BackgroundThe start of 2019 has seen much media attention to various incidents resulting from, arguably, negligent decision making.One such incident was the recent high-rise apartment building fire in Melbourne that resulted in hundreds of residents evacuated.The fire is believed to have started due to a discarded cigarette on a balcony and quickly spread five storeys. The Melbourne Fire Brigade said it was due to the building’s non-combustible cladding exterior that allowed the fire to spread upwards. The spokesperson also stated the cladding should not have been permitted as buildings higher than three storeys required a non-combustible exterior.Yet, the Victorian Building Authority did inspect and approve the building.Similar combustible cladding material was also responsible for another Melbourne based (Docklands) apartment building fire in 2014 and for the devastating Grenfell Tower fire in London in 2017 that killed 72 people with another 70 injured.This cladding material (and similar) is wide-spread across high-rise buildings across Australia. Following the Docklands’ building fire, a Victorian Cladding Task Force was established to investigate and address the use of non-compliant building materials on Victorian buildings.Is considering Worse Case Scenario versus Risk appropriate?In a television interview discussing the most recent incident, a spokesperson representing Owners’ Corporations stated owners needed to look at worse case scenarios versus risk. He followed the statement with “no one actually died”.While we agree risk doesn’t work for high consequence, low likelihood events, responsible persons need to demonstrate due diligence for the management of credible critical issues.The full suite of precautions needs to be looked at for a due diligence argument following the hierarchy of controls.The fact that no one died in either of the Melbourne fires can be attributed to Australia’s mandatory requirement of sprinklers in high rise buildings. This means the fires didn’t penetrate the building. However, the elimination of cladding still needs to be tested from a due diligence perspective consistent with the requirements of Victoria’s OHS legislation.What happens now?The big question, beyond that of safety, is whether the onus to fix the problem and remove / replace the cladding is now on owners at their cost or will the legal system find construction companies liable due to not demonstrating due diligence as part of a safety in design process?Residents of the Docklands’ high-rise building decided to take the builder, surveyor, architect, fire engineers and other consultants to the Victorian Civil and Administrative Tribunal (VCAT) after being told they were liable for the flammable cladding.Defence for the builder centred around evidence of how prevalent the cladding is within Australian high-rise buildings.The architect’s defence was they simply designed the building.The surveyor passed the blame onto the Owners’ Corporation for lack of inspections of balconies (where the fire started, like the most recent fire, with a discarded cigarette).Last week (at the time of writing), the apartment owners were awarded damages for replacement of the cladding, property damages from the fire and an increase in insurance premiums due to risk of future incidents. In turn, the architect, fire engineer and building surveyor have been ordered to reimburse the builder most of the costs.Findings by the judge included the architect not resolving issues in design that allowed extensive use of the cladding, a failure of “due care” by the building surveyor in its issue of building permit, and failure of fire engineer to warn the builder the proposed cladding did not comply with Australian building standards.Three percent of costs were attributed to the resident who started the fire.Does this ruling set precedence?Whilst other Owners’ Corporations may see this ruling as an opportunity (or back up) to resolve their non-compliant cladding issues, the Judge stated they should not see it as setting any precedent.

"Many of my findings have been informed by the particular contracts between the parties in this case and by events occurring in the course of the Lacrosse project that may or may not be duplicated in other building projects," said Judge Woodward.

 If you'd like to discuss how conducting due diligence from an engineering perspective helps make diligent decisions that are effective, safe and compliant, contact us for a chat.

