Military + Civilian Best Practices: Risk Management ver 1.1

Risk ManagementOPD

By 1LT Alejandro Perez

Agenda / Presentation Flow Agenda / Flow Publications Introduction Risk Management Fundamentals Risk Management Process & Parallel Planning Summary------------------------------------------------------------------------- Group Exercise------------------------------------------------------------------------- Other References Definitions & Terms

Military PUBs FM 5-19: Composite Risk Management

Supersedes FM 100-14 ATP 5-19: Risk Management AR 385-1: The Army Safety Program DA Pam 385-30: Mishap Risk Management

Civilian PMBOK 5th Edition – Chapter 11: Project Risk MGMT

Publications

Introduction Risk Management applies across the wide range of Army

operations.

FM 5-19 explains the principles, procedures, and responsibilities to successfully apply the risk management process to conserve combat power and resources.

The manual helps all leaders develop a framework to make risk management a routine part of all tasks and missions.

Fundamentals

Leaders and Soldiers at all levels use risk management. Formally ( what this presentation covers) Informally ( natural human process)

It applies to all missions and environments across the wide range of Army operations.

Principles Risk MGMT, Planning, & Execution are “One”.

Risk management integrates into mission planning, preparation, and execution. TLPs – Troop Leading Procedure MDMP – Military Decision Making Process

COC & Risk Management Making risk decisions at the appropriate level in the chain of

command.

Do NOT accept Unnecessary Risk.

Apply to processes cyclically and continuously

Do NOT be risk averse. Do Risk MGMT, Complete Mission.

Risk management assists the Army leaders in—

Being Resourceful and Safe By Saving lives, conserving resources, and avoiding

unnecessary risk.

Improving Decision Making Making an informed decision to implement a COA (Course

Of Action).

Establishing Realistic Controls Identifying realistic and effective control measures where

specific standards do not exist.

Creating Alternatives Providing reasonable alternatives for mission

accomplishment.

Risk management does NOT- Create Inflexibility

It should inhibit the commander’s and leader's flexibility and initiative.

Eliminate Risk RM does not remove risk altogether, or support a zero defects

mindset.

Require a GO/NO-GO decision.

Sanction or justify violating the law.

Remove Standard Protocols Remove the necessity for standard drills, tactics, techniques, and

procedures.

5 Steps of Risk MGMT Cycle

Step 1. Identify hazards.

Step 2. Assess hazards to determine risks.

Step 3. Develop controls and make risk decisions.

Step 4. Implement controls.

Step 5. Supervise and evaluate.

5 Steps of Risk MGMT Cycle

Risk MGMT Cycle & Planning Risk Management Cycle and the Planning Processes

are integrated and continuous process in and of itself. TLPs MDMP

TLPs & Risk MGMT Cycle

MDMP & Risk MGMT Cycle

MDMP, TLPs, & Risk MGMT Integration

Risk Management - Assessment

Risk MGMT – Assessment Phase

Steps 1 and 2 = Assessment Portion Steps 1 and 2 together comprise the risk assessment.

Step 1 = Identify Hazards In Step 1, individuals identify the hazards that may be

encountered in executing a mission.

Step 2 = Impact of Hazards In Step 2, they determine the direct impact of each hazard

on the operation. The risk assessment provides for enhanced situational awareness. This awareness builds confidence and allows soldiers and units to take timely, efficient, and effective protective measures.

Risk MGMT – MGMT Phase

Risk MGMT – MGMT Phase Steps 3 and 5 = MGMT Portion

Steps 3 through 5 are the essential follow-through actions to effectively manage risk.

Leaders must Balance Risks against Costs & take Action In these steps, leaders balance risk against costs—political, economic,

environmental, and to combat power— and take appropriate actions to eliminate unnecessary risk.

Risk Assessment is Continuous During execution, as well as during planning and preparation, leaders

continuously assess the risk to the overall mission and to those involved in the task.

Evaluate Risk Management Process and Learn Finally, leaders and individuals evaluate the effectiveness of controls and

provide lessons learned so that others can learn and improve.

Step 1: Identifying Hazards

Identify hazards per task to people, property, and the mission.

Consider all aspects of past, present, and future problem areas.

Use all available tools and resources. METT-TC is the main recommended tool.

