Upload
ng-teck-huai
View
22
Download
0
Tags:
Embed Size (px)
DESCRIPTION
osh
Citation preview
OSH IN CHEMICAL INDUSTRIESCHAPTER 6
RISK ASSESSMENTSEM 1 1314
1
Contents
Introduction Fault Tree Analysis
ObjectivesObjectivesDescribe risk assessmentDevelop Fault Tree Analysis to assess
risk based on the identified top event.
2
INTRODUCTION
The term ‘risk assessment’ comes from the insurance industry & was one stage in their process of determining and spreading liabilities they carried.
Objective: to identify hazards so that action can be taken to eliminate, reduce or control them before accident that cause damage or injury occur.
3
What is Risk Assessment (RI) ?
RI includes incident identification and consequence analysis. Incident identification describes how an incident occurs. It frequently includes an analysis of the probabilities . Consequences analysis describes the expected damage.
This includes loss of life, damage to the environment or capital equipment, and days outage.
The hazard identification procedures (HAZOP) include some aspects of RI.
Cont…
4
What is Risk Assessment ? Cont…..
Risk assessment is the process where you: Identify hazards, Analyze or evaluate the risk associated with that hazard, and Determine appropriate ways to eliminate or control the
hazard.
In practical terms, a risk assessment is a thorough look at your workplace to identify those things, situations, processes, etc that may cause harm, particularly to people. After identification is made, you evaluate how likely and severe the risk is, and then decide what measures should be in place to effectively prevent or control the harm from happening.
5
Why is Risk Assessment important?
Risk assessments are very important as they form an integral part of a good occupational health and safety management plan. They help to:
create awareness of hazards and risks, identify who may be at risk (employees,
cleaners, visitors, contractors, the public, etc), determine if existing control measures are
adequate or if more should be done, prevent injuries or illnesses when done at the
design or planning stage, and prioritize hazards and control measures.
6
What is the goal of Risk Assessment ?
The aim of the risk assessment process is to remove a hazard or reduce the level of its risk by adding precautions or control measures, as necessary. By doing so, you have created a safer and healthier workplace.
7
How do we do a Risk Assessment ?
Assessments should be done by a competent team of individuals who
have a good working knowledge of the workplace. Staff should be
involved always include supervisors and workers who work with the
process under review as they are the most familiar with the operation.
In general, to do an assessment, you should:
identify hazards,
evaluate the likelihood of an injury or illness occurring, and its severity,
consider normal operational situations as well as non-standard events
such as shutdowns, power outages, emergencies, etc.,
Cont……
8
Review all available heath and safety information about the
hazard such as MSDS(material safety data sheet), manufacturers
literature, information
from reputable organizations, results of testing, etc.,
Identify actions necessary to eliminate or control the risk,
monitor and evaluate to confirm the risk is controlled,
Keep any documentation or records that may be necessary.
Documentation may include detailing the process used to assess
the risk, outlining any evaluations, or detailing how
conclusions were made.
Cont…….
How do we do a Risk Assessment ? Cont…
9
How do we do a Risk Assessment? Cont……
When doing an assessment, you must take into account:
the methods and procedures used in the processing, use, handling or storage of the substance, etc..
the actual and the potential exposure of workers,
the measures and procedures necessary to control such exposure by means of engineering controls, work practices, and hygiene practices and facilities.
Cont…..
10
How do we do a Risk Assessment? Cont……
By determining the level of risk associated with the hazard, the employer and the joint health and safety committee can decide whether a control program is required.
It is important to remember that the assessment must take into account not only the current state of the workplace but any potential situations as well.
11
How are the hazards identified?
Overall, the goal is to find and record possible hazards that may be present in your workplace. As mentioned, it may help to work as a team and include both people familiar with the work area, as well as people who are not - this way you have both the "experienced" and "fresh" eye to conduct the inspection.
To be sure that all hazards are found:
1- look at all aspects of the work,
2- include non-routine activities such as maintenance, repair, or cleaning,
3- look at accident / incident / near-miss records,
Cont…..
12
How are the hazards identified?
4- include people who work "off site" either at home, on other job sites, drivers, teleworkers, with clients, etc.,
5- look at the way the work is organized or "done" (include experience and age of people doing the work, systems being used, etc),
6- look at foreseeable unusual conditions (for example: possible impact on hazard control procedures that may be unavailable in an emergency situation, power outage, etc.),
7- examine risks to visitors or the public,
8- include an assessment of groups that may have a different level of risk such as young or inexperienced workers, persons with disabilities, or new or expectant mothers.
Cont……
13
How do we know if the hazard is serious (poses a risk)?
