This article is the second part of a two-part series on GRC. To read the first one click here.
GRC Element 3 – Layered redundancy and backup to support multiple failures of critical systems
Everyone who flies hears the pilot issue the strange, “cabin crew, arm doors and cross-check,” command that initiates the process of arming the emergency evacuation escape slide. An armed slide deploys automatically when the door is opened. The cross-check is the process whereby a second crew member double-checks that the first crew member has performed the arming process correctly. This simple, yet vital, aviation ritual is another instance of not taking anything for granted — the principle of making no assumptions that is so fundamental to risk management.
Distractions are unavoidable. In the main cabin, flight attendants are managing passengers with varying needs while preparing the cabin for take-off. They could easily be focused on another task when the “arm doors and cross-check” command is issued. The cross-checking process provides an integrated backup system to validate the task, and it doesn’t stop at the cabin doors. A common cockpit routine involves the co-pilot reading an item and the pilot in command carrying out the action while simultaneously calling it out. The co-pilot then checks the action and moves on to the next item, ensuring that each step is carried out and double checked.
Myriad factors are employed in the design and use of checklists, and there is no limit to ways in which they can be presented, utilised, recorded and modified. The tool so vital to aviation safety, however, is not always embraced with this level of reverence by businesses. Audit checklists are frequently shunned or altogether dispensed with by compliance departments lacking the resources, or will, to implement robust systems for monitoring and supervision.
GRC Element 4 – Mandatory, high-frequency training to maintain skill levels, overlaid by routine direct operational assessments
In the aviation industry, training is frequent, recurring and non-negotiable. In “QF32,” de Crespigny details, “the training and checking regime for Qantas international pilots…[involves passing] four simulator tests per year as well as the annual safety procedures and route check.” Simulator tests challenge pilot responses to a wide range of potential in-flight scenarios and common emergency situations such as engine failure and forced landings. “The route check,” de Crespigny notes, “is when you fly a sector and a check pilot sits behind you, remaining silent, and assesses you on how well you fly, manage the aircraft and your crew, and comply with SOPs. If you fail the route check, your pay stops and you cease flying for Qantas.”
A GRC system cannot operate if the key people driving the system are not fluent in the regulations and procedures they are expected to follow when things go wrong. Nor can it function when the key drivers allow the management of it to degrade over time. A robust training regime keeps the system alive and well, and ensures that every person involved in GRC knows their respective roles and responsibilities.
No compliance system will work if it is low key, voluntary, and inconsistently implemented. If the board of directors reduces resources or worse, turns a blind eye when the system is violated, you end up with Libor, money laundering, sanctions violations and multi millions worth of penalty fees.
The following image, introduced by James Reason in his 1990 book, “Human Error” and later adapted by the aviation industry, is worth studying. It shows all the factors that are typically present in accidents in the aviation industry. For an accident to occur, the “failure” needs to pass unchallenged through every block of Swiss cheese before it can materialize.
The top item is “organizational influences.” “Supervision” follows closely behind. These create favorable conditions for unsafe acts, and there is little to prevent an actual unsafe act from escalating into a disaster unless “last mile” defenses are all operating effectively. The last line of defense is “procedures and training,” where the only hope remaining is that some diligent person notices the problem and takes action to prevent it.
Governance, Risk and Compliance are a set of interlocking systems intended to plug holes in Swiss cheese. The aviation sector has got GRC right, and is continuing to adapt and improve it, learning from every incident that occurs. They do it because they have no choice. The alternative would be 26 plane crashes a day and an industry unable to sustain itself.
Banks and financial institutions failing to protect their brand, their employees, and their customers are in the news every day now and not for good reasons. How long will banks that lack effective GRC practices be able to hold out? Only time will tell.