Major Hazard Facilities Major Accident Identification and Risk Assessment - PowerPoint PPT Presentation

1 / 81
About This Presentation

Major Hazard Facilities Major Accident Identification and Risk Assessment


In a structured approach, list all of the controls currently in place to prevent ... In a fault tree analysis the state of the system is to find and evaluate the ... – PowerPoint PPT presentation

Number of Views:229
Avg rating:3.0/5.0
Slides: 82
Provided by: smail5


Transcript and Presenter's Notes

Title: Major Hazard Facilities Major Accident Identification and Risk Assessment

Major Hazard FacilitiesMajor Accident
Identification and Risk Assessment
  • This seminar has been developed in the context of
    the MHF regulations to provide
  • An overview of MA identification and risk
  • The steps required for MA recording
  • Examples of major accidents identified
  • The steps required for a risk assessment
  • Examples of risk assessment formats

Some Abbreviations and Terms
  • AFAP - As far as (reasonably) practicable
  • BLEVE Boiling liquid expanding vapour explosion
  • BPCS Basic process control system
  • DG - Dangerous goods
  • Employer - Employer who has management control of
    the facility
  • Facility - any building or structure which is
    classified as an MHF under the regulations
  • HAZID - Hazard identification
  • HSR - Health and safety representative
  • LOC - Loss of containment
  • LOPA Layers of protection analysis
  • MHF - Major hazard facility
  • MA - Major accident
  • SIS Safety instrumented system

Topics Covered In This Presentation
  • Regulations
  • Definition - Major accident (MA)
  • MA identification issues
  • Approaches to MA identification
  • MA recording
  • Pitfalls

Topics Covered In This Presentation
  • Definition of a risk assessment
  • Approaches
  • Risk assessment
  • Likelihood assessment
  • Consequences
  • Risk evaluation and assessment
  • Summary
  • Sources of additional information
  • Review and revision

Occupational Health and Safety (Safety Standards)
Regulations 1994
  • Hazard identification (R9.43)
  • Risk assessment (R9.44)
  • Risk control (i.e. control measures) (R9.45, S9A
  • Safety Management System (R9.46)
  • Safety report (R9.47, S9A 212, 213)
  • Emergency plan (R9.53)
  • Consultation

Occupational Health and Safety (Safety Standards)
Regulations 1994
Regulation 9.43 (Hazard identification)
states The employer must identify, in
consultation with employees, contractors (as far
as is practicable) and HSRs
  • All reasonably foreseeable hazards at the MHF
    that may cause a major accident and
  • The kinds of major accidents that may occur at
    the MHF, the likelihood of a major accident
    occurring and the likely consequences of a major

Occupational Health and Safety (Safety Standards)
Regulations 1994
  • Regulation 9.44 (Risk assessment) states
  • If a hazard or kind of major accident at the MHF
    is identified under regulation 9.43, the employer
    must ensure that any risks associated with the
    hazard or major accident are assessed, in
    consultation with employees, contractors (as far
    as is practicable) and HSRs.
  • The employer must ensure that the risk assessment
    is reviewed
  • Within 5 years after the assessment is carried
    out, and afterwards at intervals of not more than
    5 years and
  • Before a modification is made to the MHF that may
    significantly change a risk identified under
    regulation 9.43 and
  • When developments in technical knowledge or the
    assessment of hazards and risks may affect the
    method at the MHF for assessing hazards and
    risks and
  • If a major accident occurs at the MHF.

Occupational Health and Safety (Safety Standards)
Regulations 1994
  • Regulation 9.45 (Risk control) states
  • The employer must, in consultation with
    employees, contractors (as far as is practicable)
    and HSRs, ensure that any risk associated with a
    hazard at the MHF is
  • eliminated or
  • If it is not practicable to eliminate the risk
    reduced as far as practicable.
  • The employer must
  • Implement measures at the MHF to minimise the
    likelihood of a major accident occurring and
  • Implement measures to limit the consequences of a
    major accident if it occurs and
  • Protect relevant persons, an at-risk community,
    and the built and natural environment surrounding
    the MHF, by establishing an emergency plan and
    procedures in accordance with regulation 9.53.

