Which of the following would be the best example of an outcome of operational risk?

Operational Risk Assessment

Operational risk assessment is performed in process critical equipment and facilities. Its objective is to focus the maintenance resources (money and labor) on the plants that have the highest risk. Operational risk assessments start with data gathering and evaluations. The data used for an operation risk assessment is usually collected during the equipment/facility operations. There are three major contributors to the operational risk, namely:

Equipment: There is no doubt that the equipment is a major contributor to the operational risk. Equipment is operated by humans, in order to produce products. Maintenance activities are performed on all equipment.

Production: Loss production (including scheduled maintenance and turnaround) and product quality below standards are an operational risk. Production loss may be due to equipment failure, lack of raw material supplies, shortage in packaging, or shipping and storage.

Human: Humans are the key contributors to operational risk. People often cause system failure and make up costs when equipment fails, and production is reduced, for example, in terms of labor costs.

15.4.4 Operational

Operational risks relate primarily to operational unreliability due to unplanned outage. High fixed costs combined with unit sizes often counted in multiples of fossil and renewable plant capacities make the unavailability of a nuclear generating station a costly affair. In addition to lost revenues, utilities that sold their electricity under long-term power purchase agreements may be forced to provide high-cost replacement power from other generators. Operational risks are generally less an issue for utilities with a sufficiently large portfolio of generating capacities.

Plant operating safety is a non-negotiable prerequisite for a profitable nuclear power plant. A plant that is found to be not in compliance with operating safety regulations will be shutdown by the national regulatory authority and a shutdown plant does not earn revenues. Moreover, regulatory oversight and, if necessary, intervention also protects the utility’s revenue generating asset from potential serious damage and long-term unavailability. An operational risk exists, however, if regulatory intervention is politically motivated and not exclusively safety related.

4.5 RISK MANAGEMENT

Managing operational risks is at the heart of any management strategy related to production assets. Controlling operational risk depends on measuring it, understanding it, and knowing how to reduce it. Consequently, the process of managing operational risk can be summarised by the following stages:

Risk assessment and risk prioritising:

Identification of possible failure scenarios.

For each failure scenario estimating its likelihood and consequences (impact).

Prioritising risks according to their magnitude.

Estimating the total risk. Assessing to what extent risk can be managed and selecting appropriate risk response strategy:

Avoiding the risk.

Reducing the risk through appropriate risk reduction measures and techniques.

Accepting the risk.

Transferring the risk partially or fully to another party (e.g. transferring the risk by contracting, through purchasing insurance, warranties, etc.).

Spreading the risk (e.g. by a joint venture, alliances, risk apportionment through contracts between several parties, etc.).

Implementing the selected response strategy, reviewing and maintaining the implemented measures.

Central to the risk management is assessing to what extent risk can be managed and selecting appropriate risk response strategy. Avoiding the risk altogether is the best prevention measure because it eliminates the cause of risk. Thus, the risk of chemical poisoning is avoided if non-toxic substances are used. The cost of risk avoidance is often very small compared to the cost of the consequences should the risk materialises. Just as it is in the all-familiar case, where the extra few minutes to check the traffic route before leaving to the airport and selecting an appropriate alternative route, avoids the cost of missing the flight and its consequences.

The problem with the risk avoidance strategy is that it is not always possible or appropriate for every risk. As a result, various risk reduction measures are implemented.

In cases where the intervention for repair is very difficult or very expensive (e.g. deep-water oil and gas production), preventive approach to risk reduction should be used which consists of reducing the likelihood of failure modes. Preventive measures should be preferred to protective measures wherever possible because while protective measures mitigate the consequences from failure, preventive measures exclude failures altogether or reduce the likelihood of their occurrence.

Protective measures are often preferred in cases where the likelihood of failure is significant and little or no control over the failure occurrence exists. Protective measures are also efficient against low-probability high-impact events.

A basic step of the risk management is the identification of as many as possible failure scenarios, assessing their likelihood and impacts. After the total risk associated with the identified failure scenarios has been estimated, the focus is on making a decision. If the risk is low, the risk is accepted and no further action is taken. Otherwise, the risk must be transferred, spread or reduced.

If the risk can be managed easily by a risk reduction, a large total risk would require selecting and implementing appropriate risk reduction measures.

