Current Trends and Future Developments in Occupational Health and Safety Risk Management

The goals of this chapter are 1) the identification of effective practices, processes and structures in OHS risk management, and 2) using a simple framework to draw together what is known of good and bad practice in this area, particularly in deciding what rules should be explicitly formulated and imposed. We argue that there is an urgent need for the formulation and implementation of a new management framework for occupational hazards; one that is appropriate for the new economic and occupational structure of work. The overall objective is 1) to underpin observations, 2) illustrate typical characteristics of the current situation and 3) indicate directions that could lead to solving these new safety problems. We suggest that this task should initially involve stepping back and revisiting the frame of reference in which the protection against occupational injury is viewed.


Introduction
Occupational safety and health (OHS) like all facets of business, needs to be properly managed. A company's OSH system helps ensure effective control of OHS risks and continual improvement in OHS performance, prevent work-related illness or injury and to achieve compliance with regulations and standards.
The goals of this chapter are 1) the identification of effective practices, processes and structures in OHS risk management, and 2) using a simple framework to draw together what is known of good and bad practice in this area, particularly in deciding what rules should be explicitly formulated and imposed. We argue that there is an urgent need for the formulation and implementation of a new management framework for occupational hazards; one that is appropriate for the new economic and occupational structure of work. The overall objective is 1) to underpin observations, 2) illustrate typical characteristics of the current situation and 3) indicate directions that could lead to solving these new safety problems. We suggest that this task should initially involve stepping back and revisiting the frame of reference in which the protection against occupational injury is viewed.
In approaching the issue, the chapter, first, attempts to provide a succinct mapping of the environment of occupational risk, through a brief examination of its historical dimensions.
Based on a thorough literature review, the major role of the ISO 31000:2009 standard is emphasized. Given that risk management is an adaptive process and that risk assessment is merely one of its features, the question is what can risk managers do to make their activities more credible and acceptable? A section is devoted to benchmarking organizational practice and risk treatments. This focus also raised the discussion of drawbacks and pitfalls of risk ranking methods. The chapter pays special attention to developing a new understanding of the participatory approach and closes with a comparative analysis which seek further explanation of approaches to occupational health and safety risk management based on two kinds of epistemological assumptions existing in the field, namely constructivism and positivism. This work should assist those practitioners, researchers and other stakeholders within industry who are interested in assessing and managing the existing OHS risks in their organisations, with the intention of identifying the priority areas for focussing improvement effort.  Ayers, 2007) A discussion of the major challenges related to development of causal models of organizational safety performance and a set of principles to address them have been presented by several authors in separate publications, see for example (Bourrier, 1998;Haines et al, 2002;Reason, 1995). The conceptual models proposed for organizational safety performance are naturally heavily influenced by the particular theoretical perspective adopted and the objectives chosen for the model. For example, literature on safety culture (Cox and Flin, 1998) and safety climate, such as (Zohar, 1980;Zohar and Luria, 2004) focuses primarily on the psychological causes of safety, with perception www.intechopen.com Current Trends and Future Developments in Occupational Health and Safety Risk Management 5 survey as the main measurement method. On the other hand, safety management literature including (Walters et al, 2005) primarily considers organizational safety structure and practices using auditing measurement approaches. Yet other disciplines (e.g. Preliminary Risk Analysis) mainly focus on direct causes of accidents such as hardware failures or operational errors, and on a common metric for measuring them (Sage and White, 1980;Reason, 1993).
The best state of health, safety and well-being for the workers and of physical and economic health for the company cannot be reached in once. Effective systems are based on the principle of "Plan -Do -Check -Act" (Deming, 1982). In OSH terms this will require to develop a policy on what is intended to achieve, then a plan of how and when it will be done, including any necessary arrangements. Next is the "doing" phase, when plans are implemented and then check that you have done what you planned to do and that it is effective in controlling risks. Any deficiencies found need to be acted upon and rectified, so that the system performance improves continually. Numerous management practices and processes include elements of risk management and several organizations are resorting to formal management processes for specific circumstances and particular risks, as depicted in Figure 2 (Smith, 2008).  Smith, 2008) Over time, more than 60 Technical Committees and Working Groups of ISO and national standards or regulatory bodies, have addressed the risk management issue one way or another. Numerous multi-sectoral standards have been drafted, e.g. OHSAS 18001, BS 8800, FD X50-252:2006, ISO/IEC 51 guide etc or dedicated to a particular sector. While the AS/NZS 4360:2004 (published in 1995 and amended in 1999) was the most widely used global standard for risk management. Considering the need for unification, Australia proposed to set up a Working Group on Risk Management, aimed at providing practical guidance on the risk management principles for all applications, including small and medium enterprises. Before the first meeting of the Working Group, it was developed a discussion document, based on AS /NZS 4360:2004 (Standards Australia andStandards New Zealand, 2004) In order to better highlight the evolutionary and multifaceted character of the risk management conceptual models, a brief comparison of AS/NZS 4360 and ISO 31000:2009 standards is performed in the following section.

