NVQ Study Guide for

City & Guilds NVQ Diploma in Occupational Health and

Safety

Knowledge Unit A 7
Managing Health & Safety
The Assessment and evaluation of risk

Written by Mr Darren Platts CMIOSH MCMI

CEO Ordosafe Consultants

Edited & Unitised by Mike Watson CMIOSH Dip RSA MIIRSM FlnstLM
Chairman Specialist Vocational Training Ltd

1
 Element A 7 :

Assessment and
evaluation of risk

Unit A:
Managing Health & Safety 2 December 2016
Element A7: The assessment and evaluation of risk
Learning Outcomes
Upon completion of this element, you should be able to:

 Explain how to use internal and external information sources in identifying hazards and the assessing
of risk
 Outline the use of a range of hazard identification techniques
 Explain how to assess and evaluate risk and to implement a risk assessment programme
 Explain the analysis, assessment and improvement of system failures and system reliability with the
use of calculations

References used for this element and further reading

Statutory instruments
Management of Health and Safety at Work Regulations 1999 (as amended)
Link:
Management of Health and Safety at Work Regulations (Northern Ireland) 2000 (as amended)

Other relevant references

Controlling the risks in the workplace
Link:
HSE’s The Health and Safety Toolbox: how to control risks at work
Managing for health and safety, HSG65
Link:
Reducing Risks, protecting people, R2P2
Link:
Risk assessment, A brief guide to controlling risks in the workplace, INDG 163
Link:

INTRODUCTION
A key element to the management of health and safety is the identification of associated hazards
(things that may cause harm) and the likelihood that potential harm will be realised. The risk
assessment process allows organisations to look at their risk and control it to a level that would be
deemed acceptable.
Next, we will look at risk management and the risk assessment process.
DEFINITIONS

Hazard: ‘something with the potential to cause harm (this can include articles, substances, plant or machines,
methods of work, the working environment and other aspects of work organisation)’

Risk: ‘the likelihood of potential harm from that hazard being realised’

Risk assessment: ‘identifying preventive and protective measures by evaluating the risk(s) arising from a
hazard(s), taking into account the adequacy of any existing controls, and deciding whether or not the risk(s) is
acceptable’

Unit A:
Managing Health & Safety 3 December 2016
A7.1 SOURCES OF INFORMATION USED IN IDENTIFYING HAZARDS AND ASSESSING
RISK
Accident/Incident and ill-health data and rates

Incidence
Incidence is what reflects the number of new cases for an event in a population over any given time frame. It
is sometimes used to describe accidents as a new event.

Prevalence
Prevalence can be defined as the total number of cases in a particular population as a proportion of the total
population. It is used as a means to represent ill-health data and statistics and accounts for both new cases
and those who are already suffering.

Incidence is usually more useful than prevalence in understanding the disease etiology: for example, if the
incidence rate of a disease in a population increases, then there is a risk factor that promotes the incidence

frequency
The frequency of an accident can be used to show trends and patterns of when harm hay occur. For example;
when identifying hazards, has an incident occurred previously with this activity?, what was the frequency? If
you had one accident with the activity in the past 10 years then likely the risks will be low, however, if the
frequency of accidents is high, more protection may be required when the hazards are identified.

Many sources of data are available to an organisation when identifying hazards for conducting risk
assessments. The source of such data can be both internal and external to the organisation.

EXTERNAL INFORMATION SOURCES

HSE – Health and Safety Executive UK
The UK’s HSE is an excellent source of information. The organisation provides up to date guidance for
organisations on how to manage risk associated with their activities and industries. Much of the information
is free and can be accessed around the world.

European Safety Agency

The European safety agency aim is to make European workplaces safer, healthier and more productive for the
benefit of business, employees and governments. They promote a culture of risk prevention to improve
working conditions in Europe.

