What Is Risk-Based Thinking in ISO Standards?

Over the past two decades of working closely with clients in both the manufacturing and service sectors, I’ve witnessed firsthand the transformation that occurs when organizations stop treating compliance as a checklist exercise and start thinking in terms of risk and opportunity. With the 2015 revisions to many ISO standards, particularly ISO 9001, we saw a deliberate shift away from siloed “preventive actions” toward an integrated, strategic approach known as Risk-Based Thinking (RBT). 

This wasn’t just a semantic change. It marked a cultural evolution, an acknowledgment that uncertainty is inherent in every business process, and that success belongs to those who plan for it, not those who simply react to it. RBT has empowered organizations to navigate complexity with greater confidence, embedding foresight into their planning and decision-making at all levels. 

In this article, I’ll draw from real-world consulting experiences across diverse industries to demystify Risk-Based Thinking. We’ll explore what it really means, why it matters, how it supports proactive leadership, and what tools you can use to bring it to life within your own management system. Whether you’re guiding a mature enterprise or a fast-scaling startup, the principles of RBT are not only practical, but they’re also essential.

What Is Risk-Based Thinking (RBT)?

Risk-Based Thinking (RBT) is the proactive approach embedded in ISO standards like ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018. Rather than treating risk as a separate component, RBT integrates it into every facet of an organization’s management system. This shift moves organizations from a reactive stance to a proactive culture, where potential issues are anticipated and addressed before they escalate. 

In my consulting journey, I’ve observed that organizations embracing RBT don’t just prevent problems, they identify opportunities for improvement and innovation. For instance, a manufacturing client leveraged RBT to streamline their supply chain, resulting in reduced lead times and increased customer satisfaction.

How Risk-Based Thinking Supports Proactive Decision-Making:

  • Identifying Potential Risks and Opportunities: By assessing both internal and external factors, organizations can foresee strategic and operational challenges and capitalize on opportunities. 
  • Integrating Risk Assessment into Planning: This ensures that objectives are achievable, and resources are allocated effectively. 
  • Enhancing Stakeholder Confidence: Demonstrating a proactive approach to risk management builds trust among customers, suppliers, and regulators.

A service industry client I worked with implemented RBT in their project management processes. This led to improved project delivery times and a significant reduction in unforeseen issues.

Key Objectives of Risk-Based Thinking:

The primary goals of RBT include: 

  • Enhancing Organizational Resilience: By anticipating potential disruptions, organizations can develop contingency plans. 
  • Promoting Continuous Improvement: Regular risk assessments lead to ongoing enhancements in processes and systems. 
  • Aligning Risk Management with Strategic Objectives: Ensuring that risk considerations are integral to achieving business goals. Read clause 6.1 connected to clause 4.1 and 4.1 per ISO harmonized structure. 
  • Fostering a Culture of Risk Awareness: Encouraging employees at all levels to consider risk in their daily activities. Clause 7.3 drives awareness to employees on how they can contribute to the system.

Practical Application of Risk-Based Thinking:

Implementing RBT involves: 

  1. Contextual Analysis: Understanding the organization’s internal and external environment. 
  2. Risk Identification: Recognizing potential events that could impact objectives. 
  3. Risk Assessment: Evaluating the likelihood and impact of identified risks. 
  4. Risk Treatment: Determining appropriate actions to mitigate or capitalize on risks. 
  5. Monitoring and Review: Continuously tracking risk factors and adjusting strategies accordingly.

Comparison: Preventive Action (Old) vs. RBT (New):

Previously, ISO standards emphasized preventive actions as separate clauses. However, this often led to a checkbox mentality, where organizations implemented measures without truly integrating them into their processes. 

With RBT: 

  • Integration: Risk considerations are embedded throughout the management system. 
  • Proactivity: Organizations anticipate and address potential issues before they occur. 
  • Flexibility: RBT allows for tailored approaches based on the organization’s specific context. 

This evolution encourages a more dynamic and effective approach to risk management. 

Tools & Techniques to Support Risk-Based Thinking:

1. SWOT Analysis (Strengths, Weaknesses, Opportunities, Threats) 

Use: SWOT analysis helps organizations evaluate their internal strengths and weaknesses, alongside external opportunities and threats. It’s particularly useful during strategic planning sessions or when entering new markets or launching new products. 

When to Use: Early in the business planning process or during the review of the organization’s context. 

Clause Alignment: ISO 9001:2015 – Clause 4.1 (Understanding the organization and its context) and Clause 6.1 (Actions to address risks and opportunities). This tool ensures that strategy and quality objectives are grounded in a realistic assessment of the internal and external environment. 

