Critical Control Management – A Comprehensive Guide Backed by Resources from Leading Experts

Critical Control Management (CCM) is an internationally recognised framework for organisations to improve the management of material unwanted events (MUE).

In this article, we explore the what, why, and how with leading experts.  Each section links to a webinar/podcast for further learning.  

Contributors include:

• Josh Bryant, Mitchell Services General Manager, People and Risk
• Mark Wright, Managing Director of FEFO Consulting and the Health & Safety Index
• Adam Jackson, Head of HSSE, PDS Australia, JLL
• Caitlin Stuhlener, Asia Pacific ESH Senior Manager, Lockheed Martin
• Rebecca Crompton, General Manager Safety, BSA Ltd
• Wade Needham, General Manager – EHS, Natural Resources Australasia
• Kelvin Genn MD and Mark McLaren, Art of Work
• Mark Alston (Director, Investigations Differently)
• Adrian Manessis, Business Development, myosh

Implementing a Critical Control Management Strategy – The ICMM Approach

All organisations face safety risks to varying degrees.  A considerable amount of resources are spent on risk management processes designed to identify, analyse, and control workplace safety hazards. So how well do organisations control critical risks?

Critical risks are defined as events that can cause grave damage to a business operation, or result in worker fatality or permanent disability. In situations where a critical control fails, a worker may be killed.

These ‘low probability, extreme consequence’ events can get overlooked within risk management processes because they seem improbable, or difficult to mitigate.

Critical control management is an integral part of risk management that focuses on identifying and managing the controls that are critical to preventing these catastrophic or fatal events.

Watch the discussion between Josh Bryant and Adrian Manessis at IMARC 2022 to learn how Mitchell Services has implemented a Critical Control Framework that allows them to verify thousands of critical controls every month. Adrian Manessis and Josh touch on how this framework has improved culture, compliance, LTIs, and overall safety on all sites.

The interview took place as part of the Data, AI & Machine Learning Session.

Mitchell Services General Manager (People and Risk) Josh Bryant said “the process should involve having a good hard look at yourself as well as engaging with frontline workers throughout.”

Mitchell Services is a leading provider of drilling services to the global exploration, mining and energy industries – their work teams consistently operate within a wide range of high-risk environments.

Bryant said one of the guides they found invaluable was the International Council on Mining and Metals (ICMM) Critical Control Management Implementation Guide – a practical method of improving managerial control over rare but potentially catastrophic events by focusing on the critical controls.

“We put some thought into exactly what are the things that could go wrong on one of our rigs that could cause a fatal event or serious injury. The ICMM guide was a good start to learn about critical risks and controls and how they apply to our site.”

Whilst the guide was written with the mining industry in mind – its processes can be successfully adopted by businesses in any industry with catastrophic risk.

The ICMM approach is based on:

• Having clarity on those controls that really matter: critical controls.
• Defining the performance required of the critical controls – what the critical control has to do to prevent the event from occurring.
• Deciding what needs to be checked or verified to ensure the critical control is working as intended.
• Assigning accountability for implementing the critical control – who has to make it work?
• Reporting on the performance of the critical controls.

What are the benefits of implementing the critical control management approach?

The CCM approach is designed to reduce the risk of a Material Unwanted Event (MUE). This is because the CCM approach:

Focuses on a smaller and more manageable number of risk controls – the critical controls.

• Uses bowtie diagrams to gain a better understanding of the causes, controls and consequences relating to an MUE.
• Documents the critical controls in a simple format, making explicit, the performance required of them, how they are to be checked, and who is responsible for them.
• Provides a way of measuring the “health” or performance of critical controls – knowing the health of controls provides a mechanism to allow more effective governance over this category of material business risks.
• Gives a clear understanding of the controls needed to manage MUEs across all levels of the organisation.

In the webinar, Josh Bryant discusses how Mitchell Services verifies thousands of critical controls every month. Adrian Manessis from myosh then demonstrates how Smart Inspection technology works to verify and report on control effectiveness:  View the original webinar case study here.

The Digital Bowtie and Critical Control Management Framework

The myosh Critical Control Management (CCM) and integrated HSEQ platform, reduces the likelihood of incidents by automating the CCM process.

Back-end records are created automatically as Bowtie elements are added. Elements are interactive. Click to open the back-end record for each cause, control, and consequence.  View effectiveness, accountability, related causes, controls and risks, history, and performance.

• Frequent processes such as inspections and incident reports automatically create verification records and update control status.
• The Bowtie updates in real-time when controls are compromised.
• Push and email notifications are triggered when control issues are identified.
• The Interactive Dashboard displays all verifications. Organisations typically record thousands of verifications over time, ensuring compliance, transparency, and feedback for management.  
• The system allows for unlimited workflow opportunities, for example, automatic action generation and non-conformance status amendments.

Visit the Bowtie feature page here.

