skip to main content

GHS/HazCom Software Sale! Rules are changing—fall into compliance with these special offers. Learn More >

VelocityEHS recently held a three-part webinar series focusing on Risk Management 101, designed to introduce EHS professionals to the concepts, tools, and best practices for establishing and maintaining an effective risk management program, across several industries.

VelocityEHS experts, Dana Garber, Senior Solutions Strategist, and Phil Molé, EHS, ESG & Sustainability expert, hosted this three part series offering insights, real world examples, and practical takeaways that will help to improve operational risk management in your organization.

Each part of this series is currently available in our on-demand webinars.

Part One—Introduction and Risk Identification & Assessment

What is risk management? It’s the glue that holds safety management together, through the process of identifying, assessing, and controlling threats to an organization to mitigate the adverse effects of loss.

There are many different types of risks in every organization such as:

  • Safety Risk
  • Environmental Risk
  • Compliance Risk
  • Legal Risk
  • Financial Risk
  • Reputational Risk

Managing operational risk begins with performing a risk assessment to help identify, analyze, and evaluate various risks within your organization. Different types of risks assessments include:

Once you’ve performed your risk assessments, a risk bowtie is a terrific tool that you can use to synthesize your risk assessments into a single, easy-to-use diagram. A risk bowtie is a diagram that helps to visualize a risk event, along with root causes, consequences, and risk controls. Risk bowties help to improve the accuracy of risk models, as there are often multiple causes and consequences to risk, and bowties convey the complexity of risk with simplicity.

Watch the first session to get an in-depth understanding of operational risk, examples of how risk assessments work and how to apply them to a risk bowtie.

Part Two—Measurement and Mitigation

There are multiple contributors to risk such as physical/workplace hazards, operational factors, and human factors. After doing risk assessments to identify these risks, what are the next steps? Now it’s time to prioritize the risks that have been identified by building a risk matrix. A risk matrix helps to organize, prioritize, and compare measured risks to improve decision making and best apply available resources to maximize risk reduction. A risk matrix looks at potential consequences and the likelihood they will happen then gauges the risk impact providing a risk level between low to extreme.

Identifying the risk level helps to prioritize risk—but to reduce overall risk, risk controls need to be put in place. Successfully implementing controls begins with understanding the hierarchy of controls:

Risk controls function to help reduce risk by preventing, mitigating, and/or detecting accidents. Prevention, mitigation, and detection are known as the three control types. The idea is to build a system of controls using all three control types and have them work together to reduce overall levels of risk. Risk controls work better together and provide layers of protection in case some controls fail. This kind of system allows you to reduce risk to As Low As Reasonably Possible (ALARP).

Watch the second session to better understand what a risk matrix is and how to build one, to dive deeper into the hierarchy of controls,  and how to use risk controls throughout your organization to mitigate risk.

Part Three—Monitoring and Reporting

Risk assurance is the monitoring and reporting phase of risk management. After identifying risks and putting controls in place to reduce their likelihood of happening, you need to assure these controls stay effective through continued monitoring.

This is where critical control comes into play. Critical controls are the controls in place that are critical to risk prevention. To make sure these controls are effective, a verification process takes place in the field, testing and monitoring these controls. The goal is to provide actionable intelligence from the field to the decision makers about the effectiveness of the current controls.

Once control types have been identified and monitored, you’ll want to implement lessons learned reports and root cause analysis reports. These are safety communication tools intended to provide timely, reliable, and accurate notification of safety related incidences. Reporting allows for the comparison of risk across locations. Tailor reports to address your target audience, so they get the information that is important for their decision-making.

Watch the third session to get an in-depth understanding and examples of control verification process and reporting best practices, how to develop performance standards, and how a risk register can help manage risks, plus more.

To Sum It Up

When it comes to EHS risk management, there are a lot of moving parts. What’s the best approach to managing risk? Software makes it easier to prevent, mitigate, and detect risk. It also allows for live reporting so issues can be identified more quickly while implementing corrective actions.

Why it’s important to manage risk:

  • Promotes a common understanding of risk
  • Promotes higher worker engagement
  • Helps you shift toward a more proactive approach, and pursue ESG maturity

Watch all three webinars on demand here.

And, check out these additional risk resources:

VelocityEHS Can Help!

 As part of our VelocityEHS Accelerate® Platform, our Operational Risk Solution makes it easy for businesses like yours to identify, assess, and eliminate workplace risk to your people, property, and the environment. You’ll have unparalleled visibility and control of risks with the ability to drive collaboration and engagement throughout your company’s risk management activities.

Contact us today to learn more about how we can help you improve your EHS & ESG