1. Methods for identifying, classifying, and treating risks in industry
This article aims to establish basic technical foundations for the structured conduct of risk management in the industrial sector. First, the concept of risk is defined from an engineering perspective, followed by the presentation of systematic methods for its identification and categorization, considering different sources—including operational failures, mechanical interruptions, external market interference, environmental variables, and unpredictable natural occurrences. Next, critical analysis, exposure quantification, and technical criteria applicable to decision-making regarding the treatment of each identified risk are addressed.
Understanding and identifying risks are essential practices that can help implement strategies to reduce or mitigate unwanted risks, as well as create contingency plans to deal with unexpected situations. Effective assessment and management of these risks help prevent accidents, minimize losses, and support business continuity.
2. What is a risk?
Originating from the Latin words"risicu"or "riscu," the concept of "risk" has multiple definitions, such as the combination of the probability of damage occurring and its severity.
Thus, risk can be defined as a matrix of factors composed of at least two main elements: the probability of occurrence and the impact or consequences of that event. Probability refers to the chance of an event occurring, while impact describes the severity of the effect if the risk materializes. This type of assessment can be performed at various levels and layers of the business environment, such as the risk of structural collapse of an asset, the risk of devaluation of the company due to adverse events, or the risk of visibility in relation to the community.
The probability of occurrence includes exposure to a hazardous situation, the occurrence of a hazardous event, and its consequence for your business, physical integrity, and production, as shown in Figure 1.
Figure 1: Concept of Risk – Adapted from PRITCHARD (2014).
Due to the similarity between the concepts, there may be confusion between the concepts of hazard and risk. To better understand and comprehend the distinction between what is a risk and what is a hazard, below are their concepts:
Hazards arise from an object, area, and/or agent. Examples include areas containing pressure vessels, tanks containing acids, transmission lines, among others.
Risks exist from the moment there is a possibility of interaction between the person and the object in danger, for example. The same areas mentioned above can be cited as examples. The risk of accidents involving people will only exist if there are workers operating in that location.
The diagram shown in Figure 2 illustrates this difference between the concepts.
Figure 2: Distinction between hazard and risk – Skiba apud ALBERTON (1996).
3. Techniques for identifying/classifying a risk
To manage risk correctly, three steps are necessary:
-
- Identify it starting from a starting point, where you must be aware of the potential hazards and likely causes that could lead to an accident, and distinguish between them;
-
- Classify the probable events identified according to their severity;
-
- Develop required actions and monitoring controls to eliminate or mitigate the risks that have been identified, as well as effective communication to all involved.
4. Risk analysis and assessment
4.1.Risk identification
Risk identification anticipates what can happen, where, and when. Therefore, the objective is to generate a comprehensive list of risk sources and events that could have a negative impact on the structure, equipment, or production process.
In addition, it assesses the how and why. Thus, after identification, it is necessary to consider possible scenarios and causes.
4.2. Risk Analysis
Risk analysis involves: detailed examination of the sources of risk; their consequences; the probability that such consequences may occur and the factors that affect them. Thus, the analysis may vary in detail according to: the risk studied; the purpose of the analysis; relevant data and resources, and may be presented in the following formats:
-
- Qualitative analysis: less complex, promotes safety against recognized risks, and increases vigilance among the parties involved. In other words, it serves as initial research, providing a basis in situations where statistical or numerical data are not available.
-
- Semi-quantitative analysis: usually obtained in qualitative analysis. It is a mixed model between qualitative and quantitative;
-
- Quantitative analysis: Historical or statistical numerical data is used, unlike qualitative analysis, which uses scales. In this case, the numbers characterize both probability and consequences.
The flowchart shown in Figure 3 clarifies the complexity of these analyses.
Figure 3: Complexity of risk analyses – BADRI et al (2012).
4.3.Risk evaluation
Risk assessment uses your understanding gained from the previous analysis to make decisions about future required actions. Its purpose is to establish the scale of a hazard and its expected frequency.
If a risk is assessed as unacceptable, actions must be taken to mitigate it, transforming it into an acceptable risk and thus contributing to safety and the respective future actions required. Figure 4 illustrates the inverted HSE triangle.
Figure 4: Health and Safety Executive (HSE) inverted triangle for risk tolerability – HSE (2001).