International Labour Organisation (ILO)

The main aims of the ILO are to promote rights at work, encourage decent employment opportunities,
enhance social protection and strengthen dialogue on work-related issues. The ILO aims to create worldwide
awareness of the dimensions and consequences of work-related accidents, injuries and diseases and to place
the health and safety of all workers on the international agenda and to stimulate and support practical action
at all levels. They also provide guidance and statistics that will provide information when identifying hazards
and assessing risk.

World Health Organisation (WHO)

The WHO goal is to build a better, healthier future for people all over the world. Their role is to direct and
coordinate international health within the UN system. A lot of information surrounding” health” is available
and monitored through the WHO.

Professional and trade bodies

Much information can be sought from professional or trade bodies. For example, the Institution of
Occupational Safety and Health in the UK (IOSH) can be an excellent source of information pertaining to
managing risk within your business.

Unit A:
Managing Health & Safety 4 December 2016
INTERNAL INFORMATION SOURCES
Internal information to the organisation is very useful and indeed required when assessing and identifying
hazards associated with the organisations activities. We can find this information from a range of sources.

Injury, and ill-health data

Injury data is a good source of information within the organisation. By identifying this reactive data and
analysing it you can see the trends that are emerging and the areas that will need control. For example,
monthly hand injuries are high. This would allow us to see a failure in the management system and elements
of control. Such information can be used to plan campaigns, identify shortcomings and monitor the health of
the management system implementation.
Near-miss information
Near miss information is an excellent source. It allows us to build a picture of the top most, frequent “hazard”
is. By reporting near misses, we can easily identify the top hazards that require control. This data
should/would be recorded meaning that it can be traced back to analyse past events and possible predict
future trends.

Maintenance records
Whether it is for machines, vehicles or plant, an items maintenance records can be good sources of
information when analysing hazards and risk. A piece of machinery may require regular maintenance which
requires a full shutdown each time to ensure that maintenance is carried out safely. This would allow for the
identification of potential risks associated with the maintenance activities.

The uses and limitations of external and internal information sources.

Information can come from a variety of sources and can be used or misused for different reasons. You may
require information for research into a new idea you would like to put forward, a risk assessment process, or
while preparing a policy or training manual. This data of course has different uses and has some limitations.

Use and Limitations

Internal sources

 Relevant to risk assessments

 Accident data is good; however, the absence of accident data does not necessarily mean good
systems and a safe environment and may be untrustworthy
 A low number of accidents may be difficult to establish and identify trends
External sources
 Statistics available are based on a larger sample
 The type of industry covered may be much wider than your own situation
 More relevant

When comparing data between organisations, remember:

 They may use different definitions and calculations for statistics and to classify injuries etc
 Figures may be for employees only and could be misleading for an organisation that makes wide use
of contractors
 Culture differences – an injured worker might be brought back to work on restricted or ‘light’ duties in
order to avoid recording as a lost-time accident

Unit A:
Managing Health & Safety 5 December 2016
Unit A:
Managing Health & Safety 6 December 2016
A7.2 HAZARD IDENTIFICATION TECHNIQUES
One of the most important aspects a risk assessment is accurately identifying the potential hazards associated
with the workplace or task. To assist with this, there are many methods and techniques available. We will look
at a variety of options over this next element.

Using observation
Observations can be both formal and informal. Informal observation is the day to day mindfulness and being
watchful of hazards and unsafe behaviours in the organisation. Observation is important as it can be a great
tool in identifying live hazards. For example, a routine inspection would also be classed as observations as
people are observing what is happening, this will allow for early hazard identification. Observation
programmes can be used such as behavioural observations. This would allow for observing unsafe behaviours
and hazards associated with the job.

Task analysis
There are a few different methods to assist in identifying hazards associated with a task OR job OR indeed
even an activity:

Job Hazard Analysis (JHA)

A job hazard analysis is a technique that focuses on job tasks to identify hazards before they occur. It focuses
on the relationship between the worker, the task, the tools, and the work environment. Ideally, after you
identify uncontrolled hazards, you will take steps to eliminate or reduce them to an acceptable risk level.