2. Failure Mode and Effects Analysis (FMEA) 

Use: FMEA systematically evaluates potential failure points in a product, process, or system and ranks them by severity, occurrence, and detection. It’s widely used in manufacturing, healthcare, and aerospace sectors. 

When to Use: During product design, process development, or when implementing changes that could introduce new risks. 

Clause Alignment: ISO 9001:2015 – Clause 8.3 (Design and development of products and services) and Clause 6.1 and 8.1. It supports risk-based planning and preventive strategies by analyzing “what could go wrong” and mitigating those risks before implementation. 

3. Risk Registers 

Use: A risk register is a living document that captures identified risks, assesses their likelihood and impact, and outlines mitigation actions and responsible parties. It provides transparency and traceability for risk management activities. 

When to Use: Continuously throughout project lifecycles or operational management, especially in industries like construction, logistics, or IT. 

Clause Alignment: ISO 9001:2015 – Clause 6.1 and Clause 9.1 (Monitoring, measurement, analysis and evaluation). It helps document ongoing risk review processes and links actions to strategic and operational plans. While not a requirement it is beneficial. 

4. Root Cause Analysis (RCA) 

Use: RCA investigates underlying causes of nonconformities, defects, or failures to prevent recurrence rather than just treating symptoms. It’s a staple in corrective action processes. 

When to Use: After incidents, near misses, or nonconformities—often triggered by audit findings or customer complaints. 

Clause Alignment: ISO 9001:2015 – Clause 10.2 (Nonconformity and corrective action). It supports continual improvement by ensuring lessons are learned and corrective actions address the source of problems. 

5. ISO/IEC 31010 – Risk Assessment Techniques 

Use: This standard outlines a variety of risk assessment tools including brainstorming, checklists, fault tree analysis, and bowtie analysis. It offers structured approaches tailored to industry-specific needs. 

When to Use: Depending on organizational maturity, criticality of operations, or regulatory environment. 

Clause Alignment: Supports ISO 9001:2015 – Clause 6.1, as well as clauses in ISO 14001 and ISO 45001 related to risk and opportunity planning. This framework provides flexibility for choosing appropriate methods suited to specific organizational risks. 

These tools, when chosen and applied correctly, don’t just satisfy audit checklists, they cultivate a culture of resilience and foresight. Over the years, I’ve seen organizations evolve by not just using these techniques mechanically, but integrating them into daily decision-making, making risk-based thinking a true operational philosophy rather than a compliance exercise. 

Understanding ISM Code Compliance for Maritime Operators

ISM

Having spent over 15 years in the maritime and compliance world, and a further decade working with various international Flag Administrations, I’ve seen firsthand the shift from traditional shipping operations to a more safety- and systems-driven industry. One of the major forces behind that transformation? The International Safety Management (ISM) Code. For maritime operators today, ISM Code compliance isn’t just about ticking boxes, it’s about embedding a culture of safety, responsibility, and continual improvement into every layer of their operation.

What is the ISM Code?

There is a saying that regulations are written in blood. The ISM Code was born out of hard lessons learned from major marine accidents. The major event that acted as a catalyst in its development was the MV Hearld of Free Enterprise. Introduced by the International Maritime Organization (IMO) under the SOLAS convention, the code mandates that every shipping company operating SOLAS compliant vessels implement a Safety Management System (SMS), a system that governs practices for the safe operation of ships and prevention of marine pollution.

I remember when the ISM Code first rolled out in the ’90s. Many shipowners were skeptical, and some even resistant. Back then, I was sailing with a company who was navigating the early implementation. The real challenge was shifting the mindset, from reactive firefighting to proactive risk management. From a documentation exercise to a shift in the way operations were done. That’s where I learned: policies are easy to write, but real compliance starts with people.

Why ISM Code Compliance Matters More Than Ever

Today, ISM Code compliance is not optional—it’s foundational. For operators navigating increasingly complex global regulations, it offers several key benefits:

  • Safety First: The SMS serves as a blueprint for safe operations at sea. I’ve seen it reduce incidents dramatically when implemented properly.
  • Environmental Responsibility: With public scrutiny and environmental regulations tightening, having structured pollution control measures is non-negotiable.
  • Credibility & Trust: In one of my past sailing tenures with a major operator, ISM compliance helped secure long-term contracts with charterers. Clients want to work with companies that can prove they’re managing risks responsibly.
  • Operational Clarity: When roles, responsibilities, and procedures are clearly outlined, decision-making becomes faster and more consistent.

