After a serious incident, investigations usually begin with documentation, but they rarely end there.
Certificates are reviewed, maintenance records examined, and procedures traced carefully. Competence, compliance, and responsibility are all considered. These matters are important because they demonstrate that safety was planned and managed. They establish diligence.
However, post-incident scrutiny does not ultimately revolve around whether processes existed. It settles on something narrower and more exacting: whether it was reasonable to rely on the protective system at the moment it was needed.
This distinction is subtle, yet decisive.
Safety management has historically been organised around demonstrating preparation. Systems are specified, tested, installed, inspected, and periodically maintained. Each step confirms that requirements were met at the time of assessment. Each provides assurance that the system should function. Collectively, these activities form what organisations commonly recognise as safety governance.
Legal accountability, however, evaluates judgement rather than preparation alone. It examines whether decisions made in real conditions were defensible.
When an alarm is depended upon, an escape route used, a fire door opened, or a protective device relied upon, a decision occurs. Occupants and responsible persons act on the belief that protection is present. Following an incident, investigation focuses on whether that belief was justified.
The issue therefore becomes reliance.
A certificate demonstrates that a system passed a test at an earlier time. A maintenance record shows that a defined task was completed. An inspection report confirms a condition observed on a particular day. None of these, by themselves, establish what the system’s operational state was when people actually depended upon it.
In post-incident scrutiny, standards are rarely treated as the sole question; attention often turns to what was reasonably understood about the system at the time. Standards describe recognised practice and evidence responsible management. They demonstrate competence and diligence. The question examined after harm occurs, however, is not simply whether recognised practice existed. It is whether reliance on the protection was reasonable in fact.
Reasonableness is inseparable from knowledge. A decision cannot be judged reasonable solely because a procedure existed. It must be reasonable in light of what could have been known at the time. Investigations therefore consider practical matters: whether deterioration was visible, whether warning signs existed, whether risk was detectable, and whether reliance was justified.
Here a structural tension emerges.
Modern safety systems are not static installations. Detection devices depend on electronics and software. Batteries degrade gradually. Components are replaced. Configuration changes occur during refurbishment. Systems interact with other systems not originally assessed together. Environmental conditions alter performance over time. These changes rarely create a single identifiable failure event. Instead, protection can degrade incrementally between inspection intervals.
The assurance model, however, remains interval-based. Verification occurs at defined points, while operation occurs continuously.
As a consequence, organisations may demonstrate adherence to recognised practice yet still be unable to demonstrate the condition of protection at the moment reliance occurred. The difficulty is not neglect; it is visibility.
After incidents this becomes apparent. Investigators frequently find activity rather than inactivity. Maintenance was scheduled, contractors attended, and documentation retained. Responsibility was allocated. Yet uncertainty persists regarding what the protective system was actually capable of at the critical time. Explanations rely on reconstruction rather than contemporaneous evidence.
At that point accountability becomes difficult, not because no one acted, but because no one can show what was reasonably known.
Legal expectations do not require predicting every failure. They require reasonable action based on reasonably available information. Where information about operational condition does not exist, reliance becomes harder to justify even where procedures were followed.
For this reason post-incident examinations often move beyond compliance. Compliance addresses whether appropriate processes were undertaken. Reasonable reliance considers whether trust in the system was defensible when it influenced behaviour.
The two concepts are related but not identical.
Following standards demonstrates responsible management. Demonstrating justified reliance requires something more specific: evidence that protection existed when depended upon.
Historically, periodic verification served as a practical proxy for this. When systems were mechanical, isolated, and slow to change, the assumption that conditions persisted between inspections was generally reliable. Modern environments challenge that assumption. Systems now change faster than verification cycles, yet the expectations placed on duty-holders have not diminished. Responsibility is often judged by decisions made in real time.
The practical difficulty is therefore not whether organisations care about safety, but whether the condition of protection can be known when reliance occurs. Inspection, certification, and maintenance remain necessary, yet they were designed to demonstrate compliance at defined intervals. Accountability, however, examines decisions made at specific moments. As systems become more dynamic, the gap between those two positions becomes increasingly visible. The question for governance is no longer simply whether safety was once demonstrated, but whether it was knowable when it mattered.
About the Author
Paul Mincher is the Founder and CEO of SAFE-Matter Ltd and the originator of the “Unknown Present” concept in safety governance. His work examines the evidentiary gap between regulatory compliance and demonstrable safety in cyber-physical systems.
A survivor of a childhood house fire, he has spent the past decade studying how organisations establish trust in life-critical protections and why serious incidents continue to occur despite formal certification, inspection, and oversight.
His research focuses on how organisations might evidence the operational condition of safety protections at the moment they are relied upon. This work sits at the intersection of safety engineering, accountability, and risk assurance, addressing how regulators, insurers, and duty-holders determine whether protection was actually present when it mattered.
Paul can be reached at https://www.linkedin.com/in/paul-mincher-4abb44310 and [email protected]
