Understanding Barriers in Risk Management

The Center for Chemical Process Safety (CCPS) has established best practices in their book Bowties in Risk Management- Concept Book for Process Safety for creating Bowtie diagrams to ensure their quality and effectiveness. Previously, regulatory bodies have often been satisfied with the mere presence of a bowtie diagram without examining its quality or the effectiveness of its barriers

To address this gap in requirements by regulatory bodies, the Concept Book for Process Safety examines the barrier functions’ role as controls in risk management. These barrier functions are designed to prevent or mitigate the impact of potential threats within a facility. For a barrier function to be considered complete, it must possess three essential characteristics: it must be effective, independent, and auditable. This means a barrier function must effectively prevent or mitigate a top event. It must function independently of other controls, be auditable through regular reviews to verify it works properly and its functionality remains intact.

Critical to defining a barrier function are the aspects known as “Detect, Decide, and Act”:


Barrier function
Detect First, identify what is going wrong, or the potential threat or risk condition.
Decide Analyse the detected information to decide on the appropriate response.
Act Implement specific action to prevent the threat from progressing further or mitigate the consequences.

According to this definition, traditional human factors like e.g. training and standard operating procedures do not qualify as barriers because they, in themselves, do not stop the trajectory between a threat and the top event. As these elements cannot independently perform the “detect, decide, act” functions, they serve as safeguards instead. Safeguards support the performance of actual barriers, ensuring they operate effectively but do not directly intervene to prevent or mitigate risks.

Challenges and Good Practices in Barrier Implementation

A common issue in risk management is the false sense of security derived from multiple barriers listed on the same threat or consequence leg, if several of them are not independent. If the barrier function is independent, it should not compromise the effectiveness of the other barriers. With several independent barriers on the same leg, means there is redundancy in the system. 

Bowtie methodology

Good practices to limit the number of barriers to between two to five, on each threat or consequence leg of a Bowtie. This range ensures clarity, focus, and ease of understanding, while avoiding clutter that can obscure the actual safety measures in place. The strength of bowties comes from being a visual tool for all barriers to be seen in context.

The advantage of using a tool such as Presight® Bowtie Workbench™, “is the ability to show different degrees of detail in a quick and easy way, from a simple overview to a more detailed view with a massive amount of data. This allows the bowtie to meet the needs of different user groups*” such as plant managers, operations supervisors, process safety professionals, front-line operators, and maintenance technicians.

Adopting these guidelines ensures that Bowtie diagrams not only fulfil regulatory expectations but also genuinely contribute to the safety and security of operations. By focusing on the quality and functionality of barriers, organisations can better manage their process safety risks, leading to safer operational environments.


* pg.3 Standardisation of Bowtie Methodology and terminology via CCPS/EI Book