After assessing the risks corresponding to the separate failure scenarios they are prioritised. The risks piCiassociated with the separate failure scenarios are ranked in order of magnitude. A Pareto chart can then be built on the basis of this ranking and from the chart, the failure scenarios accountable for most of the total risk are identified (Fig. 4.12). Risk reduction efforts are then concentrated on the few failure scenarios accountable for most of the total risk.

Deciding upon and selecting particular risk reduction measures may not necessarily reduce the total risk. Indeed, a common situation during the design of complex systems exists when design modifications to eliminate a particular failure mode often create another failure mode. In order to reduce the possibility of introducing new failure modes, each time after

Appropriate risk reduction measures are identified which will reduce the risks associated with these few failure scenarios. Next, new failure scenarios are identified, and the total risk is estimated and assessed again. This iterative process continues until the risk-assessment procedure indicates that the total risk is acceptable. Consequently, the process of risk reduction can be described by the block diagram in Fig. 4.13, the main feature of which is the iterative loop related to selecting appropriate risk reduction measures. deciding upon and selecting appropriate risk reduction measures (e.g. a design modification), possible failure scenarios are identified and assessed again. Furthermore, risks are often interrelated. Decreasing the risk of a particular failure scenario may increase the risk of other failure scenarios. Thus, building a tourist attraction on a remote place with sunny weather reduces the risk of reduced number of customers due to bad weather but simultaneously increases the risk of reduced number of customers due to higher transportation expenses (Pickford, 2001). The only protection against interrelated risks is integrated risk management which includes assessment of all individual risks and the total risk after deciding upon each risk reduction measure.

Risk can be reduced from a level K to a lower level K’ either by reducing the loss given failure or by reducing the probability of failure or by reducing both (point A in Fig. 4.14).

For a single failure scenario, the risk reduction is (Fig. 4.15)

(4.26) ΔK=K−K'=pfC−(pf−Δpf)(C−ΔC) =ΔpfC+ΔCpf−ΔpfΔC

The selected approach to risk reduction is dependent on the risk profile. In case of a large loss given failure, the risk is very sensitive to the probability of failure and relatively insensitive to the loss given failure. Indeed, as can be seen from point C in Fig. 4.14, for a large cost given failure, a relatively small reduction in the probability of failure yields a significant reduction of the risk.

Risks can also be reduced by reducing the loss given failure (point Bin Fig. 4.14). A risk reduction of magnitude ΔK can be achieved solely by reducing the probability of failure by Δpfm= ΔK / C. Conversely, the same risk reduction ΔK can also be achieved solely by reducing the loss given failure by ΔCm= ΔK/Pf (Fig. 4.14, point A). The same risk reduction ΔK can be achieved at various combinations of the probability of failure Δpfand the losses from failure Δ C which vary in the intervals 0 ≤ Δpf≤ Δpfmand 0 ≤ ΔC ≤ ΔCm. The decision regarding which type of risk reduction should be preferred depends also on the cost of investment to achieve the reduction. In other words, the values Δpf and ΔC should be selected in such a way that the risk reduction ΔK is achieved at minimal cost.

From equation 4.26, for M mutually exclusive failure scenarios, the expression

(4.27)ΔK=K−K'=∑i=1MΔpfiCi+∑i=1M ΔCipfi−∑i=1MΔpfiΔCi

is obtained for the risk reduction, where Δpfiand ΔCivary in the intervals 0 ≤ Δpfi≤ Δ K / Cimand 0 ≤ ΔCi≤ ΔK/pfim. Again, the values Δpfiand Δ Cishould correspond to a risk reduction ΔK achieved at a minimal cost.

An optimum balance of the expenditure Q towards a risk reduction and the total risk of failure K must be achieved wherever possible. Too little investment towards risk reduction results in too large risk of failure. Too large investment towards risk reduction means unnecessary costs which cannot be outweighed by the risk reduction. The right balance is achieved at the optimum level of expenditure Q*which minimises the total cost G = Q + K (Fig. 4.16).

Consider for example a problem from risk-based inspection related to determining the optimum number of independent inspections which minimises the sum of the cost of inspections and the risk of fatigue failure.

