Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
June 2011
1. 1.1.
1 2 2 3 4 5 5 7 8 8 8 9 13
1.
Introduction
1.2. Core concepts 1.3. Key definitions 1.4. Report of the Longford Royal Commission 2. 2.1. Planning and preparation Role of the sms
The major hazard facility parts of the Occupational Health and Safety Regulations 2007 (OHS Regulations) set out legal duties for control of risks from operating a major hazard facility (MHF). They apply to the operator of a facility who is the employer with management or control of the facility. To obtain a licence to operate an MHF in Victoria, operators are required to submit a Safety Case which sets out how the facility will be operated safely. This guidance note will assist an operator through the process of establishing and implementing a Safety Management System (SMS). The SMS is a significant part of the Safety Case as well as being the primary means of ensuring the safe operation of the MHF. The MHF regulations require the operator to establish, implement and use an SMS. The SMS should embrace all attributes of the facility affecting safe operation, over which the operator has direct or indirect control. These attributes may include: leadership; responsibilities; targets; planning; roles; culture; and the control measures for safe operation. Overall, each facilitys SMS needs to address prevention and control of all risks to health and safety. However, only those elements of the SMS that relate to prevention and control of major incidents are specifically relevant to the MHF regulations, and hence comments within this guidance note are directed to those aspects of SMS that have an influence on major incidents. The operator may have to develop a whole SMS, develop or modify parts of an existing SMS, or may adopt systems developed by others (eg industry bodies) and adapt these to be suitable to the specific facility. The MHF regulations do not prescribe a specific standard or model for the SMS, provided the system is capable of managing and maintaining the adopted control measures and its content meets regulatory requirements. The MHF regulations require that the operator continually improve the system through a process of monitoring, audit and review.
2.2. Ensuring a compliant sms 2.3. Workforce requirements 3. 3.1. The Safety Management System Required elements of the sms
3.4. Managing control measures within the sms 14 3.5. Performance standards for the sms 3.6. Summary of the sms for the Safety Case 4. 5. 6. Review and revision Compliance checklist Further reading 15 17 17 17 19
GUI0128/01/02.11
The MHF regulations do not prescribe any particular standard or model for the SMS. Each facility operator needs to implement a workable system appropriate to the particular facility, its potential major incidents and associated hazards, the adopted control measures and resultant level of risk. The SMS must be documented, and needs to be accessible and comprehensible to those who use it, to ensure that it is followed correctly and is understood. Documentation of the SMS will also enable the operator to test its implementation and assure its performance, and will enable WorkSafe to test the adequacy of the system and its implementation. A summary of the SMS must be contained within the Safety Case. The SMS should incorporate processes to identify, select, define, implement, monitor, maintain, review and improve the range of control measures on which safe operation depends. Errors, deviations and breakdowns in control measures and corresponding parts of the SMS need to be tracked under the SMS, to provide data on the actual safety performance of the facility. Performance standards must be used to facilitate this process. The SMS should be consistent with the safety management approach or philosophy at the facility, and the companys overall business management system, and applicable to the facility as a whole. Those responsible for the SMS should ensure it fully recognises the potential for major incidents at the facility, incorporates understanding of causes and contributors to major incidents and activates a commitment to effectively manage the associated risk. Management and workers need to participate in and understand the SMS. The SMS should incorporate the generic management system cycle of planning, implementation, monitoring, corrective action and review, so that safety is maintained and improved. The SMS should be subject to regular review and improvement. The processes for generating or reviewing a Safety Case should be incorporated into the SMS so that the Safety Case is a product of the established SMS.
