Hazard Identification

And
Risk Assessment

Udara S.P.R. Arachchige

Hazard Identification And Risk Assessment

Hazard Identification
And
Risk Assessment

Dr. Udara S.P.R. Arachchige

Page i
Hazard Identification And Risk Assessment

University of Sri Jayewardenepura,

Faculty of Technology
Pitipana, Homagama
Sri Lanka
© Udara S.P.R. Arachchige
October 2021

Book Cover Design : Zeegy Soft Solutions, Thalatuoya, Kandy

[email protected]

Page ii
Hazard Identification And Risk Assessment

Dedicated to Alexandra Elbakyan, the founder of

Sci-Hub.
“The first pirate website in the world to provide mass and public access to tens of millions
of research papers”

Page iii
Hazard Identification And Risk Assessment

Preface
The book comprises four chapters. All chapters are saturated with much-
needed text supported by self-explanatory and straight forward figures.
The book will provide a basic understanding of hazards, hazard
identification methodologies, risk assessment, and risk evaluation
techniques needed for undergraduate students preparing for the science,
engineering and technology stream.

All the fundamental concepts needed to conduct hazard identification and

risk assessments are covered in detail, providing readers with a sound
understanding of the field and making the book a powerful tool for
students and researchers alike.

One of the happiness of completion is to look over the journey and

remember the wonderful moments!
Thank you.

Dr. Udara S.P.R. Arachchige

Senior Lecturer
Department of Civil and Environmental Technology
Faculty of Technology
University of Sri Jayewardenepura
Homagama, Sri Lanka
[email protected]
01/10/2021

Page iv
Hazard Identification And Risk Assessment

Table of Contents
Preface............................................................................................................iv
Nomenclature.................................................................................................vii
Chapter 1: Hazards...........................................................................................1
1.1. Types of Hazards..................................................................................1
1.1.1. Safety hazards................................................................................1
1.1.2. Biological hazards........................................................................15
1.1.4. Ergonomic hazards......................................................................17
1.1.5. Chemical hazards.........................................................................21
1.1.6. Work organization hazards..........................................................22
1.2. Lock Out Tag Out (LOTO).................................................................22
1.3. Impacts of the Hazards.......................................................................23
Chapter 2:Hazard Identification.....................................................................24
2.1. Hazard Identification..........................................................................25
2.2. What If................................................................................................27
2.2.1. How to conduct a what if analysis:..............................................27
2.3. Checklists............................................................................................30
2.4. Hazard and Operability Studies (HAZOP).........................................42
2.5. Task Analysis (TA) / Job Hazard Analysis (JHA).............................51
2.6. Index...................................................................................................53
2.6.1. Dow Fire and Explosion Index (F & EI).....................................53
2.6.2. Mond Index..................................................................................58
2.6.3. Chemical Exposure Index (CEI)..................................................58
2.6.4. Material Hazard Index.................................................................58
2.6.5. Failure Mode and Effects Analysis (FMEA)...............................59

Page v
Hazard Identification And Risk Assessment

2.7. Hazard Analysis..................................................................................60

2.7.1.Process Hazard Analysis (PHA)...................................................60
2.7.2. Interface Hazard Analysis (IHA).................................................62
2.7.3. Layers of Protection Analysis (LOPA)........................................63
2.7.4. Safety Integrity Level (SIL).........................................................69
2.7.5. Fault Tree Analysis (FTA)...........................................................69
2.7.6. Event Tree Analysis (ETA).........................................................74
2.7.7. Bowtie Analysis...........................................................................77
2.7.8. Human reliability.........................................................................79
Chapter 3: Risk Assessment..........................................................................80
Chapter 4:Risk Control and Management.....................................................82
4.1. Documentation and Monitoring Risk Analysis..................................86
References......................................................................................................87

Page vi
Hazard Identification And Risk Assessment

Nomenclature
Abbreviation
PPE : Personal Protection Equipment

GFCI : Ground-Fault Circuit Interrupters

CNS : Central Nervous System

LOTO : Lock Out Tag Out

HAZID : Hazard Identification

PFD : Process Flow Diagrams

HAZOP : Hazard and Operability Studies

Cr : Criticality Number

P : Probability of occurrences in an year

B : Conditional probability that the severest

consequences will occur

S : Severity of the severest consequences

TA : Task Analysis

JHA : Job Hazard Analysis

F & EI : Dow Fire and Explosion Index

FMEA : Failure Mode and Effects Analysis

MF : Material Factor

GPH : General Process Hazard

SPH : Special Process Hazard

MSDS : Material Safety Data Sheet

Page vii
Hazard Identification And Risk Assessment

PHF : Process Hazards Factor

CEI : Chemical Exposure Index

RPN : Risk Priority Number

LOPA : Layers Of Protection Analysis

SIL : Safety Integrity Level

IHA : Interface Hazard Analysis

PHA : Process Hazard Analysis

FTA : Fault Tree Analysis

ETA : Event Tree Analysis

OSHA : Occupational Safety and Health

Administration

RTC : Risk Tolerance Criteria

HRA : Human Reliability Assessment

QRA : Quantitative Risk Analysis

Page viii
Hazard Identification And Risk Assessment

Page ix
Hazard Identification And Risk Assessment

Chapter 1: Hazards
Hazard can be described as "anything that has the potential to cause harm,
including injury, disease, death, environmental damage, property and
equipment damage". In other words, it can be explained as "the set of
conditions of a system that, together with other conditions in the system's
environment, will inevitably lead to an accident".

1.1. Types of Hazards

There are mainly six types of hazards are in the workplace.

1 Safety hazards
2 Biological hazards
3 Physical hazards
4 Ergonomic hazards
5 Chemical hazards
6 Work organization hazards

1.1.1. Safety hazards

These hazards play an effect on employees who work directly with
machinery or on construction sites. Safety hazards can be described as unsafe
working conditions that can cause injury, illness, and death. Safety hazards
are the most common workplace risk involved with industrial activities.

Safety hazards are include:

 Anything that can cause spills or trips such as cords running across
the floor or ice.
 Anything that can cause falls such as working from heights, including
ladders, scaffolds, roofs, or any elevated work area.
 Unguarded and moving machinery parts that a worker can
accidentally touch.

Page 1
Hazard Identification And Risk Assessment

 Electrical hazards like frayed cords, missing ground pins, and

improper wiring.
 Confined spaces.

Working at Height
Working at height define as any work where a person could potentially fall
and injure themselves. A ladder, a roof's edge, an opening on the floor, and
even a loading dock can be considered working at height. In general, work at
height is considered 2 meters above the ground or floor level. In order to
avoid the risk of working at height, the worker should wear safety gear. It is
recommended to avoid working at height, but if it is unavoidable, the activity
should be carried out with support from a safe platform, with suitable edge
protection in place. Ladders should not be used as workstations; they should
consider only for gaining access to the workplace and should only be used
for short-duration tasks. Suppose one is performing light work of short
duration. In that case, a ladder might be an acceptable option, as long as all
possible hazards have been properly identified as well as the existing risks
have been evaluated properly.
The weather conditions variations, wind, rain and snow, can also
make it more dangerous to work at height, creating a risky environment.
Moreover, some jobs and industries are at higher risk for falls. For example,
building construction, agriculture and cultivation, maintenance, road
transport, painting walls and decorating window cleaning, and so on should
only be carried out with proper fall protection in place to avoid possible
accidents.
It can consider about the fall protection equipment to avoid and
minimize the risk. It can be classified into personal protection equipment
(PPE) and collective protection equipment. When there is a risk of falling,
appropriate equipment such as scaffolding, aerial work platforms, safety
nets and racks should be used with proper adjustments. However, when
collective safety measures are insufficient to avoid the risk, PPE should be
worn to avoid it.

Scaffolding
Scaffolding, scaffold or staging, is simply a temporary structure providing
support for work crew and materials to aid in the building construction,

Page 2
Hazard Identification And Risk Assessment

maintenance and repairing, and all other man-made structures. The scaffold
has to fulfil a diverse set of requirements:
- creation of safe and productive working areas
- providing access to working areas at higher levels
- carrying area and/or point loads

Figure 1 represents the example of the scaffolding use for industrial

activities.

Figure 1. Scaffolding1

A Scaffold is used for some particular purposes which are listed below:
1.Working Scaffold
2.Access Scaffold
3.Shoring
4.Reinforcement scaffold
5.Facade scaffold

Some basic examples of different types of scaffoldings are given in the

Figure 2.

Page 3
Hazard Identification And Risk Assessment

Figure 2. Types of Scaffoldings2

Aerial work platforms

An aerial work platform, also known as an aerial device, is a mechanical
device used to get support as temporary access for people or equipment to
inaccessible areas, usually at height. Aerial work platforms provide vital
access for maintenance and engineering technicians working in the toughest-
to-reach areas of institutional and commercial facilities. Different kinds of
aerial work platforms are given in Figure 3.

Figure 3. Examples for aerial work platforms3

Page 4
Hazard Identification And Risk Assessment

Safety nets and racks

Safety nets and racks are used to protect people and reduce product damage
in warehouses and storage areas. Rack guard storage and rack safety netting
form a durable load containment barrier to creating a vertical see-through
wall containing loose boxes, palletized goods, and stacked materials on
warehouse shelves and storage racks (Figure 4).

Figure 4. Safety nets and racks used to maintain the safety4

Personal Protective Equipments (PPE)

Personal protection equipment for height includes fall arrest systems,
positioning systems, suspension systems and retrieval systems.
Fall arrest systems are designed to use for stopping the falling worker
in the event of a fall from height. It is required whenever there is a risk for a
worker to fall from an elevated position or whenever an activity is carried
out at a height above 2 meters or more. Fall arrest systems are operating only
if falls occur. Typical FAS consists of anchor devices, a full-body harness,
and connecting devices to avoid falling from a higher elevation. For an
example, a full-body harness with a shock-absorbing lanyard or a retractable
lifeline is common in FAS.
The full-body harness distributes the forces throughout the body,
while the lanyard or lifeline decreases the total fall arresting forces. The
anchoring device attaches the connecting device to the anchorage point or
tie-off point, an l-beam, scaffolding or another structural point.

Fall arrest system

The goal of this form of fall protection is to stop, or arrest, an employee who
is falling from a walking surface.

Page 5
Hazard Identification And Risk Assessment

Figure 5. Fall arrest systems5

However, anyone working at height with the PPE has to be careful with the
pendulum effect. The pendulum effect occurs due to a line extending to
reach a point a long way from the static line but close to the roof's edge. If a
person falls at this point, the line slides back towards the anchorage and, if
that distance is greater than the drop to the ground, the person will hit the
ground and be critically injured or die. The pendulum effect is representing
in Figure 6.

Page 6
Hazard Identification And Risk Assessment

Figure 6. Pendulum Effect6

The swinging back occurs as a result of the worker falls from a perpendicular
edge and swings back into the building structure, colliding with the existing
obstructions. This type of risk should be carefully evaluated before choosing
a fall arrest system, and different protection might be necessary if the risk
does exist.
The main situation of this is when the arrest line extends diagonally
from the anchor point. When the worker falls, the fall arrest system slides
back along the perimeter of the roof until the arrest line is creating a right
angle with the edge of the roof. In this scenario, a line that’s too long can
cause the worker to hit the ground, and if the edge of the roof is very sharp,
the arrest line may break.

Positioning systems
A positioning system is essential to avoid serious risk during a similar kind
of work. Positioning systems are designed to operate as pieces of equipment
that hold an operator in a steady location of work while leaving his hands
free during the work. These systems are activated when the worker leans

Page 7
Hazard Identification And Risk Assessment

back but are not designed for fall arrest purposes. This means that a person in
a dangerous work position reduces the risk of falls but does not eliminate it.
Thus, it is recommended to use a backup fall arrest system together with a
positioning system. A typical positioning system includes several parts,
including an anchoring device, a full-body harness with a positioning belt
and connecting devices, such as work-positioning lanyards. Also called
work-positioning equipment, a positioning system is a body belt or body
harness system that allows a worker to be supported on an elevated vertical
surface, such as a wall, window sill, or ladder, and work with both hands-
free.

