Multiple choice test Flashcards
What are the three questions used to define risk?
- What can go wrong?
- How probable is it?
- What are the consequences?
What is Proactive risk management?
Identifies risks before they happen and figure out ways to avoid or alleviate the risk
What is Reactive risk management?
Tries to mitigate the consequences and damages of potential threats, but assumes they will happen some day
What is supply chain resilience?
Supply chain resilience refers to the ability of a supply chain to quickly recover from disruptions or unexpected events and continue operating effectively.
What is risk management in supply chain management?
Risk management in supply chain management involves identifying, assessing, and prioritizing risks in the supply chain and taking actions to mitigate or manage those risks.
What are some common risks in supply chain management?
Common risks in supply chain management include disruptions due to natural disasters, transportation delays or breakdowns, supplier bankruptcy, and quality issues.
What is the difference between reactive and proactive risk management?
Reactive risk management involves responding to risks after they have occurred, while proactive risk management involves identifying and addressing risks before they occur.
What is the bowtie risk management model?
The bow tie diagram relates to the three questions defining risk as explained below
1. What can go wrong? The middle of the bow identifies possible undesired events
2. How probable is it? The left bow analyses possible hazards and threats that can lead to undesired event
3. What are the consequences? The left side of the bow analyses the consequences following the undesired event
Question: What are some common approaches to risk assessment?
Common approaches to risk assessment include qualitative and quantitative risk assessments, scenario planning, and supply chain mapping.
How can supply chain risk management contribute to organizational performance?
Effective supply chain risk management can contribute to organizational performance by reducing the likelihood and impact of disruptions, improving supply chain efficiency and agility, and enhancing customer satisfaction.
What is safety account in risk management?
An account of all accidents that occurred in a specific (past) time period, together with frequencies and consequences observed for each type of accidents. The term “risk” is sometimes also used to describe the safety and some talk about “historical risk”
What is “historical risk”?
Historical risk refers to risks related to accidents that occurred in a specific (past) time period, together with frequencies and consequences observed for each type of accident
Why are historical risks considered in risk management?
When looking at previous risks or undesired incidents, one can determine possible risks and look at the frequencies and consequences previously observed to determine how to manage the risks when establishing a risk management strategy
What is a common model for identifying safety barriers in the process industry?
The onion model
What does the onion model illustrate?
The onion model, or the layers of protection illustrates that safety is not managed by one barrier alone, but many. The model also identifies barriers that are not primarily for safety (e.g. control). An important premise is that each layer (or barrier) is independent from the others.
What are the 8 layers of protection in the onion model?
- Process design - inherently safe design
- Control - Basic process control system. Process alarms, operator procedures
- Prevention - Safety-critical process alarms, safety instrumented systems
- Mitigation - Pressure relief valves, rupture discs
- Physical barriers - Barricades, dikes
- Fire and gas systems - deluge systems, fire sprinklers, toxic gas detection and alarm
- Plant emergency response
- Community emergency response
What are safety-critical systems?
A safety system where the main purpose is to ensure safety, and where the consequence can create hazardous events
What are safety-related systems?
A safety system where the purpose is not to ensure safety, but where the consequence of failure can create hazardous events. This covers a broader scope of systems than safety-critical
Define hazardous events
A hazardous event is the first event in a sequence of events that, if not controlled will lead to undesired consequences (harm) to some assets. A hazardous event can call for a response by the safety system or occur as a consequence of safety system failure.
What are the 5 classifications of hazards?
- Natural hazards
- Technological hazards
- Organisational hazards
- Social hazards
- Behavioural hazards
What are some examples of natural hazards?
Floods, earthquakes, tornados, tsunamis or lightning
What are some examples of technological hazards?
Industrial facilities, structures, transportation systems, consumer products, pesticides or pharmaceuticals
What are some examples of organizational hazards?
Long working hours or inadequate competence
What are some examples of social hazards?
Assault, war, sabotage or communicable disease (infectious disease)
What are some examples of behavioural hazards?
Drug abuse, alcohol or smoking
What is accident scenario?
A specific sequence of events from an initiating event to an undesired consequence or harm. The sequence is usually influenced by one or more safety barriers, but could also be a single event (no barriers involved)
What are the three different accident scenarios?
- Reference accident scenario:
A scenario that is representative for a set of accident scenarios that are identified in a risk analysis where the scenarios in the set are considered likely to occur - Worst-case accident scenario:
The scenario with the highest consequence that is physically possible regardless of likelihood - Worst credible accident scenario:
The highest consequence accident scenario identified that is considered plausible or reasonably believable
What is risk analysis?
Risk analysis involves understanding how accidents can happen and what the consequences might be. It is systematic use of available information to identify hazards and to estimate the risk to individuals, property and the environment.
What are three possible steps to risk analysis?
