A paradigm shift in risk management

Diagram 1_opt.jpeg

B4Risk is a concept that describes the proactive measures an organisation should institute to mitigate the severity of an impact as a result of the risk that realises. The underlying notion is that organisations are exposed to risks at every level of the organisation, from strategic level risk, operational or technological risk, disaster risk emanating from natural hazards to external risks such as global influences and, of course, the notorious ‘black swans’. In this thinking piece, I introduce a concept dubbed ‘B4Risk’, which introduces a conceptual risk mitigation model centred round the well-known quote by Desiderius Erasmus: “Prevention is better than cure.”

The variety of available risk assessment tools is such that there may be a number of tools potentially appropriate for a given circumstance, and the choice of which to use has perhaps become more a matter of taste (Reniers et al. 2005).

What does B4Risk entail?

Traditional models centred round risk reduction tend to focus on ‘reactive’ measures as opposed to ‘proactive’ measures. To delineate this point, I refer to the example of the Chilean mine shaft collapse of 2010.

On 5 August 2010, San José—a gold and copper mine in Chile, near the northern city of Copiapó—caved in, trapping 33 miners in a chamber about 780 metres below the surface. Initially, the miners attempted to escape through a ventilation shaft; however, the ladder was incomplete, rendering the miners at the mercy of emergency rescue efforts, which resulted in success some two months after the shaft collapse.

Organisations of all types and sizes face internal and external factors and influences that create uncertainty around whether and when they will achieve their objectives.

The effect of this uncertainty on an organisation’s objectives is defined as “risk”, according to ISO 310001.

The definition of B4Risk comprises “proactive measures that are designed and implemented by an organisation commensurate with its activities, products and/or services through positive integration of globally accepted tools and processes to obviate or reduce the magnitude of risks, should they realise”.
The diagram above was developed by Aurecon South Africa’s Risk Management professionals to depict the B4Risk concept.

The B4Risk concept is illustrated as a pyramid with three legs that represent strategic solutions, system solutions, and risk solutions. The legs rest on three spheres: enterprise risk management, integrated management systems, and integrated risk management. Each sphere shows the core elements that should be proactively developed into attributes of the organisation. These range from strategic level concerns through systems focused on health and safety, environmental, quality and asset (HSEQ&A), to areas of risk such as security, technological or project risk.

The problem

While it can be argued that many organisations develop and implement such ‘solutions’ for risk, the fact of the matter is that few organisations integrate them—which, in effect, creates silos, diluting the synergy value. To illustrate this point, consider a hypothetical example in the South African context, of a transport organisation (referred to as Org-A) comprising rail services, which takes measures to reduce the potential impact and likelihood of risks. Org-A identifies a need to address HSEQ&A risks and therefore aligns itself with internationally recognised management systems such as BS OHSAS 180012, ISO140013, ISO 90014 and ISO 550005, as well as a local standard SANS 3000-16. Org-A decides to develop each management system as an independent project, which results in five standalone management systems achieving ISO/BS/SANS certification.

The acceptability of the above scenario would no doubt be supported by many readers, as Org-A can now boast it is benchmarking against international and local standards. But there is a disconnect, in that management of risk is firstly managed in silos, with the added risk that impacts may be cross-cutting which have no redundancy built into the ‘solution’, ultimately placing Org-A in a questionable position, given the resilience capacity of Org-A to proactively deal with risks that transcend multiple aspects within the organisation.

To illustrate this, assume Org-A has a rail incident involving a locomotive derailing as a consequence of a collision with a maintenance crew. The impact of the collision causes fatalities, asset damage, release of diesel, and the loss and contamination of the commodity that was being hauled.

In this instance, Org-A has five separate emergency response procedures/protocols to enable, since each management system has a specific emergency preparedness and response mechanism designed to handle either a quality impact, asset impact, environmental impact and/or health and safety impacts.

It is prudent to reiterate that each management system was designed independently of the other systems. Consequently, the execution of the emergency response procedures has been designed to be resourced and executed in an uncoordinated manner.

It is such scenarios that emphasise the need to consider B4Risk solutions.

So how does B4Risk work?

Figure 2 overleaf depicts B4Risk as a matrix based on a four-tier approach, commencing with defining the boundaries, establishing a integrated context moving through a consultative process to applying the integrated solution.

The B4Risk Matrix is further governed by a dual system of ‘application’ vs ‘checking’. The rationale for the governing system ensures measures are in place to achieve the centrally common principle of all the management systems, namely ’continual improvement’.

Each of the B4Risk Matrix steps involve solutions that can be tailored to an organisation’s unique needs. However, as a basic high-level structure, the B4Risk Matrix is universally applicable to all organisations.

Concluding remarks

Risk management, in the truest sense, encompasses an even greater paradigm shift from reactive measures than those which underpin the notion that ‘prevention is better than cure’ (Van Wyk & Joyce, 2012). B4Risk is based on achieving a fundamental change in approach by proactively developing and implementing solutions, whether strategic, management system or risk-driven. Ultimately, reducing the magnitude of a risk will rely on the mechanisms and resources that an organisation has put in place.

Overwhelming evidence exists, indicating that preventing incidents is best achieved by implementing a management system designed to control losses (Germain et al., 1998).

It stands to reason that integrating a solution, or solutions, into a practical mechanism can reduce the magnitude of a risk, as an organisation would be equipped far better than not having addressed such a risk ahead of its occurrence.

B4Risk provides a proposed structured approach with a key focus on proactively developing and implementing measures to curb HSEQ&A risks.

Simon van Wyk (IRMSA Cert.)

Associate Risk Consultant

Risk Management

Environment & Advisory Services





comments powered by Disqus


This edition

Issue 29


TPM_Editor Don’t avoid risk, manage it better – SRK https://t.co/fTvan5fhkW https://t.co/rRE2vRrvqA 2 months - reply - retweet - favorite

TPM_Editor There's still time to secure your seat at the 2018 Tomorrow's Leaders Convention taking place at at Emperor's Palac… https://t.co/R26Vx9yviZ 2 months - reply - retweet - favorite

TPM_Editor High risk and complex infrastructure projects https://t.co/IQbvV4WQz8 https://t.co/l3GRmOYwcE 3 months - reply - retweet - favorite

  • Lucky Kgoete
  • Sabaka 'Kuvas' Muianga
  • Nicholas Naidoo
  • Naomza Serongoane