Figure 7. Positioning System7

Suspension systems
Suspension equipment systems are designed to lower and support the worker
providing for a hands-free work environment. In most cases, it is used by
painters and window washers. It allows employees to lift and lower
themselves along a vertical surface during a hands-free working
environment. Alongside the suspension system, a fall arrest system must still

Page 8
Hazard Identification And Risk Assessment

be used. A suspension system includes anchor devices and two ropes which
are supposed to be used for descender purposes, and one equipped with a
rope grab and a full-body hardness.
Such systems are used, for example, in the window washing and
painting industries. A rope grab or fall arrestor is used when workers need to
move vertically. It is positioned between the lifeline and the lanyard, sliding
freely on a vertical rope or a rail or lifeline. In a sudden movement such as a
fall, the device grabs the lifeline and holds it firmly, arresting the fall.
Retractable lifelines have rope grabs incorporated.

Figure 8. Suspension systems

Retrieval systems
One of the most important safety devices is a retrieval system that supports a
worker's fall protection plan. This is especially important for works that
carry on enclosed spaces such as manholes. During the operation, rescue
equipment should be connected to the employee at the outset and should not
be used for purposes other than rescuing a fallen worker. A rescue plan must
also consider the safety of the rescuer. Retrieval equipment "must enable a
rescuer to remove an injured employee from the enclosed space quickly and
without injury to the rescuer or further harm to the fallen employee."

Page 9
Hazard Identification And Risk Assessment

Figure 9. Retrieval systems

Horizontal lifeline systems consist of a series of anchor points connected by

wire rope, the rope track following the contour of the roof. The worker hooks
up once and uses a slider or runner that goes along the track, following the
user. Such a system offers freedom of movement while ensuring safe
working conditions at height. If needed, the anchor points and rope system
can also be used in the centre of the roof; in this case, the solution being
more cost-effective.

Collective protection
Collective protection equipment is sometimes the only protection needed
against falls. For example, guardrails placed at the roof edges may be enough
in some cases, as they offer 100% fall prevention, so workers don’t need
PPE. In situations where passive protection is used, workers only need to
stay inside the rails to avoid falls. Guardrails can be installed on a permanent
or temporary basis, and the type of roof construction has to be taken into
account for choosing the proper system.
Another method to ensure collective protection against fall is to
install a temporary scaffold to support the workers carrying out activities at
height. This system is usually modular, made of a series of pipes or tubes,
and enables workers to easily carry materials at height if performing
construction or maintenance activities. Scaffolds are commonly made of
metal or aluminium, the latter being more lightweight and durable.

Page 10
Hazard Identification And Risk Assessment

Safety nets are also used as collective protection equipment against

falls. The nets are positioned beneath the worksite, covering the entire floor
and being fixed to the structure. In some cases, the net is used only for
covering a fall-catching area.

Figure 10. Collective System

Unguarded and moving machinery parts

Workers' fingers, arms, hair, and other body parts can be caught or entangled
in unguarded machine parts or equipment. Figure 11 representing the
unguarded machinery parts and Figure 12 represents guarded machinery to
protect the workers from moving machinery.

Figure 11. Unguarded and moving machinery parts

Page 11
Hazard Identification And Risk Assessment

Figure 12. Guarded Machinery8

Machine guards provide protection from hazards by providing a covering.

The covering creates a barrier, shielding workers and preventing them from
touching, or getting caught in moving parts. They also protect from sparks,
flying debris and splashing chemicals.

Electrical hazards like frayed cords, missing ground pins, and improper
wiring

Electrical hazards come in a variety of forms, but all have the potential to
cause serious injury. Common types of electrical hazard include:

 Contact with live wires resulting in electric shock and burns

 Fires due to faulty wiring
 Exposed electrical parts

Page 12
Hazard Identification And Risk Assessment

 Ignition of fires or explosions due to electrical contact with

potentially flammable or explosive materials
 Inadequate wiring
 Improper grounding
 Sometimes caused by workers deliberately removing the
ground pin on an electric plug to fit a two-prong extension
cord
 Interaction with overhead power lines
 Damaged wire insulation, causing electrical conductors to
make contact with each other, tools, or a worker’s body
 Overloaded circuits
 Wet conditions.

Electricity safety focuses on removing any potential electrical hazard and

educating employees on the dangers of improperly working with electricity
and electrical equipment.

General electrical safety tips include:

 Treating all electrical wires as if they are live.

 Inspecting electrical cords and plugs for damaged insulation
and broken ground pins before use.
 Reporting all exposed electrical parts, including wires,
terminals, and missing circuit breakers, immediately.
 Checking extension cords ratings to ensure they can handle
the load required by electrical equipment before use.
 Storing materials and equipment at least ten feet away from
overhead power lines.
 Replacing extension cords and wires with damaged insulation.
Do not use tape to repair the damage.
 Never use nails or sharp objects to hang extension cords from
the ceiling or walls.
 Never run electrical cords through windows or doors.
 Instead of connecting strips or surge protectors to extension
cords, use a three-way extension cord with a Ground-Fault
Circuit Interrupters (GFCI) (a fast-acting circuit breaker)

Page 13
Hazard Identification And Risk Assessment

 Keep floors and work surfaces dry to prevent electricity from

interacting with water or other liquids.
 Regularly inspect electrical tools and equipment for damage.

Figure 13. Frayed cords9

Our first instinct on seeing a frayed wire is to strip the wire and mend it by
wrapping it using an electrical tape. In extreme cases, we may just strip the
wire and reinsert it into the socket. Both scenarios can prove to be
dangerous.

Confined spaces at the workplace

Confined space is an enclosed nature where there is a risk of death or serious
injury from hazardous substances or dangerous conditions.

Some confined spaces are fairly easy to identify, e.g., enclosures with limited
openings:

 storage tanks
 silos
 reaction vessels
 enclosed drains
 sewers
 combustion chambers in furnaces

Page 14
Hazard Identification And Risk Assessment

 ductwork
 unventilated or poorly ventilated rooms.

The hazards associated confined spaces include:

 Toxic Atmosphere. A toxic atmosphere may cause various acute

effects.
 Oxygen Deficiency.
 Oxygen Enrichment.
 Flammable or Explosive Atmospheres.
 Flowing Liquid or Free Flowing Solids.
 Excessive Heat.

You need to check if the work can be done another way to avoid entry or
work in confined spaces. Better work-planning or a different approach can
reduce the need for confined space working.

Some examples for confined spaces are given in Figure 14.

Figure 14. Confined spaces10

1.1.2. Biological hazards

Biological hazards commonly known as biohazards, can be any biological
substance that could cause harm to humans. Biological hazards exposure to
harm or disease from working with animals, people, or infectious plant
materials.

Types of things you may be exposed to for biological hazards:

 Blood and other body fluids

Page 15
Hazard Identification And Risk Assessment

 Fungi/mold
 Bacteria and viruses
 Plants
 Insect bites
 Animal and bird droppings
Once biological hazards have been identified, it is important to put together a
safety plan to mitigate the risks. Once you have identified biological hazards
in the workplace it is important to eliminate as many as possible as well as
reduce their risk to employees. By implementing controls in the workplace,
the risk of biological hazards can be greatly reduced and, in some cases,
eliminated completely. Two types of controls that can be used to address
biological hazards are administrative and engineering controls.

 Engineering controls reduce risk through physical means. Some

examples of engineering controls for biological hazards are: regular
cleaning of the workplace, pest prevention/extermination, requiring
that safety equipment be used and worn, and proper disposal of
materials and items that may pose a biological risk.
 Administrative controls reduce risk by changing work processes and
activities to make them more safe. Some examples of administrative
controls include allowing proper sick leave to employees, providing
immunization programs, and limiting exposure to potential biological
safety hazards and training staff to work safely around them.
Once administrative and engineering controls have been implemented, it is
important to revise your safety strategy at least once a year and every time
the workplace conditions change. Other than that, PPE such as gloves, mask,
face shield, Eye protection, safety cloths, can be applied to reduce the risk of
the hazard.

1.1.3. Physical Hazards

Despite their name, physical hazards aren’t always something that you can
see or touch. Physical hazards affect workers in extreme weather conditions
or harmful working environments. Workers who are exposed outside in the
sun for a prolonged period of time can suffer physical hazards which can
cause long-term effects to their health. Physical hazards can be any factors

Page 16
Hazard Identification And Risk Assessment

within the environment that can harm the body without necessarily touching
it.

Physical hazards also include:

 Radiation: including ionizing and non-ionizing (Electromagnetic
forces, microwaves, radio waves, etc.) materials
 High exposure to sunlight/ultraviolet rays
 Temperature extremes – hot and cold
 Constant loud noise
The very common accidents such as falls, slip, and trip happen in the
workplace are also coming under the physical hazard.

1.1.4. Ergonomic hazards

Ergonomic safety hazards play an essential role in human health. It occurs
when the type of work, body positions, and daily working conditions put a
strain on your body due to wrong positions or movements. They are the
hardest to spot at the time it used to do. The main reason for that is that you
don’t immediately notice the strain on your body or the harm that these
hazards pose until they create pain at the place of the body after a certain
period. Sometimes, short-term exposure may result in “sore muscles” the
next day or in the days following the strain, but extended exposure can result
in serious long-term issues, maybe even after a few years.

Ergonomic Hazards include:

 Improperly adjusted workstations and chairs

 Frequent lifting
 Poor posture
 Awkward movements, especially if they are repetitive
 Having to use too much force, especially if you have to do it
frequently
 Excessive vibration
Some examples for ergonomics hazards are given in Figure 15 and 16.
Figure 15 shows the proper sitting position while the proper lifting an object
is showing in Figure 16 to avoid the ergonomics hazards.

Page 17
Hazard Identification And Risk Assessment

Figure 15. Proper Sitting position to avoid Ergonomic Hazard11

Figure 16. Proper Lifting Position to avoid Ergonomics Hazard11

Page 18
Hazard Identification And Risk Assessment

Figure 17 presents the poor posture which causes ergonomics hazards in the
day to day activities. Posture is the relative position of the body at any one
period of time. The correct posture or neutral posture is defined as a position
in which minimal stress is applied to the body’s muscles, tissues, joints, and
ligaments, providing the most energy-efficient movement. Generally, the
central nervous system (CNS) begins to make musculoskeletal adaptations to
the postures and movements performed most often during the day to day
activities. The muscular imbalances in daily life cause some muscles to be in
a constant state of contraction while other opposing muscles remain weak
and overstretched, which leads to pain.

Figure 17. The importance of good posture11

One of the cause for ergonomics hazards is Awkward movements, especially

if they are repetitive. One of the common example is wrist pain due to the
over use of computer mouse and keyboard (Figure 18 and 19).

Page 19
Hazard Identification And Risk Assessment

Figure 18. Repetitive strain injuries due to overused of the computer mouse

Figure 19. Repetitive strain injuries due to long term usage of keyboard

Page 20
Hazard Identification And Risk Assessment

One of the common cause for ergonomics hazards from building and
construction industry is considered as the excessive vibration. Noise and
vibration are two common workplace hazards that can have serious long-
term effects on employee health (Figure 20).

Figure 20. Noise and Vibration at the construction Site

1.1.5. Chemical hazards

Chemical hazards are common in most workplaces. It presents when a
worker is exposed to any chemical preparation in the workplace. In general,
some of them are safer than others, but to some workers who are more
sensitive to chemicals, even standard solutions can cause illness, skin
irritation, or breathing problems.

Chemical hazards can be present in the following:

 Liquids like cleaning products, paints, acids, solvents – particularly if

chemicals are in an unlabeled container

 Vapors and fumes that come from welding or exposure to solvents

 Gases like acetylene, propane, carbon monoxide, helium, H2S gas

 Flammable materials like gasoline, solvents, and explosive chemicals

 Pesticides

Page 21
Hazard Identification And Risk Assessment

1.1.6. Work organization hazards

Safety hazards or stressors that cause stress (short-term effects) and strain
(long-term effects). These are hazards associated with workplace issues such
as workload, lack of control and/or respect, etc.

