The Weick and Sutcliffe principles are five organizational practices that explain how nuclear plants, aircraft carrier flight decks, and emergency rooms sustain safety records most organizations never achieve. They are: preoccupation with failure, reluctance to simplify, sensitivity to operations, commitment to resilience, and deference to expertise.
Together the five produce what Weick and Sutcliffe call collective mindfulness, the organizational quality that allows a system to detect and contain unexpected events before they escalate.
This guide covers what the Weick and Sutcliffe Principles mean, where they came from, how to measure them, how to apply them outside healthcare, the criticisms of the theory, and the pitfalls that have caused implementations to fail.
It is written for risk managers, BCM professionals, and operational leaders who already understand frameworks like COSO ERM and ISO 31000 and want to move from framework adoption to cultural execution.
Figure 1. The five Weick and Sutcliffe principles organized by pillar: anticipation (first three) and containment (last two).
Quick Answer: The 5 Weick and Sutcliffe Principles at a Glance
| # | Principle | Pillar | One-line summary |
| 1 | Preoccupation with Failure | Anticipation | Treat every near miss and weak signal as data about systemic vulnerability |
| 2 | Reluctance to Simplify | Anticipation | Resist comfortable explanations; preserve nuance in how risks are framed |
| 3 | Sensitivity to Operations | Anticipation | Stay attuned to what is actually happening at the front line, not what procedures assume |
| 4 | Commitment to Resilience | Containment | Build adaptive capacity so the organization stretches without breaking |
| 5 | Deference to Expertise | Containment | When problems arise, authority migrates to whoever has the most relevant knowledge |
The first three principles describe how HROs anticipate problems. The last two describe how they contain problems that have already started.
Who Are Karl Weick and Kathleen Sutcliffe?
Karl E. Weick is the Rensis Likert Distinguished University Professor Emeritus of Organizational Behavior and Psychology at the Ross School of Business, University of Michigan. He is best known for sensemaking theory, the Mann Gulch and Tenerife disaster studies, and for bringing social psychology into organization science.
Kathleen M. Sutcliffe is a Bloomberg Distinguished Professor at Johns Hopkins University with joint appointments at the Carey Business School, the School of Medicine, and the Bloomberg School of Public Health.
Her work focuses on how organizations and their members cope with uncertainty, with a long-running research program on healthcare safety.
Their partnership on high reliability organizations began in the late 1990s with field studies of nuclear power plants, US Navy aircraft carrier flight operations, and air traffic control systems. Those studies, synthesized in the three editions of Managing the Unexpected, are the primary source for the five Weick and Sutcliffe Principles.
Managing the Unexpected: The Book Behind the Framework
The book has gone through three editions:
- 1st edition (2001): Managing the Unexpected: Assuring High Performance in an Age of Complexity
- 2nd edition (2007): Managing the Unexpected: Resilient Performance in an Age of Uncertainty
- 3rd edition (2015): Managing the Unexpected: Sustained Performance in a Complex World
The 3rd edition, still the current authoritative reference, extends the case material beyond traditional high-hazard industries into banking, museum curation, latent fingerprint identification, piloting, and automotive manufacturing.
The core argument is unchanged: organizations that sustain performance under uncertainty do so by practicing five disciplines continuously, not by having better procedures or better people.
The Two Pillars: Anticipation and Containment
Weick and Sutcliffe organize the five Weick and Sutcliffe Principles into two pillars. The structure matters because it maps directly onto how risk managers already think about proactive identification versus reactive response.
