Introduction to Enterprise Risk Management: A Guide to Risk Analysis and Control for Small and Medium Enterprises

By N. Krishnamurthy

This book covers principles and applications of risk management for construction and other hazardous enterprises. Although examples are cited from author’s personal experience in Singapore, topics are addressed at global level and readers may find enough to plan and carry out workplace risk assessment and control almost anywhere in the world and with any industry.

Contents are aimed at the student and the fresh graduate, as well as the serious professional who by experience is already carrying out risk management but who wishes to review and upgrade the principles and applications.

Author Prof Krishna draws from his experiences as consultant and researcher, accident investigator and expert witness, for both the government and private parties, on topics and incidents involving workplace safety and risk management. He has patented in Singapore and Australia an invention on a computer-based schema for risk analysis.

Using many examples and anecdotes, the book addresses the following topics:
• Reasons for and benefits of risk management
• Identification of hazards at the workplace
• Assessment of likelihood of work activities
• Assessment of their severity in different domains
• Evaluation of risk from its component factors
• Qualitative and numerical categorization of risk
• Hierarchy and application of risk controls
• Risk management while working at height
• Overview of quantitative risk assessment

• Language: English
• Publisher: Partridge Publishing Singapore
• Release date: Oct 18, 2019
• ISBN: 9781543754735

N. Krishnamurthy

Dr. N. Krishnamurthy (known as ‘Prof Krishna’) brings to this book decades of professional experience in India, USA, and Singapore, covering teaching, research, consultancy, and publications, on topics related to structural engineering, computer applications, workplace safety and risk management, in the last of which he has extensive and intensive involvement for decades.

Book preview

Copyright © 2019 by N. Krishnamurthy.

ISBN:       Hardcover               978-1-5437-5474-2

                 Softcover                  978-1-5437-5472-8

                 eBook                       978-1-5437-5473-5

All rights reserved. No part of this book may be used or reproduced by any means, graphic, electronic, or mechanical, including photocopying, recording, taping or by any information storage retrieval system without the written permission of the author except in the case of brief quotations embodied in critical articles and reviews.

Because of the dynamic nature of the Internet, any web addresses or links contained in this book may have changed since publication and may no longer be valid. The views expressed in this work are solely those of the author and do not necessarily reflect the views of the publisher, and the publisher hereby disclaims any responsibility for them.

www.partridgepublishing.com/singapore

DEDICATION

To my students and colleagues who have

inspired and challenged me to do better.

INTRODUCTION TO

ENTERPRISE RISK MANAGEMENT

Table of Contents

DEDICATION

ABOUT THE AUTHOR

PREFACE

AUTHOR’S WEBSITE

BOOKS BY THE SAME AUTHOR

CHAPTER 1:   OPEN YOUR THIRD EYE!

1.1. Be(A)ware!

1.2. The MOM Poster

CHAPTER 2:   WHY BOTHER?