4.4. Techniques for identifying/classifying a risk
There are several techniques available for risk analysis that can be employed according to each case. According to LUKO (2014), some of the tools that can be used are shown in Table 1.
| Order | Tool |
| 1 | Brainstorming |
| 2 | Structured or semi-structured interviews |
| 3 | Delphi Analysis |
| 4 | Checklists |
| 5 | PHA – Preliminary hazard analysis |
| 6 | HAZOP – Hazard and operability study |
| 7 | HACCP – Hazard analysis and critical control points |
| 8 | Toxicity assessment |
| 9 | SWIFT – Structured "what-if" technique |
| 10 | Scenario analysis |
| 11 | BIA – Business impact analysis |
| 12 | RCA – Root cause analysis |
| 13 | FMEA – Failure modes and effects analysis |
| 14 | FTA – Fault tree analysis |
| 15 | ETA – Event tree analysis |
| 16 | Cause-consequence analysis |
| 17 | Cause-and-effect analysis |
| 18 | LOPA – Layers of protection analysis |
| 19 | Decision tree analysis |
| 20 | HRA – Human reliability assessment |
| 21 | Bow tie analysis |
| 22 | Reliability-centered maintenance |
| 23 | SA – Sneak analysis |
| 24 | Markov Analysis |
| 25 | Monte Carlo simulation |
| 26 | Bayesian statistics and Bayesian networks |
| 27 | FN curves |
| 28 | Risk index |
| 29 | Consequence = probability matrix |
| 30 | CBA – Cost-benefit analysis |
| 31 | MCDA – Multicriteria decision analysis |
Table 1 – List of Risk Identification Techniques from Annex B of ANSI Z690.3-2011 (2011) – LUKO (2014)
However, the most common techniques in the industry are:
- Checklist ;
- WRAC – Work Risk Assessment Control;
- FMEA – Failure modes and effects analysis;
- HEA – Human error analysis;
- HAZOP – Hazard and operability study;
- FTA – Fault tree analysis;
- ETA – Event tree analysis;
- LOPA – Layers of protection analysis.
5. Risk management
In the industrial context, risk management is a systematic approach adopted to eliminate or minimize risks by identifying potential hazards and implementing controls. An essential component of management is the risk assessment team, responsible for such checks. This management involves various engineering techniques and becomes more effective the greater the level of knowledge of your asset. For example, technical files containing asset designs, knowledge of corrective, predictive, and preventive maintenance interventions, qualified technical staff to perform routine equipment inspections, and information collection through sensors to identify possible non-conformities, among many others.
5.1. Benefits of risk management
Among the benefits of risk management, we can mention:
-
- Identification and mitigation of potential risks;
-
- Protection of assets and resources;
-
- More informed decision-making;
-
- Reduction of surprises and financial impacts;
-
- Improved legal and regulatory compliance;
-
- Increased resilience and business continuity;
-
- Enhancement of the company's reputation;
-
- Resource and cost optimization;
-
- Ease of access to capital;
-
- Improvement in organizational culture;
-
- Competitive advantage and greater capacity for innovation and growth.
6. Conclusion: why is risk management important?
In general, risk management in industry is a practice that aims to provide security, efficiency, and reliability (continuity of operations), preventing damage, minimizing losses, and protecting the company's human, material, and environmental resources.
Effective risk management is not limited to eliminating hazards; it also requires the creation of an action plan that allows for a rapid response to unexpected events.
In this context, risk analysis, whether qualitative, semi-quantitative, or quantitative, provides the necessary tools to predict, understand, and control risks appropriately, basing decisions on data.
Therefore, it is not only a regulatory or operational obligation, but a competitive advantage that contributes to the long-term sustainability and success of a company, protecting its employees, its operations, and its reputation.
Bibliographic references
[1] FERREIRA, Aender Lucio Barbosa.Methodology for risk assessment in mining equipment applied to belt conveyors. 2018. Thesis (Master's Degree in Mechanical Engineering) – School of Mechanical Engineering, Federal University of Minas Gerais, Minas Gerais, 2018.
[2] British Standards Institution (BSI). BSI Standards Publication. Risk-based inspection framework. 2018 . BS EN 16991:2018
[3] PRITCHARD, Carl L. Risk management: concepts and guidance. CRC Press, 2014.
[4] ALBERTON, Anete. A methodology to assist in risk management and the selection of security investment alternatives. 1996.
[5] BADRI, A.; NADEAU, S.; GBODOSSOU, A. A mining project is a field of risks: A systematic and preliminary portrait of mining risks. International journal of safety and security engineering, v. 2, n. 2, p. 145-166, 2012.
[6] HSE – HEALTH AND SAFETY EXECUTIVE, HSE’s decision-making process, 2001.
[7] LUKO, Stephen N. Risk Assessment Techniques. Quality Engineering, v. 26, n. 3, 2014.
[8] SKIBA, Reinald. Die Gefahrenträgertheorie: Versuch einer theoretischen Konzeption für Unfallforschung und Unfallverhütung. Federal Institute for Occupational Safety and Accident Research, 1973.
Risk Management is with Kot Engenharia
Kot has a qualified technical team to identify, analyze, assess, and manage the risks of your company's activities.
If you, like our more than 150 clients, are looking for specialized solutions in structural analysis or failure prevention such as deformation, vibration, and corrosion, consult our team and count on Kot Engenharia.
Since 1993, we have been offering engineering consultancy services through technical studies using non-destructive testing, field instrumentation and computer simulations (FEM, DEM and CFD) for highly complex diagnoses of concrete and metal structures and industrial equipment.
Follow our pages on LinkedIn, Facebook e Instagram and keep following our content.
