NATIONAL MINERALS INDUSTRY SAFETY AND HEALTH RISK ASSESSMENT GUIDELINE (NMISHRAG)
Home Contents Search Feedback Previous Next GO DIRECT TO:
   Home » Chapter 4 » Chapter 4.1.5

CHAPTER 4 

4.1.5 Selecting Risk Analysis Method - the Means of Calculating and Examining the Level of 
R isk
4.1.5.1 Risk analysis methods          
            a. Qualitative risk analysis    
            b. Quantitative risk analysis
            c. Semi-quantitative risk analysis
4.1.5.2 Risk acceptability
4.1.5.3 Selecting the method considering the expected deliverable
4.1.5.4 Re-analysis of risk considering new controls
4.1.5.5 Risk/cost benefit analysis
4.1.5 Selecting Risk Analysis Method - the Means of Calculating and Examining the Level of Risk

Risk Analysis is about developing an understanding of risk. It provides an input to decisions on whether risks need to be treated and the most appropriate and cost effective strategies. Risk analysis involves consideration of the sources of risk, their positive and negative consequences and the likelihood that these consequences may occur. HB 436:2004 Risk Management Guidelines Companion to AS/NZS 4360:2004. As such, Risk Analysis involves different ways of calculating risk considering "how often" (probability or likelihood) and consequences (or severity).  

Like the previous requirement to match the Risk Assessment method to the Objective / Expected Deliverable, it is important to match the Risk Analysis method to the Objective / Expected Deliverable.  

4.1.5.1 Risk analysis methods

There are 3 types of risk analysis methods, qualitative, quantitative and semi-quantitative :

4.1.5.1.a. Qualitative risk analysis 

 Qualitative analysis uses words to describe the magnitude of potential consequences and the likelihood that those consequences will occur. These scales can be adapted or adjusted to suit the circumstances and different descriptions may be used for different risks. HB 436:2004 Risk Management Guidelines Companion to AS/NZS 4360:2004. Qualitative risk analysis methods are used to set priority for various purposes including further analysis. They are useful when reliable data for more quantitative approaches is not available.

Qualitative risk analysis methods are used to set priority for various purposes including further analysis. They are useful when reliable data for more quantitative approaches is not available.

Some techniques are as basic as the one below, suitable for categorising risked based on individual or team opinion.  
Table 4.10 Example of a basic qualitative risk analysis matrix

There is no description of the difference between high, medium or low, simply the words. Therefore it remains for the person(s) who use this method to decide of those differences. As such, it is a very rough method of risk analysis that simply divides the identified risks into 3 categories – red, green and yellow.    

It is not likely that any risk assessment method, other than Informal Risk Awareness for Day-to-Day Tasks would use this approach.    

Here is another example. This simple technique has been a standard part of U.S. military and space risk assessment for over 20 years.
Table 4.11 Example of risk definition and classification

  Likelihood Ranking Table

*Likelihood of impact occurring eg fatality, hearing loss etc
#The frequency descriptions must be generated for each specific risk assessment so that the timeline is appropriate to the level of detail of the risk assessment
Consequence Severity Ranking Table  
 

In this example the consequence levels are identified differently for different parts of the organisation. The site uses levels 1 – 5, the business levels 2 – 6 and the company levels 3-7. The consequences are those appropriate for consideration at the defined levels.

The measures in this table should reflect the needs and nature of the organisation and activity under consideration to determine the level of concern.

Consequence (or Severity) is the worst outcome that could realistically result from the unwanted event.

When using any method to estimate risk there is often an important question. Should the likelihood or probability be estimated considering existing controls or without controls in place. There is no absolute answer to this question. The above scale, as with any other similar matrix, can be used for either approach. However, it may be important for the Scope to identify which approach will be taken in the exercise. It is recommended that if controls exist and are credible, the assessment should consider them.

In particular, it would be sensible to include consideration of existing controls when estimating Likelihood or Probability when the system being examined has a significant operating history. In this case the team would find it unrealistic to consider the risk without the existing controls that have been in place for some time.

