Professional Documents
Culture Documents
MA-E-230E Agir Manual Rev 3
MA-E-230E Agir Manual Rev 3
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
1/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
REVISIONS
IT: ISSUE A - PRELIMINARY C - FOR INFORMATION E - FOR CONSTRUCTION G - AS BUILT
TYPE B - FOR APPROVAL D - FOR QUOTATION F - AS PURCHASED H - CANCELED
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
2/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
TABLE OF CONTENTS
1.0 PURPOSE 4
2.0 APPLICATION 4
3.0 REFERENCE DOCUMENTS 4
4.0 CODES AND STANDARDS 4
5.0 DEFINITIONS 5
6.0 CONCEPT OF RISK 5
7.0 PROCESSES AND OUTPUTS OF INTEGRATED RISK ASSESSMENT AND
MANAGEMENT 6
7.1 BUSINESS RISK ASSESSMENT 8
7.2 ALTERNATIVE RISK ASSESSMENT 9
7.3 PROJECT RISK ASSESSMENT 10
7.4 INDUSTRIAL FACILITY HAZARD AND OPERABILITY STUDIES - HAZOP 11
7.5 RISK MANAGMEMENT PLAN MONITORING 12
7.6 CRITICAL RISK ASSESSMENT 12
8.0 GUIDELINES FOR ASSESSMENT 13
8.1 ASPECTS TO CONSIDER IN FACILITATING RISK IDENTIFICATION SESSIONS 13
8.2 RISK DESCRIPTION AND CODING 14
8.3 USE OF RISK MANAGEMENT SOFTWARE (STATURE PRM) 16
8.4 CRITERIA FOR INTERRUPTING A RISK ASSESSMENT SESSION 17
9.0 RESPONSIBILITIES 17
9.1 PROJECT LEADER 17
9.2 FUNCTIONAL LEADERS 18
9.3 PROJECT RISK ANALYST 18
9.4 PROJECT RISK CONTROLLER 19
9.5 NORMATIVE AREA OF RISK MANAGEMENT 20
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
3/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
10.0 INTERFACES 21
11.0 INDICATORS 21
ATTACHMENTS 22
ATTACHMENT A - RISK SIPOCS 22
ATTACHMENT B - RISK CRITICAL ANALYSIS 22
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
4/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
1.0 PURPOSE
This document defines the criteria and responsibilities for applying the Integrated Risk
Assessment and Management – AGIR during the development and execution phases in Vale
capital projects.
2.0 APPLICATION
This procedure applies to all Vale capital projects, along the enterprise lifecycle: development
(FEL 1, FEL 2 and FEL 3) and execution, up to the signature of the FAC (Final Acceptance
Certificate). For each phase, the type of analysis shall be appropriate to the project’s
definition level.
Documents listed below have been used in developing this document or include instructions
and procedures applicable to it. They shall be used in their latest revision.
For each process in the manual, support documents are provided in the corresponding
SIPOC (Suppliers, Inputs, Process, Outputs and Client).
Codes and/or standards listed below have been used in developing this document or include
instructions and procedures applicable to it. They shall be used in their latest revision.
ISO 31.000:2009 Risk Management – Principles and Guidelines
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
5/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
5.0 DEFINITIONS
General definitions, common to the universe of project implementation, may be found on GU-
E-400.
Also within the same document, “Corporate risk is the integrated view of the different risk
dimensions, being the responsibility for managing each individual risk dimension of the
business and corporate areas. The procedures for managing each specific risk will be treated
in proper normative documents elaborated by the responsible areas.”
Considering these assumptions and guidelines, there are two areas focused on corporate
and project risk management that are related each other: Operational Risk Management is a
methodology focused on managing corporate, operational and Vale Business risks, and
Integrated Risk Analysis and Management (AGIR), which is the methodology used by Vale in
its capital projects. The image below shows the two methodologies and its connections:
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
6/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
The AGIR methodology, as it is focused on start its application since FEL1 stage and follows
until the end of the Execution stage. In the other hand, the Corporate Risk Management
manages all business risks as long as there is the possibility of operational loses. By default,
projects will generate products for the future operation, and it is very important that, any risk
identified on the early stage of project that might compromise the operation units must be
known by the operational risk team.
