**2. Risk management**

Risk management is an iterative and cyclic process whose main aim is to eliminate or at least to reduce the risks according to the ALARP (as low as reasonably practicable) principle. Following the methodology PDCA (Plan-Do-Check-Act) risk management is a systematic process that includes the examination of all characteristics of the work performed by the worker, namely, the workplace, the equipment/machines, materials, work methods/practices and work environment; aiming at identifying what could go wrong, i.e. finding what can cause injury or harm to workers; and deciding on proper safety control measures to prevent work accidents and occupational diseases and implement them (i.e. risk control).

Performing risk management entails several phases, which are illustrated in Figure 1. Considering a work system under analysis, the first phase is the collection of data, usually denoted as Risk Analysis, i.e identification of hazards present in the workplace and work environment as well as the exposed workers, and identification of potential consequences of the recognized hazards – risks, i.e. the potential causes of injury to workers, either a work accident or an occupational disease. This is followed by the Risk Assessment phase, which includes the risk evaluation, the ranking of the evaluated risks and their classification in acceptable or unacceptable. At the end of this phase the unacceptable safety and health risk situations are identified. The last phase is Risk Control that includes designing/planning safety control measures to eliminate or at least to reduce risks to ALARP, followed by the implementation of safety control measures. This should be done using the following

For this purpose employers must perform risk assessment regarding safety and health at work, including those facing groups of workers exposed to particular risks, and decide on protective measures to take and, if necessary, on protective equipment to use. Risk assessment is according to (BSI, 2007), the process of evaluating the risk(s) arising from a hazard(s), taking into account the adequacy of any existing controls, and deciding whether or not the risk is acceptable. According to OSHA an acceptable risk is a risk that has been reduced to a level that can be tolerated by the organization having regard to its legal

In a work situation a hazard is, according to (BSI, 2007), a source, situation or act with a potential for harm in terms of human injury or ill health or a combination of these, whereas risk is defined by the same standard as a combination of the likelihood of an occurrence of a hazardous event or exposure(s) and the severity of injury or ill health that can be caused by

Risk assessment should be integrated in a more comprehensive approach, designated as risk management, which includes also the process of performing the reduction of risks to an acceptable level. This can be achieved through the implementation of safety measures or safety controls considering the following hierarchy: engineering controls to eliminate the risk, to substitute the source of risk or at least to diminish the risk; organizational/administrative controls to diminish the workers exposure time or to sign/warn risks to workers and; as a last measure, the implementation of personnel protective equipment usage. A key aspect in risk management is that it should be carried

Risk management is an iterative and cyclic process whose main aim is to eliminate or at least to reduce the risks according to the ALARP (as low as reasonably practicable) principle. Following the methodology PDCA (Plan-Do-Check-Act) risk management is a systematic process that includes the examination of all characteristics of the work performed by the worker, namely, the workplace, the equipment/machines, materials, work methods/practices and work environment; aiming at identifying what could go wrong, i.e. finding what can cause injury or harm to workers; and deciding on proper safety control measures to prevent work accidents and occupational diseases and implement them (i.e.

Performing risk management entails several phases, which are illustrated in Figure 1. Considering a work system under analysis, the first phase is the collection of data, usually denoted as Risk Analysis, i.e identification of hazards present in the workplace and work environment as well as the exposed workers, and identification of potential consequences of the recognized hazards – risks, i.e. the potential causes of injury to workers, either a work accident or an occupational disease. This is followed by the Risk Assessment phase, which includes the risk evaluation, the ranking of the evaluated risks and their classification in acceptable or unacceptable. At the end of this phase the unacceptable safety and health risk situations are identified. The last phase is Risk Control that includes designing/planning safety control measures to eliminate or at least to reduce risks to ALARP, followed by the implementation of safety control measures. This should be done using the following

obligations and its own occupational health and safety (OHS) policy (BSI, 2007).

out with an active participation/involvement of the entire workforce.

the event or exposure(s).

**2. Risk management** 

risk control).

hierarchy order, first prevention measures and after protection measures (NSW, 2011) (Harms-Ringdahl, L., 2001). The safety control measures to be implemented should be based on the current technical knowledge, and good practices. Part of the risks could be transferred to insurance companies. In EU is mandatory that employers have an insurance coverage for work accidents for each worker. This way part of the risk is transferred to the insurance companies. It is very important that employers know where the risks are in their organizations and control them to avoid putting at risk the employees, customers and the organization itself.

Fig. 1. Phases of the risk management process (Nunes, I. L., 2010b)

Further, in EU is a legal requirement that information and training courses are provided to workers, since workers must know the risks they are exposed to.

