Effective management of each of the sources of operational risks (Risk and Operational Safety) requires different process capabilities, & in some cases a combination. These 3 abilities should be in place & function effectively as part of any EHS management system in asset-intensive & high-risk industries:
1. Incident Management (IM)-
Enables a closed-loop process for recording EHS incidents of any type which includes injuries, near-misses, property damage, & safety observations), investigating the incident & defining root causes, managing corrective and follow-up actions, and analysis & reporting.
Even though incident management seems to be a reactive process, its greatest strength is to assist organizations to learn from conflicts, & take action to prevent them in the future. Incident Management is a foundational capability for ORM & is often the first item on an EHS improvement roadmap. Incident Management applied to event-driven risks.
2. Management of Change (MOC)-
When changes of any kind occur in any aspect of operations, new risks (Risk and Operational Safety) are often introduced & are a frequent cause of incidents, including major process safety accidents such as the Deepwater Horizon accident. A Management of Change process enables staff to systematically identify, assess, & approve all relevant changes before they implement the modification. The Management of the Change process may branch to further risk assessment & corrective processes before approval and is applied to change-driven risks.
3. Risk Assessment (RA)-
A closed-loop process for identifying hazards in operations, analyzing & prioritizing the risks from these hazards (often by ranking them based on probability & consequences), implementing controls, & monitoring the ongoing effectiveness of those controls. The risk assessment (Operational Control Systems) process is usually part of proactive continuous improvement efforts in which production systems, facilities, and work areas are systematically reviewed to mitigate operational risks. Risk Assessment applies to performance-driven risks, as well as those driven by events & change.
