Operational Risk

Management
 ORM Definition

ORM is the process of dealing

with the risks associated with
military operations, which
includes: risk assessment, risk
decision making and
implementation of effective risk
controls.
 Objectives

Upon completion of this lesson, you will be able to:

– Define Operational Risk Management (ORM)

– Define Time-Critical Risk Management (TCRM)

– Describe the levels of ORM

– Discuss the link between the ORM 5 Step Process and TCRM

– Discuss how TCRM increases situational awareness and decreases risks

– Apply TCRM to real-life situations

 The ORM Process
• Is a decision making tool used by personnel
at all levels to increase effectiveness by
identifying, assessing, and managing risks
• Increases our ability to make informed
decisions.
• Minimizes risk to acceptable levels.
• Applies both on the job and in off-duty
activities.

“ORM must be practiced 24 hours a day, 7 days a week, 365 days a year.”
 Principles of ORM

• Accept risk when benefits outweigh

the costs.
• Accept no unnecessary risk.
• Anticipate and manage risk by
planning.
• Make risk decisions at the right
level.
 Levels of ORM
Strategic Tactical
Time Available Limited/No Time
for Planning for Planning Mission
&
Task
In-Depth Deliberate Time Critical Success

Charts / Flips Operational Planning Team/Crew

Ship/Aircraft Mission Briefs Mission Execution
(Systems Safety) CO Standing Orders Checklist
Instructions Safety Equipment Change Management
Equipment Design (Mission/Crew Change)
Formal Training Equipment Degradation

Controls become resources during execution

 ORM Process Cycle
Identify the Hazards

Analyze List Determine Hazard

Missions Mission Hazards Root Causes

Lessons
Learned New
Hazards Assess the Hazards
Supervise Assess the severity
Monitor
Assess Probability
Review
Complete Risk
Assessment
Feedback

Implement Controls Make Risk Decisions

Determine
Make Implementation Clear Identify Control Options Residual
Risk
Establish Accountability Determine Control Effects

Provide Support Make Risk Decisions

 Identify the Hazards
A hazard is any condition with the potential to negatively impact
mission accomplishment or cause injury, death, or property damage.

To identify the hazards:

• Analyze the mission – Review the plans and orders describing the
mission or task to ID all tasks, requirements and conditions then create a
sequential or chronological list of all major events or tasks in a mission

• List the hazards – Review each event in the sequence of tasks for
hazards. Involve operators and those with applicable experience.
Brainstorming is useful for this preliminary hazard analysis. Ask “what if”
to think about what could go wrong.

• Determine the root cause - Make a list of the causes associated

with each identified hazard. The root cause is the first link in the chain of
events leading to mission or task degradation.
 ORM PROCESS CYCLE
Identify the Hazards

Analyze List Determine Hazard

Missions Mission Hazards Root Causes

Lessons
Learned New
Hazards Assess the Hazards
Supervise Assess the severity
Monitor
Assess Probability
Review
Complete Risk
Assessment
Feedback

Implement Controls Make Risk Decisions

Determine
Make Implementation Clear Identify Control Options Residual
Risk
Establish Accountability Determine Control Effects

Provide Support Make Risk Decisions

 Assess the Hazards
For each hazard indentified, determine the associated degree of risk in terms
of probability and severity. The result of the risk assessment is a prioritized
list of hazards, which ensures that controls are first identified for the most
serious threat to mission or task accomplishment.

Risk: An expression of possible loss due to a hazard

in terms of severity and probability.

Severity: Determines how bad the results would be if

the hazard caused a mishap. Qualitatively
categorized from 1 to 4, with 1 being the most severe.

Probability: Determines how likely the hazard could

cause a mishap. Qualitatively categorized from A to
D, with A being the most probable.
 Severity Categories
• Cat I: Death, loss of facility/asset or result in
grave damage to national interests.
• Cat II: Severe injury, illness, property damage,
damage to national or service interests or
degradation.
• Cat III: Minor injury, illness, property damage,
damage to national or service interests or
degradation.
• Cat IV: Minimal threat to personnel safety or
health, property, national, service or command
interests use of assets.
 Probability Criteria
• Subcategory A: A mishap likely to occur
immediately or within a short period of time.

• Subcategory B: Will cause a mishap in time.

• Subcategory C: May cause a mishap in time.

• Subcategory D: Unlikely to cause a mishap.

