ASP Exam - Domain 2 (Safety Management Systems)
What is Kaizen?
Manufacturing/production system focused on efficiency where continuous manufacturing improvement is made in small, incremental steps
What is joint tort liabilities?
two or more persons whose negligence in a single accident or event causes damages to another person
What is caveat emptor?
"Let the buyer beware" - used in English common law that put the buyer at fault
What are the 4 priorities in emergency planning guidelines?
(Identify potential hazard) Save people Protect property (e.g., secure scene) Cleanup and salvage Restore operations (e.g, safe reentry) Basically: Life safety, incident stabilization, property preservation
Fishbone/Ishikawa diagram
- "Cause and effect" diagram that sorts causes into categories
Change Analysis
- Analyze new introductions before it becomes a problem (e.g., when building/leasing a new facility, installing new equipment, using new materials, starting up new process, staffing changes)
Simultaneous/Sequential Timed Events Plotting Analysis (STEP)
- Analyzes events from time/sequence perspective used to reconstruct an accident - Identifies "actors" and actions
Fault Tree Analysis - description, 4 classes of causal events, cut set, issues
- DEDUCTIVE/TOP DOWN (general to specific) and QUANTITATIVE - Looks at SINGLE ADVERSE EVENT and identify combinations of conditions/component failures that lead to the event; calculates PROBABILITY for each event cause - 4 classes of causal events: Primary failure, secondary failure, primary fault, secondary fault - Cut set: factors which on their own would lead to the top event - Difficult to identify all events that lead to top event and assigning valid probabilities to event causes - EFFECT --> CAUSE
Management and Oversight Risk Tree (MORT)
- Derivative of Fault Tree Analysis used as program management and logic tool - Idealized version of system safety model, focuses on 3 main concerns: specific oversights and omissions (S), management oversights and omissions (M), and assumed risks (R) - R-branch: events and conditions that are known to management and that have been evaluated and accepted at the proper management level - S-branch: focuses on the events and conditions of the actual or potential occurrence, uses barriers for control - M-branch: supports a process in which specific findings from an accident investigation or safety programme evaluation are made more general.
What are 3 types of defects in products liability?
- Design: Occurs in all products of particular make or model - Manufacturing: Occurs in few products of the same make or model, one way to determine is to sample like products - Warnings and instructions
What is Software Sneak Circuit Analysis?
- Discover latent (hidden/concealed) program logic that could cause undesired program outputs or inhibits, or incorrect sequencing/timing when software controls a safety critical event
What is the most critical step in any safety program evaluation?
- Evaluation protocol checklist - Determines the areas to be examined, the level of detail, in general, the questions to be asked
What are some examples of reliability regimes for safety-critical systems (fail passive, fail operational, fail safe, fail soft)?
- Fail passive: Continues to operate in the event of a system failure - failure does not have effect on operation of overall system (e.g., an aircraft autopilot). - Fail operational: Continue to operate when their control systems (discrete failure) fail, can be unsafe. Nuclear weapons launch-on-loss-of-communications was rejected as a control system for the U.S. nuclear forces because it is fail-operational: a loss of communications would cause launch -Fail safe: Design feature that allows failed component to revert to safe mode - Fail soft: Continues to operate in limited capacity (spare tires)
Which facilities are excluded from Process Safety Management?
Retail facilities, oil/gas well drilling, normally unoccupied remote facilities, hydrocarbon fuels used solely for workplace consumption (gasoline for vehicle refueling), flammable liquid stored in atmospheric tanks kept below normal boiling point without refrigeration
Describe the risk assessment concept
Risk Assessment --> Risk Determination (risk identification, risk estimation) + Risk Evaluation (risk aversion [how well risk can be reduced/avoided] and risk acceptance)
Describe risk control, risk reduction, risk acceptance, risk transfer
Risk Control: actively reduce risk to an acceptable level, reduce the likelihood (occasionally the consequence) of a risk to as low as possible · Using proven technologies and processes to mitigate the risk · Modeling and simulation and/or Mock-ups Risk Avoidance: reduces or eliminates the risk event or condition by taking an alternate path, eliminates the source of the risk and replaces it with another solution · Changing operating procedures · Use a low-risk mature technology; those with proven track records · Extend the schedule to increase the probability of success · Reducing scope of performance objectives Risk Acceptance Risk Transfer: Use Firm-fixed price contracts (contractor assumes max cost risk and full responsibility for all costs and resulting profit/loss); minimum admin burden on government
According to Deming, the responsibility of supervisors must be changed from ...
Sheer numbers to quality
What is the definition of single point of failure?
Single item of hardware, the failure of which would lead directly to loss of life, vehicle or mission.
Hazard Totem Pole
- Grose - Organized into a list according to combination of ratings and forms priority for funding allocations
What are some criteria to decide which accidents should be investigated?
- High cost and high severity (e.g., high property, life, and injury) - High frequency - High public interest - High potential losses
Failure Modes and Effects Analysis (FMEA)
- INDUCTIVE/BOTTOM UP (specific to general) - Looks at all SINGLE COMPONENT FAILURES, identifies the failure modes for each, and their RANGE of resulting effects on the rest of the system; produces Critical Item List (failures that exceed acceptable levels of risk) - CAUSES --> EFFECT - Example: Looks at the resulting effect of equipment failure
Job Safety Analysis/Job Hazard Analysis
- Identifies what behaviors in operations are safe and correct, should consider abnormal situations - Break down job into basic steps then identify hazards and controls associated with each - Can be concurrently conducted with other forms of task analysis (e.g., work flow, motion economy, eye/hand/foot movement, time for each job element)
How does modular organization in ICS work?
- Incident Command System (ICS) organizational structure develops in a modular fashion based on the incident's size and complexity - Teams, divisions, groups, branches, sections etc. are organized when he supervisory ratio exceeds 7, demobilized when ratio falls below 3 - ORGANIZATIONAL ELEMENTS MAY BE ACTIVATED WITHOUT ACTIVATING THE SECTION CHIEF. In that case, supervision will rest with Incident Commander.
Event Tree Analysis
- Looks at multiple consequences after event and determines mitigation measures - Aimed at stopping faults from escalating
What is low fence?
- Low fence means that they set a minimum dB loss before a worker is eligible for compensation. This is also done to account for presbycusis (the natural loss of hearing due to aging). - Used state compensation boards for hearing loss disability claims because small hearing losses aren't disabling
What is Statistical Process Control?
- Quality control method using statistical analysis - Allows the engineer to understand the sources of variation in a process, and hence manipulate and control these sources to decrease variations in the product
What are the criteria for developing controls?
- Support: Availability of personnel, equipment, supplies - Standards: Clear, practical, specific guidance and procedures for implementing controls are in place - Training - Leadership - Individual: Individual employees are sufficiently self-disciplined to implement a control measure
What is process safety management and its primary purpose?
- System of tools, processes, and procedures to manage prevention of unwanted releases of highly hazardous chemicals that could lead to catastrophe in workplace or surrounding community. ***can occur before, during or after a process***
Hazard and Operability (HAZOP) Analysis
- Team-based, systematic review of system that identifies risk by using series of "guide words" (AS WELL AS, BEFORE, AFTER) that question how the design can fail due to process deviations
What influences span of control?
- Type and complexity of incident/event - Nature of response/task, distance, safety
What is involved in the initial process hazard analysis in Process Safety Management?
- Use methodologies (Fault Tree Analysis, Failure Mode and Effects Analysis, Hazard and Operability Analysis, What If/Checklist, etc.), previous incidents, facility siting, performed by team of experts, updated every 3 years
Gross Hazard Analysis:
- Used in early stages to get an overall idea of potential causes that caused the accident - Brief description of accident and list of situations that can lead to the accident
What is the minimum required elements of the Emergency Action Plan?
- Ways to report fire and other emergencies - Evacuation procedures and escape routes - Procedures for those who remains to operate critical function before they evacuate - Procedure to account for all employees - Rescue and medical duties - POCs
What-If and Checklist Analysis
- What If: HYPOTHETICAL SITUATION - Brainstorming/qualitative approach using knowledgeable people to ask questions about undesirable events - Checklist: Uses established codes, standards, and well-understood hazardous operations to develop list of desired system attributes and compare proposed process against it - What If/Checklist: Team-based, structured analysis that combines loose structure of What If with systematic Checklist approach
What is privity?
- a relation between two parties that is recognized by law, such as that of blood, lease, or service. - No longer required in negligence cases. Today, a manufacturer that places a product on the market becomes a party through implied warranty.
What is common law?
- requires the employer to provide a workplace that is reasonably safe
What is Process Hazard Analysis?
- set of organized and systematic assessments of the potential hazards associated with an industrial process - tend to be qualitative - includes what if/checklist, Failure Mode and Effects Analysis, Hazard and Operability Study, etc. - MANDATED AS PART OF PROCESS SAFETY MANAGEMENT (PSM) BY OSHA for processes that handle highly hazardous chemicals
What are phases of the business continuity planning process?
1. Analysis/Risk Identification - Business Impact Analysis (BIA): differentiates critical (urgent) and non-critical (non-urgent) organization functions/activities - Threat Risk Assessment (TRA): After defining recovery requirements - e.g., epidemic, earthquake, cyber attack, terrorism, single point dependency 2. Solution design/Disaster recovery planning - Determines crisis management command structure, telecom architecture, data replication methodology, backup site 3. Implementation and testing - policy changes, material acquisitions, staffing and testing - Tabletop, medium, complex exercises 4. Maintenance - Biannual or annual maintenance cycle - Issues found during the testing phase often must be reintroduced to the analysis phase
What are the 8 major theories of accident causation?
1. Domino - Heinrich - considered first scientific approach to accident prevention - Social environment, fault of person, unsafe act, accident, injury - Management assumes responsibility for safety, supervisor is key in accident prevention - 3 corrective sequence actions (3 E's): Engineering, Education, Enforcement - 88% unsafe acts, 10% unsafe conditions, 2% unavoidable 2. Human Factors - Accidents are entirely due to human errors, categorized as overload (environmental, internal, situational), inappropriate worker response, inappropriate activities 3. Accident/Incident (Petersen's Theory) - Human Factors theory (overload) plus ergonomic traps (incompatible workstations), decision to err (may be unconscious or based on logic, system failures (policy, training, inspections, etc.) - establishes role of management - Prone to "Superman Syndrome" - leads people to believe they are immune to accidents 4. Epidemiological - Focuses on industrial hygiene, looks at environmental factors and disease/accidents - Worker characteristics/predisposition and environmental factors 5. Systems Theory - Relationship between man (most flexible/valuable), machine systems (hardware), surroundings - Collect information, weigh risks, make decisions 6. Energy Release - William Haddon, based on vehicular safety - Accidents in terms of energy and transference - accidents are caused by out-of-control energy 7. Behavior Theory - aka behavior based safety - Includes identification of internal factors, motivation, focus on positive consequences, planned interventions, etc. 8. Modern causation model - 7 avenues to demonstrate causes of accidents - Safety management error, safety program defect, command error, system defect, OPERATING ERROR (unsafe acts/conditions), MISHAP (accident), RESULTS (injury)
What are the 14 elements of Process Safety Management?
1. Employee participation 2. Process Safety Information (e.g., block flow diagram, process flow diagram, Piping and instrument (P&ID) for equipment) 3. Process Hazard Analysis (update every 5 years) 4. Operating procedures 5. Training (specific health and safety hazards, emergency operations, demonstrated by existing KSAs or every 3 years) 6. Contractors 7. Pre-startup review 8. Mechanical integrity 9. Hot Work Permit 10. Management of Change 11. Incident investigation (key elements of Incident Investigation Program requirements include near misses, investigation within 48 hours, incidents that lead to/could lead to catastrophe, incident report and recommendations) 12. Emergency planning and response (develop Emergency Action Plan) 13. Compliance audits (every 3 years - special attention to process safety info, mechanical integrity, contractor qualification) 14. Trade secrets (employers must make available trade secret info to those compiling PHA and operating procedures)
What are the categories of transportation HAZMATs as defined by the Transportation Safety Act?
1. Explosives 2. Radioactive materials 3. Flammable liquids/solids 4. Combustible liquids/solids 5. Corrosives/oxidizers 6. Compressed gases 7. Poisons 8. Etiologic (hazardous biological agents) 9. Irritating materials
When is Emergency Action Plan required?
1. Fire extinguishers are in your workplace 2. Anyone will be evacuating during fire or other emergency
What is the National Academy of Science's 4 steps in identifying chemical risk assessment?