AS/NZS 4360 and ISO 31000:2009: A comparison
Basically, we can argue that ISO 31000 is the natural successor to AS/NZS 4360:2004 and although the comparative analysis of the two standards is not the purpose of this work, we consider necessary and useful to highlight the differences. The main elements are shown in Table 1 and the basic terms are defined in Table 2.
Because we are describing a holistic process, the scope of this section is greater than that of some documents which deal with limited scope of the topic. In particular, many texts deal only with the analytical processes of risk assessment, and omit the management and organizational aspects of their implementation. The steps of the risk management process which are often omitted are 1) establishing the context, 2) monitoring and review, and 3) communication and consultation. This trend is particularly valid for the field of OHS risks. The ISO 31000:2009 Standard is aimed at harmonizing the risk management processes. It is not a substitute for the existing standards, but a a top-level generic document providing a unified and coherent approach of the risk management principles and framework. Its purpose is to contribute to mutual understanding amongst stakeholders rather than provide guidance on risk management practices.

Elements
Any application or private sector requirements, brings its particular perceptions and individual criteria and, therefore, one of the key features of the standard is to include "establishing context" as the initial stage of the process, step that allows to "capture"the criteria diversity and complex nature of risks involved in each case. A brief outline of the major requirements of the standard is now needed to highlight its usefulness within the OHS risk management.

Snapshots from ISO 31000 standard "Risk Management -Principles and guidelines for implementation
The aforementioned standard emphasizes how the organization should understand the specific context in which risk management is implemented throughout the organization, at all levels and in every moment of its existence, to allow:  Fosterage of proactive, rather than reactive, management;  Awareness of the need to identify and address risks throughout the organization;  Improvement of opportunities and threats identification;  Compliance with relevant legislation and international standards;  Improvement of corporate governance and stakeholder confidence;  Solid base of planning and decision making processes;  Better control systems, learning and organizational resilience, operational efficiency, safety and health, loss prevention and incident management;  Effective allotment and use of resources.
To be effective risk management must become an integral part of governance, management, reporting processes, policies, philosophy and culture of the organization. As stated in Clause 3 of the standard, the risk management: a) creates value; b) is an integral part of organizational processes and part of decision making; c) explicitly adresses uncertainty; d) is systematic, structured and timely; e) is based on the best available information; f) is tailored; g) takes human and cultural factors into account; h) is transparent and inclusive; h) dynamic, j) iterative and responsive to change; k) facilitates continual improvement and enhancement of the organization (ISO, 2009).
The general framework (see Clause 4 of the standard) supports the organization to effectively manage risks, applying risk management process on different levels, in the specific context, at a given moment. This clause describes the necessary components of a risk management framework and how they inter-relate, as illustrated in Figure 3. The process involves the use of logical and systematic methods for continuous communication and consultation, defining the context for identifying, analyzing, evaluating and treating risks, as well as monitoring and reviewing risks. It includes activities described in the standard through requirements 5.2-5.6, as shown in Figure 4.
In the spirit of this new standard, one may decide to review the foundations of existing processes and practices regarding the OHS risk assessment and management. While it is not specific to a particular industry or sector, the standard can be applied to any organizational entity regardless of the type and nature of the risks. Despite this, the standard is not about promoting uniformity in risk management, because the design and implementation of the framework and management plans should take into account the specific needs of the organization's particular objectives, structure, operations, processes, functions, projects, products, services, goods, and specific practices employed. Some areas, as in OHS, are requiring regulatory criteria that reflect an "aversion" to the predominantly negative consequences of risk. Resorting to the approach proposed in the standard proposed enables the identification and application of such criteria. We argue that the standard supports organizations to comply with legislative requirements and international standards while increasing the performance of the organization. Unfortunately, this argument is not currently possible to qualify as the standard is so new that little reliable empirical research on its usefulness has been conducted Assessment of workplace risks is the foundation of a company's OHS risk management. Yet it is surprising how little literature there is about 1) how to conduct risk assessments effectively, 2) how to decide what methods and rules are needed, 3) how to prepare and formulate them and 4) how to promulgate them and ensure they stay appropriate. As such, we are now focusing on the practical application of the risk assessment process, representing a resource for getting up to speed quickly on the different options available and the means to introduce and implement risk management.

Current trends and challenges in OHS risk management
Risk assessments are vital support to decision-making process. Risk assessment supports the design review process by providing the underlying analysis on which safety decisions can be made. Risk assessment methods are being deployed in many industries, and the momentum is likely to continue. Although the level of sophistication in risk assessment processes varies the general risk assessment process applies both across and within all industries.