Examples include:
 Workload demands
 Workplace violence
 High intensity and/or pace
 Respect (or lack thereof)
 Flexibility
 Control or say about things
 Social support or relations
 Sexual harassment

1.2. Lock Out Tag Out (LOTO)

"Lockout/Tag Out" is defined as the specific practices and procedures to
maintain the employee's safety from the unplanned or unexpected
energization or startup of any kind of machinery and equipment during
service or maintenance activities.

Lockout: The locking device places on an energy isolation device (circuit

breaker, slide gate, line valve, switch, etc.) to ensure the energy isolating
device and equipment are being controlled and cannot be operated until the
lockout device is removed.
Tag out: The tag-out device, such as a tag or other prominent warning
device places on an energy isolation device to indicate the energy isolating
device and equipment being controlled and should not use during this period
until the tag out device is removed. Tag out maybe tag or sign to provide
necessary information about the equipment's energy isolation and the
warnings for workers to not operate it.

Page 22
Hazard Identification And Risk Assessment

Lockout and tag out devices must be:

 durable for the environment in which they will be used

 sturdy enough to minimize early or accidental removal

 unique, distinctive, easily recognizable and clearly visible

 standardized as to color, shape, size, type or format

 identifiable as to the worker(s) authorizing or applying them.

This procedure is essentials to all employees subject to any isolation of

energy sources and LOTO system to fully study and understand it and follow
it within all activities such as working on pipelines, confined spaces,
electrical devices or any other energized devices.

1.3. Impacts of the Hazards

As well as having the potential for causing injury, loss of life and damage to
property, the hazards of fire, explosion and toxic releases may pose a severe
threat to the environment.

Page 23
Hazard Identification And Risk Assessment

Chapter 2:Hazard
Identification
Hazard identification is the process of monitoring and examining each work
area and work task for the purpose of identifying all available hazards and
the hazard generating during the carrying out of the work, which is “inherent
in the job”. The areas of machine workshops, laboratories, office areas,
agricultural and horticultural environments, stores and transport,
maintenance and grounds, reprographics, and lecture halls and teaching
spaces are considered for general purposes to evaluate the hazard. The main
idea is to describe the process of identifying the hazard which could cause
harm in a work task or area.

The objectives of Hazard Identification (HAZID) are to:

 Identify potential hazards

 Determine potential consequences of the hazards
 Identify safeguards that are in place to provide hazard prevention,
control or mitigation (including planned safeguards depending on the
stage of the project)
 Propose recommendations, as needed, to eliminate, prevent, control,
or mitigate hazards
 Provide early safety and risk input into design and safety
management requirements for an activity, and
 Provide a clear basis for major accident event screening as part of
subsequent formal safety assessment studies.

HAZID study requires some documentation and information to manage it

properly. HAZID documentation and information varies, depending on the
study scope and timing, and must be provided to the HAZID facilitator, at
least a week prior to the workshop meetings.

Page 24
Hazard Identification And Risk Assessment

The required documentation may include:

 Facility layout, including location of major equipment and
occupied buildings
 Location and nature of the terrain and environmental
conditions
 Principal operations and other activities
 Details of hazardous inventories
 Chemical and materials/equipment handling
 Process type/design and utility data, such as process flow
diagrams (PFD), piping and instrumentation diagrams
(P&IDs), and operating envelopes
 Design philosophies, including manning, operating,
maintenance, and safety
 Findings of any prior HAZID studies
 Accident history for similar units
 Emergency response plans
 Plans for construction, transportation, and installation
activities
 Hazard and risk register
 Description of neighbouring facilities, operations, and areas
of occupancy.

2.1. Hazard Identification

Risk Assessment and Hazard identification are connected each other. Risk
assessment and risk analysis of technical systems can be defined as a set of
systematic methods to:

 Identify hazards
 Quantify risks
 Determine components, safety measures and/or human interventions
important for plant safety.

There is a simple definition for the difference between Hazard and the Risk.

A Hazard is something that has potential to harm you. Risk is the likelihood
of a hazard causing harm. It can be clearly seen in Figure 21.

Page 25
Hazard Identification And Risk Assessment

Figure 21. Comparison between Hazard and the Risk12

Based on Figure 21, the person knows there are sharks in the ocean. Hazards
only become risks when there is exposure. Sharks are a hazard. But if you
never go near the ocean, you have no exposure to sharks and face no risk of a
shark attack.

Therefore, simply it can be identified as;

Risk = Hazard + Exposure

Even you know that there are sharks in the ocean, you decided to swim in the
ocean. Then you are in great danger because anytime sharks can attack you.
That is simply the definition of the risk. The risk analysis and the hazard
identification are interrelated. Hazard identification is a part of the risk
analysis. It can represent in the following chart, which clearly defined the
steps of the risk analysis.

Risk analysis main steps are given in Figure 22.

Page 26
Hazard Identification And Risk Assessment

Figure 22. Main steps of the Risk Analysis

2.2. What If
The what-If analysis identifies hazards and possible accidents, qualitatively
evaluate the consequences and determine the adequacy of safety levels. It
generates qualitative descriptions of potential problems in the form of
questions and responses and lists of recommendations for preventing
problems. It is typically performed by one or more teams with diverse
backgrounds and experience. A What-if Analysis consists of well defined
structured brainstorming to determine what can go wrong in a given
scenario; in that sense, then judge the likelihood and consequences that
things will go wrong.

2.2.1. How to conduct a what if analysis:

The procedure of conducting a what if analysis is briefly explained below13.

1. Team Kickoff
The team leader will handle the entire team through each step of the What-if
Analysis. The detailed equipment diagram and any prepared operating

Page 27
Hazard Identification And Risk Assessment

guidelines may be used for the evaluation steps, including guidelines for
determining acceptable safety levels.

2. Generate What-if Questions

The predefined team generates possible What-if questions relating to each
step of the experimental procedure and each component to determine likely
sources of errors and failures of the system.

Some factors to be considered when developing the questions;

 Potential human error

 Equipment component failures
 Deviations from the planned/expected critical parameters such as,
temperature, pressure, time, flow rate.

3. Evaluate and Assess Risk

The team considers the list of What-if questions, one-by-one, to determine
likely sources of errors. They then decide the probability of each error
occurring and assess the consequences.

4. Develop Recommendations
Risk deemed unacceptable: If the team concludes there’s a need for
corrective action, a recommendation is recorded.

Risk deemed acceptable: When probability is very low, consequences are not
severe, and the action to correct the condition would involve significant cost
and time, the team may note a “no recommendation” response.

5. Prioritize and Summarize Analysis

The team’s analysis is summarized and prioritized.

6. Assign Follow-up Action

Responsibilities are assigned for follow-up action(s). Consider adding a
column to your What-if Analysis form to indicate the person or group
responsible for each corrective action.

The benefits and the limitations of the What if analysis is given below in the
Table 1.

Page 28
Hazard Identification And Risk Assessment

Table 1. Benefits and Limitations of What If Analysis

Benefits Limitations
 Easy to use  Only useful if you ask the right
questions
 No specialized tools needed  Relies on intuition of team members
 People with little hazard  More subjective than other methods
analysis experience can
participate meaningfully
 Leads to deeper insight,  Greater potential for reviewer bias
especially for person/people
conducting the analysis

 More difficult to translate results into

convincing arguments for change

Operational procedure of What if analysis is given in Figure 23.

Figure 23. Flow diagram of What If analysis

Let's consider a practical example of What is Analysis for process safety. At

each step in the procedure or process, What-If questions are asked and
answers generated. Moving to recommendations is held until all potential
hazards are identified to minimize the chances that potential problems are
not overlooked. The review team then makes judgments regarding the
likelihood and severity of the "What-If" answers. If the risk indicated by
those judgments is unacceptable, then a recommendation is made by the
team for further action. The completed analysis is then summarized and
prioritized, and responsibilities are assigned. What if the analysis form is
given in Table 2 to achieve for the entire process.

Page 29
Hazard Identification And Risk Assessment

Table 2. What If analysis form

What If? Answer Likelihood Consequences Recommendations

As an example, we will consider a reactor which uses for biodiesel

production.

Table 3. What If sample questions for biodiesel production reactor

What If? Answer Likelihood Consequences Recommendati
ons
Possible Possible Serious Add
…the evaporating temperature
temperature Methanol and controller and
of the reactor slow the reaction. alarm to notify
exceeding Methanol will the deviations.
65°C. release to the
environment.

2.3. Checklists
The checklist is one of the basic methods which consist of the number of
information list which gives general guidance to the person conducting an
industry about possible workplace health and safety hazards and issues.
There should be an assigned person to run the checklist at the beginning of
every week to identify the possible deviations in the system. Those questions
are related to equipment, machinery, fire and safety, emergency exits,
labours, electricity and power generation etc.

One of the sample check list is given in the Table 4.

Page 30
Hazard Identification And Risk Assessment

Table 4. Hazard Identification Checklist

Facilities Areas

Surveyor Name:_______________________________Survey Date:_________________________

Work Unit:___________________________________Area/Room:__________________________

If “No” is selected, please correct the hazard and note the date.

Yes No N/A Date

Corrected

ADMINISTRATIVE
2. Staff knows how to report an incident/injury/safety
concern?

4. Has staff reviewed the content of the UCI Emergency

Procedures Flipchart?

6. Work unit emergency call list available?

RECORDKEEPING
8. Chemical/hazardous materials inventory?

10. MSDS's accessible?

12. Cal-OSHA Permits for Air & LPG ?

14. Tailgate meeting documentation?

16. Code of Safe Practices available?

FIRE/LIFE SAFETY
18. First Aid Kit accessible and stocked and evidence of
regular inspection?

20. Emergency Action Plan/Fire Prevention Plan

communicated?

22. Portable Extinguishers - Accessible, location marked,

checked monthly, maintained annually?

24. Automatic fire sprinkler systems maintenance inspection

quarterly?

Page 31
Hazard Identification And Risk Assessment

26. Automatic sprinkler systems serviced every five years?

28. Standpipe systems serviced every five years?

30. Fire hoses and hose cabinets inspected?

32. Automatic system main drain flow test annually?

34. Smoke detectors and smoke activated door closures

tested annually?

36. Fire hydrants inspected and serviced?

38. Evacuation drills held periodically?

40. Evacuation plans posted?

GENERAL WORK AREA

42. Work surfaces and walkways dry or slip resistant, no
tripping hazards?

44. Exterior walkways in good condition?

46. Spills cleaned up immediately?

48. Combustible debris & waste stored safely and removed

promptly?

50. Dip tanks, etc., cleaned regularly, inspected?

52. Are accumulations of combustible dust routinely

removed from enclosed areas and cleaned up?

54. Is metallic or conductive dust prevented from entering

or accumulating on or around electrical enclosures or
equipment?

56. Are covered metal waste cans used only for oily and
paint soaked waste?

58. Are all oil and gas fired devices equipped with flame
failure controls that will prevent flow of fuel if pilots
and main burners are not working?

60. Work areas adequately illuminated?

Page 32
Hazard Identification And Risk Assessment

62. Pits & floor openings covered or guarded?

64. Material piled, racked, stacked, or stored properly.

Storage racks & shelves properly attached to building?

66. Are cabinets >5' secured to walls, floor, each other?

PERSONAL PROTECTIVE EQUIPMENT

68. Appropriate and adequate PPE (as determined by PPE
Assessment Tool) provided?

70. Shower and eyewash stations inspected monthly and

noted on tag?

72. Respirators are stored properly in an enclosure to

prevent dirt and dust contamination?

EXITING & EGRESS

74. Exits properly marked with an exit sign and illuminated
by a reliable light source?

76. Are the directions to exits, when not immediately

apparent, marked with visible signs?

