result of following the rule was that the push stick could be accidentally cut, with very little unfavorable consequence. The probability was also reduced slightly. SO it was a very good and quite cheap way to reduce the risk.

  4. Good article on risk. However, there is one element missing in most articles on this subject. There are two fundamental approaches to risk assessment. The one presented here, and the one most often presented, is based on assuming some ‘acceptable level’ of risk and then comparing it to the results of the risk assessment. If the level determined by the assessment exceeds the ‘acceptable level’ then work is done to improve things until the assessment is below the ‘acceptable level’. People who approach risk in this manner make good reliability engineers.

    However, there is another approach taken by other people and this approach says, ‘if the undesired event occurs what will my magnitude of regret be?’ If their ‘magnitude of regret’ is high then there is no ‘acceptable level’ of risk for them. These people make the best safety engineers.

    Now I believe this difference in approach is not something learned but something coded into the genes of each group and it leads to an interesting conundrum. If a product is reviewed by the reliability engineer and the safety engineer and it is below the reliability engineer’s acceptable level, but the magnitude of regret is above the safety engineer’s magnitude of regret level there is no way for them to reconcile the issue. Although they may think they are arguing about the event their discussion will be driven by their gut instincts even though they may not realize this is happening.

    The net result is that because they are probably at the same level in the organization the question will be given to some overweening manager who will make an arbitrary decision based on financial considerations and the best analysis in the world might as well never have been attempted.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>