Risks can provide pessimistic and optimistic variations on the estimates assumed by the
project and can be classified as:
This document deals specific with risks that affects the projects, and consider a basic
concept of risk as being: The measure of uncertainties about the assumptions adopted for a
project in the different disciplines which are part of it, as well as the impact of such
uncertainties on the project goals: schedule, budget (CapEx), sustainability (Health and
Safety, Environment, Communities an Image) and / or future operation (operability,
maintainability, Operational Health and safety and OpEx).
7/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
All macro-processes defined in the standard ISO 31000:2009 and in NFN-0001 are complied
with by the AGIR methodology, as shown in figure 7.1 below.
Figure 7.2 shows the application of each Integrated Risk Assessment and Management
process throughout the project lifecycle.
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
8/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
Figure 7.2 – Timing for application of each Integrated Risk Assessment and Management – AGIR
process
The processes and the timing for their application are detailed below.
The main goals in the business risk assessment are the identification of potential fatal flaws,
threats and opportunities associated to the business, and the simulation of economic
scenarios evaluated based on the threats and opportunities identified. Based on the
assessment results, a management plan shall be prepared for the potential fatal flaws,
threats and opportunities associated with the business.
The Business Risk Assessment process is described in procedure PR-E-231E. As this is the
stage for business evaluation and for preparing the initial economic feasibility stage in a
project, FEL 1 is considered the most appropriate stage for applying this procedure.
The business risk evaluation is not limited to the initial development phase and, in some
cases, its application can be required during advanced project development and execution
stages. An example is the fact that a great change in market demand and competitor
positioning may demand the application of such analysis regardless of the project phase.
It is recommended that this assessment be performed after the business strategy has been
defined, the market and industry analysis, as well as the economic analysis, have been
performed, and prior to the approval of the business plan.
The output of the business risk assessment is the Integrated Business Risk Assessment and
Management Report, which describes the entire assessment process, and whose
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
9/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
attachments are the “Risk Record”, the “Evaluated Economic Scenarios”, the “Risk
Management Plan”, and the “Attendance lists of participants in all meetings”.
The main goals of the alternative risk assessment are the identification of risks for each one
of the alternatives, and the construction of a multi-criteria decision tree. This decision tree
weight the risk indexes for each one with their economic indicator (LCC – Life Cycle Cost or
NPV – Net Present Value), in order to highlight the alternative which maximize the economic
return, at the same time it minimize the risk level, as provided in figure 7.3.
Examples of the application of this process include: location of a plant, ore transportation
alternatives (railway, pipeline or truck), railway routes, equipment alternatives, etc.
The procedure PR-E-232E describes the risk assessment process for the alternatives.
The project shall perform this assessment before selecting the alternatives for each one of
the relevant trade-offs under development.
As it is the stage for developing the conceptual design, in which the highest number of
engineering alternative studies take place, FEL 2 is considered the most appropriate stage
for applying this procedure.
The alternative risk assessment is not exclusively limited to the FEL 2 phase and, in some
cases, its application may be required during the other project development and execution
stages. Examples include the definition of a technology during FEL 1, or the definition of a
construction methodology during execution.
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
10/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
Based on the assessment results, the identified risks for the selected alternatives should be
evaluated in the project risk analysis (item 7.3) at the end of FEL 2 phase for further
prioritization and development of the risk management plan.
The alternative risk assessment output is the Alternative Integrated Assessment and
Management Report which describes the entire assessment process, and whose
attachments are the “Risk Record” and the “Attendance list for all participants in all
meetings”.
The project risk assessment is designed for the identification of uncertainties, which may
occur in the project during the FEL 2, FEL 3 and execution phases, in order to identify the
risks those may affect positively or negatively on the main project goals.
The main goals in the process are: the risk identification, qualitative and/or quantitative
assessment, risk plan management development. In case of quantitative assessment, based
on Monte Carlo simulation, provides the analysis of the potential impact of the set of
identified risks, simulating the probability of success of the project goals. Based on the
assessment results, a management plan shall be prepared for the potential fatal flaw, main
threats and opportunities identified.