- Hazard identification
- Frequency analysis
- Consequence analysis
Name some of the factors contributing to an increased business/maritime risk
- Technological change
-Increasing scale of industrial installations - Rapid development of ICT (Information and communication technology)
- Aggressive and competitive marketplace
-Demand for speed - Increased likelihood of sabotage and terrorism
- The increasing use of multicultural workforces
- Climate change
Mention the three forms of decision-making
- Deterministic
- Risk-based decision-making (RBDM)
- Risk-informed decision-making (RIDM)
What is deterministic decision-making?
Decisions without consideration of the likelihood of possible outcome
What is risk-based decision-making (RBDM)?
A process that uses quantification of risks, costs and benefits to evaluate and compare decision options competing for limited resources
What is risk-informed decision-making (RIDM)?
An approach to decision-making representing a philosophy whereby risk insights are considered together with other factors to establish requirements that better focus the attention design and operational issues commensurate with their importance to health and safety.
Define reliability
The probability that a product, system, or service will perform its intended function adequately for a specified period of time, or will operate in a defined environment without failure.
What are the different reliability approaches?
-Hardware reliability (structural reliability and systems reliability)
-Human reliability
-Software reliability
Define vulnerability
The inability of an object to resist the impacts of an unwanted event and to restore it to its original state or function following the event.
Define resilience
The ability to accommodate change without catastrophic failure, or the capacity to absorb shocks gracefully.
What are the 4 types of business risks?
- Strategic
- Operational
- Hazard
- Financial
What are strategic business risks?
- Demand shortfall
- Customer retention
- Integration problems
- Pricing pressure
- Research and development
- Industry or sector downturn
- Joint venture or partner losses
What are operational business risks?
- Cost overruns.
- Operating controls
- Poor capacity management
- Supply chain issues
- Employee issues, including fraud, bribery, and corruption.
- Regulation
- Commodity prices
What are hazard business risks?
- Macroeconomic
- Political issues
- Legal issues
- Terrorism
- Natural disasters
One-dimensional assessment vs Multi-dimensional assessment in traditional RM and ERM (Enterprise Risk Management)
Traditional risk management only focuses on mitigating known risks, while ERM takes a more comprehensive approach to identifying and managing risks by consistently evaluating probability and understanding potential events.
Explanation:
Traditional risk management focuses on mitigating known issues or risks that have already occurred or are likely to occur again, such as a slip and fall accident. It primarily considers the impact or severity of the issue at a certain point in time and typically only evaluates the probability of a certain risk or issue affecting the organization informally.
On the other hand, Enterprise Risk Management (ERM) goes beyond just considering the impact and probability of an issue. It also looks at the potential events or risks and how they relate to the strategic plan, organizational mission, or a specific operation. ERM consistently evaluates the probability of risks occurring and peels back the layers to better understand the potential events that could impact the organization.
RM that occurs within one business unit (siloed) vs. Spans the entire organisation (holistic) [explained]
Traditional risk management operates within one department, creating a siloed approach that can lead to risks being missed altogether or inadvertently created in other areas.
Enterprise Risk Management (ERM) ties these silos of all the departments together to provide a holistic view of risk and opportunities for executives and business units.
ERM programs, there is typically a director, vice president, or chief risk officer who ties all the different silos together so that executives can have a comprehensive view of the risks that could affect the organization’s ability to meet its goals.
What are safety barriers? (or just barriers)
is a common term for technical, human, or organisational measures introduced to reduce risk. These barriers are introduced to reduce the probability of undesired events (as proactive barriers), or to mitigate their consequences (as reactive barriers).
How can an organisation take a more proactive approach? (relates to ERM)
by preparing for current day risks and identifying emerging risks that could affect the organisation down the road
What are proactive barriers?
Proactive barriers in risk management are measures put in place to prevent or minimise potential risks before they occur (risk assessments, policies and procedures etc.).
What are reactive barriers?
Reactive barriers in risk management are measures put in place to address risks after they have occurred or been identified. These barriers are designed to prevent or mitigate the potential impact of risks that have already materialised (crisis management, corrective actions, cause analysis etc.).
What are the two most common standards for ERM (name them) that companies must refer to?
COSO + ISO 31000
What are safety-critical systems?
A safety system where the main purpose is to ensure safety, and where the consequence can create hazardous events
What are safety-related systems?
A safety system where the main purpose is not to ensure safety, but where the consequence of failure can create hazardous events
What is the process of risk analysis?
- Identification of risk
- Analysing the risk
- Evaluating the risk
- Treat the risk
- Review the risk
What is the correct order for a risk management process?
Risk Identification -> Risk estimation -> Risk evaluation
What is the first step for effectively identifying a risk in an organization?
“Establish the context” by defining the strategic, operational, reporting and compliance objectives. (SORC)
What is maintenance in risk management?
