ABSTRACT
The analysis of safety management systems (SMS) controlling hightechnology organisational systems currently entails a detailed investigation
or audit of a host of parameters linked to the likely successful performance of the system. Such audits create a sophisticated and insightful picture of the adequacy of the safety management structure and its operation. However, whereas such analyses give insights into the potential root causes of safety system failures and certain vulnerabilities in those systems (with notable exceptions to which we return below), they do not actually model the linkage between safety management activities and large-scale failures. Traditional commercial audits, even if in-depth and highly detailed, pale, in terms of time investment and detail of modelling, when compared to the risk assessments that are frequently carried out in high-risk industries, such as chemical, offshore, and nuclear power systems. Such risk assessments are intended to represent detailed, thorough, comprehensive, and quantitative investigations of these systems, predicting risk levels well beyond the expected operational life cycle of the systems themselves. Currently, however, such risk assessments largely ignore what it is that controls the safety of the system. There is, therefore, a paradoxical gap in the way in which the safety of potentially high-risk installations is assessed: audits assess safety management, but cannot link inadequacies causally to their accidental consequences; and risk analyses cannot establish a causal link between the accident consequences and their immediate causes and their more distal safety management origins. This gap, itself a vulnerability in current assessment approaches, is, therefore, between accidents and risk analysis frameworks on the one hand and safety management policies, procedures, and operations on the other. This chapter builds on the work of two groups which have worked to bridge this gap: the so-called PRIMA audit of Four Elements; and the Delft framework of safety management. It outlines a prototypical approach that attempts to link the two halves of the risk equation.
