• Alana Bruce
    3
    https://www.sitesafe.org.nz/globalassets/products-and-services/sssp-v12017/print/sssp-site-job-hazard-and-risk-register-print.pdf

    My query is this: Where are the explanations/key of: Critical, High, Moderate, Low and very low used in the Risk Assessment Matrix? (see attached link).
    Say a risk has been identified as critical, hierarchy of controls are applied and the residual risk assessment is now moderate – what does this now mean?
    In blue to the left of this risk assessment matrix the word moderate has been used to describe the severity of the injury/illness.
    Does the word moderate mean the same as in seen in orange?

    I would be interested in your feedback. If there is an actual guide on how it is applied with explanations of the above, please let me know. Or if you use something else that is not too complex, I would be interested too. I cannot see a recommended matrix to use.

    Thanks,
    Alana
  • Tony Walton
    129
    Great question Alana, will be interested in what others think. Yes there are a few important things missing on the example you showed. But how, out of the hundreds of risk matrix scenarios one finds on Google Images, do you choose as most appropriate to fit the risk profile of your organisation. Here's a Code of Practice that might help you. https://www.safeworkaustralia.gov.au/book/model-code-practice-how-manage-work-health-and-safety-risks
  • Andrew
    404
    I think they ran out of colours.
    Critical = red = top priority to work on
    High = Maybe could be pink = second priority
    Moderate = Orange = third priority
    low = green = fourth priority
    Very low = lets make it a brown colour = lowest priority

    There is also a shortage of words. Rather than repeating the word "moderate" in the left hand column they could perhaps instead use the word "severe".

    Someone at SiteSafe needed to give some more thought to their matrix - and they have the cheek to charge for their expertise.
  • Chris Hyndman
    71
    In blue to the left of this risk assessment matrix the word moderate has been used to describe the severity of the injury/illness.
    Does the word moderate mean the same as in seen in orange?


    In a nut shell no, the blue Moderate is solely linked to the hazard (e.g. fall from height) whilst the orange Moderate is the combination of both severity of injury and likelihood of it occurring, or the Risk Rating, which could have been better worded as being medium rather than moderate maybe.

    There are other risk Matrix out there, some with number ratings or some with just colours, but they are all reliant on you knowing what the companies appetite for risk is. Here's an example of what may be the approach if the hierarchy of control has already been applied and no further controls are available (residual Risk)

    Critical - Job does not get carried out.
    High - Work only carried out under permit conditions, high level sign off required.
    Moderate - Only carried out by trained/competent individuals, checks carried out regularly, no lone working
    Low - Carried out by basic trained individual or under supervision, lesser frequency checks, can be carried out alone
    Very Low - No specialist training/supervision needed
  • Tony Walton
    129
    Good call Chris and endorse your assessment.
  • Marie Fleming
    7
    Hi All
    I think you need to use a matrix that has more detailed definition.
  • Tania Curtin
    112
    Ahhh the beloved risk matrix... Imho, one of the least understood and most misused tools in the H&S toolkit.

    I do not believe a one-size fits all approach works when it comes to developing and using a risk matrix - but that is what tends to be done.

    Site Safe has created one, but it is open to interpretation, therefore, it my experience it is of very little valuable use. Much more instruction / explanation is required, along with personalisation to fit the specific risk appetite and procedure of the organisation.

    Some of the key issues I have with this example are:
    1. It says to 'consider the severity of injury/illness' - but is this the maximum potential severity, or the most likely severity? It does not say. If it's the maximum potential severity, then most work risks inevitably fall in the catastrophic or major category (as worst case scenario for even a minor trip hazard could be a head injury, a broken neck, or death - rare yes, but 'possible' if we are thinking maximum potential). On the other hand, if we look at the most likely consequence, hazards with catastrophic potential can be underestimated simply because the likelihood of the catastrophic outcome is low. Critical risks can be inadequately identified and managed in this instance.
    2. The descriptions of the examples given for the severity options create a focus on 'safety' rather than health (or any other type of risk for that matter, e.g. financial, environmental, reputational etc.).
    3. Without specific guidance, likelihood is massively open to interpretation and the influences of individual bias. Arguably, even with guidance, there is still room for this, but being so ambiguous just worsens the issues. What one person thinks is 'likely to happen' based on their personal experiences and perceptions, could be considered as 'unlikely to happen' to another person. Who is right? How do we get consensus?
    4. We assess the risk... and then WHAT? As Chris pointed out, this example does not include any actions or implications related to the outcome of the risk assessment. There is no determination of what is an acceptable level of risk.

