information technology

The information technology essay below has been submitted to us by a student in order to help you with your studies.

Operational Risk Management In Naval Operations Information Technology Essay

The concept of risk management has been around the Navy since its inception. During the drawdown of the 1990's, the risk management concept was formalized into the Operational Risk Management (ORM) program. This approach was initiated to mitigate the risks associated with such a massive reorganization.

This paper examines the Naval Directive “Office of the Chief of Naval Operations Instruction 3500.39C” OPNAVINST 3500.39C (02 July, 2010) that explains the ORM process as five basic steps, four principles and a risk management process and measurement that is applied on three levels of operation; in-depth, deliberate, and time critical. As stated in OPNAVINST 3500.39C; risk is expected in all military tasks, training, missions, operations, and personal activities. The most common cause of task degradation or mission failure is human error, specifically the inability to regularly manage risk. ORM reduces the risks by identifying hazards and measuring and controlling the expected risks, allowing decisions to be made that compare risks against the mission benefits. Navy personnel are responsible for managing risk in all tasks while leaders are responsible for ensuring proper procedures are in place and appropriate resources are available for personnel to perform assigned tasks. The Navy vision according OPNAVINST 3500.39C is; “to develop an environment in which every officer, enlisted, or civilian person is trained and motivated to personally manage risk in everything they do, including on- and off-duty evolutions in peacetime and during conflict, therefore enabling successful completion of any task and mission.”

Keywords: Operational Risk Management, OPNAVINST 3500.39C

I. Statement and significance of the Issue

The ORM origins goes back to 1994 when The US Navy team made ORM an integral part of planning, training, and operations. This stemmed from a need to improve operational readiness in peacetime—and to achieve success in combat—during a period of reduced resources and personnel.

The Department of the Navy (DON) Safety Objectives for FY 2008 and Beyond

(9 Oct 07) stated; “Integrate Safety and Risk Management into all on and off-duty evolutions to maximize mission readiness and to establish DON as an organization with world class safety where no mishap is accepted as the cost of doing business…Establish a risk management training continuum to ensure all DON personnel receive targeted [ORM] training and that all formal professional training courses are infused with examples of how effective risk management improves both safety and mission readiness.”.

Risk is common nature in all military tasks, training, missions, operations, and personal activities. The most common cause of task degradation or mission failure is human error, specifically the inability to regularly manage risk (OPNAVINST 3500.39C, 2010).

Navy’s goal is; “to develop an environment in which every officer, enlisted, or civilian person is trained and motivated to personally manage risk in everything they do, including on- and off-duty evolutions in peacetime and during conflict, therefore enabling successful completion of any task and mission” (OPNAVINST 3500.39C, 2010).

The ORM process minimizes risks to acceptable levels, commensurate with task or mission accomplishment. Correct application of the ORM process will reduce losses and associated costs resulting in more efficient use of resources. Zero risk is not the intent of ORM.

Risk management is a continuous process that is integral from the strategic level of planning through the tactical level and execution. It is a tool to help improve mission readiness and mission accomplishment.

The ORM benefits when applying the ORM process ensures mission or task success by providing more effective use of resources, improving on- and off-duty risk decision making, reducing injury and property damage, and improving the readiness of all personnel (FAA System Safety Handbook, Chapter 15, 2000)

ORM is a process that assists organizations and individuals in making informed risk decisions in order to reduce or offset risk, thereby increasing operational effectiveness and the probability of mission success. The ORM process is applicable across the spectrum of operations and tasks. It should be used by everyone all the time, whether on- or off-duty in their military or civilian life.

II. Review of Relevant Research

What is ORM?

The term Operational Risk Management (ORM) is defined as a continual cyclic process which includes risk assessment, risk decision making, and implementation of risk controls, which results in acceptance, mitigation, or avoidance of risk, (OPNAVINST 3500.39C, 2010). ORM is the oversight of operational risk, including the risk of loss resulting from inadequate or failed internal processes and systems; human factors; or external events.

How does it work?

The ORM process assists you in making smart and informed decisions. Actually, we apply ORM every day. At times, we may not even be aware of it as you carry out a task or mission. An example of this is as simple as crossing the street; we look both ways because we were taught this at a young age. However, today we don't even look at this as risk management, but something that we know is the right thing to do before crossing the street.

Every person has a role to play in managing risk during a command's task or mission, and every person is vital to the success of the Navy "team", (ORM Fundamentals, Navy Knowledge Online, 2011).

The Five Steps

The ORM process is a systematic, continuous, and repeatable process that consists of five basic steps (OPNAVINST 3500.39C, 2010).

Identify hazards

Assess hazards

Make risk decisions

Implement controls

Supervise (and watch for changes)

The first two steps comprise the risk assessment portion of ORM and provide enhanced awareness and understanding of a given situation. This awareness builds confidence and allows for timely, efficient, and effective protective measures. The remaining three steps are the essential follow-through actions to either eliminate the hazard or mitigate the risks.

The Four Principles.

ORM incorporates the following four principles (OPNAVINST 3500.39C, 2010):

1. Accept Risk When Benefits Outweigh the Cost

2. Accept No Unnecessary Risk

3. Anticipate and Manage Risk by Planning

4. Make Risk Decisions at the Right Level

1. Accept Risk When Benefits Outweigh the Cost

The process of weighing risks against the benefits and value of the mission or task helps to maximize success. Balancing costs and benefits can be a subjective process. Therefore, personnel with knowledge and experience of the mission or task must be engaged when making risk decisions (OPNAVINST 3500.39C, 2010). The goal of ORM is not to eliminate risk but to manage the risk so that the mission or task both on- and off-duty can be successful. The bottom line is, if no benefit can be achieved then do not take the risk.