Failure is caused by a particular defect and is associated with expected cost with magnitude C. Let p denote the probability that such a defect will reside in the high-stress region of the component and will certainly cause fatigue failure if it goes unnoticed during inspection. Each independent inspection is associated with probability q that the defect will be identified given that it is present in the inspected region. Consequently, given that the defect resides in the high-stress region of the component, the probability of missing it after n independent inspections is (1 − q)n. The probability that the defect will be present in the high-stress region after n inspections is p(1 − q)nwhich is the product of the probability that the defect will reside in the high-stress region and the probability that it will be missed by all independent inspections. Suppose also, that the cost of each inspection is Q. The risk of failure after n inspections is then p(1 − q)n C, because p(1 − q)nis the probability of failure of the component. The risk of failure decreases exponentially with increasing the number of inspections (Fig. 4.17).

The cost of inspection is nQ, and increases linearly with increasing the number of inspections (Fig. 4.17). The objective function f (n) to be minimised is the total cost, which is a sum of these two costs

(4.28)f(n)=p(1−q)nC+nQ

where n can only accept integer non-negative values in the range n = 0, 1, 2, …, nmaxwhere nmaxis an upper limit of the possible number of inspections. The optimal number of inspections nopt minimising the total cost (expenditure) can then be determined easily by using a standard numerical algorithm for non-linear optimisation (Press et al., 1992).

Figure 4.17 represents the function f (n) for the numerical values p = 0.05, q = 0.7, C = $30,000 and Q = $200.

As can be verified from the graph, the minimum of the total cost is attained for n = 2 independent inspections. A smaller number of inspections is associated with greater total cost because of the greater risk of fatigue failure. Similarly, a larger number of inspections is also associated with greater total cost because of the excessive cost of inspections which cannot be outweighed by the risk reduction.

14.3 Operational Risks

Although the operational risk to conducting business is substantial, there are direct and specific actions ventures can take to minimize those risks. Here, we discuss four specific approaches that will help a start-up technology venture limit its exposure to legal risks:

Venture governance

Investor relations

Human resources management

Founding and ongoing legal counsel

14.3.1 Venture Governance

In the twenty-first century, all firms, large and small, must pay attention to sound corporate governance. In 2008, the world was rocked by rapidly declining stock markets, and a number of high-profile business scandals. In the United States, former NASDAQ chairman Bernard Madoff admitted to running a $50 billion Ponzischeme investment house.8 The failure of investors and government agencies to uncover his scheme during its more than 20 years of fraud will surely lead to new regulations about governance. In 2000, for example the collapse of Enron led to the development of the Sarbanes-Oxley regulations for corporate governance.9 These regulations have placed significant new governance and disclosure burdens on public companies. The intent of the regulations is to ensure that investors are aware of and can make informed investment decisions based in part on how a company governs itself.

The need for effective governance also is a global issue. In early 2009, India's financial markets were stunned to learn that one of its star performers, Satyam Computer Services Ltd., was based on fraudulent profits.10 Satyam's founder and CEO B. Ramalinga Raju confessed that he had been “cooking the books” for several years. As a result of this revelation, India is moving quickly to boost its oversight of corporate governance and accounting practices. The nation's leaders are concerned that global investors and business interests will lose confidence in conducting business in India.11 Sound corporate governance and assertive oversight, including the ability to uncover and punish wrongdoers, is critical to creating that confidence.

Although effective governance begins with compliance with legal regulations, in many cases, it goes far beyond that. For example, organizations around the world are being evaluated by their commitment to “sustainability” and environmental issues. These pressures don't necessarily come from regulatory agencies; they are often local or national political concerns. Still, start-up ventures must be alert to issues that are important to market participants. Running afoul of these issues—such as being perceived as unconcerned about the environment—could be bad for future business. On the other hand, it may be smart to take advantage of prevailing market opinions. For example, currently it is possible to build goodwill for the venture by indicating a commitment to “green” concerns and issues.12 Of course, this goodwill could immediately be withdrawn if a venture didn't follow through with its stated commitments.

Venture governance practice and philosophy should include a number of tactics and approaches. In the early stages, most technology entrepreneurs have a number of pressing concerns on their minds. Often, the establishment of sound governance procedures is overlooked as other urgent issues capture attention. Yet, experienced entrepreneurs attest to the importance of laying a solid foundation for effective governance during the early stages of the venture's life.13 This often begins with the formulation of a compelling mission statement and vision for the venture.