The Core Objectives of the ISM Code

The ISM Code objectives listed in clause 1.2 remain as relevant now as when the code was first introduced. Clause 1.2 is about outcomes, not just documents. It’s about creating a system that actually prevents harm, not just reacts to it.

For me, ISM Code compliance under Clause 1.2 isn’t just about passing an audit, it’s about building a culture where every person onboard understands their role in safeguarding lives, the vessel, and the environment. It requires integrating risk assessments into planning, ensuring safe working practices, maintaining the ship properly, and always being prepared for emergencies.

I always emphasize these objectives when training ship and shore staff. It’s not about overwhelming them with paperwork, it’s about aligning them with a purpose. The code provides the structure; we provide the commitment.

Key Elements of ISM Code Compliance

A fully compliant SMS includes:

  • Safety and Environmental Protection Policy
  • Defined Roles and Responsibilities
  • Safe Operating Procedures
  • Emergency Preparedness
  • Reporting and Analysis of Incidents
  • Internal Audits and Continuous Improvement

One of the best implementations I facilitated was for a regional bulk carrier. We not only developed the vessel SMS but aligned office procedures, and built an SMS that didn’t just sit in a manual, it lived on the bridge, in the boardroom and in the daily practices of personnel.

The Compliance Process for Maritime Operators

Getting compliant involves more than a checklist. Here’s a simplified roadmap:

  1. Gap Analysis – Review what you already do and what the code expects. Does it reflect the operational reality or is it a fictional system?
  2. SMS Development/Update – Build or refine your safety management system. Comprehensive reviews when done after many years can lead to a reduction in documentation by over 20 percent.
  3. Training & Awareness – Everyone onboard and ashore must know their part. How do they contribute to the effectiveness of the system.
  4. Certification – Obtain the Document of Compliance (DOC) and Safety Management Certificate (SMC) through audits.
  5. Ongoing Monitoring – Regular internal audits and management reviews keep the system alive and evolving.

Common Challenges in ISM Code Compliance

Let’s be real, compliance has its hurdles:

  • Top-down Disconnect: Without leadership buy-in, the SMS becomes a box-ticking exercise.
  • Crew Resistance: “We’ve always done it this way” is a common attitude.
  • Training Gaps: If your crew doesn’t understand the ‘why’ behind procedures, they won’t follow them.
  • Audit Fatigue: Poor recordkeeping and rushed preparation can derail audits.

My advice? Keep it simple. Make procedures practical, not bureaucratic. Involve the crew in developing routines. That’s how you make compliance sustainable.

The Future of ISM Code Compliance and Technology’s Role

The maritime industry is changing fast. Digital tools are making compliance easier and smarter:

  • Cloud-based SMS systems offer real-time updates and reduce paperwork.
  • Remote audits became mainstream during the pandemic—and they’re here to stay. Where a full remote audit is not feasible consider hybrid audits.
  • Data analytics can identify patterns in incidents and help prevent them.
  • Mobile apps for onboard reporting are empowering seafarers to be active players in the compliance process.

Look at mistake proofing of the system. So even if a human wanted to make an error the system would prevent it.

In Conclusion, ISM Code compliance isn’t just about certificates. It’s about creating a safety culture that protects your people, your assets, and the environment. For maritime operators willing to invest the effort, the returns in safety, efficiency, and reputation are well worth it.

If you’re a maritime operator looking to simplify or strengthen your ISM safety management system, I’m happy to share more from my experiences. As someone who’s walked ship decks, sat in boardrooms, worked with Flag Administrations and led audits, I believe that compliance done right isn’t a burden—it’s a competitive advantage.

Internal vs External Audits: What Every Business Owner Should Know

The Strategic Importance of Audits for Business Owners

Audits are more than compliance checks; they are strategic tools that provide insights into performance, risk, and improvement opportunities. Engaged business leaders use audit results to drive better decision-making and long-term success. When conducting well, they provide leadership insights into where they may have to re-prioritize or allocate resources, where policies may be in conflict, what may be working well and where the system needs their leadership intervention.

What Are Internal and External Audits?

Internal Audits: Performed by or for the organization to check its own processes. These may be process audits or full system audits.

External Audits: These could be supplier audits (second party) or certification regulatory audits (third party). Third party audits are conducted by a third-party or certification body to verify compliance with standards.

Internal and external audits differ in breadth and depth of the audit based on scope and objective.

Why External Audits Should Be Taken Seriously?

External audits affect certification, reputation, and client confidence. A successful external audit demonstrates credibility and reliability.

Tip: Be prepared, be honest, and see auditors as partners in your improvement journey.

