Jim Joy outlines the evolution of operational risk management (ORM) in the mining industry from control-based risk management to critical control management (CCM). CCM prioritizes identifying and managing the critical few controls that are most important for preventing high-risk events. It involves identifying critical controls, embedding their effective use, verifying control performance, and establishing feedback loops to support continuous learning. CCM provides a framework for mining companies to focus on controls known to be crucial for eliminating fatalities and achieving risk management objectives.

1. Optimising Operational Risk Management
Jim Joy

2. History of the Mining Risk Management
90 91 92 93 94 95 96 97 98 99 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
MINING RISK MANAGEMENT EVOLUTION
Major Hazard
Mgmt Plans
Control
Based
RM
Team-Based
Risk
Assessment
Tools
ORM
Model
Critical
Control
Management
Risk
Registers

3. TEAM-BASED
WORKPLACE
RISK
ASSESSMENT

4. High RiskLow Risk
The level of risk is determined by the
controls & their quality

5. EXAMPLES
OBJECT ACT
TECHNOLOGICAL
SYSTEM
Isolate the
source with a
lock

6. ACARP C23007 - Report Jul14
CONTROLS
Threat
Threat
Threat
Outcome
Outcome
Outcome
INITIATING
EVENT
Bowtie Analysis (BTA)

7. What is Critical Control Management (CCM)?
7
• Including a verification
and reporting process
CCM is fatality
elimination through
increased
understanding of
priority risks and the
effective embedding of
related critical
controls.

8. CCM

9. Mining CCM process
“85% of ICMM members
moving to CCM”

10. A journey in control thinking & management

11. OBJECT ACT
TECHNOLOGICAL
SYSTEM
Isolate the
source
with a lock
Limited
Control Focus
Example
1

12. Transition to control-focused mindsets and methods
• Target outcome – personnel focused on controls and their
quality as the route to safe work
• How are things currently done at the site?
• Communication content
• Training content
• Risk assessment forms design and application
• Risk management procedures
• Promotion materials
• Incident investigation methods
• How could the differences be addressed? Fix it or stop it
Are they
control-
focused?

13. Control-Based
Risk Management
(CBRM)
EXAMPLE
2
2

14. CBRM Steps
1. Carefully define the Priority Unwanted Events (PUEs)
2. Apply a Bowtie Analysis (BTA) method to identify and examine the current
overall control strategy
3. Critically examine the adequacy of the controls and their erosion factors
4. Identify ways to improve control effectiveness
5. Define the planned overall control strategy from the finalised BTA

15. Is it effective? What compromises it? What supports it?
OBJECT ACT
TECHNOLOGICAL
SYSTEM
Isolate the
source with a
lock

16. ACARP C23007 - Report Jul14
EFFECTIVE
CONTROLS
Threat
Threat
Threat
Outcome
Outcome
Outcome
INITIATING
EVENT
Control Strategy – define, implement, audit

17. Critical Control
Management
(CCM)
EXAMPLE
3

18. Critical
Control
Identification
Critical Control
Embedding
Critical
Control
Learning
Critical Control
Management
(CCM)
EXAMPLE
3

19. Some controls are more important than others
Better to
manage the
critical few
well than try
to manage
all controls

21. VEHICLE INTERACTION CONTROLS
Acts – 66%
Technological
Systems – 20%
Objects – 16%

22. Acts as Controls??

23. Critical
Control
Management
(CCM)
EXAMPLE
3
Critical
Control
Identification
Critical Control
Embedding
Critical
Control
Learning

24. Tools for each layer linked to a reporting system

25. How do we verify the control?
OBJECT ACT
TECHNOLOGICAL
SYSTEM
Isolate the
source with a
lock

26. Critical Control Reporting Summary – communicating the risk
Examples of dashboard
reporting

27. Critical
Control
Management
(CCM)
EXAMPLE
3
Critical
Control
Identification
Critical Control
Embedding
Critical
Control
Learning
3

28. Critical Control feedback
• The ‘Learning From
Incidents’
investigation process
closes the feedback
loop by identifying
failed Critical Controls
• Potential for industry-
wide learning – doable
now

29. History of the Mining Risk Management
90 91 92 93 94 95 96 97 98 99 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
Critical
Control
Management
Planning
5 Year
Plan
Major Hazard
Mgmt Plans
ORM
Model
Control
Analysis
ToolsTeam-Based
Risk
Assessment
Tools
Risk
Registers

30. ALERT
Control effectiveness
threshold for
UG ground fall event
has been compromised
IMMEDIATE ACTION
REQUIRED
Click here for defined
actions

31. A journey in control thinking & management

32. LinkedIn Series on ORM
1. Welcome and introduction to the series
2. A short history of Operational Risk Management(ORM) in Australian mining
3. Key words and concepts in ORM - getting the thinking and conversations consistent
4. Making the argument - risk is all about controls and their effectiveness
5. Good practice ORM – 4 layers with control-focused risk assessment methods
6. It’s a Journey – using journey models to analyse and plan ORM improvements
7. Overview of Critical Control Management (CCM) and a few of its challenges
8. Identifying critical controls to meet objectives and selection criteria that considers
cruciality, measurability and ‘indicativeness’
9. Considering ‘acts’ as critical controls and the challenge of their measurability
10. Challenging critical control performance requirements
11. Establishing the verification process – possibly the most challenging part of CCM
12. Linking the Critical Control performance requirements to the design of the verification
process
13. Defining accountabilities and the reporting process
14. Learning and continuous improvement of CCM j.joy@uq.edu.au