See Section 3.6 on Risk Assessment Pitfalls

If  the risk assessment is being Scoped to review a new project or system, the team must decide and record the decision whether or not the risk is to be looked at with or without the new or planned controls.

The important point is to establish whether or not existing controls will be considered while estimating Likelihood or Probability in the Scoping stage of the risk assessment.

Once the Probability and Severity numbers are selected, a comparative risk can be identified from the Table below:

 
Table 4.12 Risk Ranking Table

   Note: The number of categories should reflect the needs of the study.

 Legend
 

The two selections are combined in a table to provide Risk Ranks. Sometimes each cell in the table is ranked in order.

A second well known example of such a Risk Ranking process is that developed by the US Military and NASA.

Table 4.13 NASA/US MIL SPEC 882D Risk Ranking Method


 *unwanted event expected to happen 1 in 10 times the circumstances occur 



 The two selections are combined in a table to provide Risk Ranks. Sometimes each cell in the table is ranked in order, sometimes cells are categorised as suggested in the NASA/US Military Specification example Table 4.13.

Table 4.14 Risk Ranking Table


There are many variations on design of qualitative analysis approaches. However, the description or numerical ranges must be carefully defined to meet Objectives as well as provide discreet and suitable choices.
For example, to explore more information on various Qualitative Risk Analysis approaches try: 
http://www.planning.nsw.gov.au/plansforaction/mihaps-docs/mihaps-docs.html
Appendix 2 of MIHAP No 3 Hazard Identification, Risk Assessment and Control. This reference provides a comparison of 10 models including AS/NZS (1999)
http://www.workcover.vic.gov.au/vwa/home.nsf/pages/so_majhaz_guidance/$File/GN14.pdf
back to top
4.1.5.1.b. Quantitative risk analysis  

 Quantitative Risk Analysis involves the calculation of probability and sometimes consequences, using numerical data where the numbers are not rank (1st, 2nd, 3rd) but rather “real numbers” (i.e. 1, 2, 3, 4 where 2 is twice 1 and half of 4).    

As such, accurate quantification of risk offers the opportunity to be more objective and analytical than the qualitative or semi-qualitative approaches.

Most commonly, quantification of risk involves generating a number that represents the probability of a selected outcome, such as a fatality. Following is an example of probabilistic information concerning the risk of a fatality per year. British Nuclear Industry research suggests the following probability of death from various causes in the UK. The figures are based on past history.


1 Department of Urban Affairs and Planning NSW Hazardous Industry Advisory Paper 4 Risk Criteria for Land Use Safety Planning

The history of fatalities in the Australian mining industry from 1991 to 2001 suggests the following2.


2 Based on Data from Minerals Council of Australia surveys

Most Quantitative Risk Analysis for industrial applications attempts to establish probabilities of unwanted events and subsequently the probability of the consequences from the unwanted event.. For example, the risk of a total large petroleum storage tank structural failure might be .003 per year. If there are multiple events that must happen before a major loss can occur then assigning numerical probabilities allows for risk calculations that are normally not possible with qualitative or semi-qualitative data.

back to top

Fault Tree

This may be done by using the rules from Fault Tree Analysis to construct a Fault Tree. The example in Figure 4.2 below shows a fault tree listing all the components potentially involved in the failure of an emergency lighting system. The construction starts at the “top event”, in this case the “no light from emergency lighting system” and proceeds level by level until all fault events have been traced to their basic contributing causes.

This may require working through several levels or it may be satisfied in one. In the example the tree has stopped at defective wiring , which is possibly sufficient, but there may be circumstances, determined by the boundaries placed, where this needs to be explored to the next level of “incorrect wiring” or “wires chewed by rats” or ”wiring cut by sharp edge in conduit” etc

The fault tree, when analysed, allows all the combinations of events that can lead to
the top event to be identified.



