Critical controls discussion paper

  • By Peter Standish FAusIMM

Critical controls defined

Critical controls are defined by the ICMM as an act, object or technological system which of itself will prevent or mitigate an incident.

Further, these ‘things’ are specifiable, measurable and auditable – and their absence would significantly increase the potential for an unwanted incident to occur or have a much more significant outcome.

Strict adherence to this definition will significantly reduce the total number of controls that require oversight by mine owners.

Some concerns with the approach as applied

Most AusIMM members are involved in either technical planning or leadership roles on sites. In these roles, they would typically be exposed to some of the administrative activities that appear to be arising as a result of a company’s implementation of critical control approaches. The types of activity appear to be creating monthly reports regarding activities conducted, inspection records and audits of conformance to training, etc.

These are worthwhile activities but should not displace the technical standard setting, peer review and quality (including Inspection Test Plan execution) activities that have historically applied in our member’s work.

The purpose of this paper is to raise issues related to critical controls and their management so that our members can have a better understanding of critical controls and the requirements for implementation of this approach.

This paper has tried to distil thoughts and ideas from the AusIMM Health and Safety Society committee members in and around these subject areas – although the reader should be aware that different opinions are held on the committee (making it a healthy combination of creative tensions and ideas) so this paper does not represent a consensus view of all the members. Our thinking has involved reflection on activities we are seeing that are going well and potential areas of concern that all of the membership base should be alerted to, to avoid incidents from occurring, some of which are discussed here.

Excessive focus

Critical controls are gaining a more intense focus across the mining industry, much of it deserved, but in some ways opening a potential ‘latent failure pathway[1]‘ for major losses.

This pathway would arise if operation-level workers and supervisors become ‘fixated’ on the controls identified as critical , and then some of the other more mundane activities/tasks may not be pursued as diligently.

As an example, if ‘fitting and wearing work at height harnesses and lanyards’ becomes an activity seen as critical, this will generate a lot of activity around its conduct. There will be regular reports required for review, updates of harness and lanyard readiness, etc. It is easy enough to imagine that another companion activity, structural audits of anchor points and their use, could lose the focus of line personnel.

The fact that the critical controls are potentially being identified and generated in a consensus manner using review teams can open up this kind of flaw. Consistent consensus activities typically trigger human error heuristics such as the recency effect where team members’ recollection of a worker involved in work at heights not wearing a harness or lanyard displace some other quite reasonable concerns and the overarching science and engineering that needs to sit behind well-considered and implemented controls in our mine sites.

The end result may be a well-harnessed worker falling from height due to an anchor point failure (or a failure to connect appropriately).

Whilst this example is a bit simplistic – the potential for some other sequence of events to arise should be acknowledged by all AusIMM members – and guarded against by confirming the technical and behavioural (at all levels) rigour of the controls they are putting in place in their areas of responsibility.

Current approaches

Critical controls were originally developed to be best applied at the level above the site – but should they be?

They are the ‘things to watch’ to determine the level of health of the underlying site system – a system that should have the hallmarks of having specifications, implementation processes, monitoring and verification of the stated requirements for:

  • equipment
  • line operator behaviour
  • design and leadership responses to the physical and organised work environment.

If the sites begin to focus on them, it might encourage a ‘test taking’ effect, where they can score well on a critical control but not really understand or be in control of their risk exposures on site. The key trap is that of administrative compliance – where it appears that activity is occurring but this is really only occurring on paper. More robust approaches typically see senior personnel on site actively involved in the health and safety management system by being present in the field.

Some traps to watch seem to come from being too enthusiastic about the application of critical controls and their underlying critical risks. It is not credible nor indeed manageable to make attempts at a site level to control thousands of risks and their related critical controls – but these sorts of numbers have been developed by well-meaning professionals at mining operations.

Hence, too much focus by site personnel on critical controls might open up pathways where controls not seen as ‘critical’ are eroded and become a contributor to a significant incident.

Another important point to note is to not lose the impact of incidents that damage equipment and other assets needed to achieve the mine’s goals. The thinking behind this is that historically when assets (production capacity) are damaged, there is a requirement for a lot of activity to restore production, which can lead to unwanted incidents arising.

The upshot – don’t only focus on things that seem to have an immediate health and safety impact, but rather think more broadly to cover off on controls needed to prevent loss in general.

Other concerns – initiative overload

There is potential for critical controls to become the ‘flavour of the month’. This should be avoided. When embarking on a program of introducing critical controls, remember that you are signing up for a marathon or indeed a program of work that should never end. This is not a short sprint to produce a set of forms or monthly reports or any other short-term measure. This is about setting and maintaining standards that will avoid significant losses on your site.

