Major Hazard Facilities. Major Accident Identification and Risk Assessment

Similar documents
Identification and Screening of Scenarios for LOPA. Ken First Dow Chemical Company Midland, MI

Major Hazard Facilities. Hazard Identification

Major Hazard Facilities. Control Measures and Adequacy

Marine Risk Assessment

Advanced LOPA Topics

Understanding safety life cycles

Impact on People. A minor injury with no permanent health damage

The Risk of LOPA and SIL Classification in the process industry

MAHB. INSPECTION Process Hazard Analysis

Hazard Identification

Expert System for LOPA - Incident Scenario Development -

Using LOPA for Other Applications

A large Layer of Protection Analysis for a Gas terminal scenarios/ cause consequence pairs

THE BAKER REPORT HOW FINDINGS HAVE BEEN USED BY JOHNSON MATTHEY TO REVIEW THEIR MANUFACTURING OPERATIONS

Every things under control High-Integrity Pressure Protection System (HIPPS)

LECTURE 3 MAINTENANCE DECISION MAKING STRATEGIES (RELIABILITY CENTERED MAINTENANCE)

AUSTRALIA ARGENTINA CANADA EGYPT NORTH SEA U.S. CENTRAL U.S. GULF. SEMS HAZARD ANALYSIS TRAINING September 29, 2011

PRAGMATIC ASSESSMENT OF EXPLOSION RISKS TO THE CONTROL ROOM BUILDING OF A VINYL CHLORIDE PLANT

Safety Engineering - Hazard Identification Techniques - M. Jahoda

A study on the relation between safety analysis process and system engineering process of train control system

Hazard identification at a major hazard facility

QUANTIFYING THE TOLERABILITY OF POTENTIAL IGNITION SOURCES FROM UNCERTIFIED MECHANICAL EQUIPMENT INSTALLED IN HAZARDOUS AREAS

Safety assessments for Aerodromes (Chapter 3 of the PANS-Aerodromes, 1 st ed)

Hazard Operability Analysis

SAFETY SEMINAR Rio de Janeiro, Brazil - August 3-7, Authors: Francisco Carlos da Costa Barros Edson Romano Marins

Introduction to Emergency Response & Contingency Planning

PSM TRAINING COURSES. Courses can be conducted in multi-languages

The modern, fast and easy to use risk analysis tool. Advanced Features. Using HAZID in BowTie Pro

DETERMINATION OF SAFETY REQUIREMENTS FOR SAFETY- RELATED PROTECTION AND CONTROL SYSTEMS - IEC 61508

Hazard Identification

DIGITAL SOLUTIONS TRAINING CATALOGUE. QRA and CFD simulation. Phast, Safeti and KFX SAFER, SMARTER, GREENER

VALIDATE LOPA ASSUMPTIONS WITH DATA FROM YOUR OWN PROCESS

The Bowtie Methodology

Improving Accuracy of Frequency Estimation of Major Vapor Cloud Explosions for Evaluating Control Room Location through Quantitative Risk Assessment

Abstract. 1 Introduction

SEMS II: BSEE should focus on eliminating human error

Safety-Critical Systems

SIL explained. Understanding the use of valve actuators in SIL rated safety instrumented systems ACTUATION

Safety in Petroleum Industry

A GUIDE TO RISK ASSESSMENT IN SHIP OPERATIONS

Inherently Safer Design Analysis Approaches

Safety Guidelines for Live Entertainment and Events I Part 2. Hazard Identification and Risk Management 1

Knowledge, Certification, Networking

The Best Use of Lockout/Tagout and Control Reliable Circuits

To comply with the OHS Act, the responsible manager must carry out and document the following:

Proposed Abstract for the 2011 Texas A&M Instrumentation Symposium for the Process Industries

