Critical Risk Due Diligence

Are incident’s evidence that due diligence is lacking in Hazardous Facility management?

For more serious incidents or near misses,  a root cause analysis to determine the technical and organisational causes. Companies that lack safety maturity may determine the technical or human error causes and more mature ones may determine that management systems have failed, however how many investigations actually are critical of lack of due diligence by the board and senior leadership team. From my perspective, this is where safety performance starts.

What does due diligence mean?

Wikipedia defines “due diligence” as the "required carefulness" or "reasonable care" in general usage, and has been used in the literal sense of "requisite effort" since at least the mid-fifteenth century. Due diligence for safety management are aimed at the board and senior leadership /executive of a company. This group of people, need not be experts but must have mechanisms in place to:

      1. Keeping up to date with knowledge on H&S
      2. Have an understanding of their companies risks
      3. Having resources in place to minimise the risks within the business
      4. Ensuring there are mechanisms in place to monitor your hazards and risks
      5. Ensuing there are processes in place to comply with our legal obligations

If that the board and executive understand and act on the above they are likely to be driving good safety performance within their business.

Are due diligence requirements different for high hazard facilities?

High hazard facilities have the potential for major events and as such, the  management of such facilities requires effective assurance of the controls that prevent these events. These controls can be either specific hardware/ software controls OR critical management systems. The board and executive team should be receiving regular information on the performance of these controls. If board papers (relating to H&S) are dominated by occupational safety information and not control assurance of critical risks, it is likely that they are not performing the necessary due diligence on the businesses they oversee.

A key observation: Lack of an effective Safety Management System (SMS)

A performing safety management system is a key ingredient a business needs to facilitate due diligence. A Safety Management System (SMS) is a management framework that is used to drive the performance of the various safety elements within the business. Typical elements of an SMS would include change control, incident management and emergency response. Through numerous audits of small organisations to multi-nationals, I have come to the conclusion that the root of many safety performance issues comes down to the lack of an effective SMS that facilitates the board and executive to ask the right questions. Here are some of my observations from audits:

  1. The SMS is a statement of good intent and not setup for performance management
  2. The SMS lacks metrics and clear accountabilities
  3. The SMS is geared towards OHS and not high hazard management (ie critical risks)

In short, a good SMS is an effective enabler of due diligence. If any of the above gaps exist within your business, there is a chance that your executive and board are unable to perform their duties in H&S.

I am a member of my executive or board – what should I be doing to improve my due diligence in the area of critical risk?

  1. How much of the boards discussion is dedicated to your critical risks vs occupational safety?
  2. Does the board understand what their high hazard risks are?
  3. Does the board reports contain metrics regarding the performance of a control assurance program?

If any of the answers to the above questions are Yes, then it is likely that you are unable to exercise due diligence over your business.


Download the following critical risk due diligence checklist for more information on what to look for as a board or executive member.

Download Due Diligence Checklist

Need an 2 hour session to familiarise your board or executive in Critical Risk Management Due Diligence?

Critical Risk Management for Directors & Executives  Training Enquiry