2.1. Background

2.2. Risk Management as Mishap Predictor

2.3. Overcoming the Plateau Effect

2.4. Workplace Safety as Core Value

2.4.1. General Recommendations

2.4.2. General guidelines

2.4.3. Additional guidelines

2.5. Safety Culture

2.6. Challenges to Safety Culture

2.7. Incident (‘Close Call’) versus Accident

2.8. Benefits of Risk Management

CHAPTER 3:   GLOBAL WORKPLACE SAFETY

3.1. Need for Safety Regulations

3.2. Need for Statistics

3.3. Workplace Safety in UK

3.4. Workplace Safety in USA

3.5. Workplace Safety in European Union

3.6. Workplace Safety in Australia

3.7. Workplace Safety in Singapore

3.8. References

CHAPTER 4:   HAZARD AND RISK

4.1. Hazard

4.1.1. Hazard types

4.1.2. Hazards and activities

4.2. Common Everyday Hazards

4.3. Risk

4.4. Independence of Likelihood and Severity

4.5. Same hazard, different outcomes

4.6. No Never, No Always, in Risk

4.7. Risk Assessment and Control

4.7.1. Steps in risk management

4.7.2. Criteria for risk assessment

4.8. Importance of lessons learnt

CHAPTER 5:   METHODS OF RISK ANALYSIS

5.1. Mishap Analysis

5.2. ‘What If …?’ Analysis

5.2.1. Principle and Procedure

5.2.2. ‘What If …?’ Example

5.3. The HAZOP Method

5.3.1. Principle and Procedure

5.3.2. Guidewords and Parameters

5.3.3. HAZOP Examples

5.4. Failure Modes & Effects Analysis (FMEA)

5.4.1. Principle and Procedure

5.4.2. FMEA Example-1

5.4.2. FMEA Example-2

5.5. ‘Fishbone’ or Ishikawa Cause and Effect Analysis

5.5.1. Principle and Procedure

5.5.2. Fishbone Example

5.6. The Mishap Tree

5.7. Fault Tree Analysis (FTA)

5.7.1. Principle and Procedure of FTA

5.7.2. FTA Example

5.8. Event Tree Analysis (ETA)

5.8.1. Principle and Procedure of ETA

5.8.2. ETA Example

5.9. Bow-Tie or Butterfly Diagram

5.9.1. General layout of the diagram

5.9.2. Bow-Tie Example

5.9.3 Components of Bow-Tie Diagram

5.10. As Low As Reasonably Practicable (ALARP)

5.10.1. ALARP Principle

5.10.2. ALARP Application Example

5.11. Failure Modes, Effects, and Criticality Analysis (FMECA)

5.11.1. Principle and Procedure

5.11.2. Difference between FMEA and FMECA

5.11.3. FMECA Example

5.12. Job Safety Analysis or Job Hazard Analysis

5.12.1. Aims and considerations

5.12.2. JSA/JHA Procedure

5.13. References

CHAPTER 6:   PREPARATION FOR RM

6.1. Risk Assessment Team

6.2. Scoping the Project for RM

6.2.1. Unit of risk assessment

6.2.2. Scoping Example

6.2.3. Task assignment

6.3. Scoping the RM for Project

6.3.1. Acceptance of risk

6.3.2. Action points

6.3.3. Levels of components and risk:

6.3.4. Changes in the levels and categories

6.3.5. Let us not vote on human safety!

6.3.6. Qualitative or Quantitative

6.4. Start-up for RM

6.4.1. Starting up the process of risk management

6.4.2. Risk register

6.4.3. Contents of risk register

6.5. Distribution and Transfer of Risk

CHAPTER 7:   HAZARD IDENTIFICATION

7.1. Hazard identification

7.2. Proper mindset

7.3. Credible Threats

7.4. Identification by types of hazards

7.5. Identification by consequence of hazards

7.6. Sources of hazard information

7.7. The questioning approach

7.8. Job steps

7.9. Multiple hazards and consequences

7.9.1. Multiple hazards for one activity

7.9.2. Multiple consequences for one hazard

7.9.3. Job-specific format for hazard and consequence

7.10. A real-life hazard identification exercise

CHAPTER 8:   EXISTING (REQUIRED) CONTROLS

8.1 Existing Controls

8.2. Required Controls

8.3. What existing controls affect

8.4. Sequence of recording

CHAPTER 9:   LIKELIHOOD ASSESSMENT

9.1. Preliminary Considerations

9.2. Levels of Likelihood

9.3. Assignment of likelihood level

9.4. Example of man crossing drain – Likelihood

9.5. Difficulty to decide the likelihood level

9.5.1. Difficulties in assessing likelihood

9.5.2. Probability statistics for entire population

9.5.3. Probability statistics for workforce

9.6. Kick-Starting Likelihood Assessment

CHAPTER 10:   SEVERITY ASSESSMENT

10.1. Preliminary Considerations

10.2. Levels of severity

10.3. Assignment of severity level

10.3.1. Considerations in severity assessment

10.3.2. Guidelines for severity assessment

10.3.3. Abbreviated Injury Scale

10.3.4. Cost of injuries

10.4. How to Handle an actual injury at site

