Air Force System Safety Handbook - System Safety Society

More documents

Recommendations

Info

3.5 Mishap Risk Assessment. By combining the probability of occurrence with mishap severity, a matrix is created where intersecting rows and columns are defined by a Mishap Risk Assessment Value. The value forms the basis for judging both the acceptability of a risk and the management level at which the decision of acceptability will be made. The value may also be used to prioritize resources to resolve risks due to hazards or to standardize hazard notification or response actions. Prioritization may be accomplished either subjectively by qualitative analyses resulting in a comparative mishap risk assessment or through quantification of the probability of occurrence resulting in a numeric priority factor for that hazardous condition. Figures 3-5 and 3-6 show two sample matrices for mishap risk assessment which can be applied to provide qualitative priority factors for assigning corrective action. In the first matrix, an identified hazard assigned a mishap risk assessment value of 1A, 1B, 1C, 2A, 2B, or 3A might require immediate corrective action. A value of 1D, 2C, 2D, 3B, or 3C would be tracked for possible corrective action. A value of 1E, 2E, 3D, or 3E might have a lower priority for corrective action and may not warrant any tracking actions. In the second matrix, risk values of 1 through 20 (1 being highest risk are assigned somewhat arbitrarily. This matrix design assigns a different value to each frequency-category pair, thus avoiding the situation caused by creating values as products of numbers assigned to frequency and category which causes common results such as 2 X 6 = 3 X 4 = 4 X 3. This situation hides information pertinent to prioritization. These are only examples of a risk assessment methods and do not fit all programs. (30:9) The mishap risk assessment value will be more useful if the severity and probability scales are carefully defined. Some suggestions for each are as follows. (18:14-17) “Severity ranges should be sized so that events within each category are of comparable severity....Equating the severity of event and conditions which can cause one fatality with those which can cause 100 or 1,000 does not make sense. The potential problems associated with sizing of the severity ranges grow as the size of the system grows. Program 23 managers need to be provided with risk information that has the fidelity to distinguish the hazardous events that meet general criteria. Severity range thresholds for each severity category should be comparable when considering personal, system, or facility losses....For example, events or conditions which could cause the loss of an E-4 <strong>Air</strong>borne Command Post would be categorized by MIL-STD-882 as catastrophic. Loss of a single crewman, mechanic, or passenger would also fall in the catastrophic category....Severe injuries, such as total loss of sight of a mechanic, and system damage of several million dollars are not normally considered to have equal value, even though both are considered as values for the critical category. If the ranking criteria use risk as a function of severity and probability, quantitative scales or qualitative scales based on quantitative logic should be used. If the concept that the expected losses (or risk) associated with a hazardous event or condition may be estimated by multiplying the expected severity of the accident by the probability of the accident, then some sort of quantitative basis is necessary....Failure to provide a quantitative basis for the scales can cause significant confusion and dissipation of safety resources when an arbitrary risk ranking scale is used. Develop the severity values using order of magnitude ranges. This gets severity values far enough apart to avoid hair-splitting arguments and simplifies severity assessment during PHAs. Quantify the threshold values for the probability ranges. Quantification reduces confusion associated with strictly qualitative definitions. Although it is impossible to quantify the ranges in MIL-STD-882 due to its extremely broad application, developing quantified probability ranges for specific systems is a relatively easy task to accomplish. The probability of occurrence should refer to the probability of an accident/consequence as opposed to the probability of an individual hazard/basic event occurring. The typical accident sequence is much more complicated than a single line of erect dominos where tipping the first domino (hazard) triggers a clearly predictable reaction. Develop the probability values using order of magnitude ranges. Do this for the same reason you did it when developing the severity ranges.”