Engineering controls
Operational/maintenance procedures
review
Realistic?
corrective action
Dynamic?
audit
Improving?
monitoring
implementation
Safety Assessment: A Safety Assessment process consistent with international risk assessment standards, including AS/NZS ISO 31000 Risk management. A Safety Assessment involves an investigation and analysis of the major incident hazards and major incidents to provide the operator with a detailed understanding of all aspects of risk to health and safety associated with major incidents, including (a) the nature of each hazard and major incident (b) the likelihood of each hazard causing a major incident (c) in the event of a major incident occurring (i) its magnitude and (ii) the severity of its consequences to persons both on-site and off-site (d) the range of control measures considered. Safety Management System (SMS): Comprises all policies, objectives, roles, responsibilities, accountabilities, codes, standards, communications, processes, procedures, tools, data and documents for managing safe operation of the facility. In the context of the MHF regulations, the SMS focuses on the prevention, reduction or mitigation of major incidents. The SMS is not just documentation but is the actual implementation of processes, systems, procedures and practices on the site.
So far as is reasonably practicable: To reduce risk to a level so far as is reasonably practicable involves balancing reduction in risk against the time, trouble, difficulty and cost of achieving it. This requires consideration of: (a) the likelihood of the hazard or risk concerned eventuating (b) the degree of harm that would result if the hazard or risk eventuated (c) what the person concerned knows, or ought reasonably to know, about the hazard or risk and any ways of eliminating or reducing the hazard or risk (d) the availability and suitability of ways to eliminate or reduce the hazard or risk (e) the cost of eliminating or reducing the hazard or risk. More information on so far as is reasonably practicable as applied to major incident risk is found in the Guidance note Requirements for demonstration. More information on key terms is found in other MHF guidance material available from the WorkSafe website and in the definitions of the OHS Regulations (reg 1.1.5).
providing sufficient knowledge of critical safe operating parameters, control measures, hazards, and potential major incidents? Management of change. Are changes to the facility, management systems, organisational structure and human resources analysed and their impacts on safety managed? Are Safety Assessment programmes keeping up with the intended assessment schedules and with plant changes? Learning from incidents. Are learning opportunities from near misses and other incidents being properly worked through, from analysis of root causes to communication of lessons and solutions? Does the incident reporting and investigation system facilitate learning or hinder it? Management of human resources. Are there adequate human resources for carrying out all safety roles? Is the management system actually devoting resource to where it is needed for safe operation? Is there an effective process for ensuring the necessary skills and resources are available at all times? Are handover requirements properly implemented? Are absences managed correctly? Is there adequate supervision of workers and checking of work, response to process information, adherence to procedures? Communications. Do communications ensure all relevant persons are aware of key process conditions, the status of control measures and other key issues? Do operating, engineering, maintenance and other departments communicate with each other, to use each others expertise, and to work together effectively to plan and ensure safe operation? Is there effective two-way communication to ensure senior management and workers are aware of problems and solutions? Are operational communications unambiguous or can they be misheard or misinterpreted? Are personnel making correct assumptions about safety critical issues? What level of checking or verification of communications and operational assumptions occurs? Plant surveillance, facility oversight, trouble-shooting. Is there any routine process for monitoring plant/ process condition and operational practices to identify abnormal and potentially hazardous conditions? Is process or equipment monitoring information used to identify underlying problems, evaluate trends and assist decision-making? Does any group or individual have an overview of the facility as a whole? Is there sufficient awareness of the potential for interactions between different equipment and installations within a complex integrated facility? Once a potentially significant process deviation develops, is there an effective and timely means of addressing the problem? Are there sufficient procedures, authorities, resources and expertise to step back, evaluate and control
the situation? Have all of the safety implications of abnormalities and deviations been thought through, and procedures developed accordingly? Are safety hazards spelled out alongside production issues in operating and trouble-shooting instructions? Recognition of critical safety control measures. Do operators and other workers recognise critical procedures, equipment or controls and the implications of their failure? Are steps taken to prevent overriding of these measures? Understanding significance of process information. Are operators able to understand the significance of the signals provided by the process and other monitoring systems regarding the state of the facility? Are all the necessary critical operating parameters known and their safe operating limits defined? Are critical alarms discernible from and prioritised over other alarms? Are operators able to respond to the information being generated by the facility during day-to-day and abnormal conditions, and make safe decisions? Do procedures ensure safe response to alarm and other abnormal conditions? Do operators have the necessary time, resources, support and ability to refer matters to additional expertise or authority if needed? Production demands. Could production demands potentially compromise the ability to operate safely? Is there sufficient time and capacity within the system to be able to limit or halt production on safety grounds? Do production demands result in short cuts being taken with critical control measures? Emergency response strategies, resources, procedures and communications. Is there a robust and practised emergency response plan which assists decisionmaking and reflects the scale, nature and duration of incidents that can occur? Is there an effective communications channel to ensure timely response? Are personnel clear on the roles they should adopt in the event of an emergency? Is there adequate understanding of the overall approach and strategy for firefighting? Are adequate resources available to carry out this strategy? Is there up-to-date information on the available inventory, isolation points and isolation priorities? Is a credible emergency isolation and shutdown strategy in place?