How to Prepare for Both Audits?

  • Keep documentation current
  • Review and close previous findings
  • Train staff on audit processes
  • Conduct mock audits
  • Engage leadership in the audit process

Conclusion:

ISO audit and their findings are not to be feared. They are valuable tools for identifying weaknesses and driving continuous improvement. With the right mindset and preparation, audits can move beyond mere compliance and become a core part of your strategic growth. Organizations that stay audit-ready show that they are not only compliant but also committed to excellence.

Top 10 Common ISO Audit Findings and How to Avoid Them

Importance of Being Audit-Ready:

Audits serve a critical role in verifying that an organization’s processes are aligned with established standards and functioning as intended. Far from being a punitive exercise, audits offer valuable insight into the strengths and weaknesses of a management system.

In my three decades of working with organizations across industries, one universal truth remains. An audit is not a surprise inspection, it’s a mirror. It reflects your organization’s systems, leadership engagement, and cultural commitment to quality and improvement. 

However, many organizations approach audits reactively, preparing only when one is imminent. This mindset often leads to unnecessary stress, inefficiencies, and missed opportunities for improvement. Being audit-ready means that compliance and performance monitoring are built into everyday operations, not treated as one-time events.

When an organization maintains a state of readiness, it reflects a culture of discipline, transparency, and continual improvement. Employees are aware of their responsibilities and of their processes, documentation is up-to-date, and leadership is engaged in the oversight of the system. This proactive approach not only supports successful audit outcomes but also enhances organizational resilience, stakeholder trust, and long-term sustainability.

Understanding ISO Audit Findings: What They Are and Why They Matter:

ISO audit findings are the documented results of an audit. Specifically, they identify areas where an organization’s management system either conforms to or deviates from the requirements of the ISO standard being audited. Findings can range from conformities, to observations (areas for potential improvement), to nonconformities, which indicate a failure to meet a specific requirement.

Audit findings are like diagnostic tools. Much like a physician’s report, they highlight where systems are healthy and where they need attention. Nonconformities, in particular, require careful attention. They are typically classified as minor or major. Left unaddressed, even minor nonconformities can escalate and lead to reputational damage, customer dissatisfaction, or even loss of certification.
In essence, audit findings are not setbacks, they are stepping stones toward improvement.

1. Poor Document Control

Uncontrolled, outdated, or missing documents can quickly lead to findings. Document control is critical for ensuring staff use the correct and current information. Organization can avoid this ISO Audit finding by implementing version control, limiting access to documentation, voiding printed copies of documentation, training employees on document management and regularly reviewing and updating procedures

2. Incomplete or Missing Records

Auditors expect to see evidence that procedures are being followed. If records are absent, it creates doubt about system effectiveness. Was the work really done? Further incomplete records are not able to evidence if the process step was followed as required by the procedure.

Organization can avoid this ISO Audit finding by automating recordkeeping, performing regular record audits, employee awareness and assigning clear ownership for maintaining records

3. Lack of Management Review

Without regular management reviews, there’s no top-level oversight of the system’s performance and alignment with strategic goals. Clause 9.3 of the ISO standards requires these reviews to be done at planned intervals. In some cases the organization may evidence the inputs provided to management but the outputs (decisions and actions) fail to get recorded.

Organizations can avoid this ISO Audit finding by scheduling periodic reviews, using metrics to guide discussions, making sure the leadership participates and documenting decisions and follow-up actions.

4. Ineffective Internal Audits

Weak internal audits fail to uncover problems and leave issues for external auditors to find. This could be caused by  poorly trained and qualified auditors, poor audit planning, using ‘canned’ checklists and a fear of audits and non-conformities causing personnel to hide issues.

Organizations can avoid this ISO Audit finding by training auditors from recognized training providers like QMII, auditing processes and not just documents, closing out internal audit findings promptly.

5. Unclear Roles and Responsibilities

When staff are unsure of their responsibilities, process gaps and accountability issues arise. In companies I have worked with there sometimes arises a confusion from where it is not clear which operator will conduct the task since all have the same job descriptions. 

Organizations can avoid this ISO Audit finding by defining roles and responsibilities in a RACI matrix or in the documented procedure, communicating changes clearly and verifying understanding during onboarding and training.

6. Non-Conformance Not Properly Addressed

Failure to analyze root causes or verify corrective actions can lead to repeat findings. A common cause of this may be a poorly written non-conformity as also a lack of structured root cause analysis training.

