Professional Documents
Culture Documents
&
- LOÏC ISNARD -
ENVIRONMENTAL HEALTH - LEVEL IV
NOVEMBER 1999
What-if
FMEA
PPHA
??? CHA
ETA
FMECA
FTA
Task
HAZOP
QRA
-2-
Hazard & Risk Assessment Methods
__________________________________________________________________________
Introduction
In order to realise this risk assessment, a lot of methods have been developed by the
risk professionals and then adopted in international regulations or standards. These
methods are most of the time easily understanding, but because of the wide variety of
them, the choice is sometimes difficult. At first sight, lots of Risk Assessment Methods
seems to be all the same, but they have all different aims and results; some methods
analyse probability of hazard, others search the root or immediate causes of an accident,
or try to demonstrate a failure in the system,…
This essay will try to explain briefly 10 of these methods, and also to be a guide for
the choice of the most suitable risk assessment method in each cases.
1
Extract from the Risk Management University Course 1999 - Shirley Fantie, Senior Lecturer.
2
NB : Most of this essay is extract from the Geoff Wells' book : "Hazard Identification &Risk Assessment" ; Report
to this book for further information on Risk Assessment Methods.
-3-
Hazard & Risk Assessment Methods
__________________________________________________________________________
Type 1 Methods
Component HAZARDS
Failure
Fault Tree Analysis3 are widely used as communication aids to demonstrate system
failures and their development to manager, designers and operator. The use of fault tree
in qualitative analysis demonstrates the effect of system failure modes and design
changes.
This method starts with an identified hazard as the root of a tree and works
backwards to determine its possible causes. A cause can be defined as an AND or OR
combination of events, thereby revealing the combinations of component failures that
may cause the hazard. A Fault Tree Analysis follow the system structure, such that the
upper levels in a fault tree correspond to the system, and the lower levels corresponds to
system components.
Events Gates
Designation Representation Designation Representation
Top
& AND
Intermediate
Normal
or OR
Elementary
3
See example of FTA in Appendixes
-4-
Hazard & Risk Assessment Methods
__________________________________________________________________________
Event Tree Analysis4 can be used to analyse the probabilities of different outcomes
which have been identified during a safety study. Event tree analysis takes at its starting
point the event that can affect the system and tracks them forward through sequences of
interfacing system components to determine their possible consequences.
From the event which initiates any specific accident sequence, normally a significant
release, the functioning and failure of safety subsystems are analysed using forward
logic. This result in a tree structure with the branches developing from left to right. By
assigning a probability to each branch the probabilities of every possible outcome
following the initiating event can be determined.
Advantages:
Identifies the potential for major hazards at a very early stage of project development.
Provides basis for design and siting decisions.
Helps to ensure plant to plant and plant to environment compatibility.
Facilitates a later full hazard analysis.
Disadvantages:
4
See example of ETA in Appendixes
-5-
Hazard & Risk Assessment Methods
__________________________________________________________________________
What-If analysis uses a creative team brainstorming "what if" questioning approach
to the examination of a process or operation to identify potential hazards and their
consequences. Hazards are identified, existing safeguards noted, and qualitative severity
and likelihood ratings are assigned to aid in risk management decision making.
Questions that begin with "what-if" are formulated by engineering personnel
experienced in the process or operation.
Advantages:
Disadvantages:
-6-
Hazard & Risk Assessment Methods
__________________________________________________________________________
Type 2 Methods
Component HAZARDS
Failure
Failure Mode and Effect Analysis assumes that the failure modes of the system
component are known. On the basis of these failure modes, the causes of each failure is
then evaluated in the system. FMEA is a forward analysis method, and investigates
effects of a single component failure; it is not possible to investigate the problem caused
by combinations of component failures.
Advantages:
Disadvantages:
-7-
Hazard & Risk Assessment Methods
__________________________________________________________________________
HAZOP is the most widely used method of analysis used in the process industries. It
is recommended for use by legislators, regulators and engineering institutions. A
HAZOP study is a formal, systematic examination of a processing plant in order to
identify hazards, failures and operability problems, and assess the consequences from
such maloperation.
This method, in order to investigate the effects of deviations from normal operating
conditions during each phase of a system's operation, use a series of guide words:
Advantages:
Disadvantages:
-8-
Hazard & Risk Assessment Methods
__________________________________________________________________________
Hazard Identification
Frequency Estimation
Consequence Analysis
Risk Evaluation
Sensitivity Analysis
The elements of the procedure are used both to generate information and as an aid to
decision-making.
Task analysis has been developed as a systematic method for analysing a task into its
goals, operations and plans.
Task analysis is a process of sorting out what people might do or actually do when
carrying out operations. The analysis must answer to questions such as :
-9-
Hazard & Risk Assessment Methods
__________________________________________________________________________
Conclusion
Risk assessment is the scientific process of asking how risky something is. It is a
process of collecting and analysing scientific data "to describe the form, dimension, and
characteristics of risk"5. A lot of Risk Assessment Methods exist, but their is no good or
bad methods. Risk assessment can take different approaches depending on the purpose
and scope of the available information or data used in an assessment. Depending of
what you want to obtain by a risk assessment, you will need to use a specific method.