1. Hazard identification 2. Dose-response assessment 3. Risk characterization 4. Exposure assessment
What are the basic processes to systematically identify hazards?
1. Identify specific work areas 2. Review historical data/documents involved in operations to determine prior injuries and accidents occurred 3. Conduct onsite, visual inspection 4. Determine individual job tasks involved and break them into steps 5. Analyze each job task and identify potential hazards
What is Petersen's four criteria for placing safety staff in an organization?
1. Report to boss with influence 2. Report to boss who cares about safety 3. Have channel to the top 4. Install safety under executive in charge of major activity
What are the FIRST PRIMARY STEPS of investigation at the site?
1. Secure scene of accident - depressurize, control chemicals 2. Provide care to injured 3. Isolate the scene - put barricades, tape 4. Lead investigator selects team 5. Present preliminary briefing to investigating team
What are major categories causes of accidents? Which ones are root/surface causes?
1. Unpreventable acts: Very small percentage 2. Hazardous conditions (surface causes): Account for large but less than 50% 3. Unsafe behaviors (surface causes): Most common surface cause, exist regardless if workplace conditions are safe or unsafe 4. System design/performance weakness (root cause): Present in almost all workplace accidents
What are 3 theories of products liability?
1.) Warranty: Addresses performance of a product on implied or expressed claims. The buyer can expect for the purchased product to perform its functions. - Implied warranty: Assurance that a product is fit for the intended purpose (merchantability and fitness for a particular purpose) - Express warranty: When seller makes expressed claims for a product that becomes basis for bargain 2.) Negligence 3.) Strict liability: Deals with product characteristics that are unreasonably dangerous. Makes a person or company responsible for their actions or products which cause damages regardless of any negligence or fault on their part. It is the most common type of product liability suit - people recognized that consumers should receive compensation for damage received from defective products.
What is the maximum range of direct reports recommended for effective resource management in the Incident Command System?
3 to 7 direct reports - 5 ideal Recommended ratio of 1 supervisor per 5 direct reports
What percentage of accidents in aviation, shipping, and the process industry are attributed to human error?
60-70%
What is attractive nuisance doctrine?
A person is under the duty to prevent injury to children that may be attracted to something which could cause harm (abandoned cars, piles of lumber or sand, trampolines, and swimming pools)
What are some safety applications for cost?
Accident claim rates, product return and failure costs - used to select suppliers of parts, assemblies, components Accident records, insurance rates, claim records - used as criteria in selecting contractors Cost of product failures, complaints, accidents, compliance with standards - criteria for setting performance incentives of contractors and suppliers
What is the difference between accident and incident?
Accident: Event that may result in property damage AND in injury or illness Incident: Event that may result in property damage but no injury or illness
What is the first step in preparing for an emergency?
Assessing the potential hazards
What are 3 primary ways to express costs?
COST BENEFIT RATIOS - Used by governments for public policy (if the cost to implement regulation is worth the benefits derived), aka used by OSHA - Can be problematic to assess cost of human life RETURN ON INVESTMENT RISK
In approximately 95% of incidents, organizational structure consists of:
Command Single resources Many incidents will never require the activation of the entire Command or General Staff or entire list of organizational elements within each Section
What are the 5 elements of the Incident Command System?
Command, Operations, Planning, Logistics, and Administration/Finance.
What are incident management assessment methods?
Corrective action report/after-action review Post-incident analysis Debriefing Post-incident critique Mitigation plans
What are some techniques to measure accountability?
Cost accounting system Safety-by-objectives method Audits Enforcement
What is the most effective way to reduce accidents?
Design safety features into systems - reduces or eliminates inherent hazards
What are the 4 main types of management styles?
Directive Democrat: Allows subordinates to participate in decision-making but closely supervises Directive Autocrat: Makes decision unilaterally and closely supervises (maybe military leader) Permissive Democrat: Allows employees to participate in decision-making process and some latitude in carrying out their work (organization going through significant changes) Permissive Autocrat: Makes decision unilaterally but gives employees full flexibility to carry out work
What are some management theories - Drucker, Deming, Maslow, Herzberg, Vroom, McGregor, Grose, Grimaldi and Simonds, Bittel and Ramsey?
Drucker: Management by objectives/results - how to achieve each objective in sequence and measure them against standards Deming: - PDCA Cycle - Father of Total Quality Management and Continuous Improvement Maslow 1.) Physiological 2.) Safety 3.) Social needs, love, belonging 4.) Esteem (ongoing): confidence, achievement, respect of others, respect by others, personal need to contribute 5.) Self-actualization (ongoing): Can accept human nature addressing shortcomings and failures; focus on solving problems for the greater good - problems considered "task that they must do" Herzberg - Hygiene factors (affect level of dissatisfaction): Physical working conditions, interpersonal relationships, policies and rules, supervisor quality, salary - cyclical in nature, new becomes the norm. Hygiene is used in a sense that they are "maintenance" factors that are necessary to avoid dissatisfaction. Should only be considered as ways of minimizing job dissatisfaction. - Motivation factors (affects job satisfaction): Achievement, advancement, recognition, responsibility, work itself, personal growth Vroom: - People can be motivated to perform when there are clear links between behavior and reward - individuals are going to select their behaviors based on the outcomes that they expect as a result of those behaviors McGregor: Theory X (employees don't want to work and are only motivated by money and Theory Y (employees like to work and seek out responsibility when needs are met) Grose: Performance, cost, schedule Grimaldi and Simonds: 3 steps - organizing, administrating, managing Bittel and Ramsey: Primary management functions, major business activities (finance, production, sales), environmental resources and constraints
What is the hierarchy of controls?
Elimination Substitution Engineering (isolate people from the hazard) Administrative (change the way people work) PPE
What is the most critical purpose for implementing controls?
Ensure controls are converted into clear, simple instructions that is understood at all levels
What are the elements of safety management accountability system?
Established policy and standards Resources available to meet policy and standards Performance measurement system Consequences (positive and negative) Application at all levels Continuous evaluation
Who should determine the level of risk the company should assume or transfer?
Executive management of company/organization
What are some ways that hazards can be identified?
Experience, historical data (frequency and severity data), intuitive analysis, judgment, standards, brainstorming, systematic techniques (e.g., fault-tree analysis)
What is the difference between fault tree analysis and event tree analysis?
Fault Tree: Start with multiple faults to identify circumstances that lead to the problem Event Tree: Starts with one initiating event and looks at consequences Both are deductive (specific to general)
One of the current principles of safety management states the key to effective line safety performance is having management procedures that:
Fix accountability for accidents
What are the 3 purposes of analysis?
Gain understanding/gather facts, make decisions, requirement
What are the 5 main steps of hazard/risk management process?
Hazard/risk identification Hazard/risk assessment Development of controls and decision making - eliminate/reduce risks, including FINANCIAL Implementation Supervision and evaluation - administering the process
What is the "5 Why" Technique?
Identifies root cause of problems by asking why behaviors/conditions existed
How does decision making in risk decision work?
If residual risks are too high after determining controls, senior supervisor or project manager must determine if the risk is justified. If not, they must decide to: - Add additional control measures - Limit scope of work that eliminates high risk tasks - Discontinue project
Where do accidents fit in the process of preventing accidents?
In reactive model -> first step, trigger In proactive model -> result after analysis and preventive program
When should formal communication be used in ICS?
Incident Commander, General Staff, Branch Directors Receiving and giving work assignments, reporting progress of tasks, requesting support or additional resources
When someone signs a hot work permit or confined space entry permit, what does the signature mean?
Independent evaluation conducted for potential situations where failure could lead to injuries or death
What are the classic steps in accident investigation?
Initiation *Fact finding *Analysis Integration Findings *Report In reality, these may overlap
Why is safety inspection ineffective in uncovering the causes of most accidents?
Inspections only look at hazardous conditions, not individual task procedures
What are examples of risk transfer?
Insurance policy - require certificate of insurance Contractual (non-insurance) - indemnification provisions/indemnity/hold-harmless clause: one party agrees to answer for any specified or unspecified liability or harm that other party incurs. True purpose of contractual risk transfer is to place the financial burden of a loss on the party best able to control or prevent the incident leading to injury or damage Contractual waiver of subrogation - endorsement that prohibits an insurance carrier from recovering the money they paid on a claim from a negligent third party
What is one of the most important technique of gathering information during an accident investigation?