Job safety analysis (JSA)

A job safety analysis (JSA) is a procedure which helps integrate accepted safety and health principles and
practices into a task or job operation. In a JSA, each basic step of the job is to identify potential hazards and to
recommend the safest way to do the job.

Checklists
Checklists are a useful way to identify hazards in the workplace. They allow for the methodical evaluation of
items listed to ensure all hazards are identified. Hazards can be listed under different topics and can be
general or specific. For example:

Machinery Hazard Assessment Checklist

Sn Item - Guarding Status Comments/Recommendations

Do guards stop workers touching
1 Yes/No
dangerous moving parts?
Do guards stop objects falling into the
2 moving parts or from exploding out of the Yes/No
machine?
Do guards allow safe, comfortable and
3 Yes/No
easy use of the machine?

Another example would be from the UK’s HSE. This is in relation to the identification of slip and trip hazards:

Unit A:
Managing Health & Safety 7 December 2016
Such checklists will assist the user to keep track.

Hazard and operability studies

HAZOP (hazard and operability) studies are structured, procedural tools designed to highlight the deficiency
and shortcomings in the design and operation of industrial plants. HAZOP studies aim to identify hazards and
operability problems in plants, which if they were to occur, could reduce the plant's ability to achieve target
productivity in a safe manner.

The importance of worker input

When identifying hazards, it is always key to involve the workforce. The workforce are the ones who may be
exposed to the hazards every day, they will see what you or I may not see. They will understand the task and
the activity and feel inclusive to the process. They will also feel that the company is doing something to
improve the health and safety or the organisation, in turn improving morale. This is a great way to ensure that
all hazards associated with the assessment are taken into consideration. A safety professional cannot and
should not be expected to know all hazards associated with all tasks and this is where worker involvement is
key.

Unit A:
Managing Health & Safety 8 December 2016
A7.3 ASSESSMENT AND EVALUATION OF RISK
Risk assessments can be carried out in many ways, although mostly the basic principles remain the same. The
following is the UK HSE’s five step approach:

1. Identify the hazards

2. Identify who can be harmed and how
3. Evaluate the risk associated with the hazards and decide whether existing precautions are adequate
or more control is required
4. Record the significant findings
5. Review the assessment

USE AND LIMITATIONS OF GENERIC, SPECIFIC AND DYNAMIC RISK ASSESSMENTS

There are several different risk assessments available to use. In the UK and some other countries, it
is a legal requirement to carry out an assessment of the risks.

Generic Risk Assessments

Generic risk assessments written assessments, and provide the framework to describe how all risk
assessments are carried out in practice. Many assessments are dynamic, forever changing to deal with the
changing nature of the work. It is not realistic to write all these down, but an assessment must take place,
nevertheless. Typically, they cover a defined range of activities. For example, it would not be reasonably
practicable to record a risk assessment every time someone crossed a road, but a generic risk assessment
could describe the general procedure for doing so.

Specific Risk Assessments

Specific risk assessments can be used in “specific” scenarios to assess “specific” areas. For example, a specific
risk assessment could be conducted for:

 Working at height
 A project site/activity
 Manual handling
 fire

Unit A:
Managing Health & Safety 9 December 2016
In some circumstances, specific risk assessments relate to legal requirements or duty. In the UK for example
entities must carry out specific risk assessments for the likes of fire, noise, asbestos etc. The specific legal
requirements must be fed into the risk assessment where this is the case.

Dynamic Risk Assessments

A dynamic assessment is a continuous assessment of risk in a rapidly changing environment to implement
control measures necessary to ensure an acceptable level of safety is maintained. They are not written down,
but take place within a framework that enables competent persons to respond to changing circumstances.
Emergency services must make dynamic risk assessments when dealing with call-outs for example, but
receive training on the use of various response techniques.

