A key distinction between a control and a critical control, generally, critical controls will mention material unwanted events or primary unwanted events (PUE). A key distinction between a control and a critical control, generally, critical controls will mention material unwanted events or primary unwanted events (PUE).
Article originally published by Christian Young, Impress Solutions.
So what is a critical control? “How is it different from other types of controls” is a question I get asked frequently.
There are two aspects to a Critical Control:
Firstly it must meet the definitions and requirements of a control: an act, object (engineered), or technological system intended to arrest or mitigate an unwanted event.
Secondly, it must meet 3 different criticality requirements.
The first requirement is if it is critical to the prevention of a material unwanted event (MUE) or minimising its consequences.
The second is its absence or failure would significantly increase the risk despite the existence of other controls.
And lastly, the control prevents one or more than one unwanted event or mitigates more than one consequence.
A key distinction between a control and a critical control, generally, critical controls will mention material unwanted events or primary unwanted events (PUE).
Let’s dive deeper into ‘Act’, ‘Object’, and ‘System’ controls.
What is an ‘Act’? An ‘Act’ is a human act, which of itself, arrests or mitigates an unwanted event. For example, the act of giving way to your right at a T intersection, slowing down in wet weather, and obeying road signage.
These acts could be defined inside procedures or work instructions, manuals or guidance notes. They can be covered in training material, or alternatively, you may have these as part of your operational experience. For example, when driving on a highway during wet weather you know to slow down to further prevent an unwanted event.
A word of caution, from a risk assessment perspective, you’re not listing the procedure, training or operational experience, you’re listing the ‘key act’.
What is an ‘Object’ control? These are engineered objects, which by themselves prevent or mitigate an unwanted event. There is no human act to function, they do what they need to do independent of a human actor.
Drilling deeper, there are both passive and active objects. A passive object control could include a roadside barrier, whereas active controls could include autonomous braking.
Lastly, let’s define a system control. A system (technological or otherwise), is essentially a combination of both an act and an object, together they make the system. For example, reversing alarm triggers driver response; lane detection warning triggers driver response; Overspeed alerts trigger driver response.
Similarly to objects, we can have both passive and active system controls. A passive system control could be a seatbelt (object) needing to be worn (act), or as an active system control the reversing sensors (object) prompting driver action (act).
Traditionally high-level risk management has focused on enterprise risk, recently many organisations are now focusing on high-consequence, low-frequency safety events, otherwise known as critical risk management. Implementing critical risk management can seem a daunting proposition.
During this webinar, Mark Alston takes you through a structured approach that organisations, albeit with a bit of hard work can implement easily. It covers: