SCR Annex A Risk Log
FHA
(A) (B) (C) (D) (E) (H) (I) (J) (K) (L) (M) (A) (N) (O) (P) (Q) (A) (R) (S) (T) (U) (Y) (Z) (X)
ID # Function Identification Functional Assessment Hazard Description
(for safety significant functions) Casual
Factor Risk Substantiation Risk Category Initial Risk HRI Enduring Mitigations
(To eliminate or minimise the risk) Mitigation Responsibility Planned Applied By Date Residual Risk
(SFARP) HRI Interim Mitigations
(As required, to eliminate or minimise the risk) Risk Level with Applied Interim Mitigations
(SFARP) Design
Disclosure Verification Human Impact Factors Social Impact Factors Comments
Function Sub-Function Functional
Failure Phase/s
Safety Significant Function? Likelihood Consequence Risk Level Likelihood Consequence Risk Level Likelihood Consequence Risk Level
1 Electrical Safety components Other components stop working Operational - Unattended Yes Electrical components purchased are of low quality leading to failure of critical electrical systems Lack of understanding of manufacturing process
Counterfeit Parts used in manufacturing
Lack of supply chain management Previous suppliers in this sector have provided counterfeit parts
Safety reports issued on previous accidents / failures Performance Probable Catastrophic Very High E4 1. Elimination
- Redundant Systems
- Procure higher quality parts
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
-
5. Administrative Controls
-
-
6. PPE Electrical Engineers End of Week 2 Improbable Catastrophic Medium E2 1. Elimination
-
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
-
5. Administrative Controls
- Response processes upon failure detection
-
6. PPE
-
- Improbable Major Low Shop Drawings
Procedures
Design Documents Auditing
Inspections
Testing Fatalities
Family
Public Perception
Reputation of business and employees
2 Mechanical Diesel Plant Diesel Shut off systems fail to activate Operational - Unattended,
Maintenance Shutdown - Attended Yes Automated diesel generator systems fail to activate on the disesl generators upon shutdown command being passed from operator. Lack of understanding of shutdown process
Lack of system failure alerting
Lack of detail in safeguards to system design Previous notifications and defect alerts from supplier of automated systems
Previous experience from designers and operators Performance Occasional Moderate Low B3 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
- Engineer in a failsafe system to ensure the diesel systems shut down upon command
-
5. Administrative Controls
-
-
6. PPE Engineering End of Week 2 Improbable Moderate Very Low B2 1. Elimination
-
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
-
5. Administrative Controls
- Response processes upon failure detection
-
6. PPE
-
- Improbable Minor Very Low Detailed Design Documentation
Procedures
Testing
Auditing
Operational Testing Operator injury Operator Morale and confidence in the delivered system
3 Construction Scaffolding Construction scaffolding fails and causes collapse with construction operators Operational - Unattended Yes Scaffolding joins fail upon use past their inspection date and can cause collapse of scaffolding system. Resulting in fall from heights greater then 2.0m Use of out of date and out of inspection equipment Inspection reports suggesting prior use of equipment out of inspection date Safety Improbable Critical Medium D2 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
- Engineer in a failsafe system to ensure the diesel systems shut down upon command
-
5. Administrative Controls
-
-
6. PPE Site Safety Office
Site Inspection Officer End of Week 2 Rare Major Very Low C1 1. Elimination
- Utilisation of equipment that is in inspection date and serviceable
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
-
5. Administrative Controls
-
-
6. PPE Rare Moderate Very Low Test and Inspection Log / Reports
Development of inspection process
Planned Maintenance Procedures Testing
Inspection Falls resulting in injury to workers and su
ounding personnel
Reputation of business is damaged
4 Physical Security Site Security Criminal opportunity. Criminals obtain access to the worksite and theft of tools and equipment is experienced Operational - Unattended,
Maintenance Operational - Attended,
Maintenance Shutdown - Attended No Physical Security of the site not sufficient Security reports
Criminal intelligence reports from local police and security Performance Occasional Moderate Low B3 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
- Implement Security monitoring system and fencing to protect the site
-
5. Administrative Controls
- Implement security procedures to guard and protect the work site 24/7
-
6. PPE Site Manager End of Week 2 Improbable Major Low C2 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
5. Administrative Controls
- Implement security guards as a temporary measure until firmer security controls are implemented
-
6. PPE Improbable Major Low Site security and safety design
Site Security protocols Inspection
Morale impacted
Productivity impacted
Delays experienced Site and company reputation impacted
5 Site Security Threat from Protestors Protestors block the main entry and exit gates to the worksite Operational - Unattended,
Maintenance Operational - Attended,
Maintenance Shutdown - Attended No Protestors and Issue Motivated Groups intent on disrupting the work site and operations Security reports
Criminal intelligence reports from local police and security Performance Improbable Major Low C2 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
- Security system and Fencing
- Security Guards
- CCTV
5. Administrative Controls
- Security protocols
- Community engagement protocols and activities
6. PPE Site Safety and Security Manage
Site Manager End of Week 2 ERROR:#N/A No residual risk identified until end of week 2 implementation Security operating processes
Site security design documents Inspection
Decreased morale of staff
Work time lost
Reputational Damage Business reputational damage
Staff reputational damage
Community discouragement
Industry discouragement
6 Governmental External influencers De-scope or halting the project No Change of Government during project resulting in de-prioritising the program Change of Government
Change of public opinion of the project Reports from Federal, State and Local Government
