Risk Management — Building Organizational Resilience in High-Risk Industries

Published 6 days ago • 13 min read

March 2026 – Technique Works HSEQ Insights Newsletter

Because a Risk Register That Has Not Been Verified Is Not a Risk Management System. It Is a Filing System.

Last month, we examined how environmental management systems generate measurable business returns when built around operational performance rather than reporting obligations—and how ESG-driven procurement is making environmental performance a market-access condition across industries in the EU and the GCC. The organizations that took the edition most seriously were those already uncomfortable with the gap between their environmental records and the actual performance of their operations.

This month, the discomfort runs deeper.

Risk management in heavy industry has a structural problem that most executive teams have overlooked. The HAZOP has been conducted. The bow-tie diagrams are current. The risk register has been reviewed and signed off at the management level. And none of that — none of it — confirms that the barriers standing between your major hazard scenarios and a catastrophic outcome will actually function when they are needed.

The gap between risk documentation and risk management is not a documentation problem. It is an operational management problem. It is the most significant unaddressed gap in risk management practice across the industrial operations I have worked in, spanning 47 facilities over twenty years.

This month, we answer a question that most risk registers cannot answer: Are your documented barriers actually verified?

1. The Distance Between Risk Documentation and Risk Management

Risk assessment has become, in many industrial organizations, primarily a documentation function. The HAZOP is conducted. The bow-tie is drawn. The risk register is populated and reviewed at the required frequency. These artifacts satisfy regulatory requirements, pass third-party audits, and provide management with a structured picture of where major hazards have been identified and what controls are in place.

What they cannot do, on their own, is verify that those controls actually function.

A UAE Refinery and Eleven Barriers

A refinery in the UAE. Approximately 400 employees, processing refined petroleum products for regional distribution. Their process safety documentation was mature — current HAZOP studies, maintained bow-tie diagrams for major hazard scenarios, and a risk register that had been reviewed and signed off at management level within the preceding six months. From a documentation standpoint, this organization was managing its process risks.

During an HSEQ systems review, which was not a process safety audit, the team called the risk register into question, and one of their inquiries led to an answer that redirected the rest of the engagement. For the eleven threat barriers documented on the bow-tie for the highest-consequence scenario, which had been functionally verified — not inspected, not assumed operational, but tested to confirm they would perform as designed under demand conditions — in the last twelve months?

The operations manager walked through the list.

Barrier 1: verified, functional test six months prior.

Barrier 3: verified, last test eight months prior.

Barrier 7: verified and tested during the last scheduled shutdown.

Three out of eleven, in total.

The remaining eight were documented as active controls. Maintenance records showed they had been inspected. In several cases, the inspection record noted "no defects observed." But inspection is not verification. An inspection confirms that a barrier is present and shows no obvious defects. A functional test confirms that the barrier will activate and perform under the conditions in which it is needed.

Those are not the same thing. And the gap between them is where the Bow-tie Analysis shifts from a theoretical framework to a real event sequence.

Case Study: Process Safety Documentation vs. Process Safety Management

A global petrochemical manufacturer operating across six facilities in the Netherlands and Germany had invested significantly in process safety documentation — HAZOP studies updated on a three-year cycle, bow-tie diagrams maintained in a digital risk management platform, and regulatory reporting compliant across all sites.

A regulatory inspection at the Rotterdam facility triggered a deeper review when inspectors found that a critical pressure relief valve — documented as an active barrier in the bow-tie for the primary hydrocarbon release scenario — had no functional test record within the preceding 36 months. The valve was present. It had been included in visual inspection rounds. It had never been tested under simulated demand conditions.

The Barrier Management Program:

  • Conducted a full barrier inventory across all six facilities, categorizing each documented control by verification status: functionally verified, inspected only, or documentation-only.
  • Developed a barrier verification schedule with defined testing frequencies based on consequence severity, setting named ownership for each critical control.
  • Implemented a barrier status dashboard giving site managers and group leadership real-time visibility of verification currency across all facilities.

Results in 14 months: 23 barriers were identified across the portfolio with no functional test record — all verified or remediated within the program period. Zero regulatory violations related to barrier integrity in subsequent inspections across all six sites. Insurance premium reduction of 18% following independent verification of the barrier management program by the group's underwriter.

Lesson? A documented barrier that has never been functionally tested is not a barrier. It is an assumption recorded as a barrier. The difference matters when the hazard sequence is live.

