Show Menu

Identifying & Analyzing Costly Risks Cheat Sheet by




Risk Analysis - Involves examining identified risks; Deciding on risk treatment options; and Evaluating the effect­iveness of existing risk control measures.
Quan­tit­ative Analysis - Uses numerical data and calcul­ations.
Assigns values to conseq­uences & their probab­ilities to calculate a numeric indication of the level of risk.
Qual­itative Analysis - Measures risk based on the signif­icance of its conseq­uences.
Subjective and uses ratings such as high, medium, low.
Should include a clear explan­ation of the bases for each rating.
Trad­itional Accident Analysis - Help risk mgrs identify the causes of accidents and choose the best risk control techni­ques.
Basic causes of most accidents incl. Poor Manage­ment, Safety Policy, and Personal or Enviro­nment factors.

Risk Assessment Methods

Qualit­ative Risk Analysis


Used to model the probab­ility of different outcomes in a process that cannot easily be predicted due to the interv­ention of random variables; It is a technique used to understand the impact of risk and uncert­ainty in prediction & foreca­sting models.
A comput­erized statis­tical model that simulates the effects of various types of uncert­ainty.
Model focuses on specific variables in a project, such as revenues, interest rates, gross margins, and costs
Results are compiled into probab­ility distri­butions repres­enting possible outcomes

RISK IDENTI­FIC­ATION: Team Approa­ches:

Faci­litated Worksh­ops: Group discus­sions facili­tated by risk mgmt profes­sionals who meet with the firm's leaders, key employees, and other stakeh­olders.
Facilitator encourages brains­torming and follow up discussions.
A neutral party admini­sters a risk workshop & propels group to achieve its goal.
Delphi Techni­que: Group of experts make indepe­ndent projec­tions through anonymous questi­onn­aires that should move towards consensus - group members do not meet face-t­o-face.
adv (+): cheaper, anonymous responses avoid group bias and encourage honest answers
disadv (-): experts' opinion are limited to their own thinking and may not produce forward thinking.
Scenario Analys­is: Identifies risks & predicts the potential conseq­uences of those specific risks.
adv (+): identifies a range of potential conseq­uences and helps risks mangers prioritize risk
disadv (-): analysis could miss key risks, results are limited by members' imagin­ations
HAZOP (Hazard & Operab­ility Study): Compre­hensive review of a system or process.
Team of experts and stakeh­olders meets in a facili­tated workshop to identify the risks associated with a process and to recommend possible solutions.
Ideal for when all risks need to be elimin­ated
SWOT Analys­is: Assesses the firm's internal strengths & weaknesses and the firm's external opport­unities & threats.
Team approach used for analyzing specific new projec­ts/­pro­ducts; Should conclude with a go or no go recomm­end­ation.


Change Analysis - Projects the effects of a proposed change or combin­ation of changes on the safety and reliab­ility of an existing system.
Appropriate for EXISTING systems, not proposed systems.
ex) Before changing a trucking fleet from gas to diesel engines, project new safety hazards for drivers, mechanics, service suppliers, and general public.
Job Safety Analysis (JSA) - Dissects a repetitive task into steps & identifies potential hazards for each step, focusing on human error.
Appropriate for repetitive human tasks performed in a stable enviro­nment or where a person must act safely to avoid accidents, not approp­riate for to entirely mechanical tasks.
Sequence of Events (Domino Theory) - Holds that accidents result from human failings.
Domino Accident: Chain of Events
1. Ancestry & Social enviro­nment - Person's genetic background &/or enviro­nment cause undesi­rable character traits (reckl­ess­ness, stubbo­rnn­ess).
2. Fault of Person - Person's undesi­rable character traits cause him to commit unsafe acts or to create physical or mechanical hazards.
3. Unsafe act or physic­al/­mec­hanical hazard - The unsafe act (horse­play, ignoring safety requir­ements) or hazard (open flames near flammable substa­nces, lack of proper lighting) causes an accident.
4. Accident - The accidental event (falling persons, uncont­rolled fire) causes injury.
5. Injury - The undesi­rable final event (fract­ures, lacera­tions, burns).
Tech­nique & Operations Review approach (TOR) - An approach to accident causation that views the cause of accidents to be a result of mgmt's shortc­omings.
Holds that accidents result from management failures.
TOR approa­ch: (7) categories of Management faults:
1. Inadequate coaching;
2. Failure to take respon­sib­ility;
3. Unclear authority;
4. Inadequate superv­ision;
5. Workplace disorder;
6. Inadequate planni­ng/­org­ani­zation;
7. Personal defici­encies.
Energy Transfer Theory - An approach to accident causation that views accidents as energy that is released and that affects objects, including living things, in amounts or at rates that the objects cannot tolerate.


Risk Control: A conscious act or decision not to act that reduces the frequency and/or severity of losses or makes losses more predic­table.
(5) Basic Princi­ples:
- Accidents & unsafe acts/c­ond­itions reveal management system failures;
- Certain contro­llable circum­stances produce severe injuries;
- Mgmt should manage safety like any other function, by setting and achieving goals;
- Mgmt procedures for accoun­tab­ility produce effective line safety;
- Safety's function is to locate and define accident causing operat­ional errors by tracing accidents to their root causes & contro­lling them.


