self driving autonomous car
ComplianceESGFebruary 11, 2020

Refreshing the Bowtie Guidelines – Some ‘barriers’ to eliminate weak models

Losing control blog
Figure 1: Bowtie Diagram Guidelines. Click here to view the full image.

Bowtie turns out to be a very efficient method to understand your risks and manage your barriers in order to support operations.

It is an intuitive, scenario-based visualization of reality. As with all models, it must be said that “all models are wrong, but some are useful” (George E. P. Box, 1976) since it is a paper world representation. Box challenged how wrong a model has to be, in order for it not to be useful. In the case of bowties, it is advised to stick to certain guidelines to structure the models’ initial skeleton, to reach an optimal end result, and be as useful as possible.
This blog will cover the principles that CGE Risk recommends when formulating basic bowtie elements.

Hazard – the desired state or activity in normal business

When defining a hazard, it is important to keep in mind that there is no ‘hazardous situation’ taking place as of yet. Regardless of the slight negative connotation with the word hazard, in professional situations it is seen as the normal activity or state of daily operations. It does however contain a hazardous substance or energy that, when released, has the potential to cause harm and lead to negative outcomes.

Losing control blogFigure 2: Driving a car has the potential to cause harm

Top Event – a deviation from the desired state or activity in normal business

The top event can be described as the very first moment when control over the hazard is lost. A major pitfall is to define a top event in a disastrous state already, while this is not the idea. The top event is a change of state of your hazard from which it is still possible to recover. Also, sometimes the connection between the hazard and the top event is not established well. Providing a logical relation between these two will prevent this from happening and sets a correct scope for your bowtie.

Losing control blogFigure 3: If we lose control over it, driving a car has the potential to cause harm

Similar to the hazard, the top event can indicate the scale that the bowtie will cover by defining what can be seen as an abnormality in business. Note: One hazard can have multiple top events.

Threats – a direct and independent cause that can lead to the top event

A common mistake when defining threats is stating barrier failures rather than (external) forces acting upon the initial process at hand. Often a barrier has become so common that we forget that it was not a part of your original operation. When being stuck on phrasing barrier failures, it can be helpful to ask why a certain procedure, protocol, or hardware exists in the first place; this will eventually lead you back to the threat that required barriers to be implemented.

Losing control blogFigure 4: Threats leading to loss of control when driving a car

Threats on their own should be sufficient enough to lead directly to the top event. When two threats are needed to occur together before the top level can be reached, it is necessary to reformulate a combination of these two in order to create an independent route leading to the top event.

Consequences – negative event outcomes arising from the top event

Often people are tempted to define a consequence as the loss or damage resulting from the top event. Already by reading this sentence, an alarm bell should sound. “Damage resulting from the top event”, how did that occur then? And this is exactly what should be defined; which events occur after a top event has taken place. These are your consequences.

Losing control blogFigure 5: Preventive barriers to avoid progressing into a top event

Keep in mind to involve a detect/decide/act component for each barrier, and to phrase your barrier in its desired (non-failing) state. This will guide you in identifying functional and relevant barriers over which you are in control, in order to prevent the next event from happening.

Related Insights

  • 10 tips to impactful internal Audit Committee reporting
    Article
    Compliance
    April 29, 2024
    10 tips to impactful internal Audit Committee reporting
    Clear, relevant, and frequent communication between internal audit, the Audit Committee, and the Board is critical to driving organizational transformation, and delivering actionable information
    Learn More
  • Individual Retirement Accounts: 2023 contribution reporting on IRS Form 5498
    Article
    Compliance
    Tax & Accounting
    April 29, 2024
    Individual Retirement Accounts: 2023 contribution reporting on IRS Form 5498
    The 2023 IRA contribution reporting deadline is May 31, 2024. With this deadline in mind, IRA custodians/trustees should review all IRS Form 5498, IRA Contribution Information, requirements to ensure accurate and timely reporting.
    Learn More
  • Innovation and technology part 2: Staying on top of the organization's technology adoption
    Article
    Compliance
    April 26, 2024
    Innovation and technology part 2: Staying on top of the organization's technology adoption
    While adopting new technologies can bring risk, it’s also important to remember the dangers of failing to stay up to date on new tools.
    Learn More
  • Innovation and technology part 3: Internal audit’s tech talent challenge
    Article
    Compliance
    April 26, 2024
    Innovation and technology part 3: Internal audit’s tech talent challenge
    Internal audit can and should be technology’s biggest advocate in the organization. It is the change-bearer, the partner, the bringer of good news.
    Learn More
Back To Top