![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
|
![]() |
![]() |
|
|
![]() |
PREVIOUS | TABLE OF CONTENTS | NEXT 2. RISK ASSESSMENT MODULE
A risk scenario can be defined as a sequence of events, with an associated frequency, potentially leading to an adverse consequence. This sequence of events must include the hazard, the item(s) of value exposed to the hazard and the potential severity of the adverse consequences that may be generated. Purpose: To develop risk scenarios with respect to identified hazards. This component requires:
Deliverables:
2.1.1 HAZARD IDENTIFICATION ^ There are many approaches for the development of risk scenarios. For the PRMM, it is suggested that the development of scenarios start with the identification and description of known hazards. These inventories of hazards can be reused in future applications of the PRMM. There are generally four types of hazards that can generate adverse consequences. Only the first three listed below will normally be relevant in the PRMM.
2.1.2 DESCRIPTION OF RISK SCENARIOS ^ In developing risk scenarios, the most obvious hazards and the most realistic events that could lead to adverse consequences should be the initial focus. Scenarios should be kept simple, concise and understandable. The risk scenarios should embody a hazard or hazards which have the potential to generate adverse consequences. They should include the condition that exposed something of value to the hazard and its consequences. If possible, a single phrase or sentence should be used to briefly describe the key circumstances or situation, etc., that could cause concern, doubt, anxiety, or uncertainty. This is followed by a single phrase or sentence describing the key, possibly negative outcome(s). In order to capture the statement of risk and identify the condition, the questions "what if?", or "given that a situation exists" can be used. Then the question "so what?" is used to identify the consequences.
Risk scenarios may be identified using a variety of means including:
Once the pathway from a hazard to an adverse consequence is developed as a risk scenario, the data required to support the frequency or severity estimations can be identified. After this is completed, the set of risk scenarios and their adverse consequences provides an accounting type of framework for the remainder of the risk assessment module as you progress through the PRMM; summed together, these items define the total risk.
2.1.3 SEVERITY OF ADVERSE CONSEQUENCES ^ This step in the process is intended to assist in determining the severity of the adverse consequences. This involves estimating the potential impact of the adverse consequence on people, property, the environment and, often, commercial operations. Generally, the four types of hazards listed in 2.1.1, can generate several different types of adverse consequences:
Construction of the diagram can start as the scenario is being developed. Then, as more data is collected, it can serve as a guide as to what areas may need to be developed further. Conversely, looking into these areas can reveal the need for more data. Since the diagram will start out as a living document, one technique to begin construction of the diagram is to use "post-it notes" or "stickies", to record each event in the sequence. These can then easily be adjusted as more data becomes available and as the sequence of events is refined. 2.1.4 PROBABILITY OF ADVERSE CONSEQUENCE ^ Once a risk scenario has been developed and the potential adverse consequence(s) are identified, data will be required in order to estimate the probability of the adverse consequence happening. Often, some scenarios will be based on the experience and background of the experts as "hunches". Although these may not be substantiated with empirical data, they are still relevant risk scenarios that can contribute to the overall evaluation of risk. These can involve the following:
For those scenarios that are based on historical events, empirical data from a review of databases (accident data, insurance data, and company operational data) can provide the basis for estimating probability. Frequently, these databases can also be used to estimate the severity of the adverse consequences, particularly where no loss of life has occurred. For example, useful external data can be obtained by using tools such as the "Risk-based Design Method for Aids to Navigation in the St. Lawrence River" available from the Transportation Development Center (see bibliography). Frequency estimation relies heavily on data. Data collection is not a single stage or phase; it is required to support decision-making throughout the PRMM process. 2.1.5 EVENTS DIAGRAM ^ Displaying scenario events and factors in a systematic and orderly diagram is a useful technique. Such diagrams depict, in a logical sequence, the events and conditions of the scenario. They should be used to help track and control the development of more complex scenarios. Constructing a diagram facilitates the documentation of the scenario events and can assist in identifying hazards and underlying conditions leading to the development of the adverse conditions. The diagram can:
Additionally, the diagram can assist in formatting and writing the concluding documents and decision by assisting in the logical structuring of the scenario. The diagram should contain only the level of detail required to adequately describe the sequence of events, the hazard, and the adverse consequences. Decisions about what to include in the diagram should be made on an event-by-event basis. The purpose of the diagram is to identify the hazards and how they will lead to adverse consequences. Construction of the diagram can start as the scenario is being developed. Then, as more data is collected, it can serve as a guide as to what areas may need to be developed further. Conversely, looking into these areas can reveal the need for more data. Since the diagram will start out as a living document, one technique to begin construction of the diagram is to use "post-it notes" or "stickies", to record each event in the sequence. These can then easily be adjusted as more data becomes available and as the sequence of events is refined.