| Pillar | Principle | What It Means | Risk Management Equivalent |
| Anticipation | 1. Preoccupation with Failure | Treat every failure, near miss, and deviation as a signal of systemic vulnerability. Hunt for weak signals before they become incidents. | Near-miss reporting, root cause analysis, KRI early warning systems, risk culture assessments, threat intelligence |
| Anticipation | 2. Reluctance to Simplify | Resist categorizing problems into neat boxes. Maintain nuanced, multi-dimensional understanding. Challenge the consensus before acting on it. | Scenario analysis, stress testing, bow-tie analysis, red-team exercises, devil’s advocate roles in risk committees |
| Anticipation | 3. Sensitivity to Operations | Maintain real-time awareness of frontline reality, not the procedural ideal. Close the gap between work-as-imagined and work-as-done. | RCSA, operational KRI dashboards, management rounding, control testing for effectiveness |
| Containment | 4. Commitment to Resilience | Build the capacity to absorb strain, stretch without breaking, and recover while learning. Resilience is not a plan; it is a capability. | Business continuity management, crisis management, post-incident reviews, organizational learning loops |
| Containment | 5. Deference to Expertise | When problems arise, decision authority migrates to whoever has the most relevant expertise, regardless of rank. | Incident command structures, Three Lines Model, empowered first-line ownership, stop-work authority |
Principle 1: Preoccupation with Failure
Most organizations punish failure, hide it, or explain it away. HROs reward people who surface it. The principle is counterintuitive because it reframes bad news as the most valuable information the organization produces.
The classic anecdote captures it. On a US Navy aircraft carrier, a mechanic lost a screwdriver while working on a plane. He reported it up through his supervisor.
The carrier triggered a Foreign Object Debris (FOD) walk across the flight deck, the screwdriver was recovered, and the mechanic was recognized at a commanding officer’s ceremony later in the cruise. A lost tool on a flight deck can be ingested into a jet engine at takeoff. The carrier treated a near miss as a gift.
Preoccupation with failure has three practical moves:
- Detect small, emerging failures because they may signal larger systemic ones
- Anticipate failure modes and put mitigations in place before incidents occur
- Refuse to assume that current success means the organization understands its own operations
How to implement Principle 1
- Build near-miss reporting into the risk management framework with both open and anonymous channels
- Track the near-miss reporting rate as a leading KRI. A declining rate usually means under-reporting, not safer operations
- Run pre-mortem exercises on significant initiatives: ask the team to imagine the project has failed and work backward to identify why
- Apply root cause analysis to near misses, not only to actual incidents
- Feed every reporter back personally with what was learned. Silent reporting channels go cold
Principle 2: Reluctance to Simplify
Risk management is full of simplification. A 5×5 heat map reduces complex, interacting exposures to a single colored cell. Taxonomy forces events into one category or another. Incident investigations stop at “human error” because the alternative, systemic inquiry, is expensive.
Weick and Sutcliffe argue that simplification itself is a risk factor because it creates blind spots. Reluctance to simplify means preserving complexity where complexity exists: checking whether your risk categories actually capture interactions, seeking diverse perspectives, and deliberately inviting dissent into risk discussions.
The AHRQ PSNet primer (reviewed 2024) frames it plainly: high reliability is better described as a condition of persistent mindfulness than as standardization.
How to implement Principle 2
- Use assessment techniques that preserve nuance: bow-tie analysis, scenario analysis, and stress testing
- Assign a devil’s advocate role in risk committee meetings. Rotate it so the role is a duty, not a personality
- When investigating incidents, push past the first plausible cause using 5 Whys or Ishikawa diagrams
- Challenge the risk assessment methodology itself annually. A good assessment question is “what would this miss if the risk environment shifted?”
- Watch for consensus that forms too quickly in committees. Consensus is not the same as correctness
Principle 3: Sensitivity to Operations
There is always a gap between how a process is designed to work and how it runs in practice. Resilience engineering calls it the gap between work-as-imagined and work-as-done. HROs close it by staying granularly aware of frontline reality.
A practical illustration: in a hospital studied as part of HRO research, staff noticed small breakdowns in medication processes, such as a drug stocked in the wrong location.
Instead of putting it back and moving on, they treated the small breakdown as a signal. The unit logged it, investigated, and updated the process. Months later, a colleague pointed at that same kind of discipline as the reason their Central Line-Associated Bloodstream Infection (CLABSI) rate had stayed at zero for extended periods.
The VA’s 2024 HRO foundational practices research identified leader rounding as one of four critical practices for advancing safety culture. Rounding is not casual visits; it is structured interaction, with prepared questions, designed to surface concerns and demonstrate visible commitment.
How to implement Principle 3
- Design RCSA programs to capture work-as-done, explicitly asking about workarounds and informal practices
- Implement tiered huddles where frontline concerns escalate quickly to management
- Use operational KRI dashboards that measure process performance in real time, not only lagging outcome metrics
- Make leader rounding a formal practice with a documented question set, not a perk of good weather
Principle 4: Commitment to Resilience
Resilience is not a business continuity plan. A BCP tells you what to do when Scenario X happens. Resilience is the capability to respond when the scenario is not X but something no one imagined.
The 2024 Journal of Contingencies and Crisis Management paper by Steen argued that standard BCM approaches fall short of the complexity involved in real emergencies because they assume systems are tractable and predictable.
Resilience, in the HRO sense, addresses the gap by building adaptive capacity that works even when the playbook does not fit.
Resilience is built through:
- Cross-training so team members can cover each other’s roles
- Exercises that include unscripted curve-ball injects
- Post-incident reviews that examine what went right and what was improvised, not only what went wrong
- Empowered frontline decision-making so the people closest to the problem can act without waiting
- Learning systems that capture and disseminate lessons across the organization, not just within the team where the event occurred
One VA study reported that HRO programme implementation was associated with a 52% decrease in staff burnout, suggesting resilience benefits operational outcomes and workforce wellbeing together.
How to implement Principle 4
- Go beyond scripted BCP exercises. Introduce adaptive elements that force improvisation
- Run structured debriefs after every incident and exercise with three standing questions: What surprised us? What did we improvise? What should we change?
- Maintain a searchable lessons-learned library that is reviewed quarterly
- Track adaptive capacity with metrics like recovery-time deviation (actual vs planned) and the percentage of incidents resolved through improvised rather than scripted response
Figure 2. Reported outcomes from HRO implementation across VA healthcare (VA 2024, Morales 2025).
Principle 5: Deference to Expertise
In a crisis, the person who knows most about the problem is rarely the most senior. HROs recognize this by allowing authority to migrate to expertise under abnormal conditions. The carrier CO defers to the ordnance handler during a weapons malfunction.
The hospital CMO defers to the bedside nurse who sees a subtle change in the patient.
The counter-example is Fukushima Daiichi. Post-incident reviews identified multiple moments where operational expertise was overruled by hierarchy, a failure of deference to expertise that contributed to the scale of the accident.
The 2025 British Journal of Social Psychology study of elite Air Force teams made this explicit: the five HRO hallmarks operate among frontline members, not only at the leadership tier. High reliability is a group process to which every role contributes.
How to implement Principle 5
- Design crisis management and incident response structures with explicit authority-transfer protocols. Define the conditions under which authority shifts to SMEs
- Establish stop-work authority for any employee who identifies a safety concern, regardless of rank
- In risk committee meetings, have operational experts present directly, not filtered through layers of management
- Train leaders to ask questions rather than give orders during crisis conditions
- Use the Three Lines Model to clarify first-line ownership and second-line oversight while keeping expertise-based decision-making intact
Collective Mindfulness: The Operating System
When all five Weick and Sutcliffe Principles operate together, Weick and Sutcliffe argue, the organization develops collective mindfulness. It is not individual meditation or personal awareness.
Within the Weick and Sutcliffe Principles, it is a shared organizational state in which members continuously evaluate their environment, question their assumptions, and stay attuned to subtle signals that something may be going wrong.
The AHRQ PSNet primer defines HRO culture as collective mindfulness: all workers share a sense of responsibility for safety and reliability, and they anticipate, detect, and respond to unsafe conditions before adverse events occur. Respectful interaction and heedful interrelating are the social substrate that makes the principles operable.
Mindful Organizing vs Organizational Mindfulness
The literature distinguishes two related but different terms:
- Organizational mindfulness is a top-down, enduring organizational state set by leadership and structure
- Mindful organizing is the bottom-up, moment-to-moment practice of the five principles by frontline teams
A complete adoption of the Weick and Sutcliffe Principles requires both. Organizational mindfulness without mindful organizing is a policy document. Mindful organizing without organizational mindfulness is a heroic team working around the system. Good risk culture programs address both.