Maintenance refers to all actions, including supervision, aimed at keeping an item in good working condition or restoring it to a state where it can perform its intended function. There are two types of maintenance: corrective, which fixes problems that have occurred, and preventive, which aims to prevent problems from occurring.
What is recovery in risk management?
Recovery is the ability of an item to be restored to a specific condition when it undergoes maintenance or repair by personnel with the required skills, following the prescribed procedures and using the appropriate resources at each level of maintenance.
What are the four categories of corporate risk?
- Operational risk
- Reputational risk
- Business risk
- Cyber risk
What is risk?
risk refers to the likelihood of an unwanted event occurring that could negatively impact the supply chain’s performance or disrupt its operations.
What is uncertainty
Uncertainty can arise from various sources, including insufficient data, incomplete information, or a lack of historical precedents.
What arises from randomness with knowable probabilities?
Risk
What can really contribute to effective risk management?
real-time information
What arises from randomness with unknowable probabilities?
Uncertainty
What is the role of risk management?
The role of risk management is to identify, assess, and mitigate potential risks to a business or organization.
What is supply chain vulnerability?
Supply chain vulnerability refers to the susceptibility of a supply chain to disruption or failure due to various internal or external factors. These factors (risks) can include natural disasters, cyber attacks, labour strikes etc.
What are the three R’s in the resilience triangle framework?
Robustness
Redundancy
Resourcefulness
Describe robustness as a risk management component from the resilience triangle
Robustness focuses on the ability of an organization or system to withstand and absorb shocks or disruptions
Describe redundancy as a risk management component from the resilience triangle
Redundancy refers to the duplication of critical resources, such as suppliers, logistics networks, or IT systems. It involves creating backup plans and alternative supply routes to reduce the risk of supply chain disruptions.
In the context of risk management, redundancy serves as a means of reducing the likelihood and impact of disruptions by creating backup systems that can be activated if the primary systems fail. This can include redundant equipment, backup suppliers, and duplicate processes, among other things.
Describe resourcefulness as a risk management component from the resilience triangle
Resourcefulness refers to the ability of an organization or system to adapt and innovate in response to changing circumstances
What is resilience in an organisation?
The ability to bounce back from negative experience or difficult challenge
How is supply chain resilience described?
the supply chain’s ability to be prepared for unexpected risk events, responding and recovering quickly to potential disruptions to return to its original situation
What is the point of having digital connectivity and intelligent technologies in supply chain?
To enhance its ability to adapt, respond and recover from whatever unknowns arise
What are the different uses of the term “risk”?
- Risk referring to variables that reduce outcome predictability such as political risks, market risks or climate risks
- Risks arising from the uncertainty of those variables; possible changes in those variables such as low operational performance, security risk or technological risks
How does risk management relate to decision making?
Effective decision-making requires identifying and evaluating potential risks and uncertainties associated with each option. Risk management provides a framework for identifying, assessing, and managing risks to minimize potential adverse consequences that may result from decisions. Risk management often involves balancing the potential benefits and risks of different options.
What are the challenges of global SC resilience?
- Supply chains lack global resilience and are breaking down in the face of multi-country disruptions
- SC and operations are becoming more costly and can be a company’s highest cost
- SC and operations do not meet stakeholder’s expectations for sustainability
Why is SCRM (Supply Chain Risk Management) important?
to identify and mitigate risks for reducing supply chain vulnerability
What are some underlying psychological influences to risk management?
-Risk perception
-Risk behaviours
-Uncertainty avoidance
What is SCRE (Supply Chain Resilience)
the capability of a supply chain to prevent disruptions and to reduce the impact of disruptions through developing required level of readiness, quick response and recover ability.
How do groups with hierarchical culture tend to perceive industrial/technological risks?
As an opportunity
How do groups with egalitarian culture tend to perceive industrial/technological risks?
As a threat to their social structure
How does individuals’ relationship to oneself within a society affect their value orientation?
People high on collectivism values (i.e. low on individualism) tend to see themselves as part of a group and view performance as a result of collective efforts
people low on collectivism values (i.e. high on individualism) see themselves as independent of other individuals within a society and view outcome as a result of their own individual effort
With what steps does SCRE (Supply Chain Resilience) assess resilience?
- Readiness
- Responsiveness
- Recovery
What is Readiness in SC Resilience?
Also know as “pre-emptive” capabilities, they establish control in the SC and help overcome uncertainties
In the context of supply chain resilience, readiness refers to the preparedness of a supply chain to anticipate and respond to disruptions. This includes having the necessary resources, plans, and processes in place to minimize the impact of disruptions on the supply chain.
What is Responsiveness in SC Resilience?
the ability to respond quickly to critical situations
What are the two strategies in SC Readiness?
