Silas oversees safety programs for several manned and unmanned aircraft operators. Completed a Masters of Aeronautics and MBA.
Optimize Safety: How to Not Drift into Disaster
Optimize Safety: How to Not Drift into Disaster
Safety professionals often state lets not meet by accident. The cost of an accident may dissolve a company or elevate litigation efforts. According to the Occupational Safety and Health Administration (OSHA) (n.d.a.), accidents and injuries cost companies more than one billion per week in workers' compensation costs. Unfortunately, accident and compensation costs have outperformed safety programs.
This article supports safety professionals and management teams by aligning specific safety models that offer positive results while overseeing a safety program.
The ultimate goal of a safety program remains to reduce risk or eliminate the hazard. Safety oversight has become a daunting task as incidents and accidents continue to exist within several industries. According to the OSHA (n.d.b.), investigating a worksite accident required by law also provides an opportunity to identify hazards. More importantly, safety oversight enables employers and workers to identify and implement corrective action to prevent harm.
Complexity means the safety professional cannot place their hands around the problem and fix it with one mitigation or control. Often, several controls or mitigation strategies that include several of the hierarchy of controls present the best action plan (Goetsch, 2019). The Federal Aviation Administration (FAA) (2021) mentions that a considerable workload occurs while managing a complex safety program. Better tools have evolved to overcome the complex problem. However, complex problems continue to exist, and challenges may decrease the current safety program effectiveness. Thus, combining tools presents an option to oversee the complexity and create an efficient safety program.
This article presents a method for management and safety professionals to evaluate their current safety program and align it with a combination of safety models to oversee complex problems.
Combination of Available Tools
Safety management systems (SMS), regulatory, safety engineering, and human factors resemble focus areas that often identify hazards and enable the safety engineer to determine the risk level. High risk requires a mitigation strategy, and the hierarchy of controls produces options to reduce risk or eliminate the hazard. However, with the number of programs to oversee safety, accidents and injuries continue to evolve and affect workers performing required tasks. Further analysis suggests a better solution exists to reduce accidents and protect the workforce.
One solution requires incorporating safety engineering, SMS, and human factors elements to produce an effective safety oversight program. According to Ivensky (2017), implementing an effective safety program requires a correctly designed and balanced process. To combine requires an emphasis on regulatory compliance, an adequately designed engineering and management system, and safe behaviors.
Pulling It All Together
Regulatory requirements do not guarantee a hazard and incident-free workplace. According to Ivensky (2017), laws cannot reduce workplace hazards that create an accident. An adequately designed management system requires attention throughout the lifecycle of the safety program. However, Safety Management Systems (SMS) would not work without technical safety laws, technical knowledge, and safety culture that present safe personnel behavior throughout the organization. Finally, safe behaviors are not solutions when hazards are undefined and misunderstood.
A systematic approach to optimize safety requires a review of human error, engineering controls, and management safety systems. Developing a systematic approach suggests that one safety element does not accomplish proper safety oversight. Instead, Figure 1 presents a process to optimize safety within several elements. The combination of components includes regulatory, engineering safety, SMS, and human behavior throughout the organization.
Figure 1, Optimize Safety Combining Programs
Governments have developed safety regulations for industries engaged in hazardous activities. According to the FAA (2020), regulations serve as safety risk controls. However, regulations and subsequent oversight programs such as SMS are part of risk control's systematic strategy. According to the Transportation Research Board (n.d.), the law ensures that industries provide goods and services with minimal injury. For example, the Pipeline and Hazardous Material Safety Administration (PHMSA) regulates hazardous energy liquids and gas's safety to include natural gas to millions of customers. Because of the risk, safety remains paramount, and regulations attract policymakers' attention when dangerous failures occur.
The FAA (2019) mentions that part 107.39 prohibits unmanned aircraft operations over human beings. Therefore, the pilot must obtain a waiver to operate over people because of the high risk (severity: hazardous, likelihood: unknown) listed in 107.205. While the law prohibits operating over people, the regulation as stand-alone mitigation does not prevent harmful incidents. Thus, combining safety oversight methods presents an option to develop an effective program to reduce risk.
A safety model defined as STAMP or systems-theoretic accident model and process allows the analysis of an organization's risk and safety management performance. According to Williams (2004), using the STAMP analysis presents gaps and limited senior management involvement in the risk process. STAMP defines the effectiveness of the safety program's controls, such as the safety control structure's design and operation. According to Leveson (2004), humans and organizations adapt and maintain safety as long as they stay within the boundary outlined within the safety constraint.