Introduction to HAZOP Study. Dr. AA Process Control and Safety Group

Risk reducing outcomes from the use of LOPA in plant design and operation

Purpose. Scope. Process flow OPERATING PROCEDURE 07: HAZARD LOG MANAGEMENT

Hazardous Materials Management Guidelines

Release: 1. UEPOPL002A Licence to operate a reciprocating steam engine

Hazard & Risk Management

FUNCTIONAL SAFETY: SIL DETERMINATION AND BEYOND A CASE STUDY FROM A CHEMICAL MANUFACTURING SITE

Work Health and Safety Risk Management Procedures

RISK ASSESSMENT GUIDE

1.0 PURPOSE 2.0 REFERENCES

INHERENTLY SAFER DESIGN CASE STUDY OF RAPID BLOW DOWN ON OFFSHORE PLATFORM

Quantitative Risk Analysis (QRA)

ESSENTIAL SAFETY RESOURCES

Safe Work Practices and Permit-to-Work System

Engineering Safety into the Design

CIRCUIT BREAKER TESTING - JOB SAFETY ANALYSIS

PLANT RISK ASSESSMENT REPORT

Operational Risk Using BowTie Methodology

Hazard Management Making your workplace safer

Procedure: Work health and safety hazard management

Risks Associated with Caissons on Ageing Offshore Facilities

in Australian Workplaces

AIDGC PRESENTATION MARCH 2006 HAZARDOUS AREAS STANDARDS & CLASSIFICATION

PI MODERN RELIABILITY TECHNIQUES OBJECTIVES. 5.1 Describe each of the following reliability assessment techniques by:

Combining disturbance simulation and safety analysis techniques for improvement of process safety and reliability

SH&E Work Method Statement Concrete Cutting & Drilling Fast Cut Qld Pty Ltd, 91 Basalt, GEEBUNG PH M ABN

Transient Analyses In Relief Systems

Safe management of industrial steam and hot water boilers A guide for owners, managers and supervisors of boilers, boiler houses and boiler plant

Process Safety Management Of Highly Hazardous Chemicals OSHA 29 CFR

EVENT SAFETY RISK ASSESSMENT - (SMALL TO MEDIUM SIZED COMMUNITY EVENTS) 1

Process Safety Value and Learnings Central Valley Chemical Safety Day March 20, 2014

Accident/Incident Reporting and Investigation Procedures

Risk Management Qualitatively on Railway Signal System

Module No. # 01 Lecture No. # 6.2 HAZOP (continued)

COMMON MISUNDERSTANDINGS ABOUT THE PRACTICAL APPLICATION OF IEC 61508

Sharing practice: OEM prescribed maintenance. Peter Kohler / Andy Webb

SIL Allocation. - Deterministic vs. risk-based approach - Layer Of Protection Analysis (LOPA) overview

Ultima. X Series Gas Monitor

A systematic hazard analysis and management process for the concept design phase of an autonomous vessel.

General Duty Clause. Section 112(r)(1) of CAA. Chris Rascher, EPA Region 1

Using Consequence Modeling to Help Make Emergency Decisions

Part 2.5 Dispersion Modeling Using ALOHA

USING HAZOP TO IDENTIFY AND MINIMISE HUMAN ERRORS IN OPERATING PROCESS PLANT


Practical Modelling & Hazard Assessment of LPG & LNG Spills

Reliability of Safety-Critical Systems Chapter 4. Testing and Maintenance

Implementing IEC Standards for Safety Instrumented Systems

User Information Sheet 015

Methods of Determining Safety Integrity Level (SIL) Requirements - Pros and Cons

Hazardous material transport accidents: analysis of the D.G.A.I.S. database

Risk-Based Inspection Requirements for Pressure Equipment

Preventive Maintenance

MAJOR HAZARD FACILITIES:

INSPECTIONS OF THE LPG ESTABLISHMENTS IN PORTUGAL. Graça Bravo. 26th September 2017

Transcription:

Major Hazard Facilities Major Accident Identification and Risk Assessment

Overview This seminar has been developed in the context of the MHF regulations to provide: An overview of MA identification and risk assessment The steps required for MA recording Examples of major accidents identified The steps required for a risk assessment Examples of risk assessment formats 2

Some Abbreviations and Terms AFAP - As far as (reasonably) practicable BLEVE Boiling liquid expanding vapour explosion BPCS Basic process control system DG - Dangerous goods Employer - Employer who has management control of the facility Facility - any building or structure which is classified as an MHF under the regulations HAZID - Hazard identification HSR - Health and safety representative LOC - Loss of containment LOPA Layers of protection analysis MHF - Major hazard facility MA - Major accident SIS Safety instrumented system 3