Record all Risks and Hazards in Risk Assessment

Types of Risks

Risks = The chance of hazards

There are 2 types of risks:

1. Tactical risk

“Enemies and their hostile actions and assets”

2. Accident Risk

“Ours and our friendly forces’ actions and assets”

Types of Hazards IAW OSHA SAFETY HAZARDS:

These are the most common and will be present in most workplaces at one time or another. Ex. Spills on Floor; unguarded machines; electric hazards

PHYSICAL HAZARDS: Are factors within the environment that can harm the body without

necessarily touching it. Ex. Radiation; ultraviolet rays; excessive exposure to sun light

BIOLOGICAL HAZARDS: Associated with working with animals, people, or infectious plant

materials. Ex. Blood; body fluids; Fungi; bacteria; viruses

Types of Hazards IAW OSHA ERGONOMIC HAZARDS:

Occur when the type of work, body positions and working conditions put strain on your body. Ex. Poor posture; improper chairs; awkward movements

CHEMICAL HAZARDS: Are present when a worker is exposed to any chemical

preparation in the workplace in any form (solid, liquid or gas). Ex. Vapors and fumes; flammable material; pesticides

WORK ORGANIZATION HAZARDS: Hazards or stressors that cause stress (short-term effects) and

strain (long-term effects) Workload demands; violence; intensity; disrespect; bad team work

dynamics

Top 10 Hazards in the Workplace

1. Overexertion Injuries his includes injuries related to pulling, lifting, pushing, holding,

carrying, and throwing activities at work. 

2. Slipping/Tripping he number 2 cause of workplace injuries, this pertains to falls

on wet and slippery floors or trips over something lying on the floor.

3. Falling from Heights This type of fall happens from an elevated area such as

roofs, ladders, and stairways. 

 Reaction Injuries These are injuries caused by slipping and tripping without

falling. 

Top 10 Hazards in the Workplace

5. Falling Object Injuries  Objects that fall from shelves or dropped by another person can

cause very serious injuries. Head injuries are a common result of this type of accident.

6. Walking Into Injuries  This happens when a person accidentally runs into concrete

objects such as walls, doors, cabinets, glass windows, table, chairs etc.

7. Vehicle Accidents  Employees who drive for business purposes are often injured in

auto accidents, some of which can be fatal.

8. Machine Entanglement These are injuries caused by slipping and tripping without

falling. 

Top 10 Hazards in the Workplace

9. Repetitive Motion Injuries This type of workplace injury is one of those less

obvious but definitely harmful ones in the long run.

10. On the Job Violent Acts Attacks caused by office politics and other arguments

have led to serious physical injuries. 

Basic Hazard considerations

Complexity and difficulty of the mission and their tasks.

Terrain and environment.

Weather and visibility.

Equipment on hand and status.

Time available for preparation.

Time available for execution.

Recommended Tool: METT-TC

Other Tools and Resources

Expert Judgment Your Professional Experience SMEs: Subject Matter Experts Safety Officer

OPAs (Organizational Processes Assets) Regulations Manuals SOPs Policies Prior Projects/Missions/Tasks

Data Gathering Accident data S-2 information

Simulations War-gaming What-if scenarios

Assessments METT-TC Assessment (FM 5-19 recommended) Readiness Assessment Prior Risk Assessment Training Assessment

Other Tools and Resources

Brain Storming

Diagrams & Analysis Assumption Analysis Cause and effect diagrams (Fishbone Diagram) Process/System/Logic Diagrams SWOT analysis Mapping techniques

After Action Reviews (AARs)

Other Tools and Resources

Result from Step 1

All subtasks and their respective hazards are inputted into the Composite Risk Management Sheet.

Step 2: Assess Hazards to Determine Risks

Hazards are assessed and risk is assigned in terms of probability and severity of adverse impact of an event/occurrence.

The end result is an initial Risk Assessment Matrix and update to Composite Risk Management Sheet.

Determine the Specified Level of Risk

Risk Assessment Matrix

Result from Step 2

All subtasks and their respective hazards’ risk levels are inputted into the Composite Risk Management Sheet.

Step 3: Develop Controls & Make Risk Decisions Create Plan of Action / Choose Strategies

Develop “Controls” The “What?” “Where?” When?”

Reassess Risks Residual Risks

Establish the “How to Implement” The “How”?

