Competence: The cornerstone of risk assessment
Note: This article was orginally published in Pear Insights in November 2017. It is reprinted here for ease of access but the original may be found here.
How do you risk assess flights to near-space? Or, evaluate risk to a researcher collecting gorilla faecal matter in the mountains of the Democratic Republic of Congo? Or, collecting blood samples in East Africa? Flying drones over refugee camps in Iraq? How dangerous is it to spend time in the National Archives of Kabul, Afghanistan?
While these questions might seem obscure they are real examples faced by those who complete and review risk assessments for universities. As organisations, universities face some of the most complex and varied situations when it comes to assessing risk. Whereas a business might only be sending employees to capitals or large cities for meetings or conferences, the projects and travel conducted under the auspices of a university can span every continent and the activities be as different as sitting in a library to excavating in ancient tunnels.
Risk assessments remain the main tool for enabling the international travel of university staff and students. A risk assessment usually forms the cornerstone of any project or trip’s planning process. It is the stepping stone on which the project or travel will be approved and, for some locations or activities, revisited frequently. But how can universities consistently know that the risk assessment is competent? How can they be sure that, should the worst happen, they can say the risk assessment was produced and reviewed competently?
At Safer Edge, we work with several universities who are taking competence in risk assessments seriously. Not simply by ensuring that the risk assessment process is in place but by ensuring that those required to complete risk assessments have the competence to do so or know where to seek expert advice should they require it. This is not as easy as it may first appear.
Too often risk assessments are the boring part of their project – a tick-box exercise....However, all a risk assessment form really does is capture, convey and demonstrate the risks identified and the competence of the person completing it.
The competence is the key. Not the form.
Too often risk assessments are the boring part of their project – a tick-box exercise. The person wanting to conduct the project is handed a form and told to complete it as part of their planning. The paperwork becomes the end goal. However, all a risk assessment form really does is capture, convey and demonstrate the risks identified and the competence of the person completing it. The competence is the key. Not the form.
While those who complete risk assessments might be an expert in their field and they might even have a very good idea of how to manage risks on site they may not know how to assess security risks in the surrounding areas. There are lots of reasons for this. Even if the assessor has a lot of experience conducting risk assessments they might not have fully understand the geopolitical and security developments in the area. If they’re from the specific location, they might not perceive or assess danger in the same way the university would. Or, they might be tempted to downplay risk due to competing pressures like degree completion, funding, and publication.
So, how can a university ensure the competence of staff and students completing risk assessments? One fundamental way is through instruction and training. Those who fill out risk assessments must have some instruction or training to do so. With the University of Brighton and Coventry University, Safer Edge developed one day workshops and courses for academic staff and team leaders to ensure that they not only knew how to assess risk but could do so for upcoming research and trips.
In addition, the risk assessments approval process requires its own competence. Does the approver understand the risk they are accepting on behalf of the university? Many times, people who approve risk assessments are administrators with no specialty knowledge of the risks in the specific, local, geographic area they are approving. They might not know how to identify what is missing or left out in terms of risk on the assessment? Does the university have a mechanism by which the approver can say that it is beyond their competence and expertise to review certain assessments?
Cambridge University has considered these questions and works with Safer Edge to independently assess and review risk assessments about which they have further question. This provides the university with either confidence in the level of risk they are about to assume or more information on the risks present and mitigation measures necessary which the might not have considered.
When it comes to risk assessing, the devil is not in the details, liability and negligence are. Investing in the competency of people completing and reviewing risk assessments is a great way to protect people from harm and protect the university from reputational risk and legal damage. The contribution made by universities through their research and travel is immeasurable. It is in all our interests to facilitate this and protect them to the greatest degree possible.