Organizations can avoid this ISO Audit finding by following a structured corrective action process, using tools like 5 Whys or Fishbone diagrams and reviewing the effectiveness of corrections

7. Lack of Risk-Based Thinking

ISO standards expect organizations to identify and manage risks proactively. Many still rely too heavily on reactive approaches. In some cases, risks are known, but are not passed up the chain because no structure exists for this to occur. Organizations can avoid this ISO Audit finding by including risk assessments in the planning phase, training staff on risk identification and maintaining a risk register that is updated on a regular basis. 

8. Insufficient Training or Competence

Staff who aren’t trained properly or lack required skills pose a compliance risk. Organizations can avoid this ISO Audit finding by developing and using a skills matrix, providing refresher training, linking training to performance reviews. Once the training is complete organizations must have a process to verify that training resulted in competence. 

9. Failure to Meet Customer or Regulatory Requirements

Not understanding or failing to meet these requirements can lead to major nonconformities. This occurs when organizations do not have a robust process for determining new requirements that may impact them and planning ahead to mitigate the risks. 

Organizations can avoid this ISO Audit finding by reviewing customer contracts and regulations, staying updated on evolving regulations, conducting compliance checks and keeping requirements visible to relevant teams.

10. Lack of Continual Improvement Evidence

Without records of improvement, your ISO system can appear stagnant and ineffective. Organizations can demonstrate to auditors that they meet the intent of continual improvement by trending and tracking KPIs, logging and reviewing improvement initiatives and recognizing and rewarding improvements

How to Retain Auditor Training Knowledge When You Can’t Apply It Immediately 

Completing an auditor training course is an exciting milestone. You walk away with frameworks, methodologies to create checklists, audit question techniques, and—if you’re like most professionals—a head buzzing with new knowledge. Ideally, you’d jump right into an audit and apply your skills, reinforcing what you’ve learned while it’s still fresh. But what if that opportunity doesn’t come right away? 

At QMII, we recognize this common challenge among our alumni. Let’s explore effective strategies to bridge the gap between training and practice—so that knowledge doesn’t fade but instead becomes a solid foundation for your future audit work. 

1. Simulate Real-World Scenarios 

Action: Design mock audits for yourself or with peers. 

Even without access to an organization’s system, you can simulate an audit process by reviewing publicly available quality manuals, environmental reports, or sample procedures including your own. Pretend you’re preparing for an audit: write an audit plan, create checklists, additional documentation you would request and practice conducting document reviews. 

Tip: Use scenarios from your training or past experience and ask yourself: 

  • What would I ask as an auditor? 
  • What evidence would I seek? 
  • What risks could be present? 

2. Start a Learning Journal 

Action: Reflect on key concepts, standards clauses, and audit techniques by writing them down in your own words. 

Journaling isn’t just for reflection, it’s a brain-anchoring technique. When you write out what you remember and how you would apply it, you’re reinforcing neural pathways tied to that knowledge. 

Include: 

  • Summaries of ISO clause requirements. 
  • How you would handle nonconformities. 
  • Sample non-conformities within your organization and write down your assessment of them as also the effectiveness of corrective actions. 

3. Teach Others What You Learned 

Action: Participate in knowledge-sharing sessions. 

There’s no better way to solidify your understanding than teaching others. Reach out to other auditors in your organization and discuss applicability and interpretation of a clause. Participate and contribute to discussions on LinkedIn forums. Search the web for interpretation of clauses and see the differences as opined by various different personnel. 

Bonus: You’re also building your credibility and visibility as an auditor. 

4. Stay Active in the QMII Alumni Network 

Action: Engage with blog articles, LinkedIn posts, ask questions, and share insights. 

QMII’s alumni network offers a treasure trove of experience. Staying engaged keeps you in the loop on best practices and might even lead to mentoring or shadowing opportunities. React to blogs written by QMII, contribute articles for QMII blog, comment on QMII posts and connect to QMII alumni. 

Don’t hesitate to: 

  • Ask others how they’re maintaining their skills. 
  • Request mock audit partnerships. 
  • Share resources and templates you’ve created. 

5. Continue the Learning Loop 

Action: Sign up for webinars, read audit case studies, and revisit your course materials regularly. 

Audit skills are built not just on knowledge, but on judgment, observation, and communication. You can sharpen these even while waiting for your first official audit assignment. 

Suggested activities

  • Attend QMII webinars or ISO updates. 
  • Subscribe to quality-focused newsletters. 
  • Read ISO audit case studies and identify what went wrong—and why. 

6. Request to Observe Internal Audits 

Action: If you’re part of an organization, ask to shadow an experienced auditor. 

