copyright©2015theinstutes handouts/rims 15/cad003/cad003_ar… · (jsa) evaluates repetitive human...


ARM 55: Risk Assessment and Treatment CAD003

Speaker: Susan Kearney, CPCU, ARM, AAI, AU


Session Overview •  Exam Basics – What to Expect •  Test Taking Tips •  Review of the “Top” Most Challenging Educational Objectives

of ARM 55


Exam Basics – What to Expect

• Exam Length, Exam Format • Educational Objectives • Balanced Exam


Test Taking Tips •  Don’t get bogged down early •  Try the exam in “waves” •  Get the easy ones •  Eliminate the obviously wrong answers •  Use the mark for later review feature •  Use your scratch paper to keep track


ERM Framework and Process Model


Risk Assessment and Treatment


Assignment 1: Intro to Risk Assessment and Treatment

•  Overview of Risk Assessment •  Categories of Risk Identification and Analysis Techniques •  Risk Treatment •  Traditional Accident Analysis Techniques •  System Safety Analysis •  Loss Control Techniques for Hazard Risk


Challenging Assignment 1

EO 1.04 and EO 1.05 •  Describe the following accident analysis techniques:

–  Sequence of events (Domino theory) –  Energy transfer theory –  Techniques of operations review (TOR) approach –  Change analysis –  Job-safety analysis

•  Describe system safety, its primary purpose, and its advantages.


Accident Causation


Accident Analysis Techniques Technique Application Control

Sequence of events (Domino theory – H.W. Heinrich)

Presumes that accidents are the end result of a chain of accident factors (5 factors, pg. 1.18)

Correcting unsafe acts

Energy transfer theory (Dr. William Haddon)

Views accidents as energy that is released and that affects objects, including living things, in amounts or at rates that objects cannot tolerate—accidents are caused by energy out of control (10 strategies, pg. 1.19)

Controlling released energy and/or reducing harm caused by that energy

Technique of Operations review (TOR) approach (D.A. Weaver)

Views the causes of accidents to be a result of management’s shortcomings (ineffective management) such as inadequate coaching, failure to take responsibility, unclear authority, inadequate supervision

Managers must recognize their own (or colleagues) faults and correct them

Change analysis Asks a series of “What if?” questions and projects the consequences for each of the changes and for all feasible combinations of change.

Hazards from planned or unplanned changes that can cause or caused undesired outcomes are identified and corrected

Job safety analysis (JSA)

Evaluates repetitive human tasks, in an environment sufficiently stable to allow most hazards to be foreseen.

Hazard that are identified, controls are defined, and responsibility for implementing each assigned


Joe works in an auto garage. His work area is cluttered and disorganized. His supervisor is rarely in the area, and Joe lacks direction and proper training. Joe is injured when he receives a severe shock from improper grounding while using a piece of electrical equipment. This example best illustrates the accident causation theory of the q  A: System safety approach. q  B: Technique of operations review (TOR) approach. q  C: Energy transfer theory. q  D: Domino theory.


Which one of the following system safety techniques is best suited to analyze repetitive human tasks performed in a sufficiently stable environment where most hazards are foreseen? q  A: Technique of human error rate prediction (THERP) q  B: Failure mode and effect analysis (FMEA) q  C: Job safety analysis (JSA) q  D: Prototype analysis


System Safety Analysis System Feature Key Points

Components • Physical elements • Subsystems • Flows (energy sources)

Purpose Understand the purpose of the components

Environment

Understand system’s environment (aspects of larger systems) • Immediate physical environment • Organizational (management) environment • Socioeconomic/legal environment

Life cycle • Conceptual • Engineering • Production • Operational • Disposal


Houma Mortgage leases a fleet of automobiles for its real estate appraisers. During her review of recent vehicular accidents, their risk manager is trying to identify failures, human and/or mechanical, in order to target corrective actions and prevent future losses by looking at ways in which these accidents occurred and ways in which the frequency or severity can be reduced. This is an example of the

q  A: Future states analysis. q  B: Sequence of events analysis. q  C: System safety technique. q  D: Technique of operations review approach.