Safety Organizing Scale (SOS)
The Safety Organizing Scale, developed by Vogus and Sutcliffe (PSNet Vogus interview), is the most validated instrument for measuring mindful organizing in practice. It is a nine-item frontline survey covering behaviors tied to each of the five principles.
SOS scores, which measure adherence to the Weick and Sutcliffe Principles, correlate with medication errors, reported patient safety events, and nurse-assessed quality. For most risk functions, SOS is the fastest way to get a defensible baseline.
Figure 3. Illustrative Safety Organizing Scale profiles across unit performance tiers.
HRO vs Normal Accident Theory
HRO theory, grounded in the Weick and Sutcliffe Principles, did not emerge in a vacuum. It is in dialogue with Normal Accident Theory (NAT), developed by Charles Perrow following the Three Mile Island accident.
The Weick and Sutcliffe Principles and NAT disagree about whether catastrophic failures are avoidable in complex, tightly-coupled systems.
| Dimension | Normal Accident Theory (Perrow) | High Reliability Organizations (Weick & Sutcliffe) |
| Core claim | Accidents are inevitable in complex, tightly-coupled systems | Extraordinary reliability is achievable through disciplined practice |
| Unit of analysis | System structure and coupling | Organizational cognition and culture |
| Policy implication | Avoid dangerous technologies or redesign them | Invest in culture, training, and leadership practice |
| Evidence base | Three Mile Island, Bhopal, nuclear industry | Aircraft carriers, air traffic control, nuclear operations, healthcare |
| Treatment of humans | Systems limit what humans can do | Humans, organized well, can achieve near-perfect reliability |
The Weick and Sutcliffe Principles and NAT are complementary in practice. NAT explains why complexity and coupling matter. HRO theory explains how organizations can perform well anyway. Mature risk functions use both lenses.
Figure 4. HRO theory vs Normal Accident Theory: emphasis comparison across six dimensions.
HRO Examples Across Industries
The Weick and Sutcliffe Principles are most visible in the industries that inspired them, but the 3rd edition of Managing the Unexpected documents applications well beyond.
| Industry | HRO example | Principle most visible |
| US Navy carrier aviation | Flight deck operations, FOD walks, ordnance handling | Preoccupation with Failure, Deference to Expertise |
| Commercial aviation | US Airways 1549 Hudson River landing; structured CRM | Commitment to Resilience |
| Nuclear power | Diablo Canyon, peer observation, conservative decision-making | Reluctance to Simplify |
| Emergency rooms | Tiered triage, safety huddles, interdisciplinary rounds | Sensitivity to Operations |
| Wildland firefighting | Incident command, 10 Standard Fire Orders, 18 Watch-outs | Deference to Expertise |
| Banking and payments | Operational resilience programs under DORA, PS21/3, CPS 230 | Commitment to Resilience |
| Rail operations | Positive train control, confidential incident reporting | Preoccupation with Failure |
| Museum curation | Conservation risk protocols | Reluctance to Simplify |
The point is not that these organizations are perfect applications of the Weick and Sutcliffe Principles. It is that they have built disciplines that make failure less catastrophic when it happens.
How to Measure HRO Maturity
Most failures in adopting the Weick and Sutcliffe Principles come from treating the work as a culture-change project without measuring it. Three instruments dominate current practice.
Joint Commission High Reliability Health Care Maturity Model (HRHCM)
The Joint Commission’s HRHCM assesses 14 components across 4 maturity levels:
| Maturity Level | What it looks like |
| Beginning | Safety is addressed reactively. Leaders cite principles but operations do not reflect them |
| Developing | Safety program exists. Some principles applied inconsistently across units |
| Advancing | Principles embedded in structure. Metrics tracked. Variable culture across units |
| Approaching | Collective mindfulness visible. Near-miss reporting mature. Learning loops closed routinely |
The 14 components span leadership commitment, safety culture, and performance improvement against the Weick and Sutcliffe Principles. The assessment identifies the weakest component, which becomes the next improvement focus. No organization is rated at a fifth “achieved” level, reflecting the view that high reliability is pursued, not achieved.
