In the beginning

When I started as a young HSE advisor way back in the early 1990s it was quite common when I got a question about working conditions and occupational safety issues that I would turn to the really good guidance documents that the Dutch Health and Safety Inspectorate had issued. More often than not I would find a good answer or recommendation there.

This was before the renewed Health and Safety at Work Act came with its paragraph about risk assessment and evaluation. Risk had been at the core of the safety profession for a long time, of course, but I think it wasn’t until halfway the 1990s that the majority (in The Netherlands, at least) came to recognize the importance of systematic study of hazards and risks. And so my approach initially was just like I had seen around me: more rule based than risk based.

Referring to the guidance from the Inspectorate had the added bonus that it would give power and backing to the words of a rather junior advisor. Or so I thought. Having grown in the profession (and otherwise) I’ve come to adopt another approach and another view on the matter.

Fast forward two decades

A while ago I attended a conference where one of the HSE professionals presented the results of one of his recent projects. The problem dealt with a relatively novel way of working that among other things allows for greater flexibility and more efficient handling of cases on location. The new method also has some clear drawbacks with regard to ergonomics and working conditions.

We expected to hear how to deal with the latter, but the answer was quite sobering. The presenter started waving with some regulations, mentioned the regulator and revealed that he had found out that employees were allowed to do this activity at a maximum of two hours a day. This posed a particular problem because the call centre distributing the work would need to have a registration in order to avoid giving work to people that had “used up their quota”. I was simultaneously baffled and fuming and spoke up accordingly.

Episodes like these annoy me in particular for three reasons:

  1. It approaches the problem from the wrong angle.
  2. It communicates a false sense of certainty and oversimplifies a relatively complex issue by reducing it to a single number.
  3. Things like these give Safety/HSE a bad name.

Let’s look at these three statements in more detail.

1: Approaching from the wrong angle

In the whole of the presentation not once the concept of risk was addressed, except implicitly in the sense that it was ‘forbidden to work longer’ because this could cause harm. Having matured from my early 1990s practices I would say that as a rule of thumb most HSE questions should start with some kind of risk assessment - not necessarily a formal one, mind you.

I find the risk approach much more useful than looking for ‘a rule’; especially in communication to the people you’re supposed to help. Instead of giving a “because the rule says so” answer that may be totally incomprehensible to people, it discusses the problem from a logical point of view - not in the last place their point of view. More importantly, it is also the approach that will lead you to finding a good solution that addresses the problem in a proper way.

What a lot of people apparently don’t realize is that regulations almost per definition are compromises and often driven by political and other agendas. Following a threshold value does not necessarily means that you’re ‘safe’. The only really safe value for exposure to asbestos fibres would be zero, for example, but this is in many areas not realistic through background exposure. Regulations often take into account this kind of considerations.

To illustrate the point further I’d like to mention John Adams’s discussion of the legal limits for drinking (one of his many thought provoking observations) in his fabulous book “Risk”. Firstly the way the human body is affected by alcohol depends on many things and is very different for each person. If the legal limit is x promille this will be an average (or even arbitrary) value and not the ‘real’ safe level.

Secondly, a legal limit may give the illusion that it’s okay to drink and drive, as long as you are below this limit. As said, alcohol affects different people in different ways and some people may be affected a lot, even if they are below the legal limit. The legal limit is thereby often a crude rule of thumb and again the only really safe level would be zero.

Then there is another aspect that often is misunderstood. I really doubt that the rule that was mentioned by the presenter is actually a proper rule. I suspect it rather to be guidance given by the regulator. There’s a fine difference between regulation (“you shall”) and guidance (“it would be wise if you”), but many HSE professionals fail to appreciate that. Many think that everything said by the regulator is law. It’s not.

2: Reducing a complex problem to a number

As one can see from the extremely simplified case description above there are many sides to the problem. On the negative side the novel working method is ergonomically far from optimal, but it has other strong benefits like greater flexibility, efficiency and there are also safety and health gains, for example because it reduces the need to travel back to base or involving other crews.

