The bowtie risk analysis model is used to help simplify risk assessment and support business understanding of risk. Much like the name suggests, this style of risk assessment uses a format that looks like a bowtie.

It enables users to conceptualise the interaction of causes, controls and consequences of a business risk. The bowtie risk analysis model can also provide a systematic examination of the business, identifying all circumstances which may give rise to risks.

Essentially, it provides a detailed study of the cause and recovery mechanisms for the principal risks within an organisation.

Key Steps for a Bowtie Risk Analysis

1. Define the top event (define what the unwanted event is that you are actually assessing)
2. Then identify the various threats which could cause the top event to be realised
3. Detail the existing protection barriers (controls) for each threat identified
4. Then for each barrier, define their escalation factors (these are factors that could make the barrier fail)
5. Identify for each barrier their escalation factor controls – i.e. Controls that prevent or minimise the possibility of the barrier or the recovery measures becoming ineffective
6. Then identify the consequences of the top event occurring – noting the top event could have several consequence outcomes
7. Identify the recovery measures to the top event – these are the factors that control that risk issues
8. Identify for each recovery measure their escalation factors and escalation factor controls
9. For each barrier, recovery measure and escalation factor controls, identify further safety actions that will prevent them from being realised
10. Ensure these actions are then assigned for review and follow up to the responsible staff member

This process may sound complex but worked through logically, it can deliver key outcomes and understanding of business risks. A vast amount of detail is generated from this process – it’s important to capture it all to enable full understanding.

In its basic form, the bowtie process can look like this following diagram:

Bowtie Risk Analysis

A bowtie can also provide an excellent tool to demonstrate the principal risks and controls to workers and senior executives. It enables the reader to work through the different stages of how an event could occur through outlining the potential precursor events and recovery mechanisms.

One of the many benefits of the InControl HSQE software is that its risk assessment technique is based on the bowtie risk analysis process. This enables users to very simply bring this complex risk management technique into their standard operational HSQE Management processes.

As well as being able to complete and store the bowtie process within the InControl software, these assessments can be linked to events (i.e. incidents, near misses, hazards etc.). As these are reported into the same system, this can prompt a review of existing threats/controls and provide detailed risk analysis of the reported event data against the business risks.

This functionality brings detailed risk analysis alive within the business.

Below is an example of the bowtie within InControl:

What next?

As the NZ partner for INX InControl software solution, Intesafety can assist you by providing a comprehensive software package to manage and centralise all your HSQE functions. We can also assist with facilitation of your bowtie risk assessments – ensuring they are fully detailed within the system, actions are assigned and risks regularly reviewed.

Get your business fully understanding its risk profile. Call us today for a free demonstration of the InControl software and our specialist Health and Safety Management Services.