Corporate culture. Does the corporate culture lead to a challenging of norms? Is potential for corporate blindness recognised and guarded against? Is the operator prepared to test and revise their systems for safe operation? Do the communication and reporting systems encourage an open exchange of critical views and information? MHF operators should read the Longford report and other relevant incident reports (eg bp Texas City; Flixborough; Buncefield) and take account of the issues raised in the reports when establishing and implementing their own sms.
2.
corrective action
audit monitoring
implementation
The management system must manage and support those specific aspects of the facility and its operations that form the control measures adopted to prevent and control major incidents. The links between the management of control measures and the SMS need to be clear. There may be other health and safety issues (eg occupational exposure to chemicals or to noise) which are important and also managed through the SMS. Similarly, there may be other types of risk associated with the facility (eg production loss, quality loss, damage to the environment) which the operator wishes to manage through the same integrated management system. However these are not specifically relevant to the MHF regulations, and for the purpose of determining compliance with the MHF regulations, the SMS needs to have a specific and adequate focus on those control measures which have a role in relation to potential major incidents. For more information, see the guidance note Control measures. Some example control measures are:
design and construction standards and procedures process control and automation systems physical engineered devices which eliminate, reduce or mitigate major incidents corporate and individual knowledge of the facility and its safe operation culture, attitudes and values of the operator and workers in relation to safety organisation, supervision and resourcing of tasks and processes required to ensure safe operation, permit to work and equipment isolation procedures processes to maintain mechanical integrity of critical assets (testing, inspection, maintenance, replacement) operations/maintenance procedures needing to be performed in a certain manner to maintain safe operation procedures for procurement of devices, parts, raw materials and other commodities used in the process emergency plans and procedures.
These include: An SMS contains the right management elements and addresses the correct control measures but does not reflect how these control measures are managed in practice ie the elements exist but do not reflect reality An SMS contains the right management elements but manages the wrong control measures ie those not relevant to major incidents. An SMS addresses the appropriate control measures and reflects reality but does not have the appropriate management system elements to ensure proper monitoring and improvement of performance ie the SMS manages the controls but does not monitor or improve performance.
Engineering controls
Operational/maintenance procedures
review
standards and targets planning and prioritising The SMS management cycle assures (and improves upon) the necessary performance.
corrective action
audit
monitoring
implementation
Operational controls. Operational controls include all processes and procedures impacting on safe operation, for all modes of operation. Operational controls likely to be of particular importance at MHFs are the processes and procedures for operating plant and equipment; maintaining the integrity of that equipment; permitting work; starting up plant or commissioning; shutting down plant or de-commissioning; achieving safe isolation of equipment and controlling abnormal conditions. Operational controls should in particular include processes for identifying, handling and reducing or eliminating human error, such as procedural checks, error reporting, alarm handling procedures, fault-tolerant procedures and processes for improving compliance with procedures. Processes for compliance with divisions 3 and 5 also need to be included in the SMS eg procedures for carrying out hazard identification and Safety Assessment and for consulting with health and safety representatives (HSR). Management of change. This is an essential element of a robust and comprehensive SMS, as changes can introduce new major hazards or potential major incidents, or can increase the risk arising from existing hazards. There needs to be effective management of all changes in the facility (past, present and future), including operational, organisational, procedural and equipment changes. This subject is addressed in more detail in the guidance note Management of change. The MHF regulations note that a modification to the facility could create a new hazard or increase the likelihood or consequences of major incidents, and therefore requires review and revision of hazard identification, major incidents, control measures and Safety Assessment. The MHF regulations also require a review and, if necessary, a revision of the SMS if a modification is made to the MHF. Hence management of change needs to track changes to the facility, the control measures and the SMS itself, and then trigger reviews and revisions as necessary. This is to ensure that the SMS as a whole is monitored and revised so that it continues to be applicable and appropriate to the facility. Modifications with potential to erode the effectiveness of the SMS, either due to obsolescence or mis-application of parts of the SMS, need to be avoided.