Occupational risk assessment: Benchmarks for the organization's practice
Modern risk assessment began over three decades ago, with applications in the military and nuclear power (Theys, 1991). In the late 1970s it gradually expanded, and was applied to a vast array of chemical risks. Applications to engineered systems, and in particular infrastructure, are common; examples are given by (Lave and Balvanyos, 1998). Blockley (1992) also devotes a number of chapters to civil engineering topics (e.g. design codes or risk assessment in structural engineering), and several infrastructure-engineering applications (e.g., dam safety, marine structures).
According to ISO 31000:2009 standard, risk depends both on the probability or frequency of an adverse outcome, and also on the severity of that outcome. Risk has similarly been defined generally as "the potential for realization of unwanted, negative consequences of an event" (Moraru and Băbuţ, 2010). More quantitatively, in (Sage and White, 1980) risk is defined as "the probability per unit time of the occurrence of a unit cost burden", and state that it "represents the statistical likelihood of a randomly exposed individual being adversely affected by some hazardous event". Thus, risk has been defined at many different levels of detail. The usage of of the word risk ususlly has negative connotations and risks are regarded as something to be minimized or avoided. The aforemetioned standard recognizes that activities involving risks may lead to impacts that can be positive as well as negative.
The processes described herein can be used to exploit opportunities for enhancing organizational outcomes as well as reducing negative consequences.
Risk treatment efforts to achieve acceptable risk must work within the real world constraints of feasibility, practicality and cost. A practical solution to achieving acceptable risk is a good faith application of the hierarchy of controls within the risk assessment process. The number of methods aiming at assessing the risks is definitely greater than the number of methods aiming at preventing them.
were in use but only one method is extended in application. It appears as obvious that a large number of practitioners are resorting to a single method, without considering the great variety of working systems and conditions which are requiring specific approaches and techniques. Methods are used to rank risks and to define priorities for actions -which is desirable -but often this is done by neglecting the analysis of the elements defining these risks and the means of improving the situation. The accident risk management should be seen as the process of providing recommendations on whether to accept or resolve potential consequences of hazards associated with a given activity. It is neither a "science" (in that it provides a precise prediction of future events), nor just "common sense" or "something good managers have always done". It resorts to systematic procedures and specific techniques to analyze safety and occupational health factors, design and construction of equipment, and other situational hazards. As highlighted by Pasman (2009), for this process to be effective, the company culture must be willing to embrace the risk assessment process, and cultural acceptance stems from management leadership. Engineering design needs to change to include the risk assessment process to more effectively move safety into design.
Guidance on how to most effectively introduce the risk assessment process to an organization, and how to conduct them thereafter can be extracted from different sources, but the most valuable information source remains the practical experience gained by effectively performing the risk management. Practical guidance should be provided for Romanian companies get started and make progress in the risk assessment process. Topics addressed include: 1) the time to complete an assessment, 2) forming a team, 3) what to expect, 4) when to stop a risk assessment, 5) what to do in cross industry situations, 6) when to revise an existing risk assessment, 7) making changes to the protocol and 8) results of risk assessment.
When adressing the tool issue, "risk ranking matrix" is the term that describes how risks are ranked in the first instance, employing a method-specific tool. There are many variables, factors and combinations that must be considered in selecting an appropriate tool for further analysis, as that presented in Table 3. The different variables that are used to rank risks are requiring a proper understanding, and the three most common types of risk ranking systems are 1) qualitative, 2) semi-quantitative and 3) quantitative. Given the subjective nature of rating risk, risk scoring systems will likely continue to emerge and proliferate, as users refine and improve their risk assessment process.

