Documente Academic
Documente Profesional
Documente Cultură
Contents
2
Objectives
Describe risk assessment Develop Fault Tree Analysis to assess risk based on the identified top event.
INTRODUCTION
3
The term risk assessment comes from the insurance industry & was one stage in their process of determining and spreading liabilities they carried. Objective: to identify hazards so that action can be taken to eliminate, reduce or control them before accident that cause damage or injury occur.
RI includes incident identification and consequence analysis. Incident identification describes how an incident occurs. It frequently includes an analysis of the probabilities . Consequences analysis describes the expected damage. This includes loss of life, damage to the environment or capital equipment, and days outage. The hazard identification procedures (HAZOP) include some aspects of RI.
Cont
Risk assessment is the process where you: Identify hazards, Analyze or evaluate the risk associated with that hazard, and Determine appropriate ways to eliminate or control the hazard. In practical terms, a risk assessment is a thorough look at your workplace to identify those things, situations, processes, etc that may cause harm, particularly to people. After identification is made, you evaluate how likely and severe the risk is, and then decide what measures should be in place to effectively prevent or control the harm from happening.
Risk assessments are very important as they form an integral part of a good occupational health and safety management plan. They help to: create awareness of hazards and risks, identify who may be at risk (employees, cleaners, visitors, contractors, the public, etc), determine if existing control measures are adequate or if more should be done, prevent injuries or illnesses when done at the design or planning stage, and prioritize hazards and control measures.
The aim of the risk assessment process is to remove a hazard or reduce the level of its risk by adding precautions or control measures, as necessary. By doing so, you have created a safer and healthier workplace.
Assessments should be done by a competent team of individuals who have a good working knowledge of the workplace. Staff should be involved always include supervisors and workers who work with the process under review as they are the most familiar with the operation.
In general, to do an assessment, you should: identify hazards, evaluate the likelihood of an injury or illness occurring, and its severity,
Cont
literature, information
from reputable organizations, results of testing, etc., Identify actions necessary to eliminate or control the risk,
When doing an assessment, you must take into account: the methods and procedures used in the processing, use, handling or storage of the substance, etc.. the actual and the potential exposure of workers, the measures and procedures necessary to control such exposure by means of engineering controls, work practices, and hygiene practices and facilities.
Cont..
By determining the level of risk associated with the hazard, the employer and the joint health and safety committee can decide whether a control program is required.
It is important to remember that the assessment must take into account not only the current state of the workplace but any potential situations as well.
Overall, the goal is to find and record possible hazards that may be present in your workplace. As mentioned, it may help to work as a team and include both people familiar with the work area, as well as people who are not - this way you have both the "experienced" and "fresh" eye to conduct the inspection.
Cont..
4- include people who work "off site" either at home, on other job sites, drivers, teleworkers, with clients, etc., 5- look at the way the work is organized or "done" (include experience and age of people doing the work, systems being used, etc), 6- look at foreseeable unusual conditions (for example: possible impact on hazard control procedures that may be unavailable in an emergency situation, power outage, etc.), 7- examine risks to visitors or the public, 8- include an assessment of groups that may have a different level of risk such as young or inexperienced workers, persons with disabilities, or new or expectant mothers.
Cont
Each hazard should be studied to determine its' level of risk. To research the hazard, you can look at: product information / manufacturer documentation, past experience (workers, etc), legislated requirements and/or applicable standards, industry codes of practice / best practices, health and safety material about the hazard such as material safety data sheets (MSDS), or other manufacturer information, information from reputable organizations, results of testing (atmospheric, air sampling of workplace, biological, etc), the expertise of a occupational health and safety professional, information about previous injuries, illnesses, "near misses", accident reports, etc. Cont
Remember to include factors that contribute to the level of risk such as the: work environment (layout, condition, etc.), capability, skill, experience of workers who do the work, systems of work being used, or range of foreseeable conditions.
Ranking or prioritizing hazards is one way to help determine which hazard is the most serious and thus which hazard to control first ? Priority is usually established by taking into account the employee exposure and the potential for accident, injury or illness. By assigning a priority to the hazards, you are creating a ranking or an action list. The following factors play an important role: percentage of workforce exposed, frequency of exposure, degree of harm likely to result from the exposure, probability of occurrence. There is no one simple or single way to determine the level of risk. Ranking hazards requires the knowledge of the workplace activities, urgency of situations, and most importantly, objective judgment.