Topics Covered In This Presentation Regulations Definition - Major accident (MA) MA identification issues Approaches to MA identification MA recording Pitfalls 4

Topics Covered In This Presentation Definition of a risk assessment Approaches Risk assessment Likelihood assessment Consequences Risk evaluation and assessment Summary Sources of additional information Review and revision 5

Regulations Occupational Health and Safety (Safety Standards) Regulations 1994 Hazard identification (R9.43) Risk assessment (R9.44) Risk control (i.e. control measures) (R9.45, S9A 210) Safety Management System (R9.46) Safety report (R9.47, S9A 212, 213) Emergency plan (R9.53) Consultation 6

Regulations Occupational Health and Safety (Safety Standards) Regulations 1994 Regulation 9.43 (Hazard identification) states: The employer must identify, in consultation with employees, contractors (as far as is practicable) and HSRs: a) All reasonably foreseeable hazards at the MHF that may cause a major accident; and b) The kinds of major accidents that may occur at the MHF, the likelihood of a major accident occurring and the likely consequences of a major accident. 7

Regulations Occupational Health and Safety (Safety Standards) Regulations 1994 Regulation 9.44 (Risk assessment) states: If a hazard or kind of major accident at the MHF is identified under regulation 9.43, the employer must ensure that any risks associated with the hazard or major accident are assessed, in consultation with employees, contractors (as far as is practicable) and HSRs. The employer must ensure that the risk assessment is reviewed: a) Within 5 years after the assessment is carried out, and afterwards at intervals of not more than 5 years; and b) Before a modification is made to the MHF that may significantly change a risk identified under regulation 9.43; and c) When developments in technical knowledge or the assessment of hazards and risks may affect the method at the MHF for assessing hazards and risks; and d) If a major accident occurs at the MHF. 8

Regulations Occupational Health and Safety (Safety Standards) Regulations 1994 Regulation 9.45 (Risk control) states: The employer must, in consultation with employees, contractors (as far as is practicable) and HSRs, ensure that any risk associated with a hazard at the MHF is: a) eliminated; or b) If it is not practicable to eliminate the risk reduced as far as practicable. The employer must: a) Implement measures at the MHF to minimise the likelihood of a major accident occurring; and b) Implement measures to limit the consequences of a major accident if it occurs; and c) Protect relevant persons, an at-risk community, and the built and natural environment surrounding the MHF, by establishing an emergency plan and procedures in accordance with regulation 9.53. 9

Definition Major Accident A major accident is defined in the Regulations as: A sudden occurrence at the facility causing serious danger or harm to: A relevant person or An at-risk community or Property or The environment whether the danger or harm occurs immediately or at a later time 10

MA Identification Issues Unless ALL possible MAs are identified then causal and contributory hazards may be overlooked and risks will not be accurately assessed Likewise, controls cannot be identified and assessed Identification of MAs must assume control measures are absent/unavailable/not functional That is: WHAT COULD HAPPEN IF CONTROL MEASURES WERE NOT APPLIED AND MAINTAINED? 11

MA Identification Issues MAs can be identified in three different areas These are: Process MAs MAs arising from concurrent activities Non-process MAs 12

MA Identification Issues Process MAs These are MAs caused by hazards which are associated with upsets in the process, or failure of equipment in the process, etc MAs arising from concurrent activities Typical concurrent operations which must be considered are: - Major shutdowns/start ups - Other activity on site - Activities adjacent to the facility 13

MA Identification Issues Non-Process MAs MAs created by non-process hazards that could cause release of Schedule 9 materials Non-process hazards may typically include the following: aircraft crashing; dropped objects; extreme environmental conditions (earthquake, cyclone, high winds, lightning); nonprocess fires (e.g. bush fire); vehicles and road transport; heat stress 14

MA Identification Issues Collate appropriate Facility information Incident data/histories To ensure a thorough understanding of : The nature of the facility Its environment Its materials Its processes 15

MA Identification Issues Develop/select a structured method for determining what types of MA can occur: Loss of containment Fire Explosion Release of stored energy Where they can occur Under what circumstances Define and document any restrictions applied to the above 16