12
weaknesses. This variation reflects the great diversity of opinion on risk assessment. Some of the most significant differences between risk assessment methods used today involve how risk is assessed. As mentioned before, there is a continuum of risk ranking systems from qualitative to quantitative that effectively address a variety of risk assessment applications. Very few benchmarks use quantitative risk ranking systems. However, there is no indication that any particular risk ranking system is better than another for all applications. Table 3. Matrix helping to identify hazard assessment method classes. Action Guide Based on the above-mentioned benchmarks, the following principles directed towards practical risk assessment improvement can be stated:  Minimize the use of labels: the use of labels to describe portions of the risk assessment process should be minimized. The terms used in assessing risk were until the issue of the ISO 31000 Standard very confusing. There existed confusion, or at least no common understanding, as to the meanings of the terms of risk assessment, risk analysis, risk estimation, risk evaluation. Efforts at harmonizing, standardizing or even communicating were severely hampered by the past confusion and different uses of the term "risk assessment" and others. The practitioner trying to conduct a risk assessment does not care about terms or labels. He just wants to know what he need to do to complete an effective risk assessment. Extra terms detract from this objective. Unnecessary terms that add no value should be removed from the risk assessment process. Labels that provide no value only add confusion.  Simplify the risk assessment process: the steps of the risk assessment process should be written using active verbs rather than labels or titles. The steps of the risk assessment process need to be simple and straightforward, and provide the reader very clear direction on what he needs to do.  Adopt "risk assessment process" as overall term: the term "risk assessment process"should be adopted to describe the overall process of identifying hazards, assessing risk and reducing risk. The terms "risk analysis", "risk assessment", "risk estimation" and others have different definitions depending on the industry using them. The two most frequently used terms to describe the overall risk assessment effort are "risk assessment" and "risk management".  The risk assessment process goal involves risk treatment: there is no point in assessing the risks of a system, design, process or product, unless one plans to perform risk reduction. The risk reduction effort is always completed even though not every residual risk requires further risk reduction (the risk may already be acceptable). This implies that risk reduction is a necessary part of, and should be included in, the overall risk management process regardless of the term used to describe that overall process.
 Adopt the risk assessment process flow chart, as it is given in clause 5 of the ISO 31000 Standard;  Subjective judgment needs to be accepted: subjectivity is a necessary part of risk assessment. Even in quantitative risk assessments subjective judgment occurs. However, the subjectivity does not diminish the value or credibility of the risk assessment process. Safety is not an absolute state, but a relative one. Engineers, safety practitioners and decision makers need to become comfortable with subjectivity, and recognize that the subjective risk assessments do offer value.  Accept uncertainty: uncertainty enters risk assessment as assumptions, estimates and subjective judgments and lack of precise information. Even in quantitative assessments there often remains substantial uncertainty. Performing a risk assessment does not create the uncertainty. Uncertainty is, and should be accepted as, an integral part of the risk assessment process.
With experience, the risk assessor learns which assessment tool is best for investigating a certain type of activity. The qualities of a good risk analysis are:  Clear, concise, and a well-defined method that a reviewer or reader can readily understand.  Orderly and consistent in systematically reviewing the activity or system for risk.  A closed loop where the assessor reviews each risk control for its impact on the other risks and their controls.  Objective in that reviewers and users can understand and verify each step of the assessment.
Paradoxically, one of the most important advantages of some risk assessment methods is meanwhile a handicap: a numerically expressed risk assessment. Of course, an approach based on figures allows prioritization, but will not be able to consider certain major aspects, such as ergonomics and psychosocial risks. Certain methods are difficult to apply, or even impossible, for chronic intoxication risk assessment, mental or physical fatigue assessment etc. In the following section, we review the relevant strengths and drawbacks of risk ranking methods, in particular the so called Kinney Method.

Advantages, limitations and subjectivity in resorting to the Kinney method of risk ranking
As outlined by Honings (2000), there is already a significant time lapse since the introduction of the Kinney method, and also to other similarly structured methods, selfdenominated as risk "quantification" methods, are used on large scale in the field of OHS.
The goal is nonetheless to analyze, rank and prioritize the risks identified in working place. At the present, more and more experts in the field are developing a criticism in relation to the limits, pitfalls and disadvantages of this category of methods (Koob and Malchaire, 2003), which we further denominate as "Kinney-type". They are increasingly considered as incompleted, non-reliable and detaining a strong subjective character. Other experts are refining their opinions, suggesting the resort to this kind of methods only as complementary or informational tools (Main, 2002;Schwartz, 2002).
14 The Kinney method was first introduced in USA, being proposed by G.F. Kinney and A.D. Wiruth in a technical document of Naval Weapons Center in California, see (Kinney and Wiruth, 1976). Initially aimed at explosion risk prevention in military industry, the method was rapidly adopted in Europe, with immediate success.
We argue that, indeed, the method can be used in the risk analysis stage, but, considering the specific estimation pattern, it rather evaluates and ranks the risks in order to prioritize them. According to this method, the risk (R) assessment, is achieved considering three parameters: 1) the probability (P) of an accident or damage occurrence, 2) the exposure at risk frequency (F) and 3) the gravity (G) of the induced consequence (see Figure 5.a). The probability of the damage occurring during the exposure to a risk factor describes the accidental, stochastic and uncertain character. Kinney has defined 7 probability classes, to whom he allocated certain numerical values (see Figure 5.b). The exposure frequency expresses the time lapse in which the worker is exposed to the risk factor action; this component is estimated by one of the 6 classes, described in Figure 5.c. The size of damages is expressed by 5 gravity classes, highlighted in Figure 5.d.
Unfortunately, if the evaluation is performed by a single individual, the process will be a flawe. Therefore the need for a multidisciplinary team is obvious. Afterwards, but only after the completion of this first identification phase, will be imagined and developed the risk propagation scenarios. Based on the context setting, the numerical values will be assigned to probability, frequency and gravity; the risk level will be obtained by multiplying these three factors. The value obtained allows then to frame the risks into 5 levels, according to Figure  5.e. If the method is applied by a working team, it is strongly recommended that all the risk values are retained, an average value to be computed, discussed and interpreted within the group session.
The use of the Kinney-type methods can offer seriously differing results, for the same working place or system, if the individuals composing the team are different from one case to another. The practical use of Kinney-type methods indicates that a misuse can lead to a variable risk factor list and diverging scores, according to the competency and expertise of the assessor. On the other hand, even if the figures obtained can be useful in increasing the awareness, the quantification is limited. It gives only the appearance of a mathematical evaluation, without really having the rigour of such an approach. , risk management is no longer a narrow, limited approach, targeted exclusively to restrict or control the negative effects of potential events.