One option is to use a table similar to the following as established by the British Standards Organization:
Cont.
Very Likely - Typically experienced at least once every six months by an individual. Likely - Typically experienced once every five years by an individual. Unlikely - Typically experienced once during the working lifetime of an individual. Very unlikely - Less than 1% chance of being experienced by an individual during their working lifetime.
Cont.
Potential severity of harm - When establishing potential severity of harm, information about the relevant work activity should be considered, together with: a) part(s) of the body likely to be affected; b) nature of the harm, ranging from slight to extremely harmful:
1. slightly harmful (e.g., superficial injuries; minor cuts and bruises; eye irritation from dust; nuisance and irritation; ill-health leading to temporary discomfort)
Cont..
2. harmful (e.g., lacerations; burns; concussion; serious sprains; minor fractures; deafness; dermatitis; asthma; work-related upper limb disorders; ill-health) 3. extremely harmful (e.g., amputations; major fractures; poisonings; multiple injuries; fatal injuries; occupational cancer; other severely life shortening diseases; acute fatal diseases)
Cont.
Definition for Risk Level - Tolerability Guidance on necessary action and timescale
Very low - These risks are considered acceptable. No further action is necessary other than to ensure that the controls are maintained. Low - No additional controls are required unless they can be implemented at very low cost (in terms of time, money, and effort). Actions to further reduce these risks are assigned low priority. Arrangements should be made to ensure that the controls are maintained.
Cont
Medium - Consideration should be as to whether the risks can be lowered, where applicable, to a tolerable level and preferably to an acceptable level, but the costs of additional risk reduction measures should be taken into account. The risk reduction measures should be implemented within a defined time period. Arrangements should be made to ensure that controls are maintained, particularly if the risk levels area associated with harmful consequences.
Cont..
High - Substantial efforts should be made to reduce the risk. Risk reduction measures should be implemented urgently within a defined time period and it might be necessary to consider suspending or restricting the activity, or to apply interim risk control measures, until this has been completed.
Cont.
Very high - These risk are unacceptable. Substantial improvements in risk control measures are necessary so that the risk is reduced to a tolerable or acceptable level. The work activity should be halted until risk controls are implemented that reduces the risk so that it is no longer very high. If it is not possible to reduce the risk, the work should remain prohibited.
Note: Where the risk is associated with extremely harmful consequences, further assessment is necessary to increase confidence in the likelihood of harm.
Cont.
Cont
Once you have established your top priorities, you can decide on ways to control each specific hazard. Hazard control methods are often grouped into the following categories: elimination (including substitution), engineering controls, administrative controls, personal protective equipment.
It is important to know if your risk assessment was complete and accurate. It is also essential to be sure that changes in the workplace have not introduced new hazards or changed hazards that were once ranked as lower priority to a higher priority.
It is good practice to review your assessment on a regular basis to be sure that nothing has changed and that your control methods are effective.
Cont.
Triggers for a review can also include: the start of a new project, a change in the work process or flow, a change or addition to tools, equipment, machinery (including locations or the way they are used),
new employees,
moving to a new building or work area, introduction of new chemicals or substances, when new information becomes available about a current product.
31
Keeping records of your assessment and any control actions taken is very important. You may be required to store assessments for a specific number of years. Check for local requirements in your jurisdiction. The level of documentation or record keeping will depend on: level of risk involved,
32
Fault Trees originated in the aerospace industry and have been used extensively by the nuclear power industry to qualify and quantify the hazards and risks.
Fortunately, this approach lends itself to computerization with a variety of computer programs commercially available.
Fault Tree is a method by which a particular undesired system failure mode can be expressed in terms of component failure modes and operator actions.
The system failure mode to be considered is termed the top event and fault tree is developed in branches below this event showing it causes.
1.
2.
Draw the top event Determine major events that contribute to the top event
3. 4.
5.
Parallel AND; Series OR Consider the intermediate events, what events must occur to contribute to that intermediate event? Continue until all the branches terminated by basic, undeveloped or external events.
1.
High reactor temperature Liquid level to high Not; explosion of reactor or fire in process
2. 3. 4. 5. 6.
Define existing event Define unallowed events Define physical bound of the process Define equipment configuration Define the level of resolution
1 - Define the undesired event to study Definition of the undesired event can be very hard to catch, although some of the events are very easy and obvious to observe. An engineer with a wide knowledge of the design of the system or a system analyst with an engineering background is the best person who can help define and number the undesired events. Undesired events are used then to make the FTA, one event for one FTA; no two events will be used to make one FTA.
