HEALTH & SAFETY RISK MANAGEMENT
HAZARD/RISK ASSESSMENT METHODS & APPLICATIONS IN ENVIRONMENTAL HEALTH & SAFETY PRACTICE
- LOÏC ISNARD ENVIRONMENTAL HEALTH - LEVEL IV NOVEMBER 1999
UNIT CO-ORDINATOR: SHIRLEY FANTIE
COURSEWORK 1
Hazard & Risk Assessment Methods __________________________________________________________________________
Management of Health and Safety at Work Regulations 1992 require employers to carry out risk assessments, make arrangements to implement necessary measures, appoint competent people and arrange for appropriate information and training
What-if
FMEA
PPHA ???
CHA
ETA FMECA FTA Task HAZOP QRA
-2-
Hazard & Risk Assessment Methods __________________________________________________________________________
Introduction
"The assessment and management of risk is fundamental in the provision of a safe and healthy working environment. In addition to being a legal requirement in many circumstances, risk assessment is an essential tool in the determination and prioritisation of control measures"1. In order to realise this risk assessment, a lot of methods have been developed by the risk professionals and then adopted in international regulations or standards. These methods are most of the time easily understanding, but because of the wide variety of them, the choice is sometimes difficult. At first sight, lots of Risk Assessment Methods seems to be all the same, but they have all different aims and results; some methods analyse probability of hazard, others search the root or immediate causes of an accident, or try to demonstrate a failure in the system,… This essay will try to explain briefly 10 of these methods, and also to be a guide for the choice of the most suitable risk assessment method in each cases. A crucial distinction between different hazard/risk analysis methods is whether the analysis starts with a component failure and tries to investigate the possible effects on the occurrence of hazards (that I will call : Type 1 Methods), or whether they start with a specific hazard an try to trace back by which sorts of component failures they may be caused (Type 2 Methods)2.
1 2
Extract from the Risk Management University Course 1999 - Shirley Fantie, Senior Lecturer. NB : Most of this essay is extract from the Geoff Wells' book : "Hazard Identification &Risk Assessment" ; Report to this book for further information on Risk Assessment Methods.
-3-
Hazard & Risk Assessment Methods __________________________________________________________________________
Type 1 Methods
Component Failure
HAZARDS
"Investigate the possible effects on the occurrence of hazards"
1
Fault Tree Analysis - FTA Fault Tree Analysis3 are widely used as communication aids to demonstrate system failures and their development to manager, designers and operator. The use of fault tree in qualitative analysis demonstrates the effect of system failure modes and design changes. This method starts with an identified hazard as the root of a tree and works backwards to determine its possible causes. A cause can be defined as an AND or OR combination of events, thereby revealing the combinations of component failures that may cause the hazard. A Fault Tree Analysis follow the system structure, such that the upper levels in a fault tree correspond to the system, and the lower levels corresponds to system components. Events Designation
3
Gates Representation
Designation
Top & Intermediate
AND
Normal or Elementary
OR
See example of FTA in Appendixes
-4-
Representation
Hazard & Risk Assessment Methods __________________________________________________________________________
2
Event Tree Analysis - ETA Event Tree Analysis4 can be used to analyse the probabilities of different outcomes which have been identified during a safety study. Event tree analysis takes at its starting point the event that can affect the system and tracks them forward through sequences of interfacing system components to determine their possible consequences. From the event which initiates any specific accident sequence, normally a significant release, the functioning and failure of safety subsystems are analysed using forward logic. This result in a tree structure with the branches developing from left to right. By assigning a probability to each branch the probabilities of every possible outcome following the initiating event can be determined.
3
Concept Hazard Analysis - CHA Concept Hazard Analysis is used for the identification of hazard characteristics in an attempt to identify areas which are recognized as being particularly dangerous from previous incidents in the past.
4
Preliminary Process Hazard Analysis - PPHA A PPHA follows up the results of Concept Hazard Analysis to provide further information on factors such as wanted and unwanted reactions, the reduction of hazards and hazardous characteristics on the plant, the identification of incident scenarios and the evaluation of emissions, effluents, wastes and off-specification products. Advantages:
Identifies the potential for major hazards at a very early stage of project development. Provides basis for design and siting decisions. Helps to ensure plant to plant and plant to environment compatibility. Facilitates a later full hazard analysis.
