5.1 Policy and Responsibilities
ANSI Z590.3 emphasizes the need for establishing policy and assigning roles and responsibilities for carrying out PtD efforts. A defined policy and process should be implemented to incorporate PtD in the design phase and throughout the life cycle. Policies should be designed to include the following:
Anticipating, identifying, and assessing systems to avoid, eliminate, or reduce hazards and risks.
A structured hazard analysis and risk assessment process to address identified hazards.
Risk reduction using the hierarchy of controls to achieve acceptable risk levels.
Risk assessors knowledgeable, skilled, and close to the hazards and risks.
A monitoring process for effectiveness and continual improvement.
A recording and reporting system to document results during design reviews, risk assessments, and treatment.
Organizations should define responsibilities to address opportunities to prevent or reduce risk when new risks are introduced, or changes occur. Such risk assessment triggers include (i) the planning, purchase, and installation of new facilities, processes, equipment, technologies, and materials; (ii) the modification of or addition to existing facilities, processes, equipment, technologies, or materials; (iii) following incidents and unwanted events to investigation, assess, and select corrective actions; and (iv) the demolition, decommissioning, or repurposing of systems.
An organization's acceptable risk levels and its goal to achieve an acceptable level of risk (ALOR) in their designs and workplaces must be clearly defined and communicated to stakeholders. Achieving and maintaining an ALOR should be the basis for an organization's OSH goals and objectives. Organizations should set “acceptable risk targets” to assist in selection of risk control alternatives for hazards that cannot be completely eliminated.
Policies and procedures should enable the design process to incorporate appropriate input from designers, engineers, OSH, procurement, quality, legal, risk management, maintenance, and operations. Skilled and experienced risk assessors, design safety specifications, risk‐based decision‐making, and communications should be utilized in the design process.
5.2 Suppliers and Third Parties
Z590.3 includes measures for suppliers, contractors, and vendors involved in designs, new equipment, construction, and changes in processes, materials, or technology. Nonroutine activities involving contractors and other third‐party stakeholders can result in catastrophic incidents if not properly managed. Z590.3 requirements addressing these concerns include the following:
communication and agreement on safety expectations with third‐party suppliers, engineers, and contractors;
written specifications for safety and health performance in procurement documents, purchase orders and contracts;
assessing risk to achieve an ALOR;
test protocols and inspections of facilities, products, equipment and materials as part of formal acceptance, and/or commissioning;
reviews of suppliers to verify safety specifications prior to purchase and delivery; and
procedures for ongoing testing and maintenance of systems.
5.3 Design Safety Reviews
The process of reviewing, anticipating, identifying, assessing, and controlling risks in the design phase is sometimes referred to as design safety review. Z590.3 provides guidance on integrating this important tool into the design process. Some of the elements required by the standards include:
A designated lead person in the design safety review process.
A designated design review team of qualified and affected individuals.
Guidelines of performing design safety reviews and the methods used.
Safety requirements and specifications to be incorporated into designs.
Accountability of designers for adhering to established safety specifications in the design.
A management procedure for reviewing, approving, and documenting deviations as meeting an ALOR.
Certification verifying that the design safety review has been completed and signed by the lead design professional.
The standard also includes a summary of the design safety review process in Addendum E.
FIGURE 5 Alignment of ISO 31000:2018 and the ANSI/ASSE Z590.3 risk assessment process.
5.4 Hazard Analysis and Risk Assessment Process
At the heart of PtD is the hazard analysis and risk assessment methodology. A comparison between Z590.3 model and the ISO 31000 risk management process model is represented in Figure 5.
The elements and steps in the hazard analysis and risk assessment process as outlined in Z590.3 are briefly described in the following:
Management direction. Management leadership and direction is essential throughout the process. Policy and expectations must be set for planned designs and the achievement of an ALOR. Policy elements include establishment of risk criteria, ALOR, and analysis parameters; implementation of a risk assessment process; risk treatment using the hierarchy of controls; risk acceptance decision‐making; and communication, documentation, and follow‐up.
Risk assessment matrix. A risk matrix provides a means of measuring and comparing risks by categorizing combinations of likelihood of occurrence and severity of harm. Matrices are useful in communicating risk levels and treatment options with decision‐makers. Risk assessment matrices or other validated processes should be customized to the organization's and stakeholders needs.
Analysis parameters. Parameters, purpose, and scope should be well‐defined upfront to include the system or task to be analyzed, its context, boundaries and limitations, operating phase, resources, and affected stakeholders.
Hazard identification. Trained risk assessors skilled in a systematic approach to identifying, assessing, and treating hazards are required in the process. Assessors should have an understanding of processes, technologies, tasks, and materials as well as actions or inactions that could result in exposure. In addition, assessors should identify potential synergistic effects of combined hazards and those hazards that are unseen, or potentially created in the process.
Failure modes. Failure modes resulting from circumstances including reasonably foreseeable uses and misuses of facilities, materials, and equipment that cause hazardous situations should be taken into account. Existing controls should be evaluated for their effectiveness, reliability, and whether controls can be defeated or cause failures.
Severity analysis. An analysis of “credible” worst‐case consequences defined by Z590.3 as those having “the potential to occur within the lifetime of the system” should be considered. Information on the severity of injuries and illnesses, property/equipment values, potential business interruption, environmental damage, or market share loss should be gathered from historical data, industry experience, best practices, and other sources.
Occurrence analysis. An estimate of the likelihood or probability of