A dynamic Risk Assessment Method sets out five stages:

 Evaluate the situation: consider issues such as what operational intelligence is available, what tasks
need to be carried out, what are the hazards, where are the risks, who is likely to be affected, what
resources are available?
 Select systems of work: consider the possible systems of work and choose the most appropriate. The
starting point must be procedures that have been agreed in pre-planning and training. Ensure that
personnel are competent to carry out the tasks they've been allocated.
 Assess the chosen systems of work: are the risks proportional to the benefits? If yes, proceed with the
tasks after ensuring that goals, both individual and team, are understood; responsibilities have been
clearly allocated; and safety measures and procedures are understood. If no, continue as below.
 Introduce additional controls: reduce residual risks to an acceptable level; if possible, by introducing
additional control measures, such as specialist equipment or personal protective equipment.
 Reassess systems of work and additional control measures: if risks remain, do the benefits from
carrying out the task outweigh the costs if the risks are realised? If the benefits outweigh the risks,
proceed with the task. If the risks outweigh the benefits, do not proceed with the task, but consider
safe, viable alternatives.

Dynamic assessments largely depend upon the knowledge and competence of the person carrying it out. For
example, a postman on his own would assess the risk each time he enters a garden or house driveway to post
his mail. He may face different situations each time and as such is constantly aware of his surroundings
assessing what he needs to do to be safe.

Limitations of the risk assessment processes

Regulators must also acknowledge that there is an ethical dimension to the public's attitude to acceptance of
risk. There are some people who judge that certain hazards should not be entertained at all, no matter how
low the risks, eg. in relation to nuclear power. Others feel that the use of risk assessment is morally wrong
because, however small the risks may be, it legitimises the concept that it is acceptable for some people to be
exposed to man-made risks, for the environment to be polluted or for experiments to be done on animals, so
that others may benefit.

From a different perspective, there is a strong belief from some parts of industry and elsewhere that risk
assessment may overestimate risks and therefore cause undue alarm and despondency among the public,
particularly those risk assessments that represent the worst-case scenarios. On the other hand, many
pressure groups believe that risk assessment may often inherently underestimate the true magnitude of the
problem, by ignoring, for example, salient factors such as synergies among exposures and vast variations in
susceptibility among humans.

Perhaps all this is but recognition that assessing risks is full of uncertainties; that the science underlying most
risk assessment assumptions is often inconclusive or untestable. In short risk assessment in its present form
can only be used to inform a decision. It should not be used blindly to dictate it.

Temporary and non-routine situations

Unit A:
Managing Health & Safety 10 December 2016
A suitable and sufficient risk assessment should cover the hazards and significant risks of all work activities,
including routine and non-routine, temporary work, one-off as well as regular activities. Non-routine and
temporary works are jobs and tasks that are performed irregularly or being performed for the first time. Since
these tasks and jobs are not performed regularly, it can be difficult to understand all of the hazards associated
with the job. The non-routine and temporary works are to be strictly controlled via permit to work practice
and risk assessments

Consideration of long-term hazards to health

When undertaking risk assessment, the hazards to health may not be immediately recognisable. We should
consider the potential long-term damage or health effects that the hazard may have. For example: Asbestos
has a long gestation period meaning that it can take many years for the symptoms and effects to show.

Qualitative, semi-quantitative and quantitative assessments

Risk assessments can be simple or complex depending on the activities or processes being assessed.
Generally, there are three types of risk assessment;

 Qualitative
 Semi-Quantitative
 Quantitative

Qualitative Risk Assessment

Where the hazards presented by the undertaking are few or simple, for example in many small businesses, it
is appropriate to just carry out a simple qualitative risk assessment. A qualitative risk assessment should be a
systematic examination of what in the workplace could cause harm to people, so that decisions can be made
as to whether existing precautions or control measures are adequate or whether more needs to be done to
prevent harm.

In a qualitative assessment, it is appropriate to complete just the following steps:

 Identify the hazards;

 Identify the possible consequences (Decide who might be harmed and how);
 Evaluate risk (and decide whether the existing precautions are adequate or whether more should be
done)
 Record the findings.