Figure 4.15 An example of a quantitative risk analysis using a fault tree
           
The example illustrates the use of a modelling method to identify contributing factors to an unwanted event. Fault Tree Analysis is one of several methods that can be used to model an unwanted event. In the example numbers in each initiating event (the rectangles) represents the probability that the initiating event will occur. The “And Gate” and “Or Gate” shapes indicate the relationship of the initiating events below to the events above the gates. An “Or gate” indicates that the event above will occur if any of the initiating events below occur. Therefore the probability of the event above is based on adding together all the probabilities in the initiating event rectangles. The “And Gate” indicates that all initiating events below must occur to create the event above. In this case, the initiating event probabilities are multiplied. It must be noted that to analyse the fault tree to obtain the combinations of events that result in the top event (minimal cut sets) (the process of solving the fault tree) involves the use of Boolean Algebra for all manipulations of the fault tree. It is recommended, that for other than the simplest fault tree, a specialist is consulted for this activity.

Assuming the probabilities are reasonably accurate, a quantitative risk analysis based on a systematic event model can yield a reasonably realistic probability of the major unwanted event (the initiating event or the top event in a Fault Tree). Most importantly, FTA maps out all of the contributing factors in a potential incident scenario, which in turn allows the most critical initiating events to be identified and hence identifies the best area for implementing further controls. In addition, the FTA allows new probabilities to be entered into the tree and a new top event calculation to be made, thus providing a demonstration of the effectiveness of the intended controls and allowing a cost benefit analysis to be done (bearing in mind however the possible requirement of ALARP, SFAP, ALAP etc).

 back to top

Event Tree

A similar modelling method can be used to extend the analysis from the probability of the major unwanted event to identify the probability of different outcomes or consequences. This is known as an event tree. In the case of a fault tree, the process is started from the unwanted event and works from the so called top event down. An event tree starts with a particular unwanted event and works from the bottom up.

The first example, Figure 4.16 illustrates the probability of the consequences from an unwanted event defined as “ Release of Flammable Gas “. In the example the release of a large cloud of flammable gas is the unwanted event, this may be from an LPG storage tank on site struck by a truck and the tank or pipeline punctured. A number of issues need to be considered, the cloud may ignite at once, or after a delay or not at all. With immediate ignition ie as soon as the escape starts, the result will almost certainly be a fire. With delayed ignition, the result may be a flash fire or an explosion. The probability of fatality of a particular person will depend on whether the incident is a fire, a flash fire or an explosion. In this example the leak is determined to occur 1 in 10 years and there are probabilities assumed for immediate ignition, delayed ignition etc. The outcome, using the dummy data, is a very high risk of fatality of 0.0299pa (requiring immediate action, if the data was correct, by the addition of appropriate barriers to reduce the probabilities).

The second example, Figure 4.17 is constructed in the same fashion but using equipment failure rates per demand. The example is that of the power supply to a mine operation from a power station failing. This has been determined from the fault tree as happening 1 in 10 years despite all the control measures in the system. There is a back up diesel on site which is supposed to switch in on power failure and, if that fails, there is a battery back up for critical applications. The outcome is an indication of just how secure or insecure the power supply system is in the event of principal supply failure. The top/unwanted event is “Principal Power Supply Fails”. The outcome is the frequency of emergency power failure. The outcome calculated of 0.000255 failures per year is probably acceptably low. An ongoing check would be needed to test the performance of the diesel and the battery system to ensure their performance was not deteriorating because of lack of maintenance etc.