Recommended Reading:

2. What the Swiss Cheese Model Is Actually Describing

James Reason's Swiss Cheese Model — introduced in Human Error (Cambridge University Press, 1990) — describes safety defenses as a series of barriers, each with inherent weaknesses that are normally misaligned. An accident occurs when the weaknesses in multiple barriers align simultaneously, creating an unobstructed trajectory from hazard to consequence.

The model is widely cited and widely misapplied. The common misreading is that holes represent the absence of barriers — that risk means having too few layers of defense. This is not what Reason described.

His critical finding was that the holes in each layer are present in every barrier, in every organization, all the time. The question is not whether your barriers have weaknesses. They do. The question is whether your management system detects when a weakness has grown large enough, or when multiple weaknesses have aligned simultaneously, to create a live trajectory toward a major incident.

Barrier Status: The Concept Most Operations Skip

The Petroleum Safety Authority of Norway developed some of the most rigorous barrier management frameworks in existence after analyzing major offshore incidents, including the Piper Alpha disaster and subsequent Norwegian sector accidents. The PSA framework requires not just that barriers be identified and documented, but that their status be actively monitored: their existence, their functionality, and their integrity under the conditions in which they are expected to perform.

Barrier status is a real-time management concept. It requires knowing not just "this barrier is in the risk register" but "this barrier was last functionally tested on this date, the test result was this outcome, the next verification is scheduled for this date, and if the barrier is currently degraded, the compensating control in place is this specific measure."

Most industrial operations have the first piece of that picture. Very few have maintained the complete picture across their full portfolio of critical controls.

The high-reliability sectors — nuclear, commercial aviation, offshore oil and gas — have addressed this gap through formal barrier management systems precisely because the cost of barrier failure in those industries is both catastrophic and immediate. The challenge in chemical manufacturing, logistics, and general industrial operations is that the same barrier management gap exists but operates below the visibility threshold: the consequences of a single critical barrier failing simultaneously with others have not yet produced the specific event sequence that forces the organizational response.

Case Study: Near-Miss Investigation Reveals Systemic Barrier Degradation

A pharmaceutical manufacturer in Saudi Arabia — operating under NCEC permit conditions with a mature safety management system, ISO 45001 ccertified, and a low reported incident rate.

A near-miss event involving a chemical release in the storage area triggered an incident investigation. The investigation team, applying a barrier analysis methodology, traced the event sequence to the simultaneous degradation of three barriers that had been documented as active controls in the risk register: a gas detection sensor with a calibration record that was eight months overdue, an automatic isolation valve that activated four seconds outside its design specification when tested post-incident, and a ventilation interlock that had been manually overridden during a maintenance activity six weeks prior and not restored.

No individual failure was catastrophic. The alignment of three partially degraded barriers in a single event sequence — exactly what Reason's model predicts — produced a near-miss with potential for a significantly worse outcome.

The Corrective Program:

  • Implemented a barrier degradation register — a dedicated record capturing any known impairment to a critical control, with a defined compensating measure and a restoration timeline.
  • Established a maximum override duration protocol: no critical barrier could remain manually overridden beyond a defined period without formal management authorization and compensating controls in place.
  • Integrated barrier status reporting into the monthly senior management safety review — not as a lagging indicator but as a live operational picture.

Results in 12 months: 31 instances of undocumented barrier degradation were identified and corrected in the first three months of the program—none of which had been visible through the existing inspection process. Near-miss reporting increased by 67% as frontline workers developed greater awareness of how partial barrier failures contribute to incident sequences. Zero lost-time incidents in the twelve months following program implementation, compared to three in the preceding twelve-month period.

Lesson? The Swiss Cheese Model is not a conceptual framework for safety presentations. It is a description of the current state of your barriers. Barrier management is what you do with that knowledge.

Recommended Reading:

  • Human Error – James Reason (Cambridge University Press, 1990)
  • "The Role of Barrier Management in Preventing Major Accidents" – Safety Science

3. What Organizational Resilience Actually Requires

Resilience in high-risk industrial operations is not about eliminating hazards. In petrochemical, chemical manufacturing, and hazardous logistics environments, the hazards are inherent to the business. Resilience is the organization's capability to absorb unexpected events without catastrophic failure, which requires that the defenses between hazards and consequences are not just documented but functioning.

Building that capability requires three things that most risk management programs address unevenly.