Probability Consequence of Occurrence

of
Very Low Low Moderate High Very High
Occurrence
Very High
High
Moderate
Low
Very Low

Sample Qualitative Risk Matrix

Unit A:
Managing Health & Safety 11 December 2016
Semi-Quantitative Risk Assessment
In many intermediate cases where the hazards are neither few and simple, nor numerous and complex, for
example if there are some hazards that require specialist knowledge, such as a complex process or technique,
it may be appropriate to supplement the simple qualitative approach with a semi-quantitative assessment.

In carrying out semi-quantitative risk assessments, simple qualitative techniques, supplemented by for
example measurements to identify the presence of hazards from chemicals or machinery, or the use of simple
modelling techniques may be appropriate. Simple modelling techniques may be used to derive order of
magnitude estimates of the severity of the consequences and likelihood of realisation of hazards. These
estimates can be combined to obtain estimates of the order of magnitude of the risk.

Probability of Consequence of Occurrence

Occurrence Very Low Low Moderate High Very High
(1) (2) (3) (4) (5)
Very High (5)
High (4)
Moderate (3)
Low (2)
Very Low (1)

Low
Medium
High
Severe

Quantitative Risk Assessment

Quantitative risk assessment is the most commonly used method in process industries. It allows for
quantification of risk for major hazards. It is used primarily in the oil & gas and nuclear sectors.

Where the hazards presented by the undertaking are numerous and complex, and may involve novel
processes, for example in the case of large chemical process plants or nuclear installations, detailed and
sophisticated risk assessments will be needed, and it is appropriate to carry out a detailed quantitative risk
assessment in addition to the simple qualitative assessment. Quantitative risk assessment (QRA) involves
obtaining a numerical estimate of the risk from a quantitative consideration of event probabilities and
consequences (in the nuclear industry the term ‘probabilistic safety analysis’ is used in place of QRA).

In carrying out quantitative risk assessments, special quantitative tools and techniques will be used for hazard
identification, and to estimate the severity of the consequences and the likelihood of realisation of the
hazards. Where such methods and techniques are used, it is important that they are carried out by suitably
qualified and experienced assessors. The results of the QRA will be numerical estimates of the risk, which can
be compared to numerical risk criteria at the risk evaluation stage.

Organisational arrangements for implementing and maintaining an effective risk assessment programme
including procedures, recording protocols, training, competence, responsibilities, authorisation and follow-up
of actions, monitoring and review

Unit A:
Managing Health & Safety 12 December 2016
The use of risk assessment in the development of safe systems of work and safe operating procedures

A risk assessment is the first assessment that allows the organisation to build a picture of the hazards and
risks. Once completed, the risk assessment provides controls that are required in order to provide a safe
activity. As such, the risk assessment can be used to draw information when developing a safe system of work
or indeed a safe operating procedure.

Acceptability/tolerability of risk

This is the risk that remains once controls have been decided. An example could be working at height
whereby a slip results in a fall, insufficient guarding, by placing the guard rail this could prevent the fall but
the slip might remain. It is the same with other situations whereby all reasonable measures are taken to
remove the risk but a small residual risk remains.

Once residual risk has been identified and control measures applied, it remains to be seen if the residual risk
will be of an acceptable level. One can conclude that sufficiency of knowledge is deemed acceptable to
ascertain the risk parameters, however, legislation places a general duty to reduce the level of risk so far as
reasonably practicable. Therefore ‘practicable’ means employers must use any new technologies to reduce
the likelihood of harm.

The UK’s HSE produced a book entitled “Reducing risks, protecting people”. The book and discussion lays out
the principles of acceptability and tolerability giving a balanced view of what should be considered and taken
into account.

Unit A:
Managing Health & Safety 13 December 2016
A7.4 SYSTEMS FAILURES AND SYSTEM RELIABILITY
The meaning of the term ‘system’
A system is something that as a whole is made up of many parts.

