Risk Management Panel: Standards Help Drive Systematic, Repeatable Results
A Safety 2019 session on the ASSP Risk Management Institute focused on implementing risk management systems and utilizing several key standards, including ISO 45001 and 31000 and also ANSI Z10 and 590.3, Prevention Through Design.
NEW ORLEANS -- The American Society of Safety Professionals' 2019 Professional Development Conference and Exposition's educational program will address a wide range of topics, but inherent in almost all of them is the concept of effective risk management. One of the first educational session at the conference was a June 10 session about the ASSP Risk Assessment Institute and the society's Risk Management Committee. With Tim Fisher, ASSP's standards and technical services director, leading the session, four risk management leaders from several industries discussed their approaches to implementing risk management systems and utilizing several key standards, including ISO 45001 and 31000 and also ANSI Z10 and 590.3, Prevention Through Design.
The institute's website is filled with information on risk assessment competencies and a risk assessment certification program, training videos, standards, case studies, and tools.
The panelists were Ken Daigle, chairman of the Risk Assessment Committee; Gregory Griffith, client services chair for CNA Insurance; Travis M. Kruse, with Grainger Safety Strategy & Solutions; and Marc C. Wetter of Parsons Corp. All of them discussed how they approach risk assessment in their own organizations, how they analyze and score risks and communicate the information to senior management, and what a good risk assessment looks like.
It comes down to having a systematic process in place and having a common vocabulary, then developing concepts and getting everyone on the same page, Daigle said.
Kruse spoke several times about the importance of developing a risk profile for an organization. "Every organization has a risk profile . . . . Everything is predicated off of risk," Kruse said. "You can't manage what you don't know. . . . You have to start with a risk profile."
The goal, several said, is to set up systems and get everyone in the organization to act consistently. Kruse cited the concept in ISO standards of residual risk, which is risk that remains after a control has been applied to mitigate a hazard. It's important to assess the residual risk to know whether controls are truly effective, he said.