Controls development and decision-making in the risk treatment stage
Risk treatment involves selecting one or more options for risk control and implement these options through an iterative process. Figure 6 shows the sequence of phases which, in its entirety, guides risk treatment stage of the risk management process. After assessing each hazard, the assessor develops one or more controls that either eliminate the hazard or reduce the risk (likelihood or consequence) of a hazardous incident. A key element of the risk decision is determining if the residual risk is acceptable. The decision maker, based upon the level of risk associated with the mission, must compare and balance the risk against mission objectives. If the the risk level is too high, he or she can direct the development of additional controls or alternate controls, or can modify, change, or reject the course of action.
When developing controls, it is important to try to implement controls based on the mitigation order of precedence (ISO, 2009;Moraru, Băbuţ and Cioca, 2010;). The mitigation order of precedence is a prioritized ranking of methods for instituting countermeasures and controls, ranked by effectiveness in reducing the risk associated with an identified hazard. The mitigation order of precedence is discussed below.
 Design to eliminate hazards: the most effective method of controlling a hazard is to eliminate it from the system or equipment, by making fundamental changes in the design, process, system, equipment or task. Each situation must be viewed considering not only the hazard being addressed, but also the total situation. An excellent control used in another situation might seem appropriate, yet when viewed holistically in the context of the current task it not only does not work, but also introduces new hazards.  Incorporate safety devices: when the hazards cannot be designed out or eliminated from the process, system or equipment, then safety devices need to be incorporated.  Provide warning devices: warning devices are passive. While they provide notification that a hazardous situation exists, they require the operator to react to a given situation.  Develop procedures and provide training: procedures rely upon the operator executing them. This requires initial training as well as periodic training, to ensure that the operator understands the "why" and the "how" of the procedures. They should be trained in 1) what the hazards are, 2) how to recognize the hazards and 3) what the control procedures are. If they do not understand the consequences, they are less likely to follow procedures. When implementing procedures certain factors need to be considered prior to their development, as those outlined in Table 5.  Selection, development and evaluation of controls: a good understanding of the risk mechanisms facilitates effective development, selection, and prioritization of risk countermeasures and controls. The idea is to brainstorm as many controls and countermeasures as possible.  Decision-making: this involves deciding which countermeasures to use, and in some special situations, requirements may dictate that the hazard and the risk be accepted due to constraints placed on the mission, process, system, or equipment. However, when the hazard is not eliminated or controlled to tolerable limits, the organization's top management needs to decide about the acceptability of the risk based upon mission requirements. Supervision ensures that deviation from standards, complacency, or violations of policies and risk controls are not allowed to threaten safety and health of the workers (U.S. Department of Army, 2010) .
The process for treating risks should be integrated with other planning and management activities at the programme, project or team level. It is important to try to link plans at this level to the corporate strategic plan where possible.
The employee must thus be the main actor -and not only the object -of prevention. This means that participation -and not only consultation -of the employees is indispensable. The successful implementation of OHS standards requires the process to be integrated into the activities of managers and supervisors at all levels of the hierarchy as well as the active participation of employees. The 'key considerations' concerning the strength of a participatory approach in the dynamic context of occupational risk management are described in Section 4, ahead of the review.

Issue Questions to adress Targeted working group
What is the structure of the team? What is the at-risk team? How large is the team.

Intervention
Are the reasons for application clearly defined? Are the results repeatable? Outcome measurement How do we measure the effectiveness? Have measurable goals and objectives been established? Implementation process What are the implementation issues? Are there unresolved issues and questions?

Developing training
What factors to address in the training? How to address those factors? Does the employee need new knowledge to do the procedure? What is that new knowledge?

Leadership
Leadership must supervise their operators to enforce the standard operating procedures. If leadership does not place value and importance on them, operators will not value or implement them.

