Health And Safety In Quarrying
Part Three: Risk Assessment
This paper is the third in a series of five based on a CD-ROM of lecture and training material covering the fundamentals of health and safety management. The CD-ROM was prepared by the Camborne School of Mines on behalf of EPIC (NTO) Ltd and the Health & Safety Executive, and distributed to all providers of quarry-related courses in higher education. This paper looks in detail at risk assessment, in particular at the essential elements of risk assessment with the emphasis on those aspects crucial to improving health and safety performance.
Risk assessment is not new, having been around for over a decade since the requirement was introduced by legislation in 1992. Since then there have been a great many guides, articles and papers written on risk assessment, outlining different ways of undertaking the analysis and estimating risk. Risk assessment is practiced in industry to differing levels of detail and effectiveness, owing to the different techniques used by different companies. Despite how different these techniques seem, the underlying risk assessment is the same and made up of three common elements:
The basis for the introduction of risk assessment in UK industry was the ‘Management of Health & Safety at Work Regulations’ that were originally introduced in 1992 and updated in 1999. Regulation 3(1) requires that ‘Every employer shall make a suitable and efficient assessment of:
For simple hazards a risk assessment can be a ‘very straightforward process based on judgement requiring no specialist skills or complicated techniques’. This approach is commonly known as qualitative or subjective risk assessment.
At the other extreme, major hazards, such as those associated with complex chemical or nuclear plants, may ‘warrant the need of such techniques as quantitative risk assessment’. In quantitative risk assessment (QRA), or probabilistic risk assessment (PRA) as it is sometimes known, a numerical estimate is made of the probability that a defined harm will result from the occurrence of a particular event.
Such legislation, while providing detailed requirements, offers little by way of guidance on the way that compliance with the requirements is to be achieved. The Regulations state that the risk assessment procedure used in any circumstance should be suitable and sufficient for the hazards and risks to which the workforce is exposed. A suitable and sufficient assessment should:
It must also be remembered that risk assessments on their own do not make an operation any safer or more efficient. Improved health and safety, based on the introduction of risk assessment, involves a number of issues of which simply producing a ‘suitable and sufficient assessment’ is just one part. These issues include:
THE RISK ASSESSMENT PROCESS
As stated earlier, there are many different techniques for risk assessment, all built around the three elements shown in figure 1:
Hazard identification
A hazard is defined as ‘The potential to cause harm’. Harm can include ill health and injury, damage to property, plant, products or the environment, production losses or increased liabilities.
Hazard identification is undoubtedly the most important aspect of any risk assessment on the basis of ‘a hazard identified is a hazard controlled’. There are many different ways of identifying hazards, making it very much a discipline in its own right. Many different formal methods have been developed over the last two decades and these are generally classified into one of three categories:
Comparative methods: eg checklists and audits. These were, in the past, treated as safety reviews as they compared ‘what is’ with ‘what should be’.
Fundamental methods: eg deviation analysis, hazard and operability studies (HAZOPs), energy analysis, failure modes and effects analysis (FMEAs). These are the formal investigative techniques, many of which developed in the high-technology industries and are structured for stimulating people to apply foresight in conjunction with their knowledge by identifying hazards and asking ‘what-if’ type questions.
Failure logic: eg fault trees, event trees and cause–consequence diagrams. These are pictorial representations of logical combinations of causes that lead to a hazard, showing how a hazardous situation may arise or what may happen if that situation occurs.
The last two categories are generally used in QRA and/or in-depth reviews. When assessing occupational health and safety risks, hazards tend to be identified using comparative methods as well as checklists and the experience of the risk assessor(s).
Assessing the risks
Risk can be defined as the likelihood that a specified undesired event will occur due to the realization of a hazard by, or during, work activities or by the products and services created by work activities. In simple terms:
Risk = f(probability, consequence)
In order to be able to assess and/or evaluate risk some degree of the risk should be calculated. As risk is a function of the probability and consequence associated with a hazard occurring, judgements are made on these two properties. Such judgements can be subjective or quantitative depending on the complexity of the operation that is being examined.
Quantitative in this case means probabilistic, where numerical probabilities are calculated. This method, known as QRA (quantitative risk assessment), is common in the high-technology industries where credible values of probability are available from reliability data. In these industries QRA tends to deal with the avoidance of low-probability events with serious consequences to the plant and the surrounding environment. Here the derived value of risk is compared against industry-standard acceptance criteria to see if it is acceptable. QRA is covered later in this paper.