  • Major Accident
  • A major accident is defined in the Regulations
  • A sudden occurrence at the facility causing
    serious danger or harm to
  • A relevant person or
  • An at-risk community or
  • Property or
  • The environment
  • whether the danger or harm occurs immediately or
    at a later time

MA Identification Issues
  • Unless ALL possible MAs are identified then
    causal and contributory hazards may be overlooked
    and risks will not be accurately assessed
  • Likewise, controls cannot be identified and
  • Identification of MAs must assume control
    measures are absent/unavailable/not functional
  • That is

MA Identification Issues
  • MAs can be identified in three different areas
  • These are
  • Process MAs
  • MAs arising from concurrent activities
  • Non-process MAs

MA Identification Issues
  • Process MAs
  • These are MAs caused by hazards which are
    associated with upsets in the process, or failure
    of equipment in the process, etc
  • MAs arising from concurrent activities
  • Typical concurrent operations which must be
    considered are
  • Major shutdowns/start ups
  • Other activity on site
  • Activities adjacent to the facility

MA Identification Issues
  • Non-Process MAs
  • MAs created by non-process hazards that could
    cause release of Schedule 9 materials
  • Non-process hazards may typically include the
    following aircraft crashing dropped objects
    extreme environmental conditions (earthquake,
    cyclone, high winds, lightning) non-process
    fires (e.g. bush fire) vehicles and road
    transport heat stress

MA Identification Issues
  • Collate appropriate
  • Facility information
  • Incident data/histories
  • To ensure a thorough understanding of
  • The nature of the facility
  • Its environment
  • Its materials
  • Its processes

MA Identification Issues
  • Develop/select a structured method for
    determining what types of MA can occur
  • Loss of containment
  • Fire
  • Explosion
  • Release of stored energy
  • Where they can occur
  • Under what circumstances
  • Define and document any restrictions applied to
    the above

MA Identification Tools Usage
  • Examples of tools which might be used include
  • Analysis of Schedule 9 materials and DG
  • Use of HAZID techniques
  • Review of existing hazard identification or risk
    assessment studies
  • Analysis of incident history local, industry,
    company and applicable global experience

Approach to MA Identification
  • It may be efficient to treat similar equipment
    items handling the same Schedule 9 materials
    together - as often they have similar hazards
    and controls
  • Further, to ensure correct mitigation analysis,
    the equipment grouped together should contain
    similar materials at similar process conditions,
    resulting in similar consequences on release

Approach to MA Identification
  • For consistency of analysis, all MAs should be
    defined in terms of an initial energy release
  • This can be characterised as a loss of control of
    the Schedule 9 material
  • As an example, in the case of a hydrocarbon
    release from one vessel leading to a jet fire
    that subsequently causes a BLEVE in a second
    vessel, the MA should be defined in terms of the
    initial hydrocarbon release from the first vessel

Approach to MA Identification
  • Review HAZID studies to identify initiating
    events for each MA
  • Review to ensure all hazards have been identified
  • Special checklists should be developed to assist
    with this process
  • Further hazards may be identified from
  • Discussions with appropriate subject experts
  • Review of incident data
  • Review of the records from a similar system

MA Recording
  • A structured approach is important
  • It can then link equipment management strategies
    and systems
  • Record the key outputs in a register
  • For each MA, the register should record the
    following information
  • Equipment that comprises the MA
  • Group similar items into one MA
  • Description
  • Consequences

MA Recording
  • Consider all Schedule 9 materials - regardless of
  • Screen out incidents that do not pose a serious
    danger or harm to personnel, the community, the
    environment or property
  • Screening should only be on the basis of
    consequence not likelihood
  • i.e. Events should not be screened out on the
    basis of likelihood or control measures being
  • Consequence modelling should be used as
    justification for screening decisions
  • External influences need to be considered, for
    example, potential for a power failure to cause a
    plant upset leading to an MA

Example MA Recording
The following are examples of MA recording details
Major Hazard FacilitiesRisk Assessment
What is Risk?
  • Regulatory definition (per Part 20 of the
    Occupational Health and Safety (Safety Standards)
    Regulations 1994)
  • Risk means the probability and consequences of
    occurrence of injury or illness
  • AS/NZS 4360 (Risk Management Standard)
  • the chance of something happening that will
    have an impact on objectives
  • Risk combines the consequence and the likelihood

Hazard versus Risk
Risk Assessment Definition
  • Any analysis or investigation that contributes to
    understanding of any or all aspects of the risk
    of major accidents, including their
  • Causes
  • Likelihood
  • Consequences
  • Means of control
  • Risk evaluation

The Risk Assessment Should
  • Ensure a comprehensive and detailed understanding
    of all aspects for all major accidents and their
  • Be a component of the demonstration of adequacy
    required in the safety report - e.g. by
    evaluating the effects of a range of control
    measures and provide a basis for
    selection/rejection of measures