The Project Risk Assessment process is described in procedure PR-E-233E, which describes
the methodology for both the quantitative and qualitative assessments.
During FEL 2, the quantitative methodology shall be applied at the end of the phase, after the
completion of all trade-offs and/or completion of conceptual design.
During FEL 3, the moments for applying the project risk assessment are:
• Stage 1 – Recommended for FEL 3 phase projects which last longer than a
year. The qualitative assessment methodology shall be applied at around
50% of the development in this phase.
• Stage 2 – It shall be applied after CapEx has been defined, in its last revision
for authorizing the execution, and before the planning baseline is defined,
usually at around 90% of the FEL 3 development. During this stage, the
quantitative methodology shall be applied.
During the Execution phase, the moments for the application of this analysis, using the
quantitative methodology are, at least:
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
11/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
Any changes in the frequency suggested above will be under the responsibility of the Project
Leader.
During the execution phase, the activities planned are performed, and the amounts approved
during FEL 3, or the amount defined by the project, such as the trend, are used, in order to
achieve the goals defined by means of the quantitative analysis, with the use of Monte Carlo
analysis.
Hazard and operability studies’ aim is the identification of risks which may compromise
people and industrial facilities safety, and their neighboring areas, the environment, the
operational performance of facilities, and to propose mitigation actions or the elimination of
such risks. This process is described in procedure PR-E-235E.
The analysis shall be performed when the project reaches a definition of basic design of at
least 80%, that is to say, at the end of FEL 3 engineering, prior to the approval of the project.
This process may also be optionally applied at the end of FEL 2 and at the start of execution
phase.
The output of the industrial facility hazard and operability studies is the Industrial Facility
Hazard and Operability Analysis Report – HazOp, describing the entire analysis process, and
whose attachments are the “Risk Record”, including actions for treatment of the identified
risks, and the “Attendance lists of participants in all meetings”
The figure below shows the values of the initial and final risk severities, recalculated
considering treatment actions, as well as the RPN (Risk Priority Number).
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
12/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
DESVIO OPERACIONAL
PARÂMETRO DE
PALAVRA-GUIA ID. DESCRIÇÃO DO DESVIO OBSERVAÇÕES
PROCESSO
CLASSIFICAÇÃO
CLASSIFICAÇÃO
OCORRÊNCIA
OCORRÊNCIA
SEVERIDADE
SEVERIDADE
RPN INICIAL
DETECÇÃO
DETECÇÃO
CONSEQUÊNCIA
RPN FINAL
NFN-0001
NFN-0001
AÇÕES RESPONSÁVEL PELA
ID CAUSA CONTROLE PRAZO
RECOMENDADAS AÇÃO
VIZINHANÇA
LOCAL SISTEMA
IMEDIATA
- Prever sistema
Transbordo de
Falha no sistema de redundante de
minério, Sistema de controle
instrumentação de Alimentador controle de nível;
N1-D1-1 7 indisponibilidade Peneiramento 6 de nível por 5 210 72 4 6 3 72 40 João da Silva 31-ago-15
controle de nível do de correia - Prever instalação
de parte de células radiofrequência
silo sistema CFTV no
do silo
silo SI-2120-01
For the verification of the fulfillment of the actions proposed in the management plan, a
monitoring process was established, as described in procedure PR-E-234E. Efficiency and
effectiveness indicators are measure during this process.
The products of the monitoring process of the risk management plan are the "Monitoring
report" and the "Updated Risk Management Plan."
The professionals of risk normative team, who objectively evaluate the execution of the
Integrated Risk Analysis and Management (AGIR) and Hazard and Operability Analysis
(HazOp) process, carry out the Critical Risk Assessment (ACR).
The assessment comprises the verification of the content and/or maturity of the project
aiming to guarantee:
• Ensure quality and support to the projects during the AGIR application,
seeking to improve the process since the risk identification stage to the
Management Plan development;
• Continuous feeding of the identified risks in the capital projects in the Vale
risks database.
