Strength of Defenses Matrix

Personal
Type Oversig
Engineer Admin ht Protectiv Cultura
l
Purpose ed Defense e
Defense Defens
Defenses s Equipme
s es
nt
Eliminat Not Applicable

e M
(substitute Ro ore
) bu
Task / st
Operation
Le
RoNotssApplicable
Prevent bu
Error st

Catch
Error

Detect
Defect
Purpose – what you want to achieve in terms of hazard defense and error management
Type – how you want to achieve it; determines reliability of defenses. All defenses have value
Mitigate but “up / left” in matrix are more robust
Harm
Describe your selected corrective actions in the appropriate cells.
IT IS NOT NECESSARY to have an entry in every cell
 Sample Strength of Defense Matrix – Functional
test using Ionizing radiation (BEFORE audit)
Personal Cultural
Engineered Admin. Oversight Defenses
Type Defenses Protecti
Defenses Defenses
ve (Self
(Procedures, (Management
(Automatic) Equipme Values,
Purpose Training) Action)
nt Ethics)
1. Avoid untrained Not Applicable 1. Not use if
Eliminate person working on defective
(Remove the ionizing radiation interlock &
notify
Hazard) supervisor
1. Layout (Designated 1. SOP & Safety 1. Monthly inspection by Not Applicable 1. Follow & use
Prevent area – lead bay) risk assessment RSO the available
(Avoid the design using time, 2. Training on SRA, 2. Radiation safety safety
distance shielding mechanisms
Hazard) method. Radiation
SOP & Radiation program
Before safety 2. Raise a
protection enclosures concern if
Behavior 2. Radiation area
3. Individual
deviations are
password for each
controlled by observed
employee
interlocks (door
interlocks)
3. Interlocks in series
After 1. Daily start-up 1. Medical surveillance 1. Use of PPE - 1. Identify
Behavior inspection exam for radiation Lead Apron deviations
workers while
2. Leak check
Catch (Self through survey
maintenance
Caught) meter
1. Online exposure 1. Visual light 1. TLD Personnel and
Detect monitoring using indication & Area monitors
digital dosimeters warning signages 2. Inspection program
(Others
and PM element teams
Caught) to review the completion
of PMs & inspections
regularly
1. Identification as Stop if unsafe
Mitigate CTS – corrective BAC
(Damage action with 24hrs
 Engineered
Defenses
automatic shutdown; process stopped
after
detection of incorrect action
avoid domino effects
barcodes
berm
boundary / barrier to entry
breakaway
build in reserves and controllability
cancel feature (software)
containment
counting devices
dead-man button
elimination of coupling
elimination through design
energy absorbers / Crumple zones
energy minimization or limitations;
setpoints
energy reduction
equipment alignment keys
escape / evacuation
exclusion design: poka-yoke devices
fence
human computer interaction (HCI)
Human-machine interface; natural
mapping
Inherently Safer Design:
 eliminate
 substitution
 minimization
 moderate
 simplify
interlocks; forcing function
Administrative
Defenses
rules of thumb – eliminate unwise use
abort criteria
access control
backout process
checklist; job aid
chunking of information
color coding
contingencies
critical components; mission-critical,
safety
critical
do not disturb sign
experience and proficiency
foreign material exclusion devices
functional check
handoffs – reduce number in a process
job-site review
just-in-time training
lines of demarcation
lockout / tagout / permit
Non-Technical Skills:
 assertive statement
 concurrent verification
 correct component verification
 flagging / blocking devices
 independent verification
 peer-check
 phonetic alphabet (English
language)
 placekeeping (procedure use)
 pre-job briefing
 procedure use and adherence
 self-checking
Oversight Cultural
Defenses Defenses
100 percent inspection assertive statement
approval, authorization, permission commitment to resilience
coach of the day deference to expertise
communication plan devil’s advocate role
continuous oversight ethical norms
feedback excessive professional courtesy
guards; police fear
hold point housekeeping
in-process verification imagination
inspection (operator rounds) just culture vs. blame
monitoring (observation); supervision management style; consistency
post-job review; after action review moral standards
reporting organizational climate
reward and reinforcement plans ownership, attitude of
single point of contact peer pressure
statistical process control preoccupation with failure
supervision questioning attitude
teams; buddy system reluctance to simplify interpretations
technical knowledge reserves on hand, resources in standby
trending; Pareto analysis sense of duty
sensitivity to faint signals; noise
sensitivity to operations
stop when unsure
uneasiness (wariness)
unwillingness to defeat safety devices or
safeguards; disabling alarms
value system, priorities
3
 Engineered Administrative Oversight Cultural
Defenses Defenses Defenses Defenses
jigs stop when unsure
keys three-part communication
limit switches turnover on station; face-to-face
limiters: load, time, rate, torque, etc. operating experience
location of defense between hazard and parameters (operational): safety margins,
asset limits
modification of hardware password
modifications to tools peer review; cross-discipline reviews
noise dampening material personal protective equipment (PPE)
passive barriers plans
permanent railings problem solving and decision-making
recovery procedure / work instruction
remove human, elimination, substitution qualifications and expertise
separation / distance; decoupling quality check
shielding redundant components or systems
simplification re-reading previous procedure steps after
slow down effects; reduce rate of change distractions/interruptions
substitute human with machine scan methods
synchronized action / sequence scheduling to reduce time pressure
unbreakable material signature; certification
undo feature signs, signals, alarms
walls / buildings standardized tasks; skill-of-the-craft
warning devices; alarms sterile work environment; reduce
distractions or interruptions
tags and labels
task design; specification
temporary lighting
terminology (standard)
mockup, just-in-time, walk-through,
refresher
verbal callouts
walkdowns
witness / hold points
working hours; sleep and rest
4
5S – sort, straighten, shine/sweep,
standardize, and sustain (Lean)