The Error

Provocative

Environment Christopher J. Colburn, CSP, SGE

Norbord Mississippi

Goals • Define the Error Provocative Environment

• Define Safety and the Safety Vision

• Discuss Heinrich’s 88-10-2 Model

• The Non-Existent Injury Frequency / Severity

Relationship

• Speak to Fundamental Transformational Change

• This is a “KEEP IT REAL” session….

Three Frogs Sitting On a Log….

Human Behavior

Human Behavior is not Predictable

• Indicators are possible but not Scientific (Repeatable Results)

• The best indicator of future behavior is past behavior

• The big question is how do you change a behavior?

People are in most cases are like water, in that, they

will more often than not, take the path of least

resistance

• It is not, in most cases intentional, it is human nature….

DEFINE

“CULTURE” What is it?

Organizational Safety Culture “Organizational culture refers to the basic values, norms, beliefs, and practices that characterize the

functioning of an institution. At the most basic level, organizational culture defines the

assumptions that employees make as they carry out their work. It is a powerful force that can persist

through reorganizations and the change of key personnel. It can be a positive or a negative force.”

~Report of the Columbia Accident Investigation Board, August, 2003

DEFINE

“SAFETY” What is it?

Define Safety Freedom from Unacceptable Risk

(ISO Guide 51: 1999E)

What is “Acceptable Risk” in your

organization?

What is Acceptable Risk Risk Assessment Matrix

Likelihood of

OCCURAENCE

or EXPOSURE for selected

Unit of Time or Activity

Severity of Injury or Illness Consequence and Remedial Action CATASTROPHIC

Death or permanent

total disability

CRITICAL

Disability in excess of

3 months

MARGINAL

Minor injury, lost

workday accident

NEGLIGIBLE

First Aid or Minor

Medical Treatment

Frequent

Likely to Occur Repeatedly

HIGH

Operation not

permissible

HIGH

Operation not

permissible

SERIOUS

High Priority Remedial

action

MEDIUM

Take Remedial action

at appropriate time

Probable

Likely to Occur several times

HIGH

Operation not

permissible

HIGH

Operation not

permissible

SERIOUS

High Priority Remedial

action

MEDIUM

Take Remedial action

at appropriate time

Occasional

Likely to occur sometime

HIGH

Operation not

permissible

SERIOUS

High Priority Remedial

action

MEDIUM

Take Remedial action

at appropriate time

LOW

Risk Acceptable:

Remedial Action

Discretionary

Remote

Not likely to occur

SERIOUS

High Priority Remedial

action

MEDIUM

Take Remedial action

at appropriate time

MEDIUM

Take Remedial action

at appropriate time

LOW

Risk Acceptable:

Remedial Action

Discretionary

Improbable

Very unlikely – may assume

exposure will not happen

MEDIUM

Take Remedial action

at appropriate time

LOW

Risk Acceptable:

Remedial Action

Discretionary

LOW

Risk Acceptable:

Remedial Action

Discretionary

LOW

Risk Acceptable:

Remedial Action

Discretionary

What is a System? (ANSI/GEIA‐STD‐0010)

“An integrated composite of people, products, and

processes that provide a capability to satisfy a

stated need or objective.”

“The system safety concept focuses on the

application of systems engineering and

systems management to the process of

hazard, safety and risk analysis. “

Safety System The application of engineering and management principles, criteria, and techniques to achieve mishap risk as low as

reasonably practicable (to an acceptable level), within the constraints of operational effectiveness and suitability, time, and cost, throughout all phases of the system life cycle.

ALARP

ANSI/GEIA‐STD‐0010‐2009

Standard Best Practices for System Safety Program Development and Execution

MIL‐STD‐882D

Department of Defense, Standard Practice for System Safety

Fundamentals:

Acceptable Risk and ALARP Acceptable Risk

• That level of residual safety risk that the managing

authority is willing to assume on behalf of the agency,

users, and public

“As low as reasonably practicable”

That level of risk which can be further lowered only by an

increment in resource expenditure that cannot be justified

by the resulting decrement in risk Source: ANSI/GEIA‐STD‐0010‐2009

Error Provocation • The word “Provocation” means to “Provoke, Entice or

Stimulate”

• An Error Provocative Environment is an environment

that lacks controls to such a degree that the area itself

“Provokes, Entices or Stimulates” individuals to make

errors. These errors are manifested as unsafe acts.

• When an Unsafe Act and Unsafe Condition meet;

Injury Occur

Latent Conditions • Poor design,

• Gaps in supervision,

• Undetected manufacturing

defects or maintenance failures,

• Unworkable procedures,

• Clumsy automation

• Shortfalls in training

• Less than adequate tools and equipment, may be present for

many years before they combine with local circumstances and active failures to penetrate the system’s layers of defenses

James Reason,

Managing the Risks of

Organizational Accidents

How Do These Affected

Individuals View Risk?