Intervention steps in dynamic OHS risk management: The participatory approach
In the last decade, an increasing attention was given to participatory approach of occupational health and safety risk management (Honings, 2000;Maclagan, 1999;Malchaire, 2007, St. Vincent et al, 1998Walters and Frick, 2000;Walters et al, 2005). By "workplace", we generally understand, in a restrictive way, the place and the conditions in which a worker has to perform a stereotyped task (Moraru & Băbuţ, 2010).
This concept seems now out-of-date and, in the new forms of work organization, the operators work in a group of workplaces, that we will call a "work situation", where they interfere the ones with the others, as depicted in Figure 7. Moreover, the behavior, satisfaction, quality of work and well-being of any worker do not depend only on the physical factors of his working environment, but also on the work organization, the responsibilities and the collective relations. The collocation "work situation", firstly introduced by (Malchaire 2007), refers to all the aspects, physical, organizational, psychological or social of the working life (Cioca and Moraru, 2010), that are likely to have an influence on the health, the behavior and the well-being of the employee, see Figure 8.
A quite realistical assumption is that knowledge from what really occurs in the work situation is decreasing from the employee to the expert. On the other hand, qualification in health and safety increases in the opposite direction (Malchaire, 2007). It thus appears logical to consider that the two sets of knowledge -about the work situation and about the principles of the well-being -are complementary. What remains is to organize a cooperation in an interdisciplinary way. Many risk assessments by OHS practitioners or external experts, are undertaken in a given time span, on a specific problem often extracted from its context. This is why they may have very little positive effects, especially if workers are not involved directly in the process. But workers participation is only effective if the qualification of the employees concerning their work situation, and their integrity are explicitly recognized (Haines et al, 2002). The employee "sees" his work situation like a whole and not like a set of distinct and independent facts: he is "being well" or not, he enjoys his job or not. In addition, all aspects of the work situation are inter-related: the noise influences the relations between the people; the technical organization between workstations influences the risks for musculoskeletal disorders; the division of the responsibilities influences the work content, the accidents, etc The prevention approach consists in seeking the most effective means to reduce the risk, by acting on one or several of its components: elimination of the risk factor, reduction of the exposure, increase of the reliability of the work system. It is thus essential that the analysis of the risk be not simply a recording of its components, but consisting of a careful analysis of the reasons of the exposure, the circumstances of this exposure, the severity of the consequences and the most useful means to reduce them. The final quantitative evaluation of the risk is consequently secondary, the most important thing being to study the components and the details on which it is going to be possible to act. Rather than speaking about risk assessment, it is thus more appropriate to speak about risk management.
Although all the problems are inter-dependent, it is neither realistic nor possible to solve all of them at once. Considering the Swiss-cheese accident model (see Figure 9) and the spirit and structure of the Sobane strategy (see Figure 10), developed by Malchaire (2007) the first stage (called Screening) consists, for example, in replacing a defective tool, improving the ventilation system or modifying a hierarchical relation. Even if such a simple measure is essential, it is not sufficient because the primary latent causes were not eliminated and the situation can return to the initial defective state.
The second stage (Observation) can consist in reexamining the general work organization, the institutional links between people or in rearranging the operating area. Perhaps a third stage will relate to the workers training (Analysis): vocational training to perform the tasks, education to their well-being, leading them to recognize themselves the problems, to manage them directly as they arise, bringing the employees to a degree of self-management of their health, safety and well-being to work. Maybe a next stage (Expertise) will relate to the culture of the company, the integration of the concerns of well-being in the overall management of the company. The knowledge, information and data necessary during the first steps relate primarily to the work situation. Knowledge in ergonomics, medicine and safety is certainly desirable to select the good tool or to ventilate more effectively, but is less essential than the knowledge of the work situation. This first step must therefore be carried out as close as possible of the work situation and its output will be especially a function of intimate knowledge of what occurs in the course of time in this work situation.
Conversely, at a more advanced step of the process, the problems require more qualification in work organization, training or management. The analysis must be finer, more specific and requires tools and competences that only OHS practitioners generally have. According to the step, the necessary competences will thus rather be those of an OHS practitioner or of the workers themselves, these remaining the main actors of the prevention, for whom and by whom prevention is implemented.
In our attempt to highlight the future trends in OHS risk management, we will focus in the next section on two epistemological assumptions existing in the field, presently valid in complex socio -technical systems. Epistemological issues determine how we see the world and is hence of fundamental importance. Our aim is to emphasize that contrary to common beliefs, the positivism and the constructivism are complementary and not competeing.