Mission and vision

Sound corporate governance begins with a mission statement. A venture's mission statement can have significant meaning to stakeholders. On the one hand, simply having such a statement indicates a level of maturity and sophistication that is common to larger, more well-established ventures. The venture's mission statement should be achievable and should be clearly and succinctly written. A mission statement should avoid trite and unachievable assertions, such as “global leader” or “best in the world.” These are meaningless and, in practice, would be impossible to measure and evaluate. The best mission statements are focused on customers, and how the venture is dedicated to excelling in serving them. Exhibit 14.1 is the mission statement for biotech firm Genentech.

Exhibit 14.1. The Genentech Mission Statement.

A basic governance philosophy and code of ethics or statement of company values might also be formulated and used to guide the venture's decision making. Exhibit 14.2 provides the governance principles behind Dell Computers.

Exhibit 14.2. Dell Computers Governing Principles.

Of course, simply formulating a mission statement and code of ethics is just the beginning of effective venture governance. In addition to these statements, ventures need to establish lines of authority, accountability, and responsibility. This can be enhanced by developing an ultimate authority in a governing board of directors or board of advisors. We turn next to the role of governing boards in venture risk management.

Abstract

One of the biggest operational risks to water companies arises from their ability to control the day-to-day management and optimisation of their water treatment systems. With emerging pressures to remain competitive within national and global markets, companies are looking for solutions to be able to make predictions on how their chosen treatment processes can be improved. The objective of this work is to develop a detailed mathematical modelling methodology of a conventional clean water treatment plant which includes detailed models of each of the key processing unit operations. The methodology is first validated by individual unit examples based on experimental data from literature, before the operation of a complete water treatment plant is considered.

3.8.5 Process safety

Process safety is the key to managing operational risk; where this fails, major disasters such as Deepwater Horizon, Buncefield, Texas City refinery, Alpha Piper, and Jaipur occur. These incidents build upon each other in the minds of the public and politicians, with individuals called to account and no longer protected by the collective corporate responsibility. This leads to increased scrutiny through regulation and compliance orders, which, in turn, can undermine investor confidence in refineries and refiners, irrespective of whether the operation is making good financial returns.

Predicting whether tomorrow will be an incident-free day is the challenge, and which begs two further questions of how this will be achieved and how we can measure this achievement.

Achieving that flawless refinery operation, to achieve operational excellence is probably not going to happen without the use of a conceptual model or structural framework. From the identification of risk and assessing that risk for probability and impact, through risk mitigation measures, to a constant review and improvement process would be the basis of such a conceptual framework.

Using a framework or structure will permit the measurement of how well the refinery is doing on an absolute scale and thereby identifying areas for concern within a process safety profile. By benchmarking within the refinery's peer group, a relative measure can also identify just how well the safety and operational integrity of one refinery is doing against the rest of the industry.

Process safety has emerged as a higher-profile concern for refiners during the past decade, and the questions have developed from just recording incidents into ensuring the integrity of the operation, and also proving that the refiner knows that this is being done.

3 Agricultural production operations and risks towards circular economy

We consider in the I4-CE operational-risk assessment the upstream or supply side of the system boundary in the agribusiness value chain seen in Figure 1. Although the business model describes the full range of activities comprising all steps that involve agricultural processes and products from harvesting to retailing, covering inbound logistics, operations, outbound logistics, marketing, sales, and service, we focus on the production step only where I4 applications under CE principles can be assessed and evaluated.

According to Manitoba agriculture and resource development (Manitobia, 2020), the total cost for production of crops takes into account many setups, stocks and flows related to operations, fixed costs, and labour expenses. Operating costs are composed by seeds, treatment, fertiliser, herbicide, fungicide, insecticide, fuel, machinery operating, machinery lease, rental, custom, crop insurance, hail insurance, land taxes, drying costs, interest rate, and other minor costs. Fixed costs include land costs, machinery costs, storage costs. Labour cost is the hourly wage of the total number of needed labours per acre.