In short:

  • critical controls should be the headline controls that are mandated and regularly reinforced
  • monthly monitoring and third party auditing will add value and stability to your site systems, but should not be the only focus point for site professionals and line operators.

Poor identification of purely administrative controls as ‘critical’

In the ‘bad old days’ of risk assessments, it was a case of the more controls the better – which ultimately led to more and more administrative controls. The controls started leaning towards being more administrative, due to the insurmountable resourcing requirements if engineering controls at that volume were being specified.

Suggested approaches to dealing with these issues and generating a critical control framework on your site

On reflection, we think the approach should be around what are the right controls; that is,  the ones that if they are stripped away would lead to a fatality(ies) or major equipment loss (and ripple on effects).

To this end, it would be a good strategy to get better information and thinking into the development of critical controls for an operation. As an example of how this better thinking will play out, an ‘isolation permit’ isn’t a critical control but ‘workers identify all energies present and remove or constrain them’ is.

Theme – A key goal in any critical control program is to influence ‘on the ground’ behaviours – by being able to support a caring (or just) culture.

This would see all our members in leadership roles being involved in getting line operators to discuss the main controls in place ‘on the job’. People executing the task tend to be more aware of what controls are genuinely going to keep them safe on the job.

The program should move beyond people thinking ‘Why are people checking on me?’ – rather, it is about getting our people thinking about what’s essential and getting that in place every time.

Theme – Critical controls simplify – they point at the must-haves and let the focus be on those rather than across too many subject areas (ie creating too diffuse a focus).

An approach is to build the site’s critical control set from the bottom up – and then work to distil this to what is critical. This does help to build maturity fairly quickly. Using an approach to identify the ‘risk owner’ and that engenders focus.

Theme – Behavioural controls as critical

Behavioural controls tend to be poorly managed and led. This issue is that the monitoring instrument, Safe Behaviour Observations (SBOs), leads to management through a KPI value with SBOs being counted but not quality assured. This is a trap to avoid.

Theme – Benefits of the critical control approach – it simplifies and provides clarity.

Doctrine of bow ties may not be entirely correct in helping to identify the critical risks, but the use of the bow tie approach is powerful for identifying which controls are preventative and which are mitigating when considering any type of incident.

You can still derive from a WRAC (Workplace Risk Assessment and Control)/JSA (Job Safety Analysis) as to what are controls – but it does involve applying the ‘three question’ discipline mentioned earlier.

This proves useful for ongoing behavioural controls.

The WRAC style RA where the question of does the ‘in and of itself’ question carry the day in regards to the control being discussed will yield a result. It is probably the most powerful one there in terms of guiding people’s thinking in a good direction.

It is vitally important that leadership have behaviours that support change management processes, equipment, people, procedures, and incidents as new changes occur and new recent controls are identified.

Theme – Incident management should include challenging and identifying improvements. Rather than just acknowledging and focusing on the investigation, it should be about the controls that were compromised and the improvements that are generated.

Theme – These approaches may be supported well by standards and codes (at the site level). Ideally these standards and codes would be developed from the shop floor level, confirmed by technical and managerial team members and signed off by the board as minimum standards/requirements for all their operations.

Discussion notes

This paper was in large part drawn from a mind map that was used to capture discussions between the author and other Health and Safety Society committee members. This mind map is freely available at

If you’re interested in finding out more on this approach – please feel free to email me (for a login to an online training package) or the other AusIMM H&S Socity committee members to share their thoughts.

The interested reader should consider reviewing

The ICMM guide on critical controls is available at This gives an overview of the approaches taken by different organisations to identifying and setting critical controls. This has been streamlined by some companies through a process that spends more time clearly defining and honing in on what makes a control critical using the mathematical mutually exclusive collectively exhaustive definitions from set theory (

Some thinking around how best to consider the complex systems that all mining operations have now become can be found in the work of Sidney Dekker and Erik Hollnagel (searches on Amazon turn up their texts) – where they build on the system safety and James Reason-style approaches to describe a requirement to manage many wave type functions around performance in various dimensions. Key/critical items to control others are ones that have the most significant ‘amplitude’ of variability. When considering this in the light of our mining operations, this can quickly guide towards identifying where measures that support the consistent and effective performance of tasks by line operators are most likely to yield step changes in safety and incident performance.


[1] A term known to many – but this is a more technical way of describing a set of circumstances which ‘look ok’ but which have an inherent, difficult to observe, weakness that can remove barriers and open up a potential for an unwanted incident to arise.

The views expressed in this article are the views of the author. This article provides general information, does not constitute advice and should not be relied on as such. Professional advice should be sought prior to any action being taken in reliance on any of the information.

Share This Article