2. Accept No Unnecessary Risk

If all detectable hazards have not been identified, then unnecessary risks are being accepted. Additionally, an unnecessary risk is any that, if taken, will not contribute meaningfully to mission or task accomplishment or will needlessly jeopardize personnel or material. The risk management process identifies hazards that might otherwise go unidentified and provides tools to reduce or offset risk. The acceptance of risk does not equate to the imprudent willingness to gamble. Take only risks that are necessary to accomplish the mission or task (OPNAVINST 3500.39C, 2010).

3. Anticipate and Manage Risk by Planning

Integrating risk management into planning as early as possible provides the greatest opportunity to make well-informed risk decisions and implement effective risk controls. This enhances the overall effectiveness of ORM and often reduces costs for your organization and yourself when off duty (OPNAVINST 3500.39C, 2010).

4. Make Risk Decisions at the Right Level

Anyone can make a risk decision. However, the appropriate decision maker is the individual who can eliminate or minimize the hazard, implement controls to reduce the risk, or accept the risk. Leaders at all levels must ensure that their personnel know how much risk they can accept and when to elevate the decision to a higher level. Ensuring that risk decisions are made at the appropriate level will establish clear accountability. Therefore, those accountable for the mission must be included in the risk management process. If the commander, leader, or individual responsible for executing the mission or task determines that the controls available to them will not reduce risk to an acceptable level, they must elevate the risk decisions to the next level in the chain of command (OPNAVINST 3500.39C, 2010).

Risk Assessment Matrix

ORM Matrix Card

OPNAVINST 3500.39C, (2010). Risk Assessment Matrix. Retrieved from http://safetycenter.navy.mil/ 1 March, 2011.

This Matrix uses “Risk” as an expression of possible loss, adverse outcome, or negative consequences; such as injury or illness in terms of probability and severity of failure (Salas & Maurino, 2010, p. 57).

“Risk Assessment” is a structured process to identify and assess hazards. An expression of potential harm, described in terms of severity, probability, and exposure to hazards. Accomplished in the first two steps of the ORM process.

“Risk Assessment Code (RAC)” is an expression of the risk associated with a hazard that combines its severity and probability into a single Arabic numeral which can be used to help determine hazard abatement priorities. This is typically accomplished through the use of the risk assessment matrix. The basic RACs are: 1-Critical, 2-Serious, 3-Moderate, 4-Minor, and 5-Negligible.

Another definition not included in this matrix is, “Residual Risk” and that will be the “Risk” remaining after controls have been identified and selected. Bringing back the concept that Zero Risk is not the primary purpose of ORM.

Also, for the use of this matrix an “Operational Analysis” of the task at hand has to be made. This means a chronological or sequential list of the major events or elements in a mission or task. This is the complete picture of what is expected to happen and assures all elements of a mission or task are evaluated for all potential hazards.

Very important to define what a “Hazard” is before assigning it a number in this matrix, because a hazard is any real or potential condition that can cause injury, illness, or death to personnel; damage to or loss of equipment or property; degradation of mission capability or impact to mission accomplishment; or damage to the environment, this is also synonymous with the term threat.

Last for this chart is the “Risk Decision” or the ability to make a decision to accept or not accept the risk(s) associated with an action; made by the commander, leader, or individual responsible for performing that action.

The Three Levels

The risk management process is applied on three levels: in-depth, deliberate, and time critical. The basic factor that differentiates each level is time; that is the amount of time available to dedicate to the preparation and planning of missions or tasks (OPNAVINST 3500.39C, 2010).

There is no definitive separating line between the three levels (in-depth, deliberate, and time critical. It is important to know we have resources to tap into. At each level of the planning process, hazards and associated risks are identified and appropriate controls are developed and implemented. These controls become resources upon which we can draw for the next level of planning and ultimately for execution.

III. Summary of Major Findings and Conclusions

On and Off-duty mishaps are extremely detrimental to the Navy's operational capability.

Because the Navy works as a "team" 24/7, the actions one person takes can affect the readiness and operational capability of the command's mission or task, therefore affecting the Navy as a whole. Thus, we must constantly be aware of all risks involved in our everyday off-duty activities.

Benefits of using ORM:

Reduction of operational loss.

Lower compliance/auditing costs.

Early detection of unlawful activities.

Reduced exposure to future risks.

The ORM process minimizes risks to acceptable levels, commensurate with task or mission accomplishment. Correct application of the ORM process will reduce losses and associated costs resulting in more efficient use of resources.

IV. Recommendations

All Navy military, civilian, and contractors under the direct supervision of government personnel should apply the ORM principles and processes in all activities in order to optimize mission success and maintain readiness. Leadership should be held accountable for the use of ORM processes in their command.

An organization's success requires the commitment of leaders to manage risk while meeting the command's mission. Leaders must lead by example and provide thorough policies and goals, with buy-in from all personnel.

All personnel must fully trust that they have the support for risk decisions made in the interest of completing the mission, while also recognizing that intentional breaches of regulations will not be tolerated.

The responsibilities as a Leader and /or Commanding Officer, or officer-in-charge should include:

Establish command policy and expectations for the application of ORM on- and off-duty.

Address the ORM process in mission, training, safety, and lessons learned reports.

Inform the chain of command of those hazards identified by the ORM process that cannot be controlled or mitigated at the command level.

Ensure ORM risk decisions are being made at the appropriate level within the command.


Request Removal

If you are the original writer of this essay and no longer wish to have the essay published on the UK Essays website then please click on the link below to request removal:

Request the removal of this essay


More from UK Essays