To evaluate the impact of I4 and CE in manpower towards precision agriculture, the type of I4 technology used in each production step is investigated and categorised into unmanned aerial vehicles (UAV), manned aerial vehicles (MAV), unmanned ground vehicles (UGV), and manned ground vehicles (MGV). In the methodology, every production step, associated with each I4 adoption, is subjectively evaluated using CE’s detailed principles using the 9R model (refuse, rethink, reduce, reuse, repair, refurbish, remanufacture, repurpose, recycle, and recover), which is the extended form of the 3R on reduce, reuse, and recycle (Kirchherr et al., 2017). Then, the I4-CE impact in manpower is identified per each step, whereby labour involvement is clearly shown in land preparation, fertilising, irrigation, disease control, monitoring fields, and harvesting. As a labour-intensive industry, our proposition is to evaluate the impacts of I4 applications, under CE concepts, to manpower in agribusiness, in which drones participate as a sustainable and efficient manpower replacement tool in this field.

The operational-risk matrix methodology quantifies the possible risk level of each I4 option under CE pillars (economic, environment, and social) considering I4 adoption into CE impact risk values of 0.1, 0.3, and 0.6 for low, medium, high risks, respectively. According to the department of agriculture in the United States (Dohlman, 2020; Harwood et al., 1999), agricultural risks that impact farming are classified into five categories: production, market, financial, institutional, and personal. Production risks are factors that affect both the quantity and quality of produced commodities. It is driven by the uncertain natural growth processes of crops and livestock. Market risks refer to the uncertain prices that producers must pay for inputs used to grow different types of commodities. Financial risks are related to loans, rising interest rates, restricted credit availability, etc. Institutional risks have a major impact on agribusiness that results from uncertainties surrounding government actions such as price levels, waste disposal rules, taxes, chemical use regulations, etc. Personal risks include job profiles, human health, relationships that affect the agribusiness, illness, accidents, death, divorce, and any social crises that can threaten the agribusiness.

Pooling these risks in the I4-CE adoption-impact, we use the notation n for the number of processes, x denotes the CE pillar (economic, environment, social), P refer to the process itself. In the sensitivity risk analysis, the risk sum (Eq.1), its average (Eq.2) and the risk pooling (Eq.3) are defined to evaluate the environmental, economic, and social effects by adopting I4 in the agriculture processes.

(1)∑i=1nPix

(2) ∑i=1nPixn

(3)∑i=1x∑i=1nPixn

9.7.3.2 Societal responsibility

The aggregate industry exposes workers to potential hazards, and reduction of operational risk is an essential part of aggregate extraction and processing. Occupational health and safety issues are commonly addressed through training programs, monitoring, health screenings, and by following best management practices. Identifying the values, interests, and goals of stakeholders is a necessary step to resolve the complex social issues of SARM. For example, the benefits of aggregate development are dispersed over very large areas, but the community where extraction occurs suffers most of the adverse consequences of resource development. SARM depends on fairness to those living near or impacted by quarrying while considering the regional benefits from aggregate extraction (Šolar et al., 2004).

Societal responsibility

The aggregate industry exposes workers to potential hazards, and reduction of operational risk is an essential part of aggregate extraction and processing. Occupational health and safety issues are commonly addressed through training programs, monitoring, health screenings, and by following best management practices. Identifying the values, interests, and goals of stakeholders is a necessary step to resolve the complex social issues of SARM. For example, the benefits of aggregate development are dispersed over very large areas, but the community where extraction occurs suffers most of the adverse consequences of resource development. SARM depends on fairness to those living near or impacted by quarrying while considering the regional benefits from aggregate extraction (Šolar et al., 2004).

Health and safety implications and interlocks for constant-volume sampling systems

The following three fault conditions are drawn from experience and should be included in any operational risk analysis of a new facility:

Where the exhaust dilution air is drawn from the test cell and in the fault condition of the blower working and the cell ventilation system intake being out of action, or switched off, a negative cell pressure can be created that will prevent the opening of cell doors. The cell ventilation system should therefore be interlocked with the blower so as to prevent this occurring.

In the fault condition of the blower being inoperative or the airflow too low due to too small a flow venturi being used, the hot exhaust gas can back flow into the filter and cause a fire. A temperature transducer should be fitted immediately downstream of the dilution tunnel inlet filter and connected to an alarm channel set at about 45°C.

Gas analyzers that have to discharge their calibration gases at atmospheric pressure should have an extraction cowl over them to duct the gases into the ventilation extract; such an extract should be interlocked with the analyzer, preferably by a flow sensor.