2.2 RISK ESTIMATION ^ Once the data are collected for each scenario, an estimation of probability and severity associated with each adverse consequence can be performed and a level of risk can be assigned to help determine what the next steps should be. Purpose: To assign a level of risk to each adverse consequence. This component requires:
Deliverables:
2.2.1 PROBABILITY AND SEVERITY OF ADVERSE CONSEQUENCES ^ Using the available data from each selected risk scenario, an evaluation and estimation of probability and severity must be performed, supported by judgments and any empirical data on the potential adverse consequences. Tables like those shown below are used to select the appropriate category for both probability and severity to complete a risk matrix. Examples for definitions of probabilities of adverse consequences over time:
Examples for definitions of severity of adverse consequences:
2.2.2 RISK MATRIX ^ By inserting the probability and severity estimated above into a risk matrix, a risk level can be derived for each adverse consequence identified in the risk scenarios, and the next steps can be determined. The rating derived from the matrix may also be used to prioritize the scenarios according to risk level.
The appropriate next steps will depend on the risk level assigned to each adverse consequence. For example:
In this step, the risk level associated with the projected adverse consequences will be addressed by first evaluating the current level of protection provided by the defences already in place, if any. This is followed by an evaluation of the risk based on the stakeholder’s NICs in relation to the level of risk. Purpose : To evaluate current defences and their ability to reduce the risk to an acceptable level. This component requires:
Deliverables:
2.3.1 IDENTIFICATION OF DEFENCES ^ In this step, actual defences are identified in each scenario. Defences are barriers/guards that isolate and protect things of value from hazards. Defences can be divided into two categories, physical and administrative, as illustrated below:
Defences limit or eliminate the likelihood that the identified hazard. Defences can be placed:
2.3.2 DEFENCE EFFECTIVENESS ^ Once the defences have been identified, the level of effectiveness expected from each defence must be determined. Evaluating the adequacy of the current defences is done by answering the question, "What percentage of effectiveness does it provide if:"
Where the defences do not meet the targeted requirements, the scenario will be carried through to the next step in the PRMM.
2.3.3 ACCEPTABILITY TO STAKEHOLDERS ^ In most instances, those who are familiar with a given activity or business tend to view risks associated with their activity or business differently from those who are not. In particular, experts emphasize technical factors such as the probability or severity of an adverse consequence (i.e., risk level), but many stakeholders, including the public, might emphasize factors such as:
Prior to making any final judgment on the acceptability of the level of risk, the costs and benefits of the activity must be compared to the stakeholder NICs. Both the obvious or hard benefits and costs of the activity along with the less obvious soft benefits and costs must be considered. For example, the assurance people derive from knowing that a pilot is on board a vessel makes them less fearful of the risks associated with docking a large vessel. The reduced anxiety should be considered as a relevant benefit.