Towards complementarity of positivism and constructivism in OHS risk management
Risk management within complex socio -technical systems must be subordinated to the objectives that form an integrated, coherent system and converging to the overall objectives, so that levels of activity to be mutually supportive (Emmet and Hickling, 1995). Operational safety techniques in use did not appear, indeed, though it seems paradoxical, until during the Second World War, with the emergence of complex systems, which encompass a large number of components. The '60s have brought new techniques for identifying risks, following the deductive or inductive approaches. In the '70s, great efforts have been made to assess risks to populations near nuclear facilities, being developed many scenarios of accidents related to equipment failures and/or operational errors. In the following decades, methods and techniques of risk assessment and control were widely spread in various industries and now enter new sectors (health, food, water treatment, etc.), including in Romania, following the harmonization of the national legislation with the European Union.
As depicted in Figure 11, technical risks are related to the main features of operational safety. Technical risk control covers all methods, means, analysis, procedures and measures applied throughout the life cycle, to remove or render acceptable the identified risks. Fig. 11. Operational safety components within a complex socio -technical system As discussed before, the omnipresence of uncertainty about the reliability of data used, adopted measures to limit or minimize the consequences likely to materialize, the degree of subjectivity of the assessments are rending particularly difficult a precise formalization of applied assessment and decision -making procedures. Moreover, we find very often that the existing level of expertise itself is an area of experimentation. Most times, between policy makers and technicians, OHS practitioners and economists, there is a fundamental degree of independence. For various reasons, one can minimize the real risks, for example by overpricing available technological level, leading to a dogmatic extreme reaction (by ignoring his own ignorance) or because of reasons that we might euphemistically call "inconspicuous". Precaution and prevention is a step fall in anticipation of risk. Precaution can be understood as extending prevention methods applied in the field of uncertainty. Precaution and prevention are thus two sides of prudence that is required to reduce the occurrence of situations likely to cause losses to humans, property and environment.
Until recently, the safety of complex systems were addressed in a manner called "positivist" (Journe, 1997), which is to control risks during the design stage. Developed specifically by engineers and ergonomists, this approach considers technology as 1) a real phenomenon ("ontological principle"), 2) having an existence outside the subject that one observes and implements (principle of objectivity"), 3) having a fixed operation and successful law of his own ("wired universe principle"), 4) which leads to an optimal solution ("single optimum principle") (Le Moigne, 1990 b). It is considered that the reliability and safety of a system can be developed by acting on technology, on the working environment and on the proper definition of procedures to follow. The human factor is often identified as "the weak link" element, which reduces overall system reliability, as "a black box capable of unpredictable and irrational behaviour, the origin of the errors, failures and shortcomings" (Journe, 1997). The operator has only a small margin of action or response to an organizational and technical reality which is external to him, because it was set a priori by those who designed the system.
Following the serious incidents that have occurred mainly in the nuclear field (e.g. Three Mile Island in 1979, Chernobyl in 1986, there have been strongly emphasized the limits of such an approach. Due to the ever increasing complexity of systems studied, it becomes obvious the impossibility to predict all possible accident scenarios. A complementary approach, called "constructivist" was therefore proposed (Le Moigne, 1990a;Theys, 1991, Journe, 1997. This one, considers technique as 1) a construction ("principle of the built universe"), 2) including the subject which tries to control it, through the intermediate of his own representation ("projection and representation principles"), 3) having a complex operation that can not be broken down into simple, independent elements and 4) which can only lead to more or less satisfactory solutions ("principle of intelligent action"). This approach leverages operators role in the complex socio -technical systems reliability and security, seeking to benefit as much of their intelligence and capacity to respond to new situations. Founded on "safety culture" and developing the spirit of initiative within organizations, at the opposite of the quasi-military discipline required in the positivist tradition, this approach gives the central role to the individual and is subject of the "organizational communication" (Zohar, 2010).
In opposition to the positivist conception, the constructivist approach considers that the reliability is, above all, a social and organizational construction, which is the final output of the symbolic representations that operators develop together, in action. From this perspective, safety conditions lies, particularly, in organizational and human variables. This organization's ability to remedy failures would be particularly related to a clear definition of each individual's role and a strong personal responsibility. We argue that this approach can be extended to any kind organization, even to small and medium enterprises, to properly manage the OHS risks, following a conceptual model as the one described in Figure 12.
Safety is considered both as 1) a non-event because the result of a safe state is invisible through nature (nothing happens when the situation is under control) and 2) a dynamic state because a seemingly stable system conceals intense internal activity, requiring vigilance and anticipation capacity of the operator. Thus defined, safety is an issue of interaction, development and management of the representations that will give a sense to the situations experienced by operators. It is obvious that, from this perspective, the role of safety culture and climate is ever increasing.
In this constructivist approach, risk control means, above all, the operators ability to anticipate and recover abnormal situations. It requires the skill of the actors to understand the environment in which they work, based on their own experiences, the meaning of various stimuli perceived. It is the product reached through cognitive operations and not the result of a pre-existing sense, independent of themselves. The constructivist approach also put emphasis on the performance of involved actors and the role of everyday communication; it considers communication as part of a process of organizational structure. We would like to outline that this is also consistent with ISO 31000:2009 standard.

