THESIS BowTie Risk Management Software
A Bowtie Software Solution for Managing Diverse Risks
Our THESIS BowTie software and THESIS Enterprise software solutions demonstrate and communicate potential threats to a company, which range from safety related hazards through to security, business, health and environmental hazards. These hazard types expand the utility of THESIS for organizations that may wish to analyze other areas of their business, including potential hazards that could cause harm either financially or in reputation.
Understanding Hazardous Risks
Using THESIS is a proactive bowtie approach for visualizing risk. The versatile tool enables every user to take a step further to ask "what else" can go wrong when the barriers that have been put into place fail.
The software facilitates integration with the overall business model of an organization with built-in risk features that define the hazards, analysis consequences and associated risks. Our bowtie program enables you to take practical steps to identify and manage risks associated with hazardous materials and demonstrate that all necessary measures have been taken to reduce these associated risks to as low as reasonably practicable (ALARP).
In a few instances, regulations have been created demanding that the Bowtie methodology be part of the required documentation associated with major hazard analysis. This helps regulators check that all necessary measures have been put in place to further reduce associated risk to ALARP and equally helps to justify cost to benefit analysis.
THESIS BowTie Method
THESIS leads a user through a structured process to identify and record essential information about each hazard encountered, the threats which could cause that hazard to be released, its consequences and the barriers required to reduce the associated risk to an acceptable level. The method adopts three basic steps:
Step 1: Ask logical, structured questions
For a risk assessment to be effective, the first line of thought should be, what might cause harm to people? Are reasonable efforts being taken to prevent that harm from occurring? The most comprehensive method of THESIS is to ask these logical and structured questions to identify all of the hazards involved in an operation or facility (e.g. flammable or toxic chemicals that have the potential to cause fatalities). The same logic applies when using bowties for business risks: What are the hazards that have the potential to harm the business and lead to financial losses?
Step 2: Know target audience and expectations
Knowing your target audiences and what their expectations are strongly affects the shape and outcome of the THESIS BowTie methodology. Three key possible audiences that could affect the shape of a bowtie are operators/managers, or the front-line employees who would be the casualties from a major accident, the employees who maintain the associated barriers to prevent major accidents from occurring and managers who have to provide care and support to families if a loss occurs; safety professionals; and regulators.
Step 3: Use an expert team to build a bowtie diagram
As in all hazard analysis methods, the right team must be in place. The team should consist of an experienced group of personnel with specific, practical knowledge and expertise (e.g. technical, operational, managerial, process backgrounds) and bowtie facilitators (a conductor and a recorder). With the correct team in place, in a facilitated workshop environment, the bowtie approach can be followed in a logical manner.
Helping Your Business or Educational Institution
ABS Group's experienced THESIS team can assist organizations with understanding how to develop key performance indicators, management procedures and competence programs using the Bowtie methodology and THESIS applications. Areas where our risk management software solution can help your organization include:
- Enterprise risk management
- Business continuity management
- Integration of business and risk management systems
- Facilitating global coordination (web-based version)
- High-level hazard identification (risk register) and risk assessment
- GAP analysis and auditing
- Management of controls
- Document management
- Shortfall and remedial action tracking
- As a complement to a safety case; health, safety and environmental (HSE) case; or HSE impact assessment (HSEIA)
- Incident investigation
- Risk communication to senior management, employees and regulators
- "Live risk" monitoring