Revisiting the history of Operational Risk Management (ORM) not only helps us understand the technical evolution of ORM but also may help us recognize the mindsets of individuals who have been in the industry for many years. People at all levels of the mining industry have been exposed to a variety of ORM initiatives over the past three decades. They may have been early or late adopters or even, as the change management models suggest: laggards. As such, history can help us understand today’s behaviors.
ORM in the 70’s and 80’s: a compliance mindset
In the 1970’s and 1980s, the Australian mining industry suffered many major disasters. The fatality rate was almost as high as it was in the early part of the 20th century.
Mining regulations in some Australian states started to change to reflect the ‘duty of care’ approach in the 1990s which often included a push, by regulation or strong recommendation, for mines to adopt risk assessment methods. At the time, some regulators had reviewed the approaches of other high hazard industries and felt there was an opportunity to reduce fatality and injury rates through ORM.
It’s fair to say that the regulators push accelerated the adoption of ORM methods in Australia, as well as other jurisdictions. This benefited health and safety outcomes in mining but also often lead to ORM becoming part of the compliance mindset. In other words, ORM is done because of regulations require. The value is not appreciated.
The 90’s: the evolution of ORM methods and requirements
Initial ORM methods included Job Safety Analysis and other tools that helped proactively review the work processes. Risk analysis methods, such as the Risk Matrix, were introduced across the industry. Much of the focus in the early to mid-1990s was on training the workforce about the basics of ORM and the use of these ‘new’ methods.
As with the virtually all major changes related to health and safety, disasters triggered the evolution of ORM methods and requirements.
Several near or actual multiple fatality mining disasters occurred in the 1990s. On the east coast of Australia, the regulatory requirement for major or principal hazard management plans was defined. These plans included a detailed analysis of selected hazards with highest potential consequences and the development of a plan to manage the hazard through a site-defined set of approaches such as procedures, training, accountability, etc. The plans also included the use of ‘TARPs’ or Trigger Action Response Plans. TARPs are documented action requirements for defined escalating levels of a hazard or an event. As such they dictate action even at early phases of a potential disaster. TARPs have been credited by some as a major contributor to the reduction in multiple fatality events in the Australian mining industry. Around this time many mining companies also recognized the need for corporate ORM procedures and guidelines.
Part of the ORM evolution in the late 1990s included the development of site risk registers. The register was intended to be a site resource, developed after risk assessments to find the highest priority risks, define required actions and set accountability for those actions. As such, it could be an up-to-date resource, offering the site management team a clear focus and risk improvement mechanism. Many would say that the goal was not commonly achieved.
ORM in the 1st decade of the 21st Century: exceeding regulatory requirements
As we entered the 21st century, the multiple fatality events virtually stopped and the focus moved to the prevention of single fatality events. Many companies augmented site ORM with Golden Rules or ‘Fatal Risk’ requirements that mainly, at least initially, defined required behaviors related to priority hazards.
Various state regulators also moved toward a common approach to ORM requirements during the first decade of this century. However, most mining companies had, by this time, defined ORM approaches that exceeded regulatory requirements.
Debate accelerated about ORM methods as mining companies acquired ORM expertise from other industries. The Risk Matrix was often the topic of debate amongst industry professionals, including the real or perceived requirement to ‘get it in the green’. In other words, ensure that there was no risk that was recognized as unacceptable. This mindset could lead to inadequate consideration of the adequacy of controls for the unwanted event.
The 2nd decade of the 21st century: a more aggressive control-based ORM approach
As the industry entered the 2nd decade of the 21st century the health and safety performance appeared to be greatly improved from earlier decades, sometimes diminishing the urgency of H&S priorities. Of course, the reduced commodity prices also affected the appetite for major changes to ORM. However, many H&S risk professionals recognized that valuable improvements could still be made in ORM. For some, the 2010 Pike River disaster indicated that we could undertake many ORM activities but if the method quality was poor or incomplete, a catastrophic event could still occur. Was this possible in Australia?
Several companies began to work toward a more aggressive control-based ORM approach. The Bowtie Analysis (BTA) method, developed by Shell many decades before, started to become a standard method for the control-based approach. However, like any tool, the quality of its application had an impact on the value of its outcomes. BTA teams often struggled with the identification of clear, monitorable pre-event and post-event controls.
In 2014, an Australian Coal Association research project included workshops of representatives from most coal mining companies in discussions about the selection and optimisation of controls (ACARP Report C23007 – available to purchase at https://www.acarp.com.au/reports.aspx ). Future articles will discuss the resultant new definition of a control, a significant change in ORM.
The Health and Safety Committee of the International Council of Mines and Metals (ICMM) had a major initiative running parallel to the ACARP work. This committee involved senior health and safety risk personnel from many of the world’s top mining companies; many of whom are leading experts in ORM. These individuals and their organizations recognized the need to define a control-based ORM approach that included understanding the control set for highest-priority-unwanted-events and the management of critical controls from that set through greatly enhanced methods of challenging the control, defining performance requirements and verification/reporting methods. Critical Control Management (CCM) publications from ICMM circulated across the global mining industry. Many companies expressed their commitment to move toward CCM.
The future of ORM
This next phase of ORM offers great benefits but the change may be greater than some recognize. Future articles will develop this further.
Expected articles from this series
This series of articles is intended to stimulate strategic thinking as a company, business unit or site advances along the ORM journey, as illustrated.
The article topics are intended to align with this journey:
- Welcome and Introduction to the ‘Evolving Operational Risk Management in the Mining Industry’ series (previously released)
- A short history of Australian mining ORM – one perspective (current blog)
- Keywords and concepts in ORM – getting the conversations and thinking consistent
- Making the argument – risk is all about controls and their Effectiveness
- Good practice ORM – four layers with risk assessment applications
- Moving to CBRM – the need and the changes
- Evolving ORM to CBRM at a site – the tools and the thinking
- Introduction to CCM – the process and outputs
- It’s a Journey – the ORM/CBRM/CCM Journey Model
- Influencing leadership mindsets – engage, involve, include, support
- Changing individual mindsets – promote, require, reinforce, support
- Finding the highest risk unwanted events (MUEs)
- Ensuring the overall control strategy is adequate for an MUE
- Identifying the most critical controls
- Challenging required control performance – considering control erosion factors
- Establishing verification methods and reporting processes
- Embedding and managing controls – from accountability to real-time ORM
- Continuously improving controls – looking for action indicators