Click here to view the complete webinar

Critical Control Management: Material Unwanted Events (MUE): How to Identify and Map What’s Important

Presented by Mark Wright & Terry Swanton (Directors, FEFO Consulting)

This webinar provides a Critical Control Management (CCM) introduction and Material Unwanted Events (MUE) with high potential consequences. A practical case study will also be provided on mapping major hazards.

Critical Risk Management vs Critical Control Management?

• International Council of Mining and Metals (ICCM) guidance on CCM and leading practices
• Risk context and mapping Material Unwanted Events (MUE)

Click here to view webinar and podcast

Critical Control Management: How to identify the critical few

Presented by Mark Wright & Adam Jackson (Head of HSSE, PDS Australia, JLL)

This webinar will outline different types of risk analysis options when evaluating Material Unwanted Events (MUE) and methods to identify critical controls. A practical case study will also be provided outlining how to identify critical controls pitfalls.

Key takeaways:

• MUE risk analysis vs. standard Safe Work Method Statement (SWMS)
• Bowtie and different risk analysis options
• Different critical control types and pitfalls

Click here to view webinar and podcast

Critical Control Management: Critical Performance Standards: How to set clear expectations and build capability

Presented by Mark Wright (Director, FEFO Consulting) with Caitlin Stuhlener (Asia Pacific ESH Senior Manager, Lockheed Martin)

What does success look like?

This webinar will outline options for setting critical control performance standards. A practical case study will also be provided on setting expectations for assurance activity and attributes of effective critical controls.

Click here to view webinar and podcast

Critical Control Management: Material Unwanted Events (MUE): Are your controls effective?

Presented by Mark Wright & Rebecca Crompton (General Manager Safety, BSA Ltd)

Can you sleep at night, knowing your critical controls are effective?

This webinar will outline different types of critical control assurance activity. A practical case study will also be shown on how to provide stakeholders with comfort that critical controls are effective.

Key takeaways:

• Verifying critical control effectiveness
• Unintended consequences
• Solution focused approach to CCM

Click here to view webinar and podcast

Critical Control Management: Material Unwanted Events (MUE): Evaluating effectiveness to add value

Presented by Mark Wright & Wade Needham (General Manager – EHS, Natural Resources Australasia)

Are you celebrating success?

This webinar will outline how to simply report critical controls, data visualisation options and storytelling. A practical case study will also be provided on CCM performance reporting.

Key takeaways:

• Quality vs Quantity metrics
• CCM as part of broader Environment, Social and Governance (ESG) reporting
• Commercial acumen and CCM continual improvement

Click here to view webinar and podcast

Further Learning

The Story of the Lopsided Critical Risk Bowtie

Presented by Mark McLaren (Art of Work)

An enormous amount of time and energy is rightfully invested in understanding what causes and subsequently prevents a life-changing injury or a fatality from happening in the workplace.

This genuine pursuit can inadvertently contribute to some unintended outcomes. The bid to stop the unwanted event can lull an organisation into a false sense of confidence. It is easy to become imbued with misplaced confidence that the designed and assessed preventive Critical Controls will reduce the likelihood of something going wrong to almost zero.

This overconfidence effect is a well-established bias. It occurs when a person’s subjective confidence in their judgements is greater than the objective accuracy of their judgements. This overconfidence bias can lead to a misjudgment of the likelihood or probability of something happening. In this case, the belief becomes one of, “now everything has been thought of and put in place it cannot happen.” The initial reaction to such a bold statement is that we don’t believe this to be true; we know it can still happen, albeit it is extremely unlikely to happen.

Well here is a simple test. Q1. How many mitigating controls sit on the right-hand side of your organisation’s Bowties, and Q2. If the loss of control event occurred would those controls prevent a serious injury or fatality?

So maybe a way of righting the lopsided Bowtie is not to jettison the controls on the left but to ask a different type of question. If the loss of control event happens and the damaging energy is released, such as mechanical, electrical, or gravitational, how will the damaging energy be contained, distanced or deflected so it does not cause a serious injury or fatality? In this webinar, the question of how to design better mitigating Critical Controls is explored further.

Click here to view the webinar and podcast

Critical Controls – Safety Differently

Presented by Kelvin Genn (MD, Art of Work)

In this webinar, Kelvin explores human-centered design and the principles of safety differently to build and sustain operational effective critical controls.

Click here to view the webinar and podcast

Critical Risk Management (CCM): A Practical Guide

Presented by Mark Alston (Director, Investigations Differently)

Traditionally high-level risk management has focused on enterprise risk; recently many organisations are now focusing on high-consequence, low-frequency safety events, otherwise known as critical risk management. Implementing critical risk management can seem a daunting proposition.

During this webinar, Mark Alston, from Investigations Differently will take you through a structured approach that organisations, albeit with a bit of hard work can implement easily. It will cover:

• Establishing a framework
• Identifying critical risks
• Facilitating workshops
• Critical control selection
• Critical control design
• Monitoring critical risks

Click here to view the webinar and podcast

‍