Secondary risks

In the realm of safety risk management, whether in the virtual domain of digital systems or the tangible world of physical setups, the introduction of safety risk controls is an essential step towards the safety argument. However, a critical aspect of this process is acknowledgement and management of secondary risks, which can often go unnoticed amidst the focus on the primary safety concerns. For example, barb wire can be a visible deterrent for trespasser protecting him from invisible electrical risks in fenced substation, while it presents a secondary hazard for installer. Sometimes, in more complex situations, addressing these secondary risks requires a robust approach that goes beyond the surface-level assessment, particularly where safety is targeted to SFAIRP (So Far As Is Reasonably Practicable) principle.

The Railway Industry Safety and Standards Board (RISSB) Safety Assurance guideline brings to light the consideration of secondary risks when evaluating safety controls. While it lists introduction of secondary risks as one of many reasons why a control measure could be rejected, real-world practice suggests that all controls harbour secondary risks, trivial or not - hence, the decision-making process need to be more nuanced. When assessing secondary risks introduced by primary risk controls several aspects come into play. It's essential to identify the worst credible secondary risk and delve into the root causes behind it. After assessing the below aspects the author of safety argument, at least, need to record the most significant root causes of decision.

1. Contextual Applicability: One of the primary factors to consider is whether the proposed control is a commonplace solution, widely adopted and based on established practices and standards. If novel, such novelty often introduces additional uncertainties, making it crucial to assess the scope of the secondary risk in further detail. However, mere uncertainty cannot argue rejection; instead, a detailed review of assumptions is due to ensure they are reasonable and supported by adequate efforts and records of research.
   
   
2. Proportionality: The degree of secondary risk introduced by the control must be commensurate with the magnitude of the primary risk it aims to mitigate. This balance can be determined through qualitative arguments that are widely accepted or substantiated with case studies, ensuring that the trade-offs are justifiable.
   
   
3. Lifecycle Analysis: A control's complete life cycle review plays a significant role in determining its effectiveness, along with consideration of maturity of associated support organisation (including competencies). Sustainability and continuity factors are essential, as they influence the long-term viability of the control and its potential to introduce unforeseen hazards over time. For example, degradation of a control over time, along with considerations of maintainability, operability, and constructability, should be factored into the analysis. Controls that might perform well initially but deteriorate rapidly could introduce unexpected risks. For example, safety critical computers may have no anti-viral software with live updates, as there is a risk of incompatible configuration being introduced by untested patches.
   
   
4. Cumulative Risk: The cumulative increase in typical risk associated with widespread deployment of a particular control should be evaluated. The scalability of secondary risks can provide insights into the potential system-wide implications.
   
   
5. System-wide Impact: Controls should not only be evaluated in isolation but also in terms of their impact on the broader system during degraded or emergency operations. A control that enhances safety under normal circumstances might have adverse effects under exceptional conditions. Speed humps on the road may limit speed for ordinary vehicles, however, it presents a hazards for a patient transported by ambulance.
   
   
6. Holistic Risk Assessment: Beyond safety risks, the assessment should encompass projected non-safety risks. This broader perspective aids in making informed decisions that consider the larger organizational impact. It's important to note that controls also often bring about secondary benefits. These benefits should be carefully weighed against the associated secondary risks. For instance, platform screen doors in train stations, while introducing the risk of door-pinching, effectively prevent accidents like falls onto the tracks or even suicides. Moreover, they contribute to improved smoke containment during fire emergencies, facilitating safe evacuations.
   
   
7. Human Factors: While an increase in operator workload due to introduction of a control might not be an immediate rejection criterion, it should be evaluated through a comprehensive Human Factors review or task analysis. Understanding the threshold of additional load is crucial.

In essence, the realm of secondary risks is a complex one, demanding a holistic understanding of controls' implications beyond the primary concerns. As industries strive for enhanced safety through risk controls, a nuanced approach to secondary risk management becomes paramount. By considering factors ranging from proportionality and scalability to human factors and system-wide impacts, organizations can strike the delicate balance between safety enhancement and the potential for unforeseen hazards. Through rigorous assessment and thoughtful decision-making, the journey towards comprehensive risk management gains greater clarity and effectiveness.