“Who will implement” The “Who”

Plan of Action / Strategies

“Avoid” Strategy = “Avoiding the Bullet” Acts to eliminate the threat or protect SMs from Risk

Impacts. Ex. Taking safer routes; creating non-asbestos buildings; avoid

handling radioactive material; setting up barriers to hazards; workarounds that avoid the hazard; etc…

“Transfer” Strategy = “Passing Down the Buck” Shifting the all or some of the risk impact to a third party

Ex. Having INF support; hiring civilians contractors; locating the FOB within an larger Secured Operating Base; acquire insurance policies; etc…

Plan of Action / Strategies

“Mitigate” Strategy = “Play It Safe” Acts to reduce the probability of occurrence or Risk

Impacts. Ex. PPE; setting up controls; putting signs of hazards;

providing safety briefings; providing training and schooling;

“Accept” Strategy = “Medic!!!” The decision to acknowledge the risk and unable to take

any action unless the risk occurs. Usually occurs when “Criteria for Effective Controls” cannot be met. Ex. Contingency plans; QRF Teams; Setup mortar bunkers by

tents; eye wash stations; CLS classes;

Types of Controls Educational / Awareness Controls

Are based on the knowledge and skills of units, organizations, or individuals. They include awareness of the hazard and control. Ex. Training; Briefings; email circulations;

Physical Controls take the form of barriers and guards or signs to warn

individuals, units, or organizations that a hazard exists. Ex. Signs; guards; barriers; controlled access;

Types of Controls Hazard Elimination Controls

include positive actions to prevent exposure through substantial reduction or the total elimination of the hazard.

3 methods: Engineering – ENGs & Units design equipment & work ENV Administrative – Exercise Breaks; rotations of work; Relief PPE- Personal Protective Equipment – Kevlar; eye pro; gloves

Criteria for Effective ControlsEffective control measures must specify who, what, where, when, and how.

Residual Risk Consideration Risk / Controls = Residual Risks

Residual Risk will Vary The residual risk for each of these hazards may have a

different level, depending on the assessed probability and severity of the hazardous incident.

The Highest Residual Risk is the Overall Residual Risk Overall residual mission risk is determined based on

the hazard having the greatest residual risk.

Residual Risk Consideration No Average Overall Residual Risk

Determining overall mission risk by averaging the risks of all hazards is NOT valid. If one hazard has HIGH risk, the overall residual risk of the mission is HIGH, no matter how many other moderate or low risk hazards are present.

Controls can only reduce Initial Risks of by only 1 level

Controls have only the ability to reduce a Initial Risk Level to a Residual Level by one level. Example, from a High to Medium or from a Medium to a Low.

“How to Implement Controls”

Macro Controls: Risk Management & Planning Ensure the integration of the Risk MGMT Cycle and the

Planning Processes (TLPs, MDMP)

Effective control measures must specify who, what, where, when, and how.

Plan and decide how each control implemented, communicated, and monitored. Ex. written or verbal instruction 10 days prior to mission;

tactical, safety, garrison SOPs reviews 30 days prior to actions, unit rehearsals 8 hours before mission at home station; continuous supervision during operation, before/during/after spot-checks, etc…

“How to Supervise Control Implementation” = Who

Effective control measures must specify who, what, where, when, and how.

Plan and assign responsibility of who will monitor the implementation of each control. Squad Leaders? NCOs? Officers? 1SG? Individual Soldiers? A combination?

Examples of Control Measures

Result from Step 3Controls, residual risk levels, “How to Implement” and How

to supervise are inputted inside the Composite Risk Management Sheet.

What?Where?When?

How? Who?

Result from Step 3 Cont. Ensure Risk Assessment is signed by the respective

Commander IAW Unit’s OPAs (SOPs, Regulations, Policy, etc…). Company CDR – Overall Residual Risk LVL – LOW Battalion CDR – Overall Residual Risk LVL – MEDIUM Brigade CDR – Overall Residual Risk LVL – HIGH

Step 4: Implement Controls

Dissemination of guidance and controls.

Officers, Sergeants, and Soldiers implement the controls.

Train the Trainers.

Implementation Considerations

Supervision Presence

The Unit’s Experience and Training

The Unit’s Morale

Endurance of the Soldiers

Result from Step 4Ensure the Composite Risk Management Sheet is

implemented

Step 5: Supervision& Evaluate

Meeting Standards Officers, Sergeants, and Soldiers are responsible for

executing risk controls to standards.

