The global mining industry has been communicating visions of Zero Harm for many years. As part of this vision, the industry has been committed to proactively managing operational risk. To support this Operational Risk Management (ORM) initiative, a series of short articles will be offered providing a perspective on the related needs, opportunities and challenges. Obviously, this is one person’s perspective, influenced by experience and bias, but the objective is simply to stimulate thinking.
The potential step change in ORM
These articles discuss the potential step change in ORM from current approaches that may have been developed in the 20th century to a newer overt focus on the systematic application of quality controls and, following that phase, a move to effective critical control implementation, verification and assessment of effectiveness.
No successful improvement in operational risk management (ORM) is rapid. Positive change requires recognition of the need for change, a clear understanding of the change, demonstration and appreciation of its value, and overt positive feedback once change occurs. This applies at individual, management, corporate and external stakeholder levels.
The challenge for risk management professionals is to chart a course for ORM evolution that provides not only attainable goals for effective change but also a strategy for influencing the stakeholders, internal and external, individual and corporate, rapid-adopters and stragglers, over a period of years.
The articles will use the term Control-Based Risk Management (CBRM) to describe the evolution of ORM to an approach that focusses on the careful challenging, optimisation, installation and communication of controls for significant unwanted events.
Sites may believe that they are currently at, or even beyond, this phase of ORM evolution. These articles may challenge that belief, providing a means to review that control-focusing as part of the sites practices and culture.
Critical Control Management (CCM) is the next step in the evolution of ORM after successful CBRM. The objective of CCM is to focus the management system on ensuring the effectiveness of carefully selected critical controls. CCM moves away from a heavy reliance on risk assessment and analysis to a more effective control management approach. As such CCM is more about effective management than risk analysis. Organisational maturity will be discussed as a precursor for successful CCM.
The International Council of Mines and Metals (ICMM) published guidance on CCM in 2015 which is available on their website (http://www.icmm.com/en-gb/publications/health-and-safety/health-and-safety-critical-control-management-good-practice-guide and http://www.icmm.com/en-gb/publications/health-and-safety/critical-control-management-implementation-guide). ICMM member companies were surveyed during the development of these resources. The survey identified that all respondents, despite a range of current emphasis on managing controls, saw CCM as the goal for managing their highest risks.
Articles from this series
This series of articles is intended to stimulate strategic thinking as a company, business unit or site advances along the ORM journey, as illustrated.
The article topics are intended to align with this journey.
- Welcome & Introduction (this article)
- A short history of Australian mining ORM – one perspective
- Key words and concepts in ORM – getting the conversations and thinking consistent
- Making the argument – risk is all about controls and their Effectiveness
- Good practice ORM – four layers with risk assessment applications
- Moving to CBRM – the need and the changes
- Evolving ORM to CBRM at a site – the tools and the thinking
- Introduction to CCM – the process and outputs
- It’s a Journey – the ORM/CBRM/CCM Journey Model
- Influencing leadership mindsets – engage, involve, include, support
- Changing individual mindsets – promote, require, reinforce, support
- Finding the highest risk unwanted events (MUEs)
- Ensuring the overall control strategy is adequate for an MUE
- Identifying the most critical controls
- Challenging required control performance – considering control erosion factors
- Establishing verification methods and reporting processes
- Embedding and managing controls – from accountability to real time ORM
- Continuously improving controls – looking for action indicators