Fig. 12. A constructivist conceptual model for OHS risk management
On the other hand, there is always an unexplored ethical dimension over and above the list of causes of occupational accidents. This can result in a cascade of bad decisions being taken at the organizational, human and technical levels, which cause tragic accidents, often with loss of human life. To manage risks properly, it will not only be necessary to develop techniques but also to develop processes, at the personnel level as well as at the organizational level, which will take human nature into account. There is indeed a real difficulty to forecast the operator's representations and reactions, in a context that develop a growing public distrust in the complex high-risk organizations, such as for example nuclear power plants. Positivist and constructivist visions of operational safety, which initially appeared in an opposite, even irreconcilable, may be complementary, we believe, in the minds of some players, including designers of new systems that would like to associate quality in design with operators professionalism, to limit risks to a level still untouched.

Closure
This paper reviews the main strands of literature and proposes a framework of steps in good OHS management. It offers a number of suggestions of good practice and illustrates a number of the dilemmas. It also considers that the approach based on ISO 31000:2009 Standard is of paramount importance and may represent a step forward to managing safety, but may not be enough to address the management of risk effectively. There is a need to adopt a systemic approach to safety management. Systemic may be defined as trying to see things as a whole and attempting to see events, including failure, as products of a working of a system and, within that, see fatality/injury/property loss, etc as results of the working of systems. Companies that have applied risk management for many years recognize that the change to a "culture of prevention" via "systematic and comprehensive risk management" involves a journey.
On the other hand, risk assessment and risk management should be described more fully, recognizing that some companies are currently going well beyond the minimum level of practice that is described here. From this perspective also, we consider that the ISO 31000:2009 Standard can be seen as a milestone. Risk management should try to change everyone's mind set toward proactive, empowered, systems oriented thinking. Risk management should become a continuous process of learning from past experiences.
What is extremely important in seeking to achieve effective risk management is an ongoing consolidation of an organizational culture of risk. Risk management is incompatible with attitudes such as "leave it, that goes like this too", "someone else looks after, I shouldn't worry", "we shall live and see", "devil is not quite so black as it seems", "this is a fatality" etc. Risk management is the assumed accountability. This is the difficult problem in the way of implementing effective risk management and not learning the terminology and techniques.
Learning from the past is crucial in making progress. Yet, there are obstacles of various nature such as 1) human factors, 2) technical complexities of how to store and retrieve information, restraints to knowledge management, and last but not least 3) policy and decision making in view of cost-benefit. Over the last decade, wide interest in the role of behaviour has led to the development of numerous safety climate tools and behavioural modification programmes. It must be emphasised that behavioural approaches should not be seen as the panacea for all safety problems. Behaviour modification is not an alternative to sound safety management policies, systems and procedures. However, when these are well established and functioning effectively, behaviour modification can play an important role in achieving further improvements in safety performance.
Also, the move towards continuous management and learning demands participation from employees. Often, however, initiatives are imposed from above. Creativity and initiatives from the shop floor to improve are stifled in such a climate. A different approach is required to encourage further improvement. This next step involves taking action to ensure that the behaviours of people at all levels within the organisation are consistent with an improving safety culture Once rules become more conceptual and goal-oriented, rather than prescriptive, this cannot work. Nor can it work if the technology is changing or there are many abnormal situations to be coped with. It is hard to have an expert around all the time to make up new rules or modify old ones. The only other alternative is to delegate the rule-making and changing to the work group. Participatory methods are increasingly utilized in improving risk management of work and workplaces. The merits of these methods are widely recognized as a means of promoting initiative of local people and achieving workable solutions. A notable merit is that they contribute to improving various forms of workplaces in their diverse conditions. The influence, though still low, of constructivism allow actors to assign a contextual re-creation and permanent interaction capacity with the working system. Unfortunately, we find that this vision strikes with numerous and powerful resistance, both inside and outside the organization.
The in-depth analysis of the dynamic policy of risk management resulted in proposing a participatory strategy whose purpose is 1) to gradually approach the work situations, 2) to coordinate the cooperation between employees, management and OHS practitioners and 3) to arrive faster and less expensively to effective prevention.
If we put together all of the trends sketched in this chapter, they add up to an improvement in the way OHS is, or should be, managed compared to a decade ago. With an increasingly complex structure of society, trade and industry, communication, political and administrative systems, technical systems and technological change etc, it is getting more and more important to relate to different ethical and political arguments to keep an image of being in control and for being trusted. There is a need for developing a mechanism for a path between the positivistic and rational choice founding of risk assessment and the richness of perceptions and judgements of risk issues. The best answers to risk issues are reached by exposing risk assessments and decisions to intelligent debate, criticism, and amendment by the scientific community and the workers likely to be affected by the risk.
The preliminart conclusion of this work is also an outlook to the future. Although there are many signs of renewed interest in questions regarding OHS risk management , the road to a more full implementation of "premises for risk management" is long and there are many obstacles. One of the main issues to be resolved is how to decide on differing levels of risk depending on the nature of the activity and the importance or benefits of the activity for society.