The principles of system failure analysis

A systems failure occurs when a system does not meet its requirements A systems failure analysis is an
investigation to determine the underlying reasons for the non-conformance to system requirements. A
systems failure analysis is performed to identify non-conformance root causes and to recommend
appropriate corrective action. It can be classed as the process of collecting and analysing data associated with
a system to determine the cause or cause4s of failure.

Holistic and reductionist approaches

A holistic approach to failure analysis is based on the theory that certain wholes are to be regarded as greater
than the sum of their parts, and that looking at the system is more valuable than detailing the components
and analysing each element.

A reductionist approach is based on the principle of analysing complex systems into single constituents or
following the principle that a system can be fully understood in terms of its isolated parts, or an idea
understood in terms of simple concepts.

Using calculations in the assessment of system reliability

Calculations can be used in reliability theory to examine a system with many components to calculate its
overall reliability and the probability the system will work and continue to keep working. Systems can be
modelled in a variety of structures such as; Parallel, series or a combination of both – Mixed.
Let’s take a look:

Parallel
A parallel system will work if one of the components is working as it is side by side operations.

In this type of operation, a failure of component A or B would not affect the overall system, however, if both
components failed, this would mean the system would not be able to operate.

Let us refer to the reliability of the system as “R”. if we look at the diagram we can calculate as follows;

R = 1 – (1-RA) (1 – RB)

Unit A:
Managing Health & Safety 14 December 2016
Series
For a system in series to be successful, each component should function correctly. A failure of any one of the
components would result in complete failure of the whole system.

A B C

Considering the above diagram let us consider A, B and C as components in series. We can calculate reliability
as;

R = RA x RB x RC

Mixed systems
Mixed systems can combine the use of both parallel and series components structures.

A D

In the diagram above of a mixed system, failure can be caused through components A or B and C, or D.
A failure of either B or C alone would not lead to a complete failure of the system.

Principles of human reliability analysis (HRA)

Human reliability is related to human factors and ergonomics and refers to the reliability of humans. Human
reliability is important due to the contributions of humans to the resilience of systems and to possible adverse
consequences of human error or oversights.

Human reliability assessment (HRA) involves the use of qualitative and quantitative methods to assess the
human contribution to risk. There are many and varied methods available for HRA, with some high hazard
industries developing ‘bespoke’, industry focused methods.

It uses a structured approach used to identify potential human failure events (HFEs) and to systematically
estimate the probability of those errors using data, models, or expert judgment.

Unit A:
Managing Health & Safety 15 December 2016
METHODS FOR IMPROVING SYSTEM RELIABILITY

The reliability of any system can be significantly improved in several ways. This largely can be dependent on
using reliable components are continuously developed to improve their reliability. This can be achieved by
using quality control and quality assurance in the design and manufacture of components. There are also
several other ways to improve a system, such as:

Parallel redundancy
Redundancy is the duplication of critical components or functions of a system with the intention of increasing
reliability of the system, usually in the form of a backup or fail-safe, or to improve actual system performance.
The parallel system will operate in the event of a component failing in the primary system.

Standby systems
A standby system is when an identical critical system is provided alongside the main system which remains in
standby mode. In the event of failure of the primary system, the standby system would be activated to ensure
continuous operation.

Minimising failures to danger

The term failure to danger is given to component failure where the failure mode causes a dangerous event or
situation. A good example would be the failure of an interlocking component on a machine. The interlock is
designed to have a failure mode that would prevent the machine from operating. However, should this fail
and the machine still operate this would create a “dangerous” situation.

Planned preventive maintenance (PPM)

Planned preventive maintenance is the maintenance that consists of planned interventions that are
considered to prolong the life of equipment and/or a component. Such maintenance would consist of an
inspection or service of components/parts whereby some components would be required to be replaced or
serviced at set intervals. This can greatly improve the reliability and indeed the longevity and service life and
safety of the system.

