For those working in high risk industries – transport, mining, chemical processing and construction among others - you know that sinking feeling when you get the call after an incident where something has gone awry and someone is badly injured or worse still there is a fatality.  Your mind races back to the engineering designs, systems and procedures you had applied to mitigate every credible and imaginary risk you had anticipated.  All the briefings and safety instructions you had drilled into your teams.  And now this.  What went wrong?  

Writing about the lessons learned from the Columbia space shuttle accident Bryan O’Connor from NASA says that the proximate or technical causes can be easily fixed.  But what about the other associated causes?  O’Connor who is NASA’s Chief of Safety and Mission Assurance writes:

The proximate causes of an accident and the changes needed to avoid repetition are usually clearer and more readily dealt with than the associated root causes. As a team of engineers, we usually find a way to modify the design, change the software, or develop an operational workaround that adequately mitigates the proximate and near-proximate causes of our mishaps. But root causes are different kinds of problems.

Root causes tend to be related to the broader, sometimes squishier aspects of what we do: such things as the what-versus-how of our procedures and requirements and the appropriate volume and frequency of organizational communications up and down and left and right. Sometimes they involve organizational and authority relationships, the effectiveness of checks and balances, and other cultural aspects of program and operational management.

So what’s the recipe for Safety ?  O’Connor’s ingredients are : shared values 1 part, organisational structure 1 part , requirements ( NASA speak for specifications) 1 part, risk management 2 parts and a pinch of luck. 

I don’t agree with the luck bit,  I believe a lucky organisation is one which consistently applies its systems and policies rigorously.  Then you get lucky.

And on learning from the experiences, O’Connor explains:

No matter how dedicated we are to safety, accidents happen. When they do, they give us an opportunity—though often a painful one—for learning that can prevent problems in the future. We also need to be careful not to derive the wrong lessons from experience. Specifically, we don’t want to “learn” from a string of successes that a particular kind of mission is inherently safe and we no longer need to look so carefully at risks.

There are, broadly speaking, two modes of learning and behavior that help organizations prevent mishaps. One is incident recovery: the intense, focused period of analysis and action that follows an accident and takes steps to avoid a recurrence. The other is complacency avoidance: countering the tendency to assume that recent success promises future safety.

Learning from Incident Recovery

A serious mishap galvanizes an organization. Experts minutely study the evidence to uncover the proximate causes of the accident. This type of work, though reactive, is engineering in every sense of the word. NASA engineers know how to investigate failures and, in the wake of a major mishap, motivating them to do it well is not an issue. If anything, we have to tell our investigators to back off and take a breath once in a while.

Fighting Complacency

After the mishap investigation and the return to flight, the team focuses again on the mission, and the challenge for the leadership team shifts from recovery to fighting complacency. Countering complacency is arguably harder than recover ing from a mishap. We have to find creative ways to counteract the common psychological tendency to assume that a string of successes means that we have somehow reached a state of engineering and operational perfection—and, therefore, immunity from failure. One way I have found useful to get our team back to the proper state of humility and respect for risk is to occasionally revisit accident case studies. This does two things. It reminds us that other people who thought they were paying sufficient attention to safety have been surprised by failure; the case study serves as a vivid reminder of the fact that most past accidents almost always happened during a period of complacency. It also gives them a challenging and—we hope—relevant technical problem-solving session.

These two things can go a long way toward reviving the critical recovery mind-set. They, along with the safety factors I mentioned above—shared values of teamwork, integrity, and commitment to safety, and requirements that make clear why they are important—are crucial weapons in our fight against complacency.

Coming from the Chief of Safety at NASA- that’s some lesson.