Each hazard should be studied to determine its' level of risk. To research the hazard, you can look at:
product information / manufacturer documentation, past experience (workers, etc), legislated requirements and/or applicable standards, industry codes of practice / best practices, health and safety material about the hazard such as material
safety data sheets (MSDS), or other manufacturer information,
information from reputable organizations, results of testing (atmospheric, air sampling of workplace,
biological, etc), the expertise of a occupational health and safety professional, information about previous injuries, illnesses, "near misses",
accident reports, etc. Cont…
15
How do we know if the hazard is serious (poses a risk)? Cont…..
Remember to include factors that contribute to the level of risk such as the:
work environment (layout, condition, etc.), capability, skill, experience of workers who do the work, systems of work being used, or range of foreseeable conditions.
16
How do we rank or prioritize the risks?
Ranking or prioritizing hazards is one way to help determine which hazard is the most serious and thus which hazard to control first ? Priority is usually established by taking into account the employee exposure and the potential for accident, injury or illness. By assigning a priority to the hazards, you are creating a ranking or an action list. The following factors play an important role:
percentage of workforce exposed, frequency of exposure, degree of harm likely to result from the exposure, probability of occurrence.
There is no one simple or single way to determine the level of risk. Ranking hazards requires the knowledge of the workplace activities, urgency of situations, and most importantly, objective judgment.
17
What options exist to rank or prioritize risks?
One option is to use a table similar to the following as established by the British Standards Organization:
18
Cont….
What options exist to rank or prioritize risks? Cont…
Definitions for Likelihood of Harm
Very Likely - Typically experienced at least once every six months by an individual.
Likely - Typically experienced once every five years by an individual.
Unlikely - Typically experienced once during the working lifetime of an individual.
Very unlikely - Less than 1% chance of being experienced by an individual during their working lifetime.
Cont….
19
What options exist to rank or prioritize risks? Cont….
Definitions for Severity of Harm
Potential severity of harm - When establishing potential severity of harm, information about the relevant work activity should be considered, together with:
a) part(s) of the body likely to be affected;
b) nature of the harm, ranging from slight to extremely harmful:
1. slightly harmful (e.g., superficial injuries; minor cuts and bruises; eye irritation from dust; nuisance and irritation; ill-health leading to temporary discomfort)
Cont…..
20
What options exist to rank or prioritize risks? Cont…
2. harmful (e.g., lacerations; burns; concussion; serious sprains; minor fractures; deafness; dermatitis; asthma; work-related upper limb disorders; ill-health)
3. extremely harmful (e.g., amputations; major fractures; poisonings; multiple injuries; fatal injuries; occupational cancer; other severely life shortening diseases; acute fatal diseases)
Cont….
21
What options exist to rank or prioritize risks? Cont…
Definition for Risk Level - Tolerability Guidance on necessary action and timescale
Very low - These risks are considered acceptable. No further action is necessary other than to ensure that the controls are maintained.
Low - No additional controls are required unless they can be implemented at very low cost (in terms of time, money, and effort). Actions to further reduce these risks are assigned low priority. Arrangements should be made to ensure that the controls are maintained.
Cont…
22
What options exist to rank or prioritize risks? Cont…
Medium - Consideration should be as to whether the risks can be lowered, where applicable, to a tolerable level and preferably to an acceptable level, but the costs of additional risk reduction measures should be taken into account.
The risk reduction measures should be implemented within a defined time period.
Arrangements should be made to ensure that controls are maintained, particularly if the risk levels area associated with harmful consequences.
Cont…..
23
What options exist to rank or prioritize risks? Cont…
High - Substantial efforts should be made to reduce the risk.
Risk reduction measures should be implemented urgently within a defined time period and it might be necessary to consider suspending or restricting the activity, or to apply interim risk control measures, until this has been completed.
Considerable resources might have to be allocated to additional control measures.
Arrangements should be made to ensure that controls are maintained, particularly if the risk levels are associated with extremely harmful consequences and very harmful consequences.
Cont….
24
What options exist to rank or prioritize risks? Cont…
Very high - These risk are unacceptable. Substantial improvements in risk control measures are
necessary so that the risk is reduced to a tolerable or acceptable level.
The work activity should be halted until risk controls are implemented that reduces the risk so that it is no longer very high. If it is not possible to reduce the risk, the work should remain prohibited.
Note: Where the risk is associated with extremely harmful consequences, further assessment is necessary to increase
confidence in the likelihood of harm.
Cont….