Disclosure: Tim Procter worked in Arup’s Melbourne office from 2008 until 2016.Shortly after Christmas a number of media outlets reported that tier one engineering consulting firm Arup had settled a major court case related to traffic forecasting services they provided for planning Brisbane’s Airport Link tunnel tollway. The Airport Link consortium sued Arup in 2014, when traffic volumes seven months after opening were less than 30% of that predicted. Over $2.2b in damages were sought; the settlement is reportedly more than $100m. Numerous other traffic forecasters on major Australian toll road projects have also faced litigation over traffic volumes drastically lower than those predicted prior to road openings.Studies and reviews have proposed various reasons for the large gaps between these predicted and actual traffic volumes on these projects. Suggested factors have included optimism bias by traffic forecasters, pressure by construction consortia for their traffic consultants to present best case scenarios in the consortia’s bids, and perverse incentives for traffic forecasters to increase the likelihood of projects proceeding past the feasibility stage with the goal of further engagements on the project.Of course, some modelling assumptions considered sound might simply turn out to be wrong – however, Arup’s lead traffic forecaster agreeing with the plaintiff’s lead counsel that the Airport Link traffic model was “totally and utterly absurd”, and that “no reasonable traffic forecaster would ever prepare” such a model indicates that something more significant than incorrect assumptions were to blame.Regardless, the presence of any one of these reasons would betray a fundamental misunderstanding of context by traffic forecasters. This misunderstanding involves the difference between risk and criticality, and how these two concepts must be addressed in projects and business.In Australia risk is most often thought of as the simultaneous appreciation of likelihood and consequence for a particular potential event. In business contexts the ‘consequence’ of an event may be positive or negative; that is, a potential event may lead to better or worse outcomes for the venture (for example, a gain or loss on an investment).In project contexts these potential consequences are mostly negative, as the majority of the positive events associated with the project are assumed to occur. From a client’s point of view these are the deliverables (infrastructure, content, services etc.) For a consultant such as a traffic forecaster the key positive event assumed is their fee (although they may consider the potential to make a smaller profit than expected).Likelihoods are then attached to these potential consequences to give a consistent prioritisation framework for resource allocation, normally known as a risk matrix. However, this approach does contain a blind spot. High consequence events (e.g. client litigation for negligence) are by their nature rare. If they were common it is unlikely many consultants would be in business at all. In general, the higher the potential consequence, the lower the likelihood.This means that potentially catastrophic events may be pushed down the priority list, as their risk (i.e. likelihood and consequence) level is low. And, although it may be very unlikely, small projects undertaken by small teams in large consulting firms may have the potential to severely impact the entire company. Traffic forecasting for proposed toll roads appears to be a case in point. As a proportion of income for a multinational engineering firm it may be minor, but from a liability perspective it is demonstrably critical, regardless of likelihood.There are a range of options available to organisations that wish to address these critical issues. For instance, a board may decide that if they wish to tender for a project that could credibly result in litigation for more than the organisation could afford, the project will not proceed unless the potential losses are lowered. This may be achieved by, for example, forming a joint venture with another organisation to share the risk of the tender.Identifying these critical issues, of course, relies on pre-tender reviews. These reviews must not only be done in the context of the project, but of the organisation as a whole. From a project perspective, spending more on delivering the project than will be received in fees (i.e. making a loss) would be considered critical. For the Board of a large organisation, a small number of loss-making projects each year may be considered likely, and, to an extent, tolerable. But the Board would likely consider a project with a credible chance, no matter how unlikely, of forcing the company into administration as unacceptable.This highlights the different perspectives at the various levels of large organisations, and the importance of clear communication of each of their requirements and responsibilities. If these paradigms are not understood and considered for each project tender, more companies may find themselves in positions they did not expect.Also published on:https://sourceable.net/how-did-it-get-to-this-project-risk-vs-company-liability/

Gaye recently attended the second meeting of the Powerline Bushfire Safety Committee (PBSC) at Energy Safe Victoria (ESV).As set out in the Committee Charter, the purpose of the PBSC is to provide the Director of Energy Safety (DoES) with comprehensive expert advice to support ESV in its administration of the Electricity Safety (Bushfire Mitigation) Amendment Regulations 2016 (the regulations) and any advice ESV may, in turn, provide government on further policy changes that may be required in the light of initial network experience implementing the regulations.In addressing its purpose, the PBSC will have regard to the regulations, the regulatory impact statement (RIS) including the target fire risk reduction benefits set out herein, and the statement of reasons (SoR).The objective of the PBSC is to provide transparent, independent oversight and advice to ESV in undertaking its regulatory responsibilities to hold the distribution business accountable for the delivery of the fire reduction benefits implicit in the regulations.Gaye’s role is to provide risk management and best practice advice. All documents relating to the Committee’s activities can be found on the ESV website.

Imagine you have a great idea. Perhaps it’s for a start-up venture. Perhaps it’s a new, better way of doing something at your workplace. Perhaps it’s changing the way your business has always done something. Perhaps it’s a substantial capital works project.Each of these will require a business case to convince stakeholders that your idea is, in fact, great, and ought to be implemented. Key aspects considered and explained should include:

• what the good idea is
• how it fits into the current market or organisation
• the benefits it will bring
• the upfront and ongoing costs that it will entail
• the risks the proposed course of action will carry
• what will be done to address these risks

These points can be separated into the three elements of any good business case: the ‘what’, the cost-benefit analysis, and the risk management strategy. The effort and detail required to prepare a convincing business case will vary depending on the idea, but it is unlikely to gain stakeholder acceptance without these three key elements.The ‘what’ and the cost-benefit analysis are generally well understood. However, business case risk management strategies are often difficult to interpret for readers. When you consider that those reading a business case will likely be those deciding if your (great) idea is accepted, the benefit of a clear and concise risk management strategy becomes obvious.So, what does a clear and concise risk management strategy involve? How can one best be prepared and presented? And how can it be made convincing as part of a business case?