  • The MHF Regulations respond to this by requiring
    comprehensive and systematic identification and
    assessment of hazards
  • HAZID and Risk Assessment must have participation
    by employees, as they have important knowledge to
    contribute together with important learnings
  • These employees MAY BE the HSRs, but DO NOT HAVE
    TO BE
  • However, the HSRs should be consulted in
    selection of appropriate participants in the

Types of Risk Assessment
  • From the HAZID and MA evaluation process, pick an
    MA for evaluation
  • From the hazard register, retrieve all the
    hazards that can lead to the MA being realised
  • In a structured approach, list all of the
    controls currently in place to prevent each of
    the hazards that lead to the MA being realised
  • Examine critically all of the controls currently
    in place designed to prevent the hazard being

  • As an example, from hazard register, MA - A26

Ignition of materials (MA - A26)
List all possible causes of the accident
(identified during HAZID study)
List all prevention controls for the accident
(identified during HAZID study)
Likelihood Assessment
  • Likelihood analysis can involve a range of
    approaches, depending on the organisations
    knowledge, data recording systems and culture
  • This knowledge can range from
  • In-house data - existing data recording systems
    and operational experience
  • Reviewing external information from failure rate
    data sources
  • Both are valid, however, the use of in-house data
    can provide added value as it is reflective of
    the management approaches and systems in place

Likelihood Assessment
  • A Likelihood is an expression of the chance of
    something happening in the future - e.g.
    Catastrophic vessel failure, one chance in a
    million per year (1 x 10-6/year)
  • Frequency is similar to likelihood, but refers
    to historical data on actual occurrences

Likelihood Assessment
  • Likelihood Analysis can use
  • Historical
  • Site historical data
  • Generic failure rate data
  • Assessment
  • Workshops (operators and maintenance personnel)
  • Fault trees
  • Event trees
  • Assessment of human error

Likelihood Assessment Qualitative Approach
  • A qualitative approach can be used for assessment
    of likelihood
  • This is based upon agreed scales for
    interpretation purposes and for ease of
  • For example, reducing orders of magnitude of
  • It also avoids the sometimes more complicated
    issue of using frequency numbers, which can be
    difficult on occasions for people to interpret

Likelihood Assessment Qualitative Approach
Likelihood Assessment Fault Trees
  • A fault tree is a graphical representation of the
    logical relationship between a particular system,
    accident or other undesired event, typically
    called the top event, and the primary cause
  • In a fault tree analysis the state of the system
    is to find and evaluate the mechanisms
    influencing a particular failure scenario

Likelihood Assessment Fault Trees
  • A fault tree is constructed by defining a top
    event and then defining the cause events and the
    logical relations between these cause events
  • This is based on
  • Equipment failure rates
  • Design and operational error rates
  • Human errors
  • Analysis of design safety systems and their
    intended function

Likelihood Assessment Fault Trees Example
Likelihood Assessment Generic Failure Rate Data
  • This information can be obtained from
  • American Institute of Chemical Engineers Process
    Equipment Reliability Data
  • Loss Prevention in the Process Industries
  • EP Forum
  • UK Health and Safety Executive data
  • and other published reports
  • (Refer to Sources of Additional Information
    slides for references)

Likelihood Assessment Human Error
  • Human error needs to be considered in any
    analysis of likelihood of failure scenarios
  • The interaction between pending failure
    scenarios, actions to be taken by people and the
    success of those actions needs to be carefully
    evaluated in any safety assessment evaluation
  • Some key issues of note include
  • Identifying particular issue
  • Procedures developed for handling the issue
  • Complexity of thought processing information

Likelihood Assessment Human Error
Likelihood Assessment Event Trees
  • Used to determine the likelihood of potential
    consequences after the hazard has been realised
  • It starts with a particular event and then
    defines the possible consequences which could
  • Each branching point on the tree represents a
    controlling point, incorporating the likelihood
    of success or failure, leading to specific
  • Such scenarios could be
  • Fire
  • Explosion
  • Toxic gas cloud
  • Information can then used to estimate the
    frequency of the outcome for each scenario

Likelihood Assessment Event Trees
  • Event tree example LPG Pipeline Release

  • Most scenarios will involve at least one of the
    following outcomes
  • Loss of containment
  • Reactive chemistry
  • Injury/illness
  • Facility reliability
  • Community impacts
  • Moving vehicle incidents
  • Ineffective corrective action
  • Failure to share learnings