Figure 5. Joint Commission HRHCM maturity levels. Assessed across 14 components per level.
Oro 2.0 Organizational Assessment
The Joint Commission’s Oro 2.0 is a web-based self-assessment of the Weick and Sutcliffe Principles paired with HRHCM, used primarily in healthcare to benchmark component-level maturity and produce an improvement roadmap.
Safety Organizing Scale (SOS)
Where HRHCM assesses structure and leadership, SOS measures frontline practice of the Weick and Sutcliffe Principles. Running both together triangulates the assessment: HRHCM reveals whether the infrastructure exists, SOS reveals whether people actually use it.
Other frameworks
The 2019 NCBI Evidence Brief on HRO implementation identified eight frameworks, including the IHI Framework for Safe, Reliable, and Effective Care, the ACHE Culture of Safety framework, frameworks from Johns Hopkins Armstrong Institute, the Air Force Trusted Care framework, and the ARCC Model. HRHCM and the IHI framework emerged as the most comprehensive and sufficiently detailed to guide implementation.
Applying HRO Principles to ERM, BCM, and Financial Services
The Weick and Sutcliffe Principles scale well beyond healthcare wherever organizations face complexity, uncertainty, and the potential for significant adverse outcomes.
| HRO Principle | ERM Application | BCM Application |
| Preoccupation with Failure | Near-miss events tracked as leading KRIs, RCA on control failures, pre-mortems on strategic initiatives, risk culture surveys | After-action reviews on every BC incident and exercise, near-miss disruption logging, gap analysis driven by actual incident data |
| Reluctance to Simplify | Scenario analysis and stress testing that challenge single-point assessments, risk interconnection mapping, devil’s advocate roles | Multi-simultaneous-disruption exercises, BIA capturing complex dependency chains, all-hazards planning |
| Sensitivity to Operations | RCSA capturing actual practice, real-time KRI dashboards, management rounding, control testing for effectiveness | BIA updated continuously from operational metrics, recovery strategy validated against actual capability, frontline involvement in plan development |
| Commitment to Resilience | Enterprise risk appetite framework, stress testing capital and liquidity, cross-functional risk ownership | Adaptive exercises with unscripted injects, cross-training, lessons-learned library, recovery-time improvement tracking |
| Deference to Expertise | Three Lines Model with clear first-line ownership, SME participation in committees, escalation paths bypassing hierarchy | Incident command with expertise-based authority, crisis decision protocols that empower operational leads, stop-work authority |
For financial services, three regulations now codify what the Weick and Sutcliffe Principles have argued for decades:
- UK PRA PS21/3 (Operational Resilience): mandates important business services, impact tolerances, and severe-but-plausible scenarios
- EU DORA: extends operational resilience to ICT risk management, third-party oversight, and incident reporting
- APRA CPS 230 (Australia): aligned requirements effective July 2025
PwC’s 2025 analysis frames operational resilience as a maturity journey moving from “Can we recover?” to “How quickly can we adapt without losing customer trust?” That progression mirrors the Weick and Sutcliffe Principles journey from reactive incident management to proactive collective mindfulness. See also our enterprise risk management frameworks guide and ISO 31000 primer.
Implementation Roadmap
Becoming an HRO is not a project with a completion date. The VA’s experience since 2019 shows it takes sustained effort over years to embed the Weick and Sutcliffe Principles. The roadmap below gives practical entry points.
Figure 6. Typical HRO implementation timeline across four phases. High reliability is a multi-year journey.