Even if you’re not leading, observing an audit helps you internalize the structure, flow, and behavioral nuances of auditing. Jot down observations on auditor behavior, techniques, and interaction styles. Create your own checklists and then compare it to that prepared by the lead auditor. Discuss the differences after the audit. 

If your organization doesn’t have an active program, this is a great opportunity to propose starting one—a value-added initiative from a proactive auditor-in-training. 

Final Thoughts: Don’t Let the Gap Become a Gully 

Skills fade when left idle, but they flourish with even light engagement. Whether it’s through simulation, teaching, journaling, or community interaction, there are numerous ways to keep your audit knowledge sharp and ready. 

At QMII, we believe that continual improvement isn’t just for organizations, it’s a personal practice. Stay connected, stay curious, and keep that audit mindset active until your next assignment arrives. 

Have your own tips for retaining training knowledge? 
Join the conversation by commenting on this blog or drop us a line—we’d love to feature your story! 

Human Error or a Bigger Problem? When to Dig Deeper

by Julius DeSilva

In the world of process improvement and problem-solving, human “user” error can often become the go-to explanation when things go wrong. A mis-entered data point, a forgotten step in a procedure, or a misconfigured setting—blaming the user is quick and easy. But how do you know when an issue is bigger than just user error?

Understanding when to dig deeper and identify systemic flaws is critical. By integrating structured approaches like Root Cause Analysis (RCA) and the PDCA (Plan-Do-Check-Act) cycle, organizations can shift from a reactive blame culture to a proactive, continual improvement mindset that eliminates recurring problems at their source.

The Prevalence of User Error in Different Industries

Human error has been identified as a significant contributor to operational failures across multiple sectors:

  • Cybersecurity: According to the World Economic Forum, 95% of cybersecurity breaches result from human error.
  • Manufacturing: A study by Vanson Bourne found that 23% of unplanned downtime in manufacturing is due to human error, making it a key contributor to production inefficiencies. The American Society for Quality (ASQ) reports that 33% of quality-related problems in manufacturing are due to human error.
  • Healthcare: The British Medical Journal (BMJ) estimates that medical errors—many due to human factors—cause approximately 250,000 deaths per year in the U.S. alone.
  • Aviation & Transportation: The Federal Aviation Administration (FAA) attributes 70-80% of aircraft incidents to human error, but deeper analysis often reveals process design issues, poor training, or missing safeguards.

These statistics reinforce a key point: Human error isn’t always the root cause—it’s often a symptom of a deeper, systemic issue.

Recognizing When to Look Beyond User Error

Here’s how to tell when an issue isn’t just a one-time mistake but a signal that the system itself needs improvement:

  1. Recurring Issues Across Multiple Users – If multiple employees are making the same mistake, the problem likely isn’t individual human error—it’s a flaw in the process, system design, or training. For example, if multiple operators incorrectly configure a machine setting, it might indicate confusing controls, inadequate training, or unclear documentation rather than simple user mistakes.
  2. Workarounds and Process Deviations – If employees consistently find alternative ways to complete a task, the system may not be designed for real-world conditions. If workers routinely bypass a safety feature because it “slows them down,” the process needs reevaluation; either through retraining, redesign, or better automation. At QMII, we always reinforce building a system for the users, built on the as-is of how work is done and then making incremental improvements.
  3. High Error Rates Despite Training – If errors persist even after proper training, the issue might be process complexity, unclear instructions, or a lack of intuitive system design. If employees consistently make minor mistakes, the system interface or workflow rules might need simplification rather than just retraining staff.
  4. Error Spikes in High-Stress Situations – Mistakes often increase under time pressure, fatigue, or stress. This suggests a workload or process issue rather than simple carelessness. In a maritime environment, high error rates during critical operations could signal staffing shortages, inefficient safety interlocks, or poor user interfaces on devices.

Instead of just fixing errors after they happen, organizations should use the PDCA (Plan-Do-Check-Act) cycle to continually improve processes and reduce the probability of recurring failures.

The PLAN-DO-CHECK-ACT Approach

PLAN – Identify the context and potential risks

  1. Identify the context of the process including the competence of personnel, user environment, complexity and influencing factors.
  2. Apply Failure Mode and Effects Analysis (FMEA) to predict where failures are likely to happen before they occur.
  3. Identify and involve representatives of users through the development of FMEAs and the process.
  4. When predicting controls and resources, determine the feasibility of implementing and providing them.
  5. Simplify procedures, redesign workflows, or introduce automation to eliminate failure points.

