HIRARC vs Bowtie Analysis Malaysia — What Your Risk Assessment Is Really Missing
Your HIRARC lists controls. It doesn’t tell you if they’ll hold. Understanding the difference between HIRARC vs bowtie analysis is the most important step serious HSE teams in Malaysia can take — and most teams haven’t taken it yet.
Almost every workplace in Malaysia has a HIRARC. It’s a legal requirement under the Occupational Safety and Health Act 1994 (OSHA 1994) and the Guidelines for Hazard Identification, Risk Assessment and Risk Control published by DOSH. Most HSE Managers can produce one on demand. Many sites update them annually, review them after incidents, and file them properly.
So why do incidents keep happening at sites with complete, current HIRARC documents?
The answer is not that HIRARC is wrong. It’s that HIRARC answers the wrong question. And most HSE teams in Malaysia don’t realise there’s a better question to be asking.
What HIRARC Was Designed to Do
HIRARC is a three-step process: Hazard Identification, Risk Assessment, Risk Control. It was designed to be practical, scalable, and usable across industries — from factories to construction sites to office environments. And it does exactly what it was designed to do.
A well-built HIRARC will tell you:
- What the hazards are in a given activity or area
- How severe the potential consequences are, and how likely they are to occur
- What controls are in place or required, and who is responsible for them
That is genuinely useful. For routine risk management, low-hazard environments, and legal compliance, a thorough HIRARC is the right tool. The problem starts when organisations rely on HIRARC for major hazard risk management — situations where a single control failure can cause a fatality, a catastrophic release, or an irreversible consequence.
Where HIRARC vs Bowtie Analysis Diverges
To understand the gap between HIRARC vs bowtie analysis Malaysia teams face, ask yourself one question about any control in your HIRARC: if this control fails, does the next one hold?
HIRARC cannot answer that question. It was never designed to.
| Question | HIRARC | Bowtie Analysis |
|---|---|---|
| Names the hazard and consequence | ✓ Yes | ✓ Yes |
| Assigns a risk rating | ✓ Yes | ✓ Yes (implicitly) |
| Names controls and responsible persons | ✓ Yes | ✓ Yes |
| Identifies the specific moment control is lost (top event) | ✗ No | ✓ Yes |
| Shows which barriers sit before the top event (prevention) | ✗ No | ✓ Yes |
| Shows which barriers sit after the top event (mitigation) | ✗ No | ✓ Yes |
| Tests whether each barrier is independent | ✗ No | ✓ Yes |
| Identifies what could degrade each barrier (escalation factors) | ✗ No | ✓ Yes |
This is not a criticism of HIRARC. It’s a recognition that HIRARC and bowtie analysis are different tools designed for different purposes. HIRARC gives you a list of controls. Bowtie analysis gives you a system of barriers — and shows you how that system holds together (or doesn’t) under real operating conditions.
The Four Questions Bowtie Analysis Forces You to Answer
When you build a bowtie diagram for a major hazard scenario, you must answer four questions that HIRARC never asks:
1. What is the top event?
Not the hazard. Not the consequence. The exact moment that control is lost — the point of no return. In a pressure vessel scenario, this might be “uncontrolled overpressure.” In a confined space scenario, it might be “worker collapses due to oxygen deficiency.” Naming this precisely forces your team to agree on what failure actually looks like.
2. Which barriers sit between the threat and the top event?
These are your prevention barriers — everything standing between the initiating threat and the loss-of-control moment. For each barrier, you must name the specific action it performs and confirm it is independent of the other barriers. “Supervisor monitoring” is not a barrier. “Supervisor halts the operation when pressure gauge reads above rated capacity” is a barrier — if the action is defined, trained, and independent.
3. Which barriers sit between the top event and the consequence?
These are your mitigation barriers — everything that limits harm once control is lost. Emergency shutdown systems, pressure relief valves, emergency response procedures. Again, each must be specific and independent.
4. What could degrade each barrier — and what prevents that?
Every barrier has escalation factors: conditions that reduce its effectiveness or disable it entirely. A pressure relief valve that hasn’t been tested in 18 months. A supervisor who has been told informally not to stop the job unless it’s an emergency. An SOP that hasn’t been updated since the process was modified. Identifying escalation factors — and the controls for those escalation factors — is where bowtie analysis produces risk intelligence that HIRARC simply cannot.
How HIRARC and Bowtie Analysis Work Together in Malaysia
The relationship between HIRARC vs bowtie analysis is not competitive — it’s sequential. For most Malaysian workplaces, the workflow looks like this:
- HIRARC first. Complete a thorough HIRARC for all activities. This gives you your hazard register, your risk ratings, and your basic control list. This is your compliance foundation and it remains necessary.
- Identify major hazard scenarios. From your HIRARC, identify scenarios with potential for catastrophic consequence — fatalities, multiple injuries, or critical process failures. These are the scenarios that warrant deeper analysis.
- Build bowtie diagrams for major hazard scenarios. For each critical scenario, build a bowtie diagram. Use your HIRARC controls as the starting point — but now test each one: Is it specific? Is it independent? What degrades it?
- Monitor barrier health. Maintain and inspect the barriers you’ve identified in your bowtie. Track whether they are in place, functioning, and maintained over time.
Practitioner note: The most common mistake Malaysian HSE teams make when building their first bowtie is treating existing HIRARC controls as barriers without testing them. Run every control through two tests: Is it a specific positive action? and Is it independent? Most will fail at least one of these. That’s not a failure of your HIRARC — it’s the gap the bowtie is designed to surface.
Why This Matters for Malaysian HSE Practice
Malaysia’s HSE regulatory framework — anchored by OSHA 1994, the USECHH Regulations 2000, and the CIMAH Regulations 1996 — requires hazard identification and risk control. HIRARC satisfies that requirement. But for industries managing major hazards — oil and gas, petrochemicals, manufacturing, heavy construction — regulatory compliance is the floor, not the ceiling.
The Department of Occupational Safety and Health (DOSH) has progressively moved toward major hazard frameworks for high-risk industries. Organisations that build bowtie analysis capability now are ahead of where regulatory requirements are heading — and they are running safer operations today.
The question to ask your team: how many of the controls in your current HIRARC have you tested for independence? If the answer is none, that’s where the bowtie conversation needs to start.
Ready to Build Bowtie Analysis Capability in Your Team?
Cikgu Barrier delivers Malaysia’s specialist Bowtie Analysis training — practitioner-led, outcome-focused, built for HSE teams managing real major hazard risk.