Reports from end customer Environment Improbable Critical Medium D2 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
-
5. Administrative Controls
- Implement management and monitoring through regular engagement
-
6. PPE Executive Management
Project Management
Business Management End of Week 2 ERROR:#N/A No Residual risk identified Project Status reporting
Inspection of reports
Loss of sustained employment for staff
Degrade morale of staff Loss of economical gain for local community
7 Human Engineering Environmental Management System Environmental management system design Operational - Unattended Yes Poor design in Submarine environmental sustainment systems resulting in lower than expected endurance and higher long term risk to operator health Poor design process
System engineering process not followed
Initial Statement of Requirements not followed or defined
High level design not co
ect Reports from previous designs and lessons learnt Safety Probable Catastrophic Very High E4 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
- Engineer a robust design in the Environmental Monitoring and Management system
-
5. Administrative Controls
-
-
6. PPE Design Engineers End of Week 4 Improbable Critical Medium D2 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
-
5. Administrative Controls
- Implement strict peer review process
- Implement Documentation review and analysis of design
6. PPE Improbable Critical Medium Design Documents
Engineering Management Plan Inspection
Testing Significant impact on operators if poor design is implemented short and long term Reputation of business is damaged
Trust of customer is damaged
8 ICT Systems Onboard ICT Networking system ICT Network failure preventing systems from communicating and passing commands Operational - Unattended Yes ICT Network infrastructure installed on the submarine constantly fails which prevents reliant systems from communicating. This also causes additional systems from functioning co
ectly Poor network design
Poor requirement definition
Poor network components Previous Submarine design reports
Previous operator statements of account Safety Occasional Critical High D3 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
- Design a network that is robust and has an availability of over 99.98%
-
5. Administrative Controls
-
-
6. PPE ICT Designers
Electrical Engineers End of Week 3 ERROR:#N/A No residual risk identified
9 Hull Preservation Preparation and priming Exposure to chemicals Operational - Unattended Yes Preparation chemicals used in the submarine painting process pose a significant personnel, environmental and ozone risk if used inco
ectly causing permanent injury with a high probability of exposed workers contracting cancerous diseases after prolonged use and exposure. ERROR:#N/A 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
-
5. Administrative Controls
-
-
6. PPE ERROR:#N/A 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
5. Administrative Controls
-
-
6. PPE
10 Structural System Hull System Implosion of hull Operational - Unattended Yes Forged steel for submarine hull has been found to potentially develop microscopic stress fractures leading to decreased operating ability and potential catastrophic destruction of the submarine if operated within normal operating limitations Poor design process
System engineering process not followed
Initial Statement of Requirements not followed or defined
High level design not co
ect Previous design reports on similar systems
Previous reports on metal fatigue Safety Improbable Catastrophic Medium E2 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
-
5. Administrative Controls
-
-
6. PPE ERROR:#N/A 1. Elimination
-
2. Substitution
-
-
3. Isolation
-
-
4. Engineering Controls
-
5. Administrative Controls
-
-
6. PPE
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
ERROR:#N/A ERROR:#N/A
CLASSIFICATION Annex A to
Safety Case Report/Technical Risk Assessment
&8SOP (LSD XXXXXXXXXXTP03 v3.0 CLASSIFICATION
Page &P of &N Objective File Reference
Modems-IF
(A) (B) (C) (D) (E) (F) (G) (H) (I)
Hazard ID Hazard Description Effect of Hazard Risk Assessment Recommended Actions - HIRAC
(Enduring mitigations to achieve SFARP and
interim mitigation if required) Actions Applied By Who: Actions Applied By Date: Effect of Recommeded Actions Status
Risk Substantiation Likelihood Consequence Risk HRI Is the Risk assessed as SFARP when ALL Mitigations Agreed have been implemented? Residual Risk (SFARP) Concession or Other Description of Risk at Date of Signature
Likelihood Consequence Risk HRI
MS-001 Environmental impact Environmental Impact The likelihood is XXX because:
-
-
Consequence is assessed as XXX due:
-
-
Red Team: Red Team:
- Comment is place holder needs to be udpated.
- Cu
ent information in orginal Phar table and AECOM report is defficient is documenation risk substantation Unlikely
Red Team: Red Team:
These are assumptions only to derive the risk as identified in the AECOM Chair 1 report. No Likelihood and Consequence data was provided in the report Moderate
Red Team: Red Team:
These are assumptions only to derive the risk as identified in the AECOM Chair 1 report. No Likelihood and Consequence data was provided in the report ERROR:#REF! ERROR:#REF! Fuel room, fill point & generator plant to be bunded - consider bunding to meet standards. Consider requirements for pipework to mitigate risk of leakage. Small pipework distance. Note diesel pipework above ground - consider trip hazards, access, maintainability etc Yes Unlikely Minor ERROR:#REF! ERROR:#REF! Implementation of the identified actions means the risk is reduced to XXX
The consequence remains as XXX.
Other considerations:
-
-
-
Red Team: Red Team:
- Comment is place holder needs to be udpated, inncluding summary of other consideration as per the DID
Red Team: Red Team:
- Comment is place holder needs to be udpated.
- Cu
ent information in orginal Phar table and AECOM report is defficient is documenation risk substantation
Red Team: Red Team:
These are assumptions only to derive the risk as identified in the AECOM Chair 1 report. No Likelihood and Consequence data was provided in the report
Red Team: Red Team:
These are assumptions only to derive the risk as identified in the AECOM Chair 1 report. No Likelihood and Consequence data was provided in the report Open
Subsystem Key
MR - FDMA EBEM Modem Racks