Subjective risk assessment involves making a formal judgement on the consequence and probability in the absence of detailed quantitative data. In many processes subjective values of severity and likelihood are determined and multiplied together according to the equation:
Risk = severity x likelihood
A number of guides have been produced by industry and commercial organizations to help in assessing risk. A example from one of these is shown in table 1 (HSE, 1997).
This simple computation, which gives a risk value of between one and nine, allows a rough and ready comparison of risks. In this case the lower the number, the greater the risk. It thereby prioritizes the hazards so that control action can be targeted at higher risks in the first instance.
Another example is from BS8800 (BSI, 1996) where a ‘risk matrix’ is used (table 2). Here, every combination of probability and consequence has a distinct risk definition or value. The level of risk determined from the matrix is then used in an action plan (table 3) defining what action should be undertaken in principle.
Controlling risk
Risk control is sometimes referred to as ‘risk management’. Risk-control strategies may be classified into one of four main areas (Bamber, 1999):
Eliminate risk by substituting the dangerous for the less dangerous, for example:
Where a range of control measures is available, it is necessary to weigh up the relative costs of each against the degree of control each provides, both in the short and long term. Some control measures, such as eliminating a risk by choosing a safer alternative substance or machine, provide a high degree of control and are reliable. Physical safeguards such as guarding a machine or enclosing a hazardous process need to be maintained. In making decisions about risk control, it will therefore be necessary to consider the degree of control and the reliability of the control measures together with the costs of both providing and maintaining the measure.
Legislation requires employers to reduce risks to a level that is ‘as low as is reasonably practicable’ (sometimes abbreviated as ALARP). To carry out a duty ‘so far as is reasonably practicable’ means that the degree of risk in a particular activity or environment can be balanced against the time, trouble, cost and physical difficulty of taking measures to avoid the risk.
TYPES OF RISK ASSESSMENT
Within industry three types of risk assessment can be distinguished.
The key to ensuring positive health and safety improvements through risk assessment lies in:
In existing activities where routine risk assessments are carried out, control measures are already in place and so the focus here should be on reviewing their effectiveness. For new operations, ‘pre-emptive’ risk assessments are to be undertaken as no controls are in place and the emphasis is on identifying new control measures. These differences are expanded upon below.
Routine risk assessments
Within the quarrying industry there is a wealth of control measures that have been introduced over the years as the industry has developed. Accidents that occur highlight shortcomings with these control measures. In a risk assessment, when identifying what controls are currently in place, it is vital to review the effectiveness of each control, to identify any shortcomings, and to assess how effective they are in practice. For example, if personal protective equipment (PPE) is identified as a current control measure but is infrequently worn, then its reliability as a control must be questioned. It is not sufficient to try to solve the problem by recommending ‘enforce the use of PPE’. It is necessary to determine why the PPE is not being worn and often this root cause provides the route to an effective solution. Another example is with standard procedures which are among the most common hazard-control measures used in quarrying. If a control shortcoming is identified as ‘procedures not being followed’, the effective solution is often not as straightforward as enforcement or discipline or retraining.
Where a ‘failure to follow standards’ is identified, it is necessary to determine why they are not being followed. There is a need to ask questions such as:
By following the process in figure 2, once hazards, controls and shortcomings are identified, the assessors can ask the vital risk-assessment question ‘can we do any more to reduce the risk?’ bearing in mind what has been found. If the answer to this question is ‘yes’, additional controls or control improvements can then be identified and implemented, the risk can be estimated (using scales or matrices) and the assessment documented.
Pre-emptive risk assessments
The objective of pre-emptive risk assessment is to pre-empt potential health and safety risks by ensuring that they are adequately controlled from day one of a new or changed operation. Such assessments may need to be done in abstract and the primary emphasis is on potential hazards. Important factors to note are:
This paper is the third in a series of five based on a CD-ROM of lecture and training material covering the fundamentals of health and safety management. The CD-ROM was prepared by the Camborne School of Mines on behalf of EPIC (NTO) Ltd and the Health & Safety Executive, and distributed to all providers of quarry-related courses in higher education. This paper looks in detail at risk assessment, in particular at the essential elements of risk assessment with the emphasis on those aspects crucial to improving health and safety performance.
Risk assessment is not new, having been around for over a decade since the requirement was introduced by legislation in 1992. Since then there have been a great many guides, articles and papers written on risk assessment, outlining different ways of undertaking the analysis and estimating risk. Risk assessment is practiced in industry to differing levels of detail and effectiveness, owing to the different techniques used by different companies. Despite how different these techniques seem, the underlying risk assessment is the same and made up of three common elements:
- identifying the hazards
- evaluating the associated risks
- controlling the risks.