25
What options exist to rank or prioritize risks? Cont…
Other options include using tables such as Table 3 below
26
Cont…
What options exist to rank or prioritize risks? Cont…
OR option as Table 4 below (1 = extremely important to do something as soon as possible, 6 = hazard may not need immediate attention)
27
What are methods of hazards control?
Once you have established your top priorities, you can decide on ways to control each specific hazard. Hazard control methods are often grouped into the following categories:
elimination (including substitution), engineering controls, administrative controls, personal protective equipment.
28
Why is it important to review and monitor your assessment?
It is important to know if your risk assessment was complete and accurate.
It is also essential to be sure that changes in the workplace have not introduced new hazards or changed hazards that were once ranked as lower priority to a higher priority.
It is good practice to review your assessment on a regular basis to be sure that nothing has changed and that your control methods are effective.
Cont….
29
Why is it important to review and monitor your assessment? Cont…
Triggers for a review can also include: the start of a new project, a change in the work process or flow, a change or addition to tools, equipment, machinery
(including locations or the way they are used), new employees, moving to a new building or work area, introduction of new chemicals or substances, when new information becomes available about a current
product.
30
What documentation should be done for a risk assessment?
Keeping records of your assessment and any control actions taken is very important. You may be required to store assessments for a specific number of years. Check for local requirements in your jurisdiction.
The level of documentation or record keeping will depend on:
level of risk involved, legislated requirements, and/or requirements of any management systems that may be
in place. Your records should show that you: conducted a good hazard review, determined the risks of those hazards, implemented control measures suitable for the risk, reviewed and monitored all hazards in the workplace.
31
FAULT TREE ANALYSIS (FTA)
32
Fault Tree Analysis (FTA)
Fault Trees originated in the aerospace industry and have been used extensively by the nuclear power industry to qualify and quantify the hazards and risks.
Fortunately, this approach lends itself to computerization with a variety of computer programs commercially available.
33
Fault Tree Analysis (FTA)
Fault Tree is a method by which a particular undesired system failure mode can be expressed in terms of component failure modes and operator actions.
The system failure mode to be considered is termed the “top event” and fault tree is developed in branches below this event showing it causes.
34
Fault Tree Procedure
1. Draw the top event2. Determine major events that contribute to
the top event◦ Intermediate, basic, undeveloped or external
events
3. Parallel – AND; Series – OR4. Consider the intermediate events, what
events must occur to contribute to that intermediate event?
5. Continue until all the branches terminated by basic, undeveloped or external events.
35
Fault Tree Preliminary Steps1. Define top event
◦ High reactor temperature◦ Liquid level to high◦ Not; explosion of reactor or fire in
process2. Define existing event3. Define unallowed events4. Define physical bound of the process5. Define equipment configuration6. Define the level of resolution
36
FTA analysis involves five steps:
1 - Define the undesired event to study Definition of the undesired event can be very
hard to catch, although some of the events are very easy and obvious to observe.
An engineer with a wide knowledge of the design of the system or a system analyst with an engineering background is the best person who can help define and number the undesired events.
Undesired events are used then to make the FTA, one event for one FTA; no two events will be used to make one FTA.
37
FTA analysis involves five steps:
2 - Obtain an understanding of the system Once the undesired event is selected, all causes
with probabilities of affecting the undesired event are studied and analyzed.
Getting exact numbers for the probabilities leading to the event is usually impossible for the reason that it may be very costly and time consuming to do so.
38
FTA analysis involves five steps: Cont.
Computer software is used to study probabilities; this may lead to less costly system analysis.
System analysts can help with understanding the overall system.
System designers have full knowledge of the system and this knowledge is very important for not missing any cause affecting the undesired event.
For the selected event all causes are then numbered and sequenced in the order of occurrence and then are used for the next step which is drawing or constructing the fault tree.
39
FTA analysis involves five steps:
3 - Construct the fault tree After selecting the undesired event and
having analyzed the system so that we know all the causing effects (and if possible their probabilities) we can now construct the fault tree. Fault tree is based on AND and OR gates which define the major characteristics of the fault tree.
40
FTA analysis involves five steps:
4 - Evaluate the fault tree After the fault tree has been assembled for
a specific undesired event, it is evaluated and analyzed for any possible improvement or in other words study the risk management and find ways for system improvement. This step is as an introduction for the final step which will be to control the hazards identified. In short, in this step we identify all possible hazards affecting in a direct or indirect way the system.
41
FTA analysis involves five steps:
5 - Control the hazards identified
This step is very specific and differs largely from one system to another, but the main point will always be that after identifying the hazards all possible methods are pursued to decrease the probability of occurrence.