78. Are doors, passageways, or stairways, that are neither

exits nor access to exits and which could be mistaken for
exits, appropriately marked "NOT AN EXIT", "TO
BASEMENT", "STOREROOM"?

80. Elevator inspection current?

82. Are there sufficient exits to permit prompt escape in

case of emergency?

84. Are exit doors open able from the direction of exit travel
without the use of a key or any special knowledge or
effort when the building is occupied?

86. Where panic hardware is installed on a required exit

door, will it allow the door to open by applying a force
of 15 lbs. Or less in the direction of the exit traffic?

88. Are there viewing panels in doors that swing in both

directions and are located between rooms where there is
frequent traffic?

Page 33
Hazard Identification And Risk Assessment

90. Where exit doors open directly onto any street, alley or
other area where vehicles may be operated, are adequate
barriers and warnings provided to prevent employees
from stepping into the path of traffic?

92. Are exits kept clear?

ELEVATED LOCATIONS
94. Toe boards (4") installed if needed?

96. Load capacity marked on elevated storage areas?

98. Permanent ladder or stairs to frequently used elevated

locations?

ELECTRICAL
100. Are energized parts of electrical circuits and equipment
guarded against accidental contact?

102. Are disconnecting switches & circuit breakers labeled?

104. Are holes and openings in electrical boxes covered or

plugged?

106. Are abandoned circuits removed or treated as live?

108. Are all electrical receptacles of grounded type? (no two

pole to three pole adapters)

110. Are all plugs insulated or dead front type?

112. Extension cords are not to be used as a substitute for

fixed wiring. (Run through holes, doorways, windows,
nailed or attached to building, or concealed behind
walls)?

114. Extension cords are not to be spliced unless insulated

the same as the original?

116. Are extension cords in good condition?

118. Is electrical equipment protected from physical damage?

120. Is electrical equipment approved for all locations (incl.

wet/damp locations)?

Page 34
Hazard Identification And Risk Assessment

122. Do portable hand lamps have molded handle and

substantial guard?

124. Do cords, etc., create a tripping hazard?

126. Do portable electric heaters shut off when tilted or

turned over?

FLAMMABLE LIQUIDS STORAGE

Flammable Liquid Containers:

127. Distinctive colors or labeled?

128. Approved type only? (safety can or orig. container).

129. Bonded during filling? (metal containers)

130. Closed when not in use?

Fire Extinguishers:

131. No smoking or open flame within storage area?

132. Are self closing valves or top mounted pumps on

containers of Class I or II liquids? Use of air pressure is
prohibited.

133. Are liquid handling areas separated from other

operations, spill control, & ventilation provided?

LADDERS
Portable:

134. Condition - no cracks, breaks, loose rungs?

135. Metal ladders not used around electrical equipment?

136. Wooden ladders not painted?

137. Equipped with non slip safety feet?

138. Extend three feet above upper landing?

139. No grease/oil on rungs & steps?

Page 35
Hazard Identification And Risk Assessment

140. Not used unsafely?

141. Approved stickers affixed?

Fixed:

142. Good condition?

143. Securely attached?

144. 16 inch between rails?

145. Has cage or climbing device if over 20' high or landing

at 20' intervals?

SAWS/GRINDERS/POWDER ACCUATED TOOLS

146. Skill saw - lower guard works auto, no wedge?

147. Table saw - guard installed, anti-kickback?

148. Radial arm - upper half & arbor end of blade covered?
Cannot pull out past end of table, automatic return to rear
of table, anti-kickback when ripping?

149. Band saw - upper and lower wheels covered, unused

portion of blade guarded?

Grinders:

150. RPM rating of grinder motor does not exceed RPM

rating of abrasive wheel?

151. Portable right angle; maximum wheel exposure 180

degrees, guard between wheel and operator?

152. Stationary grinders securely mounted?

153. Buffers & wire wheels; acorn nut on spindle?

Powder Actuated Tools:

154. Operator trained and has valid card?

155. Tools stored in locked box when not in use?

Page 36
Hazard Identification And Risk Assessment

EQUIPMENT & TOOLS

156. Grounded or double insulated?

157. Good condition, operable switch?

158. Secured against movement?

HAND TOOLS
159. Maintained in good condition, handle tight (not
mushroomed) and sharp?

160. Proper tool used for job?

HOIST & LIFTS

Overhead Hoists:

161. Regularly inspected, annually certified if capacity over 3

tons. (document available on site)?

162. Operators trained?

163. Rated capacity plainly marked?

164. Operating controls labeled?

165. Equipped with safety latch hook?

166. Load slings & chains label with capacity?

Cables (Hoisting):

167. Cable clamps applied properly: at least 3 clamps spaced

6 rope diameters apart, with the saddle on the load side?
Larger cables require more clamps.

Automotive Lifts:

168. Controls nearby, automatically return to off?

169. Floor surface under lift clear of oil/grease?

170. Chassis & axle support designed for lift, no makeshift

devices?

Jacks:

Page 37
Hazard Identification And Risk Assessment

171. Rated load permanently marked?

172. No one allowed under load unless also blocked or

cribbed?

AIR COMPRESSORS
173. Are drive belts fully enclosed?

174. No PVC pipe for air lines?

175. Do safety air nozzles generate <10PSI?

176. Are air hose connection secure?

FORKLIFTS
177. Are operators trained?

178. Are operating rules posted?

179. Equipment maintained in safe condition, brakes, parking

brake, horn, seatbelts?

180. Capacity visible to operator?

181. Equipped with overhead guard?

SPECIAL OPERATIONS & LOCATIONS

182. Battery charging area - designated area, smoking
prohibited, eyewash and quick drench shower available?

Compressed Gas Cylinders:

183. Stored with protective cap installed?

184. Secured against tipping or falling?

185. Labeled as to contents?

186. Stored >20 feet from highly combustible material?

Page 38
Hazard Identification And Risk Assessment

187. Cylinder valves closed when not in use and before

moving?

188. Cylinders in use secured in racks or carts?

189. LP gas tanks inspected?

Gas Welding & Cutting:

190. Regulators & hose well maintained, no oil or grease?

191. Fuel gas cylinder stored & used with valve up?

192. Anti-flashback devices on fuel & oxygen hoses?

193. Friction lighter or torches, no matches?

194. Work in fire safe areas, separate if possible?

195. Ventilation provided, local exhaust required for brazing

or silver soldering?

196. Cutters or welders and supervisors suitably trained?

Arc Welding & Cutting:

197. Work in shielded booth or with welding screens?

198. Other workers in area shielded or wear goggles?

199. Leads in good condition, well insulated?

200. Electrodes removed when not in use?

201. Machine off, when moved or not in use?

202. Ventilation provided, local exhaust required for MIG or

wire-feed welding on stainless steel?

Tire Repair & Inflation:

203. Clip-on chuck with 24" hose, in line valve or gauge?

204. Employees thoroughly trained?

Page 39
Hazard Identification And Risk Assessment

205. Restraining device available?

206. A current split & multi-piece rim or wheel, matching

chart, a typical rim contours and marking location chart,
and a current Rim Manual or equivalent available?

Lock Out Program:

207. Employees trained in procedure?

208. Warning tags and locks provided and available?

CONFINED SPACES
209. Employees trained in policy and specific hazards of
location & use of instruments?

210. Instruments recently calibrated?

211. Appropriate signs and labels identifying type of confined

space?

212. Rescue and communication equipment available?

213. Entry permit file, record keeping?

HARZARDOUS MATERIAL
214. Employees fully trained on material they use?

215. All hazardous material containers labeled with contents

where substance has been transferred from original
container for temporary use. Labeled if not used
immediately or by end of work shift?

216. Container in good condition?

217. Appropriate protective equipment available?

218. Inventory list and MSDSs on hand?

219. Employees have asbestos awareness training?

220. Employees have lead awareness training certificate?

SERVICE STATIONS

Page 40
Hazard Identification And Risk Assessment

221. "NO SMOKING" signs posted in fueling areas, motors

stopped?

222. Spills cleaned up promptly?

223. Approved self-closing nozzle, approved hose?

224. Spilled liquid prevented from running into building?

Pumps:

225. Outside: At least 5 feet from any building opening?

226. Anchored, protected from physical damage?

227. Emergency power shutoff; clearly identified, easily

accessible, remote location?

CONTROL OF HARMFUL SUBSTANCES BY VENTILATION

228. Is the volume of air in each exhaust system sufficient to
gather the dusts, fumes, mists, vapors or gases to be
controlled, and to convey them to a suitable point of
disposal?

229. Are ventilation hoods tested annually to ensure proper air

flow?

230. Are HVAC systems inspected annually by a qualified

person?

231. Is a log kept of inspections and maintenance?

232. Are exhaust inlets, ducts and plenums designed,

constructed, and supported to prevent collapse or failure
of any part of the system?

233. Are clean-out ports or doors provided at intervals not to

exceed 12 feet in all horizontal runs of exhaust ducts?

234. Is adequate makeup air provided to areas where exhaust

systems are operating?

235. Is the intake for makeup air located so that only clean,
fresh air, which is free of contaminates, will enter the

Page 41
Hazard Identification And Risk Assessment

work environment?

Signature of Surveyor:_________________________________________

2.4. Hazard and Operability Studies (HAZOP)

Hazard and Operability (HAZOP) Studies is simply the best hazard
identification tool which is a team workshop-based analysis to identify
potential safety and environmental hazards and major operability problems.
HAZOP is one of the techniques mentioned explicitly in some regulations
and is highly accepted in the chemical and petroleum industries.
HAZOP is a well-documented methodology used in analysis, design
and operations to provide a rigorous design integrity assurance process for
safe operation. It is simply applicable to both major projects and existing
operations. HAZOP is a key hazard identification technique because of its
systematic approach14.

Following terms are important for HAZOP analysis to carry out without any
issues.
Cause: Event, situation, or condition that results, or could result, directly or
indirectly in an incident.

Consequence: Direct, undesirable result of an incident sequence usually

involving a fire, explosion, or release of toxic material. Consequence
descriptions may be qualitative or quantitative estimates of the effects of an
accident in terms of factors such as health impacts, economic loss,
environmental damage, operational impact, and company reputation.

Design intent: How a process or system is supposed to function.

Deviation: Departure from the design intent. A deviation is created by

combining a guideword with a parameter.

Guideword: Words such as “high”, “low”, and “no” that are applied to
parameters to create a potential deviation from the design intent.

Page 42
Hazard Identification And Risk Assessment

Hazard: Chemical or physical condition or practice with the potential to

cause harm to people, the environment, property, or reputation.

Node: A clearly defined section of the facility in which the deviations from
the process design intent are evaluated.
The HAZOP technique is a structured and systematic examination of a
product, process, or procedure—or an existing or planned system15.

The steps of HAZOP analysis are given in Figure 24.

Figure 24. HAZOP process

There are some important guide words use in the HAZOP analysis as that is
a qualitative analysis for hazard identification. Some of them are given in
Table 5 with relevant examples.

Table 5. HAZOP analysis guide words16

Page 43
Hazard Identification And Risk Assessment

Guide Word Meaning Example of Deviation

NO Absence of the variable to
which it applies
LESS Quantitative reduction
MORE Quantitative increase
OTHER Partial or total replacement
INVERSE Opposite function to design
intention
PART OF Qualitative decline. Only part of
what should happen occurs
IN ADDITION Qualitative increase. More is
produced than intended
No flow in line
Less flow
Higher temperature
Other substances were added
Return flow
Part of volume required by
recipe was added
In addition of the amount of
water of the process was added

The main objective of the HAZOP is to detect any predictable deviations

(undesirable events) in a process or system.

HAZOP criticality number is introduced to analyze the priority of each event

and to quantify the relative importance of each failure effect based on the
probability of occurrences, conditional probability that severest
consequences will occur and the severity of the severest consequences.
Based on the rank, necessary actions can be taken to mitigate the
consequences.

