Annex 3: elements of a systems approach

A risk perspective —examine, assess and improve

A risk perspective ensures that system threats and opportunities are identified and their consequent risks are managed in accordance with stakeholder expectations.

Engineering risk and safety management methods, such as Failure Mode and Effects Analysis, Hazards and Operability Analysis and Fault Tree Analysis, are used to identify potential threats and opportunities within a system and to manage their likelihood and/or impact on people, property, progress or profit. The role of risk management is to identify, assess and control the level of known risk, accepting the inherent threat or opportunity that may be present within the system, in particular with complex medical interventions and in the distributed system of social care (Figure 18).

It is useful to consider the process of risk management to be made up of a series of iterative examine, assess and improve cycles that enable a team to progress from understanding what is known about the system through to developing interventions to manage the risk presented by the system. Active risk management is appropriate at all stages of a product or service lifecycle, from early conception, through use to disposal.

Risk can be referenced to a system’s ability to deliver high-quality, cost-effective care, where quality is defined as the combination of clinical and cost effectiveness, patient safety and patient experience. [1] Risk management is commonly used as a clinical tool for the prospective analysis of an individual patient’s risk, with or without a particular intervention.

Figure 17

The risk perspective can be thought of as the iterative sum of the examine, assess and improve phases.

Download this graphic as a printable PDF

Figure 18: Safer systems — avoiding error and encouraging good practice

Risk can be represented as a distribution of possible outcomes, where most reflect normal behaviour. Exceptional outcomes provide opportunities for improvement, while accidents represent threats to be avoided.

However, it may also be used to evaluate the risk in sustaining or not achieving the desired outcomes for a population of patients, the efficiency of a care process or the finances of a care provider. [2]

Different stakeholders may have different risk priorities within the same system and risk tolerance levels will vary with time and be dependent upon the context of each specific care delivery system or process.

Risk may also be attributed to uncertainty in performance where mitigation will likely focus on the identification of the sources of such variation and their reduction.


The examine phase asks the question ‘What is going on?’ and leads to a common and accepted understanding of needs, which takes account of the range of stakeholders. It is likely to include a variety of activities that can help to build this understanding, for example:

  • outline goals of the assessment
  • describe and understand the system
  • identify critical risk stakeholders
  • agree acceptable system risk levels.


The assess phase asks the question ‘What could go wrong?’ and leads to a systematic assessment of the likelihood and potential impact of risk within a system, which takes account of the nature of the threat or opportunity. It is likely to include a variety of activities that enable this assessment, for example:

  • identify threats or opportunities within the system
  • identify current safeguards with the system
  • evaluate resultant risk and its detectability
  • specify mitigation or exploitation needs.


The improve phase asks the question ‘How can we make it better?’ and leads to a specific plan for managing the likelihood and potential impact of risk within a system, which takes account of the acceptability of such risk. It is likely to include a variety of activities that enable this implementation, for example:

  • propose actions to manage the risk within the system
  • examine effectiveness of the planned actions
  • implement key actions within the system
  • review assessment in a timely manner.

Explore the other perspectives

Share this page


[1] From Safety-I to Safety-II: A White Paper. Hollnagel, Wears and Braithwaite, The Resilient Health Care Net, 2015.

[2] Design for patient safety: a system-wide, design-led approach to tackling patient safety in the NHS. Department of Health and Design Council, London, UK, 2003.

Explore more...