Figure 3.1 Management of change within the SMS Policy and objectives Standards Resourcing Training Culture
Improvement/corrective action
Audit Review Incident reporting Investigation Records and drawings Knowledge base
Supervision Troubleshooting Operational procedures Maintenance systems Process condition data Existing controls Managing current conditions and variations
Hazard identification New controls Emergency response plans Safety Assessment Modification projects Plant condition monitoring Anticipated future intended or unintended changes and events
Principles and standards. These can include any documents or concepts used as the basis for ensuring safe operation. These should be consistent with the sites Safety Case approach and can include technical, engineering or management principles developed or applied by the operator. Examples include principles for management of human factors; standards for development or implementation of operating procedures; design principles for control rooms and alarm systems; engineering design standards; fire protection standards; maintenance standards; loss control principles; layers of protection and process control systems design basis. Monitoring, audit and review. Monitoring comprises the routine checking that activities under the SMS are actually being conducted, the measurement of actual performance of the SMS elements and the comparison of this performance with the defined standards or targets. Audit is the process of checking that the overall established SMS is understood and is being used, and that the management framework (in particular the monitoring and corrective action processes) is being implemented and is effective. It can also include evaluation of the degree of compliance against the defined standards. Both quality
control and quality assurance are necessary as part of these processes: that is, checks are required that activities occur, that the activities are being performed to a suitable standard; and that the systems, procedures, controls etc are achieving the desired results. Review is the regular but less frequent process of stepping back and asking if the entire system and the standards within it remain adequate, fit-for-purpose, and in-line with current good practice. A combination of monitoring, audit and review is necessary to ensure the ongoing effectiveness of the SMS and to drive continual improvement. Reporting and investigation of hazards and incidents are important aspects of safety management and need to be included within the operational controls and/or the processes of monitoring, audit and review.
on competency, information, knowledge and training to support the workers in this role. Alternatively, if the operator emphasises the strict adherence to systems and procedures, there may be less emphasis on worker elements and more emphasis on written procedures and ensuring compliance with these procedures. Another example would be an operator reliance on engineering controls, so the SMS may emphasise maintenance and design standards rather than operating procedures. It is unlikely that such differences would result in any basic elements being absent but a different balance of emphasis should be discernible from the Safety Case philosophy.
Examples of modern SMS standards applicable to control of major hazards are: AS/NZS 4804:2001 Occupational health and safety management systems General guidelines and AS/NZS 4801:2001. Occupational health and safety management systems Specification American Petroleum Institute, API 9100 (1998), Model Environmental Health and Safety Management System and Guidance Document US OSHA 3132/3133, Process Safety Management AIChE/CCPS, Guidelines for Implementing Process Safety Management Systems UK Health and Safety Executive HSG65, Successful Health and Safety Management Figure 3.2 shows some examples of standards that may be relevant, taken from the American Occupational Safety and Health Administration (OSHA).