Perspectives

The essence of a convincing risk management strategy is emphatically not a statement of “here are the risks, and here is what we will do about them so we don’t think they will happen.”This is, essentially, a list of problems. When deciding on a new course of action as a start-up, a small business or a large organisation, a list of problems in a business case will not give decision-makers confidence.This is especially the case if, as proposed by AS31000 (the Australian Standard for risk management), the goal of the risk management strategy is to ensure risks are ‘tolerable’, which generally means they are unlikely to occur. This argument to unlikelihood is particularly unconvincing if a decision-maker asks “I accept that this risk is unlikely, but what if it happens?”A clearer and more convincing approach is to present a case that states “here are the critical issues, here is why we don’t believe any have been overlooked, and here is why we believe all reasonable measures are in place to address them.”This approach takes a solution (rather than hazard) based approach. A hazard-based approach typically identifies many specific problems and puts them in a list, before thinking of things to do about them. Its perspective is “here’s what could go wrong with my great idea, and here’s why I don’t think it will.”This approach tends to focus on problems and their complexity, going into detailed, oft-impenetrable risk analysis, making it difficult for senior decision-makers to fully comprehend due to the specialist skill-sets required. Problems are often taken out of context for the organisation, and measures identified for each problem tend to be specific to each problem and as such hard to justify. It creates analysis paralysis.A solution-based approach, by contrast, begins by looking at what measures are in place in similar situations, and what further measures might be needed for this specific context. It is actually an options analysis and provides the case for action. Its perspective is "here’s what we should have in place to be confident going ahead with my great idea.”This shift from problems to solutions is key to presenting a convincing business case. It pushes the focus to the way forward, and takes an overarching, holistic viewpoint, making recommendations clearly explicable to senior decision-makers. It ensures the organisation’s context is always considered, and identifies a smaller number of solutions that address multiple potential issues, with a focus on implementing recognised good practice rather than presenting unnecessarily detailed analysis.Where needed, this approach can still generate the level of detail required for budget contingency estimation (e.g. through Monte Carlo simulation). However, it ensures that this detail remains contextually sound, and is only provided where beneficial to decision-making.This approach is also simpler, faster, more efficient, often cheaper, and certainly more defensible if something does go wrong. They provide an argument as to why decisions are diligent, rather than why they are ‘right.’ In short, a solution-based approach provides a far superior decision basis than a hazard-based approach. And that’s something that any business case should aim for.

This article first appeared on Sourceable.

One of the interesting points to come out of the recent R2A event and discussions with colleagues afterwards, is the confusion regarding the meaning of the word ‘risk’.  There was a general perception that much of the SFAIRP – ALARP debate was confusion of terms rather than concepts, a proposition with which we at R2A concur.  This also flowed onto a general observation about the way in which courts interpret various terms, especially the meaning of ‘likely’.The meanings ‘risk’ with which R2A is familiar are:

i.       A noun, especially as used in the insurance world, as in the insured ‘risk’.

ii.      Risk as a property of an activity or a process involving both likelihood and consequence – an adjective.  That is, it was a ‘risky’ investment.  This can extend to a quantified ‘scientific’ approach to risk.

iii.     Risk as a likelihood only, as in, the ‘risk’ of the hazard occurring.

iv.      Risk as a concept involving future uncertainty, good and/or bad, as part of the human condition.

v.       Risk as the antonym of reward, often used in financial terms to describe an element of net outcome as in ‘risk vs the reward’.

With regard to what’s ‘likely’, one of our colleagues, Tony Enright has noted that in NZ case law, the word “likely’ in the context of the Building Act 1991 (now Building Act 2004) is as follows:

“Likely” does not mean “probable”, as that puts the test too high. On the other hand, a mere possibility is not enough. What is required is “a reasonable consequence or [something which] could well happen”. Auckland CC v Weldon Properties Ltd 7/8/96, Judge Boshier, DC Auckland NP2627/95, [1996] DCR 635

‘Likely’, as used in [s 64(1)(a) BA91, now s 121(a)], means that there is a reasonable probability (see Dowling v South Canterbury Electric Power Board [1966] NZLR 676, 678); or that having regard to the circumstances of the case it could well happen (see Browne v Partridge [1992] 1 NZLR 220, 226).  Rotorua DC v Rua Developments Ltd 17/12/99, Judge McGuire, DC Rotorua NP1327/97

The point of all this is that it’s courageous to assume that the courts will agree with your definitions post event.  The prudent course is to use the courts meanings pre-event to ensure everyone is talking about the same thing in the same way, if it ever becomes necessary.