Disadvantages: Is not comprehensive and must be followed by a full HAZOP before construction begins.
4
See example of ETA in Appendixes
-5-
Hazard & Risk Assessment Methods __________________________________________________________________________
5
What-If Analysis - What-If What-If analysis uses a creative team brainstorming "what if" questioning approach to the examination of a process or operation to identify potential hazards and their consequences. Hazards are identified, existing safeguards noted, and qualitative severity and likelihood ratings are assigned to aid in risk management decision making. Questions that begin with "what-if" are formulated by engineering personnel experienced in the process or operation. Advantages: Team of relevant experts extend knowledge and creativity pool. Easy to use. Ability to focus on specific element (i.e. human error or environmental issues). Disadvantages: Quality is dependent on knowledge, thoroughness and experience of team. Loose structure can let hazards slip through. Does not directly address operability problems.
-6-
Hazard & Risk Assessment Methods __________________________________________________________________________
Type 2 Methods
Component Failure
HAZARDS
"Trace back by which sorts of component failures they may be caused "
1
Failure Mode and Effect Analysis - FMEA Failure Mode and Effect Analysis assumes that the failure modes of the system component are known. On the basis of these failure modes, the causes of each failure is then evaluated in the system. FMEA is a forward analysis method, and investigates effects of a single component failure; it is not possible to investigate the problem caused by combinations of component failures. FMEA is a fundamental hazard identification and frequency analysis technique which analyses all the faults modes of a given equipment item for their effects both on other components and the system. Advantages: Systematic, component by component analysis aids thoroughness. Beneficial at all stages of a facility's life. Can easily be updated for plant modifications. Disadvantages:
Not efficient for identifying combinations of equipment failure. Does not directly address siting, general safety, or environmental issues. Does not directly address operability problems. Can be time consuming.
-7-
Hazard & Risk Assessment Methods __________________________________________________________________________
2
Failure Modes, Effects and Critically Analysis - FMECA FMECA is an extended variant of FMEA, where the criticality of each effect is recorded.
3
Hazard and Operability Studies - HAZOP HAZOP is the most widely used method of analysis used in the process industries. It is recommended for use by legislators, regulators and engineering institutions. A HAZOP study is a formal, systematic examination of a processing plant in order to identify hazards, failures and operability problems, and assess the consequences from such maloperation. A HAZOP study generates a list of identified problems, usually with some suggestions for improvement of the system, and can be used for :
probabilistic safety assessment design changes development of operating instructions and procedures for use in training quality control and management standards
This method, in order to investigate the effects of deviations from normal operating conditions during each phase of a system's operation, use a series of guide words:
Significant release of material Failure to recover situation Dangerous disturbance of plant Inadequate emergency control Hazardous deviation Failure to control situation (on alarm) Process deviation Inadequate normal control Immediate causes of incident
Advantages: Most systematic and comprehensive of methodologies. Can be used in conjunction with Human Error analysis. Provides greatest safety assurance. Disadvantages: Can be time consuming and costly. Can be tedious if not well facilitated. -8-
Hazard & Risk Assessment Methods __________________________________________________________________________
4
Quantified Risk Assessment - QRA Quantified Risk Assessment is widely used as a technique to aid management decision and defined by the CONCAWE organisation as: "The identification of causes of possible accidents followed by a technical analysis to determine the likelihood of occurrence and potential consequences of those accidents leading to a numerical estimate of an appropriate measure of risk, together with the value judgements made with regard to a significance of estimated level of risk". The 5 steps of the method are :
Hazard Identification Frequency Estimation Consequence Analysis Risk Evaluation Sensitivity Analysis
The elements of the procedure are used both to generate information and as an aid to decision-making.
5
Task Analysis - Task Task analysis has been developed as a systematic method for analysing a task into its goals, operations and plans. Task analysis is a process of sorting out what people might do or actually do when carrying out operations. The analysis must answer to questions such as :
What actions do the operators carry out ? How do operator respond to different cues in their environment ? What errors might be made an deviations caused in plant operations ? How might any error be recovered from, or any deviation be controlled ? How do operators plan their actions ?