10.5. Example of man crossing drain – Severity

10.6. Consequences apart from Injury

10.7. Kick-Starting Severity Assessment

CHAPTER 11:   RISK ASSESSMENT

11.1. Combination of components into Risk

11.2. The Risk Matrix

11.3. Recommended conventions

11.4. Responsibility for risk categorization

11.5. Number of risk categories

11.6. Limitations on number of risk categories

11.7. Size of risk matrix

11.8. The case for 5×5

11.9. Characteristics of the risk matrix

11.10. Variations in risk categorization

11.10.1. Variations according to need

11.10.2. Over-riding the symmetry

11.10.3. The Precautionary Principle

11.11. Lumping of risks

11.12. Separation of risk levels in a job

11.13. References

CHAPTER 12:   NUMERICAL RISK ASSESSMENT

12.1. From words to numbers

12.1.1. Preference for numbers

12.1.2. Numbers denoting ranks not values

12.2. From numbers to arithmetic

12.2.1. Risk Index and RPN

12.2.2. Advantages of Numerical Risk Matrix

12.3. Numerical Risk category assignment

CHAPTER 13:   RISK CONTROL CONCEPTS

13.1. Principles of risk management

13.2. Management of risks

13.2.1. The risk Zones

13.2.2. Low Risk – Don’t worry about it!

13.2.3. Medium Risk – Manage it!

13.2.4. High Risk – Don’t do it!

13.3. Business case for risk management

CHAPTER 14:   RISK CONTROL METHODS

14.1. Risk Control Hierarchy

14.2. Elimination Control

14.3. Substitution Control

14.4. Engineering Control

14.5. Administrative Control

14.6. Personal Protective Equipment (PPE)

14.7. Increased Risk from Controls

14.8. Our Man Crossing the Drain

14.9. What will the controls help improve?

14.10. Improvements by Hierarchy

14.11. Additional Controls

14.12. Can all risks be brought down to ‘low’?

14.13. Compliance Regime

CHAPTER 15:   USES OF RISK MATRIX

15.1. Determination of risk from components

15.2. Status Map

15.3. Risk Sub-prioritization

15.3.1. In Qualitative Risk Matrix

15.3.2. In Numerical Risk Matrix

15.4. Decision Making

15.5. Changes in Risk Status

CHAPTER 16:   FOLLOW-UP

16.1. Residual Risk

16.2. Review of Risk Assessment

16.2.1. Extremes in initial risk assessment

16.2.2. Subsequent risk assessments

16.2.3. Review of risk assessment

16.3. Risk Matrix Format

16.4. Implementation of controls

16.5. Record keeping

16.6. Safety Audit

16.7. Emergency preparedness

16.8. Rescue measures

16.8.1 Confined space rescue

16.8.2. Fall from height

CHAPTER 17:   RISK COMMUNICATION

17.1. Language of Communication

17.1.1. Problems with ‘buzz’ words

17.1.2. Flammable or Inflammable?

17.2. Impact of different cultures on safety

17.3. General Guidelines for Communication

CHAPTER 18:   WORKED EXAMPLES

18.1. Receiving/stacking goods in supermarket

18.1.1. Notes on risk assessment

18.1.2. Commentary on analysis

18.1.3. Result of risk assessment

18.2. Cutting grass with an electric lawn mower

18.2.1. Notes on risk assessment

18.2.2. Commentary on analysis

18.2.3. Result of risk assessment

18.3. Comments on Examples 18.1 and 18.2

18.4. Risk with an (Older) Escalator

18.5. Revisiting the ‘Hug-Rail’

18.6. Goods Transportation Analysis

18.6.1: Activities, hazards, consequences, and existing controls

18.6.2: Listing all likelihoods in the job

18.6.3: Defining the likelihood level criteria

18.6.4: Sorting the items according to the set criteria

18.6.5: Listing all severities in the job

18.6.6: Defining the severity level criteria

18.6.7: Sorting the items according to the set criteria

18.6.8: Determining risk and recommending controls

18.6.9. Concluding remarks

CHAPTER 19:   RISK ANALYSIS OF ERGONOMICS

19.1. Workplace Ergonomics

19.1.1. Poor ergonomics

19.1.2. Magnitude of the Problem

19.2. Posture Severity Assessment by OWAS

19.3. Load Lifting and Shifting

19.3.1. Effects on spine by lifting heavy loads

19.3.2. Manual handling load limits:

19.3.3. Correct Lifting Method

19.3.4. Management Guidelines to Manual Handling

19.3.5. Risk Management by Hierarchy of Controls

19.4. Prolonged Computer Work

19.4.1. The magnitude of the problem

19.4.2. Risk assessment of bad posture at computer

19.4.3. Controls for computer work

19.5. Benefits of Good Ergonomics

19.6. References

CHAPTER 20:   RISKS OF WORK AT HEIGHT

