zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Independent Safety Assessment and System Safety Update Andy Tankard, Principal M anager Safety Quality Environment & Risk 16 May 2016
AEO Assessments Tara Naseri, Senior System Safety Specialist zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Image courtesy of Transport for NSW Safety Technical Forum | 2
Feedback on generic findings from current AEO assessment and audit activities • Underestimation of the importance of System Safety Assurance throughout the assets lifecycle • Misinterpretation of System Safety Assurance as Work Health and Safety (WHS) • The applicability of the requirements based on the scope of the provided engineering services • Lack of familiarisation with the system safety standards for new or altered asset • Lack of awareness of ISA involvement and its relevancy • Provision of inconsistent deployed project evidence Safety Technical Forum | 3
Feedback on generic findings from current AEO assessment and audit activities • 50 audits carried out • Productive action management • Process improvement across all industries • Openness of the whole industry to change and adaptability Safety Technical Forum | 4
zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Independent Safety Assessment Richard Adams, Manager Safety & R isk Assurance Safety Technical Forum | 5
Asset Safety Assurance Now an established technique in asset safety assurance A number of large projects are now actively under assessment or in the process of engaging ISAs Technical note issued in June 2015 so TfNSW can engage an ISA Currently no ISAs appointed in planning phase of projects – an area for future improvement Anecdotal evidence that ISA is driving improved rigor in the safety assurance of assets Safety Technical Forum | 6
ISA AEOs Currently three ISA AEOS Three currently under assessment Existing requirements duplicate a number of standard AEO requirements Too many ISA AEO requirements Revised set of requirements later this year with significant consolidation Safety Technical Forum | 7
Risk Tolerability TfNSW published internally risk tolerability criteria for all transport modes in 2015 Currently these are not applied in projects – need for guidance on how they should be applied is under development Quantified Risk Analysis (QRA) is now used extensively to support safety assurance and decision making. Has many benefits but also many drawbacks. Guide to Risk Tolerability and QRA will be published later in the year Safety Technical Forum | 8
System Safety for New or Altered Assets TS20001 will be updated in coming months to be non-mode specific Aligning with ASA moving to incorporate all transport modes Hazard Management remains an area of concern. Guide to Hazard Management is planned but likely later than TS20001 and Risk Tolerability Safety Technical Forum | 9
zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Guest speaker Charles-Andre Bellini, Systems Assurance, Atkins Australia Safety Technical Forum | 10
Safety Technical Forum | 11
zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Hazard Management Richard Adams, Manager Safety and Risk Assurance Safety Technical Forum | 12 May 2016
Contents Hazard Management • Role of Hazard Management in System Safety • Current issues in Hazard Management • Hazard vs Risk, Hazard Logs vs Risk Registers • Integration of Safety into Design • Hazard levels • Hazard Logs and Hazard Management across the lifecycle • Hazard Management and the assurance structure in complex projects • Features of good hazard management • Hazard Management Activity Safety Technical Forum | 13
zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Hazard Management in System Safety TS20001 – System Safety for New or Altered Assets ‘System Safety The concurrent application of a systems based approach to safety engineering and of a risk management strategy covering the identification and analysis of hazards and the elimination, control or management of those hazards through out the life cycle of a system or asset’ NASA ‘A disciplined, systematic approach to the analysis of risks resulting from hazards that can effect humans, the environment and mission assets’ Safety Technical Forum | 14
zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Hazard Management in System Safety Hazard Management or Safety Risk Management is at the core of System Safety Safe Work Australia ‘ Safe design means the integration of control measures early in the design process to eliminate or, if this is not reasonably practicable, minimise risk to health and safety throughout the lifecycle of the plant being designed’ Safety Technical Forum | 15
zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Hazard Management in System Safety Legislative duties to ensure safety SFAIRP necessitate safety risk management Key element of a safety argument is compliance with safety requirements – this can only be achieved through sound hazard management International good practice through international standards require hazard analysis as part of Safety Assurance e.g. EN50126, European Common Safety Method, DEF-STAN 00-56 ONRSR Guidance on SFAIRP – key is the reasonable level of knowledge of a duty holder around all risks that it is exposed to or exposes others to Safety Technical Forum | 16
Definitions Hazard • A physical situation or state of a system, often following from some initiating event, that may lead to an accident (DEF-STAN 00-56) • A condition that could lead to an accident (EN50126-2) Safety • Freedom from unacceptable risk of harm (EN50126) Risk • The rate of occurrence of accidents and incidents resulting in harm (caused by a hazard) and the degree of severity of that harm (EN50126-2) Accident • An unintended event, or sequence of events, that cause harm (DEF-STAN 00-56) Safety Technical Forum | 17
Current Issues in Hazard Management Combining and confusing system hazards with project risks, construction risks and work health safety risks • Hazard Management in a System Assurance context is about safety risks that may arise in the operations and maintenance phase • Project risks are transitional – they have minimal impact on the safety and integrity of the transport network once in the operational phas e • Construction and work health safety risks are very important but are also transitional Safety Technical Forum | 18
Current Issues in Hazard Management Too many hazards at too lower level • Hazards logs with many hundreds of entries – there should be tens even for complex systems • Controls at such a detailed level they do not represent safety requirements • Hazards need to sit between causes and accidents / consequences Safety Technical Forum | 19
Current Issues in Hazard Management Absence of traceability • Hazard log is the centre of traceability for all hazard management issues, safety requirements and V&V evidence • Key assurance artifact that provides ability to trace to all assurance evidence • Hazard log provides traceability of how safety issues have been dealt with during a project – must link to the design and its records Safety Technical Forum | 20
Current Issues in Hazard Management Lack of maintained journal / records of change • Hazard log is a living document through the whole lifecycle. Changes through the lifecycle reflect the safety decisions made and are thus key assurance evidence • Hazard log needs to document how each hazard has been analysed through the design process. It is also an artifact of the requirements definition process • Provides audit trail of hazards considered and the rationale for each hazard’s closure. Records the the decisions at reaching a demonstrable SFAIRP position Safety Technical Forum | 21
Hazard Management and Risk Management ISO31000 is the established international standard for Risk Management Hazard Management is essentially safety risk management. There are subtle differences • ISO31000 generally aimed at Enterprise Risk Management – managing risks and opportunities in an organisational environment • Hazard management is a form of risk management intrinsic to Safety Engineering • Concepts are similar but the recording and managing of hazards and controls take a different form – system safety and hazard management are engineering activities Safety Technical Forum | 22
Hazard Logs versus Risk Registers A Hazard Log is a form of Risk Register but a Risk Register is not necessarily a Hazard Log Risk Register Hazard Log Includes all risks under consideration Includes all identified hazards (safety) of a system Documents all treatment and controls for risks Details all controls for hazards and links them to system safety requirements – applies hierarchy of controls Is a business management tool Is a Safety Engineering tool Assesses risk against criteria Assesses safety risk against safety criteria Provides SFAIRP justification Provides basis for auditing and management of Provides traceability to all verification and controls and treatments validation evidence Includes a journal Records the rationale for safety related design decisions Safety Technical Forum | 23
Recommend
More recommend