Reassess Controls & Hazards Any new hazards? Are the controls effective?

Follow Higher’s Guidance Take care of one another and make risk decisions

consistent with the higher commander’s guidance.

Supervision Cont.

Feedback Loop Risk management is a two-way street. Receive and

implement continuous feedback.

Learn

Update Composite Risk Assessment Sheet

Remember: All Risk Cannot be Eliminated The objective of managing risk is not to remove all risk, but

to eliminate unnecessary risk.

Result from Step 5Update the Composite Risk Management Sheet and

review the effectiveness of Controls.

Group Exercise

Gather into groups of 5

Review the Sample Composite Risk Assessment Sheet

Use this lesson and find deficiencies.

Instructor will call out on “Round Robin” basis of different groups.

Summary

Agenda / Flow Publications Introduction Risk Management Fundamentals Risk Management Process & Parallel Planning

Other References

https://www.osha.gov/dte/grant_materials/fy10/sh-20839-10/circle_chart.pdfAssess the hazards to determine risk.

http://arbill1.web11.hubspot.com/arbill-safety-blog/bid/160371/Workplace-Accidents-10-Most-Common-Workplace-Injuries

Definitions & Terms

Risk Management Defined

Risk management is the process of identifying, assessing, and controlling risks arising from operational factors and making decisions that balance risk costs with mission benefits.

Risk Management Process Risk management is the process of identifying and

controlling hazards to conserve combat power and resources.

There are 5 steps involved in risk management.

Risk Assessment Defined

Risk Assessment is the identification and assessments of an individual hazard or all identified hazards combined to complete a task or mission.

Risk

The chance of hazards or bad con-sequences; exposure to injury or loss. The risk level is expressed in terms of hazard probability and severity.

Tactical Risk

“Enemies and their hostile actions”

Tactical risk is risk concerned with hazards that exist because of the presence of either the enemy or an adversary. It applies to all levels of war and across the spectrum of operations.

Accident Risk “Ours and our friendly forces’ actions”

Accident risk includes all operational risk considerations other than tactical risk. It includes risks to the friendly force. It also includes risks posed to civilians by an operation, as well as an operations impact on the environment. It can include activities associated with hazards concerning friendly personnel, civilians, equipment readiness, and environmental conditions.

Hazard Defined

Any existing or potential condition that can cause injury, illness, or death; damage to, or loss of equipment and property; or degradation of the mission.

Risk Assessment Matrix Defined

Risk Assessment Matrix is often used to estimate the degree of severity and probability for each hazard.

Probability DefinedThe likeliness that an event will occur.

Frequent- Occurs often. Likely - Occurs several times. Occasional - Occurs sporadically. Seldom – Unlikely, but could occur. Unlikely – Probably won’t occur.

Severity Defined

Severity is the expected result of an event (degree of injury, property damage or other mission impairing factors.

Catastrophic Critical Marginal Negligible

SeverityCATASTROPHIC (I)Loss of ability to accomplish the mission ormission failure. Death or permanent totaldisability (accident risk). Loss of major ormission-critical system or equipment. Majorproper t y ( facility) damage. Severeenvironmental damage. Mission-criticalsecurity failure. Unacceptable collateraldamage.

Severity Type Defined

SeverityCRITICAL (II)Significantly (severely) degraded missioncapability or unit readiness. Permanentpartial disability, temporary total disabilityexceeding 3 months time (accident risk).Extensive (major) damage to equipment orsystems. Significant damage to property orthe environment. Security failure.Significant collateral damage.

Severity Type Defined

Severity

MARGINAL (III)Degraded mission capability or unitreadiness. Minor damage to equipment orsystems, property, or the environment. Lostday due to injury or illness not exceeding 3months (accident risk). Minor damage toproperty or the environment.

Severity Type Defined

SeverityNEGLIGIBLE (IV)Little or no adverse impact on missioncapability. First aid or minor medicaltreatment (accident risk). Slight equipmentor system damage, but fully functional andserviceable. Little or no property orenvironmental damage.

Severity Type Defined

Exposure & Controls Defined

Exposure is the frequency and length of time soldiers, equipment, and missions are subjected to a hazard.

Controls are the actions taken to eliminate or reduce the risks identified.

Residual Risk Defined

Residual Risk is the level of risk remaining after controls have been implemented. Controls are altered until the residual risk is at an acceptable level or until it cannot practically be further reduced.