2 - Obtain an understanding of the system Once the undesired event is selected, all causes with probabilities of affecting the undesired event are studied and analyzed. Getting exact numbers for the probabilities leading to the event is usually impossible for the reason that it may be very costly and time consuming to do so.
Computer software is used to study probabilities; this may lead to less costly system analysis. System analysts can help with understanding the overall system. System designers have full knowledge of the system and this knowledge is very important for not missing any cause affecting the undesired event. For the selected event all causes are then numbered and sequenced in the order of occurrence and then are used for the next step which is drawing or constructing the fault tree.
selecting the undesired event and having analyzed the system so that we know all the causing effects (and if possible their probabilities) we can now construct the fault tree. Fault tree is based on AND and OR gates which define the major characteristics of the fault tree.
the fault tree has been assembled for a specific undesired event, it is evaluated and analyzed for any possible improvement or in other words study the risk management and find ways for system improvement. This step is as an introduction for the final step which will be to control the hazards identified. In short, in this step we identify all possible hazards affecting in a direct or indirect way the system.
step is very specific and differs largely from one system to another, but the main point will always be that after identifying the hazards all possible methods are pursued to decrease the probability of occurrence.
Graphic Symbols
43
The basic symbols used in FTA are grouped as events, gates, and transfer symbols. Minor variations may be used in FTA software. Event Symbols Event symbols are used for primary events and intermediate events. Primary events are not further developed on the fault tree. Intermediate events are found at the output of a gate.
event symbols
44
Basic
Initiating
Undeveloped
Conditioning
Intermediate
Basic event - failure or error in a system component or element (example: switch stuck in open position) Initiating event - an external event (example: bird strike to aircraft) Undeveloped event - an event about which insufficient information is available, or which is of no consequence Conditioning event - conditions that restrict or affect logic gates (example: mode of operation in effect) An intermediate event gate can be used immediately above a primary event to provide more room to type the event description. FTA is top to bottom approach.
Gate Symbols
45
Gate symbols describe the relationship between input and output events. The symbols are derived from Boolean logic symbols:
OR gate
AND gate
Inhibit gate
The gates work as follows: OR gate - the output occurs if any input occurs AND gate - the output occurs only if all inputs occur (inputs are independent) Exclusive OR gate - the output occurs if exactly one input occurs Priority AND gate - the output occurs if the inputs occur in a specific sequence specified by a conditioning event Inhibit gate - the output occurs if the input occurs under an enabling condition specified by a conditioning event
Transfer in
Transfer Symbols
46
Transfer symbols are used to connect the inputs and outputs of related fault trees, such as the fault tree of a subsystem to its system.
Transfer in
Transfer out
A gate is used to describe the relationship between the input and output events in a fault tree. Fault trees can have several different kinds of gates. Two kinds of gates are described and shown below
BASIC event
INTERMEDIATE events
event
EXTERNAL event
TRANSFER symbols
OUT IN
Inhibit condition
INHIBIT event The output event will occur if the input occurs and the inhibits event occurs
Flat Tire
OR
Intermediat e events OR
Tire Failure
Road Debris Basic events
Defective Tire
Worn Tire
Basic events
Instrument
Controller
Failure rate ,
0.29
Control valve
Flow measurement (fluids) Flow measurement (solids) Flow switch Gas-liquid chromatograph Hand valve Indicator lamp Level measurement (liquids) Level measurement (solids) Oxygen analyzer pH meter Pressure measurement Pressure relief valve Pressure switch Solenoid valve Stepper motor Strip chart recorder Thermocouple temperature measurement
0.60
1.14 3.75 1.12 30.6 0.13 0.044 1.7 6.86 5.65 5.88 1.41 0.022 0.14 0.42 0.044 0.22 0.52
0.027
FTA example 2
52
Overpressuring of reactor
P = 0.0702, R = 0.9298
P = 0.165, R = 0.835
P = 0.426, R = 0.574
Once you have the fault tree, you can determine the min cut sets It is the various sets of events that could lead to the top events It can determine various combinations of events and probability of each set of events occurring
Advantages
Disadvantages
For complicated processes, FT will be enormous Will take a long time Not all failure modes might have been considered Possibility of a partial failure Different structures if developed by different individual Not all failure rates are known
55
THANK YOU