 Risk Assessment Code Matrix
The Risk Assessment Code (RAC) Matrix is used to determine
the RAC for a hazard. You must cross probability and severity
to obtain this code.

PROBABILITY
Frequency of Occurrence Over Time
Risk Assessment Matrix
A B C D
Likely Probable May Unlikely
Loss of Mission Capability, Unit
I 1 1 2 3
Readiness or Asset; Death
Effect of Hazard

Significantly Degraded Mission

SEVERITY

II Capability or Unit Readiness; Severe 1 2 3 4

Injury or Damage
Degraded Mission Capability or Unit
III 2 3 4 5
Readiness; Minor injury or Damage
Little or No Impact to Mission
IV Capability or Unit Readiness; Minimal 3 4 5 5
Injury or Damage.
Risk Assessment Codes
1 – Critical 2 – Serious 3 – Moderate 4 – Minor 5 – Negligible
 ORM PROCESS CYCLE
Identify the Hazards

Analyze List Determine Hazard

Missions Mission Hazards Root Causes

Lessons
Learned New
Hazards Assess the Hazards
Supervise Assess the severity
Monitor
Assess Probability
Review
Complete Risk
Assessment
Feedback

Implement Controls Make Risk Decisions

Determine
Make Implementation Clear Identify Control Options Residual
Risk
Establish Accountability Determine Control Effects

Provide Support Make Risk Decisions

 Criteria for Establishing
Effective Controls
• Suitability
• Feasibility
• Acceptability
• Explicitness
• Support
• Standards
• Training
• Leadership
• Individual
Control Options
• Reject the risk
• Avoid the risk
• Delay an action
• Transfer the risk
• Compensate for
the risk
 Types of Controls
• Engineering Controls: examples include
material selection or substitution

• Administrative Controls: examples

include warnings, markings, placards, signs,
written policies, instructions, SOPs

• Physical Controls: examples include PPE,

fences, special oversight personnel
 ORM PROCESS CYCLE
Identify the Hazards

Analyze List Determine Hazard

Missions Mission Hazards Root Causes

Lessons
Learned New
Hazards Assess the Hazards
Supervise Assess the severity
Monitor
Assess Probability
Review
Complete Risk
Assessment
Feedback

Implement Controls Make Risk Decisions

Determine
Make Implementation Clear Identify Control Options Residual
Risk
Establish Accountability Determine Control Effects

Provide Support Make Risk Decisions

 Implement Controls
Implementing Controls Requires:
• Clearly communicating plan to all involved
personnel

• Establishing accountability

• Guaranteeing necessary support is available

Careful documentation of each step in the RM process facilitates risk

communication and the rational processes behind the RM decisions.
 ORM PROCESS CYCLE
Identify the Hazards

Analyze List Determine Hazard

Missions Mission Hazards Root Causes

Lessons
Learned New
Hazards Assess the Hazards
Supervise Assess the severity
Monitor
Assess Probability
Review
Complete Risk
Assessment
Feedback

Implement Controls Make Risk Decisions

Determine
Make Implementation Clear Identify Control Options Residual
Risk
Establish Accountability Determine Control Effects

Provide Support Make Risk Decisions

 Supervise
Supervision is a key step in the ORM
process. It involves determining the
effectiveness of risk controls throughout
the mission or task. This involves three
actions:
– Monitoring the effectiveness of risk controls
– Determining the need for further assessment of all or a portion
of the mission or task due to an unanticipated change
– Capturing lessons learned
Time Critical Risk
Management
Red

Yellow

Green
 Introduction: What is TCRM?
• TCRM is using risk management concepts when
time and resources are limited.
• Applying ORM principles at the point of, or
during execution of a mission or task
• Methodology is similar but less deliberate than
the five step process
• The ABCD Model
– A - Assess the situation Red

– B - Balance Resources Yellow

– C - Communicate to others
– D - Do and Debrief the event Green
 Why TCRM?
• Experience is result of learning events
• Leadership has a responsibility to marshal and
coordinate experience from all personnel
• Inconsistent levels of team and individual
responses based on different levels of
experience
• The ABCD model provides ability to match
previous mission to new experience
• Provides common language in natural format
 Nature of TCRM
• Designed to assist when
– Working in a dynamic environment
– Monitoring a static or routine situation
– Making a decision with partial information
• Develop sound, consistent habits
• Consistent with continuous improvement
• Requires unique set of skills
• Relies on experience
• Standardizes communication
 ABCD Model
Red

