Workplace Knowledge - Health, Safety, and Risk Flashcards
What is risk management?
Risk management refers to the process of identifying, analyzing, and prioritizing risks or potential uncertainties while developing strategies to protect the financial interests of a company.
What are different types of risk?
- Hazard risk = potential liability or loss of property; mitigated by insurance (ie. workplace accidents, fires, natural disasters)
- Financial risk = potential negative impacts to a firm’s cashflow
- Operational risk = the impact to a firm’s ability to function effectively and may include technology failures, process breakdowns, and human errors
- Strategic risk = involves a firm’s plans becoming outdated due to shifts in the economy, politics, customer demographics, or the overall competitive landscape
What is a quantitative risk assessment?
A quantitative risk assessment will allow the business to assign actual dollar amounts to each risk based on value, exposure, single loss expectancy, annualized rate of occurrence, and annualized loss expectancy. These calculations are used to consider if implementing a security measure is necessary.
Single loss expectancy = measured when a value is placed on each asset, and the percentage of loss is determined for each acknowledge threat
Annualized loss expectancy = single loss occurrence x annualized loss expectancy
What is a qualitative risk assessment? What is an example?
Qualitative risk assessments do not assign a defined monetary value to the risk. It uses descriptive statements to describe the potential impact of a risk, which can include a general reference to financial loss.
ie. A major system breach would result in customer data being compromised, severe damage to the firm’s reputation, and a significant financial blow to the organization due to handling the crisis, shoring up the system to prevent further issues, and responding to possible lawsuits by those affected.
What are the options for handling risk?
- Accept the risk (if it could be easily handled and doesn’t pose a large threat)
- Retain the risk (aka keep the risk in-house, if doing so is financially prudent)
- Diminish or mitigate the risk
- Transfer the risk (ie. insurance)
What policies should be implemented to prevent and prepare for concerns of workplace assaults and homicides?
- Zero tolerance - prohibiting any act of violence in the workplace, including verbal threats
- Prevention - presenting strategies and training to help managers recognize danger signs
- Crisis management - plans for responding to threats or acts of violence
- Recovery - providing support and counseling for victims and survivors that may suffer trauma
What did the Drug-Free Workplace Act of 1988 require of government contractors?
The Drug Free Workplace Act requires that government contractors make a good faith effort to ensure a drug-free workplace. Employers must prohibit illegal substances in the workplace and must create drug awareness for employees. Any federal contractor with contracts of $100,000k must adhere to a set of mandates:
- Employers must develop a written policy prohibiting the production, distribution, use, or possession of any controlled substance by an employee while in the workplace
- Employers are required to develop standards of enforcement, and all employees must receive a copy of the policy and understand the consequences of a violation
- Employers need to implement drug awareness trainings to help employees understand the hazards and health risks of drug use
What did Wilkinson vs Times Mirror Corporation establish with drug testing programs?
- Samples are collected at a medical facility by persons unrelated to the employer
- Applicants are unobserved by others when they furnish samples
- Results are kept confidential
- Employers are notified only if the applicant was passed or failed by the medical lab
- Applicants are notified of the portion they failed by the medical lab - some instances will provide applicants an opportunity to present medical documentation prior to the employer receiving results
- There is a defined method for applicants to question or challenge test results
- Applicants must be eligible to reapply after a reasonable time
What steps should be included in emergency and disaster plans?
- Clarify the chain of command, and inform staff who to contact and who has authority
- Someone should be responsible for accounting for all employees when an emergency strikes
- A command center should be set up to coordinate communications
- Employees should be trained annually on what to do if an emergency strikes
- Businesses should have first-aid kits and basic medical supplies available
- An emergency team of employees should be named and trained for - organization evacuation procedures, initiating shutdown procedures, using fire extinguishers, using oxygen and respirators, searching for disabled or missing employees, assessing when it is safe to reenter the building
What does OSHA do? According to Occupational Safety and Health Administration (OHSA), what are the four characteristics a safety and health management plan should have to be considered effective?
OHSA ensures employees have a safe workplace free from recognized hazards. It also requires all employers and each employee to comply with occupational safety and health standards, rules, and regulations,
- IDENTIFY - An effective plan should establish a specific system that an organization can use to identify hazards in the workplace
- TRAIN - Plan should establish a training program that teaches employees to avoid hazards and to perform tasks in the safest way possible.
- PROCESS - An effective safety and health management plan should include specific procedures and programs designed to eliminate hazards that the organization identified or at least minimize the risk that a hazard will injure or kill an employee or cause an employee to become ill.
- EMPOWER - Plan should allow employees at all levels to be involved in the identification, prevention, and elimination of hazards in the workplace
What should be included in an emergency action plan?
All plans should explain the alarm system that will be used to inform employees that they need to evacuate, should include in-depth exit route plans that describe which routes employees should take to escape the building, and should include in-depth plans that describe what actions employees should take before evacuating, such as shutting down equipment, closing doors, etc.
Plans should also include detailed systems for handling different types of emergencies and a system that can be used to verify that all employees have escaped the worksite.
What should be included in a fire prevention plan?
All fire prevention plans should provided detailed descriptions of the specific areas where employees can find fire extinguishers and other fire prevention equipment, detailed descriptions of the types of fire hazards present in the workplace, and detailed descriptions of the appropriate procedures that should be followed to avoid these fire hazards.
Fire prevention plans should also provided detailed descriptions of any hazardous waste that may be a fire hazard and the appropriate way to dispose of or store hazardous waste to avoid a fire.
What should be included in a disaster recovery plan?
Equipment and locations that can be utilized temporarily in the event of an emergency should be identified. Agencies and personnel that may be able to help the organization continue functioning immediately after an emergency should be identified. It is also wise to establish a set of procedures the organization can use to bring the personnel and equipment together after an emergency.
What is business continuity planning? How do you plan for this?
Business continuity planning is a process in which an organization attempts to ensure the organization will be able to continue functioning even after an emergency.
Business continuity planning usually begins with an organization conducting a threat assessment such as SWOT analysis. Once the organization has identified the threats that exist, the organization can rank those threats based on the risk associated with each threat. Finally the organization can create a plan or set of plans that establish a system the organization can use to recover from emergencies, which the organization can continually update as threats to the organization change.
What did the Occupational Safety and Health Act of 1970 mandate?
The Act mandates that it is the employer’s responsibility to provide an environment that is free from known hazards that are causing or may cause serious harm or death to employees. The only workers who are not protected by this act are those who are self-employed, family farms where only family members work, and workplaces that are covered by other federal statutes or state and local government.
Employers found in violation if they are aware or should have been aware of potential hazards that could cause injury or death.