Heinrich, H.S. Industrial Accident Prevention (McGraw‐Hill, 1959)

• 88‐10‐2 Ratios

– 88% unsafe acts of persons

– 10% unsafe mechanical or physical hazards

– 2% unpreventable accidents

• Does not consider systemic causal factors deriving from:

– Design and engineering shortcomings

– Hazards in the operational procedures

– System of expected behavior that has

developed

The Unsafe Act

The Unsafe Act

How often do incident investigations stop after addressing

the individual human error?

Other potential root causal factors:

–Organizational

–Operational

–Technical

–Cultural

The Blame Machine • Placing responsibility for the incident on what an

individual did or did not do results in overly simplistic

causal factor determination.

• In many organizations, and sometimes entire industries,

there is an unwillingness to look closely into error- provocative system faults.

R. B. Whittingham

The Blame Machine: Why Human Error Causes Accidents

Managing Maintenance Error: A Practical Guide

James Reason and Alan Hobbs

“Errors are consequences, not just causes. They are

shaped by local circumstances: by the task, the

tools and equipment and the workplace in

general. If we are to understand the significance

of these factors, we have to stand back from what

went on in the error maker’s head and consider

the nature of the system as a whole.”

Swiss Cheese Model Reason, James: “Human error: models and management”

BMJ 320:768‐770, 2000

Defining Human Error “A decision, an oversight, or a personnel action or inaction

out of which the potential arises for the occurrence of a

harmful incident or exposure.” Fred E. Manuele

“A natural consequence of a mismatch between human

capabilities and demands, and an inappropriate

organizational culture.” Guidelines for Preventing Human Error in Process Safety.

Center for Chemical Process Safety of the

American Institute of Chemical Engineers, 1994.

Design Characteristics That Increase

the Probability of Human Error

A job situation or system, which:

1. Violates operator expectations

2. Requires performance beyond what an operator can deliver

3. Induces fatigue

4. Provides inadequate facilities or information for the operator

5. Is unnecessarily difficult or unpleasant

6. Is unnecessarily dangerous

Chapanis, Alphonse. “The Error‐Provocative Situation”

in The Measurement of Safety Performance

Human Error Reduction CONCLUSION:

The solution to many, if not most, human performance

problems resulting in injury are technical in nature,

not psychological.

“Prevention through Design”

Hierarchy Of Controls 1.Elimination

2.Substitution

3.Engineering Controls

4.Warnings

5.Administrative Controls

6.Personal Protective Equipment

Rasmussen’s Drift to Danger Model

Resilience Engineering ; Erik Hollnagel, David D. Woods and Nancy Leveson; p 36, Figure 3.1

Behavioral Conclusions • Human errors, of commission or omission, are factors in

the occurrence of nearly all hazard-related incidents.

• Typical safety management systems do not address human error reduction, particularly on an anticipatory basis

• You cannot change the human condition but you can change the conditions under which people work

• The solution to most human performance problems are technical rather than psychological

Behavioral Conclusions • Potentials for human error derive largely from top-level

decisions, and the impact of those decisions spreads

throughout the organization, shaping a distinctive

corporate culture and creating error-provocative

situations

• To avoid hazard-related incidents resulting in serious

injuries, human error potentials must be addressed at

the cultural, organizational, management systems,

design, and engineering levels, and with respect to the

work methods prescribed

The Eight-Stage Process of

Creating Major Change 1. Establishing a Sense of Urgency

2. Creating the Guiding Coalition

3. Developing a Vision and Strategy

4. Communicating the Change Vision

5. Empowering Broad Based Action

6. Generating Short-Term Wins

7. Consolidating Gains and Producing more Change

8. Anchoring New Approaches in Culture

Four States of Organizational Culture

1) The ability to rebuild after a failure has occurred. This implies

that we hope we will not fail, or in terms of safety, that we will not have a catastrophic mishap or serious injury, but if we do we will recover and move on

2) Expecting failure to occur and devising ways to limit the effects of this failure so the organization can rebound or recover from failure states in a graceful manner. This allows the preservation of the core capabilities of the system so the organization can continue to operate even in a degraded stated

Four States of Organizational Culture

3) Building the capacity of a system to handle perturbations or disruptions outside of those it was designed to handle. This implies that to be resilient an organization must be able to react and adapt to the unexpected without catastrophic failure

4) Protecting the core processes to maintain stability while encouraging the ability to adapt to changing environments, which will in turn function to preserve the core processes through change management. This idea of resilience seems to imply that it can be used to help organizations stand the test of time despite external pressures and “weather the storm” during climates of change

E4 Approach

Education + Engagement

+ Empowerment =

Excellence

Questions

• Resilience engineering needs

to provide organizations with help on how

to decide when to relax production pressure to reduce risk.

Resilience Engineering ; Erik Hollnagel, David D. Woods and Nancy Leveson; p 32

Quotes

“ In Theory, Theory and Practice are the Same; In

Practice, They are not….”

~ Yogi Berra

Perfection is not attainable, but if we chase perfection we can catch

excellence.

~ Vince Lombardi

Engagement + Empowerment = Excellence

~ Christopher J. Colburn

Christopher J. Colburn, CSP. SGE

Norbord Mississippi

Safety and Training Manager

Chris.colburn@guntown.norbord.com