For writing this blog, we conducted a simple survey among partners and colleagues (thanks for your participation!). The questions were conducted as follows:
- Why did you and your clients adopt the bowtie methodology the first time? Please list the pragmatic reasons and elaborate on corresponding use cases.
- What do you think is the most useful aspect of bowtie in risk management? Please elaborate on the reasons.
- What role do you expect bowtie to play most in risk management?
Organizations have various specific reasons to adopt the bowtie method. It is generally accepted that risk control and regulatory compliance are the main reasons for QHSE risk management. In the previous blog, we discussed the use of bowtie in regulatory compliance. In this blog, we would like to outline the initial risk-related intentions of bowtie users and their expectations of functions in risk management.
Initial intentions for using the bowtie method or applying BowTieXP
Although BowTieXP users are all looking for techniques and tools for their process of risk management, the triggers are still different.
1 – Searching for a tool to engage in risk (hazard) management
Some of the bowtie users are familiar with the Hazards and Effects Management Process (HEMP). These users understand the whole identification process of risk hazards (risks), risk analysis, risk control, and continuous management. HEMP contains a package of tools that can be integrated with the bowtie method. By using bowties, users can create high-risk scenarios and corresponding controls. With this information, risks can be assessed, and applicable principles can be applied. Deriving from these controls, critical management tasks can be delivered.
For many QHSE practitioners, the first time they use bowtie is because of a subtask of this risk management process. HAZID and HAZOP are very popular and powerful methods in high-risk industries. By adopting these methods, organizations identify major hazards and the potential deviation modes of their operations. However, it is not easy to visualize risk scenarios from tabular data. The reviewing and tracking of the hazard documents are also inconvenient. Bowtie allows to depict this data and display the hazard information as risk scenarios, which facilitates further risk analysis.
Other practitioners, especially safety engineers, find the advantages of using bowtie through a semi-quantitative LOPA (Layers of Protection Analysis) method. Since the event chain of LOPA is based on event tree analysis and independent protection layers, it can be mapped onto a bowtie with independent barriers. Another connection between bowtie and this type of risk assessment is ALARP. Whether you use SIL or other assessment rules, the bowtie is an applicable tool to visualize your inherent risk and residual risks, and furthermore, to continually control the risk levels by implementing practical measures.
Figure 1 shows that facilitating the risk management process is still the primary reason to use bowtie. Different bowtie practitioners initially consider the use of bowtie at different stages of risk management.
Figure 1 – the reasons to adopt bowtie for risk management
2 – Ability to visualize risk controls in scenarios
The ability of visualization often refers to two aspects: the risk scenarios with controls and the weakness of risk controls according to reference information on the bowtie.
“Risk is equal to the triplet (S_i, P_i, C_i), where S_i is the i^th scenario, P_i is the probability of that scenario, and C_i is the consequence of the i^th scenario, i = 1, 2, . . . , N” (Kaplan and Garrick, 1981).
Figure 2 – Definition of risk
Visualizing risk scenarios is the primary reason for many bowtie beginners. By using the bowtie method, multiple risk scenarios which connect to one hazard, can be displayed concisely. The bowtie diagrams show the scenarios, consequences, the likelihood of these scenarios, and the risk assessment results. In addition, risk controls are also depicted as barriers.
By using bowties, it is easy to point out the weakness of risk controls according to reference information on the bowtie. Some experienced users pay attention to critical controls and check their weakness through required reference data. Next to that, by using bowtie it is easy to differentiate between controls and non-controls and their effectiveness. For example, adding safety activities to barriers can distinguish the performance of assurance activities versus actual controls. Therefore, visualizing controls and reference data in risk scenarios optimize risk management tasks.
3 – Risk communication across the organizations
According to our survey, using bowties for risk communication is vital for organizations. Many users believe that bowtie facilitates QHSE risk communication, since bowtie improves the effectiveness and efficiency of their risk communication across the organization. Not only is the risk result of importance in communication, the critical data concerning controls is too. Our bowtie tools can for instance deliver accurate information to accountable staff members specifically.
The messages of communication are either positive, such as ‘we learnt and we corrected the mistake so it shouldn’t happen again’, or negative, such as ‘we thought we fixed it but the barrier is still not performing as we need so we need a deeper look’. Communication is about what is actually done to manage a hazard. It pushes people to consider, which feeds data to a bowtie and demonstrates the organization is learning from mistakes. Learning from incidents and other reference data displayed on bowties together is very powerful.
Further uses – Ensuring the integrity of controls and their performance
Many organizations focus on critical controls identified on the bowtie. This is only part of the identification process. Assuring that these controls function well and are being continuously tracked is required to manage the integrity of controls on an ongoing basis. However, a single method like bowtie can’t achieve this by itself. A systematic and all-encompassing approach is required. Building on the basis of bowtie and barrier management, various other issues such as ownership, management systems, performance standards, culture, etc. also need to be considered. Risk management is a journey and bowtie is the beginning.
Clients use bowtie to truly incorporate the conditions determined in the hazard analysis into the basis of risk management and effectively perform tracking. Bowties and especially barrier management need to be dynamic for continuous improvement. Either incident analysis or an audit process can let an organization learn from dynamic data. Mature bowtie users expect an efficient way to make use of this data, create and assure follow-ups to have a risk management system following the PDCA cycle. CGE’s portfolio is aiming to provide such a platform by facilitating a full tool set to achieve this.
In summary, regarding risk management, bowtie is adopted for various reasons, some of them specifically derived from the risk management process. The identification of risks and their analyses, the visualization of risk scenarios and controls, the risk communication including recording are initial; while, the continuous monitoring and review are increasingly considered and become the motivation for further use of bowties.