Interviewing eyewitnesses
What are the elements of financing the risks (financial justifications)?
Make direct investment, develop cash reserve, purchase insurance for each risk
What circumstances are most prone to severe injuries?
Non-routine, non-production, high energy, construction
The technique of probabalistic risk assessment was developed by what industry?
Nuclear Power industry in the 1970's. The techniques were developed to estimate failure rates, develop maintenance schedules, assess population safety etc..
Where do accident investigations fit in the process of preventing accidents?
Part of reactive model (accident, investigation, analysis, preventive action)
What are the primary elements of management?
Planning, organizing, staffing, leading/directing, controlling
Which 2 accountability program elements will OSHA primarily look at during accountability evaluation?
Policy and consequences
What are the 2 main objectives of risk management process?
Pre-loss: Reducing fear and worry about potential losses; regulatory compliance; obtaining insurance; maintaining social responsibilities; minimizing expenditures consistent with post-loss goals Post-loss: Keep enough earnings for continued operations, find ways to expand growth - product development, acquisitions/mergers, taking care of employees, keep human/material resources available
What is the primary purpose of accident investigation? What are some other purposes?
Prevent recurrence of the same event - NOT to blame individuals or management, legal compliance, satisfy insurance requirements Other reasons: Identify causes of accidents and injuries, compile legal or liability evidence, assess degree of damage and value of losses gather facts!
What are the 4 levels of risk assessment used for incident management?
Programmatic Strategic Operational/deliberate Time critical
What is the goal in risk identification?
Reduce uncertainty in describing factors that contribute to accidents, injuries, illnesses, deaths
ANSI recommends the lighting level for corridors in industrial facilities should have a minimum of _____ foot-candles
The minimum they recommend for corridors in industrial facilities is 20 foot-candles. The Illuminating Engineering Society (IES) publishes a Lighting Handbook which recommends higher illumination levels to maximize productivity.
What are some measured safety behaviors at top/mid-level managers, supervisors, and employees?
Top/mid-level managers: Involvement in safety management system development and implementation; developing effective policies, programs, resources; providing physical and psychological support; support involvement in safety committee. Prone to lagging indicators out of their control (e.g., worker's compensation costs, accident rates) Supervisors: ensure that the fundamental principles of loss control are followed by the company; following company rules; conducting safety inspections; enforcing safety rules; conducting safety meetings; ensuring workers have safe materials, equipment, etc Employees: Reporting injuries and hazards, making suggestions, attending safety meetings, complying with company rules
What are the 5 levels of incident complexity types?
Type 1 (National and State Level): May result in disaster declaration Type 2 (National and State Level): agency administrator/official is responsible for the incident complexity analysis, agency administrator briefings, and written delegation of authority Type 3 (State or Metropolitan Area Level): IMT or incident command organization manages initial action incidents with a significant number of resources Type 4 (City, County or Fire District Level): Command/General staff activated, no written plan required for non-HAZMAT incidents. Type 5: 1-2 single resources up to 6 people, major sections not activated, no written plan required. Ex. Vehicle fire, injured person, police traffic stop.
Where should safety fit in an organization?
Under top operational decision maker (e.g., CEO). Safety is function of operations (quality of production/service process in an organization), not HR
What is Boolean algebra?
Used to develop probabilities involving AND/OR/NOT etc. type situations
What is product safety factor?
extra margin of safety designed into the product over and above its intended use
What is dangerous instrumentality?
owner of an inherently dangerous creature, device, substance, tool, etc. is liable for any injuries caused by that tool's operation
What are the elements of Safety by Objectives?
process of determining safety goals, allowing supervisors a chance to perform, providing assistance along the way and rewarding them according to their progress
Operating and Support Hazard Analysis
process to identify hazards and recommend risk reduction alternatives in procedurally controlled activities THROUGHOUT TOTAL LIFECYCLE OF A SYSTEM (people, procedures, environment, equipment, support)
What is Management of Change?
• Evaluate the changes in a chemical process to minimize the introduction of new hazards • Evaluate increased risk of additional hazards when there is a change in the process • Requires documentation of changes in piping and instrumentation diagrams (P&ID) after the project is complete