Figure 4.16 Event Tree (Gas Release) (Source: Adapted from ICI Engineering Hazan Course Notes)
 
Figure 4.17 Event Tree (Power Supply) (Source: Adapted from Lees Loss Prevention in the Process Industries)

back to top

Level of Protection Analysis (LOPA)

This analysis form is a relatively new development and is still developing, the references noted earlier should be consulted for more detail. It has been effectively used in some safety cases as a means of demonstrating adequacy of protection LOPA is a variation of event tree analysis where only two outcomes were considered and has found a particular use in working with Safety Instrumented Systems (SIS) but not exclusively. The possible outcomes are either “unwanted impact” or “no event”. Each analysis starts at the unwanted event frequency that starts the event tree. Beyond the initiating event there are a number of event tree branches, each of which represents a layer of protection. Each branch has only two paths, one for propagation of the event and the other for "no event” Each layer of protection has to be independent of the unwanted event and other layers of protection, these are referred to as independent protection layers (IPLs). If they are not truly independent the resultant risk estimate will be too low. The analysis is, in some usages described as semi quantitative as it does use numbers to calculate a numerical risk, however the numbers used are conservative and rather than closely represent an actual performance of specific systems provide order of magnitude results. Figure 4.18 shows the principal of the approach.

IPLs need to meet certain tests of function to qualify, apart from independence. They need to detect or sense a condition in the scenario, make a decision on action and deflect the undesired consequence. It is noted that procedures and inspections cannot be treated as protection as they do not meet the tests.



 Figure 4.18 LOPA principles example

A helpful presentation of the overall picture of an unwanted event is shown in Figure 4.19 . This is called a Bow Tie Diagram . The unwanted event is given in the centre of the Bow Tie. On the left hand side is given the causes and hazards that potentially lead to the event. Also shown are the controls or barriers to the event occurring, these are the proactive controls and are typically classified as Elimination (of the Hazard) or Prevention (of the event). The right hand side of the diagram is the event tree which shows the various outcomes that potentially can occur and the controls or barriers that are in place for after an event occurs are also shown. These are the Reactive Controls and are typically classified as Reduction (of the consequence) or Mitigation (of the consequence). Clearly the preference is for successful proactive control but reactive control is also essential to minimise harm after an event. See Section 4.1.1.D for more discussion on control measures.

Figure 4.19" Bow Tie " Diagram (Source: Adapted from ICI Plc Hazan Course Notes 1979)

For further information on the Bow Tie Diagram try the following references

http://www.workcover.vic.gov.au/vwa/home.nsf/pages/so_majhaz_guidance/$File/GN14_MHFR.pdf
http://www.absconsulting.com/resources/THESIS/FABIG-Issue37.pdf
http://www.eagle.org/news/pubs/surveyor/dec99/ism.htm
Should the risk assessment require quantitative consideration of different events, consequences can be quantified by establishing a common unit for all of the potential losses, such as dollars. Depending on the circumstances, this may require establishing the value of a human life.

The accuracy of probabilistic data is sometimes challenged, especially when the numbers are multiplied, potentially exacerbating any inaccuracies. Obviously the accuracy of the data is determined by the validity of the source. It is uncommon for a minerals company or organisation to have extensive probabilistic data especially where human activity is concerned. There are several commercial services that supply probabilistic data on hardware failures and some sources of human reliability data.

For example, to explore more information on various sources of probabilistic data try: 
http://www.mishc.uq.edu.au/publications/Databases_for_Equipment_Failure011.pdf
For example, to explore more information on various quantitative risk analysis approaches try: 
http://home1.pacific.net.sg/~thk/quant_r.html - (re: Human Error)
http://www.mishc.uq.edu.au/publications/Risk_Analysis_Methods_a_Brief_Review.pdf
http://www.jbfa.com/qratechniques.html 
http://www.yellowbook-rail.org.uk/site/resources/models/yellowbookR1.pdf  
Complete Quantitative Risk Analysis of London Underground railway including statistics
http://www.workcover.vic.gov.au/vwa/home.nsf/pages/so_majhaz_guidance/$File/GN14_
MHFR.pdf
Centre for Chemical Process Safety, 1992. Guidelines for Hazard Evaluation Procedures.

For example, to explore more information on various control measures approaches try: 
http://www.workcover.vic.gov.au/dir090/vwa/home.nsf/pages/so_majhaz_guidance/$File/GN10.pdf
LESSONS LEARNED 4.6

back to top

 4.1.5.1.c. Semi Quantitative Risk Assessment 

The content of this section was supplied by QEST Consulting of Melbourne1 and describes the technique that they have developed for SQRA. This technique has been used extensively and successfully in the Mining and Minerals Industry although originally developed to meet the needs of the Safety Case in Victoria.

