Marvin Rausand - Risk Assessment

This chapter presents the frequency and the consequences of each hazardous event. These should be combined to present the risk picture. Depending on the analytical approach selected, the results may often be presented in tables.

The results from the risk assessment are subject to a wide range of uncertainties, depending on the input data, the models and methods used, and the knowledge of the study team (see Chapter 19). To give a realistic picture of the risk, the uncertainty of the input data should be discussed. In some cases, it may be relevant to run sensitivity analyses to show how the uncertainty in the input data influences the end result.

The report should address any analytical limitations that are expected to affect the main results of the risk assessment.

Based on the results from the risk assessment, it should be considered whether any risk reduction measures should be implemented. Possible measures that have been identified in the assessment should be described in this chapter.

It is important to discuss the results from the risk assessment and to check that they are compatible with the objectives of the study. Have we addressed the questions we were asked to answer? We must check whether the analyses are sufficient, or if it is necessary to do more detailed analyses. All this should be mentioned in the report.

Finally, all the conclusions that may be drawn from the risk assessment should be listed, along with possible proposals for further work. It is important to check that all recommended changes to the study object or its operation have properly been listed as action items .

In most cases, several documents, drawings, detailed worksheets, and so on, have been used in the risk assessment. These are often too voluminous to be included in the main report and should therefore either be included as appendices to the report or be mentioned in the document references.

The amount of information in the appendices should be limited. If in doubt about the benefit of including material as an appendix, it should probably be omitted.

A slightly different report structure is described in Chapter 5of U.S. DOE (2004), and some valuable advice on writing an efficient report based on a risk assessment is given by IAEA (1994).

The report must always be written such that it can be reviewed, verified, and updated. After completion, the risk assessment report should be reviewed and factually validated by the company. It may also be beneficial to have a third‐party review before the results are used.

The risk assessment will sometimes cover deliberate actions and the system's vulnerability relative to these threats. It is then important to realize that notes, worksheets, and other documentation from the risk assessment will be sensitive data that should be kept confidential. This documentation must therefore be graded and kept confidential. Nothing makes a company more vulnerable than a vulnerability study that has gone astray.

A number of EU directives and regulations make it mandatory to carry out various types of risk assessment of a wide range of potentially hazardous systems and activities. This is also the case in other parts of the world. Some main laws are introduced briefly below to illustrate the wide span of application:

The Seveso directive. The EU Directive on the control of major accident hazards involving dangerous substances (82/501/EEC) is often referred to as the Seveso directive because it was issued in response to the Seveso accident in 1977. The Seveso directive was amended in 1986 and 1988 to take into account the lessons learned from the Bhopal accident and the Sandoz fire. A more significant revision of the directive was issued in 1996 as a consequence of the Piper Alpha accident, and is called the Seveso II directive (EU 1996). 1In 2012, the directive was updated once more and is now called the Seveso III Directive (2012/18/EU of the European Parliament and of the Council of 4 July 2012 on the control of major‐accident hazards involving dangerous substances).The application of the Seveso III directive depends on the quantities of dangerous substances present (or likely to be present) at an establishment. Two levels (“tiers”) of duty are specified in the directive, corresponding to two different quantities (or thresholds) of dangerous substances. Sites exceeding the higher, “upper tier” threshold are subject to more onerous requirements than those that qualify as “lower tier.”Similar legislation is implemented in several other countries, such as 29 CFR 1910.119, “Process safety management of highly hazardous chemicals,” in the United States. This law requires that process hazard analyses be carried out.

The EU machinery directive. This directive (89/392/EEC) covers safety aspects of a wide range of machines that was introduced in 1989 and revised in 2006 (2006/42/EC). This directive requires that risk analyses are carried out for some dangerous machines, and a specific risk analysis standard, ISO 12100 (2010), has been developed for this purpose. Similar legislation has been implemented in several countries.

The Health and Safety at Work, etc., Act of 1974. HSWA is the principal health and safety law in the UK. It places general duties on employers to ensure the health, safety, and welfare of their employees at work, and also to conduct their undertaking in such a manner that persons outside their employment are not exposed to risk. Employers must carry out various risk assessments to ensure that these duties are met “so far as is reasonably practicable” (SFAIRP).

The Offshore Installations (Safety Case) Regulations 1992. These regulations were issued by the UK Health and Safety Executive (HSE) and require that specific risk assessments be carried out and that a safety case be developed and kept “alive” (i.e. updated). The regulations were revised in 2005 and later again in 2015.

The US Maritime Transportation Security Act 2002. This act is designed to protect US ports and waterways from a terrorist attack. It requires vessels and port facilities to conduct risk and vulnerability assessments.

Norwegian offshore safety regulations. In Norway, regulations concerning the implementation and use of risk analyses in petroleum activities have been issued by the Petroleum Safety Authority Norway and the Norwegian Ministry of the Environment. A special standard, NORSOK Z‐013 (2010), has been developed to support the required risk assessments.

More on safety legislation within different applications can be found in Chapter 20.

All risk analyses require a wide range of data and assumptions that may be more or less uncertain. Whenever possible, the data and the assumptions should reflect reality as closely as possible. This is not always feasible, and some decision‐makers question the validity of the results from risk analysis. A pertinent answer to this type of question is given by Garrick (2008):

[…] there is seldom enough data about future events to be absolutely certain about when and where they will occur and what the consequences might be. But “certainty” is seldom necessary to greatly improve the chances of making good decisions.

Whenever possible, assumptions should be made to err on the side of conservatism. Such assumptions, known as “conservative best estimates,” are to ensure that the assumptions do not result in underestimation of risk and, ultimately, unsafe decisions (NSW 2003). Uncertainty in risk assessment is discussed in Chapter 18.