The “but only two hours a day” approach singles out the (possible) negative effects of the novel way of working without any context or looking at other effects, positive and negative. A correct way of looking at the problem would be to look holistically at the difference between the old and new situation (which inherently includes the context) and then see what the net decrease or increase in risk is. Risk management should be a constant trade-off between various objectives, not a mindless striving for zero risk with total disregard for other factors.

Besides, I’m not quite sure how this would work. Is it 2 hours per 24 hours, 2 hours per working day or 2 hours per calendar day? The latter would mean that you actually could do the activity 4 hours on a night shift, if you take the rule in its most literal sense. The rule gives a number as if it were a certainty; as if 1 hour 59 minutes is good, while 2 hours and 3 minutes means that you’re in serious trouble with permanent disablement looming in the future. Sorry to disappoint some, but safety isn’t an exact science, so it usually doesn’t work that way.

Actually, I doubt that the activity in question will be performed two hours in a stretch ever. The job these people are doing in-between involves lot of other activities that probably will relieve the physical stress built up and help to level out negative effects of ergonomically suboptimal working conditions. But then, take in consideration that I’m no ergonomist or physiotherapist, so I may be mistaken (another reason for the holistic approach and risk assessment as the basis).

3: Giving Safety a bad name

It’s bad enough if we hear things like these during a conference where only other HSE professionals are present who hopefully speak up in a critical way, as I did. But it’s really bad if things like this are uttered to people (managers or operational personnel ‘out there’) that may have a critical stance towards all things HSE in the first place.

Concluding that the employer had to get track of what his employees were doing so that he could manage the exposure means adding a new layer of bureaucracy. As if we haven’t enough of those in the HSE world, most of them adding little or no safety. In this case HSE did exactly what some people expect them to do: come with another procedure and make work even more difficult without any good reason. That’s what it means to be doing safety TO people instead of WITH them.

It also blows the problem out of proportions, like this is the most important activity that has to be monitored. Well, I’m sure that it’s not. These people are involved in much riskier activities on a daily basis. Only driving to and from their jobs is probably an activity with higher risk without any special monitoring or preventive measures.

Finally, looking up “what is allowed” is a very, very, very lazy way of doing safety. The guidance documents from the Dutch inspectorate that I mentioned earlier included a disclaimer that said something in the line of: “This is how we interpret the law, if you follow these guidelines you are compliant, but of course you are welcome to find other, as safe, or even better ways”. Safety guidance is not meant as a barrier for innovation. The catch, of course, is that the burden of proof rests on you. It requires some hard work to take the risk based approach and look at the problem from the bigger picture, with proper expertise involved, not in the least the people performing the job! But it’s usually worth it.

Let’s face it. Advice like “only for two hours a day” is what gives the Safety and HSE profession a bad name.

Earlier during the conference someone asked why it was that HSE professionals often aren’t invited to take part in projects from operations and that there seem to be two separate tracks: the operational track and the HSE track. Well, it’s exactly answers like “You are only allowed to this two times per day” that makes sure HSE professionals are NOT invited to think about new solutions!

Please, let’s not do things that way!


Disclaimer: I don’t want to talk trash about the colleague in question, because I’m pretty sure that he sincerely wants to do a good job in the best interest of the employees whose health and wellbeing he is trying to protect. This was probably not his finest moment and we should use the opportunity to learn from it and avoid these pitfalls. It should be our aim to help people doing a better and safer job, after all, and not be a straightjacket that provides so many constraints that they rather don’t ask HSE professionals for help. Also we should help fellow HSE professionals getting out of the rule based routine and teach young and beginning HSE professionals approaching things in the right way in the first place. This would have saved me a couple of years of finding out for myself…


Also published on Linkedin.

After my decidedly critical and somewhat negative blog a couple of weeks ago (check this link) that was sparked by the rhetoric from a risk assessment tool vendor, I thought it might nice to follow-up with a piece with a more positive orientation.

Here are 10 Do’s for Risk Assessments, taken from the extensive experience of me and my colleagues during the past decade. In no particular order and without claiming completeness:

1: Added value

If done well risk assessments will give you added value. Keeping these ten tips in mind will help. In order to achieve this added value it’s important to start in the right way. Make sure that it’s clear for the people that are going to work on the risk assessment know why we are doing this and what objective is intended to achieve. If you are going to do a risk assessment with compliance with some regulation as the goal then chances are that you will do so, but little more. Aim higher, for example to find possibilities to improve safe production and you can steer to reach that goal.