Cr = P × B × S

Cr = Criticality Number
P = Probability of occurrences in a year
B = Conditional probability that the severest consequences will occur
S = Severity of the severest consequences

Factors : Probability (P)

Uncertainty of future events.
 very rare - less than once in 100 years
 rare - between once in 10 y. and once in 100 y.
 likely - between once a year and once in 10 years
 frequent - more frequent than once a year
Factors : Conditional probability (B)
 very low - less than once every 1000 occurrences of the cause
 low - less than once every 100 occurrences of the cause
 significant - less than once every 10 occurrences of the cause

Page 44
Hazard Identification And Risk Assessment

 high - more than once every 10 occurrences of the cause

Factors : Severity (S)

 low - no or minor economical loss/small, transient environmental
damage
 significant - considerable economic losses/considerable transient
environmental damage/slight non-permanent injury
 high - major economic loss/considerable release of hazardous
material/serious temporary injury
 very high - major release of hazardous material/permanent injury or
fatality

Decision Making Step

Decision can be taken to prioritize the event based on the "Cr" number.
However, upper and lower limits have to be determined by a decision-maker.
The marginal values with the description of the decision are given in Table 6.

Table 6. Decision Making Criteria

Criticality Judgment Meaning

Cr < X Acceptable No action required
X < Cr < Y Consider Modification Should be mitigated
within a reasonable
time period
Cr > Y Not Acceptable Should be mitigated as
soon as possible

The selection procedure of the HAZOP is given in Table 7.

Table 7. Common steps in a HAZOP

Step Step in a HAZOP
Number
1 Select a node, define its purpose and determine the process
safe limits.
2 Select a process guideword.
3 Identify the hazards and their causes using the deviation
guidewords.
4 Determine how the hazard is announced. (How the operator
knows a safe limit of the parameter has been exceeded.

Page 45
Hazard Identification And Risk Assessment

5 Estimate the consequences of each hazard.

6 Identify the safeguards.
7 Estimate the frequency if occurrence of the hazard.
8 Risk rank the hazard, with and without safeguards.
9 Develop findings and potential recommendations.
10 Move on to the next process guideword, or to the next node if
the guideword discussion is complete.

One of the practical example of the HAZOP analysis is discussed below.

That has been developed for the industrial reactor (Figure 25).

Figure 25. Example of a node selection

Step 1: Node Selection

Figure 25 shows how a Standard Example can be divided into three nodes.
Each node has been circled with a cloud line.

 Node 1 (blue line) is the Tank, T-100, with its associated equipment
and instrumentation -(the process change is level in the tank).
 Node 2 (red line) incorporates two pumps, P-101 A/B, and the flow
control valve, FCV-101 (the process changes are flow rate and liquid
pressure).

Page 46
Hazard Identification And Risk Assessment

 Node 3 (green line) includes the pressure vessel, V-101, with its
associated relief valve, and other instrumentation (the process changes are
pressure, chemical composition and level).

Node Purpose Descriptions

Purpose of the node is described in the Table 8.
Table 8. Purpose of the nodes
Node Name Purpose
Number

Tank, T-100, and T-100 contains a working inventory of liquid RM-12

associated which is supplied by tank (rail) cars from outside
1
instrumentation suppliers. The node does not include the tank loading
systems.

Pumps, P-101 P-101 A/B transfer liquid RM-12 from Tank, T-100, to
A/B, including Vessel, V-100. Flow is controlled by FRC-101, whose set
2 flow control point is provided by LRC-100 (Node 1). One pump is
valve, FCV - 101. operating; the other is on stand -by. A is steam driven; B is
electrically driven. B is usually on standby.

Pressure Vessel, Liquid RM-12 flows into this vessel from various sources.
V-101, including V-101 provides surge capacity, thus smoothing out
3
relief valve, PSV- fluctuations in flow. A vent line removes residual
101. quantities of inert gas.

Step 2. Process Guideword / Safe Limits

A HAZOP looks at deviations from design or safe process conditions, so the
first decision is to select the proper process parameters for the facility under
discussion. Generally, the following parameters will be used:

 Flow Rate;
 Flow Quantity (for batch operations);

Page 47
Hazard Identification And Risk Assessment

 Pressure;
 Temperature;
 Level (when vessels and tanks are a part of the node);
 Composition; and
 Phase.
It will often be found that two parameters are related to one another. For
example, the deviation of ‘high temperature’ can create ‘high pressure’.
Which of these parameters the team chooses to focus on is not usually all
that important.

Step 3. Identification of Hazards and their Causes

Once the nodes have been defined, and the safe operating limits identified,
the hazards are determined. A hazard is a deviation outside the safe operating
limit that is identified through the use of deviation guidewords. The most
commonly used deviation guidewords are:

 High (More / Too Much);

 Low (Less / Too Little / Not Enough);
 No;
 Reverse;
 Misdirected; and
 Wrong (Other Than).
The hazard and causes of the hazards are given in Table 9 with the deviation
value.

Table 9. Hazard and Causes

Node Process Deviation Causes
Variable
1. High flow into T-100.
High 2. Failure of the T-100 level control system.
Level 3. P-101A and B both stop.
1
1. Low flow into T-100.
Low
2. Failure of the T-100 level control system.
… … …
2 Flow 1. Failure of level control system in T-100.
High
2. Pump over speed.
Low/No 1. Failure of level control system in T-100.

Page 48
Hazard Identification And Risk Assessment

2. Pump mechanical problems.

Reverse 1. Pump failure (with check valve failure).

Some hazards can have more than one cause. For example, High Level in T-
100 is shown in Table 9 to have three potential causes:

1. High flow into the tank;

2. Failure of the level control system of the tank; and
3. Pumps P-101 A/B stop.

Step 4. ‘Announcement’ of the Hazard

The team should ask how each deviation outside the safe limits ‘announces’
itself. Usually high and low alarms are built into the instrumentation
associated with critical variables. These alarms tell the operator that an
unsafe condition has occurred, or is developing. In the standard example a
high-level alarm incorporated into LRC-100 would warn the operator of high
level in T-100.

If the team finds that there is no obvious way for an operator to know that a
safe limit has been exceeded, then the hazards analysis will probably
recommend the installation of additional instrumentation to provide warnings
and alarms.

Step 5. Consequences
Having identified the hazards, the team should then determine the
consequences of those hazards, with and without safeguards in place.
Consequences can be safety, environmental or economic. Table 10 illustrates
some consequences for the standard example using the hazards listed in
Table 9.
Table 10. Consequences of the Hazards
Node Process Value Consequences
Variable
1 Level 1. Overflow could cause injury to operator
in area.
High 2. Overflow would be contained by
secondary containment system-no
environmental hazard identified.
Low 1. Possible damage to Pump, P-101,

Page 49
Hazard Identification And Risk Assessment

impeller, leading to vibration and leak and

personal injury.
… … …
High 1. None identified.
Low/No 1. High level in T-100 and/or low level in
2 Flow
V-101.
Reverse 1. Overflow of T-100.
It can be seen from Table 10 that the term ‘None identified’ is entered into
the notes when the team was unable to think of a significant consequence
associated with that hazard. Use of this term assures readers of the final
report that the team did discuss potential consequences, but were unable to
come up with issues of significance; they did not simply forget to examine
this scenario.

Step 6. Identification of Safeguards

Some teams choose to list the safeguard-type assumptions that are made
during the analysis. The example of such a list is mentioned below;

Hazard Analysis Assumptions

1.The facility has been designed and engineered properly based on legal
requirements, design/engineering codes, industry standards and good
engineering practices.
2.The process will not be operated above design rates.
3.All equipments will be well maintained.
4.Appropriate instrument and control system test procedures will be
followed.
5.Alarm and shutdown set points will not be set out of range or disconnected
to avoid nuisance trips or other problems.
6.Control valve bypasses will not be used unless the control valve is blocked
out.
7.Rupture disks will be monitored.
8.If a double relief valve system is used, at least one will always be in
service when the facility is operating.
9.Relief device bypasses, vents and drains not normally opened during
operation will remain closed.
10.Pressure safety relief valves will not open except on demand.
11.Inadvertent opening or closing of locked/car sealed valves or blinds
during maintenance is not addressed.

Page 50
Hazard Identification And Risk Assessment

Step 7. Predicted Frequency of Occurrence of the Hazard

Estimated frequency values for each hazard are generally stated in terms of
events per year, or yr-1. Sometimes they are in units of events permission or
events per batch operation.
Step 8. Risk Rank
Once the hazards have been identified, and their causes, consequences and
frequencies discussed, the team should risk rank each identified hazard
scenario. If a risk matrix is used the estimated risk values for the two
scenarios are ‘B’ and ‘C’ respectively.

Formal risk ranking can help reduce the number of findings. Hazards
analysis teams have a tendency to be conservative and to generate a
recommendation for every identified hazard without a great deal of scrutiny.
Formalizing the risk helps cut out those recommendations that are really not
justifiable.

Step 9. Findings
Those hazards that have a risk level above the facility’s acceptable risk level
generate a finding which will then become a recommendation.

Step 10. Next Process Guideword / Node

Having completed the discussion to do with a process guideword, the team
moves on to the next guideword, or to the next node if all of the guidewords
have been discussed until the HAZOP is concluded.

Page 51
Hazard Identification And Risk Assessment

2.5. Task Analysis (TA) / Job Hazard Analysis

(JHA)
A Task Analysis (TA) or job hazard analysis (JHA) is a technique that
focuses on job tasks as a way to identify hazards before they occur. It will
help to identify the relationship between the worker, the task, the equipments
and tools and the environment. Once it is identified uncontrolled hazards, it
can take necessary actions to eliminate or reduce them.

A JHA can be conducted on many jobs in the workplace including;

 Jobs with the highest injury or illness rate
 Jobs with the potential to cause severe or disabling injuries or illness
 Jobs in which one simple error could lead to a severe accident or
injury
 Jobs that are new to your operation or have undergone changes in
processes and operations
 Jobs which are complex and should maintain a written instructions.
Following steps should follow to manage the JHA in a standard way.
1. Involve your employees:
It is very important to involve your employees in the job hazard analysis
process. They are the one having best understanding about the job role and
this knowledge is not directly countable for finding hazards. However,
involving employees will help minimize oversights, ensure quality analysis
to implement the safety and health programme.

2. Review your accident history:

It has to be discussed with the employees the accident history and
occupational illness that need to be eliminate or take necessary actions to
prevent it. Even near misses should account for the discussion to avoid future
possible accidents. These events are the indicators that the existing hazard
controls may not be adequate.

3. Conduct a preliminary job review:

Page 52
Hazard Identification And Risk Assessment

Discuss with your employees about the hazards they know exist in their
current work and surroundings. If any hazards exist that pose an immediate
danger to an employee's health, take action to protect the worker. Anything
to be corrected should be taken immediate action to correct it.
4. List, rank, and set priorities for hazardous jobs:
List jobs with hazards that present unacceptable risks, based on those most
likely to occur and with the most severe consequences. These jobs consider
as the first priority to be analyze.

5. Outline the steps or tasks:

Every job can be broken down into job steps or tasks. When beginning a job
hazard analysis, watch the employee perform the job and list each step as the
worker takes it. Enough information should be recorded to describe each job
action. It can use video recordings, photographs of operations to evaluate and
conduct a hazard analysis. Finally, the recommendations have to be
discussed with all the employees who perform the job and consider their
responses carefully. If you propose a new way of doing their job, be sure that
they understand it clearly.
Task Analysis is an excellent planning tool that ensures all risks and
controls are identified - and helps improve productivity by providing the
right people, plants, and processes are ready when you need them.

TA are required for:

 Particular risks specified by legislation
 Any new or complex task
 When required by contract
 Permit to Work Systems
 Work requiring Certificate of Competence
 If your risk assessment results in CRITICAL or HIGH level or risk
 Notifiable construction work

If you do need to complete a TA, simply follow the step-by-step guide

below.