The Risk Critical Analysis can be requested to the Risk Normative Area to be carried out
whenever a third parties or the project itself undertakes the AGIR or HazOp to check its
compliancy to the methodology. On requesting this analysis, the project team must send the
required information no later than a month after the issue of the AGIR and/or HazOp report.
On this case, after receiving the documentation, the risk analysts will have no later than a
month to perform the Risk Critical Analysis.
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
13/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
After issuing the ACR, the project can choose to comply with the recommendations and will
have a 2-week deadline to do so. It is also possible to request a reevaluation for the
normative area, which will have two more weeks to make this second and last assessment.
To request this assessment, there are some documents that necessarily need to fulfilled and
attached to the reports those will be evaluated. Check the specific procedures of each
methodology in order to know about them.
The product of this analysis is the document “Verification of the Integrated Risk Assessment
and Management,” submitted to the project leader and the risk analyst, containing
observations as to the adequacy of the work and suggestions for improvements and
complements. As each verification has its specific details, the Attachment B contemplates all
questionnaires to be chosen according to the applied methodology. As an example, if the
project request a ACR of the Project Risks Assessment, the corresponding worksheet should
be chosen to carry out the Critical Analysis.
Some practical guidelines should be observed during the facilitation of risk identification
sessions:
• Ensure effective participation of the team that is responsible for the project
and/or corporate teams;
• Enable free access and freedom so that the team can identify the risks;
• At the beginning of the risk identification session, there will be a quick
presentation of the purpose of the meeting so that the group will know all the
subjects that will be discussed. The people present will be reminded that
every issue will be addressed sequentially, and, at this moments the subject
will mature when they get into the details of the discussion;
• The work will always be conducted in pairs of risk analysts. While one analyst
registers the information that is commented by the work group, the other
works directly conducting the groups questioning;
• Recording the identified risks is an activity of great importance and very
difficult in view of the dynamic of these meetings. The analyst responsible for
the register must have experience in this kind of job. A poor record may lose
important information provided by the group;
• The impact of the risk will be explained in the description, if identified during
the session. Later on, during the review of the risk record, the information
regarding the impact shall be separated, and filled in the correct field,
complementing and improving the clarity of the information;
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
14/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
In accordance with to the "Practice Standard for Project Risk Management," of the PMI, the
critical factors of success for a project risk management and that should be observed during
the assessment processes are:
It is suggested that the risks be described considering the factors shown below in order to
improve their understanding:
15/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
An example of the risk description: “Licensing authority is overwhelmed due to the existence
of several licensing requests from Vale and other companies. For that reason, the timeframe
estimated by project for obtaining environmental licenses may be insufficient. This fact can
delay civil works”.
The coding of identified risks is essential to your identification and traceability within the
stages of each risk analysis.
The risk code consists of four fields, in accordance with the structure below:
A Threat
O Opportunity
F Fatal Flaw
The "Project Phase" field corresponds to the moment when the risk was identified:
1 FEL1
2 FEL2
3 FEL3
4 Execution
The "Involved Discipline" field corresponds to the discipline to which the risk belongs:
MAM Environment
COM Communities Relationship
RCH Human Resources
FUN Land Management
SEG Health and Safety
ENG Engineering
POP Operational Readiness
SUP Procurement
PLN Planning
CTR Construction
ANE Market Analysis and Economic Evaluation
The “Numerical Sequence” field corresponds to the sequential numbering of the risks: 001,
002, 003, etc. The numerical sequence must be composed of 03 (three) digits, be applied per
discipline and restarted at each project phase for new risks. It is worthy to highlight that the
codification of the risk identified beforehand in a previous phase shall be maintained in the
next identification process.
16/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
• F-1-FUN-001– Fatal Flaw risk, identified during FEL 1, regarding the Land
Management’s discipline, sequential 001;
• A-2-COM-001 – Threat risk, identified during FEL 2, regarding the community
discipline, sequential 001;
• A-3-COM-001 – Threat risk, identified during FEL 3, in the Community
Relations discipline, sequential 001;
• O-4-MAM-001 – Opportunity risk, identified during Execution, regarding
Environmental discipline, sequential 001;
• A-4-MAM-002 –Threat risk, identified during Execution, regarding
Environmental discipline, sequential 002.
