Common Safety Method for Risk Evaluation and Assessment
14
Common Safety Method for Risk Evaluation and Assessment Use the quick links below to navigate this booklet 1: The significance test Intro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
Transcript of Common Safety Method for Risk Evaluation and Assessment
Common Safety Method for Risk Evaluation and Assessment
Use the quick links below to navigate this booklet
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
The Common Safety Method for Risk Evaluation and Assessment (CSM RA) was introduced to harmonise the process for managing hazards in EU member states and to make it easier for assessments to be recognised between national authorities.
It was developed to reinforce the Safety Directive because it was believed that hazard management was not being consistently applied. The regulation remains in place in the UK post-BREXIT through the Rail Safety (Amendment etc.) (EU Exit) Regulations 2019, which came into force in January 2021.
The regulation introduces the idea of a Proposer, which is the entity responsible for the change. This could be any organisation making a change to the railway, such as:• Infrastructure managers• Railway undertakings• Entities in charge of maintenance• Manufacturers• An APIS applicant (Authorisation for Placing into Service)
The Proposer is responsible for implementing the CSM RA process.
2/142/14
About this guide
During summer 2020, more than 350 professionals from the UK rail industry joined a series of online briefings hosted by Ricardo Certification on the Common Safety Method for Risk Evaluation and Assessment.
At the end of each session our experts responded to the questions submitted by attendees. In this eBook we have included some of the answers that were provided.
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
Introduction CSM RA process
Contact us:Web: certification.ricardo.comEmail: [email protected]
How does CSM RA compare to the old ‘Yellow Book’?
“ The ‘Yellow Book’ described a process adopted by the UK industry
in the infancy of safety engineering as a discipline.
It largely focused on the Explicit Risk Estimation (ERE) route for hazard
management, with less emphasis on application of Codes of Practice
or Reference Systems.
CSM RA provides a more pragmatic approach.”
QWhat is the relationship
between CSM RA and ROGS?
“ The Rail Safety (Amendment etc.) (EU Exit) Regulations 2019 made
CSM RA a schedule under ROGS.
Note that CSM RA only applies to mainline railways.
ROGS has a wider scope. It includes trams, metros and heritage railways
and requires railway operators to maintain a Safety Management System.”
Q
3/143/141: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
Step one: The significance testCSM RA process
4/14
Is it a significant change?The first step is to decide if the change is ‘significant’.
The regulation stated that there are six factors which need to be considered:
• Failure consequence• Novelty• Complexity
Significant change?
NO
YES
Document justification
System Definition
• Monitoring• Reversibility• Additionality
If a change is considered ‘not significant’ is this the
end of the process?
“ Risk assessment activity will still be required, but the
process to be followed is at the discretion of the Proposer.”
Q
“ As it is project specific this up to you, but we suggest
storing it as part of your project documentation.”
Are there any specific requirements around
where the decision from the significance test is stored?
Q
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
Is As Low As Reasonably Possible (ALARP) deemed the
same as So Far As Is Reasonably Practicable?
“ A purist would say that there is a difference, however most people use
them interchangeably and so they are often considered to mean
the same thing.
SFAIRP is the term used in the Health and Safety at Work Act so the rail
industry is trying to move away from ALARP and use the term SFAIRP.”
Q
Is there a distinction between ‘Significant’ and ‘Major’?
“ Significant is a specific term within CSM RA referring to changes which
must follow Annex I in CSM RA and appoint an Assessment Body.
CSM RA does not use the term Major.”
Q
5/145/141: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
Step two: Define the systemCSM RA process
6/14
Define the systemIf it is a significant change you need to prepare a System Definition which sets out what the project is trying to achieve and how.
This will be the foundation for the hazard analysis activities, so it must have a complete description of the system, its interfaces, its boundaries and its intended functionality.
YES it is a significant change
System Definition
“ CSM RA does not apply to depots so there is no legal requirement to use it.
However, it does provide a good process for hazard management and so the
client is at liberty to include this in the contract.”
Should CSM RA be applied to depot works?
Q
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
7/14
The Assessment Body (AsBo) checks the application of the CSM RA process throughout
– but it is not just a tick-box exercise. We don’t just look at whether you follow
the process but are also required to look at the ‘results of the application of the process’
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
System Definition
Step three: Hazard identificationCSM RA process
8/14
Identify all the foreseeable hazards that could arise.