Assignment 2: Root Cause Analysis

•  Introduction to Root Cause Analysis •  Failure Mode and Effects Analysis (FMEA) •  Fault Tree Analysis (FTA) •  “5 Whys” Analysis and the Fishbone Diagram


GROUP ACTIVITY •  Root cause analysis •  Failure mode effects analysis (FMEA) •  Fault tree analysis (FTA) •  5 Whys analysis •  Fishbone (Ishikawa) diagram


Group 1 Root cause analysis (RCA) encompasses a variety of tools, philosophies, and processes. There are several broadly defined RCA approaches, according to their basic approach or field of origin. Which one of the following approaches to RCA evolved from quality control procedures for industrial manufacturing? q  A: Production-based RCA q  B: Safety-based RCA q  C: Systems-based RCA q  D: Failure-based RCA


Group 2 Air-Freight Co. wants to use failure mode and effects analysis (FMEA) to analyze its systems, subsystems, components, sub-assemblies, and parts. Level 1 is the overall system for shipping freight. Level 2 is the system segments, with the prime items (air freight hubs, schedulers, and logistics) designated as Level 3. Level 4 is the subsystems (local freight handlers, package sorters, etc.). Level 5 is the hardware and parts (forklifts, conveyor belts, planes, and delivery vans, etc.). In FMEA, these various systems and subsystems are called

q  A: Complexity levels q  B: Critical levels q  C: Risk priority levels q  D: Indenture levels


Group 3 Using fault tree analysis, an "and" gate is connecting the events in rectangles C, D, and E to the event in rectangle A. If the probabilities of events in rectangles C, D, and E of the fault tree are .10, .20, and .30, respectively, what is the probability that the event in rectangle A will occur? q  A: .006 q  B: .100 q  C: .300 q  D: .600


Group 4 Which one of the following is an advantage of "5 Whys" analysis? q  A: It uses statistical data that has been collected. q  B: As it is a quantitative method, the result is a precise

mathematical measure, complete with confidence levels. q  C: If the investigator asks an irrelevant question, the analysis

ends without additional follow-up questions. q  D: When several root causes are found, it can help determine

the relationship among them.


Group 5 In a Fishbone (Ishikawa) Diagram, the diagonal lines (the fish's bones) emanating from the horizontal arrow (the fish's spine) represent q  A: Causes. q  B: Effects. q  C: Recommendations. q  D: The problem being investigated.


An organization’s risk manager determines that loss control supervision is lacking for a specific department. By diagramming the consequences of this weakness, the risk manager is employing q  A: Technique of human error rate prediction (THERP) q  B: Fault tree analysis (FTA) q  C: Job safety analysis (JSA) q  D: Failure mode and effect analysis (FMEA)


Assignment 3: Business Continuity Management

•  Introduction to Business Continuity Management •  Business Continuity Planning •  Strategic Redeployment Planning •  Supply Chain Risk Management •  Crisis Communication •  Mitigating Supply Chain Risk


Business Continuity Planning Steps

1. Understanding the business

Understand all aspects of the business, including determining key objectives

Examine use of facilities, materials supply chain, human resources, communications, processes, etc.

Identify key processes that constitute bases for BIA

2. Conducting a business impact analysis (BIA)

Identify and assess risks that may affect organization; what events may occur, when, and how

Measure financial and nonfinancial effect of risks and explore organizational vulnerabilities

Distinguish between critical and noncritical processes

3. Performing a risk assessment

Identify and evaluate potential exposures and probability that events will occur

Reveals exposures and assists in establishing risk mitigation efforts and action plans

Assessments conducted at various levels: enterprise assessment, site assessment, and program or project assessments (pg. 3.7)

4. Developing the continuity plan

Use of one or more strategies: active backup model, split operations model, alternative site model, contingency model (pg. 3.8)

Involves three levels of planning: BCM organization strategy, process level strategy, and resource recovery strategy.

Consider strategic choices: Insurance policy, transfer processing, termination, loss mitigation, or do nothing.

5. Implementing the continuity plan

Approval and support from sr. mgt.

Plan should include 7 elements (pg. 3.9)

6. Building a BCM/BCP culture

Vision statement and support provided by sr. mgt.

Expectations and objectives set for middle mgt. for maintenance of departmental plans

Educate staff on importance of BCP; notify external suppliers and customers of BCP

7. Maintaining and updating the plan

Review BCP in detail Amend as internal or external conditional warrant


Supply Chain Best Practices and Mitigation Techniques


The development and implementation of a business continuity plan entails seven steps. Which one of the following steps involves assessing what events may occur, when they will occur, and how they could affect achievement of key objectives?

q  A: Performing a risk assessment q  B: Understanding the business q  C: Conducting a business impact analysis q  D: Developing a continuity plan


Patricia’s Pies is a small bakery that makes various types of fruit pies. The pies are only sold at local markets. Patricia’s is loyal to the local community and has always depended on a local farmer to supply the fruit for the pies. Due to drought conditions this year, the local farmer’s crops have been poor and he is unable to meet the supply needs of Patricia’s Pies. Patricia’s is now contacting other farmers trying to meet its fresh fruit demand, but the supplies are limited and the prices are high. Which one of the following external threats in the supply chain is Patricia’s facing?