The basis for the introduction of risk assessment in UK industry was the ‘Management of Health & Safety at Work Regulations’ that were originally introduced in 1992 and updated in 1999. Regulation 3(1) requires that ‘Every employer shall make a suitable and efficient assessment of:
- The risks to the health and safety of his employees to which they are exposed whilst they are at work.
- The risks to the health and safety of persons not in his employment arising out of or in connection with the conduct by him or his undertaking; for the purpose of identifying the measures he needs to take to comply with the requirements and prohibitions imposed on him by or under the relevant statutory provisions.’
For simple hazards a risk assessment can be a ‘very straightforward process based on judgement requiring no specialist skills or complicated techniques’. This approach is commonly known as qualitative or subjective risk assessment.
At the other extreme, major hazards, such as those associated with complex chemical or nuclear plants, may ‘warrant the need of such techniques as quantitative risk assessment’. In quantitative risk assessment (QRA), or probabilistic risk assessment (PRA) as it is sometimes known, a numerical estimate is made of the probability that a defined harm will result from the occurrence of a particular event.
Such legislation, while providing detailed requirements, offers little by way of guidance on the way that compliance with the requirements is to be achieved. The Regulations state that the risk assessment procedure used in any circumstance should be suitable and sufficient for the hazards and risks to which the workforce is exposed. A suitable and sufficient assessment should:
- identify the significant risks arising out of work
- allow the employer to identify and prioritize the measures that need to be taken to comply with ??relevant statutory provision
- be appropriate to the nature of the work such that it remains vital for a reasonable period of time.
It must also be remembered that risk assessments on their own do not make an operation any safer or more efficient. Improved health and safety, based on the introduction of risk assessment, involves a number of issues of which simply producing a ‘suitable and sufficient assessment’ is just one part. These issues include:
- structuring the assessments and producing a risk assessment plan that covers all operations within the quarry
- ensuring widespread participation and involvement in risk assessments
- undertaking ‘suitable and sufficient’ assessments of risk
- communicating information to those exposed to the hazards
- implementing any actions arising from risk assessments
- monitoring and reviewing all risk assessments.
THE RISK ASSESSMENT PROCESS
As stated earlier, there are many different techniques for risk assessment, all built around the three elements shown in figure 1:
Hazard identification
A hazard is defined as ‘The potential to cause harm’. Harm can include ill health and injury, damage to property, plant, products or the environment, production losses or increased liabilities.
Hazard identification is undoubtedly the most important aspect of any risk assessment on the basis of ‘a hazard identified is a hazard controlled’. There are many different ways of identifying hazards, making it very much a discipline in its own right. Many different formal methods have been developed over the last two decades and these are generally classified into one of three categories:
Comparative methods: eg checklists and audits. These were, in the past, treated as safety reviews as they compared ‘what is’ with ‘what should be’.
Fundamental methods: eg deviation analysis, hazard and operability studies (HAZOPs), energy analysis, failure modes and effects analysis (FMEAs). These are the formal investigative techniques, many of which developed in the high-technology industries and are structured for stimulating people to apply foresight in conjunction with their knowledge by identifying hazards and asking ‘what-if’ type questions.
Failure logic: eg fault trees, event trees and cause–consequence diagrams. These are pictorial representations of logical combinations of causes that lead to a hazard, showing how a hazardous situation may arise or what may happen if that situation occurs.
The last two categories are generally used in QRA and/or in-depth reviews. When assessing occupational health and safety risks, hazards tend to be identified using comparative methods as well as checklists and the experience of the risk assessor(s).
Assessing the risks
Risk can be defined as the likelihood that a specified undesired event will occur due to the realization of a hazard by, or during, work activities or by the products and services created by work activities. In simple terms:
Risk = f(probability, consequence)
In order to be able to assess and/or evaluate risk some degree of the risk should be calculated. As risk is a function of the probability and consequence associated with a hazard occurring, judgements are made on these two properties. Such judgements can be subjective or quantitative depending on the complexity of the operation that is being examined.
Quantitative in this case means probabilistic, where numerical probabilities are calculated. This method, known as QRA (quantitative risk assessment), is common in the high-technology industries where credible values of probability are available from reliability data. In these industries QRA tends to deal with the avoidance of low-probability events with serious consequences to the plant and the surrounding environment. Here the derived value of risk is compared against industry-standard acceptance criteria to see if it is acceptable. QRA is covered later in this paper.
Subjective risk assessment involves making a formal judgement on the consequence and probability in the absence of detailed quantitative data. In many processes subjective values of severity and likelihood are determined and multiplied together according to the equation:
Risk = severity x likelihood
A number of guides have been produced by industry and commercial organizations to help in assessing risk. A example from one of these is shown in table 1 (HSE, 1997).