DO – Implement the Process and Improvements

  1. Implement the process and test it to check its effectiveness. In the initial stages more frequent monitoring and measurement will be required. The periodicity between checks can be reduced as the process matures.
  2. Provide user training and assess its effectiveness. When errors occur retrain personnel, but only if training is truly the issue—don’t use training as a Band-Aid for bad system design.
  3. Look beyond documented “standard-operating” procedures. As an example: The company implements a visual step-by-step guide near machines to ensure operators follow a standard calibration process.

CHECK – Evaluate the Results

  1. Track performance data to see if the changes have reduced errors.
  2. Get user feedback to ensure the new system is intuitive and efficient. For example, Error rates drop by 40%, but operators still struggle with a specific step—prompting another refinement.

ACT – Standardize & Scale

  1. If the improvement is successful, integrate it as the new standard process.
  2. Scale the change across other departments or sites where similar issues might exist. For example, the company implements the same calibration guide and training approach across all locations, preventing similar errors company-wide.

Conclusion: From Blame to Solutions

While human error is a reality, it’s often a symptom of a deeper process flaw, not the root cause. Those involved in conducting a root cause analysis process or investigation process, must ask “How did the system fail the individual” and “Why did the system fail the individual”. By shifting from a blame mindset to a continual improvement approach, organizations can:

  • Reduce costly errors and downtime
  • Improve employee engagement (less frustration = higher productivity)
  • Enhance conformity and compliance
  • Increase process reliability and efficiency

Monitoring the system will continue for as the context changes the controls implemented may not be as effective as before. A proactive system will not guarantee that things never go wrong. When they do, however, the key is to dig deeper. Using tools like PDCA, FMEA, and RCA will help in identifying long-term solutions to recurring problems. Because in most cases, fixing the system is better than blaming the human.

One-Off or Systemic: The Search for Root Causes

by Julius DeSilva

Accidents and failures, whether in maritime, aviation, healthcare, or nuclear settings, are often subjected to intense scrutiny to determine their root causes. However, the challenge lies in distinguishing whether an event is an anomaly or a symptom of a deeper systemic issue. This analysis is crucial as it directly influences the actions taken to prevent a recurrence or occurrence elsewhere. A management system approach, such as those outlined in ISO 45001 for occupational health and safety, ISO 9001 for quality management, or ISO 14001 for environmental management, provides a structured framework for systematically and proactively addressing risks when data exists.

Analysis of root causes: systemic failures

Root cause analysis is a fundamental investigative tool used to trace an incident to its origins. However, many organizations focus on immediate, apparent causes rather than examining systemic contributors and true root causes. Systemic failures result from weaknesses in policies, processes, or culture, and therefore, often recur in different forms over time.

The management system approach advocated by ISO standards and other industry-specific standards like the ISM code emphasize continual improvement and risk-based thinking. The intent of these standards is to reduce the probability of systemic failures by integrating safety, quality, efficiency, security, and environmental management into everyday operations.

Systemic failure example: Chernobyl

I recently read the book Midnight in Chernobyl, which outlined the 1986 Chernobyl nuclear disaster and the underlying systemic failures that contributed to this incident. Unlike isolated accidents, Chernobyl resulted from a combination of design flaws, operational errors, and a deficient safety culture. Key systemic issues included:

  • Design flaws. The RBMK reactor used in Chernobyl had an inherent positive void coefficient, meaning an increase in steam production could accelerate the reaction uncontrollably.
  • Operational failures. A safety test was conducted under unsafe conditions, including a reduced power level and disengaged emergency shutdown mechanisms.
  • Cultural and regulatory gaps. A lack of safety culture, insufficient training (and thus competency), and an authoritarian management style amounting to complacency discouraged questioning of unsafe practices.

These root causes culminated in an explosion that released massive amounts of radioactive material. European countries are so tightly packed that winds freely spread the outfall without borders. The systemic nature of the disaster was later addressed through international nuclear safety reforms, including the establishment of the International Atomic Energy Agency’s safety standards and stricter ISO frameworks such as ISO 19443, which outlines quality management system requirements for organizations working within the nuclear sector.

Other systemic failures

Deepwater Horizon oil spill (2010)

Another example of a systemic failure is the Deepwater Horizon oil spill. This incident was not merely the result of a single mistake but a consequence of systemic lapses in safety practices, regulatory oversight, and risk management. Contributing factors included:

  • Cultural deficiencies. The organization prioritized cost cutting over risk mitigation
  • Inadequate risk assessments. There was poor well-integrity testing and misinterpretation of pressure data.
  • Regulatory weaknesses. There was insufficient government oversight and a lack of stringent industrywide safety protocols.

