Information Safety

Improving technology through lessons from safety.


Recommended reading and other resources for safety risk management.

Original recommendations

Short essays

  • Resilience Engineering - Erik Hollnagel’s account of the origins of Resilience Engineering
  • Resilience Assessment Grid - recommended for the succinct description of the four potentials of resilient performance in the beginning of the essay: Respond, Monitor, Learn, Anticipate
  • The NO view of ‘human error’ - argues that we should stop using ‘human error’ as an explanation for accidents/failures as it is not helpful

Introductory books

Notable academic papers

  • Bainbridge, L. (1983). IRONIES OF AUTOMATION. IRONIES OF AUTOMATION, PDF - a classic and accessible paper on the downside of automation that stands up even today
  • Endsley, M. R. (1995). Toward a Theory of Situation Awareness in Dynamic Systems, PDF - Endsley’s main paper on Situation Awareness, a theoretical construct that is useful in understanding decisions made by operators in emergency situations
  • Helmreich, R. L., Klinect, J. R., & Wilhelm, J. A. (1999). Models of threat, error, and CRM in flight operations, PDF - an excellent paper covering key aspects of modern aviation safety: Crew Resource Management, the Line Operations Safety Audit, and Threat and Error Management
  • Garvin, D. A., Edmondson, A. C., & Gino, F. (2008). Is yours a learning organization, PDF - a solid methodology for assessing the depth of learning within your organization, with links to self-assessments
  • Aven, T., Renn, O., & Rosa, E. A. (2011). On the ontological status of the concept of risk, PDF - Aven’s career has been to establish safety as a science; this article strives to define what risk actually is
  • Hollnagel, E., Wears, R. L., & Braithwaite, J. (2015). From Safety-I to Safety-II: a white paper, PDF - an evolution of Hollnagel’s concept of Resilience Engineering, making the case that safety should focus not just on accidents (when things go unexpectedly poorly), but the full range of outcomes
  • Dekker, S. W. A. (2017). Rasmussen’s legacy and the long arm of rational choice, PDF - the paper explores the moral aspects behind our tendency to blame people for causing accidents, and how blame can be harmful

Graduate Degree Programs

Three programs with graduates active in the IT Resilience Engineering community:

  • Human Factors & System Safety at Lund University, Sweden - this is where John Allspaw (thesis) and others active in the learning from incidents community have pursued their degrees, including J Paul Reed (thesis) - 1 or 2 year program, with mandatory on-site learning labs.
  • Cognitive Systems Engineering at The Ohio State University - David Woods is on faculty, and Laura Maguire completed her PhD here (talk based on her work)
  • Managing Risk and System Change at Trinity College Dublin, Ireland - I am currently pursuing my MSc in Psychology here, and will post my thesis when it’s done! 2 year masters program, all online. A broader curriculum than Human Factors & Systems Safety, covering: human factors and sociotechnical systems safety, organizational change, safety risk assessment and risk management, design, organizational psychology and leadership, human resources, statistics, and research methodology.


  • Resilience Engineering Association: the official home of Resilience Engineering “Resilience Engineering is a trans-disciplinary perspective that focuses on developing on theories and practices that are necessary to enable complex-socio technical systems and organizations to continue operations or to deliver essential services when dealing with expected and unexpected situations (prior, during and after). It addesses complexity, non-linearity, inter-dependencies, emergence, formal and informal social structures, threats and opportunities.”
  • Society for Risk Analysis (SRA): “The Society for Risk Analysis is a multidisciplinary, interdisciplinary, scholarly, international society that provides an open forum for all those who are interested in risk analysis. Risk analysis is broadly defined to include risk assessment, risk characterization, risk communication, risk management, and policy relating to risk, in the context of risks of concern to individuals, to public- and private-sector organizations, and to society at a local, regional, national, or global level.”
  • Society of Information Risk Analysts (SIRA): Data > Dogma “The Society of Information Risk Analysts (SIRA), established in 2011, is the go-to resource for decision makers & practitioners of information risk management. We endeavor to do this by supporting the collaborative efforts of our members through research, knowledge sharing, and member-driven education.”

Other curated lists