The prevention of harm is about trying to see, predict and control all things that may deliver an undesired outcome, writes Max Geyer.
Society and organisations develop regulations, rules, systems, procedures, structures, training, inspections, investigations, and punishment and reward programs, in order to manage the interaction of people and work activities. At the same time we have insurance policies, rehabilitation programs, law courts, audits, re-training programs, review and improvement programs, because of the humanness and fallibility of humans; because we know that where people are involved, not all will be anticipated, mistakes will be made, things will not go to plan and on occasions harm will result.
This paper argues that, when dealing with risk and safety, it is preferable to develop resilience than to try to prevent all harm. It does so by highlighting the limitations and by-products enacted by attempting to eliminate all harm and then identifies the advantages of developing resilient capacity when dealing with the unexpected.
The Collins English Dictionary (2003) defines harm as ‘physical or mental injury or damage’. A search of the top one hundred Australian listed companies will reveal many with declared values or risk and safety policies which espouse the elimination of harm and or have zero harm as a goal .
In relation to discerning and managing risk in the workplace, having the capacity to eliminate or prevent harm implies we would have the capacity to identify all physical or mental injury or damage associated with the operations of the organisation. Further, having an ability to identify all harm also implies we would have a capacity to foresee all events which could bring about that harm; that is, we would be omniscient, which is clearly not possible. The elimination of harm is not only not possible, as a negatively framed goal, it primes the organisation, its management and its people for failure (Custers, 2009). And as a by-product, it drives a culture of fear in relation to the reporting of incidents, it restricts the individual’s ability to exercise judgement and it stifles innovation, learning and improvement (Long, 2012); it stifles what it is to be human.
The international standard related to risk management AS/NZS ISO 31000:2009 Risk management – Principles and guidelines, defines risk as the “effect of uncertainty on objectives” (cited in HB 327:2010). The companion guide to that Standard, HB 327:2010 Communicating and consulting about risk (The Handbook) warns that ‘Communicating and consulting about risk requires an understanding of the central role of uncertainty in the generation of risk.’ (HB 327:2010).
When one further examines the attendant notes to the definition from the Standard (see footnote below) Note 2 points to the holistic nature of risk by emphasising that risk is not confined to health and safety or to any one part or level of an organisation. Indeed, in support of the view that the nature of “risk management” is a concept to be dealt with as a holistic issue, the World Health Organisation defines health as ‘a state of complete physical, mental and social well-being and not merely the absence of disease or infirmity’ (cited in Aghadiuno, 2010).
The Australian Government Comcare website points to the health benefits of work when it references some of the hazards which are to be addressed when attempting to eliminate or minimise workplace harm, when it states:
Work is generally beneficial to mental health and personal wellbeing. It provides people with structure and purpose and a sense of identity. It also provides opportunities for people to develop and use their skills, to form social relationships, and to increase their feelings of self-worth. (Australian Government Comcare, 2014, accessed 22/09/2015).
For most people their stability of employment would be a critical component of their mental and social well-being and an attack on that employment would constitute an instance of harm. This indicates that our search for the sources of harm, and elimination of that harm would need to consider all components of the organisation, no matter how small that may impact of the success of the business and hence the well-being of its employees. It further highlights the holistic nature of harm and the implausibility of eliminating it.
Australian workplace health and safety legislation acknowledges that the total elimination of risk is not likely. Indeed, the basis of the legislation is ‘reasonable practicability’ (Model WHS Act 2011, Section 18). In order to exercise their workplace health and safety due diligence, management are required to take ‘reasonable steps’, and apply ‘appropriate resources and processes’ in the fulfillment of their duties and obligations (WHS Act 2011, Section 27 (5)).
The methods used to identify and assess risks, as described in the risk management Standard mentioned above, are subjective in nature and not an exact science. The identification and assessment processes are heavily dependent on: the knowledge, expertise and understanding of the people involved in the risk assessment exercise; on their knowledge and expertise related to the thing or process being assessed; and on how they make decisions. The process is dependent on the perception of those involved, and The Handbook accepts this when it states:
Perceptions are what people apprehend to be true—particularly through reliance on their own senses, concepts, experiences, assumptions, knowledge, value sets, intuition and prejudices.
Perceptions may therefore reflect, or vary from, reality but are often a powerful element in the way further information is considered. Consequently, different individuals may view the same information differently and draw different conclusions. (HB 327:2010).
The Handbook further warns us that in consulting and communicating about risk we need to also consider ‘… a number of demographic and socio-economic determinants such as age, sex, education, social class, ethnicity and income strata also affect individual and group perceptions.’ (HB 327:2010).
We know that people have ‘bounded rationality’ (Gigerenzer & Todd, 1999) and generally make decisions as resourcefully as possible by employing ‘satisficing heuristics for searching through a sequence of available alternatives, and fast and frugal heuristics that use little information and computation to make a variety of kinds of decisions.’ (Gigerenzer & Todd, 1999). Research informs us that when people make judgements and discern situations, which may involve risk, they take account of salience and accessibility (Hogg & Vaughan, 2010); they make decisions based on their own schemas (Hogg & Vaughan, 2010); and they apply their personal and collective biases such as: group think, clustering, confirmation bias, overconfidence (hubris), selective perception, anchoring bias and availability heuristic (Gigerenzer & Todd, 1999; Hogg & Vaughan, 2010; Plous, 1993; Slovic, 2010; Sunstein, 2004), and their intuitions or ‘gut feelings’ (Gigerenzer, 2007).
The Handbook acknowledges the humanity of people and the valuable role that heuristics play in decision making about risk when it states: ‘… Heuristics are valid risk assessment tools in some circumstances and can lead to “good” estimates of statistical risk in situations where risks are well known.’ (HB 327:2010).