Process safety information Workplace and process hazard analysis, consultation and action planning Responsibilities and participation of personnel Written operating procedures for all operating phases and limitations Permit system Compliance auditing Employee and contractor safety information and training Mechanical integrity evaluation and maintenance systems Quality assurance for design, fabrication and installation Emergency planning and training Pre-start up safety reviews Management of change procedure Incident investigation
10
Some companies, in particular operators of multiple sites, may have corporate standards for the SMS. These may prescribe the entire SMS or only common high-level components such as the overall policies and procedures. In other cases, corporate SMS requirements may be limited, and the site will then need to develop its own systems. Many corporate systems specify that local regulations override corporate requirements if they are more stringent. Depending on their corporate requirements and business culture, some companies may employ specific, dedicated management systems for individual issues such as health
and safety, quality, production, environment and finance (see Figure 3.3 for example). Other companies may employ integrated management systems for the business as a whole. It is up to the operator to choose how the SMS is structured. However, in all cases the SMS must provide a management focus on the specific control measures required for safe operation of the particular facility with regard to major incidents. Any corporate or standard management system should be tailored and/or supplemented to reflect the specific conditions and control measures of the facility.
Figure 3.3 API Model Environmental Health and Safety Management System
Corporate vision policy management commitment Adjust Management review and adjustment Continual improvement Plan Management leadership, responsibilities/accountabilities Risk assessment/management Assess EHS performance monitoring and measurement Incident investigation, reporting and analysis EHS management system Audit Do Personnel, training and contractor services Documentation and communications Facilities design and construction Operations, maintenance and management of change Community awareness and emergency response Continual improvement Compliance and other requirements EHS management planning and programs
11
Major incident risk requires a more disciplined approach to the management of risks than common OHS risks due to the inherently lower frequency of major incident type hazards. This is to ensure control of these hazards is not overshadowed by more frequent but less severe hazards. While there may be some overlap between the different types of risk, a specific and targeted focus on major incident risk management is required for all facilities. Whatever SMS basis is used, WorkSafe expects that the operator will document the basis of the SMS and show that it provides this focus and is appropriate to the specific facility. If an integrated management system, which addresses a range of issues, is presented, the operator will need to
Figure 3.4 Fit for purpose SMS
Inherent risk of facility
demonstrate that major incident safety issues are not being neglected or obscured by other issues like keeping the plant running and controlling routine emissions. Conversely, if a management system specific to major incidents is presented, there needs to be a demonstration of the ability of the operator to implement this alongside other management systems. The intent of the MHF regulations is not to create an overly complex system relative to the nature of the facility, as this may divert attention from the fundamental activity of managing safe operation, but to develop and implement a system that is fit for purpose (see Figure 3.4), reflects the complexity and risks inherent in the facility and achieves the basic requirements outlined in the MHF regulations.
High risk
Low risk
12
disabled. Hence the SMS needs to ensure that the control measures work together effectively as a whole, in particular that they do not conflict with each other, and hence provide layers of defence. Furthermore, to ensure that the core elements of the SMS work together effectively, communications and actions should be linked and consistent throughout the SMS. For example, if monitoring indicates that there are problems in implementation of a particular procedure, this should be reflected in the corrective action processes. The SMS should provide a communication, decision-making and action process which is on the look-out for interactions within the system which could combine to cause major incidents. The MHF regulations require the SMS to be accessible, comprehensible and documented. For the SMS to be accessible, the contents, layout, format and location of the SMS should enable all workers who use the SMS to access the parts they need, so that they understand the relevant SMS requirements before carrying out any safety critical task. The SMS should be written in such a way that the users of the SMS can understand it and exactly what is required to implement it. All critical information and decisions should be documented sufficiently to provide an audit trail which enables both the organisation and WorkSafe to be satisfied that the SMS is functioning effectively and is being implemented in practice. The SMS should be applicable facility-wide. Priority levels within the SMS for different parts of the facility, and different risks, should be determined by their relative importance to safe operation. However an SMS which neglects entire components of the facility may be flawed. The SMS should be realistic and should reflect the actual practices on the facility. The SMS is not purely an OHS documentation activity. It should incorporate the wide range of human culture issues, commitment levels, attitudes and communication and control processes, any of which can have a profound effect on the risk of major incidents. All workers and management who have a role in safety participate in and influence this broad system. The MHF regulations stipulate that establishing and implementing the SMS must be the subject of consulting, informing, instructing and training of workers to ensure that the final SMS is realistic. Any systematic difference between the SMS and actual practices on the facility may be a major flaw in the safe operation of the facility. However, occasional divergences or non-compliance events may arise because of the complexity of some operations. These do not indicate failure of the SMS, as long as they are monitored and corrected (whether correcting the practice or modifying the system).