1QEST Consulting http://www.qest.com.au

There are currently two spectral extremes in risk assessment methodologies:

  • Quantitative Risk Assessment (QRA)
  • Qualitative Risk Assessment

These are discussed in detail in Sections 4.1.5.1.a. Qualitative Risk Assessment and 4.1.5.1.  b. Quantitative Risk Assessment.

The approach In Quantitative Risk Assessment, although exhaustive and detailed, is clearly not foolproof and has two primary shortcomings. One is the misleading output when the selection of failure statistics is not well considered. The second is the fact that much of the decision making in the assessment of risk is inevitably done by a consultant. 

The result of a Qualitative Risk Assessment is usually high team member buy-in as they made all of the decisions. However, the accuracy and transparency of the process is extremely poor because of the crudity of the measures used, as is its value in prioritising risk reduction actions. 

The SQRA approach is something of a mixture of the two extremes.

QEST SQRA attempts to match the thoroughness of QRA in identifying all of the failure modes but then asks a series of “bite sized” questions of a representative site/engineering team to establish the risk value. In so doing, workforce buy-in is maintained but identical units of measurement of risk such as Potentil of Loss of Life (PLL) can be generated based on the team’s decisions. The process is less costly than QRA but the balance of the primary objectives is often considered to be substantially better than either of the other options (quantitative or qualitative).

It must be recognised that the SQRA process probably provides greater accuracy in regard to the relativity of the risks than it does in regard to absolute values. Nevertheless, the risk values (PLL) generated are a reasonable basis for rationalising risk reduction measures.

The steps in the SQRA methodology are as follows.

1. Whilst viewing the left-hand side of the bow-tie diagram (see Figure 4.6), assess the frequency of the initiating event. The example shows an initiating event estimated to occur once in 100 years.



2. Whilst viewing the both sides of the diagram, assess the number of time there


3. Distribute the remaining occurrences across the section of outcomes (eg. 1 fatality, 2 fatalities, 3-5 fatalities etc.)


4. Calculate PLL values (fatalities per annum) by multiplying likelihood by the sum of the consequences.
              i. 01*((1*11.5)+(1*7)+(2*4)+(4*2)+(12*1))/1000 = 0.000385 or 3.85*10-4

5. A sample risk profile as initially assessed (SQRA1) follows. This assessment assumed the facility/platform to be operating with existing controls in their existing condition.

Table 4.10  SQRA base case



 There is no generally accepted maximum level of risk at which a facility should operate and regulators continue to avoid specifying criteria for demonstrating maximum risk levels. Clearly, any actions to improve the critical controls associated with these hazards are amongst those at the top of the actions priority list. See discussion on Risk Acceptability in Section 4.1.5.2 and definition of  ALARP, SFAP etc.in Section 4.1.1.A.



Figure 4.7 SQRA comparisons of base and reduced cases



Also clear from the examining the base case and reduced case tables is the fact that major risk reduction on relatively few hazards has brought about most of the improvement.

The site profile after implementation of the actions is as shown below.

Whilst it should be remembered that all of the risk values are more accurate in regard to relative risk than absolute risk, three conclusions can be safely assumed:

  • The safety assessment process has heightened awareness of the critical risk areas and provided a framework within which to identify and address the priority issues. 

  • The ‘safety case’ approach and the adoption of the SQRA process has been ‘repeatedly successful in showing the way to further safety risk level reductions.

  • When the critical actions are completed, the approach can be used to identify ongoing risk reduction as part of a continuous improvement program. 

  • Because the risks were assessed using SQRA, the business is in a position to maintain the entire safety process in-house if desired.

Whilst the SQRA may be the engine room of a risk assessment, as with the best of QRAs, the overall process asks and derives answers for all of the following questions:

  • If it can, how often can it occur given the existing controls?