q  A: Change in demand level q  B: Single source supplier q  C: Geopolitical environment q  D: Sole source suppliers


Assignment 4: Physical Property Risk

•  Physical Property Categories •  Sources of Property Risk •  Windstorm, Earthquake, and Flood Loss Control •  Building - COPE •  Life Safety •  Valuing Physical Property •  Legal Interests in Physical Property •  Assessing and Treating Physical Property Risk


Key Concepts Assignment 4 • Construction

–  Know the distinctive characteristics of each major types (See Exhibit pg. 4.19)

• Occupancy –  Know each of the six common types of occupancies –  What are primary ignition sources and risk control measures associated with each

• Protection –  Internal (private) risk control measures

•  Fire Suppression Systems and Extinguisher Classes (4.28-4.29) –  External protection (public)

• External Exposure –  Loss exposures and risk control measures



EO 4.07 •  Explain how to use various methods to value physical property.


Valuing Physical Property Valuation Method Description Book Value An asset’s historical cost (original cost of property)

minus accumulated depreciation.

Replacement Cost The cost to repair or replace property using new materials of like kind and quality with no deduction for depreciation.

Functional Replacement Cost The cost of replacing damaged property with similar property that performs the same function but might not be identical to the damaged property.

Market Value The price at which a particular piece of property could be sold on the open market by an unrelated buyer or seller.

Economic value The amount that property is worth based on the ability of the property to produce income.


Creative Catering has a 15 year old vehicle that was originally built to prepare and serve sandwiches and drinks at various outdoor functions such as car shows, sporting events, etc. The vehicle is of low value but it generates approximately $100,000 a year in sales. The risk management professional will primarily be most concerned about its q  A: Reproduction cost. q  B: Market value. q  C: Functional replacement cost. q  D: Economic value.



Segment A ● Intro to Risk Assessment & Treatment ● Root Cause Analysis ● Business Continuity ● Physical Property Risk

Segment B ● Intellectual Property & Reputation Risk ● Legal & Regulatory Risk ● Management Liability ● Human Resource Risk

Segment C ● Environmental Risk ● Crime & Cyber Risk ● Fleet Risk


Assignment 5: Intellectual Property and Reputation Risk

•  Introduction to Intellectual Property Risk •  Copyrights •  Trademarks •  Patents •  Trade Secrets •  Valuing Intellectual Property •  Reputation Risk


Challenging Assignment 5 •  What types of works are covered? •  What are requirements for

creation? •  What are others prohibited from

doing? •  What is the duration? •  What risk control measures can

be used?


Betty has invented a new device that reduces the time it takes to backup computer data by 90 percent. She believes this will be of interest to several major computer and data manufacturers. Betty should protect her invention with a q  A: Copyright. q  B: Trademark. q  C: Patent. q  D: Servicemark.


A duration of a design patent is

q  A: Three years from the date of application. q  B: Fourteen years from the date of issuance. q  C: Seventeen years from the date of registration. q  D: Twenty years from the date of application.


Providence Pharmaceuticals believes that another company is infringing upon its trademark. Providence Pharmaceuticals' risk manager has instructed its legal department to begin by sending a cease-and-desist letter and, if that is unsuccessful, to follow up with a notification of intent to sue. This is an example of q  A: A restrictive covenant. q  B: A search and watch. q  C: A notice. q  D: An enforcement of rights.


Assignment 6: Legal and Regulatory Risk

•  Basis for Legal and Regulatory Risk •  Legal and Regulatory Risk Consequences •  Modifying Legal and Regulatory Risk •  Legal Systems •  International Law •  Commercial Liability Loss Exposures •  Assessing and Treating Legal and Regulatory Risk


Challenging Assignment 6 EO 6.04 •  Describe the characteristics of these predominant legal

systems: –  Civil law (including Roman-French, German, and Scandinavian) –  Common law –  East Asian –  Hindu –  Islamic –  Socialist-Communist


As opposed to many other legal systems, a strong characteristic of the East Asian countries' approach to contract disputes is q  A: A tradition of informal compromise. q  B: The dominance of individual parties asserting their rights in

arms-length negotiations. q  C: A combination of religious and philosophical doctrines that

inform judicial decisions. q  D: The codification of historical business practices as statutes.