-9-
Hazard & Risk Assessment Methods __________________________________________________________________________
Conclusion
Risk assessment is the scientific process of asking how risky something is. It is a process of collecting and analysing scientific data "to describe the form, dimension, and characteristics of risk"5. A lot of Risk Assessment Methods exist, but their is no good or bad methods. Risk assessment can take different approaches depending on the purpose and scope of the available information or data used in an assessment. Depending of what you want to obtain by a risk assessment, you will need to use a specific method. Risk assessment is required by law, but is firstly a very good tool to prevent injuries, accidents on people or properties. For better outcomes, or in case of doubt in the choice of the method, different ones should be used. The results of these methods would compare after to look for the more relevant.
Word Count : 1528
5
Dorothy Patton, executive director of the Environmental Protection Agency (EPA)
- 10 -
Hazard & Risk Assessment Methods __________________________________________________________________________
Internet References
Safety-Critical System : http://www.informatik.uni-bremen.de/~agbs/lehre/safety1/riskanalysis.html Quantitative Risk Assessment - ABS Group Inc. Risk & Reliability Division : http://www.abs-jbfa.com/qra.html Health and Safety Regulation - A short guide (Health & Safety Executive Web Site) : http://www.open.gov.uk/hse/pubns/hsc13.htm Five steps to Risk Assessment (Health & Safety Executive Web Site) : http://www.open.gov.uk/hse/pubns/indg218.htm A Guide to Risk Assessment Requirements - Common provisions in health and safety law (Health & Safety Executive Web Site) : http://www.open.gov.uk/hse/pubns/indg163.htm
Bibliography
Hazard Identification & Risk Assessment, Geoff Wells, 1995 (Institution of Chemical Engineers - ISBN 0 852 9535 4) Major Hazards & their Management, Geoff Wells, 1997 (Institution of Chemical Engineers - ISBN 0 852 9536 2) BS 8444 - part 3 : 1996 Risk management. Guide to risk analysis of technological systems ( IEC 60300-3-9:1995)
Other Sources
Risk Management University Course, Shirley Fantie, Senior Lecturer, University of Greenwich * Introduction to Qualitative Risk Assessment in HS Management, 5th of October 1999 * Hazard Identification, 12th of October 1999 FTA University Course, Yves Dutuit, Senior Lecturer, University of Bordeaux, Department Environmental Health and Safety, France
- 11 -
Hazard & Risk Assessment Methods __________________________________________________________________________
Appendixes
Definitions
Hazard/Risk Assessment Methods and their use (Extract from Major Hazards and their Management, Geoff Wells)
Risk Assessment Techniques (Extract from the Risk Management University Course, Shirley Fantie)
Fault Tree Analysis - Example (Extract from the FTA University Course, Yves Dutuit)
Example of Event Tree of a gas release (Extract from Major Hazards and their Management, Geoff Wells)
Role and use of Quantified Risk Assessment (Extract from the Risk Management University Course, Shirley Fantie)
Further Information
- 12 -
Hazard & Risk Assessment Methods __________________________________________________________________________
Definitions
Hazard "A physical situation with a potential for human injury, damage to property, damage to the environment or a combination of these".
Risk "The likelihood of a specified undesired event with a specified period or in specialised circumstances".
Risk Assessment "The act of judging the significance of the risk and prioritise the different risks".