20.1. Hazards of Working at Height

20.2. Height and Velocity of Fall

20.2.1. Formulas and Charts for Free Fall of Objects

20.2.2. Use of the charts

20.2.3. Terminal Velocity

20.3. Impact Force due to Fall

20.3.1. Impact force formula and G-factor

20.3.2. How much ‘G’ can a Person Bear?

20.4. Injury due to Fall

20.5. Risk Assessment of Fall

20.5.1. Likelihood Assessment of Falls

20.5.2. Severity Assessment of Falls

20.5.3. Risk Assessment of Falls

20.6. Principles of Fall Control

20.6.1. Hierarchy of Fall Control

20.6.2. 100% Tie-Off

20.7. Pros and Cons of Safety Harness

20.8. References

CHAPTER 21:   QUANTITATIVE RISK ASSESSMENT

21.1. Qualitative versus Quantitative RA

21.2. QRA Advantages and Disadvantages

21.2.1. Advantages of Quantitative Analysis

21.2.2. Disadvantages of Quantitative Analysis

21.3. Methodology of QRA

21.4. Example of Application of QRA

21.5. F-N curves

21.6. REFERENCES

ABOUT THE AUTHOR

Image36887.JPG

Dr. N. Krishnamurthy, known as ‘Prof Krishna’ to his students and colleagues, completes 60 years of teaching and training, research and consultancy at universities, and for Government and private agencies in USA, India, and Singapore.

He received BSc and BE(Civil) degrees from India and MS(CE) and PhD from USA. He taught in two universities in India, three in USA, and three in Singapore. He worked summers and consulted for the Oak Ridge National Lab in USA. He has to his credit four technical books on his own and three co-authored books, plus over a hundred papers.

Formally trained in structural engineering, Prof Krishna started on computers in the USA in 1959, and has kept up with developments. He has one book on computer graphics and uses computers extensively in his study, research, and teaching.

For the last 18 years, Prof Krishna has focused exclusively on workplace safety and risk management, lecturing, conducting sponsored research, consulting, and publishing on these topics in Singapore, India and USA.

He investigates workplace accidents, and appears as expert witness in court cases.

He has one invention on risk management patented in Singapore and Australia, and another related to scaffolding and formwork in the works. More information on his recent activities may be found from his website: www.profkrishna.com

_____

PREFACE

This is a book mainly for beginners. It is written for the diploma or degree student, and the practicing engineers, particularly in small and medium enterprises (SMEs). However, author hopes that even the risk management veteran may find something of value in these pages touching as it does on many recent developments.

With certain exceptions, it is well known stuff, but hopefully fresh in the way it is presented, and possibly in viewpoint and interpretation in certain matters.

In 2007, author wrote his first book on the subject titled Introduction to Risk Management and published it himself in print. It was aimed at a Singapore audience mainly because the small island nation in which he had settled down – after exciting professional experience in in USA, India, and Singapore, with teaching and research in universities and training and consulting for industry in structural engineering, computer applications, workplace safety and risk management – had made a heavy revamp of its regulations with its Workplace and Safety Act of 2006.

When the first print sold out, the author started revising it for a second edition. He decided to revise the book for a global audience with minimal changes in other areas. He also chose a fresh title: Introduction to Enterprise Risk Management, to distinguish it from most risk management books already available for the financial sector, as well as those restricted to only human harm, and published it online both as a paperback and a Kindle E-book.

During the intervening years, no earth-shaking developments have taken place in the subject, but the author has become more extensively and intensively involved in workplace safety and risk management, developing and teaching more courses, presenting more talks and publishing more papers, conducting personal and sponsored research, and training and consulting for the government and private parties on related topics.