Visibility + Robustness
What are the two strategies in SC Responsiveness?
Flexibility + Redundancy
What is the cushion hypothesis (collectivism)?
The “cushion hypothesis” suggests that collectivism values impact an individual’s responsibility for losses and risk perception. Individuals with higher collectivism tend to view themselves as part of a larger group and mutually responsible for potential losses. Compared to those with low collectivism, they are more likely to see their group as a “cushion” that can act as a buffer and diversify the consequences of disruptions in a socially beneficial way.
What is the tough guy hypothesis (Collectivism)?
This hypothesis suggests that people with low collectivism tend to underestimate the likelihood of risk and feel in control of managing potential losses. Individuals with low collectivism, which implies a higher degree of independence, are more susceptible to self-enhancement biases, such as unrealistic optimism.
What is Recovery in SC Resilience?
the extent of recovery time ,cost, absorption of disruption and ability to reduce the impact of loss which focuses on the post disruption capability of a system
OR
the ability of a supply chain to revert to its original state after being affected due to some change in the external environment
What is multi-level analysis?
Multi-level analysis involves examining a problem at different levels of abstraction or detail, such as individual, group, organizational, and societal levels.
What is a strategy for SC Recovery?
contingencies - which means restructuring and managing resources to reduce adverse consequences of SC distruption
What is multi-facet analysis?
Multi-facet analysis involves breaking down a problem into its various facets or dimensions, such as economic, social, cultural, environmental, and political factors.
A supply chain is a system or network of….?
~ organisations
~ people
~ activities
~ informations
~ resources
….that are involved in supplying a product or service to a consumer
What is Integrated Supply Chain Management?
an association of customers and suppliers who use the management techniques to optimise their collective performance in the creation, distribution and support of a product or service with the aim of increasing profits and reducing risks.
What is supply chain visibility?
Supply chain visibility is the capability of a company to have a clear and accurate view of all the processes and activities taking place throughout its entire supply chain, from the raw material source to the end customer.
What are the advantages of SC integration from a risk management perspective?
There lower risk and less uncertainty
What are the disadvantages of SC integration from a risk management perspective?
It’s hard to achieve because each part of the SC is owned and managed by different legal entities with their own interests and preferences
What are the pros of Lean supply chain management?
- creates a physically efficient supply chain through collaboration
- Eliminates SC wastes
- Functional products
What are the pros of Agile supply chain management?
- creates a culture that respects quality, speed delivery, and flexibility to meet the changing demand
Difference between Lean and Agile supply chain?
Lean supply chain management focuses on reducing waste and increasing efficiency, while Agile supply chain management focuses on responding quickly to customer needs and market changes.
What is supply chain transparency?
Supply chain transparency is the extent to which information about a company’s supply chain is available and accessible to stakeholders, including customers, suppliers, investors, and regulatory authorities.
What is psychological intertia in reliability management?
the desire to anchor to what has always been done (“we’ve always done it before this way”)
Where does reliability start from a technical perspective?
with failure modes and effects analysis (FMEA) which is the reliability blueprint of an operational service or machine
What is lean manufacturing
methods to minimise SC waste and mazimise production
What does the design of a reliable system require?
- risk assessment
- clear knowledge of the operating context
- involvement from operations and maintenance domain experts
- leadership focus on minimizing life-cycle cots
What causes poor reliability performace?
Poor communication between co-dependent functional groups (between departments in companies)
How to apply The Prospect Theory to reality?
- clearly show and communicate gains you make from RM initiatives
- frame projects as losses (for motivational reasons)
- educate!
What is the connection between reliability management and The Prospect Theory?
Management only sees the value of RM when faced with potential significant losses, rather than when they are focused on potential gains
What is the conventional utility theory?
The conventional utility theory in reliability management is a theory that seeks to balance the cost of maintenance and repair activities with the benefits of improved system reliability and availability. This theory is based on the principle that maintenance and repair activities are necessary to ensure the reliability and availability of utility systems, but must be balanced with the need for cost-effective operations.
What is Prospect Theory?
the way in which a proposition is presented to a person determines how they will respond (people tend to be risk-averse when it comes to gain) [read the slide for more context]
Why do companies wait last minute before getting serious about RM?
because investing into RM is a long term investment requiring time and money into personnel and technology, and there is pressure from stakeholders and stock markets who want to see results, therefore managers choose to focus on short term decisions
What motivates a company to achieve excellence in RM?
It’s proactive and wants to be the best it can be, or is reactive and acts in response to a crisis
What does a reliable system imply/reflect?
Budget certainty, reduced downtime, more predictable downtime
Why does reliability matter (in a business)?
it plays a critical role in reducing total cost of ownership
What is the ISO definition of reliability?
Probability that a machine will perform its required functions without failure for a specified time period when under specified conditions