- 13 -
Hazard & Risk Assessment Methods __________________________________________________________________________
Hazard/Risk Assessment Methods and their use CHA
PPHA
HAZOP
FMEA
FTA
ETA
Root Causes *
*
***
Control of situation
***
***
***
Release of material
***
***
Release mitigation
*
Damage and harm
*
Deviations from good practice
Incident scenarios
QRA
What - If
*
Immediate Causes
Hazard identification
Task
***
***
*
***
***
***
***
*
*
*
*
***
*
*
***
*
*
***
***
*** ***
***
*
*
***
***
***
*
***
Quantitativ e
Quantitative
*
Quantitativ e
Likelihood of event sequences
Relative
Magnitude of consequences
Relative
***
*
Quantitativ e
Risk assessment
Prioritize
***
Context
Quantitativ e
Quantitativ e
CHA - Concept Hazard Analysis PPHA - Preliminary Process Hazard Analysis HAZOP - Hazard and Operability studies FMEA - Failure Mode and Effect Analysis FTA - Fault Tree Analysis ETA - Event Tree Analysis Task - Task Analysis QRA - Quantified Risk Assessment What-If - What-If Analysis
- 14 -
*** Primary * Second
Hazard & Risk Assessment Methods __________________________________________________________________________
Risk Assessment Techniques DEFINE SYSTEM Boundaries, aims, information
EC Standards Regulations
Check list Safety inspection Safety audits Accident Statistics Experience
IDENTIFY HAZARDS
Hazards as a Result of Failures m/c components, safety system, management system
Continuing Hazards Mechanical, nonmechanical
ANALYSE EFFECTS/CONSEQUENCES Injury severity, equipment damage, fire/explosion,…
Hazard Indices HAZOP FMEA Task Analysis
ETA Modelling
Numerical Data (probability or frequency):
Reliability Technology Human Reliability Analysis FTA
ESTIMATE OVERALL RISK (Frequency) x (Consequences)
REJECT/ACCEPT RISK Compare : Codes of practice, existing situation, targets/criteria
MODIFY SYSTEM Technical, procedural
NO CHANGE monitor
- 15 -
Cost-benefit Analysis Tolerability of Risk Fatal Accident Rate Industry average Target/Criteria
Modifications Maintenance Changes
Hazard & Risk Assessment Methods __________________________________________________________________________
Fault Tree Analysis - Example
NH : NTH : Sensor
High Level Sensor Very High Level
The risk is the overflowing of the tank. Normally, the water quantity reduce according to the consumption and increase according to the source.
If the consumption stop, the level increase until the NH Sensor stop automatically the source (in closing the Floodgate 1). If it's failing, the NTH Sensor stop automatically the source (in closing the Floodgate 2), and warn the Operator. In case of failure of the Floodgate 2, the Operator should close manually the Floodgate 3.
The Floodgates 1 & 2 are the same, so they have the same characteristics and same parameters of probability. It's the same for the NH & NTH Sensors.
- 16 -
Hazard & Risk Assessment Methods __________________________________________________________________________
Over flowing of the tank
and
No stop of the supply
No flow
and
Floodgate 3 non opened
No stop by the floodgate 1
No stop by the foodgate 2
or
or
Floodgate 1 no turned on
Failure of the NH sensor Sensor
Floodgate 1 Automatic floodgate
Floodgate 2 no turned on
or
Floodgate 3
Floodgate 2
Manual floodgate
Floodgate 3 no turned on by the operator
or Automatic floodgate
Failure of the NTH sensor Sensor
- 17 -
Operator deficiency
Failure of the NTH sensor
Operator
Sensor
Hazard & Risk Assessment Methods __________________________________________________________________________
Example of Event Tree for a gas release
Large gas release
Immediate ignition by process flame
Delayed ignition by any source?
Explosion not flash fire?
Outcomes
Torch Fire F= 0.008/y Yes (0.8)
F= 0.001/y Yes (0.5)
VCE F= 0.00001/y
Yes (0.1) No (0.5)
No (0.2)
No (0.9)
- 18 -
Flash/Torch fire F= 0.00001/y
Dispersion F= 0.00018/y
Hazard & Risk Assessment Methods __________________________________________________________________________
Role and use of a Quantified Risk Assessment Identify problem
Define scope of analysis
Describe the system
Identify scenarios
Estimate frequencies and consequences of hazards
Evaluate the risk from hazards
Evaluate risk levels against criteria
Risk criteria
Sensitivity analysis
Modifiy the system to reduce risk
QRA decision
Final decision
Implement the decision
- 19 -
Other factors
Hazard & Risk Assessment Methods __________________________________________________________________________
Further Information
Management of health and safety at work (Approved Code of Practice L21 - ISBN 0 7176 0412 8) Essentials of health and safety at work - 3rd edition - 1994 (ISBN 0 7176 0716 X) Five steps to risk assessment (IND(G)163(L), free)
- 20 -