1. The job details

2. The people
3. Step-by-step

Page 53
Hazard Identification And Risk Assessment

4. Identify hazards and assess risk

5. Control risks
6. Reassess risks
7. Keep it up

2.6. Index
Several indexes are available for hazard identification, such as Dow Fire and
Explosion Index (F & EI), Mond Index, Chemical Exposure Index, Failure
Mode and Effects Analysis (FMEA).

2.6.1. Dow Fire and Explosion Index (F & EI)

The Dow F & EI is a ranking system that gives a relative index to the risk of
individual process units due to potential fires and explosions. It serves as a
guide for the selection of fire and explosion protection methods. It is a guide
for insurance agencies to set insurance rates. It ranks individual process units
where special safety attention can be focused.

F & EI consider multiple factors for its analysis process;

1. Six general process hazards.

2. Twelve special process hazards.

3. Nine process control credit factors.

4. Four material isolation credit factors.

5. Nine fire protection credit factors.

General process hazards

 Exothermic reactions.

 Endothermic processes.

 Material handling and transfer.

 Enclosed or indoor process units.

 Access.

Page 54
Hazard Identification And Risk Assessment

 Drainage and spill control

Special process hazards

 Toxic materials.

 Sub-atmospheric pressure

 Operating in or near flammable range.

 Dust explosion.

 Pressure.

 Low temperature.

 Quantity of flammable/unstable material.

- Liquids or gases in process.

-Liquids or gases in storage.

-Combustible solids in storage

 Corrosion and erosion.

 Leakage – joints and packing.

 Use of fired equipment.

 Hot oil heat exchanger system.

 Rotating equipment.

Process control credit factors

 Emergency power.

 Cooling.

 Explosion control.

 Emergency shutdown.

 Computer control.

Page 55
Hazard Identification And Risk Assessment

 Inert gas.

 Operating instruction procedures.

 Reactive chemical review.

 Process hazard analysis.

Material isolation credit factors

 Remote control valves.

 Dump or blow down control.

 Drainage.

 Interlocks.

Fire protection credit factors.

 Leak detection.

 Structural steel .

 Fire water supply.

 Special systems.

 Sprinkler systems.

 Water curtains.

 Foam.

 Hand extinguishers.

 Cable protection.

Fire and Explosion Index can be calculated by the following Equation 1;

F & EI = MF × GPH × SPH (1)

MF = Material Factor

GPH = General Process Hazard

Page 56
Hazard Identification And Risk Assessment

SPH = Special Process Hazard

There are different MF s for chemical substances. Those factors are pre-
defined with the Material Safety Data Sheet (MSDS).

As an example, MF of few chemical substances are given in Table 11.

Table 11. MF value for chemical substances

Component MF Value
Acetaldehyde 24
Acetone 16
Ammonia 4
Chlorine 1
Sulphur 4
GPH and SPH values are calculating based on the following definition given
in Table 12.

Table 12. General process hazards (GPHs) and special process hazards (SPHs)

The process unit hazards factor (PHF) is the product of GPH and SPH and its
value has a normal range of 1 to 8. The larger the value of F&EI, the more

Page 57
Hazard Identification And Risk Assessment

hazardous is the process. This calculation is relevant for estimating the

damage that would probably result from an incident in a process plant.

The values of the GPH and SPH are given in the literature which is
developed for Dow F & EI calculation17.

Finally, according to the F& EI value, the severity of the explosion is

calculated. Definition of the values are given in Table 13.

Table 13. Dow Fire & Explosion Index

F & EI Hazard
1-60 Light
61-96 Moderate
97-127 Intermediate
128-158 Heavy
>158 Severe
F & EI > 128 Further risk review

2.6.2. Mond Index

This has been developed as an extension of the DOW F & EI to cover a
broader range of processes, properties, and toxicity aspects. It is a Rapid
hazard assessment method for use on chemical plants or in plant design. It is
a numerical ranking for each section of the plant based upon properties of
materials present, quantity, operating conditions and types of process. Uses
of the index include assessing operational plants and the initial examination
of the new design (an aid to inherently safe procedure). If used early in the
design phase, it can help identify features requiring more detailed study by
techniques such as HAZOP. Assessment best carried out by a team
consisting of personnel familiar with the plant and process and experience in
using the index.

2.6.3. Chemical Exposure Index (CEI)

CEI will determine the rank of the hazard compared to one another. An index
developed by Dow Chemical's defines the risk of material releases based on
toxicity, volatility, molecular weight, various process parameters and
distance to the area of concern.

Addresses five types of factors that can influence the effects of release of the
material:

Page 58
Hazard Identification And Risk Assessment

 Acute toxicity
 Volatile portion of material which could be released
 Distance to areas of concern
 Molecular weight of the substance
 Various process parameters such as temperature, pressure, reactivity
and so forth

2.6.4. Material Hazard Index

An index based on material vapor pressure and a level of concern related to
toxicity, flammability, explosivity etc., is used to determine threshold
quantities of materials above which a risk management program is required.

2.6.5. Failure Mode and Effects Analysis (FMEA)

 Failure Mode and Effects Analysis (FMEA) is a structured approach
to discovering potential failures that may exist within the design of a
product or process. Failure modes are the ways in which a process
can fail.
 Risk Priority Number (RPN) When performing a Process or
Design FMEA, the Risk Priority Number (RPN) is a calculation to
sort the risks from highest to lowest. The RPN is calculated by
multiplying the three scoring columns: Severity, Occurrence and
Detection.
 The purpose of the FMEA is to take actions to eliminate or reduce
failures, starting with the highest-priority ones. Failure modes and
effects analysis also documents current knowledge and actions about
the risks of failures, for use in continuous improvement. FMEA is
used during design to prevent failures.

As an example, let's consider about few RPN value calculations for given
process (Table 14).

Table 14. Failure Modes Effects Analysis-Calculation of RPN

Failure Severity (1- Probability of Probability of RPN
Mode lowerst, 10- Occurrence (1- Detection (1-
highest) lowerst, 10- lowerst, 10-highest)
highest)
A 5 7 4 140

Page 59
Hazard Identification And Risk Assessment

B 6 3 5 90
C 4 5 2 40
Since A has highest priority as it has highest RPN value

The following are components of typical FMEA:

 Determine the failure modes of the selected equipment item;
 Determine the effects of each failure;
 Determine the criticality of that failure;
 Identify the indications that the failure has occurred;
 Estimate the rates for that failure mode; and
 Identify the failure compensation mechanism.

However, the causes of equipment failure are not the example for failure
modes. For example, fouling of the heat exchanger tubes is not a failure, but
it leads to the failure mode of insufficient cooling.
However, the FMEA method does not count the following issues for hazard
identification analysis.
 The reason for the occurrence of a particular failure mode;
 Time dependency and dynamic conditions;
 Human errors; and
 A sequence of events.

Page 60
Hazard Identification And Risk Assessment

2.7. Hazard Analysis

Hazard analysis is an important part of the risk analysis process. After
identifying the hazards, analysis of those is highly crucial to evaluate the risk
associated with that. There are several techniques available for that, such as;
Process Hazard Analysis (PHA), Interface Hazard Analysis (IHA), Layers of
Protection Analysis (LOPA), Safety Integrity Level (SIL), Fault Tree
Analysis (FTA), Event Tree Analysis (ETA), Bowties, Barrier Diagram,
Reliability data, Human reliability, Consequence models.

2.7.1.Process Hazard Analysis (PHA)

Process Hazard Analysis (PHA) is a structured team review of an operation
involving hazardous material to;
 Identify previously unrecognized hazards,
 Identify the opportunities to make the operation safer;
 Identify lost event scenarios;
 Evaluate the scenario risks to identify where existing safeguards may
not be adequate, and
 findings and recommendations.

A PHA analyzes potential causes and consequences of:

Fires

Explosions

Releases of toxic or flammable chemicals

Major spills of hazardous chemicals

A PHA focuses specifically on:

Equipment

Instrumentation

Page 61
Hazard Identification And Risk Assessment

Utilities

Human actions

External factors that might affect the process

The Occupational Safety and Health Administration (OSHA) requires PHAs

to be updated and revalidated every five years. After you’ve determined your
methodology, you should ensure your PHA addresses the following seven
items outlined by OSHA:

1. The hazards of the process

2. The identification of any previous incident that had a likely
potential for catastrophic consequences in the workplace
3. Engineering/administrative controls related to hazards, such
as the application of detection methods for early warning of
chemical releases (Acceptable detection methods might
include process monitoring and control instrumentation with
alarms, and detection hardware such as hydrocarbon sensors)
4. Consequences of failure of engineering and administrative
controls
5. Facility sitting (the location of various components within the
facility)
6. Human factors
7. A qualitative evaluation covering the range of possible safety
and health effects on employees stemming from control
failures in the workplace

2.7.2. Interface Hazard Analysis (IHA)

The Interface hazard analysis (IHA) aims to identify hazards derived from
the interaction between subsystems. In this case, the interface hazard can be
defined as a hazard in which one subsystem affects negatively another
subsystem by transferring a failure or partial performance over a defined
interface or including through another subsystem. This dependency can fail
one subsystem causing a critical fault in another. Nevertheless, the types of
failures which can be transferred are limited by the interfaces between
systems.

Page 62
Hazard Identification And Risk Assessment

As an example, assume that the offshore oil platform is connected to the

onshore refinery process. Because of the sudden pressure changes in the oil
well, the operator shut down the offshore oil platform. However, he did not
evaluate the interaction between offshore and onshore. Once the offshore
operations are shut down, the onshore process is stuck due to the stop of the
oil flowing to the operation. Thereby, the distillation column started to dry,
and trays are started to collapse due to higher heating conditions. Everything
happened because the management and the operators are had not conducted
an interface hazard analysis; they did not understand the interaction between
the different operating units.

An IHA can usually be structured in to three major areas;

 Process fluids
 Instrument signals, and
 People interfaces.

As an example, let's consider a system consisting of four major units. Figure

26 represent the system with four operating units, each of them connected to
each other. However, block 2 and block 4 will not connect each other to clear
it well. Each connection is using two-way arrows to indicate that the
connectivity problems can flow in either direction.

For a system with N block, total number of connections can be calculated

with,
Total Connections = 2 × 3 × (N-1)! (2)

Here in the equation (2), representing two-way connections; 3 representing

above three major areas; while N is number of connections.

Interconnectivity of the above example is given in Figure 26.

Page 63
Hazard Identification And Risk Assessment

Figure 26. Interconnectivity

Therefore, in Figure 26, 36 total potential interfaces have to be considered
for the IHA. However, interface hazard analysis can apply the "What if"
hazard identification process to get maximum outcome.

2.7.3. Layers of Protection Analysis (LOPA)

Layers of Protection Analysis (LOPA) is a quantitative analysis method used
to evaluate high-consequence scenarios determining if the combination of
the probability of occurrence and severity of consequences meets a
company’s risk tolerance predefined by the administrative panel. LOPA
addresses the key questions which is directly linking to the company safety
protocol; “how safe is safe enough?”; “how many independent protection
layers are needed to keep the operation in a safe way?”; and “how much risk
reduction should each layer provide to the system?”

It has been explained in graphical representation as Figure 2718 .

Page 64
Hazard Identification And Risk Assessment

Figure 27. Layers of protecting analysis

LOPA is a semi-quantitative screening tool that provides a consistent,

objective, and defensible approach to maintaining safety. A LOPA can be
visualized graphically with the pattern of a series of slices of Swiss cheese,
whereby each piece is a layer of protection with a varying number and size
of holes representing flaws. A high-consequence scenario occurs in the
process only if at least one of the holes in each slice "line-up", allowing
propagation of multiple failures. It is important to know or estimate the
probability of failure on demand for components of a process control system,
such as safety instrumented systems and other components such as relief
valves and rupture disks. LOPA is using the order of magnitude estimates for
the process of determination of the likelihood. LOPA is applying to
determine the safety integrity level of the company. A LOPA is conducted to
ensure that process risks are successfully mitigated to an acceptable level.
The LOPA is commonly applied on systems already in place and the
safeguards already installed. The scope of the study is to find the weakness
of the system and evaluate the risk. LOPA doesn't suggest which additional
precautions are required.