MA Identification Tools Usage Examples of tools which might be used include: Analysis of Schedule 9 materials and DG properties Use of HAZID techniques Review of existing hazard identification or risk assessment studies Analysis of incident history local, industry, company and applicable global experience 17

Approach to MA Identification It may be efficient to treat similar equipment items handling the same Schedule 9 materials together - as often they have similar hazards and controls Further, to ensure correct mitigation analysis, the equipment grouped together should contain similar materials at similar process conditions, resulting in similar consequences on release 18

Approach to MA Identification For consistency of analysis, all MAs should be defined in terms of an initial energy release event This can be characterised as a loss of control of the Schedule 9 material As an example, in the case of a hydrocarbon release from one vessel leading to a jet fire that subsequently causes a BLEVE in a second vessel, the MA should be defined in terms of the initial hydrocarbon release from the first vessel 19

Approach to MA Identification Review HAZID studies to identify initiating events for each MA Review to ensure all hazards have been identified Special checklists should be developed to assist with this process Further hazards may be identified from: Discussions with appropriate subject experts Review of incident data Review of the records from a similar system 20

MA Recording A structured approach is important It can then link equipment management strategies and systems Record the key outputs in a register For each MA, the register should record the following information: Equipment that comprises the MA Group similar items into one MA Description Consequences 21

MA Recording Consider all Schedule 9 materials - regardless of quantity Screen out incidents that do not pose a serious danger or harm to personnel, the community, the environment or property Screening should only be on the basis of consequence not likelihood i.e. Events should not be screened out on the basis of likelihood or control measures being active Consequence modelling should be used as justification for screening decisions External influences need to be considered, for example, potential for a power failure to cause a plant upset leading to an MA 22

Example MA Recording The following are examples of MA recording details MA Reference No. LPG-PU23-00110 MA Description LOC - pumps Equipment Included LPG transfer pumps (P254/A) TKF-SA10 LOC finished flammable product release from tank farm Flammable storage tanks A202, A205,A206, B21, C55 A26 Ignition of material Extruders E21/E22/D54 23

Major Hazard Facilities Risk Assessment

What is Risk? Regulatory definition (per Part 20 of the Occupational Health and Safety (Safety Standards) Regulations 1994) : Risk means the probability and consequences of occurrence of injury or illness AS/NZS 4360 (Risk Management Standard) the chance of something happening that will have an impact on objectives Risk combines the consequence and the likelihood RISK = CONSEQUENCE x LIKELIHOOD 25

Hazard versus Risk 26

Risk Assessment Definition Any analysis or investigation that contributes to understanding of any or all aspects of the risk of major accidents, including their: Causes Likelihood Consequences Means of control Risk evaluation 27

The Risk Assessment Should Ensure a comprehensive and detailed understanding of all aspects for all major accidents and their causes Be a component of the demonstration of adequacy required in the safety report - e.g. by evaluating the effects of a range of control measures and provide a basis for selection/rejection of measures 28

Approach The MHF Regulations respond to this by requiring comprehensive and systematic identification and assessment of hazards HAZID and Risk Assessment must have participation by employees, as they have important knowledge to contribute together with important learnings These employees MAY BE the HSRs, but DO NOT HAVE TO BE However, the HSRs should be consulted in selection of appropriate participants in the process 29

Approach Types of Risk Assessment Hazard Identification Qualitative Assessment Detailed Studies Quantitative Risk Assessment Likelihood Analysis Plant Condition Analysis Asset Integrity Studies Consequence Analysis Human Factors Studies Technology Studies 30

Causes From the HAZID and MA evaluation process, pick an MA for evaluation From the hazard register, retrieve all the hazards that can lead to the MA being realised In a structured approach, list all of the controls currently in place to prevent each of the hazards that lead to the MA being realised Examine critically all of the controls currently in place designed to prevent the hazard being realised 31

Causes As an example, from hazard register, MA - A26 Ignition of materials (MA - A26) 32

Causes List all possible causes of the accident (identified during HAZID study) Hazard Scenario 1 Hazard Scenario 2 Ignition of materials (MA - A26) Hazard Scenario 3, etc 33