The boundaries listed in Figure 2 represent government, regulators, company, management, staff, and work process. Kee (2017) mentions that STAMP is a constraints-based model that focuses on inadequate controls within the system design, development, and operation. STAMP presents multiple levels within the hierarchy, imposing constraints and controls that require communication upward for leadership acknowledgment. The STAMP model views accidents from inadequate control of safety constraints within the framework listed in Figure 2. The framework presents the safety engineer with an understanding of why an accident occurred and why the framework became ineffective. Prevention requires designing the controls that will prevent exceeding the safety boundary.
Figure 2, Rasmussen and Svedung Socio-Technical Model of System Operations
Safety Management System (SMS)
The use of the SMS process has become one of the methods to oversee complex safety challenges. According to the FAA (2020), organizations continue to evolve SMS to systematically integrate safety risk management into business planning, operations, and decision-making. SMS leverages existing effective safety management practices throughout the lifecycle of the program. Safety programs introduce quality management systems to determine whether the current process fulfills the obligation of intent by reducing risk and eliminating a hazard. McKinnon (2017) mentions using a four-step process includes categories such as plan, do, check, and act. The methodology is used in business planning to control and continually improve processes.
Processes such as SMS involve the oversight of safety throughout the lifecycle of the program. According to the FAA (2020), SMS remains a formal, top-down, organization-wide approach to managing risk and assuring safety risk control effectiveness. The process listed in Figure 3 includes a systematic method of procedures, practices, and policies to manage risk using four main safety categories: policy, risk management, assurance, and promotion.
The policy involves documented organizational commitment to safety. The objective includes responsible parties and accountability in regards to safety management. Next, risk management establishes the identification of hazards and the determination of risk. Following the process requires the use of controls to reduce risk or eliminate the hazard. Safety assurance defines safety professionals revisit previous risk management processes to determine whether the controls put in place produce the required outcome. Finally, promotion involves training and culture. Training ensures the workforce can perform tasks, and communication of safety information supports a safety program's implementation and operation (FAA, 2020). Safety culture must promote a positive outcome throughout the organization, from the worker to the executive leadership.
Figure 3, Safety Management System (SMS)
Human error resides in several accident reports. According to Ivensky (2017), a lack of adequate human failure management has contributed to significant accidents such as the Chernobyl nuclear and the British Petroleum Grangemouth refinery explosion. Human failure was not the leading cause, although a contributing factor that led to the event. A majority of events trigger unsafe behaviors that have the potential to prevented several incidents. Behavior-based safety remains outside of the regulatory requirement, although worth noting as 88% of accidents attributed to unsafe acts, 10% to unsafe conditions, and 2% as an unpreventable incident.
Human behavior presents a notable percentage of accidents according to Heinrich’s 88:10:2 ratio that stipulates direct and proximate accident cause. Figure 4 presents the Heinrich safety triangle representing 300 near misses, 29 less severe injuries, and one significant injury (Industrial Safety and Hygiene News, n.d.). A baseline of 300 near misses suggests the probability of a work-related fatality exists with the number of near misses and less severe injuries.
Figure 4, Heinrich Safety Triangle
The human activity presents error, habitual action, and an intentional safety violation (Ivensky, 2017). Human error remains a topic of discussion within the safety program and requires a method to analyze outcomes to overcome human failure. Safety processes must look deeper into near misses and less severe injuries. A process must review the human error associated with the person involved in the accident, supervision, and management within the organization.
An accident report must dig deeper into the human behavior other than the accident's person suggests the probable cause. According to Wiegmann and Shappell (2001), a safety model known as the Human Factors Analysis Classification System (HFACS) provides a framework to identify the human failure.
The HFACS framework, listed in Figure 5, consists of four levels of failure titled organizational influence, unsafe supervision, preconditions for unsafe acts, and unsafe acts. Organizational influences revolve around resource management, organizational climate, and operational processes. Often the organizational influences go unnoticed or unreported. However, resource management, management, and funding allocation present contributing factors related to accident probable cause. Next, unsafe supervision can result in latent failures associated with failure to correct known problems, inadequate planning, and supervisor violation.
