How Much Risk Are You Taking On?
How much risk are you will you willing to accept?
This is one of the most critical questions that every aviation service provider needs to answer. The answer will influence every single risk management activity in the operator's aviation safety management system (SMS).
What is your risk appetite? Not surprisingly, our risk appetite changes based on a variety of factors that require constant monitoring, including:
- Your product or service life-cycle;
- Organization's financial situation; and
- Environmental factors, like the economy.
Related Articles on Aviation Risk Management
- Types of Operational Risk for Airline SMS
- Top Factors That Influence Risk Tolerance
- 5 Ways to Analyze Risk in Aviation SMS Implementations
How to Determine Acceptable Levels of Risk?
Commonly, we think about the "risk tolerance" question in terms of Acceptable Level of Safety (ALoS) or “as low as reasonably practicable” (ALARP). However, it may be less effective to address the issue of acceptability in terms of a concept (ALoS, ALARP) rather than as a question. This is because attacking risk permissibility from the point of view of ALoS or ALARP allows you sidestep actually asking yourself the all-important question (), “How much risk are we willing to accept?” (HMRA)
The difference between ALoS/ALARP and HMRA is subtle, but very important:
- ALARP addressed the practice of reducing risk with a focus on perpetual continuous improvement;
- ALoS addresses risk from a point of acceptability; and
- HMRA directly considers the amount of risk for a given safety concern.
In other words, ALoS focuses on the amount of safety for a given type of concern, while asking HMRA focuses on the amount of risk being taken on for a given safety concern. Specifically asking how much risk you are willing to accept is a natural way of shifting your focus to what risks you are taking on and accepting, rather than the safety of the issue in question.
That being said, every aviation service provider should consider all three of the above points, but in a cycle.
The Circle of Risk Acceptance
ALOS, ALARP, and HMRA should all be established in your safety documentation and practices. However, they should be established in a particular order. It works like this:
- Choose given safety concern, i.e. a risk (potential damages) or hazard (dangerous conception);
- For that safety concern, ask “How much risk are we willing to take on?” (HMRA);
- Document what/how much risk will be taken on by your company;
- Document the extent to which the hazard/risk will be mitigated (ALARP); and
- Based on this documentation, establish (or verify) goals for acceptable level of safety.
This process should happen on a high level, such as in safety goals and objectives documentation. It should also exist on a micro level, such as during the risk management process of individual safety concerns.
This process is also a cycle, whereby reviewing ALoS goals should be reviewed by asking the HMRA question.
Related Articles on Aviation Risk Management
- 4 Elements of Safety Risk Management (SRM)
- What Is the Process of Risk Management in Aviation SMS
- The 5 Risk Mitigation Strategies in Aviation SMS
What Does It Mean to “Take-On” Risk
Assessing how much risk is being taken on is an important first step in establishing acceptable level of safety and as low as reasonably practicable. By “taken on” we are talking about:
- Overall organizational risk that is being taken on; or
- Risk that is being taken-on for a specific concern.
Taken-on is similar to “accepted.” It arises from the fact that absolute safety is unachievable. What this looks like is identifying aspects of a risk or hazard that:
- Are beyond company control;
- Are unlikely or mild enough that they are not worth resources to address; and
- Company does not have resources/technology to fully address.
In summary, taking on risk means addressing what potentialities remain after SMS mitigation efforts.
Risk Mitigation and Taking-On Risk
Asking and answering how much risk is being taken on is an essential part of segregating:
- What specific elements of a risk/hazard are being mitigated; and
- What specific elements of a risk/hazard AREN’T being mitigated.
Establishing both elements is an essential part of risk mitigation effort, as it helps identify:
- Potential elements of a risk/hazard that can be further mitigated;
- Elements of risk/hazard that have no risk controls; and
- How risk controls work on hazard/risk potentialities.
The main argument here is that mitigating risk is as much about understanding what you are mitigating as what you aren’t mitigating.
Related Articles on Mitigating Risk in Aviation SMS
- What Is Risk Mitigation in Aviation SMS
- 4 Ways to Mitigate Risk in Aviation Safety Management Systems
- Risk Mitigation Best Practices in Aviation Safety Management
Final Thought: Assessing If What Organization Is Taking-On Is Acceptable
Taking-on a certain amount of risk actually makes sense for organizations. It would be a poor and unmanageable use of resources to try and mitigate a particular risk “entirely.” Therefore:
- Anticipate that every hazard/risk will take-on a certain level of exposure;
- Review what exposure your organization is taking-on;
- Do a risk assessment on that exposure; and
- See if the risk assessment falls within your defined level of acceptability.
Doing this assumes that your organization has already defined the line in your risk matrix that separates acceptability from non-acceptability.
For further information about defining acceptability and analyzing risk that your company is taking-on, these resources should prove valuable:
Published May 2017. Last updated January 2020.