This simple computation, which gives a risk value of between one and nine, allows a rough and ready comparison of risks. In this case the lower the number, the greater the risk. It thereby prioritizes the hazards so that control action can be targeted at higher risks in the first instance.
Another example is from BS8800 (BSI, 1996) where a ‘risk matrix’ is used (table 2). Here, every combination of probability and consequence has a distinct risk definition or value. The level of risk determined from the matrix is then used in an action plan (table 3) defining what action should be undertaken in principle.
Controlling risk
Risk control is sometimes referred to as ‘risk management’. Risk-control strategies may be classified into one of four main areas (Bamber, 1999):
- Risk avoidance: this strategy involves a conscious decision on the part of the organization to avoid completely a particular risk by discontinuing the operation producing the risk, eg replacing a hazardous chemical by one with less or no risk potential.
- Risk retention: the risk is retained in the organization where any consequent loss is financed by the company.
- Risk transfer: this refers to the legal assignment of the costs of certain potential losses from one party to another. The most common way is by insurance.
- Risk reduction: here the risks are systematically reduced through control measures.
Eliminate risk by substituting the dangerous for the less dangerous, for example:
- use less hazardous substances
- substitute a type of machine which is better guarded to make the same product
- avoid the use of certain processes.
- separate the operator from the risk of exposure to a known hazardous substance by enclosing the process
- protect the dangerous parts of a machine by guarding
- design process machinery and work activities to minimize the release of, or to suppress or contain, airborne hazards
- design machinery which is remotely operated and to which materials are fed automatically, thus separating the operator from danger areas.
- designing suitable systems of working
- using personal protective clothing and equipment (PPE); this should only be used as a last resort.
Where a range of control measures is available, it is necessary to weigh up the relative costs of each against the degree of control each provides, both in the short and long term. Some control measures, such as eliminating a risk by choosing a safer alternative substance or machine, provide a high degree of control and are reliable. Physical safeguards such as guarding a machine or enclosing a hazardous process need to be maintained. In making decisions about risk control, it will therefore be necessary to consider the degree of control and the reliability of the control measures together with the costs of both providing and maintaining the measure.
Legislation requires employers to reduce risks to a level that is ‘as low as is reasonably practicable’ (sometimes abbreviated as ALARP). To carry out a duty ‘so far as is reasonably practicable’ means that the degree of risk in a particular activity or environment can be balanced against the time, trouble, cost and physical difficulty of taking measures to avoid the risk.
TYPES OF RISK ASSESSMENT
Within industry three types of risk assessment can be distinguished.
- Assessments of large-scale complex hazard sites, such as those found in the process and nuclear industries. These require quantitative risk assessments (QRA) involving advanced techniques such as fault trees, HAZOPs, FMEAs etc. In some industries (eg offshore and rail) specific regulations require the use of QRA for certain hazards. QRA is discussed briefly at the end of this paper.
- General assessments of the complete range of workplace risks, as required under the Management of Health & Safety at Work Regulations, 1999. These types of assessment are generally subjective.
- Risk assessments required under specific legislation, for example for hazardous substances (COSHH Regulations, 1998) and Manual Handling (Manual Handling Operations Regulations, 1992).
The key to ensuring positive health and safety improvements through risk assessment lies in:
- identification of hazards
- reviewing the effectiveness of existing risk-control measures
- the introduction of additional controls or control improvements.
In existing activities where routine risk assessments are carried out, control measures are already in place and so the focus here should be on reviewing their effectiveness. For new operations, ‘pre-emptive’ risk assessments are to be undertaken as no controls are in place and the emphasis is on identifying new control measures. These differences are expanded upon below.
Routine risk assessments
Within the quarrying industry there is a wealth of control measures that have been introduced over the years as the industry has developed. Accidents that occur highlight shortcomings with these control measures. In a risk assessment, when identifying what controls are currently in place, it is vital to review the effectiveness of each control, to identify any shortcomings, and to assess how effective they are in practice. For example, if personal protective equipment (PPE) is identified as a current control measure but is infrequently worn, then its reliability as a control must be questioned. It is not sufficient to try to solve the problem by recommending ‘enforce the use of PPE’. It is necessary to determine why the PPE is not being worn and often this root cause provides the route to an effective solution. Another example is with standard procedures which are among the most common hazard-control measures used in quarrying. If a control shortcoming is identified as ‘procedures not being followed’, the effective solution is often not as straightforward as enforcement or discipline or retraining.
Where a ‘failure to follow standards’ is identified, it is necessary to determine why they are not being followed. There is a need to ask questions such as:
- Are the procedures practical?