Once or twice a year, R2A, as due diligence engineers, are called upon to investigate projects which have not gone well. Clients do not generally permit us to discuss such investigations, unless it’s a public inquiry of some sort, but there are common threads that emerge. For the most part R2A includes such learnings in our text, Risk and Reliability: Engineering Due Diligence.Whilst some issues are peculiar to an organisation, the most common difficulty across projects seems to rest around an exclusive reliance on the Risk Management Standard (ISO 31000) as the basis to manage risk. For high consequence, low likelihood events (the potential ‘project showstoppers’) the Standard fails the test. The reason is simple; it is risk based not criticality based.Risk based means the management of identified risks is by the simultaneous appreciation of likelihood and consequence. Criticality based means that the likelihood side of the risk equation is initially ignored if the event is credible and could prove fatal (completely stop the project). The diagram below describes the conundrum for senior decision makers responsible for multiple large projects, the failure of any of which might bring down those decision makers.The perspective of both the individual project managers and the senior decision makers are correct, but contradictory. An individual project manager can confidently state, using risk based approach, that yes, a critical possibility does exist but it is so rare that delaying the project on that account cannot be justified.  The project should proceed.The senior decision makers on the other hand see the critical risks from 100 project managers. Even though such risks are rarely manifested, the 100 credible show stoppers are all focussed on this single group. From this top-down perspective projects ought not to proceed until the show stoppers are eliminated.  The alternative is to proceed optimistically until one show stopper to one project eventually happens and the inquiry commences.R2A is focused on the prevention side which means that projects ought not to proceed until the show stoppers are dealt with. It’s the only place to be.

The change from hazard based risk assessment supported by the risk management standard to the precautionary due diligence approach now mandated by most Australian parliaments has significant implications for designers, especially in the use of standards that use target levels of risk and safety such as EG(0) Power System Earthing Guide and IEC 61508 the Functional Safety Assessment standard as a design tool.

In previous blogs we have explored the implications of the hazard based approach using target risk criteria for land use safety planning purposes for hazardous chemical facilities. This blog looks at the implications in relation to the application of EG(0), the Power System Earthing Guide¹. The guide appears to define risk limit targets consistent with the NSW Department of Planning guidelines as shown in the table and figure below.

EG-0 individual risk limits

EG-0 societal risk limits

• Intolerable Region—The risk profile must be reduced.
• ALARA Region—Reduce the risk profile whenever possible, and only accept the residual risk on the basis of a risk cost benefit analysis (RCBA) (see Appendix F). The use of the ALARA principle (or ALARP) is clearly intended to form a key part of the Due Diligence process embodied in this Guide. The ALARM principle that requires a designer and asset owner to reduce the risk profile whenever possible provides a consistent yet practical means for managing earthing system related risk.
• Low or tolerable Region—Risk generally acceptable, however, risk treatment may be applied if the cost is low and/or a normally expected practice.

Whilst the table has further caveats that consider some of the weaknesses of the hazard based approach to risk, the overall use of such target risk levels remains contrary to the SFAIRP approach of the model legislation.

Such an approach is especially problematic in states like Queensland that are modifying the provisions of the Electrical Safety Act to be entirely consistent with the provisions of the WHS act including penalties.

As a consequence, the attempt by Energy Networks Australia (ENA) to introduce target risk based processes to assess the safety of earthing systems via EG(0), is flawed. It means that organisations and their officers that use such target risk based processes as the primary tool for risk decision making would be subject to post event scrutiny under the new model WHS legislation. In the event of a fatality such officers would presumably be prosecuted for acting recklessly under the criminal provisions of the act. It may also leave the ENA and its officers open to prosecution for endorsing and promoting an arguably suspect process.

This blog is based on a paper presented at the Earthing, Lightning & Surge Protection Conference in July 2013 and subsequently the Electrical Regulatory Compliance Forum in September 2013. The full papers can be viewed at Conferences.

¹ Energy Networks Association Limited (2010). EG-0 Power System Earthing Guide. Part 1: Management Principles. Version 1 – May 2010. Canberra.