Minimising human error

Human error is certainly influential on a systems reliability. It can be said that by influencing human
behaviours and minimising human error we could assure system reliability.

Unit A:
Managing Health & Safety 16 December 2016
A7.5 FAILURE TRACING METHODOLOGIES
We must be able to trace failure in order to identify the root causes and to see what can be done to prevent
recurrence in the future. This can be done both proactively (as a study) or reactively (as an investigative
process). Next, we will look at some of the more complex failure tracing methods used in the industry.

Hazard and operability studies (HAZOP)

HAZOP (hazard and operability) studies are procedural tools designed to highlight the deficiency and
shortcomings in the design and operation of industrial plants. HAZOP studies aim to identify hazards and
operability problems in plants, which if they were to occur, could reduce the plant's ability to achieve target
productivity in a safe manner. It was initially developed by Imperial Chemical Industries (ICI) Ltd for improving
the safety of their chemical plants. The

procedure proved to be so successful that it gained acceptance within industry as a useful tool for qualitative
hazard analysis. The technique is now widely used as a standard procedure for safety assessment in the
process, chemical, petroleum industries and many others.

The principle of reasonable practicability means to assess risk, and proportion new measures of control to
such assessments. This has led to a methodology of quantified risk assessment which is an important element
in producing a balanced decision on the precautions to be applied to reduce the components of the overall
risk, particularly where major hazards are concerned, and for prioritising or targeting control measures.

There are different types of HAZOP:

 Process – to assess plant and process systems

 Procedure – review of procedures or operational sequences

 Software – to identify

Fault tree analysis (FTA)

Fault Tree analysis is a deductive reasoning method (from generic to specific information) for determining the
causes of an incident.

A Fault Tree is a vertical graphic model that displays the various combinations of unwanted events that can
result in an incident. The diagram represents the interaction of these failures and events within a system.
Fault Tree diagrams are logic block diagrams that display the state of a system (Top Event) in terms of the
states of its components (basic events). A Fault Tree diagram is built top-down starting with the Top Event
(the overall system) and going backwards in time from there. It shows the pathways from this Top Event that
can lead to other foreseeable, undesirable basic events. Each event is analysed by asking, “How could this
happen?” The pathways interconnect contributory events and conditions, using gate symbols (AND, OR). AND
gates represent a condition in which all the events shown below the gate must be present for the event
shown above the gate to occur. An OR gate represents a situation in which any of the events shown below the
gate can lead to the event shown above the gate.

FTA analysis is mainly used in the fields of safety engineering and reliability engineering mainly to:

 Understanding how systems can fail

 Identifying the best ways to reduce risk
 Determine or get an idea of event rates of a safety accident.
This method is mostly used in high hazard industries such as: Nuclear power, chemical and process,
petrochemical and pharmaceutical.

Unit A:
Managing Health & Safety 17 December 2016
FTA analysis involves five steps:

1. Define the undesired event to study

Definition of the undesired event can be very hard to catch, although some of the events are very easy and
obvious to observe. An engineer with a wide knowledge of the design of the system or a system analyst with
an engineering background is the best person who can help define and number the undesired events.
Undesired events are used then to make the FTA, one event for one FTA; no two events will be used to make
one FTA.

2. Obtain an understanding of the system

Once the undesired event is selected, all causes with probabilities of affecting the undesired event of 0 or
more are studied and analysed. Getting exact numbers for the probabilities leading to the event is usually
impossible as it may be very costly and time consuming to do so. Computer software is used to study
probabilities. For the event, all causes are then numbered and sequenced in the order of occurrence and then
are used for the next step, constructing the fault tree.

3. Construct the fault tree

After selecting the undesired event and having analysed the system so that all the causing effects are known
(and if possible their probabilities) the fault tree can be constructed. Fault tree is based on AND and OR gates
which define the major characteristics.

4. Evaluate the fault tree

After the fault tree has been assembled, it is evaluated and analysed for any improvement or in other words
study the risk management to find ways for system improvement. The final step is to control the hazards
identified.