Pre-Loss Goals: Aims to reduce the amount or extent of damages or injuries incurred in a single event. Applied before a loss occurs.
- Economy of Operations
- Tolerable Uncert­ainty
- Legality
- Social Respon­sib­ility
Post­-Loss Goals: Focuses on emergency proced­ures, salvage ops, rehabi­lit­ation, public relations, and legal defenses. Applied after a loss occurs.
- Survival
- Continuity of Operations
- Profit­ability
- Earnings Stability
- Social Respon­sib­ility
- Growth
Tech­niques used to support these goals:
- Ensure Business Continuity
- Implement Effective & Efficient risk control measures
- Comply with Legal Requir­ements
- Promote Life Safety

Root Cause Analysis (RCA)

Root Cause: Basic Charac­ter­ist­ics: Specify; Identify; Control; and Recommend.
1. Spec­ify - Root cause is expressed as a specific underlying cause, not as a genera­liz­ation.
ex) operator removed safety guard, NOT operator error.
2. Iden­tify - Root cause can be reasonably identified by unders­tanding the reason why it happened.
3. Cont­rol - Root cause must be expressed as something that can be modified.
ex) Failure to maintain a backup generator, NOT lightning that caused power failure.
4. Reco­mmend - Root cause must produce at least 1 effective recomm­end­ation for preventing future reoccu­rrence of the event.
(RCA) Weaknesses (-):
- Only looks backwards (doesn't consider future causal factors)
- Can fail to identify all root causes
- Can only be done or reviewed period­ically (not contin­uous)
Root Cause Analysis (RCA) - Used in proactive management to identify predom­inant cause of loss.
Uses a step by step evaluation to identify the underlying cause of an unwanted outcome.
A 'factor' is considered the root cause of a problem if removing it prevents the problem from recurr­ing.
A 'causal factor', conver­sely, is one that affects an event's outcome, but is not the root cause.
*Typically used after an event has occurred, but it can be used to predict events and to solve problems proact­ively, rather than only retroa­cti­vely.
Root Cause Analysis Process - (4) steps:
1. Collect Data - Risk Mgr must obtain complete info about the circum­sta­nces, the facts, and causes of the event.
2. Chart Casual Factors - The agent that directly results in one event causing another event.
3. Identify root cause/­cau­ses - Once all the casual factors are identi­fied, the risk Mgr uses mapping or flow charting to determine the underlying reasons for each casual factor.
4. Impl­ement recomm­end­ati­ons - Risk Mgr identifies & implements achievable recomm­end­ations for preventing recurrence of the event.
Final product is a root cause summary table that incl. recomm­end­ations for each root cause identified for each casual factor.
Root Cause Analysis: (5) Approa­ches:
1. Safe­ty-­based RCA: Arose from accident analysis & occupa­tional safety and health.
2. Prod­uct­ion­-based RCA: Arose from quality control procedures for industrial manufa­ctu­ring.
3. Proc­ess­-based RCA: Similar to production based RCA, but also includes business processes.
4. Fail­ure­-based RCA: Arose from failure analysis and is used mainly in engine­ering and mainte­nace.
5. Syst­ems­-based RCA: Combines the other 4 approaches w/ concepts from change mgmt, risk mgmt, and systems analysis concepts.

LOSS CAUSE: Physical, Human, and Organi­zat­ional

Physical Cause - The failure of a tangible or material item, such as a defective part.
Human Cause - Occurs when human error or inaction is the root cause of an accident, such as operator error or improper mainte­nance.
Orga­niz­ational Cause - Results from faulty systems, processes, or policies.


Energy Transfer Control: approach to accident causation that views accidents as energy that is released and that affects objects, including living things, in amounts or at rates that objects cannot tolerate.
Tech­nique of Operations Review (TOR): approach to accident causation that views cause of accidents to be a result of manage­ment’s short-­comings
Change Analys­is: analysis that projects the effects of a given system change is likely to have on an existing system
Job Safety Analysis (JSA): analysis that dissects a repetitive task, whether performed by a person or a machine, to determine the potential hazards if each action is not performed
Monte Carlo Simula­tion: model that stimulates the effects of various types of uncert­ainty may have on a process. Another approach to solving complex problems and predicting outcomes.
Delphi Techni­que: decisi­on-­making technique in which group members do not meet face to face but respond in writing to questions posed by the group leader
Scenario Analys­is: identifies risks and predicts the potential conseq­uences of those specific risks
Causal Factors: agents that directly result in 1 event causing another
Faci­litated Worksh­ops: a risk workshop admini­stered by a neutral party and propels group to achieve its goals
HAZOP (Hazards and Operab­ility Study): team of subject matter experts and stakeh­olders identifies the risks associated with a given process and recommends a solution (ideal for when all risks need to be elimin­ated)

Support Cheatography!



No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Breaking Down Risk Modeling Cheat Sheet
          Risk Management Foundation Cheat Sheet

          More Cheat Sheets by djjang2

          Breaking Down Risk Modeling Cheat Sheet
          Financial Risk Cheat Sheet
          Risk Management Foundation Cheat Sheet