A senior leader in my organization once said that everything we do is risk management. Indeed, engineering teams design wells, processes, and facilities to inherently reduce risk, and operating teams run and maintain them and manage risk on a day-to-day basis.
But what can we do to more fully understand and effectively manage risk? Many organizations in our industry are working hard to build mindsets and cultures where leadership and the workforce know exactly what their risks are, who manages them, what the controls are, and whether the controls are working.
Most organizations apply risk assessment as a powerful tool to identify and assess risks, document existing and additional controls to reduce risk, and decide if a job is safe to execute. Understanding cumulative risk becomes increasingly important as a facility is exposed to multiple risks, the degradation of some controls, and influencing factors such as human performance or weather. This approach enables leaders to make daily decisions informed by risk.
The bowtie model is gaining wider adoption as an effective way to visualize risks and risk barriers. This simple diagram illustrates how threats can lead to risk events, their potential consequences, and the prevention and mitigation barriers that should be in place to manage risk. Some organizations also actively implement verification programs to confirm that barriers meet requirements and will function when needed.
AI and other digital tools are increasingly being used to assist with risk management. Organizations also aim to operationalize their risk management by integrating it with existing engineering and operational processes. This way, when engineers and operators perform their everyday jobs, they simultaneously deliver the risk‑management process.
Finally, many leaders strongly believe in never being satisfied with their risk registers and risk assessments. Instead, they continuously push their teams to identify changes in risks and new risks as they arise, and to implement more-effective controls.
Summarized Papers in This August 2025 Issue
SPE 220333 Data-Driven HSE-Assurance Program Provides Effective Risk Management by Peter A.R. Hudson, Hudson Global Consulting, et al.
OTC 35562 Quantitative Risk Assessments Are Useful but Have Limitations by Indira Ramjit, Tucker Energy Services, et al.
SPE 221994 Digital Self-Verification Sustainably Improves Safety Performance, Positively Shifts Cultures by Wan C. Sia, Petronas, et al.
Recommended Additional Reading
SPE 220335 Operationalizing Risk Management by R. Bulgachev, BP, et al.
SPE 220381 Building Effective Bowties Through Various VAP Cycle Stages To Operationalize Them for Frontliners for Effective Barrier Management by R.V. Lodha, ADNOC, et al.
SPE 222010 Navigating Through Operations Excellence, Process Safety, and Sustainability in Upstream and Downstream Segments of Oil and Gas Operations With Resilience and Responsibility To Prevent Incidents by Muhammad Tayab, ADNOC, et al.

Roman Bulgachev, SPE, is the risk authority with BP. In this role, he works with BP leadership and stakeholders to develop and maintain effective risk processes and build capability in risk management. Bulgachev holds an MS degree in chemistry from Moscow State University. Before joining BP, he worked as a field engineer with Halliburton on drilling rigs across Russian Siberia and in the Arctic. With BP, Bulgachev worked in a variety of engineering and operational roles in wells organization before moving into the role of BP wells self-verification program lead. In this role, he established and led a global program of monitoring and management of risk-barriers performance based on a bowtie model to prevent occurrence of major accidents through early identification and resolution of vulnerabilities. Bulgachev is a recipient of BP’s gold medal for technical excellence, author of 20 technical publications, and holder of two patents. As a member of SPE since 2004, he has been an associated editor and technical editor for SPE Journal and a member of multiple technical award and conference committees.