There’s also this rule of thumb that says that the earlier you start thinking and doing risk assessment in the process, the better, more effective and cheaper possible actions will be. Including an action as integral part of the design of an operation or piece of equipment is definitely to be preferred over an add-on or paste-on solution afterwards.

2: Keep it simple!

Want to involve others? Then make things as accessible as possible for them. Some regard risk assessments as something complex and difficult; well usually there’s no need for that! For most applications the method doesn’t need to be difficult. As long as you go through things systematically and with a critical mind (e.g. thinking “what if…”) you’ve achieved a lot and kept everybody on board. In fact, they have probably done the main part of the job because they often possess the real knowledge about the job to be done or the system to be designed/build.

Basic risk assessment is not difficult… We do it all the time in our everyday lives (usually rather unconsciously and most of the time more or less successfully) when crossing the street, checking if the milk smells funny or deciding what coat to wear. If you transfer these skills to a work situation and do this structured and systematically a lot is won.

3: Competence and involvement

Another thing that affects the quality of a risk assessment is involving the right people. And do get this right: it is both about involving and about the right people. Participants in your risk assessment must have the proper knowledge about the system or activity that you are going to assess. You will want, and need, those people who know about the “job-as-done” (and not so much those who deal with “the job-as-imagined”). Don’t tell the participants about their risks: involve them and have them discuss and discover themselves. In some occasions this process has even more value than the eventual product (the risk assessment report) as this discovery and discussion will lead to greater understanding among the people involved.

And of course the one leading the risk assessment process has to be competent, but more about that below.

4: Shit in = Shit out

I tend to say that this is the First Law of Quality Management. If you put the wrong stuff into a process you shouldn’t be surprised to get substandard results. Good preparation of the assessment always pays back. Make sure you have a good description of the system, activity or change that you are going to assess, and have this ready (for at least 80 to 90%) before you start. Sometimes you can do this “on the fly”, but in most occasions this will lead to a major waste of time because people will start discussing their different views on the subject and use valuable time that was actually planned for the assessment. Bad preparation then is a source of confusion and frustration that easily can be avoided.

Part of this good description is a clear scope. What is it we are going to assess, and with what objective, where are the boundaries: how far do we go and what are the interfaces at those boundaries and what is the impact of these interfaces on risk. There’s a major difference if we are going to assess the design of a piece of machinery, the very production of this machinery in our own workshop or if we are outsourcing the production to China and then transport the machinery to our factory.

Also: don’t over-eat yourself… it’s wise to keep the assessment’s scope within a manageable size. If things are too large you will probably have a hard time. Rather split up the assessment in more practical parts - as long as you remember to check the various interfaces!

5: Rich information

Remember that risk matrix is tool (and a tricky one too, which may be the subject of a future article) and not a goal in itself. Some seem to think that risk matrices are an easy way to communicate risk (e.g. by showing that “We have x Hazards in the Red Area and y in Green”). In fact this is a very superficial, weak and poor way because this ignores essential rich information like assumptions that often determine your risk. Also it doesn’t give you a clue what to do - at best it indicates an area where action is necessary.

Neither should you fall in the trap of being too brief. Yes, keep your assessment as short and concise as possible, because this will increase the chances of being read (and hopefully understood). But don’t fill an assessment form with keywords that have little meaning for people that were not involved in the assessment. And even for the people who were involved these keywords will lose meaning over time without the proper context. Rather resort to storytelling with short descriptions in prose of the scenarios, consequences, probabilities and conditions these depend upon.

6: Communicate clearly

Proper communication has everything to do with giving rich information. And make sure that you do it in a language that the decision makers (and others) understand - so try to avoid numbers that may lead to mechanical decision making or wrong conclusions and beware of jargon, abbreviations and acronyms that some readers may not relate to or even don’t understand.