Phase 1: Assessment (Months 1 to 2)
- Baseline against the five principles using SOS, HRHCM, or a structured self-assessment
- Conduct a risk culture survey focused on psychological safety, near-miss reporting, and willingness to challenge authority
- Identify the strongest and weakest principles. The weakest is the starting point
Phase 2: Quick Wins (Months 2 to 4)
- Implement near-miss reporting with visible follow-up to every reporter
- Introduce pre-mortem exercises on current initiatives
- Add a “what could go wrong” standing item to operational meetings
- Launch leader rounding with a structured question set
- Establish tiered safety huddles at the operational level
Phase 3: Structural Changes (Months 4 to 12)
- Redesign risk assessment processes to incorporate reluctance to simplify (scenario analysis, stress testing, diverse perspectives)
- Build sensitivity to operations through enhanced RCSA programs and real-time KRI dashboards
- Update incident response protocols with explicit deference-to-expertise authority transfer rules
- Redesign the exercise program to build adaptive capacity through unscripted elements
Phase 4: Culture Embedding (Year 2 and beyond)
- Integrate HRO principles into leadership development and risk appetite frameworks
- Measure and report HRO culture metrics alongside traditional risk metrics
- Build cross-functional learning networks that share lessons across the organization
- Repeat the SOS and HRHCM assessments to track maturation
Criticisms and Limitations of HRO Theory
A rewrite that only lists the Weick and Sutcliffe Principles misses half the picture. HRO theory has serious critics, and the implementation literature is mixed.
Definitional ambiguity. Defining what actually constitutes an HRO has been contested since the 1980s. The Wikipedia review summarizes the point: the overall research is unsettled, producing confusion between structural and functional principles.
Fragility. An organization that relies on any single leader to maintain high reliability is not yet an HRO. Case studies of paediatric ICUs show units that achieved high reliability and lost it after leadership turnover.
“Once and done” treatment. Organizations treat the Weick and Sutcliffe Principles as a certification to obtain and move on. Weick himself has warned that this misses the point. High reliability has to be re-accomplished continuously.
Limited empirical validation. A 2025 scoping review found that despite widespread healthcare adoption, few studies report the impact of Weick and Sutcliffe Principles on actual patient safety outcomes in ways that isolate the HRO intervention from other changes.
Applicability debate. Some researchers argue HRO theory was derived from narrow industries (nuclear, aviation, carriers) where failures are catastrophic and therefore the economic case for high reliability is clear.
Translating the Weick and Sutcliffe Principles to industries where failures are cumulative rather than catastrophic, such as retail banking, requires adaptation the original framework does not supply.
Tension with Normal Accident Theory. The NAT critique, that complex tightly-coupled systems produce accidents regardless of culture, has never been fully reconciled with HRO claims.
These criticisms do not invalidate the framework. They define the boundary of where the Weick and Sutcliffe Principles do and do not deliver, and they explain why thoughtful risk functions use HRO alongside other theories rather than as a replacement for them.
Common Pitfalls to Avoid
From VA data, healthcare case studies, and financial services operational-resilience programs, the same Weick and Sutcliffe Principles implementation failures repeat:
- Launching near-miss reporting without feedback loops. Reports go in, nothing comes back, the channel dies
- Treating HRO as a safety-department project. The principles only work when operations, risk, and the front line own them jointly
- Measuring leading principles with lagging metrics. Counting incidents is not the same as tracking preoccupation with failure
- Skipping the culture baseline. Without SOS or an equivalent, you have no way to know whether three years of investment moved anything
- Over-reliance on senior sponsorship. The second a champion leaves, the program stalls
- Confusing standardization with reliability. Standardization reduces variation; HROs reduce unexpected variation while preserving adaptive capacity
- Copying healthcare implementations into non-healthcare settings without adapting for the different failure economics
Next Steps
This week. Review the last three incident reports against the Weick and Sutcliffe Principles. Did the investigation stop at “human error” or did it probe systemic causes? Count the near-miss reports from last quarter. A low count relative to actual incidents is a reporting-culture signal that must be addressed before the other four principles can take root.
This month. Run a pre-mortem on the highest-priority active project, guided by the Weick and Sutcliffe Principles. Assign a devil’s advocate to the next risk committee meeting. Add a “work as done vs work as imagined” question to the next RCSA workshop.
This quarter. Baseline the organization against the five Weick and Sutcliffe Principles using SOS or HRHCM. Identify the principle with the biggest gap and build a specific improvement plan. Redesign the next BC exercise to include adaptive elements that test improvisation, not just script-following.
The five Weick and Sutcliffe Principles are not an academic framework to admire from a distance. They are an operating system for organizations that refuse to accept failure as inevitable.