It is worth pointing out that the Hazard and Operability Analysis of Industrial Installations –
HazOp, has a specific encoding structure, as defined in procedure PR-E-235E.
There are numerous tools available on the market to manage and control the projects risks
ranging from Excel spreadsheets to sophisticated systems. Vale uses, for FEL3 and
Execution phases, the Stature PRM software.
This software has a unified and up-to-date database that facilitates the risk identification,
promotes the replacement of the Excel worksheets and enables the automatic issuance of
the main reports (Efficiency and/or Efficacy indicators, Action Plan status and Recurring
risks).
Moreover, it allows conducting the AGIR process in different languages (English, Portuguese
and Spanish) increasing the process agility and helps the risk controller on managing the
pending actions from the action plan through a workflow that sends e-mails to the action
owners.
• Rich Client Module: it is a web-based platform that allows the conduction the
whole process through the Internet Explorer. This module is recommended
for the risk analysts and the risk controllers.
• PHA-Pro Module: it is an off line module that allows the user to export his
study to work on places that does not have the Vale network. At the end of
the sessions, the user import the work to the on line module and keep its
bases updated. This module is recommended for the risk analysts.
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
17/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
With the purpose of guaranteeing a minimum quality of the results of the risk assessment,
objective criteria were established to interrupt the assessment session.
The definition and previous knowledge of these criteria by the people involved avoids
subjectivity in the execution of the risk assessment and conflicts provoked by the absence or
deficiency of the infrastructure for its execution.
The interruption of the assessment must be supported by evidence of the criteria and formal
registers to support the decision. The criteria are described in Table 8.1.
9.0 RESPONSIBILITIES
The uncertainties of the project execution are proportional to its size and complexity and the
possible impact of the risks must be considered.
Due to the characteristics expected from a Project Leader (especially anticipation and
systemic vision - 360º), risk management is an essential tool to minimize failures and rework,
avoid fatalities and promote determination of alternative plans, thus providing the projects
with stability, predictability, safety, and competitiveness.
Due to the level of commitment with the project, seniority and decision power – fundamental
attributes of the position – the project leader is solely responsible for the project risk
management, which involves the preparation of a management plan, where actions proposed
to the work group will be critically considered regarding efficiency and execution viability, as
well as execution monitoring.
The Project Leader will be responsible for guaranteeing the effective participation of his team
and all teams, which have some interface with the project at all necessary moments for the
assessment, as well as provide the necessary information to the analysts and guarantee its
truthfulness. He is also responsible for guaranteeing the fulfillment of the assessment
planning, according to deadlines established in the procedures and assessment planning.
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
18/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
• Assign the analyst and risk controller before the start of the work
• The project leader must make available their representatives for full-time participation in the
risk assessment meeting. The representatives must be able and fully qualified to answer
the questions they are presented.
• The project Leader will provide, on a timely basis, all the documents necessary to the risk
assessments, as specified in the AGIR methodology procedures, as well as guarantee the
truthfulness of the information. Only the requested documents will be sent to the persons
responsible for the risk assessment.
• Define which actions if the risk management plan will be tracked by each indicator
(efficiency and effectiveness) with support from the risk controller;
• Follow up the fulfillment of risk management plan;
• Provide professional to follow the verification of monitoring process.
The Functional Leaders will support the Project Leader in the definition of strategies and
actions for the risk management of their projects and they will also provide the resources
necessary for the risk assessments and for the fulfillment of the actions defined in the risk
management plan.
They will also validate demands for change in the risk management plan.
Given the needed level of commitment to the project, this function must be carried out be a
Vale employee, although it may, in special cases, be filled by a project contractor employee.
It is worth noting that the risk analyst must be formally named and that, due to the
characteristics of his position, it is recommended that he is not part of the project team under
his analysis. This analyst must also establish great interaction with the planning coordinator
and the cost engineer.