The central idea of the Socialist-Communist law system was the emphasis on q  A: The state's right to acquire private property for public

purposes. q  B: Individual production for the state. q  C: Communal labor and property. q  D: The state’s interest over that of individuals.


Assignment 7: Management Liability

•  Directors and Officers Liability Loss Exposures •  Employment Practices Liability Loss Exposures •  Fiduciary Liability Loss Exposures


Management Liability •  Directors and Officers Liability

–  Major responsibilities and fiduciary duties (care, loyalty, disclosure, obedience) –  Types of suits (derivative, no derivative, class action)

•  Employment Practices Liability –  Laws affecting EPL loss exposures (See exhibit on pg. 7.10) –  Discrimination –  Wrongful termination –  Sexual harassment –  Retaliation

•  Fiduciary Liability –  What is ERISA? Why enacted? –  What are the duties and responsibilities of employee benefit plan fiduciaries? –  What is HIPAA?


Challenging Assignment 7 EO 7.03 •  Describe the legal foundations for fiduciary liability loss

exposures, with specific reference to the Employment Retirement Income Security Act (ERISA) and the duties of employee benefit plan fiduciaries.


Duties and Liabilities of Employee Benefit Plan Fiduciaries

•  Loyalty: A fiduciary’s actions must be solely in the best interests of the plan and all of its participants and beneficiaries.

•  Prudence: A fiduciary must carry out his or her duties with the care, skill, prudence, and diligence of a prudent person familiar with such matters.

•  Diversification: A fiduciary must ensure that the plan’s investments are sufficiently diversified to minimize the risk of large losses.

•  Adherence: A fiduciary must act according to the plan documents and applicable law.


The Employee Retirement Income Security Act (ERISA) spells out the four duties of a benefit plan fiduciary. Which duty requires that the fiduciary act with a certain level of skill and diligence?

q  A: The duty of prudence q  B: The duty of loyalty q  C: The duty of diversification q  D: The duty of adherence


Fiduciary liability loss exposures arise mainly when beneficiaries of a plan make claim against the plan officials for breach of their fiduciary duties. Which one of the following is a specific duty of a plan fiduciary?

q  A: To act in a way that is solely in the best interests of the organization providing the benefits

q  B: To ensure that the plan's investments are sufficiently diversified to minimize the risk of large losses

q  C: To carry out duties in such a way that no investment plans will lose money for the beneficiaries

q  D: To minimize actions that comply with the plan documents but may not be in compliance with the law


Assignment 8: Human Resource Risk

•  Human Resource Potential •  Types of Personnel Losses •  Assessing Personnel Loss Exposures •  Risk Treatment for Work-Related Injury and Illness •  Risk Treatment for Work-Related Violence •  Assessing and Treating Human Resource Risk


Challenging Assignment 8 EO 8.04 •  Explain how the following risk control techniques can be used to

mitigate losses arising from work-related injury and illness: –  Avoidance –  Loss prevention

•  Safety Engineering •  Workplace Design

–  Loss reduction –  Separation and duplication


Work-Related Loss Prevention Safety Engineering •  Physical controls – physical

controls (engineering) –  Isolation –  Wet methods –  Ventilation –  PPE

•  Procedural controls – procedural controls (administrative)

–  Job rotation –  Supervision –  Other administrative steps

Workplace Design •  Ergonomics – physical forces

–  Manual materials handling –  Cumulative trauma disorders –  Physical layout of workstations –  Displays and controls –  Fatigue –  Disabled employees

•  Human factors engineering – human capabilities

•  Biomechanics – mechanical limitations of people


A safety engineering physical control that might be used by an organization to prevent or reduce work-related injury and illness is q  A: Job rotation. q  B: Isolation. q  C: Training. q  D: Medical controls.


Which one of the following is a safety engineering procedural control used to prevent or reduce work-related injury or illness? q  A: Materials substitution q  B: Isolation. q  C: Process change q  D: Ventilation


A process that applies the knowledge of human behavior to design equipment people use on and off the job defines q  A: Biomechanics. q  B: Ergonomics q  C: Process oriented progression. q  D: Human factors engineering.


In the middle of a recession, Heavy Equipment Co. (HEC) was forced to lay-off hundreds of employees. HEC hired Paul as a human resource manager three weeks before the lay-offs were announced. Paul agreed to have the lay-off notices sent to employees with his name on the notice. However, he demanded several security measures including that his office be located beyond a checkpoint with a metal detector, his office door would remain locked, and any employee who visited him would be escorted by a security guard. The measures Paul required are examples of

q  A: Physical risk control measures. q  B: Procedural risk control measures. q  C: Managerial risk control measures. q  D: Mechanical risk control measures.