Boards are responsible for the good governance of the organisation and risk management is an essential aspect of this.Diligently balancing competing priorities with limited resources requires an organisational expression of risks and rewards in the value system of the board. In the business community this has often been expressed as risk appetite meaning that an outstanding outcome can justify taking greater chances to achieve success.  In policy terms it means encouraging the organisation to select projects and programs with greater rewards for similar effort, and is to be applauded.  This is a positive demonstration of business due diligence.However, safety has a different perspective.  Here often, the consequences of failure are so high that there is simply no appetite for it.  Instead, provided the situation is not prohibitively dangerous, the requirement is for (safety) risk to be eliminated or reduced so far as is reasonably practicable, a matter which can be forensically tested in court¹.This is a positive demonstration of safety due diligence. Recognised good practice in the form of guidelines and standards is a starting point.In statistical terms, due diligence is primarily about dealing with outliers and black swans (especially to third parties) that create potential showstoppers, rather than optimising the middle ground, which appears to be the position most risk management programs try to achieve.  In our experience, most risk management programs involving risk appetite concepts are about optimising the most likely commercial corporate position rather than preventing catastrophes.For technological business which mainly deal with downside risk, the term risk appetite seems inappropriate at least for safety aspects. A better term may be a risk tolerance statement or, keeping it generic across business and safety, a risk position statement.A risk position statement is an articulation of the Board’s understanding of the key risk issues for the business and their understanding of the management and optimisation of these risks.  It is almost a quality assurance document to ensure the Board can transparently demonstrate risk management governance to stakeholders including the community and government.From a Board viewpoint, the safety risk position will not be driven by risk (consequence and likelihood) but rather criticality (consequences) and what can actually be done to eliminate or minimise the risk.  For example, risk tolerances will vary depending on the precautionary options available for a particular issue and the resources available at the time to address the issue.¹ For example from Worksafe Australia interpreting the model WHS act (as viewed at): http://www.safeworkaustralia.gov.au/sites/SWA/about/Publications/Documents/607/Interpretive%20guideline%20-%20reasonably%20practicable.pdf 15 July 2013: What is ‘reasonably practicable’ is an objective testWhat is ‘reasonably practicable’ is determined objectively. This means that a duty-holder must meet the standard of behaviour expected of a reasonable person in the duty-holder’s position and who is required to comply with the same duty.There are two elements to what is ‘reasonably practicable’. A duty-holder must first consider what can be done - that is, what is possible in the circumstances for ensuring health and safety. They must then consider whether it is reasonable, in the circumstances to do all that is possible.This means that what can be done should be done unless it is reasonable in the circumstances for the duty-holder to do something less.This approach is consistent with the objects of the WHS Act which include the aim of ensuring that workers and others are provided with the highest level of protection that is reasonably practicable.

The meaning of the word risk has changed substantially over the last 20 years or so. It used to refer to potentially catastrophic events for which insurance was normally purchased, a meaning, which is still used by the Factory Mutuals and Lloyds underwriters.

In more recent times it has become associated with the term management, which has morphed it from the consideration of potentially catastrophic events to a process, which determines the optimum risk (upside and downside) outcomes, epitomised by the concept of risk appetite.

The courts have never experienced this confusion. After all, they do not care how often something has gone well, they only examine the instances where it all went terribly wrong. And to deal with these, the courts use the legal concept of due diligence.

The risk management standard has probably been responsible for this confusion. This may not be a bad thing in itself, provided the new meaning of risk management is understood. From an engineering perspective it means that risk management has come to mean reliability management, (what is the most likely desirable outcome and what needs to be tweaked to ensure that this becomes the case) whilst the former, catastrophic meaning requires due diligence which is aimed at detecting the outlier events and their various, unlikely combinations.

For example, the extensive use of Monte Carlo simulations is another result of the new meaning. These are typically used to determine likely risk outcomes from independent probability event distributions. It will almost certainly reveal the most likely events to derail or enhance a business plan or project, but the simulations are unlikely to reveal the convergence of low probability, statistical outlier events, the combination of which creates perfect storms like the GFC (global financial crisis).

This may be why the various risk management societies have had difficulty in determining what their core business is in recent times. It also explains why it was so necessary for R2A to change its name (but not its business) from risk engineers to due diligence engineers. And why R2A’s operations due diligence model is so important. It tests for the catastrophic, low likelihood outliers (the old risk management) before it optimises for operational availability (the new risk management).