The risk analyst is the technician responsible for executing the risk assessment processes.
To this end, this professional must have the following attributes:
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
19/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
• Systemic vision of the project to highlight how the risks can interfere in the
set of all the disciplines that make up the project;
• Independence to identify risks and present the results of the performed
assessment, before the other project coordinators, from the manager of the
project himself and the PMO of the business unit;
• Communication ability to work as a facilitator in the work and research
sessions involved in the identification and assessment activities. Must be
able to write the risk assessment technical reports.
The risk analyst has direct and final responsibility over the set of identified risks regarding
their amplitude, scope, and degree of detailing, as well as the set of conclusions of the
assessments. The analyst must have full knowledge of the foundations and methods used in
the risk identification and assessment.
It is also the responsibility of this professional to duly manage the documentation and the
databases, records, histories, reference documents and calculation records used in the
activities developed for the project risk management.
The responsibilities of the Project Risk Analyst are detailed on the table below:
• Perform the risk assessment of the project management plans under his responsibility.
• If it is requested the development of the Risk Critical Analysis, the risk analyst will send a
complete assessment report (AGIR or HazOp), including the attachments, together with the
support documentation on the project, to the Normative Area of Risk Management of
Capital Projects;
The risk controller must be formally assigned by the project manager in agreement with the
risk analyst. The controller is responsible for establishing the great interaction with all the
project coordinators and all the other areas of the business and corporate units with defined
responsibilities in project risk management. The controller will be responsible for the
communication, monitoring and control of the execution of the risk management plan and
also for its possible reviews, as set out in PR-E-234E.
• Capacity of dialogue with the project coordinators and all the other areas of
the business unit and corporate areas;
• Experience in follow-up and communication of physical and financial
execution of action plans;
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
20/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
• Systemic vision of the project to highlight how the risks can interfere in the
set of all the disciplines that make up the project.
The responsibilities of the Project Risk Controller are detailed on the table below:
• Check the status of fulfillment of the actions with the responsible for its implementation;
• File objective evidence of fulfillment of actions executed;
• File and make available, when requested, the evidence that proves the execution of the
actions defined in the management plan, as well as allow free access and necessary
information to the verification process of the risk management plan.
• Inform the Project team and responsible for the pending actions and next actions;
• Define which actions the risk management plan will be tracked by each indicator (efficiency
and effectiveness) with the project leader;
• Review risk management plan if necessary;
• Register history of mitigation, elimination or capture of risks on the cover of the risk
management plan;
• Register deviations and issues;
• Calculate monitoring indicators;
• Fill out the monitoring report;
• Forward the monitoring report to the project leader and functional leaders.
This area is responsible for the definition, implementation and continuous improvement of the
AGIR methodology to be applied in all Vale capital projects.
This team must provide technical advice to Vale projects under development and execution
phases regarding the execution and hiring of risk assessments. They also can support the
risk management process in the projects as a participant of the work groups during the
sessions.
The responsibilities of the Normative Area of Risk Management are detailed on the table
below:
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
21/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
10.0 INTERFACES
The following areas may be involved on the Risk Assessment Process and may have some
interfaces:
Table 10.1 - Interfaces
Contractors
• In the risk assessments carried out by the specialized contractor, these services must be
in total compliance with the procedures referring to the AGIR methodology. The
exceptions must be treated individually between the business unit team and the Normative
Risk Management Area;
• The confidentiality preservation and total protection of Vale's organizational process
assets must be required from service providers;
• The contractors can be invited to attend the assessment sessions or required to provide
some information to the analysis team such as, engineering information among others.
Corporate Divisions
11.0 INDICATORS
PE-G-608E_Rev_14
CLASSIFICATION
ENGINEERING
INTERNAL USE STANDARDIZATION SYSTEM -
SPE
TITLE VALE No. PAGE
22/22
INTEGRATED RISK ASSESSMENT AND MANAGEMENT MA - E - 230E
REV.
MANUAL (AGIR)
3
ATTACHMENTS
Your participation is essential for the SPE collection improvement and maintenance processes.
PE-G-608E_Rev_14