Mitigation activities or controls are any actions taken to permanently eliminate or reduce the risk of hazards to human life, property, and function. The four basic mitigation activities are as follows:
-
Deterrent controls reduce the likelihood of a deliberate attack and/or dissuade would-be attackers by making a facility less desirable as a target.
-
Preventive controls protect vulnerabilities by making an attack unsuccessful or reducing its impact.
-
Corrective controls reduce the effect of an attack.
-
Detective controls discover attacks and may trigger preventive or corrective controls.
Combining Risk Assessments and Mitigation Initiatives
A more sophisticated method of conducting risk analysis and assessing mitigation initiatives is a failure modes and effects analysis (FMEA) (Electronic Industries Association 1971). Developed by the U.S. military in 1949 as a reliable evaluation technique to determine the effect of system and equipment failures (U.S. Armed Services 1984), FMEA systematically identifies potential system failures, their causes, and the effects on the system’s operation. It is most often used to proactively assess the safety of system components and to identify design modifications and corrective actions needed to mitigate the effects of a failure on the system.
The FMEA process can be a valuable tool in improving internal preparedness for response to emergencies or disasters of any sort and has been endorsed by the Joint Commission on Accreditation of Healthcare Organizations (JCAHO). When the analysis is extended to include an assessment of the failure mode’s severity and probability of occurrence, the analysis is called a failure mode, effects, and criticality analysis (FMECA).
An example of the FMECA process applied to routine hospital operations might be patient admissions through the emergency department. To admit a patient, a number of functions must occur: an accepting physician must be identified and contacted, initial orders must be provided to the accepting floor or ward, administrative and clerical work accompanying the admission must be completed, a bed and the nursing staff must be prepared to accept the patient, and the patient must be delivered to the floor or ward. A defined failure might be the inability to admit the patient within one hour of the determination that admission is warranted. By analyzing the processes involved with getting the patient admitted, failure modes can be identified (e.g., inordinate delay in preparing the patient’s room), and the root cause of these failure modes can be further elucidated. If the cost of the failure mode is sufficient (e.g., patient or staff dissatisfaction), procedures may be modified, additional staff may be hired, or other actions may be taken to improve this process.
0 comments:
Post a Comment