The standard risk assessment approach, for different risks (e.g., falls, electrical shock, burn, burying due to trench collapse, crushing) is based in the evaluation of the risk level, which results from the combination of two estimated parameters. One is the likelihood or probability of an occurrence of a hazardous event or exposure(s); and the other is severity of injury or ill health that can be caused by such event or exposure(s). These estimations are based on data regarding the presence of the hazards or risk factors in the workplace and the adequacy of the control measures implemented (prevention and protection measures).

Applications of Fuzzy Logic in Risk Assessment – The RA\_X Case 25

assessment processes. On the other hand there are no steady and Universal rules to use for the assessment (e.g., action and threshold limit values) and the advice (e.g., regulations). These challenges call for solutions that are innovative in terms of methodologies, flexible in terms of tailoring to a specific regional context, and adaptive to deal with new or emerging

The motivation for the development of the Risk Analysis Expert System (RA\_X) was to make use of some emergent instruments offered by the Artificial Intelligence toolbox, namely the use of fuzzy logics in the development of a fuzzy expert system. Fuzzy Logics has been used to handle uncertainty in human-centred systems (e.g., ergonomics, safety, occupational stress) analysis, as a way to deal with complex, imprecise, uncertain and vague data. The literature review performed by (Nunes, I. L., 2010a) characterizes and discusses

Expert Systems (ES), also called knowledge-based systems, are computer programs that aim to achieve the same level of accuracy as human experts when dealing with complex, illstructured specific domain problems so that they can be used by non-experts to obtain answers, solve problems or get decision support within such domains (Turban, E. et al., 2004). The strength of these systems lies in their ability to put expert knowledge to practical use when an expert is not available. Expert systems make knowledge more widely available and help overcome the problem of translating knowledge into practical, useful results. ES architecture contains four basic components: (a) a specialized Knowledge Base that stores the relevant knowledge about the domain of expertise; (b) an Inference Engine, which is used to reason about specific problems, for example using production rules or multipleattribute decision-making models; (c) a working memory, which records facts about the real world; and (d) an interface that allows user-system interaction, as depicted in Figure 2.

A Fuzzy Expert System is an ES that uses Fuzzy Logic in its reasoning/inference process and/or knowledge representation scheme. For more information about Expert Systems see, for instance, (Turban, E. et al., 2010), (Gupta, J. N. D. et al., 2006), (Turban, E. et al., 2004).

The main objective of RA\_X is assisting the risk management process, which is key for the promotion of safety and health at work, by identifying, assessing and controlling occupational risks and advising on the application of corrective or preventive actions. One requirement for this system is the adoption of a flexible framework that can be easily customized to the particular needs and specificities of groups of users (e.g., particular fields of activity, different national/regional legislation and standards). The underlying concept was first presented in (Nunes, I. L., 2005) and the proof of concept for the risk assessment

In (Nunes, I. L., 2005) it was described the Fuzzy Multiple Attribute Decision Making (FMADM) model developed by the author for the evaluation of risk factors. This model was applied in two different risk assessment contexts, for ergonomic analysis and for risk analysis for work accidents. The ergonomic analysis FMADM model was used in the ERGO\_X fuzzy expert system prototype and in the subsequent implementation of the FAST ERGO\_X fuzzy expert system. To learn more about ERGO\_X and FAST ERGO\_X see, for instance, (Nunes, I. L., 2006a, b, 2007, 2009). This article offers a view of the current state of evolution of the FMADM model for the risk analysis for work accidents that was introduced in (Nunes, I. L., 2005) used for the development of the RA\_X fuzzy expert system and

presents an example applied to the risk management in the construction industry.

risks and regulations.

some examples of such applications.

phase was presented in (Monteiro, T., 2006).

The estimations of these parameters usually involve imprecise or vague data, incomplete information or lack of historical data that can be used to produce statistics. This is the reason why the introduction of methodologies based on fuzzy logic concepts can improve risk assessment methods.

Another important aspect in risk management is that there is no single cause (or simple sequence), but rather an interaction of multiple causes that directly and indirectly contribute to an occupational accident, the so-called cumulative act effects (Reason, J., 1997). The Reason model for the study of accident causation lies on the fact that most accidents can be traced to one or more of four levels of failure: organizational influences, unsafe supervision, preconditions for unsafe acts, and the unsafe acts themselves. The organization's defenses against these failures are modelled as a series of barriers. The barriers could be physical or organizational. The model considers active failures (unsafe acts that can be directly linked to an accident) and latent failures (contributory factors in the work system that may have been hidden for days, weeks, or months until they finally contributed to the accident) (Reason, J., 1997).

Therefore, is important to include organizational and individual factors in the risk management process. This is also in accordance with more holistic views, recognized by several authors, that consider also a host of other factors (e.g., individual, psychosocial) that can contribute to the risk (EC, 2009), (EASHW, 2002).