FREQUENCY OF OCCURRENCE Figure 3-5 FIRST EXAMPLE MISHAP RISK ASSESSMENT VALUES I CATASTROPHIC II CRITICAL 24 III MARGINAL IV NEGLIGIBLE (A) FREQUENT 1 3 7 13 (B) PERIODIC 2 5 9 16 (C) OCCASIONAL 4 6 11 18 (D) REMOTE 8 10 14 19 (E) IMPROBABLE 12 15 17 20 FREQUENCY OF OCCURRENCE HAZARD RISK ASSESSMENT VALUE SUGGESTED CRITERIA 1-5 High (Accepted by Component Acquisition executive) 6-9 Serious (Accepted by Program Executive Officer) 10-17 Medium (Acceptable by Program Manager) 18-20 As directed (Usually acceptable without review) Figure 3-6 SECOND EXAMPLE MISHAP RISK ASSESSMENT VALUES I CATASTROPHIC II CRITICAL III MARGINAL IV NEGLIGIBLE (A) FREQUENT 1A 2A 3A 4A (B) PERIODIC 1B 2B 3B 4B (C) OCCASIONAL 1C 2C 3C 4C (D) REMOTE 1D 2D 3D 4D (E) IMPROBABLE 1E 2E 3E 4E HAZARD RISK INDEX SUGGESTED CRITERIA 1A, 1B, 1C, 2A, 2B, 3A High (Accepted by Component Acquisition Executive) 1D, 2C, 2D, 3B, 3C Serious (Accepted by Program Executive Officer) 1E, 2E, 3D, 3E, 4A, 4B Medium (Accepted by program Manager 4C, 4D, 4E As directed (Usually acceptable without review)
Page 1 and 2: “designing the safest possible sy
Page 3 and 4: Chapter Page Forward ..............
Page 5 and 6: Fig # Title Page 1-1 System Safety
Page 7 and 8: Acceptable Risk. That part of ident
Page 9 and 10: Articles/Papers REFERENCES 1. Cleme
Page 11 and 12: 1.3 Need for System Safety. Why is
Page 13 and 14: integrated with other factors that
Page 15 and 16: Figure 1-4 SYSTEM SAFETY OBJECTIVES
Page 17 and 18: 9. Nature and severity of hazards u
Page 19 and 20: CONCEPT EXPLORATION • Evaluate sy
Page 21 and 22: CONSTRUCTION (facilities) • Ensur
Page 23 and 24: existing levels of system safety an
Page 25 and 26: (a) Provides risk assessments to SA
Page 27 and 28: Block 5--Increased Safety Awareness
Page 29 and 30: 3.1 Definitions. System safety is a
Page 31: 3.4 Mishap Severity Categories and
Page 35 and 36: j. To point out to a designer how h
Page 37 and 38: g. Ensure that the appropriate syst
Page 39 and 40: Figure 4-1 FUNCTIONS OF SAFETY ORGA
Page 41 and 42: An explosive safety program encompa
Page 43 and 44: Quality assurance establishes polic
Page 45 and 46: safety requirements have been impos
Page 47 and 48: instead uses the tailoring process
Page 49 and 50: 5.1 SSPP--Task 102. (Note: Task num
Page 51 and 52: This section of the plan contains t
Page 53 and 54: program tasking should be sufficien
Page 55 and 56: h. Develop a method of exchanging s
Page 57 and 58: 7.1 Analyses. (28:39-40) Role of An
Page 59 and 60: d. Any other events, that considera
Page 61 and 62: CONCEPT STUDIES (PHL) SYSTEM SAFETY
Page 63 and 64: design specifications. In addition,
Page 65 and 66: a. Of the modes of failure, includi
Page 67 and 68: . Potential material substitutions
Page 69 and 70: are identified, monitored, and comp
Page 71 and 72: 9.1 Fault Hazard Analysis. (33:47-4
Page 73 and 74: The SCA of military systems has inc
Page 75 and 76: doors, sunglasses, machine guards,
Page 77 and 78: Checklists)? There are others, such
Page 79 and 80: not directly provide useful informa
Page 81 and 82: c. Procedures, manuals, etc. These
Page 83 and 84:
shutdown. This is a relatively smal
Page 85 and 86:
c. Perform or update the PHA done d
Page 87 and 88:
(2) Adequate safety provisions are
Page 89 and 90:
11.1 Program Office Description. A
Page 91 and 92:
management officer (DMO) is usually
Page 93 and 94:
Once the details of these tasks are
Page 95 and 96:
arrangements, an assessment of the
Page 97 and 98:
f. Assist the contractors in making
Page 99 and 100:
12.1 Contracting Principles. (34:6-
Page 101 and 102:
A SOO is attached to an RFP to spec
Page 103 and 104:
Type E - Material Specifications Ty
Page 105 and 106:
Type A--System/Segment Specificatio
Page 107 and 108:
13.1 Process. CHAPTER 13 EVALUATING
Page 109 and 110:
ascertain if the safety requirement
Page 111 and 112:
Develop and prepare program plans a
Page 113 and 114:
The contractor SSPP will be updated
Page 115 and 116:
Facility safety design criteria is
Page 117 and 118:
10. Skill in written and oral commu
Page 119 and 120:
eflect the local concern for operat
Page 121 and 122:
c. Review equipment installation, o
Page 123 and 124:
15.1 Acceptable/Unacceptable Risk.
Page 125 and 126:
FACILITIES SYSTEM SAFETY INDUSTRIAL
Page 127 and 128:
15.3 Biomedical Safety. (37:Chapter
Page 129 and 130:
• Mishap Class/system identificat
Page 131 and 132:
c. A Nuclear Safety Cross-check Ana
Page 133 and 134:
17.1 General. There are many variat
Page 135 and 136:
characteristics are under configura
Page 137 and 138:
The AFMC supplement to AFI-91-202 p
Page 139 and 140:
TRB DEFICIENCY REPORTS MISHAP REPOR
Page 141 and 142:
these elements should be investigat
Page 143 and 144:
The modification risk-assessment su
Page 145 and 146:
20.1 General. Test and Evaluation (
Page 147 and 148:
Development of these scenarios crea
Page 149 and 150:
isk, or to stop the test until the
Page 151 and 152:
Figure A-1. Mission Requirements/El
Page 153 and 154:
• Capability (task loading) • O
Page 155 and 156:
preliminary hazard list. The major
Page 157 and 158:
• System Hazard Analysis • Oper
Page 159 and 160:
sensitivity analysis. Here, an asse
Page 161:
(5) Revising Maintenance Requiremen
show all

Air Force System Safety Handbook - System Safety Society

Create successful ePaper yourself

Delete template?

Save as template?