Pick any city of your choice – Nairobi, Paris, or Dubai. For my case, let me take you to Kampala, Africa’s top entertainment city.
A fuel station. Busy intersection. Trucks, bodas, taxis.
One afternoon, a tanker offloads fuel. The driver forgets to tighten the valve. A slow leak starts. Nobody notices.
That’s our initiating event.
The fuel station is located in the middle of retail shops with a lot of traffic. There is also a nursery school, and kids are playing nearby. A Pedestrian walking by lights a cigarette.
You have been observing all this… your heart starts racing.
What layers of protection do you have before this becomes a headline?
To answer the question, let’s apply the LOPA technique. Layer of Protection Analysis.
Write this on your notepad —
Mitigated likelihood = X × Y1 × Y2 × Y3…Yn
Here’s how it plays out – your layers of protection (or layers of controls), “sleep” on the job…
- Is the likelihood of a driver error like that? Let’s say once a year = X = 1.0
- First layer– Staff supervision during offloading. But the supervisor was on the phone. Let’s say 1 in 10 chance it fails = Y1 = 0.1
- Second layer– CCTV monitoring. But the footage is never reviewed in real-time = Y2 = 0.2
- Third layer — A spill containment system. But it’s clogged with plastic bags because it is rarely cleaned. Let’s say failure rate = Y3 = 0.5
- Final layer-Community awareness signage—‘No smoking near tankers.’ But the signs are rusted and ignored. Even then, the signs are on the fuel pumps and are not easy to read. Let’s be generous and say failure rate = Y4 = 0.7
Now plug in the equation–
Mitigated likelihood = 1.0 × 0.1 × 0.2 × 0.5 × 0.7 = 0.007
That’s roughly a 0.7% chance the incident escalates.
Now, you may say—“Mr Strategy, that’s a small number.”
But in risk management as in proactive leadership, numbers mean nothing without context. What is small could be big due to the control environment, general community policing, and city governance.
A 0.7% chance every day, in a city with hundreds of fuel stations, that are located without any planning whatsoever, becomes inevitable over time.
That’s why fires keep happening in our cities in East Africa. Fuel tankers overturn and burn to ashes. Because we overestimate our layers. And even do not look after them.
LOPA forces you to ask tough questions–
a) Are the layers truly independent?
b) Are they tested?
c) Do they cover human failure, technology failure, and environmental conditions?
In this case, we advise
a) A mandatory offloading checklist signed by a supervisor (new layer)
b) Spill sensors with audible alarm (automated, independent)
c) Refresher training every 3 months
d) Real-time CCTV monitoring from head office (central layer)
e) A large visible signage with “NO SMOKING” prominently displayed at the petrol station logo.
Once these are in, you recalculate the risk.
Maybe you can bring it down from 0.7% to 0.0001%. That’s what the Board should see. Such a risk appetite is safer and protects stakeholder value.
Not emotions. Not stories. Numbers. Defensible, auditable numbers.
That’s the power of LOPA.
You don’t manage risk by feeling safe.
You manage it by measuring what’s keeping you safe.