5. Control the hazards identified

After identifying the hazards, all possible methods are pursued to decrease the probability of occurrence.

Event tree analysis (ETA)

Event tree analysis is a forward-thinking process, based on binary logic, in which an event either has or has
not happened or a component has or has not failed. It is valuable in analysing the consequences arising from
a failure or undesired event.

An event tree begins with an initiating event, such as component failure, increase in temperature/pressure or
a release of a hazardous substance. The consequences of the event are followed through a series of possible
paths. Each path is assigned a probability of occurrence and the probability of the various possible outcomes
can be calculated.

In the following example fire protection is provided by the sprinkler system. A detector will either detect the
rise in temperature or it will not. If the detector succeeds the control box will either work correctly or it will
not - and so on. There is only one branch in the tree that indicates that all the sub-systems have succeeded:

Procedures for Performing Event Tree Analysis

Four steps are necessary to perform ETA:

Step 1 Identify an initiating event of interest.

Step 2 Identify the safety functions designed to deal with the initiating event.

The safety functions (safety systems, procedures, operator actions, etc.) that respond to the initiating event
can be thought of as the plant’s defence against the occurrence of the initiating event. These safety functions
usually include:

Unit A:
Managing Health & Safety 18 December 2016
Safety systems that automatically respond to the initiating event, including automatic shutdown systems.
Alarms that alert the operator when the initiating event occurs.
Operator actions.

The analyst should identify all system functions and their intended purpose for mitigating the effects of the
initiating event. The analyst should list the safety functions in the order in which they are intended to occur.

Step 3 Construct the event tree. The event tree displays the logical progression of an accident. The event
tree begins with the initiating event and proceeds through the successes and / or failures of the safety
functions that react to the initiating event. Only two possibilities are considered when evaluating the
response of the safety functions, that it is a success or a failure. The success of a safety function is defined as
its ability to prevent the initiating event from progressing further, thus preventing an accident. The failure of a
safety function is defined as its inability to stop the progression of an initiating event or alter its course so that
the other safety functions can respond to it.

Step 4 Describe the resulting accident event sequences. The accident event sequences represent a multitude
of incidents that can result from the initiating event. One or more of the sequences may represent in an
accident. The analyst defines the successes and failures in each resulting sequence and compiles a description
of its expected outcome.

The analyst then ranks the accidents based on the severity of their outcomes. If enough data is available, the
analyst can use probabilistic analysis to estimate accident probabilities from event probabilities, and thus
obtain additional information for ranking the accidents. The structure of the event tree should clearly show
the development of the accident and help the analyst to define locations and establish priorities where
additional safety features might be installed to either prevent these accidents or mitigate their effects

SCENARIO

One of the first things that I do as a practitioner joining any organisation is to undertake risk assessments. I
have used many different forms of assessment such as; Dynamic, Task based, General and specific
assessments, each with very similar functions. I always refer to the legal requirements first when undertaking
such an assessment as this provides guidance on what controls should be considered. Within an
organisational context, I would never undertake a desktop only risk assessment on my own (although many
companies may try and get you to do this!). I always involve the workforce as this creates a sense of
ownership and allows me to gain valuable information at a grass roots level about the potential risks
associated with the activity being assessed.

I have also used many methodologies for assessment using different models and matrix for assessment,
however, all end up with the same output, a means to manage a risk!

Unit A:
Managing Health & Safety 19 December 2016
TOP TIPS & KEY POINTS

1. Always involve the workforce in the development of risk assessments

2. Consultation is key

3. Focus on significant risks and not the trivial

5 steps to a risk assessment

Identify the hazards

Identify who can be harmed and how

Evaluate the risk associated with the hazards and decide whether existing precautions are adequate or more
control is required

Record the significant findings

Review the assessment

Unit A:
Managing Health & Safety 20 December 2016
 INTENTIONALY LEFT BLANK

END……………………..

Unit A:
Managing Health & Safety 21 December 2016