Causes List all prevention controls for the accident (identified during HAZID study) Hazard Scenario 1 Hazard Scenario 2 Prevention control C1-1 Prevention control C2-1 Prevention control C1-2 Ignition of materials (MA - A26) Hazard Scenario 3, etc Prevention control C3-1 34

Likelihood Assessment Likelihood analysis can involve a range of approaches, depending on the organisation s knowledge, data recording systems and culture This knowledge can range from: - In-house data - existing data recording systems and operational experience - Reviewing external information from failure rate data sources Both are valid, however, the use of in-house data can provide added value as it is reflective of the management approaches and systems in place 35

Likelihood Assessment A Likelihood is an expression of the chance of something happening in the future - e.g. Catastrophic vessel failure, one chance in a million per year (1 x 10-6 /year) Frequency is similar to likelihood, but refers to historical data on actual occurrences 36

Likelihood Assessment Likelihood Analysis can use: Historical Site historical data Generic failure rate data Assessment Workshops (operators and maintenance personnel) Fault trees Event trees Assessment of human error 37

Likelihood Assessment Qualitative Approach A qualitative approach can be used for assessment of likelihood This is based upon agreed scales for interpretation purposes and for ease of consistency For example, reducing orders of magnitude of occurrence It also avoids the sometimes more complicated issue of using frequency numbers, which can be difficult on occasions for people to interpret 38

Likelihood Assessment Qualitative Approach Category A B C D E Likelihood Possibility of repeated events (once in 10 years) Possibility of isolated incidents (once in 100 years) Possibility of occurring sometimes (once in 1,000 years) Not likely to occur, (once in 10,000 years) Rare occurrence (once in 100,000 years) 39

Likelihood Assessment Fault Trees A fault tree is a graphical representation of the logical relationship between a particular system, accident or other undesired event, typically called the top event, and the primary cause events In a fault tree analysis the state of the system is to find and evaluate the mechanisms influencing a particular failure scenario 40

Likelihood Assessment Fault Trees A fault tree is constructed by defining a top event and then defining the cause events and the logical relations between these cause events This is based on: - Equipment failure rates - Design and operational error rates - Human errors - Analysis of design safety systems and their intended function 41

Likelihood Assessment Fault Trees Example Process vessel over pressured AND Pressure rises PSV does not relieve AND OR Process pressure rises Control fails high Fouling inlet or outlet Set point too high PSV too small PSV stuck closed 42

Likelihood Assessment Generic Failure Rate Data This information can be obtained from: - American Institute of Chemical Engineers Process Equipment Reliability Data - Loss Prevention in the Process Industries - E&P Forum - UK Health and Safety Executive data - and other published reports (Refer to Sources of Additional Information slides for references) 43

Likelihood Assessment Human Error Human error needs to be considered in any analysis of likelihood of failure scenarios The interaction between pending failure scenarios, actions to be taken by people and the success of those actions needs to be carefully evaluated in any safety assessment evaluation Some key issues of note include: Identifying particular issue Procedures developed for handling the issue Complexity of thought processing information required 44

Likelihood Assessment Human Error Type of Behaviour Extraordinary errors: of the type difficult to conceive how they could occur: stress free, powerful cues initiating for success. Error in regularly performed, commonplace, simple tasks with minimum stress (e.g. Selection of a key-operated switch rather than a non keyoperated switch). Errors of omission where dependence is placed on situation cues and memory. Complex, unfamiliar task with little feedback and some distractions (e.g. failure to return manually operated test valve to proper configuration after maintenance). Highly complex task, considerable stress, little time to perform it e.g. during abnormal operating conditions, operator reaching for a switch to shut off an operating pump fails to realise from the indicator display that the switch is already in the desired state and merely changes the status of the switch. Error Probability 10-5 (1 in 100,000) 10-4 (1 in 10,000) 10-2 (1 in 100) 10-1 (1 in 10) 45

Likelihood Assessment Event Trees Used to determine the likelihood of potential consequences after the hazard has been realised It starts with a particular event and then defines the possible consequences which could occur Each branching point on the tree represents a controlling point, incorporating the likelihood of success or failure, leading to specific scenarios Such scenarios could be: Fire Explosion Toxic gas cloud Information can then used to estimate the frequency of the outcome for each scenario 46

