This post provides a mid-week tip to help you understand the concept of "Defense in Depth" as it relates to root cause analysis.
By Dave Janney, Senior Associate, System Improvements, Inc. TapRooT®, an EHSQ Alliance Affiliate.
Have you ever wondered about the concept called “Defense in Depth”? You may have heard terms such as Barrier Analysis or LOPA (layer of protection analysis). In TapRooT®, we use the term Safeguards.
Take a look at this diagram (courtesy of Mark Paradies, the creator of TapRooT®):
What the diagram depicts is an incident where several layers of protection have been breached. You may have also heard of Reason’s “Swiss Cheese Model.” In these models we can see that we only have incidents when all layers are breached. So the amount of layers and strength of those layers determine if (and how often) we have incidents. It is also why sometimes things go wrong but we do not have an incident; because one or more layers worked.
So our goal in developing processes is to make sure we have enough layers and that the layers are functioning the way we want. Remember that every Safeguard has a hole in it, it is not infallible. So we want to make the holes as small as possible.
The same applies to corrective actions. Do we need new layers? How can we strengthen existing layers? The concept is easy. What is difficult is determining just how much is enough.
Risk really is the main driver of that in my view, but business realities come into play as well. The easy ones are the ones on either side of the spectrum. For example, something is fairly difficult but low risk – probably all you need is a procedure and some training (we refer to these as Quasi-Safeguards).
If something is difficult AND high risk, we need a lot of layers, and hopefully many of them are engineering controls.
The hard ones are the ones in the middle; a process is very easy and there is very little chance of a problem… BUT, the risk is very high – in this case determining what you need can be very difficult.
In closing, I urge you to think about Defense in Depth when developing processes. Audit them to make sure the layers are functioning. And if you do have an incident think about Safeguards and Defense in Depth when developing your corrective actions.
Thanks for visiting the blog, and enjoy your week.
(Republished with Permission. The original post can be found here).
TapRooT® Root Cause Analysis is used to improve performance by analyzing and fixing problems to prevent major accidents, quality issues, equipment failures, environmental damage, and production issues. Click HERE for more information.
This material provided by the Intelex Community and EHSQ Alliance is for informational purposes only. The material may include notification of regulatory activity, regulatory explanation and interpretation, policies and procedures, and best practices and guidelines that are intended to educate and inform you with regard to EHSQ topics of general interest. Opinions are those of the authors, and do not necessarily reflect the opinion of Intelex. The material is intended solely as guidance and you are responsible for any determination of whether the material meets your needs. Furthermore, you are responsible for complying with all relevant and applicable regulations. We are not responsible for any damage or loss, direct or indirect, arising out of or resulting from your selection or use of the materials.