Filter risks that are so low that no further treatment of the hazards is required.
Hazard Identification
Hazard Classification
“ Hazard transfer is part of the CSM RA process.
The management of hazards cannot always be achieved by the Proposer
alone (eg maintenance and operational requirements) and therefore has to
be handed over. A formal process for transfer and acceptance of hazard
management is required.”
Are hazard transfer and acceptance factors to be
considered under CSM RA?
Q
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
If you are following as per CSM RA but not fully cognisant of all standards, whose job is it to
inform you of omissions etc?
“ It is the responsibility of the Proposer to identify all foreseeable hazards and determine which CoP(s)
best manage those hazards.
If the AsBo believes that the standard being proposed to manage a hazard is not suitable, an
observation will be raised and a recommendation given to use a more appropriate standard.”
Q
“ You are permitted, and encouraged, to use the CoP at the highest level.
But sometimes that is not enough and so you may need to amortise the CoP
into the individual clauses. But avoid doing so if you can.”
When using a CoP do you have to record the CoP used and clause in
the hazard log?
Q
Step four: Managing hazards CSM RA process
9/14
Codes of Practice (CoP)Manage the hazards
by referring to a standard or practice
Similar Reference SystemLike ‘cross-acceptance’,
it is proven to be safe and can be
applied again
Explicit Risk EstimationUsed for uncertain
aspects, involves analysis of severity, frequency
and risk
Three routes for dealing with hazards:
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
CSM RA – is not a single event but an iterative process of constant re-evaluation
of whether all hazards have been identified and whether all hazards are
being appropriately managed.
Step four: Managing hazards CSM RA process
10/14
Safety Requirementsie the safety measures to be implemented to
mitigate hazards
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
Codes of Practice (CoP)Manage the hazards
by referring to a standard or practice
Similar Reference SystemLike ‘cross-acceptance’,
it is proven to be safe and can be
applied again
Explicit Risk EstimationUsed for uncertain
aspects, involves analysis of severity, frequency
and risk
Three routes for dealing with hazards:
Evidence can be collated from a range of sources:1. Documentation such as Form Es to show
the as-built status2. Testing activities, such as a TC1 showing that principles
testing has been undertaken and is successful3. Commissioning activities
4. Photos of work undertaken at trackside5. Analysis reports
What evidence is typically required to demonstrate compliance?
Q
Demonstration of compliance with the Safety Requirements
Step five: Safety RequirementsCSM RA process
11/14
Proving we have done what we said we would do.
Safety RequirementsIn order to claim compliance, the project teams need to work with the safety teams to ensure the evidence is supplied.
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
“ The decision of whether a SAR is supportive is up to the AsBo and depends
on their view as to whether the project has complied with the CSM RA Regulation and
has implemented a safe system. ”
What determines if a Safety Assessment Report (SAR) is supportive or non
supportive? Is there any guidance?
Q
Article 16
Declaration by the Proposer
Based on the results of the application of this Regulation and on the safety assessment
report provided by the Assessment Body, the Proposer shall produce a written declaration that
all identified hazards and associated risks are controlled to an acceptable level.
Step six: Gaining authorisation CSM RA process
12/14
On completion of the CSM RA activities, the final stage is to submit the evidence to the appropriate bodies to gain authorisation to operate.
It is the Proposer’s responsibility to prepare a written declaration that all hazards have been managed to an acceptable level.
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice
Our advice CSM RA process
Engage with your Independent Assurance team They can help you recognise where the good work that you have already done has the applicability to satisfy the assurance process and help minimise the administrative burden.
Be aware of your duties under legislationCSM RA is law, and action could be taken against organisations or individuals who do not conduct themselves appropriately under legislation.
Communicate with all stakeholders Organisations such as the ORR like to hear about the great projects the UK railway is undertaking. Bring them on board early so that when your projects are submitted key stakeholders are already aware of them.
Understand your timescales and deliverablesThis is the heart of good project management. No one likes last minute changes, and it can harm reputations if it appears you do not know what the deliverables are or clear deadlines are missed.
Collaborate for success Transparency and openness between all parties will bring trust and efficiency to projects.
1: The significance testIntro 2: Define the system 3: Hazard identification 4: Managing hazards 5: Safety requirements 6: Gaining authorisation Our advice 13/14
