March 29, 2019

How our Current Safety Thinking Approach is Creating a False Sense of Security

‘As Low As Reasonably Practicable’ (ALARP) and how it’s practiced in industry has led to a false sense of security that our organisations have reduced their risk profiles to residual risk, however, time and time again we see serious incidents, even in companies with mature safety management systems.
In light of headlines such as: Train Derailment Report 25 March 2019 and having read, ‘Implementation of risk management in manufacturing industry – An empirical investigation’ by Dr Md. Ariful Islam and Dr Des Tedford, we shouldn’t rely on traditional safety thinking about the nature of risk. After reviewing numerous case studies, Islam and Tedford found:
“The residual risk assessment of the plant in the first place did not provide a real safeguard. The learning point from the incident is that residual risk management alone cannot be effective for controlling risks of a complex industrial plant; it needs to be incorporated with entropic risk management. An organization needs to engage its efforts constantly in monitoring its system’s performance to reduce entropic risks.”
ALARP in current practice is therefore an over-simplification of risk given there are two types of risk being residual risk and entropic risk. The latter is caused by the degradation of the system factors the organisation uses to deliver its core business (processes, technology, physical environment and human resources).
Over-simplification also occurs because during safety risk reviews, when the hierarchy of controls has been applied, it’s assumed that further risk reduction occurs from the additional ‘safety layers’ of procedural controls and personal protective equipment (PPE). When we look particularly at major incidents, it’s evident that procedural controls are not reliable. Organisations are therefore deluded by a deficient concept. The shortfall is that ALARP is based on:
ALARP = Assumed Linearity and Reliable Processes
The way we currently think of ALARP is founded on the ideas that risk reduction is a straight line, that incidents are caused simply by a ‘Domino Effect’ and that procedural controls are reliable. From a legal perspective, ALARP is based on organisational decision-making and these decisions by managers and supervisors about risk mitigation need to be defendable against ‘General Duty of Care of the Employer/PCBU’ provisions. Only prescriptive clauses of legislation are clearly mandated.
Instead of deriving assurance from further procedures under the banner ‘Safety First’, businesses need to avoid bogging down in low-level controls and go back to revisit the ‘Raw Risk’ resulting from energies and the control of unwanted releases that affect safety, quality and production. For as long as we continue to apply a simplistic logic to risk management, major incidents will continue to occur.
The current ‘safety thinking’ approach to risk reduction relies too heavily on the false belief that additional controls in the form of procedures and PPE will lower residual risk further.
To illustrate this point, I’ve developed the figure below: The ALARP Assumption. It shows that ‘Actual Risk Reduction’ (downward red arrow) can be achieved by Elimination, Substitution and Engineering Controls. However, this is dependent on Verification of Reliability ie through testing and monitoring. Scheduled verifications provide assurance of ‘Actual ALARP’. The Entropy Model explained that residual risk:
  1. Must be managed by maintaining vigilance/ alertness (and avoiding complacency) at the organisational and individual levels; and
  2. Can be reduced through technological improvements and capital investment over time

Below the ‘Actual ALARP’ dashed line, residual risk is not materially changed as a result of procedural and PPE controls. It may be managed better subject to the procedures being current, correct and consistently applied, but the residual risk is not lowered. This is shown in the figure by the risk as a dotted red line that is variable and not necessarily downward below the ‘Actual ALARP’.

The final level shown in green, is the ‘Assumed ALARP’ which incorporates procedural and PPE controls. This is what organisations currently rely on. Importantly, risk mitigations above the ‘Actual ALARP’ line are based on objective analysis, whereas, below the line are subjective controls reliant on interpretation of how the work should be done.

The variability of the risk below ‘Actual ALARP’ illustrates that reliance on procedural controls and PPE compliance is flawed. The Entropy Model showed this as ‘Entropic Risk’ – the risk resulting from degradation of systems. These low-level controls are highly susceptible to degradation and therefore rising entropic risk because of reliance on subjective decision-making and behaviours. The Entropy Model explains that entropic risk is prevented in all system factors (processes, technology, physical work environment, human resources) by:
  1. Taking corrective action whenever areas of degradation are identified (to mitigate entropic risk short-term)
  2. Implementing proactive maintenance practices to prevent future degradation (to mitigate entropic risk on an ongoing basis)

The definition of ALARP within legislation is unlikely to change but how we apply it practically and how we understand the nature of risk can change. In fact, it needs to change to prevent major incidents.

The solution is to:
  • Shift away from reliance on traditional safety thinking
  • To work within multidisciplinary teams focused on managing risk to prevent losses from incidents
  • To manage risk to ensure continuity of production, quality outcomes and protection of people, environment, community and assets, concurrently.

Start with the mindset change from Safety-based Thinking to Risk-based Thinking.
Tania is an international author specializing in managing risk to improve productivity, quality work and HSE performance. She has extensive experience in Australia and overseas across diverse industries.

For more information about ALIGN Risk Management’s ½ Day Effective Risk Management Program and 1-2 Day Leadership Programs, contact Tania at

About Tania and ALIGN Risk Management

Tania Van der Stap is the Founder and Principal Director of ALIGN Strategic Management Services Pty Ltd established in 2002, after having Productive Safety Management published internationally by Butterworth-Heinemann. The publication presents a strategic, multi-disciplinary management system for hazardous industries that ties safety and production together.
From 2002 to 2012, Tania provided HSE consulting services to Chevron’s Gorgon Project, Monadelphous, Baker Hughes, Fortescue Metals Group and Worley Parsons. Thereafter for 5 years, Tania took a HSE Manager’s role with AngloGold Ashanti Australia where she made significant improvements taking the department from ‘vulnerable’ to ‘proactive’ on the HSE journey.
In late 2016, her company was rebadged to ALIGN Risk Management specialising in HSE Consulting and Risk Leadership Programs for managers, supervisors, HSE professionals and workers. Her chapter on ‘Risk Leadership – A Multi-Disciplinary Approach’ has been accepted by the American Society of Safety Professionals and will be published in Safety Leadership and Professional Development ahead of the ASSP’s 2018 Safety Conference.

In addition to Productive Safety Management being a substantial, refereed publication, Tania’s credentials include academic qualifications in Commerce and also Public Health and Safety.

Van der Stap, T 2018. ‘Risk Leadership – A Multidisciplinary Approach’ in Safety Leadership and Professional Development. American Society of Safety Professionals. USA.
Ariful Islam, Dr Md. And Tedford, Dr Des, 2012, Implementation of risk management in manufacturing industry – An empirical investigation, International Journal of Research in Management and Technology Vol 2, No 3 June.
Mol, T. 2003. Productive Safety Management. Butterworth Heinemann. Oxford. (Note: Tania Van der Stap is the author of this publication)

© 2019 Align Strategic Management Services Pty Ltd. All Rights Reserved.

Want to know more? Then don’t hesitate to get in touch with us >

INX Software

Be informed of the latest industry news, key updates and our product and version releases, by following us on LinkedInFacebook, and Twitter. You can also get them delivered straight to your mailbox here.