The basic steps for the LOPA risk assessment typically are:

1. Identify the consequence

2. Define the Risk Tolerance Criteria

Page 65
Hazard Identification And Risk Assessment

3. Define the relevant accident scenario

4. Determine the initiating event frequency
5. Identify the conditions, conditional modifiers (if applicable) and
estimate the PFD
6. Estimate the intermediate frequency of unmitigated consequence
7. Identify the IPLs and estimate the probability of failure on demand
for each IPL
8. Determine the Frequency of Mitigated Consequence
9. Evaluate the need for additional IPL

1. Identify the consequence:

In the LOPA study, the consequence is defined as an “undesirable potential
consequence of an accident scenario”. Consequently, the operator should
consider not only the direct or indirect effects on the Employee,
Environment, or material targets. Moreover, the loss of business, time or
company reliability must be analyzed to get a clear view of the
consequences. As the FMEA or the Fault Tree Analysis (FTA), the LOPA
study is focused on a particular event, or better, scenario.

2. Determinate the Risk Tolerance Criteria (RTC):

The data gathered from the different scenarios should be used to identify the
tolerance risk threshold. To evaluate the various risk level of each scenario,
an excellent Risk tolerance Criteria must be identified. The Risk Tolerance
Criteria provides a reference point to judge the status of each relevant
accident scenario.
The risk tolerance criteria could be determined by;

1. Risk Matrix (Frequency vs Severity).

2. Maximum allowable Risk.
3. Minimum number of IPLs for each specific scenario.
4. Maximum cumulative risk for a single node or area.

Page 66
Hazard Identification And Risk Assessment

Before implementing LOPA, companies should define the risk tolerance

criteria to achieve consistent results. There is a tendency to keep adding
safeguards for each new idea for protection, under the false assumption that
safety is continually being improved without risk tolerance criteria.

3. Define the relevant accident scenario

A scenario is an incident, or better, an unplanned event/cause or sequence
that triggers events resulting in an undesirable consequence. Each Scenario is
composed by at least two elements:
–An Initiating Event that starts the main chain of events.
–A Consequence that results if the chain of events continues without
interruption (without any successfully working safeguard).

The most common categories of Initiating Events are:

Plant Event:

– General Equipment Failure

– General Control Failure

– Mechanical Failure

– Corrosion

– Maintenance Failure

– Vibration Failure

Human Failures:

– General Human Error

– Inexperience Failure

– Procedure Failure

– Maintenance Failure

– Loading Failure

Page 67
Hazard Identification And Risk Assessment

Other Event:

– External Elements

– Earthquake

– Hurricane

– Flood or others natural Events

All the consequence must be evaluated in different scenarios, generating

multiple analysis in the case of single initiating event generates multiple
consequences.

4. Determine the initiating event frequency

The frequency or likelihood of the initiating event is required to start the
assessment once the study bases had been planted successfully. Multiple
sources could generate the initiating event. In the case of various sources, all
the frequencies of the events should be considered, combining with logic
functions such as FTA. The initial event frequency is the milestone of the
study for the consistency of the assessment gains. If the initial date is
reliable, then the study and the assessment evaluation will succeed.

The frequency of the initial event is typically expressed in events per year.
However, there are many other units available like Events per Hours worked
per year or Events per 5000 years, etc. There is no limitation about the
frequency unit adopted, but ensure that all the frequencies are based on the
same scale. For equipment, the initiating event frequency is calculated by
multiplying the Probability of Failure Demand (PFD) with the number of
equipment (pump, compressor, seal, instrument) or by the length of pipe
(assuming the two values are not interdependent).

5. Conditions, Conditional Modifiers:

It is necessary to evaluate every kind of condition during the scenario
analysis for able to mitigate or aggravate the situation like:
 Probability of Ignition
 Probability of Presence of People
 Probability of Escape

Page 68
Hazard Identification And Risk Assessment

 Probability of absence of Operator

 Other
Those factors modify the likelihood of the starting event or of the
consequence.
The levels of the LOPA analysis are given in the Figure 28.

Figure 28. Levels of LOPA analysis19

2.7.4. Safety Integrity Level (SIL)

Safety Integrity Level (SIL) are measures of the safety risk of a
given process. Safety Integrity Level is a way to indicate the tolerable failure
rate of a particular safety function. It is defined as four discrete levels
of safety (1-4). Each level represents an order of magnitude of risk
reduction. The higher the SIL level, the greater the impact of a failure
and the lower the failure rate that is acceptable.

2.7.5. Fault Tree Analysis (FTA)

Fault tree analysis (FTA) is a graphical tool to explore the causes of system-
level failures. It uses Boolean logic to combine a series of lower-level events.
It is a top-down approach to identify the component level failures (basic
event) that cause the system level failure (top event). Fault tree analysis

Page 69
Hazard Identification And Risk Assessment

consists of two elements, “events” and “logic gates”, which connect the
events to identify the cause of the top undesired event.

Some important points of FTA are;

 Fault trees are built using gates and events (blocks)
 Starting with a potential undesirable event
 Quantifying probability of top event occurrence
 Identify area required attention
 Identify the cause of failure

Fault tree analysis can be used to perform for all types of system level risk
assessment process. The purpose of FTA is to effectively identify cause(s) of
system failure and mitigate the risks before it occurs.

Advantages of Fault tree analysis

 Fault tree visually depict the analysis that will help team to work on
cause of event in logical way that leads to failure
 Highlights the critical components related to system failure
 Provides an efficient method to analyze the system
 Unlike other analysis methods, human errors are also including in the
analysis
 It helps to prioritize the action items to solve the problem
 Provides qualitative and quantitative analysis
Disadvantages of Fault tree analysis
 Too many gates and events to be consider for large system analysis
 The basic disadvantage is that it examines only one top event
 Common cause failures are not always obvious
 Difficult to capture time related and other delay factors
 Needs experienced individuals to understand the logical gates

Basic events of a Fault Tree

 Basic event - failure or error in a system component or element
(example: switch stuck in open position).
 External event - normally expected to occur (not of itself a fault).
 Undeveloped event - an event about which insufficient information is
available, or which is of no consequence.

Page 70
Hazard Identification And Risk Assessment

 Conditioning event - conditions that restrict or affect logic gates

(example: mode of operation in effect).
 An intermediate event- gate can be used immediately above a
primary event to provide more room to type the event description.

The symbols use to represent the different events are given in Figure 29.

Figure 29. Event symbols

Gates of a fault tree

OR gate - the output occurs if any input occurs.
AND gate - the output occurs only if all inputs occur (inputs are
independent).
Exclusive OR gate - the output occurs if exactly one input occurs.
Priority AND gate - the output occurs if the inputs occur in a specific
sequence specified by a conditioning event.
Inhibit gate - the output occurs if the input occurs under an enabling
condition specified by a conditioning event.
The graphical representation of gates are given in Figure 30.

Figure 30. Graphical representation of fault tree gates

Steps in a fault tree analysis is given in Figure 31.

Page 71
Hazard Identification And Risk Assessment

Figure 31. Steps in a fault tree analysis

Whether a single block or a top level fault for a system the basic process to
create a fault tree follows a basic pattern.

1. Define the system.

This includes the scope of the analysis including defining what is considered
a failure. This becomes important when a system may have an element fail or
a single function fails and the remainder of the system still operates.

2. Define top-level faults.

Whether for a system or single block define the starting point for the analysis
by detailing the failure of interest for the analysis.

3. Identify causes for top-level fault.

What events could cause the top level fault to occur? Use the logic gate
symbols to organize which causes can cause the failure alone (or), or require
multiple events to occur before the failure occurs (and).

4. Identify next level of events.

Page 72
Hazard Identification And Risk Assessment

Each event leading to the top level failure may also have precipitating
events.

5. Identify root causes. For each event above continue to identify

precipitating events or causes to identify the root or basic cause of the
sequence of events leading to failure.

6. Add probabilities to events.

When possible add the actual or relative probability of occurrence of each
event.

7. Analysis the fault tree.

Look for the most likely events that lead to failure, for single events the
initiate multiple paths to failure, or patterns related to stresses, use, or
operating conditions. Identify means to resolve or mitigate paths to failure.

8. Document the FTA.

Beyond the fault tree, graphics include salient notes from the discussion and
action items.

Some basic rules of FTA analysis is given in Figure 32.

Figure 32. Some rules of FTA analysis

Page 73
Hazard Identification And Risk Assessment

One of the FTA analysis examples is given in Figure 33. In this example, the
sprinkler operation procedure is given with the running pump and the
standby pump.

Figure 33. Sprinkler System

There is a standby pump together with the running pump. If the running
pump is failing to operate, then the standby pump will automatically start its
operation. Therefore, if the sprinkler system does not work, then both pumps
are failed to operate. The developed FTA analysis is given in Figure 34.

Page 74
Hazard Identification And Risk Assessment

Figure 34. FTA analysis graphical representation

2.7.6. Event Tree Analysis (ETA)

An event tree is a visual representation of all the events which can occur in a
system. The event tree displays the sequences of events involving the system
components' success and/or failure. As the number of events increases, the
picture flows out like the branches of a tree.

The steps of ETA analysis is consist with mainly basic seven steps.
 Step 1: Identification of the initiating event.
 Step 2: Identification of safety function.
 Step 3: Construction of the event tree.
 Step 4: Classification of outcomes.
 Step 5: Estimation of the conditional probability of each branch.
 Step 6: Quantification of outcomes.
 Step 7: Evaluation.

Page 75
Hazard Identification And Risk Assessment

When defining an accident event, we should answer the following questions:

 What type of event is it? (e.g., leak, fire)
 Where does the event take place? (e.g., in the control room)
 When does the event occur? (e.g., during normal operation, during
maintenance)

An accidental event may be caused by:

 System or equipment failure
 Human error
 Process upset

For each accidental event we should identify:

 The potential accident progression(s)
 System dependencies
 Conditional system responses

Same above example of sprinkler system will use to develop the ETA.

Figure 35. ETA

In the ETA, it is only considered about the specific event, such as initiating
of fire. If there is a fire, the sprinkler system success or failure will be the
two branches of the events. Based on that success or failure situation, the
remaining steps will develop.

Page 76
Hazard Identification And Risk Assessment

Moreover, ETA and FTA can be combined to develop a much

detailed representation.
Let's consider the same example with fire initiated and the sprinkler system
failure event. Then the combination of ETA and FTA can be represented in
Figure 36. ETA will analyze mainly the consequences of the events.

Figure 36. Combination of ETA and FTA

This event tree was constructed to analyze the possible outcomes of a system
fire. The system has two components designed to handle this event: a
sprinkler system and an automated call to the fire department. If the fire
department is not notified, the fire will be mostly contained by the sprinkler
system. If the sprinkler system fails as well, the system will be destroyed.

Positive
 Visualize event chains following an accidental event
 Visualize barriers and sequence of activation
 Good basis for evaluating the need for new / improved procedures
and safety functions

Page 77
Hazard Identification And Risk Assessment

Negative
 No standard for the graphical representation of the event tree
 Only one initiating event can be studied in each analysis
 Easy to overlook subtle system dependencies
 Not well suited for handling common cause failures in the
quantitative analyses
 The event tree does not show acts of omission

2.7.7. Bowtie Analysis

The Bowtie method is simply the best risk evaluation method that can be
used to analyze and demonstrate causal relationships in high-risk scenarios.
Bow tie analysis is a simple process that can identify where new or enhanced
controls may be worthwhile. It is a core part of risk treatment planning,
particularly where there is a severe risk or where control effectiveness is low.
A bow tie is a graphical representation of the path from the causes of
an event or risk to its consequences in a qualitative cause-consequence
relationship diagram. It is simply a combination of a fault tree that analyses
the cause of an event, the left-hand side of the diagram, and an event tree that
analyses the consequences, the right-hand side of the diagram. It is
represented as a bow tie (Figure 37), meaning that the knot of the bow tie is
of the point where the fault tree paths converge, and the event tree spans out.
Bow tie analysis focuses on the barriers or controls depicted to the
left-hand side of the knot that can change the likelihood of the event or
circumstance, or on those on the right-hand side that can change its
consequences. When assessing the completeness of controls, it is used to
check that each pathway from cause to event and event to consequence has
adequate controls and that factors that could cause controls to fail are
recognized.
The primary use of bow tie analysis is to identify control gaps where
additional controls may be warranted. Examining causes, consequences, and
the existing controls that address them helps identify gaps in the current
controls.