13
The SMS should be dynamic . An SMS that does not adapt to changing conditions at the facility will not retain the ability to ensure safe operation and will lead to deterioration in safe operations. As well as monitoring and reactively responding to changes, the SMS should be proactive by setting goals and forcing necessary change on the facility. An important aspect of a dynamic SMS is that it is able to accommodate and learn from any variability or change in the facility which may require workers to take action above and beyond established working procedures and instructions. This is a crucial point which relates back to the safety management approach and workplace culture: the SMS does not necessarily need to override workers taking initiative and making adjustments in the face of developing events within the facility if that is required to ensure safe operation. The SMS should however support and adapt to this way of working and this should be reflected in the defined responsibilities and working procedures. The SMS should not be such as to prevent the worker from being able to recognise and deal with unexpected circumstances. Continual improvement is required in all aspects of the SMS. This may mean improving actual safety performance by more diligent application of existing systems or it may mean improving the system to improve performance or to cater to new hazards which have been introduced. Ensuring continual improvement requires performance standards and indicators for the SMS itself.
Figure 3.5 Decision-making and resource allocation within the SMS
Safety Assessment
Control measures
SMS
14
The priority elements within the SMS at any time may include a set of issues which require ongoing attention and resources, and a set of new issues which have arisen or may be about to arise which require attention. MHFs are expected to rely on a number of different control measures which have an influence on safe operation. The relative priorities of these will change from time to time as management effort takes effect, existing key concerns are brought under control, conditions in or around the facility alter and new knowledge or problems arise. As a result there will be a variety of control measures managed under the SMS, with control measure improvements identified and given priorities under the SMS. The improvement priorities will change over time, as specific improvements are implemented, existing problems resolved and new problems and improvement opportunities identified. The SMS should identify the changing priorities for safety management/improvement based on the Safety Assessment process.
operator to have performance standards for measuring the effectiveness of the SMS. These need to relate to all aspects of the SMS. Performance standards should be of sufficient detail and transparency to enable the effectiveness of the SMS to be apparent from the documentation. They should be defined in such a way as to provide a meaningful measure of effectiveness. For the purposes of continuous improvement of the SMS, there should also be processes and measures designed to identify and implement improvements to the system itself. A comprehensive set of workable SMS performance standards appropriate to the facility will be necessary. Performance standards can be defined at a high level for the system as a whole, and at a lower level for individual elements of the system. The standards could include both the current required level of performance, and also a target level to be achieved within a specified timeframe. Operators should consider the principle of SMART (Specific, Measurable, Achievable, Realistic, Targeted) in defining performance standards. Operators should also consider using a combination of performance standards which include both proactive standards (ones that measure the activities or inputs of the organisation to managing safety) and reactive standards (ones that measure the outputs or actual performance achieved).
Selection, design, modification etc in accordance with company standards. Equipment tested to schedule. Audits of the above processes completed to schedule.
15
Mechanical assets inspected and tested to schedule. Temporary/interim repairs replaced with permanent repair to schedule. Reported mechanical defects corrected to schedule. Audits of the above processes completed to schedule.
Procedures A system is in place for the development, implementation and review and revision of effective operating and maintenance procedures.
Procedures issued and reviewed and revised to schedule. Audit of the above processes.
Training A system is in place to ensure employees have necessary skills and knowledge to effectively do their job.
Management of change (MOC) A system is in place for the management of temporary and permanent changes.
16
It is important to establish standards and systems that are practical, and which ensure open, comprehensive and accurate reporting of errors or problems. This means the systems should not place an unworkable burden on workers, or result in repercussions that may discourage open reporting. The SMS should enable the operator to look into the detail of the performance monitoring information and decide if an absence of evidence of problems really is indicating high performance, or whether there is a breakdown in recognition or communication of problems.
summary of the links between the SMS, hazard identification, Safety Assessment and adopted control measures. The SMS matters listed in schedule 12 are additional to the above.