2.3.4 DECIDE IF FURTHER ACTION REQUIRED ^ At this point, sufficient information should be available to determine that:
2.4 RISK CONTROL STRATEGIES ^ If the decision is that the level of risk is unacceptable, then risk control strategies must be developed to reduce the risk to an acceptable level, and these options must then be weighed against the stakeholder NICs. Purpose: To identify the best risk control option.This component requires:
Deliverables:
Also, the list of stakeholders should be reviewed in light of the selected option as this may have an impact on the implementation schedule. For example, if one of the options selected to assist pilots while navigating a large vessel in confined waters is the use of an additional tug boat, this may put too much strain on the current fleet of tug boats and additional boats may be needed. Obviously, this could result in an implementation delay and temporary solutions such as making arrangements with a neighboring port to assist in carrying the increased workload may be needed. This could increase the number of stakeholders on your list. At this point, the control options must be assessed against the project objectives in order to ensure that the chosen risk control options fall within the scope of the project. 2.4.1 IDENTIFY FEASIBLE OPTIONS ^ Identifying the available and feasible options to reduce the risks associated with an adverse consequence is sometimes easier by following the Risk Control Options worksheet. As in the risk evaluation step, defences are divided into two categories: physical and administrative. Using the worksheet to pose questions will reveal risk reduction or mitigation options under the two types of defences. For example, from an administrative perspective, while reviewing the operational readiness of the Masters of a vessel, the level of training and experience may need to be increased so that the Masters are better able to respond appropriately in certain situations. From a physical perspective, a requirement that certain sized vessels be equipped with bow thrusters may need to be considered at certain ports with limited room for maneuvering. Feasible risk control options should reduce either the probability of exposure to risk or the severity of the adverse consequence, or both. For example, fenders reduce the amount of ship and dock damage when the two collide, thereby reducing the consequences without reducing the probability. However, building a sea-wall may reduce the number of ship-to-dock collisions, thereby reducing the probability.
2.4.2 ASSESS IMPACT ON PROBABILITY AND SEVERITY ^ Using data collected from the risk estimation, another probability and consequence analysis must be performed, only this time, the identified risk control options must be factored in. Obviously, until an option has been implemented and actual results observed, its effect can only be estimated. However, with the involvement of knowledgeable experts, a reasonable estimate of the residual risk level can be established. Any residual risk must be evaluated by returning to the risk evaluation step to determine whether or not it will be acceptable. If unacceptable, from the perspective of not adequately reducing the risk level, another option must be selected or found, or additional risk control measures devised. 2.4.3 ASSESS THE IMPACT ON IDENTIFIED NICs ^ At this point, the control options must be assessed against the identified stakeholder NICs. Even though one of the options may result in the lowest cost, it may be unacceptable to one or more stakeholders for other reasons. For example, discontinuing pilotage services too early for the winter might cause a steel plant in Hamilton to deplete its stockpile of raw materials, whereas remaining open for one more week may allow the plant to remain open through the winter. Once the risk estimation and risk evaluation steps have been weighed against the stakeholder NICs and revised accordingly, the best option can be selected. It is necessary during this step to consult with the stakeholders and keep them informed of any residual risk so that their concerns can be addressed. Often, this is best done by providing as much information as possible. For example, include information on projected costs and benefits and on any new consequence that could impact on the level of stakeholder acceptance.
2.4.4 SELECT BEST OPTION ^ Once all steps have been completed and the residual risk evaluated at an acceptable level, the best option is selected. If, however, the residual risk cannot be reduced to an acceptable level, the activity may need to be modified or discontinued altogether. |
![]() |
![]() |
|||||||
|
Transport Canada |
Pacific Region |
Prairie & Northern Region |
Ontario Region |
Quebec Region |
Atlantic Region |
About us |
Our offices |
Organization and senior management |
Departmental publications |
Programs and services |
Acts |
Regulations |
[More...] |
Media room |
Advisories |
Contacts |
e-news |
News releases |
Photo gallery | Reference centre |
Speeches |
[More...] |
Emergencies |
Emergencies and crises |
Emergency preparedness |
Security |
Transport of dangerous goods |
[More...] |
Air |
Our offices |
Passengers |
Pilots |
Flight instructors |
Maintenance technicians |
Commercial airlines |
Security |
Transport of dangerous goods |
[More...] |
Marine |
Our offices |
Small commercial vessels |
Large commercial vessels |
Pleasure craft |
Marine security |
Marine infrastructure |
Transport of dangerous goods |
[More...] |
Rail |
Our offices |
Safety at railway crossings |
Rail infrastructure |
Transport of dangerous goods |
[More...] |