From Risk Documentation to Risk Intelligence

The first is risk identification: knowing where the major hazard scenarios are, what the threat pathways look like, and what barriers exist between threat and consequence. Most operations with mature risk management systems do this reasonably well.

The second is barrier management: systematically verifying that the identified barriers are functioning, maintaining a status record for each critical control, and tracking degradation before it produces a failure in service. This is where most operations have a significant gap. They have barrier identification. They do not have barrier management.

The third is organizational learning: using near-miss data, barrier degradation findings, and incident investigation to update the risk picture and the barrier status record — not as a documentation exercise, but as an operational practice.

The risk register, reviewed annually and updated when incidents occur, is a retrospective document. The risk register, incorporating near-miss signals, barrier degradation findings, and process trend data, is forward-looking. The difference between the two documents is that one represents risk documentation and the other represents risk intelligence.

Case Study: Hazardous Materials Terminal, Kuwait

A hazardous materials storage and logistics terminal in Kuwait — 180 employees, handling Class 3 and Class 6 materials under stringent permit conditions. Their risk register was maintained, their permit conditions were current, and their incident rate had been low for three consecutive years. By the metrics the organization was tracking, risk management was functioning.

The barrier integrity review was conducted as part of a broader HSEQ assessment that focused on 14 barriers identified in the risk register as critical safety controls for the three highest-consequence scenarios on-site. For each barrier, the question was not "Does this barrier exist?" But, "When was it last tested, what was the result, and who is responsible for the next verification?"

Of the fourteen critical controls, six had functional test records within the preceding 18 months. Four had inspection records but no functional test records — visually confirmed as present, never tested under demand conditions. Four had no traceable verification record at all — listed in the risk register based on design documentation, with no subsequent confirmation of installation as designed or current functionality.

No barriers had failed. There was no evidence of active degradation. The terminal's safety record was genuinely satisfactory. But the risk management system had been maintaining a documentation record, not a barrier status record.

The Barrier Verification Program:

  • Structured the corrective program as a systematic verification schedule — not a new audit, but a calendar of functional tests for each critical control with named ownership and a defined escalation path when test results were unsatisfactory.
  • Developed a barrier status register maintained in real time, updated after every functional test and every maintenance activity affecting a critical control.
  • Integrated barrier status reporting into the site's monthly risk review, providing management with a live picture rather than a point-in-time snapshot.

Results after the first full verification cycle: Two barriers required remediation — degradation that had not been visible through routine inspection was corrected before either became part of an incident sequence. A permit renewal inspection by the Kuwait Ministry of Interior resulted in zero observations regarding barrier integrity — the first inspection in four years with no barrier-related findings. The operations manager's answer to the original question changed from three verified barriers out of fourteen to fourteen out of fourteen.

Lesson? A good incident record does not mean your barriers are functioning. It may mean your barriers have not yet been demanded. Barrier management is what you put in place before the demand arrives.

Recommended Reading:

4. HSEQ Market Insights — March 2026

Trends Shaping the HSEQ Industry:

Regulatory Intensification Around Process Safety in the GCC — Saudi Arabia's NCEC and the UAE's National Emergency Crisis and Disasters Management Authority (NCEMA) have both signalled increased scrutiny of barrier-integrity documentation as part of major-hazard facility inspections through 2026, following several high-consequence incidents in the Gulf region in 2024 and 2025. Organizations operating under agreements with national oil companies are seeing barrier management requirements appear explicitly in SQAS assessments and contractor qualification frameworks.

EU Corporate Sustainability Due Diligence Directive — Risk Management Implications — The CS3D, which entered into force in 2024 with staged implementation timelines, extends organizational risk management obligations beyond direct operations into supply chains. For industrial operators in Germany, France, and the Netherlands, this creates new accountability for risk controls at supplier sites — not just documentation that those controls exist, but evidence that they have been verified. The legal exposure for parent companies whose suppliers experience major incidents is increasing materially.

Insurance Market Hardening on Process Safety Risk — Industrial property and liability insurers are moving toward requiring formal barrier verification programs as a condition of cover, particularly for facilities handling hazardous materials above threshold quantities. Organizations that cannot demonstrate verified barrier status — not just documented existence of barriers — are facing both coverage restrictions and premium increases. This requirement is a commercial incentive that operates independently of regulatory requirements.