    Anyway, I've taken up enough space here. I'm very interested in this though - keen to see what others have to say. I have rarely come across what I would consider to be a good risk assessment.
  • Andrew
    404
    Hmmm. I'm sensing its time to re-introduce my internationally recognised and patented FARK and FEFR scales.
  • Matt Sadgrove
    27
    Its only my opinion but the risk matrix used for this discussion is only part of the tool in its entirety and therefore makes us subject to one sided evidence and risk averse. The matrix actually has a right side (or blue side) which represents opportunity. This is seldom discussed but important when seeking balance in discussing a businesses risk appetite or tolerance. The other issue we open ourselves up to as professionals in using a risk matrix is it gives the perception risk is fixed and doesn't flex across the scale with influences experienced at the coal face that lead our people to make adaptive capacity based decisions. Risk is not static in a relationship with a hazard so.. having a toolbox of Risk assessment tools is best.
  • Trudy Downes
    91
    I think the one thing the risk assessment matrix does well are the traffic light colours.

    Generalised examples: If your initial risk is red and the controls change the residual risk to orange then the controls are working, with room for improvement. If the initial risk is red and the residual risk is red then the controls need more work or consideration, and it is possibly urgent.

    Using the traffic light colours is a great tool for people that are less experienced in the risk assessment process but are the ones you need to talk to because the are experienced in the task!
  • Alana Bruce
    3
    Can you please elaborate on what your toolbox of Risk Assessment tools you would recommend. Thanks.
  • Matt Sadgrove
    27
    Bowtie, Risk Funnel, Cynefin Framework, Control effectiveness assessment, Work as done physical assessment are a few.
    Tools that help you more than identify and categorize but sort, prioritize and treat
  • Chris Peace
    86
    I think this all misses a key point: the risk matrix is a reporting tool, not an analysis tool. To use it you must have estimated the consequence of interest and then estimated the probability of that consequence. This is made clear in the soon-to-be published edition of ISO31010 "Risk Assessment Techniques". (Please note, we are interested in the probability of the consequence, not of the event: think Canterbury earthquakes.)
    The word estimate is deliberate: it is impossible to give a consequence or probability with any certainty. There will be a range of consequences and a range of probabilities. Each range will depend on the effectiveness of the controls and that effectiveness will itself be a range (perhaps lick a finger and stick it in the air?).
    Trying to use words to specify the likelihood leads to each user interpreting the words differently. This was clearly pointed out by Sherman Kent: you can read his article at https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/books-and-monographs/sherman-kent-and-the-board-of-national-estimates-collected-essays/6words.html . Research has since confirmed this many times. But if you're happy with a licked finger and wild inaccuracy, no need to read this article.
    The matrix is about as accurate as using a faulty speedometer to get some idea how fast you are driving. Then try explaining speeding to a traffic police officer - or the inaccurate risk assessment to a WorkSafe inspector.
  • Mark Taylor
    31
    I believe there is too much emphasis on risk calculation, that is very subjective and diverts the attention away from people concentrating on the bigger issue, which is actually managing an controlling the risk.
    It's interesting that the HSE have taken the risk matrix off their pro-forma's now because in some instances it has actually increased the possibility of harm when the risk is scored at a lower level.
    Some larger organisations are now undertaking risk management as a reverse process, which consists of identifying worker experience and knowledge first relative to the job, accessing the current working practices and spending the most time on this part to find better methods elsewhere or perhaps where alternative technology can be used to reduce the risk up front.
    The current risk based system most people adopt is very reactive in approach, whilst the reverse is far more proactive (Safety II)
    Mark
  • Chris Peace
    86
    Well said Mark!
    Using a matrix without some reliable calibration is ridiculous. As an analogy, my Toyota Yaris has a top speed of 1,795. What?!!! KPH, MPH? None of the above. It's relative to the number of snails I can pass in 270 seconds. But that's a stupid way of measuring speed.
    Without some generally accepted calibration for a matrix (not THE matrix) we cannot compare "risks". And as soon as two of us write down what we mean by the scales and design of matrices we have differences. "But mine is correct" - for the whole organisation, for all organisations?
    So, stop worrying about how many angels can dance on the head of a pin and ask what is risk. Using the ISO definition ("effect of uncertainty on objectives") gets us into fruitful discussions about the objectives of the organisation, activity, plant, etc (and see how many people can answer those questions). Then ask where are there uncertainties about achieving the objectives. Can we do that "on time, in full 95% of the time" (OTIF95). No? What effect does that have?
    And where will that get OHS practitioners? Away from arcane discussions about the matrix and into organisational improvement.
    Which loops back to Mark's comments about worker engagement.
  • Bruce Tollan
    32
    We use scoring and traffic light colours.
    Green < 20 Very low Limited risk: acceptable
    Yellow 20 - 70 Possible Monitoring: pay attention
    Orange 70 - 200 Significant Measures required
    Brown 200 - 400 High Immediate improvement
    Red > 400 Very high Stop Activity

    Assess risks without controls - reassess with controls, score must be less than 70
    A good source is ISO 12100-2010 Safety of machinery - General principles for design - Risk assessment and risk reduction.
bold
italic
underline
strike
code
quote
ulist
image
url
mention
reveal
youtube
tweet
Add a Comment

Welcome to the Safeguard forum!

If you are interested in workplace health & safety in New Zealand, then this is the discussion forum for you.