  • How bad will the consequences be if it does occur? 

  • What are the most critical of our controls?

  • How effective are they (dependable, understood, practical, monitored)?

  • What should we do to improve things within practicable limits?

  • In what order should these things be carried out?

  • If all our controls failed, could this be expected on occasions to result in a fatality?

Table 4.11 SQRA Reduced Case
back to top

4.1.5.2 Risk acceptability

This is no zero risk situation. All actions, decisions or situations involve some level of risk, though in most cases the risk is very low. Very low or reasonable risk is considered to be acceptable. Many regulatory frameworks require the management of risk to a level that is reasonable but fall short of defining the specific criteria for major unwanted events such as an occupational fatality.

In many risk assessments it may be necessary to determining the level of acceptable risk during the Scoping process.

Many environmental regulatory agencies require that risk to the public from activities on a proposed new industrial site be less than 1 in one million fatalities per year. Social research has indicated that the community considers acceptable occupational fatality risk to be 1 in one hundred thousand, or ten times higher than public risk. However, the later figure is not currently specified in any mining related regulations.

Information in the previous section of this Guideline suggested that the overall risk of fatality in the Australian minerals industry is approximately 1 in five thousand, based on 1991 to 2001 data. This indicates that, as an industry, we are performed significantly higher than the 1 in one hundred thousand figure.

The diagram below is commonly used to explain the concept of acceptability and ALARA. ALARA is an acronym for “as low as reasonably achievable”. 



Figure 4.8 Risk tolerability, ALARA

Risk acceptability, for the purpose of a minerals industry risk assessment will be important to establish in the Scoping stage. However, the precision of the risk acceptability criteria may vary with the Objective.

If the Objective of the risk assessment does not involve specifically determining acceptability, the intent may be to identify the priorities for risk reduction. In this later case, the use of an accepted qualitative or semi-quantitative risk analysis technique may be adequate. In this case, the risk analysis technique may supply a cut off classification where risk is seen to be “low”. 

If the Objective of the risk assessment requires determination of acceptability, then quantitative techniques would likely be most appropriate. In this case it would be desirable to establish an acceptable probability of the unwanted event or if there are varied unwanted consequences, an acceptable risk level incorporating objective consequence units such as dollars.

Despite the above discussion, it must be borne in mind that it is possible under some regulatory regimes that the expectation will be that of SFAP or some similar expression. This term may be defined in legislation or regulation and it would be prudent to determine what local legislation prescribes. SFAP in Victoria means all risks must be reduced so far as practicable. Although the test of practicability includes consideration of the risk level, which means that measures that would be implemented if the risks were high would not necessarily be implemented if the risks are low, this never eliminates the need to identify and implement all practicable risk reduction measures. In the same legislation is also the requirement for continuous improvement which must be allowed for in any attempt to identify acceptability.

For example, to explore more information on various risk acceptability approaches try: 
http://www.iee.org/Policy/Areas/Health/hsb36.pdf
http://www.planning.nsw.gov.au/plansforaction/mihaps-docs/mihaps-docs.html
Paper No 3 Hazard Identification, Risk Assessment and Risk Control Section 7
http://www.workcover.vic.gov.au/vwa/home.nsf/pages/so_majhaz_guidance/$File/GN16.pdf
NSW Department of Urban Affairs and Planning, 1990. Risk Criteria for Land Use Safety    
Planning, Hazardous Industries Planning Advisory Paper No 4. ISBN 0 7305 71300. This useful  resource is only available as a hardcopy. The publication can be purchased online (http://www.planning.nsw.gov.au) or alternatively contact the Department. 
DNV Technica; Risk Assessment Guidelines; Prepared for ACC and the Victorian Government, Project No A1196. Melbourne 1995 (Chapter 6). Available form Health and Safety Organisation, Victoria.

back to top

4.1.5.3 Selecting the method considering the expected deliverable

The following table suggests the different example Risk Analysis methods that might be considered for each desired deliverable. Note that any or all of the noted options might be used depending on the Objective.

