Skip to content

Incident Management. WHS Series Session 7.

In this blog, David Tattam summarised his insights from the seventh live session "WHS Incident Management " in the webinar series "A Deep Dive into Workplace Health and Safety".

In our 6th webinar, I was joined by my colleague Adel Fakhreddine, Head of Sales for APAC. We looked at the Visualisation of WHS Concepts in Protecht.ERM covering:

  • Risk & Hazard Assessment Framework
  • Risk & Hazard Identification
  • Key system considerations 

In the 7th webinar of the series I was joined again by Michael Martin from C-Suite Safety Solutions to discuss WHS Incident Management. 

Objectives of Incident Management

The key objectives of Incident Management are:

  •  Minimise the impacts / consequences
  •  Understand the reasons for the incident (root causes)
  • Identify control weaknesses and control gaps
  • Learn from the incident and implement improvements
  • Increase knowledge of risks in the workplace
  • Meet regulatory requirements

In the webinar, Michael and I discussed in where Incident Management is addressed in ISO 31000,  ISO 45001 and within a typical Enterprise Risk Management (ERM) Framework.

For ISO 45001, Incident Management relates to 'emergency preparedness and response.' 

Michael explained how we need to establish, implement, and maintain a process needed to prepare for and respond to potential emergency situations, this Planned Response includes:

  • Training for planned response
  • Testing and exercising planned response
  • Evaluating and revising planned response
  • Duties and responsibilities of workers re planned response
  • Communicating relevant information to other parties
  • Capabilities, needs, and involvement of interested parties
  • Information documented on the planned response processes
The Keys to managing Incidents well

The key lies in Investigation. We can learn from what went wrong, especially from "Near Misses". There is no one way to do this, many formats work well but all must be documented and practiced to ensure that they are suitable and effective.

In the webinar we discussed the importance of creating a culture where people feel safe to call out Incidents (and near misses) so that they can be managed in a timely fashion and so we can learn from them. We need to normalise and incentivise staff to call out Incidents.

Communication is also key. We need to constantly communicate with our stakeholders and ensure consistency of our messaging. In the webinar Michael stressed the importance of truth and transparency. .

It is important to take responsibility for Incidents and learn from them. A period of reflection is crucial to trace the root cause. Mature organisations realise the importance of this step and have robust root cause analysis processes in place.  With this in mind, our first poll asked 'How well do you record "Near Misses" in your organization?'

WHS Webinar 7 Poll 1

  • 57% of participants encouragingly said there is a formal process (but it it is not consistency followed)
  • 26% of participants said there is a comprehensive functioning recording process 
  • 11% said there was no recording of "Near Misses"
The Incident/ Crisis Management Plan & Process

As we explored earlier in the webinar, it is key that we establish, implement, and maintain a process needed to prepare for, and respond to, potential emergency situations. Planning is key.

Michael stressed how important it is to put this theory into practice and how having a system with automation in place such as Protecht.ERM can support the process, through input, automated workflows, forms, and ultimately reporting.

Michael stressed the importance of time in WHS Incident Reporting and the importance of having a Safety Incident response Team (SIRT) in place. If the incident risks are high, making a phone call is much more crucial than entering the data into the system. Data entry can be done at a later stage. It is recommended that one person is responsible for the entry and administration of the system to ensure consistency and a single source of truth.

Incident Investigation & Root Cause

Using Bow-Tie Analysis, which we covered in detail in Webinar 1 & 2 of this series, we can analyse and investigate the root-cause of an Incident. We can map out a complete picture of an incident and identify any Control Gaps or Weaknesses. These gaps can then be strengthened with Actions and remediation. Using the ALARP (As Low As Reasonably Practicable) concept we may accept the Risk if it is within appetite or treat the risk if it not.

For WHS we look to our Hierarchy of Controls to assist in determining the best response. Once a corrective action has been formulated we must monitor them to ensure timely implementation. This requires responsibility to be assigned and due dates met, as illustrated by the Protecht.ERM Actions Dashboard:



In our second poll we asked 'How well do you believe your organisation identifies the real root cause(s) of incidents?' Here are the results:

WHS Webinar 7 Poll 2

  • 50% of participants rated their organisations identification of the real root cause(s) of incidents as Fairly Strong
  • 35% of participants rated their organisations identification of the real root cause(s) of incidents as Fairly Weak
  • Only 9% of participants rated their organisations identification as Very Weak

Our passion at Protecht, as we have explored over the past 7 webinars, is on proactive risk management, as illustrated by the 50% above. For those of you who rated your organisation below this level, I strongly encourage you to keep asking why? create a 'challenge culture' within your organisation, to drill into the root cause and factor in proactive improvements.

Reporting & Communication

As we explored earlier in the webinar, creating a process around Reporting and Communication is key. Ensure that this process works in practice and not just on paper!

Identifying who gathers this information and how it is recorded needs to be defined in advance. Create a discipline and stick to it. 

In WHS, phone should be the initial mode of communication. Once data is entered into a system it should be the single source of truth.

It is important to use an effective and efficient system to facilitate this process. Our Protecht.ERM system is just that, able to support your WHS incident management and much more.  

In the webinar we looked at some examples of Incident Management reporting as well as dynamic reporting using, as an example, Protecht's Risk in Motion Dashboard. In Webinar 11 of this series, we will cover the Reporting in more detail.

We were interested to find out what systems were being used to 'manage and report incidents?' Here are the results:

WHS Webinar 7 Poll 3

  • 56% of participants have a dedicated WHS incident Management system
  • 24% of participants have a dedicated part of an overall ERM system
  • 21% of participants have a variety of informal systems

For those of you in the 21% we encourage you to start using a system to manage and report on your incidents. We believe that an integrated system, such as Protecht.ERM will give you that integrated view of your Risks and WHS Risks, enabling more proactive Risk Management.

In our next webinar we will continue our deep dive into WHS by looking at Controls Design and Controls Assurance in WHS.

To access the recording of the previous webinars and to save your spot for the upcoming webinars click the image below:

WHS webinar CTA


About the author

David Tattam is the Chief Research and Content Officer and co-founder of the Protecht Group. David’s vision is the redefine the way the world thinks about risk and to develop risk management to its rightful place as being a key driver of value creation in each of Protecht’s clients. David is the driving force in driving Protecht’s risk thinking to the frontiers of what is possible in risk management and to support the uplift of people risk capability through training and content.