A Deep Dive into Workplace Health and Safety: Fortnightly Webinar Series.
More Information

Enterprise Risk Management (ERM) is becoming increasingly accepted as an integral part of business management processes within successful organisations.

ERM can be defined in many ways but whichever way it is defined, a key feature should be the integration of all of the risk functions across an organisation, including WHS. This blog addresses:

  1. What does integration of WHS and ERM mean?
  2. What value does a fully integrated WHS/ERM bring?
  3. How do you go about achieving integration

What does integration of WHS and ERM mean?

Workplace, Health & Safety (WHS) as a discipline has been around longer than Enterprise Risk Management (ERM). In most organisations, it is a mature function and related legislation and guidance is equally as mature.

ERM is focused on managing all risks across an organisation in a consistent manner with the ability to report risks in an aggregated manner to management, committees and Board.

The integration of WHS and ERM involves the seamless connection between the WHS function and the ERM corporate function. 

What value does a fully integrated WHS / ERM bring?

The benefits and value created by this integration are as follows:

1. Consistency of data and reporting at all levels with drill down capability.

WHS data collected at the granular level becomes the single source of truth.  It is then linked to aggregated information categories including the WHS risk type, the risk cause type, the risk impact type and the control type. This allows complete consistency of reporting as the same information is used for multiple purposes at each level of the organisation. In addition, due to the linking of data, Board and Management reports can incorporated drill down capability to allow easy investigation and analysis of aggregated data. 

Say goodbye to spreadsheets and manage safety hazards, WHS incidents and inspections in a single system. Visit our WHS page!

2. Maximum efficiency

Integration leads to optimal efficiency as WHS processes are performed once, data is collected once yet it is used multiple times. Reporting to senior management and the board is seamless.  There is no dual keying of data and duplication of effort.

3. Greater transparency at senior level of the WHS function.

The aggregation of a range of WHS data to enable senior management and board reporting provides greater visibility of the WHS function. Senior management and Board are made aware of key of the key issues on an ongoing basis as part of their enterprise management risk management function. This can raise the profile of WHS and also ensure resources are made available for the key matters requiring attention.

4. Enhanced reporting of risk information.

The linking of WHS data through to ERM, especially the linkage of WHS information to risk event types, allows the enhancement of reporting through the ability to aggregate all available information to the risk type and report dynamically. We at Protecht refer to this as RiskInMotion.

whs+blog+image 01-1

Fig 1. Example of WHS Dashboard Reporting

How do you go about achieving integration?

There are a number of key elements to consider in achieving string integration of WHS and ERM. These include:

1. Viewing and analysing WHS risks in a consistent manner as for other risks. A common methodology that can be applied to all risk is Risk Bow Tie analysis. This ensures that all risk types are treated consistently.

2. Ensuring that the various risk, hazard and control taxonomies used for WHS are mapped consistently to taxonomies used for ERM reporting. This would include taxonomies for:
  • Hazards
  • Root Causes
  • Risk Events
  • Risk Impacts
  • Controls
Fig 2. Example of Risk Event Taxonomy
This would then allow the linking of granular WHS risk events to ERM aggregated events at the corporate level.

3.  Mapping the categories of control used in WHS such as the hierarchy of controls to standard control categories used in ERM. For example, PPE (Personal Protective Equipment) would be mapped to “Corrective / Reactive” controls.

4. Align as far as possible the risk processes in WHS with the risk processes in ERM. For example:
  • Risk Assessments
  • Incident Management
  • Key Risk Indicators
  • Issues and Actions
  • Compliance
This ensures consistency of risk management for all risk types.

5. Use the same systems as far as possible. Your ERM system should cater for the WHS function with a WHS specialist module. This facilitates the integration seamlessly by supporting the WHS function for all of its processes yet provide the corporate view for senior management and board.

WHS is a critical component of ERM. In many organisations WHS is often the biggest risk. It is therefore critical that WHS and the ERM function are fully aligned. Integration is the key as WHS needs its specialist processes, terminology and legislation while at the same time, ERM needs to consistently view all risk and more specifically be able to report aggregated information to senior management and board.

A Deep Dive into Workplace Health and Safety
Find Out More

 WHS ProtechERM

Related Articles

feature image
Enterprise Risk Management, Operational Risk, Risk Professionals

Managing the War Room

One of the early observations we have made from the COVID-19 crisis experience to date relates to the operations of the war room and the crisis...
Read more
feature image
Enterprise Risk Management, Risk Management, Internal Audit, Internal Auditors

The 20 Critical Questions Directors Should Ask About Internal Audit Resourcing 

Organisation requirements 1. Does the internal audit function have the right amount of competent and professional resources to provide the right...
Read more
feature image
Health & Safety, Health & Safety Managers, WHS

Easy Monitoring with Health and Safety Incident Management Software

Our health and safety incident management software, Protecht.ERM, will help your organisation to minimise loss and disruption to your operations due...
Read more