The example risk analysis methods mentioned in the table are:
   Qualitative Risk  Analysis (Qual RA) - To very roughly discuss and group risks

   Semi – Quantitative Risk Analysis (SQRA) - To identify rough priorities for the profile, 
   often where exposure is a key factor to focus on priorities, further study and analysis

   Semi Quantitative Control Code Analysis (CRCA) - See Section 4.1.5.4 for discussion. 
   To judge the appropriateness of controls for the identified risk but note that ranks should not be  
   compared

   Quantitative Risk Analysis (QRA) - To more accurately establish the probability 
   of unwanted events to mathematically manipulate and/or consider acceptability

   Risk / Benefit Analysis (RBA)- To identify the most cost effective controls for an 
   unacceptable risk  
Table 4.12 Possible Applications of various Risk Analysis Methods for Potential Objectives / Expected Outcomes


As the table illustrates, the selection of the appropriate risk analysis technique is primarily related to the degree of precision that is required and the quality of available data.

back to top

4.1.5.4 Re-analysis of risk considering new controls

The Re-ranking of risk considering a no control to control situation or an existing to new control situation is becoming a more common practice in the minerals industry.

LESSONS LEARNED 4.7
The degree to which a control reduces the probability and/or consequence of an unwanted event varies depending on the type of control and the way it is applied. The System Safety Society in the United States has published the following method for rating controls. It is intended for use in conjunction with the NASA / Mil Spec 882B example Risk rank table (Table 4.14) outlined earlier in Section 4.1.5.1.a.

 Control Rating Code (CRC) Method  

Control Effectiveness = Type of Control * Control Strategy    

       1. Identify each control intended to reduce one of the ranked risks.  
       2. Assign the type of control, based on the I to V Hierarchy of control types.
       3. Assign the control strategy or the objective of the type of control, based on the A to E 
          strategies.  

Table 4.13 Hierarchy of Control Type

Table 4.14 Energy Control Strategy
Table 4.15 Control Rating Code Table
As an indicator of risk acceptability Residual Risk ,is often considered acceptable if the Uncontrolled Risk Rank (from the previous qualitative NASA / Mil Spec Table 4.8)  is equal to or less than the Control Rating Code (Risk Rank – Control Rating = 0 or greater). Sometimes a situation where the Control Rating is 1 higher than Risk Rank can be considered acceptable but not ideal. If the Control Rate Code is 2 or more ranks higher than the Risk Rank it is most unlikely that the risk would be considered acceptable – other options must be discussed.  

LESSONS LEARNED 4.8

back to top
4.1.5.5 Risk/Cost benefit analysis  

Risk/Cost Benefit Analysis may also be part of a Risk Assessment Objective. Risk/Cost Benefit Analysis is often used as one criteria to help select the most effective control options to address an unacceptable risk. Techniques in this vary. 
Some examples are given below for consideration.

Potential Loss of Life/Implied Cost of Averting Fatality

The Potential Loss of Life (PLL) is the number of fatalities that can be expected to occur each year, averaged over a long period. It is a measure of societal risk. The number should be small: if 100 people are each exposed to a risk level of 10 in a million per year, the PLL is 0.001.

The PLL is a useful basis for cost benefit analyses of risk reduction measures, via the “Implied Cost of a Fatality” (ICAF):

                               ICAF=cost of measure/(initial PLL-reduced PLL)

Such calculations are often controversial as they appear to require a value to be placed on human life, but these calculations are commonly used internationally, and may be suitable to aid decision making in regard to adopting control measures for major hazards. For example, a low ICAF for a proposed risk reduction measure implies that it is highly effective, because the cost is low compared to the risk reduction achieved. Conversely, a high ICAF implies a relatively ineffective risk reduction measure, indicating that perhaps the money should be diverted to an alternate. It is however, as stated earlier, only one of the criteria to be used. 