Likelihood Assessment Event Trees Event tree example LPG Pipeline Release 47

Consequences Most scenarios will involve at least one of the following outcomes: Loss of containment Reactive chemistry Injury/illness Facility reliability Community impacts Moving vehicle incidents Ineffective corrective action Failure to share learnings 48

Consequences Consequence evaluation estimates the potential effects of hazard scenarios The consequences can be evaluated with specific consequence modelling approaches These approaches include: - Physical events modelling (explosion, fire, toxic gas consequence modelling programs) - Occupied building impact assessment 49

Consequences - Qualitative Evaluation A qualitative evaluation is based upon a descriptive representation of the likely outcome for each event This requires selecting a specific category rating system that is consistent with corporate culture 50

Consequences - Qualitative Descriptors Example Consequence descriptors Insignificant Minor Moderate Major Catastrophic Health and Safety Values A near miss, first aid injury One or more lost time injuries One or more significant lost time injuries One or more fatalities Significant number of fatalities Environmental Values No impact No or low impact Medium impact Release within facility boundary Medium impact outside the facility boundary Major impact event Financial Loss Exposures Loss below $5,000 Loss $5,000 to $50,000 Loss from $50,000 to $1M Loss from $1M to $10M Loss above $10M 51

Consequences Quantitative Evaluation Consequence analysis estimates the potential effects of scenarios Tools include: - Potential consequences (event tree) - Physical events modelling (explosion, fire and/or gas dispersion consequence modelling programs) - Load resistance factor design (building design) 52

Consequences - Qualitative Evaluation Example Example: Impact of Explosions Explosion Overpressure (kpa) Effects 7 (1 psi) Results in damage to internal partitions and joinery but can be repaired. 21 (3 psi) Reinforced structures distort, storage tanks fail. 35 (5 psi) Wagons and plant items overturned, threshold of eardrum damage. 70 (10 psi) Complete demolition of houses, threshold of lung damage. Note: Calculations can be undertaken to determine probability of serious injury and fatality 53

Consequences - Qualitative Evaluation Example Example - Overpressure Contour - impact on facility buildings Release scenario location 35 kpa 21 kpa 14 kpa 7 kpa 54

Risk Evaluation Risk evaluation can be undertaken using qualitative and/or quantitative approaches Risk comprises two categories - frequency and consequence Qualitative methodologies that can be used are - Risk matrix - Risk nomograms Semi quantitative techniques - Layers of protection analysis - Risk matrix Quantitative - quantitative techniques 55

Risk Assessment - What Type? Qualitative Assessment Simple, subjective, low resolution, high uncertainty, low cost Semi- Quantitative Assessment Detailed, objective, high resolution, low uncertainty, increasing cost Quantitative Assessment 56

Risk Assessment Issues For Consideration Greater assessment detail provides more quantitative information and supports decision-making Strike a balance between increasing cost of assessment and reducing uncertainty in understanding Pick methods that reflect the nature of the risk, and the decision options 57

Risk Assessment Issues For Consideration Stop once all decision options are differentiated and the required information compiled Significant differences of opinion regarding the nature of the risk or the control regime indicate that further assessment is needed 58

Risk Assessment - Qualitative Qualitative risk assessment can be undertaken using the following - Risk nomogram - Risk matrix Both approaches are valid and the selection will depend upon the company and its culture 59

Risk Assessment - Risk Nomogram A nomogram is a graphical device designed to allow approximate calculation Its accuracy is limited by the precision with which physical markings can be drawn, reproduced, viewed and aligned Nomograms are usually designed to perform a specific calculation, with tables of values effectively built into the construction of the scales 60

TIE LINE Risk Assessment - Risk Nomogram LIKELIHOOD Might well be EXPOSURE Expected at Sometime Quite Possible Could Happen Unusual but Possible Remotely Possible Very Rare, Yearly or Less Rare Few per year Unusual Once per Month Occasional Once per Week POSSIBLE CONSEQUENCES Catastrophe Many Fatalities >$100M Damage Disaster Multiple Fatalities >$10M Damage Very Serious Fatality >$1M Damage Serious Serious Injury >$100k Damage 500 400 300 200 100 80 60 40 Very High Risk Consider Discontinuing Operation High Risk Immediate Correction Required Substantial Risk Correction Required Risk must be Most nomograms are used in situations where an approximate answer is appropriate and useful Conceivable but Very Unlikely Frequent Daily Important Disability >$10k Damage 20 Reduced SFARP Practically Impossible Continuous Noticeable Minor Injury / First Aid 10 >$1k Damage 0 Risk Acceptable if Reduced SFARP 61