Yellow

Green

•Green: indicates errors may occur, but will be caught by individual

•Yellow: indicates the potential for consequential errors have increased
•Red: indicates errors may occur that cannot be caught and become
consequential to the task or mission
•The swooping arrow represents a return to good SA and mitigation of risk
• The blocks represent the multiple levels of resources
*The target is used during team communication to focus one or more
individuals into an understanding of situational conditions or an individual
may use it as a self-assessment tool
 ABCD

The ABCD block represents the TCRM mnemonic

A – Assess the situation

B – Balance Resources
C – Communicate to Others
D – Do and Debrief the Event
Link Between TCRM and 5-Step Process

•Is not a replacement for the 5-step deliberate process

•Is the practical application of the 5-step process in a time-critical
environment
 Assess the Situation
• First two steps of the 5-step process
• Requires accurate perception of situation
in a relatively short period of time
• Must maintain good SA
• Reliant on individuals ability to
comprehend situation and apply
appropriate, available resources quickly
and effectively
• Difference between success and failure
 Balance Resources
• Tied specifically to making risk decisions
(steps 3-5 of the 5-step process)
• Must consider using resources created for
the mission or activity
• Thorough planning prior to event will
increase availability of appropriate
resources
• Examples: PPE, proper training,
understanding task or mission
 Communicate to Others
• “C” reminds us, explicitly, to communicate
• Maintains good SA, task loading, & crew
factors are critical components
• Communication tends to become limited
under stress/time constraints
• Who needs to know?
• What can be done?
• Who can help or assist?
 Do and Debrief the Event
• Tied to steps 4 & 5 of the 5-step process
• Ensure the feedback loop is performed
• Identify what worked and what did not
• Ensure lessons are learned, recorded, &
disseminated
• Improves performance, mitigates risks
• Is essential to completing the ABCD loop
 Applying TCRM into the Planning Process
Skills
1. Situational Awareness
Process
• I know my environment ABCD for
• I can see changes
Decision Making
2. Mission Analysis
•
•
I can assess the changes
I can see how they affect my job/mission
Assess the mission for potential
adverse consequences
3. Assertiveness
• I have confidence in myself, my team, and my
leadership to bring new threats to their
attention Balance the use of Resources to
4. Communication minimize risk
• I need to let my teammates or others involved
know what I know

5. Leadership Communicate Risks and

• My leaders accept my plan for action or know
how to act to manage new risk Intentions
6. Adaptability/Flexibility
• The plan is flexible and we can adapt to
changes
Do (and debrief to improve
future performance)
7. Decision Making
• We have enough information, time and a good
plan of action, or we need help
 Time Critical Scenarios

NIGHT UNREP
™ • Routine Evolution
• Time Constrained
• Supply ship committed (perceived)

What’s Different? Decision Distractions Option A

• Late at night start • Desire to get the job • Continue with evolution
(2300) done now • Risks – damage to
• Winds and seas • Fatigue equipment, people
different than forecast • Routine Evolution Option B
• Maintaining station • Breakaway and
difficult reassess hazards and
• Keeping fuel hoses controls
seated very difficult • Risks – delay, lower
than normal fuel
 Time Critical Scenarios

RETURN FROM LEAVE

• Routine Drive of 300 miles
™
• End of Major Holiday Weekend
• Muster at 0730
• Getting underway in two days

What’s Changed? Decision Distractions Option A

• Family early PM dinner • Never been late from • Continue with Drive
runs late leave • Risks – fatigue, flat tire,
• Rear tire deflated (slow • New Division CPO heavy traffic
leak from nail puncture) • Made this drive many Option B
• Light fog forms (not times before • Call ship and speak to
forecasted) OOD
• Risks – Angry CPO,
miss underway briefs
TCRM Card
 Conclusion
• Practical use of the ABCD Model by all
Navy personnel will sustain a responsive
capability to effectively meet personal
challenges or mission contingencies now
and in the future
 NROTC ORM
– Unit mission – Marine Field Training
– Training syllabus Exercises
– Medical reporting – Marine hikes
– Safety surveys – Orientation
– Physical training – Levels of ORM training in
– Swim Program NROTC Program
– Sail Training – Pre-Mishap Safety Plan
– Rifle/Pistol – Medical Reporting
– Close Order Drill – TCRM Cards
Questions &
Summary