30 years of risk management - an unforeseeable journey - jim hartnett
TRANSCRIPT
“30 Years of Risk Management -
An Unforeseeable Journey”
James Hartnett 29 May 2014
RMIA 2014 Risk Odyssey Conference
INTRODUCTION and OVERVIEW
• Introduction and Overview
• The Law and Foreseeability
• Expect the Unexpected
• Catastrophic Events and Mitigation
• Corruption and Reputational Damage / ICAC
• Terrorism, Threats and Violence
• Some Additional Risks and Overlays
• Be Alert and Very Alarmed!!
THE LAW & FORESEEABILITY*
• Negligence –is a failure to take reasonable care to avoid causing injury or loss to another person. To be successful in an action for negligence a Plaintiff must prove:
– Duty of care: there is a duty in particular circumstances to take care. – Breach of duty of care: the behaviour or inaction of the Defendant in the particular circumstances did not
meet the standard of care which a reasonable person would meet in the circumstances. – Foreseeability of Damage: that the Plaintiff has suffered injury or loss which a reasonable person in the
circumstances could have been expected to foresee. – Causation: the damage was caused by the breach of the duty.
• Occupiers liability – People can make a claim for damages for their injuries if they can prove that
the injuries were caused by the occupiers negligence [ref s 20(1) Civil Liability Act 1936 (SA)]. In deciding whether an occupier was negligent courts will consider whether the occupier knew, or ought to have known, there was a danger, or that where people were coming on to a property what had been done to reduce or warn people about the danger.
• If a person is a trespasser no duty of care is owed (Ref. s 20(6) Civil Liability Act 1936 (SA), unless the person’s presence was reasonably foreseeable and the dangers were such that precautions should have been taken for his / her protection.
• * SOURCE: Legal Services Commission of South Australia. 2014. Law Handbook - Legal Services Commission of South Australia - Handbook Home. [ONLINE] Available at:
http://www.lawhandbook.sa.gov.au/. [Accessed 26 May 2014].
EXPECT THE UNEXPECTED
• Some Case Studies and Responses:
– Catastrophic Events and Mitigation
– Corruption, Reputational Damage and ICAC
– Terrorism, Threats and Violence
– Work Health and Safety Strict Liability
CATASTROPHIC EVENTS AND MITIGATION
BE ALERT AND BE PREPARED
• Case Studies:
– The Storm
– The Trial Evacuation v. The Real Evacuation
CORRUPTION
Source: Corruption Perceptions Index 2013 - Results. 2014. Corruption Perceptions Index 2013 - Results. [ONLINE] Available at: http://cpi.transparency.org/cpi2013/results/. [Accessed 26 May 2014].
CORRUPTION & REPUTATIONAL DAMAGE:
EVERY CEO’S / SENIOR MANAGER’S NIGHTMARE
• Some Recent Examples: – The Victims of Crime Defalcation
– Toner Cartridges Gifts & Gratuities
– Education Department Communications Failures
– Securrency International and the AWB
– The NSW ICAC Examinations
• A Case Study
• For information on reporting obligations to South Australia’s Independent
Commissioner Against Corruption, visit the ICAC website at: www.icac.sa.gov.au
TERRORISM, THREATS & VIOLENCE PUBLIC FACING ORGANISATIONS
• The Bomb Threats
• The Customer Centric Open Door Policy v. Reality
• The Dutch Lawyer’s Visit
• The Weapons Detection Experience
• The Wrong Meeting
• The Fire Bomber
SOME ADDITIONAL RISKS & OVERLAYS
• Project Management – There are inherent risks in all “projects” especially “ground up” projects e.g. –
• The insulation and NBN initiatives. • IT projects. • Implementing new legislation. • Stakeholder consultation, risk identification, monitoring and treatment should start on day one
when work on a Project Initiation (or similar) Document commences. Ideally key stakeholders should be consulted and invited to join in a risk management exercise at the earliest possible opportunity.
• Public Private Partnerships (PPPs)
– Risk shifting / sharing in PPPs creates fertile ground for failed expectations, misunderstandings and disputation.
• Work Health and Safety – WH & S - personal policy of putting WH&S on all Board and staff meetings and agendas for
past 10 years.
BE ALERT AND VERY ALARMED!!!
• The unexpected does happen …. and frequently!! • Foresight will never be as good as the 20/20 vision hindsight bestows!! • Treatment of risk is often good in theory but is wanting in practice!!
• DUE DILIGENCE: Some Reflections and Do’s and Don’ts • The Coroner Test: If you’re worried about doing something then don’t
do it – how would a Coroner view particular actions or inactions? – X ray machines – the CCV experience. – Trial Evacuations – Hospitals burn too!
• Does your organisation regularly review its risk profile?
BE ALERT AND VERY ALARMED!!!
• Are your organisation’s Emergency Management, Disaster Recovery and Business Continuity Plans:
– reasonable and proportionate having regard to the size / resources of your organisation?
– workable, affordable and supportable?
– accepted, supported and reinforced by your CEO and senior management?
– understood by key staff and / or contractors?
– always up to date?
– tested regularly by drills, audits, tests and/or full scale exercises?
– shared with other stakeholders?
• If your organisation rents space in a building, make sure your landlord has
appropriate and compliant emergency management systems / arrangements in place.