  • Consequence evaluation estimates the potential
    effects of hazard scenarios
  • The consequences can be evaluated with specific
    consequence modelling approaches
  • These approaches include
  • Physical events modelling (explosion, fire, toxic
    gas consequence modelling programs)
  • Occupied building impact assessment

Consequences - Qualitative Evaluation
  • A qualitative evaluation is based upon a
    descriptive representation of the likely outcome
    for each event
  • This requires selecting a specific category
    rating system that is consistent with corporate

Consequences - Qualitative Descriptors Example
Consequences Quantitative Evaluation
  • Consequence analysis estimates the potential
    effects of scenarios
  • Tools include
  • Potential consequences (event tree)
  • Physical events modelling (explosion, fire and/or
    gas dispersion consequence modelling programs)
  • Load resistance factor design (building design)

Consequences - Qualitative Evaluation Example
Example Impact of Explosions
Note Calculations can be undertaken to
determine probability of serious injury and
Consequences - Qualitative Evaluation Example
Example - Overpressure Contour - impact on
facility buildings
Release scenario location
35 kPa
21 kPa
14 kPa
7 kPa

Risk Evaluation
  • Risk evaluation can be undertaken using
    qualitative and/or quantitative approaches
  • Risk comprises two categories - frequency and
  • Qualitative methodologies that can be used are
  • Risk matrix
  • Risk nomograms
  • Semi quantitative techniques
  • Layers of protection analysis
  • Risk matrix
  • Quantitative - quantitative techniques

Risk Assessment - What Type?
Simple, subjective, low resolution, high
uncertainty, low cost
Qualitative Assessment
Semi-Quantitative Assessment
Detailed, objective, high resolution, low
uncertainty, increasing cost
Quantitative Assessment
Risk Assessment Issues For Consideration
  • Greater assessment detail provides more
    quantitative information and supports
  • Strike a balance between increasing cost of
    assessment and reducing uncertainty in
  • Pick methods that reflect the nature of the risk,
    and the decision options

Risk Assessment Issues For Consideration
  • Stop once all decision options are differentiated
    and the required information compiled
  • Significant differences of opinion regarding the
    nature of the risk or the control regime indicate
    that further assessment is needed

Risk Assessment - Qualitative
  • Qualitative risk assessment can be undertaken
    using the following
  • Risk nomogram
  • Risk matrix
  • Both approaches are valid and the selection will
    depend upon the company and its culture

Risk Assessment - Risk Nomogram
  • A nomogram is a graphical device designed to
    allow approximate calculation
  • Its accuracy is limited by the precision with
    which physical markings can be drawn, reproduced,
    viewed and aligned
  • Nomograms are usually designed to perform a
    specific calculation, with tables of values
    effectively built into the construction of the

Risk Assessment - Risk Nomogram
Most nomograms are used in situations where an
approximate answer is appropriate and useful
Risk Assessment - Risk Nomogram
  • Advantages and Disadvantages
  • Accuracy is limited
  • Designed to perform a specific calculation
  • Cannot easily denote different hazards leading to
    an MA
  • Typically not used by MHFs

Risk Assessment - Risk Matrix
  • Hazards can be allocated a qualitative risk
    ranking in terms of estimated likelihood and
    consequence and then displayed on a risk matrix
  • Consequence information has already been
    discussed, hence, information from this part of
    the assessment can be used effectively in a risk
  • Risk matrices can be constructed in a number of
    formats, such as 5x5, 7x7, 4x5, etc
  • Often facilities may have a risk matrix for other
    risk assessments (eg Task analysis, JSA)

Risk Assessment - Risk Matrix
  • Results can be easily presented
  • In tabular format for all MAs
  • Within a risk matrix
  • Such processes can illustrate major risk
    contributors, aid the risk assessment and
    demonstration of adequacy
  • Care needs to be taken to ensure categories are
    consistently used and there are no anomalies
  • Australian/New Zealand Standard, AS4360, Risk
    Management 1999, provides additional information
    on risk matrices

Risk Assessment - Risk Matrix
Risk matrix example (AS4360)
Risk Assessment - Risk Matrix
  • Advantages
  • If used well, a risk matrix will
  • Identify event outcomes that should be
    prioritised or grouped for further investigation
  • Provides a good graphical portrayal of risks
    across a facility
  • Help to identify areas for risk reduction
  • Provide a quick and relatively inexpensive risk
  • Enable more detailed analysis to be focused on
    high risk areas (proportionate analysis)