Preconditions for unsafe acts involve substandard conditions of operations and the practice of operators. Substandard conditions of operations define adverse mental states, physiological, and physical or mental limitations. Finally, unsafe acts highlight errors and violations. Errors incorporate decision, skill, and perception problems. Violations involve routine and exceptional acts against regulatory requirements. The use of the HFACS framework produces a process to reliably identify the underlying human error problems contributing to accidents (Wiegmann & Shappell, 2001). Human factors provide a component of the foundation necessary to oversee a safety program that reduces an accident's likelihood and severity.
Figure 5, Human Factors Analysis Classification System (HFACS)
Safety oversight remains a tricky task for those involved in the profession. Hearing a comment such as "we haven't had an accident" doesn't mean the program is worthy of an award. It suggests luck, and the organization hasn't identified the hazard that remains undetected, below the surface. The 737MAX accidents and review of the current safety oversight program require attention. Think about the 737MAX accidents and whether the grounding would have occurred without the second event. Within the What-If scenario, the safety professional must determine whether the safety program allows identification of a significant hazard related to the MCAS or maneuvering characteristics augmentation system (Boeing, n.d.).
To overcome events such as the 737MAX, re-evaluating the program, model structure, methods to identify hazards, and risk to reduce the likelihood and severity require careful attention. In this case, complex problems require a combination of existing programs and methods to produce an effective means to protect people. Thus, combining regulatory, safety management, engineering systems, and adding human error analysis models such as the HFACS framework presents a method that creates an option to dive deeper into identifying hazards that create catastrophic events.
Linkedin - Silas Still
- Silas Still, Linkedin
Occupational Safety & Health, Safety Management Systems (SMS), Risk Management, Safety Assurance & Oversight, Baltimore, Maryland, United States
- Boeing. (n.d.). 737MAX updates. https://www.boeing.com/commercial/737max/737-max-software-updates.page
- Federal Aviation Administration. (2019). How to: Get an ops over people waiver. FAA UAS Symposium. https://www.faa.gov/uas/resources/events_calendar/archive/2019_uas_symposium/media/How_to_Get_Ops_Over_People_Waiver.pdf
- Federal Aviation Administration. (2020). Safety management systems (Order 8000.369C). https://www.faa.gov/documentLibrary/media/Order/Order_8000.369C.pdf
- Federal Aviation Administration. (2021). System approach for safety oversight program (SASO). https://www.faa.gov/about/initiatives/saso/
- Goetsch, D. L. (2019). Occupational safety and health for technologists, engineers, and managers (9th ed.). Pearson.
- Ivensky, V. (2017). Program management optimizing safety engineering, systems, human factors: Part 1. Safety Professional, 62(1), 36-45. https://www.researchgate.net/publication/312984098_Program_Management_Optimizing_Safety_Engineering_Systems_Human_Factors_Part_1
- Industrial Safety and Hygiene News. (n.d.). The safety triangle: A useful, yet complicated, theory. https://www.ishn.com/articles/109182-the-safety-triangle-a-useful-yet-complicated-theory
- Leveson, N. (2004). A new accident model for engineering safer systems. Safety Science, 42(4), 237-270. https://www.skybrary.aero/bookshelf/books/409.pdf
- McKinnon, R. C. (2017). Risk-based, management-led, audit-driven, safety management systems. CRC Press.
- Occupational Safety and Health Administration. (n.d.a.). Business case for safety and health. https://www.osha.gov/businesscase
- Occupational Safety and Health Administration. (n.d.b.). Incident investigation. https://www.osha.gov/incident-investigation
- Transportation Research Board. (n.d.). Designing safety regulations for high-hazard industries. https://www.phmsa.dot.gov/sites/phmsa.dot.gov/files/docs/technical-resources/hazmat-technical-resources/70131/designing-safety-regulations-high-hazard-industries.pdf
- Wiegmann, D., & Shappell, D. (2001). A human error analysis of commercial aviation accidents using human factors analysis and classification (HFACS). Federal Aviation Administration. https://www.faa.gov/data_research/research/med_humanfacs/oamtechreports/2000s/media/0103.pdf
- Williams, S. (2019). Use of STAMP/STPA to model organizational risk and safety management at cruise and ferry companies. MATEC Web Conference, 273 https://www.matec-conferences.org/articles/matecconf/pdf/2019/22/matecconf_icsc_eswc2018_02004.pdf