He has patented a computer-based invention on risk management in Singapore and Australia, titled ‘The SAFER Diamond’. More details of his activities and access to his publications may be obtained from author’s website: www.profkrishna.com

Author emphasises Singapore as a role model because Singapore has shot up from a developing nation to a developed one in a few decades, and its safety record has improved by leaps and bounds in the last couple of decades. That is why many of the regulations and case studies presented in the book reflect author’s Singapore experience.

However, having lived in USA for long, and with his familiarity and interest in the practice of industrial risk management in other countries, author is aware that risk management practices vary widely around the world.

Author has tried to present the basics in a simple, chatty and story-telling style that he adopts in his lectures, avoiding bombast, and (he hopes!) boredom. His light touch should not be mistaken for flippancy.

This Edition is published through Partridge Publishing of Singapore, and lays special emphasis on the following topics:

• Guidance to the beginner to assess likelihood and severity of hazards.

• Work at height, which is one of the riskiest activities deserving of assessment and control.

• Ergonomics, the work posture, including manual handling of heavy objects, spanning the entire spectrum of activity from the office to the worksite, from the CEO down to the worker.

• Quantitative risk analysis, in a brief overview of this complex but important counterpart of the qualitative risk analysis.

Author admits that certain ideas he has presented herein may be new or unusual, and some may even deviate from conventional wisdom or published literature. Readers may choose to agree or disagree with his views – and certainly adopt alternative approaches, where available.

Author seeks the reader’s indulgence when he uses ‘I’ and other first-person pronouns, especially when he relates personal anecdotes and opinions inside the text.

He invites readers to visit his website [http://www.profkrishna.com] both to access certain additional information and resources on safety-related matters, and also to provide him feedback and suggestions on the contents of the book for corrections and improvements. His e-mail is: proscank@gmail.com

At the end of the book, author has appended the list of his 21 published papers which may be browsed or downloaded from the Publications page of his website: www.profkrishna.com

While acknowledging the use of extensive existing resources in forming and refining his ideas, the author regrets he is not able to make specific citations from this wealth of specialized knowledge in every case.

The author has drawn freely on the experience of his predecessors and contemporaries, as well as from the wisdom of the ages as applicable. While tapping the fountainhead of information that Internet offers in the public domain, he has been careful not to use copyrighted material without attribution, to the best of his knowledge. Any contravention would be unintentional.

_____

AUTHOR’S WEBSITE

Author’s papers on risk management and related subjects may be accessed from his ‘Publications’ and ‘Downloads’ pages of his website: www.profkrishna.com

Image36896.JPG

While not claiming to be exhaustive, author has collected and tried to present in it relevant material that interested him from public domain, and made available his own publications and comments for the use of visitors to his site.

The site also includes information on his academic and professional background, anecdotes and links to other valuable resources from around the world.

Recently he has listed his published books and its contents.

For those who would like to borrow any of author’s material and use it in their work, permission is granted for fair academic and research use of material from his website on condition that such use is acknowledged with the citation: "Sourced from Dr. N. Krishnamurthy’s website: www.profkrishna.com."

• If it is a publication, please do cite the publication in a standard format.

_____

Image36904.JPG

CHAPTER 1

OPEN YOUR THIRD EYE!

1.1. Be(A)ware!

First, a word about human awareness and pro-active attitudes.

I often start my lecture on hazard identification by showing the audience a poster on safety, and asking: How many of you have seen this before? [Left part of Fig. 1.1.]

Image36911.JPG

Fig. 1.1. ‘We look … but do not see!’

Generally, there is no response, even when I repeat the question. Occasionally a single hand goes up half-heartedly, and auth asks Where?

He (or she) will say, In a MOM seminar talk or something like that. [MOM stands for Singapore’s Ministry of Manpower. – NK]

I dramatically point to the double doors at the back of the room, through which all the participants had come in, exited for the coffee break and come in again, a total of three times – and asks the entire group to turn around. [Right part of Fig. 1.1.]

And there, stuck on both the doors, at eye level, is this very same