Risk Assessment - Risk Matrix
  • Disadvantages
  • Scale is always a limitation regarding frequency
    reduction - it does not provide an accurate
    reduction ranking
  • Cumulative issues and evaluations are difficult
    to show in a transparent manner
  • There can be a strong tendency to try and provide
    a greater level of accuracy than what is capable

Risk Assessment - Semi-Quantitative Approach
  • One tool is a layer of protection analysis
    approach (LOPA)
  • It is a simplified form of risk evaluation
  • The primary purpose of LOPA is to determine if
    there are sufficient layers of protection against
    a hazard scenario
  • It needs to focus on
  • Causes of hazards occurring
  • Controls needed to minimise the potential for
    hazards occurring
  • If the hazards do occur, what mitigation is
    needed to minimise the consequences

Diagrammatic Representation - LOPA
Risk Assessment - Semi-Quantitative Approach
  • Analysing the safety measures and controls that
    are between an uncontrolled release and the worst
    potential consequence

Risk Assessment - Semi-Quantitative Approach
  • The information for assessment can be presented
    as a bow-tie diagram

Preventative Controls
Mitigative Controls
Risk Assessment - Semi-Quantitative Approach
  • Advantages and Disadvantages
  • Risk evaluation can be undertaken using a bow-tie
  • A procedural format needs to be developed by the
    company to ensure consistency of use across all
  • External review (to the safety report team)
    should be considered for consistency and feedback
  • Correct personnel are needed to ensure the most
    applicable information is applied to the
    evaluation approach

Risk Assessment - Quantitative
  • Quantitative assessments can be undertaken for
    specific types of facilities
  • This is a tool that requires expert knowledge on
    the technique and has the following aspects
  • It is very detailed
  • High focus on objective
  • Detailed process evaluations
  • Requires a high level of information input
  • Provides a high output resolution
  • Reduces uncertainty
  • Frequency component can be questionable as
    generic failure rate data is generally used
  • Provides understanding on the high risk
    contributors from a facility being evaluated

Risk Assessment - Quantitative
  • Typical result output from such an assessment is
    individual risk contours

Example shown is for land use planning
Risk Assessment - Quantitative
  • Time consuming
  • Expensive
  • Expert knowledge is required
  • Not suitable for every MHF site
  • Process upsets (such as a runaway reaction)
    cannot be easily modelled as an initiating event
    using standard equipment part counts -
    incorporation of fault tree analysis required
  • Use of generic failure rate data has limitations
    and does not take into consideration a specific
    companys equipment and management system

  • A risk assessment provides an understanding of
    the major hazards and a basis for determining
    controls in place
  • Risk assessments can involve significant time and
  • Operations personnel and managers could cause,
    contribute to, control or be impacted by MAs
  • Hence they should be involved in the risk
  • HSRs may or may not take part, but must be
    consulted in relation to the process of HAZID
    Risk Assessment
  • They should also be involved in resolution of any
    issues that arise during the studies, including
    improvements to methods and processes

Review and Revision
  • Employer must review (and revise) Hazard
    Identifications, Risk Assessments and Control
    Measures to ensure risks remain reduced to AFAP
  • At the direction of the Commission
  • Prior to modification
  • After a major accident
  • When a control measure is found to be deficient
  • At least every 5 years
  • Upon licence renewal conditions

Sources of Additional Information
  • The following are a few sources of information
    covering risk assessment
  • Hazard and Operability Studies (HAZOP Studies),
    IEC 61882, Edition 1.0, 2001-05
  • Functional Safety Safety Instrumented Systems
    for the Process Industry Sector, IEC 61511,
  • Fault Tree Analysis, IEC 61025, 1990-10
  • Hydrocarbon Leak and Ignition Data Base, EP
    Forum, February 1992 N658
  • Guidelines for Process Equipment Reliability
    Data, Center for Chemical Process Safety of the
    American Institute of Chemical Engineers, 1989

Sources of Additional Information
  • Offshore Hydrocarbon Release Statistics, Offshore
    Technology Report OTO 97 950, UK Health and
    Safety Executive, December 1997
  • Loss Prevention in the Process Industries , Lees
    F. P., 2nd Edition, Butterworth Heinemann
  • Layer of Protection Analysis, Simplified Process
    Risk Assessment, Center for Chemical Process
    Safety of the American Institute of Chemical
    Engineers, 2001
  • Nomogram, Wikipedia, the free encyclopaedia

Example LOPA Assessment Spreadsheet Format
Example Example Bowtie Assessment System Format
Write a Comment
User Comments (0)