risk-based decision making [RBDM]
What is Risk-Based Decision Making?
RBDM services address a full scope of decision-making capabilities that support RBDM. These include framework-level analytical capabilities, such clarifying goals; and system-wide causal analysis and mapping, and assessment to ensure that the levels of the risks to be managed are known. Operational functions like risk scoring methods and priority-setting tools are also important.
Who benefits from Risk-Based Decision Making?
RBDM can benefit a wide range of groups that are affected by a regulator’s activities. The regulator is better able to control the highest risks through the application of the most cost-effective management measures; and central agency fiscal objectives of allocating risk management resources where they can do the most good can be achieved. Industry can benefit through streamlined inspection protocols that reward with better performance history, and the public benefits from improved safety as the most important risks are addressed more rigorously.
“Perfection is not attainable, but if we chase perfection we can catch excellence.”
Vince Lombardi, Super Bowl-winning coach
RSI’s Risk-Based Decision Making offer, broadly
RSI’s RBDM services apply to all levels and scales of a regulator’s functions, and are elaborated as required by the client. This can begin with the development of an appropriate decision-making framework, and the identification of necessary analytical capacities and positioning of existing capacities, a process that may include key informant interview and consultation process to identify organizational needs and capabilities. More detailed practitioners’ tools can be developed as required, such as inspection prioritization guidelines, and indicators associated with the consistent evaluation of company risk level and proportional enforcement actions.
RSI’s Risk-Based Decision Making offer, in detail
As regulators vary in the level of implementation of RBDM that they require, and have achieved, RSI clarifies the aspects of a client’s risk decision-making roles that are to be adjusted to a RBDM approach, and will also advise on functions and capabilities that should be brought into alignment for the most effective application of the general approach. A regulatory system will need to establish a balance of risk-based and rule-based controls and enforcement approaches that is optimum for its own regulatory mandate and risk environment.
Just as the risks to be managed need to be clearly understood, the relative effectiveness of the range of potential risk control measures also needs to be evaluated.
As RBDM addresses the most important risks, while giving less attention to lower risks, the overall policy framework may need to accommodate some new functions like risk tolerability evaluation and increased stakeholder engagement to support a reorientation away from an implicit zero risk assumption. As another example, an agency with a large or diverse risk management portfolio may require the development of risk metrics that enable the expression of different types of in consistent terms so they can be compared and prioritized for management action.
Just as the risks to be managed need to be clearly understood, the relative effectiveness of the range of potential risk control measures also needs to be evaluated, in terms of both their risk reduction effect and cost-effectiveness. The use of analytical approaches and tools to evaluate the risks and the control measures enable an agency to both rank the risks that need to be addressed, and to prioritize risk management actions in consideration of risk significance and the potential to reduce it.
What are the benefits of Risk-Based Decision Making?
Clients benefit by gaining clearer knowledge of the risks they manage and the most appropriate type and cost of control measures. Larger departments and agencies benefit from a more confident and effective expenditure of resources, and industry benefits from the ability to reduce its compliance costs by maintaining a low risk rating. The regulator, and the public, benefit from a reduction in the number and severity of adverse outcomes within the managed domain as these are better targeted.
What can you expect?
The deliverables offered with an RBDM project depend on the functions, capabilities and tools that are required. Depending on the extent and scale of clients’ development of RBDM approaches, among the deliverables a client may expect are a risk decision-making framework tailored to the regulatory governance and risk management contexts; a decision-making system structure; metrics for expressing and comparing the risk levels of multiple activities and potential control measures; guidelines on specific analyses; and inspection prioritization and risk scoring methodologies. Clients may also wish to have presentations or workshops delivered to staff on some of the RBDM functions that are developed, to familiarize staff with new approaches, analyses and tools.
What is our expertise in Risk-Based Decision Making?
RSI has expertise in the full scope of functions and activities involved in RBDM approaches to risk decision-making. This includes the familiarity with governance contexts in which the organization operates, and system-level policies and analytical capacities such as risk tolerability and communication. RSI also has expertise in the operational tasks of developing risk metrics and risk indicators, as well as in risk assessment approaches and methods in many technical risk fields, including computer-based analytical tools applied to RBDM functions.