Risk Assessment Techniques – Layers of Protection Analysis

(This post is part of the 31010 Series of posts on Risks & Ventures. For more information on this series please follow this link).

Layers of Protection Analysis is an approach that follows a similar approach to the concept of concentric circles of security. In this concept, an asset is placed in the middle of a circle and then layers of additional circles are added around it, each one representing something that would protect that asset.

So for example, if you had a large bar of gold and you wanted to protect it, you might buy a safe for your house and put the bar in there. This would be the first layer. You might then keep that safe in a locked room which was inside the centre of house – central rooms are typically going to be more secure than ones that are on the external walls of a building – and this would be second layer. You might also add a special alarm and entry system to this room, these would be the third and fourth layers.

The house would of course also have some protection too, at a minimum locked doors and windows, perhaps a perimeter fence and a gate, and maybe cameras as well; and you might live in an area where there was a neighbourhood watch system or some other community watch or safe-guarding programme in place.

Circling further out from this, in an state or country where there is rule of law you would have some administrative legal protections, in other words laws and penalties that discourage people from stealing from each other, and police forces and court systems to enforce these.

The existence of laws related to the ownership of assets and your right to keep the gold bar also offer a layer of protection, something that many of us wouldn’t give a second thought about but which historically has been far from given, particularly in relation to gender.

Now each of circles on their own will only provide some protection: imagine for example that instead of putting your gold bar in a safe inside your house, that same safe is instead left in the middle of a public area.  The safe would still give some your gold bar a little bit of protection but apart from in the very short term that wouldn’t be enough to keep it secure. 

Similarly with all the other layers, each will provide some protection on their own but will also have some weaknesses, meaning that the main benefits of each layer are in the way that they link together, compliment each other and fill in the gaps that might be there.

It might also be helpful to imagine a series of stacked flat surfaces each of which have some small holes in them in random places on the surface. If you were to pour some water on top of the first surface some of that water would drip through the holes, but at each subsequent level after that less and less water would reach the next, ,and with enough levels the water would be unable to go any further.

This is the idea of Layers of Protection: single layers of protection in any situation are likely to have some gaps or vulnerabilities in them, but if it’s possible to create layers with different kinds of protection (1) the threat may be able to breach one level or maybe even a few, but it is going to be much harder and require more effort as additional layers are added.

Layers of Protection Analysis (LOPA) is in a risk assessment technique in IEC 31010 under the category of techniques for analysing control, and it is probably most frequently used in context of safety systems and processes. The principle that it is based on however is absolutely fundamental to risk management and the sub-disciplines of business continuity, safety and security amongst others: that idea that having multiple alternative and inter-related ways to protect your assets is highly desirable. (2)

How Does LOPA Work?

In formal risk management the technique of LOPA is used to analysis a single risk at a time. So the assessment manager will choose a specific undesirable risk as a starting point and look at the specific layers of protection that are intended to prevent that threat from happening. (The layers can be called IPLs: Independent Protection Layers). 

As an example think about the threat of fire in a building. There may be alarms, smoke and heat detectors, water suppressions systems, halogen suppression systems, fire-fighting equipment, fire escapes, fire procedures, drills and fires safety training for the building occupants to avoid fires occurring in the first place.

The building may have been constructed of protective materials, and there may be critical areas or assets within it that receive additional protection, such as fire-proof safes. There will be some kind response service that might be an internal capability, in the case of a power station or an airport which might have it’s own firefighters, or and external response service in the case of a public emergency service. Each of those is a layer or protection. 

Again in formal risk management, ideally some kind of calculation would be made that compared and rated the likely effectiveness of each layer to make sure that the overall risk is brought down to a level that is acceptable to the organisation in the building or the building owner, or both.

As with some of the other IEC 31010 techniques, doing a formal LOPA process can become a bit more complex than that but for the purposes of this website, this is as far as we need to go.

LOPA is a good technique for looking at one specific risk qne the outcomes that could occur if that risk occurs. (This is called a cause-consequence pair in IEC 31010.) It’s also a good technique to look at what controls or preventative measures are in place for a specific type of risk event, either / or in the short or long term.

One drawback is that because it is based around a single paring of an event and it’s consequences it is not so useful for analysing more complex situations.

Although you probably aren’t ever likely to do a proper, formal LOPA unless you are a risk professional, the concept that you should try to set up multiple layers to protect the things that are valuable to you in business and life is a very important idea which complements a lot of mainstream ideas about personal resilience. There is also the implication that as you set up layers to protect yourself or your business from undesirable events, you are also simultaneously moving towards your objectives and goals. 

Examples of this could be:

• Setting up multiple income streams – each one a layer to help protect you from financial hardship, but at the same time each one is bringing you closer to your income goals.

• Building strong networks – so that the loss of one or two good contacts doesn’t mean the end of your career, but at the same time bringing you access to more human capital and potential opportunities.

• Staying curious and continuing to learn and upskill – as long as the return on the financial and time investment to achieve a qualification is acceptable, every new one and every field of knowledge is a potential layer of protection in the employment market, and also a gateway in new opportunities, sometimes unexpectedly.

• Maintaining friendships and social connections that are not necessarily related to work – gives you social depth and support, and can enhance every aspect of your life.

• Not just going to the gym to be healthy, but making this a part of a lifestyle that involves eating well, sleeping enough, and varying the different types and styles of exercises and activities that you take part in.