The employment of short cuts, by the use of satisficing and heuristics, and the application of biases, ultimately results a great deal of ‘exformation’, that is, information which is either not considered, or is briefly considered and discarded during the decision making process (Norretranders, 1998).
Decisions and assessments made about risk are subjective. They are as much dependent on the makeup of the cohort considering the risks, the means those involved employ to identify risks, and the means they adopt to help their decision making process, as they are on the nature of the risks themselves. With so much subjectivity involved it is clearly impossible to identify all sources of harm let alone prevent all harm.
Another issue with preventing all harm has to do with the humanness of those involved. Billett, Gruber and Harteis (2012) tell us that ‘… Firstly, complex problems and fuzzy rules shape an environment of human behaviour which makes errors unavoidable; and, secondly, errors can be fruitful incidents for further development.’
This leaves us with a number of challenges. What do we do in relation to the harm that we cannot identify and/ or control? What do we do to manage harm from events that are unexpected? What do we do when people, as fallible humans, make mistakes? And how can we benefit from the lessons learned in order to better prepare for the next unexpected event?
We understand from social psychology, that risk management is a ‘wicked problem’ it cannot be totally resolved; it can only be tackled and worked on (Conklin, 2006). However, one answer is to enable people to be ready for and to deal with the unexpected when it inevitably happens. This means that we need to be ready for when things go wrong such that we: recognise the “wrongness” as soon as we can; we limit the harm caused, both in terms of its impact and its sphere of influence; and we either return expeditiously to the pre-incident state, or quickly adapt to our ‘newly enacted’ environment (Weick, 1969). Weick and Sutcliffe call this process having a ‘commitment to resilience’ (Weick & Sutcliffe, 2007).
Weick and Sutcliffe adopt Allenby and Fink’s definition of resilience as ‘… the capability of a system to maintain its function and structure in the face of internal and external changes and to degrade gracefully when it must.’ (cited in Weick & Sutcliffe, 2007). Zautra, Hall and Murray (2010) tell us that ‘… resilience (sic) is best defined as an outcome of successful adaptation to adversity.’
A critical point here is the importance of adaptation to the enacted environment, in the role of developing resilience. Denhardt and Denhardt (2010) state that ‘Resilience involves the ability to adapt creatively and constructively to change, and change is the one constant in organizational (sic) life today.’
Importantly, Weick and Sutcliffe advise us that the resilient organisation carries the scars of its interactions; it learns and becomes better prepared as a result of dealing with the unexpected but not by wrapping itself in more defence systems; it does so by building its capability to respond (Weick & Sutcliffe, 2007).
Adaptability is something that is developed over time and is something that actually benefits from the mistakes of people and the errors and failures, which are noticed and recovered, before they escalate into major events (Amalberti, 2013). This acceptance of failure is something that organisations, which are focussed on eliminating harm, cannot accept or acknowledge. For the resilient organisation, what is critical is that the response to challenges and the unexpected does not result in brittleness and inflexibility (Denhardt & Denhardt, 2010); instead it results in ‘antifragility’ (Taleb, 2012) and an ability to learn from failure. Conversely, an organisation which is focussed on the elimination of harm is in danger of becoming brittle, inflexible, fragile and stagnant.
Denhardt and Denhardt (2010) encompass a holistic approach to managing the unexpected when they identify that resilient organisations are characterised by five key elements: first, they have a capacity for redundancy, they have a capacity for their systems to degrade but for the organisation to survive as components fail; second, their robustness and vigour, typified by promoting ‘… the mental and psychological health of their employees’; third, their flexibility and willingness to ‘… try new approaches rather than relying only on standard operating procedures’; fourth, their reliability is based on organisational infrastructure that is ‘… sound, providing reliable and accurate data, working communication channels, and management of resources’; and lastly a culture of ‘… respect and trust’.
So how does the zero harm organisation measure up to these characteristics when dealing with uncertainty?
As pointed out above, such organisations cannot tolerate failure, they compensate by building more and more elaborate systems of control and control redundancy; they become so ‘tightly coupled’ that they eventually lose the capacity to adapt (Weick, 1982). Their focus is on mechanistic systems and people as human factors fitting into those systems, as opposed to promoting the health and psychological well-being of people. Adherence to procedures is fundamental and uncompromising. The pressure to achieve zero harm impacts negatively on reporting and the accuracy of data, and it stifles communication channels, the by-product of which is the loss of respect and trust in the organisation and its leadership.
An organisation which is focussed on resilience embraces uncertainty and the inevitability of mistakes and develops capability such that the impact of uncertainty and mistakes is restricted (when negative) or embraced and enhanced (when positive); (Weick & Sutcliffe, 2007)
Of course the desire for resilience does not mean the acceptance of all harm as good; although often times good comes from harm (Taleb, 2012). Life and decision making is never binary it is always grey and messy. The athlete knows that by stretching muscle tissue and developing small tears encourages the development of bigger muscle tissue and more strength.
We cannot see all harm, although we can acknowledge that unforeseen harm does exist. Therefore we need to develop the capacity to identify and deal with that which we cannot see. We need to be able to manage for the unexpected. In particular, we need to be ready for when things go wrong such that, harm is limited, consequences are constrained, damage can be controlled and a return to productivity can be expedited. In other words given that we cannot see the future, and that the unexpected will happen, we are better off developing our capacity for resilience than attempting to predict and control harm.
I welcome your comments and thoughts and maybe a chat about developing resilience instead of more controls.
My thanks to Dave Collins.
This article was originally published on the Safety Risk Blog where you can view the Bibliography.