Risk Assessment - Risk Nomogram Advantages and Disadvantages Accuracy is limited Designed to perform a specific calculation Cannot easily denote different hazards leading to an MA Typically not used by MHFs 62

Risk Assessment - Risk Matrix Hazards can be allocated a qualitative risk ranking in terms of estimated likelihood and consequence and then displayed on a risk matrix Consequence information has already been discussed, hence, information from this part of the assessment can be used effectively in a risk matrix Risk matrices can be constructed in a number of formats, such as 5x5, 7x7, 4x5, etc Often facilities may have a risk matrix for other risk assessments (eg Task analysis, JSA) 63

Risk Assessment - Risk Matrix Results can be easily presented - In tabular format for all MAs - Within a risk matrix Such processes can illustrate major risk contributors, aid the risk assessment and demonstration of adequacy Care needs to be taken to ensure categories are consistently used and there are no anomalies Australian/New Zealand Standard, AS4360, Risk Management 1999, provides additional information on risk matrices 64

Risk Assessment - Risk Matrix Risk matrix example (AS4360) Insignificant 1 Minor 2 Consequences Moderate 3 Major 4 Catastrophic 5 Health and Safety Values Environmental Values Financial Loss Exposures A near miss, First Aid Injury (FAI) or one or more Medical Treatment Injuries (MTI) No impact Loss below $5,000 One or more Lost Time Injuries (LTI) No or low impact Loss $5,000 to $50,000 One or more significant Lost Time Injuries (LTI) Medium impact. Release within facility boundary Loss from $50,000 to $1,000,000 One or more fatalities Medium impact outside the facility boundary Loss from $1,000,000 to $10,000,000 Significant number of fatalities Major impact event Loss of above $10,000,000 A Possibility of repeated events, (1 x 10-1 per year) Significant Risk Significant Risk High Risk High Risk High Risk Likelihood B Possibility of isolated incidents, (1 x 10-2 per year) C Possibility of occurring sometimes, (1 x 10-3 per year) D Not likely to occur, (1 x 10-4 per year) E Rare occurrence, (1 x 10-5 per year) Moderate Risk Low Risk Low Risk Low Risk Significant Risk Moderate Risk Low Risk Low Risk Significant Risk Significant Risk Moderate Risk Moderate Risk High Risk High Risk Significant Risk Significant Risk High Risk High Risk High Risk Significant Risk 65

Risk Assessment - Risk Matrix Advantages If used well, a risk matrix will: Identify event outcomes that should be prioritised or grouped for further investigation Provides a good graphical portrayal of risks across a facility Help to identify areas for risk reduction Provide a quick and relatively inexpensive risk analysis Enable more detailed analysis to be focused on high risk areas (proportionate analysis) 66

Risk Assessment - Risk Matrix Disadvantages Scale is always a limitation regarding frequency reduction - it does not provide an accurate reduction ranking Cumulative issues and evaluations are difficult to show in a transparent manner There can be a strong tendency to try and provide a greater level of accuracy than what is capable 67

Risk Assessment - Semi-Quantitative Approach One tool is a layer of protection analysis approach (LOPA) It is a simplified form of risk evaluation The primary purpose of LOPA is to determine if there are sufficient layers of protection against a hazard scenario It needs to focus on: Causes of hazards occurring Controls needed to minimise the potential for hazards occurring If the hazards do occur, what mitigation is needed to minimise the consequences 68

Risk Assessment - Semi-Quantitative Approach (LOPA) Diagrammatic Representation - LOPA Analysing the safety measures and controls that are between an uncontrolled release and the worst potential consequence 69

Causes Outcomes Risk Assessment - Semi-Quantitative Approach (LOPA) The information for assessment can be presented as a bow-tie diagram Preventative Controls Mitigative Controls M A Hazards Controls Controls Consequences 70

