|
CHAPTER 6
|
|
6.
Applying the Risk Assessment Deliverables
|
|
6.1
Documenting the risk assessment process and deliverables
6.2 Deriving the Action Plan
6.3 Following up on the Action Plan and deliverables
6.4 Using other information from the risk assessment
6.5 Change management
6.6 Auditing the process
|
| 6.
Applying the Risk Assessment Deliverables
|
|
The
expected output of any risk assessment should supply information to
address the desired final deliverable, a Formal Safety Assessment, an Operating Plan, a
SOP, etc. As previously mentioned, the Scope should define the expected
process for utilising the outputs of the risk assessment.
back
to top
6.1
Documenting the risk assessment process and
deliverables
All formal risk
assessment should be documented for many reasons including the need for
future reference. The specific format will vary depending on the
complexity and purpose of the assessment. Minimally, it is necessary to
use a scientific approach to the Risk Assessment report such as the
following.
|
|
|
|
|
Executive
Summary
Introduction
Context (strategic, corporate and risk
management)
Issues / Reason for Review
Objective
Method
Team (names, positions and related experience)
Hazard Inventory Table
External Potential Impacts
System description and boundaries
Risk Identification Tool
Risk Analysis method
Determination of
acceptability, ALARP/SFAP
Documentation used for study
Results (tables, charts, etc.)
Priority risks
Priority existing controls and performance
indicators
Priority new controls and performance indicators
Recommended Action (the Action Plan information) including
accountabilities and timeline
|
|
|
|
|
Note
that there is more guidance on report content in NSW
Department of Mineral Resources MDG 1010 and 1014.
The draft report should be reviewed by the Risk
Assessment client, finalised and, once the required
actions have been commenced, stored in a manner that
facilitates retrieval and review.
back
to top
6.2
Deriving
the Action Plan
Many Risk Assessments will require that the output
include a Risk Assessment Report, as well as an Action
Plan listing the suggested new controls and offering
an opportunity to identify specific new actions,
accountability and target dates.
Table
6.1 Example Action Plan
In
the above example the first column, “Recommended New Controls”, would
be derived from the Risk Assessment output, possible by the facilitator or
the author of the formal report. The client (or "risk owner") would ensure the Action Plan
was completed.
The
final Action Plan should also be included in the formal Risk Assessment
report to facilitate traceability.
back
to top
6.3
Following up on the
Action Plan and deliverables
|
 |
The
Action Plan should include an indication of the Completion Date for any
new action, as illustrated in the above example. This feature attempts to
ensure that required actions are undertaken.
Some
mines put their Action Plans into the site project management system and
trace completion requirements automatically.
It
may be necessary to set an Action Plan review date at some point after the
Risk Assessment is completed to ensure all required Actions are complete
or on schedule. THIS IS A KEY ISSUE.
|
|
LESSONS
LEARNED 6.1
back
to top
6.4
Using other information from the
risk assessment
The
Risk Assessment report can provide additional information to the
requirements stated in the Objective.
For
example, it is desirable to retain information on priority risks from
Risk Assessments in ongoing, cumulative site documents sometimes called
“Risk Registers” (see Section
4.1.1.B). Even if creating or adding to a site Risk
Register is not part of the Objective, some of the output of the Risk
Assessment should be retained to help assemble a full site document over
time.
back
to top
6.5
Change management
The site must have a
mechanism to identify changes in hazards or risks that affect past risk
assessments, triggered either by regular review of those reports or by
some hazard identification process.
Changes
to Risk Assessment reports should be noted by revision notation in the
document.
This would be a subset of the overall site Change
Management Programme that would be covered by
the Safety Management System (SMS).
back
to top
6.6
Auditing the
process
Finally,
the Context of Risk Assessment should be defined at a site, possibly by a
procedure as suggested in the Chapter 3 “Setting the Context
“. The defined Context should be used to regularly audit the risk
assessment process to ensure that site activities appropriately reflect
the intention. There is an
audit checklist example as an Appendix (see Appendix
E). It relates to HAZOP specifically but provides
clues for other types of study audit.
back to
top
|
For more information about the risk assessment guidelines (NMISHRAG) please contact the author:
Prof Jim Joy
Director, Minerals Industry Safety and Health Centre (MISHC)
Phone: 3365 8334
E-mail: j.joy@mishc.uq.edu.au
|
|