Segment A ● Intro to Risk Assessment & Treatment ● Root Cause Analysis ● Business Continuity ● Physical Property Risk

Segment B ● Intellectual Property & Reputation Risk ● Legal & Regulatory Risk ● Management Liability ● Human Resource Risk

Segment C ● Environmental Risk ● Crime & Cyber Risk ● Fleet Risk


Assignment 9: Environmental Risk

•  Legal Foundations for Environmental Liability •  Other Environmental Loss Exposures •  Environmental Statutes •  Environmental Risk Management, Risk Assessment, and Risk

Control •  Climate Change Risk •  Assessing and Treating Environmental Risk



EO 9.03 •  Summarize the basic purpose and distinguishing features of

each of the environmental statutes described. –  See Exhibit Page 9.11 “Summary of Federal Environmental Laws”


Which one of the following federal environmental statutes facilitates the cleanup of any abandoned or uncontrolled site containing hazardous substances and imposes strict liability for cleanup costs on potentially responsible parties? q  A: Toxic Substance Control Act q  B: Clean Air Act q  C: Resource Conservation and Recovery Act (RCRA) q  D: Comprehensive Environmental Response, Compensation,

and Liability Act (CERCLA)


Bethel Co. would like to apply a risk control measure to better manage its environmental loss exposures. The company produces a liquid similar to formaldehyde. A byproduct of the production process is the creation of a toxic liquid. One option Bethel is exploring is using a more expensive raw material that cuts the byproduct produced by over 40 percent. Other alternatives are to burn the byproduct in an industrial furnace, to add a powder to the byproduct that will transform it into a gelatin-like substance, or to bury the substance in double-barrels stored in a concrete bunker. Bethel chose the option of using the more expensive raw material that cuts the byproduct produced by over 40 percent. The risk control Bethel opted for is called

q  A: Solidification disposal.

q  B: Encapsulation.

q  C: Source reduction.

q  D: Stabilization disposal.


Assignment 10: Crime and Cyber Risk

•  Distinctive Features of Crime Risk •  Characteristics of Common Crimes •  Controlling Crime Losses •  Cyber Risk Loss Exposures •  Controlling and Financial Cyber Risk Loss Exposures •  Social Media Risk


Key Concepts Assignment 10 •  Be able to describe the characteristics of

common crimes. •  Be able to distinguish between policy,

physical, procedural, managerial controls and application to specific crimes

•  Be able to explain cyber risk in property, net income, and liability loss exposures and risk control measures (physical, procedural, etc.)


Using violence, intimidation, or threats to influence others’ behavior, often for a political purpose, is called q  A: Kidnapping. q  B: Extortion. q  C: Blackmail. q  D: Terrorism.


Specialized risk control measures are necessary for an organization to control cyber risk loss exposures. Which one of the following risk control measures would be most effective at preventing cyber risk-related losses such as the theft of customer credit card data? q  A: Post-cyber incident rapid recovery program q  B: High limits cyber insurance with a coordinated deductible

plan q  C: Notification of law enforcement officials when unauthorized

entry to the computer system is detected q  D: Managerial controls such as monitoring compliance with the

security plan


Assignment 11: Fleet Risk •  Fleets as Systems •  Federal Motor Carrier Safety Regulations •  Controlling Losses Associated With Motor Vehicle Safety

Systems •  Technological Advances in Motor Vehicle Fleet Safety


Challenging Assignment 11 EO 11.01 •  Explain how fleets can be viewed as systems and the

implications for fleet loss control. –  Components and purpose –  Environment –  Life cycle –  Systems and relationships


Challenging Assignment 11 Life Cycle

Conceptual Phase

Engineering Phase

Production Phase

Operational Phase

Disposal Phase


Challenging Assignment 11 •  Systems and Relationships •  When subsystems fail, increases chance of loss in the larger

system components –  Brake failure likely to cause accident

•  When the larger system fails, it strains the subsystems


The importance of systems relationships from a risk control and fleet management perspective is that q  A: When a smaller system fails, the larger system of which the

smaller system is a part is more likely to fail. q  B: Focusing on the larger system of which the smaller system

is a part will result in the best risk management outcomes. q  C: Failure of any component leads to increased strain on only

smaller subsystems. q  D: Directing all risk management energy toward smaller

systems is most cost-effective.


Please complete the session survey on the RIMS14 mobile

application.

GOOD LUCK ON EXAM!

copyright©2015theinstutes handouts/rims 15/cad003/cad003_ar… · (jsa) evaluates repetitive human...

Documents