Abstract
Defensive risk reduction models are typically reactive elements. These can be improved by adopting offensive strategies that are reaching outwards to gather critical data to inform on barrier performance, and enhance improvements in advance of the next potential unwanted event.
Practical techniques to add strategies of offense to defensive barrier risk reduction models are available, through the capabilities of bowtie barrier management. These can be fully capitalized with systems and software at an enterprise level. Specifically, an offensive approach uses the ability to combine risk, audit, incident and maintenance system or barrier-state data onto bowtie barriers for a fourfold view of barrier condition. This enables a more offensive stance: predictions of barrier decay or weakness, followed by improvement strategies and follow-up.
A critical four-corned risk and incident reduction strategy is presented:
Risk: What are the major risks in our organisation and how are we managing them?
Audits: Is each barrier in place and maintained as required?
Incidents: Across one or several incidents, what barriers have been involved, and did they fail or perform as expected?
Systems: What systems and system components are degraded or offline today and which barriers are therefore affected?
Collation of this data can be performed by choosing a risk element that is common and available to all of the four elements – namely, a bowtie barrier. By using the visual aspects of a bowtie barrier to become the repository for all the relevant data, interpretation, indication and improvement is enhanced. Enterprise risk systems on suitable bowtie-based servers can bring all relevant data under one warehouse and improve access, consistency and shared risk reduction opportunities. Just as each barrier can become a hub for the capture and analysis of dynamic data, a server-based risk analysis warehouse for the enterprise promotes use of various forms of captured data for the scrutiny and improvement of barriers.
