Introduction
Risk assessment is a
process that involves evaluation of the impact and its probability of
occurring. Risk is a function of the likely hood of a given threat – sources exercising
a particular potential vulnerability and the resulting impact of that adverse
event on the organization.
Preventive
and mitigative risk factors
Risk mitigation are the
steps followed to reduce the adverse effects. There are four types of risk
mitigation strategies that are unique to business continuity and disaster
recovery. It’s important to develop a strategy that closely relates to and
matches your company profile, these strategies include:
a)
Risk acceptance
It
doesn’t reduce any effects, however, it’s still considered a strategy. This
strategy is a common option when the cost of other risk management options such
as avoidance or limitations may outweigh the cost of risk itself. A company
that does not want to spend a lot of money on avoiding risks that does not have
a high possibility of occurring will use the acceptance strategy.
b)
Risk avoidance
This
is the vice versa of risk acceptance strategy. It is any action that avoids any
exposure to the risk whatsoever. It is usually the most expensive of all the
risk mitigation strategies. Example;
1) Not
buying a business or property in order to not take on the legal liability that
comes with it.
2) Not
flying in order not to take the risk that the airplane were to be hijacked.
c)
Risk limitation
This
is the most common risk strategy used by businesses. It limits a company’s
exposure by taking some actions. It’s a strategy employing a bit of risk
acceptance along with a bit of risk avoidance, or an average of both. An
example of risk limitation is a company accepting that a disk drive may fail
and avoid a long period of failure by having backups.
d)
Risks transference
It
is the involvement of handling risk off to a willing third party. An example is
numerous companies outsourcing certain operations such as customer services,
payroll services etc. this can be beneficial to a company if a transfer risk
isn’t a core competence of that company. It can also be used so a company can
focus more on their core competence.
e)
Periodically re asses risks that are accepted
in ongoing process as a normal feature of business operations and modify
mitigation measures.
f)
Design a new business process with
adequate built in risks control and containment measures from the start.
g)
Risk sharing
It
is defined as sharing with another party the burden of loss or benefit of gain,
from a risk and the measures to reduce a risk you can hence transfer a risk to
a third party through insurance and outsourcing. In practice, if an insurance
company or contractor go bankrupt or end up in court, the original risk is
still likely to revert to the first party as such in the terminology of
practioners are scholars alike, the purchase of an insurance contract is often
described as transparence risk. Example; A personal injuries insurance policy
doesn’t transfer the risk of a car accident to the insurance company. The risk
still lies with the policy holder namely the person who has been involved in an
accident. Insurance policy simply provides that if an accident (the event)
occurs involving the policy holder, that is, commensurate with the
suffering/damage.
h)
Risk reduction or optimization.
Involves
reducing the severity of the loss or the likelihood of the laws from occurring.
Example; sprinklers are designed to put out the fire to reduce the risk by
fire, this method may course a greater loss by damage hence may not be
suitable.
i)
Risk retention
This
involves accepting the loss or benefits of gain when it occurs. True self-insurance
falls in this category. It is a viable strategy for small risks where the cost
of insuring against the risk would be greater over time than the total losses
sustained. All risks that are not avoided or transferred are retained by
default. This includes risks that are so large or catastrophic that they either
cannot be insured against or the premiums could be unfeasible. Example; War is
example since most properties and risks are not insured against risks, so the
loss attributed by war is retained by the insured.
Hierarchy
of prevention and control measures
Employers need to assess
the risks for their staff and then preventive measures or controlled measures
have to be derived from these assessments. The types of measures can be
classified:-
a)
Elimination of hazards
b)
Minimizing or separating the hazards
from the works by;
1) Technical
measures (example; encasing, exhausted)
2) Organizational
measures (Example; only qualified employees are allowed to do specified work.
3) Personal
measures ( Example; wearing PPE)
4) Behavioral
measures (Example; Peer observations)
Legislation requires
following the hierarchy in order to always select the most effective type of measure.
Preventive measures aim at avoiding risks whereas control measures are put in
place in order to reduce and manage risks. To combat the vast number of very
different risks, for example, slipping, falling, developing muscular skeletal
disorders (MSD) radiation stress etc. Researchers, technicians and
practitioners have developed an even higher number of preventive and control
measures. This means employer need guidance in order to choose the most
efficient measure.
General
Principals of prevention
a)
Avoiding risks
b)
Evaluate the risk which cannot be
avoided
c)
Combating the risks at source
d)
Adapting the work to individual, especially
as a regard to workplaces, choice of work, equipment, and the choice of working
and production method with a view in particular.
e)
Adapting to technical progress
f)
Replacing the dangerous by the non-dangerous
or less dangerous
g)
Developing a coherent overall. Prevention
policy which covers technology, organizational work, working conditions, social
relationships and the influence of factors related to the working environment.
h)
Giving collective protective measures
priority over individual protective measures.
i)
Giving appropriate instructions to the
workers.
No comments:
Post a Comment