Risk assessment is required by law, but is firstly a very good tool to prevent injuries,
accidents on people or properties.
For better outcomes, or in case of doubt in the choice of the method, different ones
should be used. The results of these methods would compare after to look for the more
relevant.
5
Dorothy Patton, executive director of the Environmental Protection Agency (EPA)
- 10 -
Hazard & Risk Assessment Methods
__________________________________________________________________________
Internet References
Safety-Critical System :
http://www.informatik.uni-bremen.de/~agbs/lehre/safety1/riskanalysis.html
Quantitative Risk Assessment - ABS Group Inc. Risk & Reliability Division :
http://www.abs-jbfa.com/qra.html
Health and Safety Regulation - A short guide (Health & Safety Executive Web Site) :
http://www.open.gov.uk/hse/pubns/hsc13.htm
Five steps to Risk Assessment (Health & Safety Executive Web Site) :
http://www.open.gov.uk/hse/pubns/indg218.htm
A Guide to Risk Assessment Requirements - Common provisions in health and safety law
(Health & Safety Executive Web Site) :
http://www.open.gov.uk/hse/pubns/indg163.htm
Bibliography
Other Sources
- 11 -
Hazard & Risk Assessment Methods
__________________________________________________________________________
Appendixes
Definitions
Further Information
- 12 -
Hazard & Risk Assessment Methods
__________________________________________________________________________
Definitions
Hazard
"A physical situation with a potential for human injury, damage to property, damage
to the environment or a combination of these".
Risk
"The likelihood of a specified undesired event with a specified period or in
specialised circumstances".
Risk Assessment
"The act of judging the significance of the risk and prioritise the different risks".
- 13 -
Hazard & Risk Assessment Methods
__________________________________________________________________________
Root Causes *
Immediate
* * *** *** * ***
Causes
Control of
*** *** *** *** *** *
situation
Release of
*** *** *** * *
material
Release
* * *** *
mitigation
Damage and
* * ***
harm
Deviations from
* * ***
good practice
Hazard
*** *** *** *** * * ***
identification
Incident
*** *** *** * ***
scenarios
Likelihood of Quantitativ Quantitativ Quantitativ
Relative
e e
Quantitative * e
event sequences
Magnitude of Quantitativ
Relative *** * e
consequences
Quantitativ
Risk assessment Prioritize *** Context
e
- 14 -
Hazard & Risk Assessment Methods
__________________________________________________________________________
DEFINE SYSTEM
Boundaries, aims, information
Check list
Safety inspection
EC Standards
IDENTIFY HAZARDS Safety audits
Regulations
Accident Statistics
Experience
Hazards as a Result
Continuing
of Failures m/c Hazard Indices
Hazards
components, safety HAZOP
system, FMEA
Mechanical, non- Task Analysis
management
mechanical
system
ANALYSE
EFFECTS/CONSEQUENCES
Injury severity, equipment damage, ETA
fire/explosion,… Modelling
Numerical Data
(probability or frequency):
ESTIMATE OVERALL RISK Reliability Technology
(Frequency) x (Consequences) Human Reliability
Analysis
FTA
MODIFY
SYSTEM NO CHANGE
Technical, monitor Modifications
procedural Maintenance
Changes
- 15 -
Hazard & Risk Assessment Methods
__________________________________________________________________________
If the consumption stop, the level increase until the NH Sensor stop automatically the source
(in closing the Floodgate 1).
If it's failing, the NTH Sensor stop automatically the source (in closing the Floodgate 2), and
warn the Operator.
In case of failure of the Floodgate 2, the Operator should close manually the Floodgate 3.
The Floodgates 1 & 2 are the same, so they have the same characteristics and same parameters of
probability. It's the same for the NH & NTH Sensors.
- 16 -
Hazard & Risk Assessment Methods
__________________________________________________________________________
and
or or Floodgate 3
Floodgate 3 no turned
on by the operator
Manual
Floodgate Floodgate 1 Floodgate Floodgate 2 floodgate
1 no turned 2 no turned or
on Automatic on Automatic
floodgate floodgate
Failure of
Operator
Failure of Failure of the NTH
deficiency
the NH the NTH sensor
sensor sensor
Operator Sensor
Sensor Sensor
- 17 -
Hazard & Risk Assessment Methods
__________________________________________________________________________
Large gas release Immediate ignition Delayed ignition by Explosion not flash Outcomes
by process flame any source? fire?
F= 0.001/y
VCE F= 0.00001/y
Yes (0.5)
Yes (0.1)
Dispersion F= 0.00018/y
No (0.9)
- 18 -
Hazard & Risk Assessment Methods
__________________________________________________________________________
Identify problem
Sensitivity analysis
QRA decision
- 19 -
Hazard & Risk Assessment Methods
__________________________________________________________________________
Further Information
- 20 -