Frequently Asked Questions
What are the 5 principles of Weick and Sutcliffe?
The five Weick and Sutcliffe Principles are preoccupation with failure, reluctance to simplify, sensitivity to operations, commitment to resilience, and deference to expertise. The first three are principles of anticipation; the last two are principles of containment.
What is Weick and Sutcliffe’s theory?
Weick and Sutcliffe’s theory of high reliability organizations argues that some organizations sustain extraordinary safety in hazardous environments by practicing five disciplines continuously, which together produce a state they call collective mindfulness.
What is collective mindfulness?
Collective mindfulness is a shared organizational state in which members continuously evaluate their environment, question assumptions, and remain attuned to weak signals. It emerges when all five Weick and Sutcliffe Principles operate together. It is a group process, not individual meditation.
What is the difference between preoccupation with failure and reluctance to simplify?
Within the Weick and Sutcliffe Principles, preoccupation with failure is about detecting weak signals that something may go wrong. Reluctance to simplify is about how you interpret those signals once detected. The first is about looking; the second is about thinking.
What is the difference between HRO and Normal Accident Theory?
Normal Accident Theory argues that accidents are inevitable in complex, tightly-coupled systems because of the interaction between coupling and complexity. HRO theory argues that disciplined practice can produce extraordinary reliability even in such systems. Both lenses are used in mature risk functions.
What book did Karl Weick and Kathleen Sutcliffe write?
Managing the Unexpected, currently in its 3rd edition (2015), subtitle Sustained Performance in a Complex World, published by Wiley.
How do you measure HRO maturity?
The two most widely used instruments are the Joint Commission’s High Reliability Health Care Maturity Model (HRHCM), which assesses 14 components across 4 maturity levels, and the Safety Organizing Scale (SOS), a nine-item frontline survey developed by Vogus and Sutcliffe.
Do the HRO principles apply outside healthcare?
Yes. The Weick and Sutcliffe Principles were originally derived from nuclear power, aircraft carrier operations, and air traffic control.
The 3rd edition of Managing the Unexpected extends the Weick and Sutcliffe Principles cases to banking, museum curation, fingerprint identification, piloting, and automotive manufacturing. Financial services operational-resilience regulations such as DORA, PS21/3, and CPS 230 codify similar expectations.
What is a high reliability organization example?
A US Navy aircraft carrier flight deck is the canonical example. Thousands of operations per day, most with catastrophic failure modes, conducted by teenage sailors under time pressure, with an accident rate far lower than statistical models predict. The culture of FOD walks, peer observation, and deference to technical expertise explains how.
Why do HRO implementations fail?
The most common failures are launching near-miss reporting without feedback loops, treating the Weick and Sutcliffe Principles as a safety-department project rather than an operational one, relying on a single senior sponsor, skipping the culture baseline measurement, and confusing standardization with reliability.
Related Reading on riskpublishing.com
- COSO ERM vs ISO 31000
- ISO 31000 Getting Started Guide
- Enterprise Risk Management Frameworks
- Three Lines Model
- Operational Risk Management
- Business Continuity Management
- Business Continuity Planning
- Key Risk Indicators
- KRI Dashboard Best Practices
- Risk Culture
- Risk Appetite
- Risk Assessment Process
- Risk Assessment Methodology
Authoritative External Sources
- Managing the Unexpected (3rd ed., Wiley)
- AHRQ PSNet High Reliability primer
- AHRQ PSNet Vogus HRO interview
- AHRQ Making Healthcare Safer IV (NCBI)
- NCBI Evidence Brief: HRO Implementation
- VA HRO Foundational Practices research
- Joint Commission HRHCM
- High-Reliability.org: Five Principles of Weick & Sutcliffe
- Wikipedia: High Reliability Organization
- Bank of England PS21/3
- EU DORA
- APRA CPS 230
Chris Ekai is a Risk Management expert with over 10 years of experience in the field. He has a Master’s(MSc) degree in Risk Management from University of Portsmouth and is a CPA and Finance professional. He currently works as a Content Manager at Risk Publishing, writing about Enterprise Risk Management, Business Continuity Management and Project Management.