Make sure to clearly discuss and communicate limitations and uncertainties with regard to the assessment including assumptions that had to be made. Assumptions are often forgotten in communication, but they are essential to the validity of the assessment because if an assumption turns to be not true, the entire assessment is suddenly built on quicksand…

Keep in mind that the Summary may be the most important part of your assessment report. Often this is the ONLY part a decision maker has time to read, so you have to make sure that all the important elements are there. 

A good summary includes at least a brief and concise description of the assessment’s scope, objective, boundaries and the most relevant assumptions and hazards, a conclusion with regard to the assessment as well as suggested/recommended actions. It’s essential that neither the summary, nor a conclusion can bring something new that is not discussed elsewhere in the report. In the past we’ve encountered regularly assessment report where out of the blue something appeared in the summary or conclusion that had no apparent relation to what was discussed in the assessment. Doing so will seriously weaken your advice.

7: It’s not all about safety

Risk assessments are often initiated from a safety point of view, but no need to look at them with this limited view. With a variety of competence gathered to do the assessment, why not use the opportunity to find good solutions across specializations and fields. While often seen as being in conflict, safety and production can and should go hand in hand. Risk assessments can be an opportunity to improve both if you keep an eye on the big picture and avoid tunnel vision on just one of the two.

8: Fresh eyes

Experience is good, but I’ve witnessed assessments where the participants had been in similar sessions many times before and went through the moves, doing what they always did. This may seem very efficient to some, but it may also very easily lead to groupthink, unfortunate conformity and that important elements are overlooked. Fresh eyes can be valuable in these cases: someone who isn’t tricked into jumping to conclusions because he or she hasn’t been through this many times before, someone who has the ability to be genuinely surprised and curious and someone who can ask the crucial critical questions.

This doesn’t only apply to participants, but also to the process leader. One must consider the advantages and disadvantages of going for an internal or external process leader. An internal leader will have the advantage of knowing people (and how to approach/deal with them) and may know of challenges, but an external process leader will have fewer problems resisting the temptation to hop over some elements that are assumed to be known.

9: Leading the process

The main weapons for the process leader or facilitator are preparation and competence, both of which we discussed above. In the case of the process leader this competence shouldn’t necessarily be about the subject of the assessment (this may help in some cases, but it also can be counterproductive e.g. as we saw above if it causes the process leader to jump to conclusions). The process leader’s competence should be about the risk assessment process and leading, coaching and facilitating this process.

During the assessment a process leader should have good improvisational skills so that he can switch between methods if necessary. He (or she) must also be able to switch between subjects and levels - a risk assessment often needs a good level of detail, and often also that helicopter view. And it’s so easy for participants to derail into pet-subjects or private agendas; the process leader must be able to draw them back on track in order to get to the wanted result: a risk assessment with added value.

10: Right tool for the right job

Finally one should ask oneself if risk assessment actually is the right tool to use for the job at hand. Thinking about risks is hardly ever a wrong thing to do, but a risk assessment isn’t some kind of magic wand that makes go away all your problems. Neither is it a good instrument for the identification of everything, like to check if routines are implemented or to see how certain activities are perceived. I’ve been in situations where I’ve suggested a manager to go and talk to some of his people instead of doing yet another risk assessment.

 Also published on Linkedin.

Recently I was discussing a business idea with a friend, and decided to check out what others were offering in the same vein already. I came across one supplier of risk management services (basically just software) who thought it wise to advertise his products with phrases that led to a few frowns from my side. Let’s take some of their statements under scrutiny: 

“Risk assessments are often experienced as costly exercises that cost a lot of time and resources”

“Often methods are complicated and people are unsure about their competence with regard to risk assessments”

Isn’t it interesting for a safety consultancy firm (at least nominally) to capitalize on safety’s bad name? There seems to be an established truth among some that safety is trouble, difficult, complicated and that it costs a lot of money and resources (with the unspoken implication that one doesn’t get anything in return).

Don’t get me wrong, I don’t have problems with someone trying to make a living with their risk matrix packed tool (I haven’t tested or reviewed it so I cannot say anything about the quality). But it annoys me endlessly that a safety consultancy firm finds it necessary to contribute to safety’s bad name by enforcing the message of risk assessments being complicated, time and money consuming with little return on investment. Tell often enough that risk assessments are complicated, expensive and they will be - at least in the minds of most people.

