The functions of the benchmark framework have been compared to; the steps of the CSA Risk Management Standard, the U.S. Presidential/Congressional Framework for Environmental Health Risk Management, and the Australian/New Zealand (AS/NZ) Risk Management Standard (see Table 2). Despite differences in terminology, the various frameworks all have the same basic functional elements and all adhere to the guiding principles of risk management identified in Section 1.2.1.
3.1 Comparison of Elements in the Frameworks Decision-making
The proposed benchmark framework and the existing frameworks (CSA, US
Presidential/Congressional, and Australian/New Zealand (AS/NZ)) are structured according to an iterative decision-making process where decisions are made throughout the management process and one can return to previous steps at any time. In the proposed benchmark framework and the CSA framework each step in the process is separated by a decision diamond in which three potential outcomes can result: End, Go Back, or Next Step and/or Take Action. The decision to end recognizes that the risk management decision process need not be pursued further. For example, the process could end prior to a formal risk analysis if stakeholders consider the risk to be acceptable. The decision to go back provides for the repetition of one (or more) previous steps in order to improve the accuracy and completeness of the information gathered. In the US
Presidential/Congressional Framework decisions are made in a separate Decision step following review of information gathered during risk analyses and identification of options. In the
Australian/New Zealand framework a decision to accept the risks or treat the risks is made following the risk evaluation step.
Monitoring
In all of the risk management frameworks reviewed, monitoring and evaluation are essential elements of the process. Monitoring and review activities provide important information to determine whether the risk treatments are efficient, cost effective, and reflect the strategic and operational context of the organization and whether the overall decision-making process is adequate. Monitoring is an essential and integral step in the process for managing risks in order to identify emerging risks and facilitate continuous improvement in the decision process.
19
Table 2: Comparison of Elements of Proposed Benchmark Framework with Steps of Existing Frameworks
Proposed Benchmark Framework
Functions
CSA-Q850 Step
U.S. Presidential
/Congressional Framework for Environmental Health Risk Management
Australian/New Zealand Risk Management Standard
Decision-making
throughout Four Decision Points Decision
Decision between Evaluate Risks and Treat Risks
Monitoring Action/Monitoring Evaluation Monitor and Review
Stakeholder Relations Risk Communication Engage Stakeholders Communicate and Consult
Context Initiation &
Preliminary Analysis Problem/Context Establish the Context Preliminary Analysis Preliminary Analysis Problem/Context Identify Risks Risk Analysis Preliminary Analysis &
Risk Estimation Risks Analyse Risks
Risk Treatment
Options Risk Control Options Treat Risks
Evaluate Risk and
Risk Treatments Risk Evaluation & Risk Control
Decision Evaluate Risks & Treat Risks
Implement Action/Monitoring Actions Treat Risks
Quality Control Action/Monitoring Action/Evaluation Monitor and Review
20
In the Benchmark framework monitoring to evaluate the effectiveness of the risk management process and to identify new risk issues is an ongoing activity in the organization. Similarly, in the CSA framework monitoring activities are established to assess specific control measures and the overall risk management program and to detect changing circumstances (regulatory environment, stakeholder views, and new
technology). The US framework refers to monitoring as a tool under a broader
“Evaluation” step which also includes analyses of costs and benefits and discussions with stakeholders to determine the effectiveness of risk management actions. In the AS/NZS framework, monitoring and review is ongoing to assess the effectiveness of the risk treatment plan, strategies and the management system which is set up to control implementation.
Since the Risk Management Process is a circular process, both Monitoring and Quality Control can come either at the start of the loop or at the end of the loop. Both locations are in the same place in the cycle. In the Benchmark framework, monitoring which is generally a function for the corporate and planning levels is shown at the top since it is typically an initiating function. Quality Control is shown at the bottom of the cycle since it is typically an ongoing operational function.
Stakeholder Relations
Collaboration with stakeholders and risk communication are central to each step of the risk management process in the all of the frameworks examined. All frameworks emphasis the importance of two-way dialogue with stakeholders rather than a one-way flow of information, particularly at the early stages in the decision process to gain a more complete perspective on the nature, form, severity and acceptability of the risk. The CSA and the AS/NZ frameworks emphasize the importance of documentation throughout the risk management process. Both frameworks identify documentation requirements at each step.
Context
Consideration of the “context” of a risk problem early in the risk management process is a discrete step in the Benchmark framework and the US and AS/NZ frameworks. This reflects a recognition of the complexity of risk situations compared to more narrow traditional risk management approaches which considered one chemical, one
environmental medium and one risk at a time. The US framework refers to putting the risk issue into its public health and ecological context. The AS/NZ framework expands the notion of “context” to include consideration of the organization’s goals, values and capabilities. The CSA framework considers context within the initiation step in defining the scope of the issue and in the preliminary analysis step in defining the basic
dimensions of the risk problem.
21
Preliminary Analysis (Identification)
The step to decide whether a risk problem requires further analysis is referred to as preliminary analysis (identification) in the Benchmark framework and preliminary
analysis in the CSA framework. In the U.S. and AS/NZ frameworks, preliminary analysis is carried out in the Context step – in which the scope and depth of the review of risks are defined. The AS/NZ framework calls this step identification and requires that it be done taking into account the risk management criteria established as a part of the context setting step. In all three frameworks there is an iterative process implied between the corporate decision-making level and the technical analysis level (including risk
identification) until there is sufficient information available to decision-makers for them to make a decision. In time, it is likely that there will be a clearer consensus on the concept of these functions and relationships between them.
Risk Analysis
The estimation of the frequency and consequences associated with each risk scenario is a central element in all of the frameworks (called risk analysis in the benchmark
framework and the AS/NZ framework, risk estimation in the CSA framework and analyzing risks in the US framework).
Risk Treatment Options
The identification of potential risk treatment or “control” options is an element of all of the frameworks. It is referred to as the Options step in the US framework and is the first step within the “Risk Control” step of the CSA framework and the “Treat Risks” step of the AS/NZ framework. All of the frameworks suggest that option identification can begin prior to completion of the risk analysis phase and recognize the importance of
stakeholders in identifying and analyzing options.
Evaluate Risk and Risk Treatments
The evaluation of the risk and the risk treatment options are common steps to all of the frameworks. In the CSA and AS/NZ framework the evaluation of risk is a separate step following risk estimation. Evaluation of risk treatment options is carried out as part of the Risk Control or Risk Treatment step. In the benchmark framework and US framework evaluation of risk and risk treatments options occurs as a part of the same decision step following the analysis of risk and identification of risk treatment options.
Implement Programs or Products
The planning and implementation of the selected strategy to manage the risk is common to all frameworks. In the CSA framework this step is called Action and is combined with planning of an evaluation and monitoring process. In the AS/NZ framework this step is called Treat Risks (monitoring and review are illustrated as a separate step which spans
22
the entire risk management process). The U.S. framework refers to the implementation step as Taking Action. Evaluation is a separate step that completes the process.
Quality Control
Quality Control is an operational function that tracks, supervises and manages the quality of the operations. In the other frameworks it is an implied component of the Action, Monitoring, or Review function. The other frameworks do not contain explicit
considerations of an organization’s operations as they relate to a more restrictive set of concepts.
Programs and Products to Reduce Risk
Again the proposed framework is an expanded framework to include some additional details of the operational programs and products that actually produce safety. For the other frameworks these aspects of operations are implied but are not an explicit part of the framework.