Page 78
Hazard Identification And Risk Assessment

Figure 37. Bow tie diagram20

Benefits of Bow Tie Analysis:

 Highly effective for initial Process Hazard Analysis

 Ensures identification of high probability-high consequence events
 Combined application of a high-level fault/event trees
 Representation of the causes of a hazardous scenario event, likely
outcomes, and the measures in place to prevent, mitigate, or control
hazards
 Existing safeguards (barriers) identified and evaluated
 Typical cause scenarios identified and depicted on the pre-event side
(left side) of the bow-tie diagram
 Credible consequences and scenario outcomes are depicted on the
post-event side (right side) of the diagram
 Associated barrier safeguards included

Bow tie analysis is of most use in the following situations:

 A simple diagram is required to communicate the range of causes and
consequences and the associated controls
 More detail about the causes and consequences of a risk is needed
than is contained in a risk register
 Where a graphical representation may be much clearer than text
 There are clear pathways from causes to the risk, and from the risk to
the consequences

Page 79
Hazard Identification And Risk Assessment

 The overall level of control effectiveness is believed to be low

 The focus is on identifying controls, control effectiveness and control
gaps and ensuring that each pathway has a control (a barrier)
 The situation is more complex than a single cause-event-consequence
pathway, but not so complex that a full fault tree analysis and event
tree analysis is warranted.

2.7.8. Human reliability

Human reliability assessment (HRA) is an important assessment tool that
involves using qualitative and quantitative methods to assess the human
contribution to risk. All major industrial plants heavily depend on human
beings' inputs for their safe and economical operation. Human input occurs
at many places, from designing, implementing, and construction to operation
and maintenance stages. Sometimes, the consequences of errors in these
activities can be potentially severe. However, the impact of the human being
is almost always of benefit to plant operators to optimize the safety standards
by simulating the faults and near misses.

Page 80
Hazard Identification And Risk Assessment

Chapter 3: Risk
Assessment
A risk assessment is the formal tool for systematically identifying:

• What can physically or psychologically injure or damage a person

(harm);

• The level of possible harm;

• What is currently being done to avoid the harm (the Control);

• Whether that control will be effective to avoid the harm;

• Whether or not additional controls need to be put in place to better

avoid the harm.

A Health and Safety Risk Assessment is a process where you identify, assess
and control hazards that may affect people at the place of work. The larger
and more intense the project, the task, or the space being assessed, the
greater the effort needed to complete the Risk Assessment.

Effective Risk Assessment in turn helps us to successfully undertake Risk

Management.

Risk has been traditionally described as a measure of the probability and

severity of adverse effects. It can even be defined as the variation in actual
outcome from the expected one, which implies uncertainty. The concept of
all definitions of risk provides that risk is a danger of unwanted and
unfortunate events. Risk is a combination of scenarios leading to hazard (S),
probability of occurrences (P) and consequences of the event (C).

Risk = (S,P,C)

The risk assessment procedure can best be illustrated in the following way
(Figure 38).

Page 81
Hazard Identification And Risk Assessment

Figure 38. Risk Assessment Procedure21

Once hazards identification is completed, the next step is to decide what to

do about the—risk assessment. Risk assessment generally uses a rating
system to quantify risk as well as the prioritization of the mitigation. Risk is
calculated by considering the probability of an event occurring in
combination with the severity of harm the event would cause to the
environment or living beings.

Page 82
Hazard Identification And Risk Assessment

Chapter 4:Risk Control

and Management
The operation of the risk management can be explained with the following
Figure 39.

Figure 39. Steps of the risk control

Figure 39 presents the four stages of risk assessment, which are establishing
the context, identifying the risk, estimating the risk, evaluating the risk and
controlling/responding to the risk.

Establish the context:

The first stage of risk assessment is to establish the context of the work or
analysis of the work activities in the industrial process. At this stage, the
work activities analyze by making a task list relevant to each section of
responsibility, such as raw material handling, processing, utilities, production
and quality controlling, packaging, storing, and transport. This should
include all the required activities in the industry, the people involved in those
activities, the equipment and machines they use and the different locations
they work in.

Page 83
Hazard Identification And Risk Assessment

Hazard Identification:
Having established the tasks, the assessor(s) must then identify the present
possible hazards, who might be harmed, and how. Hazard identification
mainly aims at determining the potential risks associated with any given
assignment to be performed by an employee. Moreover, it includes
identifying locations and processes related to the risk, employees who are
exposed, or people who might be exposed to it, such as visitors, employees
or contractors.

Risk Estimation and Characterization:

In this step of the process, risks are estimated from the hazards identified in
the preceding stage. Considering how many people are exposed to each
hazard and for how long to that hazard during the operation. Therefore, the
probability and the severity of harm that a hazard can cause is considered. A
risk matrix is used to rank various risks in order of importance. They further
emphasize that the greater the magnitude of risk, the greater the efforts that
should be made to control it and the greater the urgency to control the risk
and take action. Table 15 shows the Matrix for estimating qualitative risk.

Table 15. Risk Matrix22

Table 15 shows the ranking mechanism of the matrix, indicating different

risk levels. According to the matrix, negligible injury indicates as level 1,
minor injury as level 2, moderate injury as level 3, major injury as level 4
and the fatality as level 5 which is the top level of the matrix. Likelihoods
can be determined as: very likely —level A, likely—level B, possible—level
C, unlikely—level D, or rare—level E. According to the risk matrix, there
are 25 potential risk combinations and the risk outcomes have been divided
into four risk levels such as Low, Moderate, High and Extreme.

Page 84
Hazard Identification And Risk Assessment

Based on the rating, the extreme situation indicates there are fatal
consequences which should be tackled first while low rating indicates there
is negligible injury which requires first aid or guidance to avoid further
damage.

However, it has been identified that the qualitative approach has some
limitations, as that will indicate whether the risk is moderate or high, not the
value of it. Therefore, quantitative risk estimation is important to decide
whether the risk is highly critical or just a moderate level.

Quantitative risk estimation (QRA) uses numerical values to express both the
consequences and likelihood of a given event. The risk is calculated
considering the potential consequences of an accident, the exposure factor
and the probability factor.

Table 16 shows the matrix for estimating quantitative risk.

Table 16. Risk matrix for quantitative approach

Table 16 indicates the matrix risk-assessment technique where six levels of

risk as the probability ratings and the severity of consequences as six
different stages. According to the multiplication value of the Severity and
Probability, outcome has given the level of the risk as acceptable to
unacceptable. With the numerical value, it is quite easy to handle the risk at
this method.

When considering how to reduce the risk, best practice is to follow the
hierarchy of hazard controls. The controls should be implemented in order of
effectiveness beginning with the most effective. All types of controls should

Page 85
Hazard Identification And Risk Assessment

be considered as they often work best in combination. The hierarchy of

hazard control is given in Figure 40.

Figure 40. Hierarchy of risk control23

A. Elimination or substitution
Hazard elimination is always the preferred option as there will not be
anymore to worry once it is eliminated. Simply elimination of hazard means
the process has to be redesigned with adjustments.

Substitution involves replacing with less hazardous one to avoid severe

damages.

B. Engineering controls
Engineering control is the best option if it’s not practical to eliminate the
hazards or substitute safer alternatives. Engineering controls support to
prevent workers from being exposed to a hazard.

C. Administrative controls
Administrative controls involve identifying and implementing safe work
procedures with educating the workers using signs, safety instructions and
directions.

D. Personal protective equipment and clothing (PPE)

Page 86
Hazard Identification And Risk Assessment

When every above option is not a solution to control the hazard, personal
protective equipments (PPE) use as the common control mechanism to avoid
injuries or severe damages.

As an example, assume the effects of car accidents in the city area. To avoid
car accidents above hierarchy can apply as given in Figure 41.

Figure 41. Hierarchy of controls to avoid impact of the car accidents

4.1. Documentation and Monitoring Risk

Analysis
Documentation and monitoring process helps ensure that identified hazards,
risks, and control mechanisms are implemented in the intended way. It will
support all the employees, visitors or any other person who has a direct or
indirect relationship with the industry to avoid the risk with previously
mentioned regulations and information. It will directly assist in managing
other hazards and risks that may be directly or indirectly similar to the one
already identified as a hazard.

The reporting and monitoring of the risk analysis will avoid future issues
with a similar kind of risk as that already being addressed for the previous
one. Monitoring will lead to maintaining proper hazard identification criteria
such as what if, checklist, HAZOP or any other relevant systematic
approaches to maintain a risk-free environment.

Page 87
Hazard Identification And Risk Assessment

References
[1] https://www.hseblog.com/in-respect-of-scaffolding-the-difference-between-tying-and-
bracing/

[2] https://www.peri.in/component-test-page/knowledge/scaffolding.html

[3]https://www.facilitiesnet.com/equipmentrentaltools/article/Aerial-Work-Platforms-
Maintenance-Strategies-That-Deliver-Reliability-and-Safety--19107

[4] https://safetynet365.com/Rack-Safety-Nets:::90.html

[5] https://shop.eriks.co.uk/en/safety-working-height/

[6] https://www.pinclipart.com/maxpin/ibRJxix/

[7] https://www.oshatrain.org/courses/mods/714m6.html

[8] https://www.worksafe.govt.nz/topic-and-industry/manufacturing/safe-use-of-machinery/

[9] https://mccallent.com/frayed-electrical-wiring-can-be-hazardous/

[10] https://iffmag.mdmpublishing.com/hazards-of-confined-space/

[11] https://osg.ca/7-simple-tips-for-improving-workplace-ergonomics/

[12] https://www.reidmiddleton.com/reidourblog/hazards-vs-risks-whats-the-difference/

[13]American Chemical Society, What-if Analysis,

https://institute.acs.org/lab-safety/hazard-assessment/ways-to-conduct/what-if-analysis.html,
[Access on: 16/08/2021]

[14] International Standard Organization (ISO). Risk Management. In Risk Assessment

Techniques; ISO 31010:2011; ISO: Geneva, Switzerland, 2011.

[15] International Standard Organization (ISO). Risk Management. In Risk Assessment

Techniques; ISO 31010:2011; ISO: Geneva, Switzerland, 2011.

[16] Demichela, M.; Camuncoli, G. Risk based decision making. Discussion on two
methodological milestones. J. Loss Prev. Process Ind. 2014, 28, 101–108.

[17] Dow's Fire & Explosion Index Hazard Classification Guide. Seventh Edition; American
Institute of Chemical Engineers, Ed.: USA, 1994.

[18] https://www.dekra.com/en/layers-of-protection-analysis/

[19] https://proengineers.com.au/lopa/

[20]http://www.cholarisk.com/services/process-safety/qra-hazop/bow-tie-analysis/,
[Accessed on: 21/08/2021]

Page 88
Hazard Identification And Risk Assessment

[21]Hazard Identification, Risk Assessment And Control

Procedurehttps://www.westernsydney.edu.au

[22] "What's right with risk matrices?". Julian Talbot on Risk, Success and Leadership.
Retrieved 2018-06-18.

[23] https://en.wikipedia.org/wiki/Hierarchy_of_hazard_controls

Page 89
Hazard Identification And Risk Assessment

"Risk must be taken, because the greatest hazard in life is to risk nothing"

Page 90