The following table gives some guidance to using the cost to avoid a fatality in decision making:



Cost Benefit

One measure of risk is the cost the operator would face if the hazard were to be realised. If the consequences of the hazard can be meaningfully expressed in economic terms, then cost benefit analysis can be used to help set priorities and aid decision making.

The cost of implementing the solution or control measure can usually be determined readily, as money will usually need to be expended. Both the capital cost and ongoing operating costs will need to be taken into account. The cost can then be annualised using, for example the remaining plant life.

The benefit from the solution is actually the reduction of the cost of the hazard and can be determined by computing the annual cost before and after. This will require some quantitative risk assessment work, although in simple cases estimates can give at least an indication.
For example, consider a hazard that might occur once in 100 years and cost $10million in total damages. Assume that a control exists that will reduce this to once in 500 years at a cost of only $1 million. Assume that the control costs $500,000 IN Capital, $10,000pa in operating cost, and will last ten years, so the annual cost is $60,000. The benefit is:

            B = H1 - H2 = ($10,000,000/100 years) – ($1,000,000/500 years) + $98,000 pa

Hence the cost benefit ratio is 60,000/98,000 = approx 0.6. The lower the cost benefit ratio, the more attractive the expenditure.

Note that while this method is attractive to ensures, it does not take into account the cost of potential human suffering and should not be used as a primary decision criterion for safety and health related hazards. Similarly a cost benefit ratio greater than 1 is not a valid reason not to implement a safety related improvement. The cost benefit ration can at best be used as another tool to help rank priorities amongst a range of actions.

A similar tool introduces the concept of the Potential Control Effectiveness into the equation, again a tool only

The Cost of the Problem per year (CP/yr) must be greater than the Cost of the New Control per year (CNC/yr) considering the Potential Control Effectiveness (PCE). PCE is never 100%.

                  CP/yr>CNC/yr *PCE% (expressed as decimal, i.e. 70% = .70)

None of the above takes into account the requirement that is imposed in may regimes requiring the ALRP principal be applied. Cost benefit is not necessarily a factor.

For example, to explore more information on various Risk Benefit Analysis approaches try:  
http://www.sjsu.edu/faculty/watkins/cba.htm
http://www.workcover.vic.gov.au/vwa/home.nsf/pages/so_majhaz_guidance/$File/GN16.pdf


LESSONS LEARNED 4.9

 back to top


For more information about the risk assessment guidelines (NMISHRAG) please contact the author:

Prof Jim Joy
Director, Minerals Industry Safety and Health Centre (MISHC)
Phone: 3365 8334
E-mail: j.joy@mishc.uq.edu.au
Chapter 4.1.5 is part of
National Minerals Industry Risk Assessment  Guideline (NMISHRAG)
Chapter 1. Introduction/Background | Chapter 2. How to Use the Guideline
| Chapter 3. Setting the Context | Chapter 4. Scoping / Designing Risk Assessment |
| Chapter 5. Doing the Risk Assessment| Chapter 6. Applying the Risk Assessment Outcomes|
| Chapter 7. Other| Appendices|
| LESSONS LEARNED| CASE STUDIES| USEFUL LINKS|

This document was last reviewed on 14/1/2005

Minerals Industry Safety & Health Centre (MISHC)
The University of Queensland
Brisbane, Queensland 4072 Australia
E-mail: mishc@mishc.uq.edu.au Phone:(61) 7 3365 9787
Created by: Dr Guldidar V Kizil E-mail: g.kizil@mishc.uq.edu.au
 Authorised by: Prof Jim Joy
Last Modified:14/1/2005
@Minerals Industry Safety & Health Centre (MISHC)
Provides examples or illustrations of problems that can arise throughout the risk assessment process. They are mostly examples of past issues in the minerals industry.
Lessons Learned

Case studies are offered as examples of effective approaches to dealing with risk assessment requirements.
Case Studies

Provides links to get more information on various Risk Assessment approaches.
Useful Links