5. Compliance checklist
Table 5.1 contains information on the MHF regulations as they relate to SMS.
Section
Reg 5.2.5
Requirement
The operator of an MHF must establish and implement an SMS for the MHF. The operator must use the SMS as the primary means of ensuring the safe operation of the MHF. It must be documented and provide a comprehensive and integrated management system for all aspects of risk control measures adopted under this part. The SMS must be readily accessible and comprehensible to persons who use it. The SMS must contain the safety policy, the operators broad aims in relation to safe operation and the operators specific safety objectives. It must describe the systems and procedures for achieving these, and must describe how the operator intends to comply with divisions 3 and 5 of the MHF regulations. The SMS must be reviewed and, if necessary, revised if a modification is made to the MHF or a major incident occurs at the facility and, in any event, at least once every five years.
The operator must develop a role for the operators employees including the specific procedures employees are required to follow to assist the operator to (d) establish and implement an SMS. The Safety Case must contain a summary of the content of the SMS, and must be sufficient to demonstrate that the SMS provides a comprehensive and integrated management system of risk control measures in relation to major incident hazards and major incidents. The Safety Case must include a signed statement by which the operator certifies that the summary of the SMS is accurate and that persons who participate in the implementation of the SMS have the necessary knowledge and skills to enable them to undertake their tasks and discharge their responsibilities in relation to the SMS.
Reg 5.2.18
The operator of an MHF must consult in relation to (d) establishing and implementing an SMS.
17
Reg 5.2.19
The operator of an MHF must provide information, instruction and training to employees of the operator in relation to (d) the content and operation of the SMS. The information, instruction and training is monitored, reviewed and, if necessary, revised in order to remain relevant and effective. WorkSafe may suspend or cancel an MHF licence if it is satisfied in the case of an MHF that the SMS for the MHF no longer provides a comprehensive and integrated management system for all aspects of risk control measures adopted in relation to major incident hazards and major incidents. The SMS must incorporate the following: The safety policy and safety objectives, including the means of communicating these and an express commitment to ongoing improvement of all aspects of the SMS. Description of the organisation and personnel, including identification of persons participating in the SMS, their responsibilities and accountabilities, the means of ensuring they have the necessary knowledge and skill, and the command structure. Description of the operational controls (whether technical, organisational or managerial). The procedures for safe operation of plant, for mechanical integrity, for plant processes, and for control of abnormal and emergency activities. The provision of means of isolation for servicing and maintenance, and in emergencies. The roles of personnel, and of the interfaces between plant and personnel. Provision for alarm systems. Description of the means of compliance with divisions 3 and 5 of the MHF regulations. Processes for management of change. Principles and standards for design and operation. Processes for performance monitoring of the SMS and of adopted control measures. Processes for audit, in particular of performance against standards.
Reg 6.1.44
Schedule 10
Schedule 12
The Safety Case must contain clear references to the documented SMS. It must also contain a description of those parts of the documented SMS that address the maintenance of the SMS (that is, its ongoing effective implementation and its ongoing improvement).
18
6. Further reading
UK HSE (1998), HSG65, Successful Health and Safety Management. UK HSE (1999), HSG48, Reducing Error and Influencing Behaviour. NSW Department of Infrastructure, Planning and Natural Resources (August 2004), (Consultation Draft) Major Industrial Hazards Advisory Paper No. 4 Safety Management Systems. US Department of Labour, OSHA Standard CFR 29 1910.119, Process Safety Management. American Petroleum Institute (1998), API 9100A, Model Environment, Health and Safety Management System. American Petroleum Institute (1998), API 9100B, Guidance Document for Model EHS Management System. American Petroleum Institute (1990), API RP750, Management of Process Hazards. American Institute of Chemical Engineers, Center for Chemical Process Safety (1994), Guidelines for Implementing Process Safety Management Systems. Australian Standard, AS/NZS 4804:2001 Occupational health and safety management systems.
Further Information
Contact the WorkSafe Victoria Advisory Service on 1800 136 089 or go to worksafe.vic.gov.au
19