During the past decade I’ve spent a lot of effort de-mystifying, clarifying, explaining, supporting and probably most of all stressing the added value of risk assessments - which includes among others systematic knowledge of possible challenges before they arise and the opportunity to anticipate and prepare for them.

Growing understanding for the positive effects of systematic safety work is a slow process that is easily harmed, so it’s even worse that harmful signals are coming from within our own ranks. 

“Risk assessments always compete with running the business”

Much of the same discussion here, but if possible this statement screams Wrong Understanding even louder. What it does, is confirming the view that many managers probably already have that risk assessments are something that only creates trouble, costs time and money and contributes nothing to what they do - but is a good way to keep regulators and safety departments at bay, so let’s do a quick one and back to work.

If risk assessments don’t support the business and contribute to the bottom-line then they either should not be done at all, or they are not used properly. 

“ProductX is developed so that everyone understands and that the work goes quickly“

A tool that is self-explanatory: excellent. Tools should be as intuitive as possible since this greatly increases the chances of them being used successfully. But, mind you, it’s not the tool that makes a good assessment. Give a perfectly ergonomically designed hammer to a crappy carpenter and the result is likely to be below par.

Although it surely will contribute, it’s not the tool that ensures a good result (as the text on this particular website seems to suggest). Were that be true, this would mean that risk assessment is a mechanical process that can run itself if only you use the right tool.

The key is competence - we need to teach people how to do things properly. For most applications, and certainly every day applications, risk assessments are not really that hard to learn properly. In fact, we do them all the time in the backs of our minds, e.g. when crossing the street, driving our cars or when deciding to take an umbrella before leaving the house. We can teach people to do this systematically in work situations as well, even though it in some cases may be a wise move to have a competent process facilitator to guide and support the process.

On the other hand, expose people to a risk matrix without proper training and guidance, and you are asking for serious trouble and misunderstanding. The result then gives participants a false sense of certainty and control: they think they have done a good job, but it’s likely that they have not. 

“User-friendliness increases the number of assessments done…”.

“Our customers tell us that after they acquired ProductX they started many more risk assessments than before”

User-friendliness is a great characteristic for any tool, but I strongly doubt that the main aim of user-friendliness is to increase the number of assessments done. And by the way, are we suggesting here that it’s a goal to do as many as possible assessments? One often hears the expression “It’s not the size, but what you do with it”. The same applies to risk assessments: it should be about what you do with a risk assessment (i.e. putting in place actions to facilitate doing the best job possible and creating controls and barriers to prevent bad things from happening, or reduce their harmful effects), not about the number of pages, hazards identified or number of assessments done.

This is most likely another symptom of not fully understanding the matter, and so “better” is confused with “more”. I think things should be about quality, not quantity, but interestingly (and ironically, and disappointingly) there is not a word about the quality of the product or if it actually contributes to improvement.


(By the way, the firm selling this tool had no serious HSEQ competence on its staff as far as I could detect. I wonder if they would be equally comfortable having their car maintenance done by people without the relevant skills.)


Also published on Linkedin.


Ron Gannt shared this thought provoking article about thinking differently about accidents... Recommended reading!

The University of Sussex is currently rolling out a new version of the multicriteria mapping tool (MCM) as a university enterprise. You can see more detail on the website:

The aims behind MCM are to help researchers, policy makers and stakeholders to 'open up' risk decision making in ways that illuminate issues, uncertainties, options and perspectives that are often unduly obscured. As a research tool, MCM aims to put the participant 'in the driving seat' - and to give as much importance to eliciting qualitative reasons as to the quantitative data. The tool rigorously documents complexity and diversity and also aims to be clear and practical in highlighting concrete options for action. Although the challenges remain, MCM does offer a way to help allow greater scrutiny and critical understanding.

MCM is freely available to anyone for a period, and then as a web-based service for a subscription. It can also be downloaded and used on a laptop, to help run interviews or small group discussions in any setting. Revenues raised will be reinvested by Sussex University into further development of the tool and associated services.