Personalized Recommendations for Our Subscribers

Retrieve your five highest-consequence scenarios from your current risk register. Identify the critical barriers on the threat side of each scenario. Find the last functional test record for each — not the last inspection, but the last test that confirmed the barrier would activate and perform under demand conditions. If you cannot locate that record, you have a documented barrier. You do not have a verified one. That gap is the actual status of your risk management system.

Establish a barrier verification schedule before your next external audit. The schedule should specify the testing frequency for each critical control (based on the severity of consequences), name the individual responsible for conducting each test, and define the escalation path when a test result indicates degradation. This document should exist independently of your risk register — it is an operational management tool, not a documentation artifact.

Add barrier status to your senior management risk review. Not as an annex to the safety report, but as a standing agenda item. The question for management is not, "Did we have any incidents?" The question is, "What is the verified status of our critical barriers right now, and where do we have gaps?" That question, asked consistently at the management level, changes what the organization measures and what it manages.

Questions for You to Consider

  1. What is the difference between barrier inspection and barrier verification? Answer: An inspection confirms that a barrier is present and shows no obvious defects. A functional test confirms that the barrier will activate and perform under the specific conditions in which it is needed. These are not equivalent. An inspected barrier that has never been functionally tested has an unknown performance status under demand conditions.
  2. Why do organizations with excellent safety records often have unverified barriers? Answer: Because a good incident record reflects the fact that barriers have been demanded separately, not that the barriers are functioning. A low incident rate is not evidence of barrier integrity. It may simply mean that the specific hole alignment described by Reason's model has not yet occurred. Barrier management addresses the status of those holes independently of whether an incident has happened.
  3. What is risk intelligence, and how does it differ from risk documentation? Answer: Risk documentation records what an organization has decided should be in place. Risk intelligence maintains a current, verified picture of what is actually in place, in what condition, and with what gaps. The risk register is retrospective by design. Risk intelligence is forward-looking — incorporating near-miss signals, barrier degradation findings, and operational trend data to give management a live picture of where the organization's major hazard defenses stand today.

The Practical Action

Retrieve your current risk register. Identify your five highest-consequence scenarios. For each one, list the critical barriers on the threat side of the bow-tie. For each barrier, find the last functional test record — not the last inspection, not the last maintenance entry, but the last test that confirmed the barrier would activate and perform under demand conditions.

If you cannot locate that record, you have a documented barrier. You do not have a verified one.

The gap between those two things is the actual status of your risk management system — not the status your documentation describes.

Next Month: Contractor and Vendor HSEQ — Managing the Risk You Do Not Directly Control

In April, we turn to the risk management dimension that most executive teams underestimate until it results in a significant incident: the HSEQ performance of contractors and vendors operating within your facilities, under your permit conditions, and at your liability. The majority of major incidents in high-risk industrial environments involve contractors. The reasons are well-documented and systematically underaddressed.

Next month, we will examine the systems and management practices that close the gap between your HSEQ standards and the actual performance of the people working on your site who do not (directly) report to you.

Download the 30-Minute Compliance Vulnerability Audit for High-Risk Operations — complimentary, no obligation — and use the barrier integrity module to map your current verification status before April's edition arrives.

https://techniqueworks.kit.com/compliance-audit

Amador Brinkman · Technique Works

Technique Works transforms HSEQ management from a compliance burden into a competitive advantage for high-risk operations. We deliver hands-on solutions that address your specific challenge—whether you're fighting recurring incidents, preparing for critical audits, building a sustainable safety culture, developing leadership capability, or scaling operations without compromising standards. Our key services include: Strategic HSEQ consulting and implementation support. Embedded and interim management solutions for critical projects. Audits, gap analyses, and risk assessments. Incident investigation and root cause analysis We offer training and certification programs that cover ISO standards, SQAS, and management systems. Leadership development for Operational Leaders and HSEQ professionals. Recruitment and secondment of specialized talent. With over twenty years of operational experience across petrochemicals, pharmaceuticals, manufacturing, and logistics, we don't just advise—we step into your operation, understand the pressure your teams face, and implement systems that stick. Our clients choose us because we speak the language of the shop floor and the boardroom, translating regulatory requirements into measurable business outcomes: reduced incidents, lower insurance costs, faster project approvals, and operations that run with precision. When HSEQ becomes integrated into how you compete, not just how you comply, you gain the operational edge that drives sustainable growth. — Amador Brinkman, Founder of Technique Works