Risk Assessment - Semi-Quantitative Approach (LOPA) Advantages and Disadvantages Risk evaluation can be undertaken using a bow-tie approach A procedural format needs to be developed by the company to ensure consistency of use across all evaluations External review (to the safety report team) should be considered for consistency and feedback Correct personnel are needed to ensure the most applicable information is applied to the evaluation approach 71

Risk Assessment - Quantitative Quantitative assessments can be undertaken for specific types of facilities This is a tool that requires expert knowledge on the technique and has the following aspects: It is very detailed High focus on objective Detailed process evaluations Requires a high level of information input Provides a high output resolution Reduces uncertainty Frequency component can be questionable as generic failure rate data is generally used Provides understanding on the high risk contributors from a facility being evaluated 72

Risk Assessment - Quantitative Typical result output from such an assessment is individual risk contours VRJ Risk Engineers Pty Ltd Rac ec our s e Sc hool Sc hool Light Rail R es erv e Town Center Spor ts C omplex Hos pital Res identual Example shown is for land use planning 10-5 10-10 - 6 7 10-6 Figure 13: Sample Risk Plot - VRJ QRA Risks are in chances per million per year 73

Risk Assessment - Quantitative Time consuming Expensive Expert knowledge is required Not suitable for every MHF site Process upsets (such as a runaway reaction) cannot be easily modelled as an initiating event using standard equipment part counts - incorporation of fault tree analysis required Use of generic failure rate data has limitations and does not take into consideration a specific company s equipment and management system strategies 74

Summary A risk assessment provides an understanding of the major hazards and a basis for determining controls in place Risk assessments can involve significant time and effort Operations personnel and managers could cause, contribute to, control or be impacted by MAs Hence they should be involved in the risk assessment HSRs may or may not take part, but must be consulted in relation to the process of HAZID & Risk Assessment They should also be involved in resolution of any issues that arise during the studies, including improvements to methods and processes 75

Review and Revision Employer must review (and revise) Hazard Identifications, Risk Assessments and Control Measures to ensure risks remain reduced to AFAP: At the direction of the Commission Prior to modification After a major accident When a control measure is found to be deficient At least every 5 years Upon licence renewal conditions 76

Sources of Additional Information The following are a few sources of information covering risk assessment Hazard and Operability Studies (HAZOP Studies), IEC 61882, Edition 1.0, 2001-05 Functional Safety Safety Instrumented Systems for the Process Industry Sector, IEC 61511, 2004-11 Fault Tree Analysis, IEC 61025, 1990-10 Hydrocarbon Leak and Ignition Data Base, E&P Forum, February 1992 N658 Guidelines for Process Equipment Reliability Data, Center for Chemical Process Safety of the American Institute of Chemical Engineers, 1989 77

Sources of Additional Information Offshore Hydrocarbon Release Statistics, Offshore Technology Report OTO 97 950, UK Health and Safety Executive, December 1997 Loss Prevention in the Process Industries, Lees F. P., 2nd Edition, Butterworth Heinemann Layer of Protection Analysis, Simplified Process Risk Assessment, Center for Chemical Process Safety of the American Institute of Chemical Engineers, 2001 Nomogram, Wikipedia, the free encyclopaedia 78

Questions? 79

Example LOPA Assessment Spreadsheet Format Cause Hazard Independent Preventative Protection Layers Mitigative Protection Layers Loss of cooling tower water to conden ser once every 10 years Catastrophic rupture of distillation column with shrapnel, toxic release Columns condenser, reboiler and piping maximum allowable working pressures are greater than maximum possible pressure from steam reboiler Logic in BPCS trips steam flow valve and steam RCV on high pressure or high temperature. No credit since not independent of SIS. High column pressure and temperature alarms can alert operator to shut off the steam to the reboiler (manual valve) Logic in BPCS trips stream flow valve and steam RCV on high pressure or high temperatur e (dual sensors separate from DCS). Pressure safety valve opens on high pressure 80

Example Example Bowtie Assessment System Format MA-1 MA-2 81

2024 © sportdocbox.com Privacy Policy | Terms of Service | Feedback