This catastrophe led to significant regulatory changes, including the implementation of stricter safety and environmental policies within the oil and gas industry, aligned with ISO 45001 and ISO 14001.

The Boeing 737 MAX crashes (2018, 2019)

The Boeing 737 MAX crashes further illustrate systemic failure. Investigations revealed that flaws in the aircraft’s Maneuvering Characteristics Augmentation System (MCAS) were not adequately addressed due to:

  • Design and engineering oversights. Critical safety features were made optional rather than standard.
  • Regulatory gaps. The FAA relied excessively on Boeing’s self-certification.
  • Organizational pressures. The corporate culture emphasized speed-to-market delivery over comprehensive safety testing.

This resulted in significant regulatory reforms, including tighter oversight and compliance with international aviation safety standards.

Fixes vs. systemic longer-term improvement

Addressing failures can be approached through quick fixes or long-term systemic improvements. Each approach has its advantages and disadvantages:

Quick fixes

Pros:

  • Immediate resolution of pressing issues
  • Cost-effective in the short term
  • Prevents further damage or loss

Cons:

  • Does not address underlying systemic issues
  • Can lead to recurring problems if not supplemented with deeper analysis
  • Often reactive rather than proactive

Systemic longer-term improvements

Pros:

  • Addresses root causes, reducing the likelihood of recurrence
  • Enhances organizational resilience and safety culture
  • Aligns with ISO management systems, ensuring continuous improvement

Cons:

  • Requires significant time and resources
  • May face resistance from stakeholders due to cultural inertia
  • Implementation complexity can slow down immediate corrective actions

A balanced approach is often necessary—implementing short-term fixes to mitigate immediate risks while developing long-term systemic improvements to ensure sustainable safety and risk management practices.

What if we cannot foresee all risks?

Even with rigorous management systems and risk assessments, not all risks can be predicted. Organizations must be prepared to address unforeseen risks through:

  • Resilient systems. It is important to develop adaptable and robust safety management frameworks that can respond effectively to new threats.
  • Proactive learning. The organization can encourage a culture of continuous learning and scenario planning to anticipate emerging risks.
  • Redundancies and safeguards. Implementing fail-fail safe redundancies and contingency plans can mitigate the effects of unforeseen events.
  • Stakeholder collaboration. Engaging industry experts, regulators, and other stakeholders to share knowledge can help improve collective risk awareness.

Despite the lessons from Chernobyl, 25 years later the Fukushima disaster occurred. An earthquake of this magnitude was not foreseen as a risk even though in 1896 (as highlighted by an engineer on the project) an earthquake of magnitude 8.5 hit near the coast where the reactor was to be built. After Chernobyl, the 1970s-built reactor in Fukushima was not upgraded with the latest safety features due to high costs. Japan’s nuclear industry had a history of regulatory complacency and reluctance to accept international recommendations

ISO 31000, which addresses risk management, emphasizes the importance of resilience and adaptability in the face of unpredictable risks. By fostering a commitment to learning and preparedness across the organization, businesses can better navigate uncertainties while maintaining operational safety and efficiency.

The benefits of a management system approach

A management system approach, as defined by ISO standards, provides the following advantages:

  • Structured risk management. ISO 31000 ensures systematic identification, assessment, and mitigation of risks.
  • Continuous improvement. The Plan-Do-Check-Act (PDCA) cycle described in ISO 9001, ISO 45001, and ISO 14001 encourages learning from incidents to prevent recurrence.
  • Organizational culture change. Implementing ISO standards fosters a risk-oriented mindset, reducing the likelihood of systemic failures.

ISO management systems, when implemented and sustained, can act as a preventive tool to proactively manage risk.

Conclusion

Understanding whether an accident is an anomaly or a systemic failure is critical in determining the appropriate response. Sadly, at times industry must incur the cost of the nonconformity to learn the lesson. Organizational “can-do” attitudes lead to risk normalizations where dangerous conditions are seen as normal. Further, organizational and demographic cultures do not encourage challenging authority or questioning of decisions. Absence of accidents, incident reports, and near misses give a false sense of complacency that things are working well. This may lead to over-confidence in decision making, lapses in regulatory oversight, and deferring of resource allocation to other “priorities.”

Systemic failures indicate deeper vulnerabilities requiring long-term corrective actions. The application of ISO management systems offers a proactive and structured approach to accident prevention, ensuring that organizations move beyond reactive responses to fostering a culture of continuous improvement and risk management. By embracing these principles, industries can mitigate systemic risks, ensuring safer and more resilient operations.

Note – The above article was recently featured in Exemplar Global’s publication ‘The Auditor’. Click here to read.