42
Graphic Symbols
The basic symbols used in FTA are grouped as events, gates, and transfer symbols. Minor variations may be used in FTA software.
Event Symbols Event symbols are used for primary events and
intermediate events. Primary events are not further developed on the
fault tree. Intermediate events are found at the output of a
gate.
43
event symbols
The event symbols are shown below:
The primary event symbols are typically used as follows: Basic event - failure or error in a system component or element
(example: switch stuck in open position) Initiating event - an external event (example: bird strike to aircraft) Undeveloped event - an event about which insufficient information
is available, or which is of no consequence Conditioning event - conditions that restrict or affect logic gates
(example: mode of operation in effect) An intermediate event gate can be used immediately above a
primary event to provide more room to type the event description. FTA is top to bottom approach.
44
Basic Initiating Undeveloped Conditioning Intermediate
Gate Symbols
Gate symbols describe the relationship between input and output events. The symbols are derived from Boolean logic symbols:
45
OR gate AND gate Exclusive OR gate Priority AND gate Inhibit gate
The gates work as follows:OR gate - the output occurs if any input occursAND gate - the output occurs only if all inputs occur (inputs are independent)Exclusive OR gate - the output occurs if exactly one input occursPriority AND gate - the output occurs if the inputs occur in a specific sequence specified by a conditioning eventInhibit gate - the output occurs if the input occurs under an enabling condition specified by a conditioning event
Transfer Symbols
Transfer symbols are used to connect the inputs and outputs of related fault trees, such as the fault tree of a subsystem to its system.
46
•
Transfer in
Transfer in Transfer out
Fault Tree Gates (Logic Transfer Components)
A gate is used to describe the relationship between the input and output events in a fault tree. Fault trees can have several different kinds of gates. Two kinds of gates are described and shown below
47
Other Fault Tree Logic Transfer Components
BASIC event
A fault event that needs no further definition
INTERMEDIATE
events
An event that results from the interaction of a number of other events
UNDEVELOPED event
An event that cannot be developed further due to lack of suitable information
EXTERNAL event
An event that is a boundary condition to the fault tree
TRANSFER symbols
Used to transfer the fault tree into and out of a sheet of paper
INHIBIT event
The output event will occur if the input occurs and the inhibits event occurs
OUT
IN
Inhibitcondition
48
FTA example 1 : Flat TireFlat Tire
Tire FailureRoad
Debris
Defective Tire
Worn Tire
Well defined accidents/Top event
Intermediate events
Basic events
Basic events
49
OR
OR
FTA example 2 (REFERENCE- failure rate data) Page 537
Instrument Failure rate , μController 0.29
Control valve 0.60
Flow measurement (fluids) 1.14
Flow measurement (solids) 3.75
Flow switch 1.12
Gas-liquid chromatograph 30.6
Hand valve 0.13
Indicator lamp 0.044
Level measurement (liquids) 1.7
Level measurement (solids) 6.86
Oxygen analyzer 5.65
pH meter 5.88
Pressure measurement 1.41
Pressure relief valve 0.022
Pressure switch 0.14
Solenoid valve 0.42
Stepper motor 0.044
Strip chart recorder 0.22
Thermocouple temperature measurement
0.52
Thermometer temperature measurement
0.027
Valve positioner 0.44
50
FTA example 2 (pg 540 & 556)
Components Failure rate, μ Reliability, R Failure probability, P
Pressure switch 1
0.14 0.87 0.13
Alarm indicator 0.044 0.96 0.04
Pressure switch 2
0.14 0.87 0.13
Solenoid valve 0.42 0.66 0.34
51
FTA example 2Overpressuring
of reactor
Failure of alarm indicator
Pressure
switch 1
failure
Pressure
indicator light failure
Pressure
switch 2
failure
Solenoid valve failure
Failure of emergency shutdown
P = 0.13, R = 0.87 P = 0.04, R = 0.96 P = 0.13, R = 0.87 P = 0.34, R = 0.66
P = 0.165, R = 0.835 P = 0.426, R = 0.574
P = 0.0702, R = 0.9298
52
Minimal Cut Sets
Once you have the fault tree, you can determine the min cut sets
It is the various sets of events that could lead to the top events
It can determine various combinations of events and probability of each set of events occurring
53
It begins with a top event
Its specific Used to determine min
cut sets Computer application
with reference libraries
For complicated processes, FT will be enormous
Will take a long time Not all failure modes
might have been considered
Possibility of a partial failure
Different structures if developed by different individual
Not all failure rates are known
Advantages Disadvantages
Advantages and disadvantages of FT
54
THANK YOU
……
55