- Does everyone know the rules?
- Has everyone been trained?
- Is the training effective?
- Is the supervision effective?
- Do people ‘turn a blind eye’ to rule-breaking?
By following the process in figure 2, once hazards, controls and shortcomings are identified, the assessors can ask the vital risk-assessment question ‘can we do any more to reduce the risk?’ bearing in mind what has been found. If the answer to this question is ‘yes’, additional controls or control improvements can then be identified and implemented, the risk can be estimated (using scales or matrices) and the assessment documented.
Pre-emptive risk assessments
The objective of pre-emptive risk assessment is to pre-empt potential health and safety risks by ensuring that they are adequately controlled from day one of a new or changed operation. Such assessments may need to be done in abstract and the primary emphasis is on potential hazards. Important factors to note are:
- Following the identification of potential hazards, the assessors have to consider whether there are any current controls in place at the quarry which would eliminate or reduce the risks
- If there are no controls or existing controls do not reduce the risk to an acceptable level (ie ALARP), the assessors need to consider appropriate additional control measures to eliminate or reduce the potential risks.
- The assessors must then consider whether the proposed controls, once in place, are likely to reduce the risk to the acceptable level.
QUANTITATIVE RISK ASSESSMENT
Earlier in this paper several references have been made to quantitative risk assessment or QRA, and so for completeness this area will now be looked at, although such assessments are not generally used in the quarrying industry.
In quantitative (or probabilistic) risk assessment, numerical values of risk are calculated and compared against pre-set criteria. The probabilities and consequences are assessed using statistical techniques and consequence-evaluation methods.
QRA is most commonly used in the process industries to quantify the risks of ‘major hazards’. A major hazard is defined by the HSE (1988) as ‘any man-made industrial hazard that has the potential to cause large-scale injury and loss of life from a single brief event’.
In recent years significant increases in the use of QRA have taken place in the offshore oil and gas industries, the transport of hazardous materials, the protection of the environment, mass transportation (rail) and the nuclear industry.
There are a number of different ways of expressing and describing levels of risk calculated in a QRA ranging from simple tables and expressions to complex graphs. When putting a quantitative figure to a risk it is necessary to be clear as to whom or what group of people the figure applies. It is normal to differentiate between individual and societal risk.
Individual risk is defined as ‘the frequency at which an individual may be expected to sustain a given level of harm from the realization of specific hazards’, (IchemE,1992).
Frequently, individual risk is estimated for a number of locations around a site so that ‘risk contours’ can be plotted to give an indication of the geographical variations for individual risk. An example of a risk contour map is shown in figure 4 (Nussey, 1995).
The practice of QRA requires standards of acceptance commonly referred to as ‘risk criteria’. In the UK, the values of these criteria have been based on past experience from industry. The general approach in determining levels of acceptability is the ALARP (as low as is reasonable practical) principle (HSE 1988). The HSE (1988) concluded that ‘broadly, a risk of death of 1 in 1,000 (1x10-3) per annum is about the most that is ordinarily accepted under modern conditions for workers in the UK and it seems to be the dividing line between what is tolerable and what is intolerable’. It was also concluded that the tolerable risk level from a large-scale industrial hazards ‘should not be less than 10 times higher’, ie 1x10–4.
REFERENCES
BAMBER, L.: ‘Principals of the management of risk’, in RIDLEY, J. and J. CHANNING (ed) Safety at Work, 5th Edition, Butterworth Heinmann, 1999.
BSI: BS8800: Guide to Occupational Health and Safety Management Systems, 1996.
HSE: The Tolerability of Risk from Nuclear Power Stations, HMSO, 1998.
HSE: Successful Health and Safety Management, HSG65, HSE Books, 1997.
IChemE: Nomenclature on Risk Assessment in the Process Industries, IChemE, UK, 1992.
NUSSEY, C.: ‘Accidents happen — How they can be avoided and the risks assessed’, in proceedings of the IBC Conference on Preventing and Managing Emergencies, London, IBC Technical Services Ltd, 1995.
FOSTER, P.J., ROSE, H.J.M., and C.F. TALBOT: ‘Risk assessment: An opportunity to change health and safety performance’, Journal of the South African Institute of Mining & Metallurgy, 1998, vol. 98, no. 7, pp333–338.
FOSTER, P.J., ROSE, H.J.M., and P. TERRETT: ‘Managing risk management’, presented at Minesafe International 1998, South Africa, proceedings published by the Chamber of Mines of South Africa, pp139–146.
The author, Dr Patrick J. Foster, is Anglo American plc lecturer in mining engineering at Camborne School of Mines, University of Exeter