Beruflich Dokumente
Kultur Dokumente
FOR ENGINEERING
STUDENTS
AN EDUCATIONAL RESOURCE
FOR UNDERGRADUATE
ENGINEERING STUDENTS
SAFE DESIGN
FOR ENGINEERING
STUDENTS
AN EDUCATIONAL RESOURCE
FOR UNDERGRADUATE
ENGINEERING STUDENTS
MARCH 2006
© Commonwealth of Australia 2006
This work is copyright. This resource has been developed and designed
to be reproduced for use in classroom and other educational activities.
The following citation should be used: ASCC (2006) Safe Design for
Engineering Students.
You may download, display, print and reproduce this material in unaltered
form only (retaining this notice) for your personal, non-commercial use
or use within your organisation. Apart from any use as permitted under
the Copyright Act 1968, all other rights are reserved. Requests and
inquiries concerning reproduction and rights should be addressed to
Commonwealth Copyright Administration, Attorney General’s Department,
Robert Garran Offices, National Circuit, Barton ACT 2600 or posted at
http://www.ag.gov.au/cca
>>>>
FOREwORD
The Australian Safety and Compensation Council The priorities are to:
(ASCC), formerly the National Occupational
> reduce high incidence and high severity risks,
Health and Safety Commission (NOHSC), leads
and coordinates national efforts to prevent > improve the capacity of business operators and
workplace deaths, injury and disease in workers to manage OHS effectively,
Australia and aims to improve national workers’ > prevent occupational disease more effectively,
compensation arrangements and return to work of
> eliminate hazards at the design stage, and
injured employees.
> strengthen the capacity of government to
Through the quality and relevance of the
influence OHS outcomes.
information it provides, the ASCC seeks to influence
the awareness and activities of every person and This resource package has been developed to
organisation with a role in improving Australia’s support the priority – eliminate hazards at the
occupational health and safety (OHS) performance. design stage – of the National OHS Strategy 2002-
2012 and builds on previous educational resources
More specifically, the ASCC aims to:
developed by the National Occupational Health and
> support and enhance the efforts of the Safety Commission (NOHSC).
Australian, State and Territory governments to
The Office of the ASCC acknowledges the
improve the prevention of workplace deaths,
assistance of all the persons and organisations who
injury and disease,
contributed to this resource package, in particular:
> work in alliances with others to facilitate the
> Robert McLaughlan (University of Technology,
development and implementation of better
Sydney)
preventative approaches, and
> Helen McGregor (University of Technology,
> ensure the needs of small business are
Sydney)
integrated into these approaches.
> Craig Scott (University of Technology, Sydney)
The National Occupational Health and Safety (OHS)
Strategy 2002-2012, which was endorsed by the > Prue Howard (Central Queensland University)
Workplace Relations Ministers’ Council on 24 May
> Yvonne Toft (Central Queensland University)
2002, records a commitment by all Australian, State
and Territory governments, the Australian Chamber > John Culvenor (Consulting Engineer)
of Commerce and Industry and the Australian > VIOSH Australia (University of Ballarat)
Council of Trade Unions, to share the responsibility
of ensuring that Australia’s performance in work- The Office of the ASCC is committed to reviewing
related health and safety is continuously improved. this document within 12 months of publication
and incorporating any examples, case studies or
The National OHS Strategy sets out five ‘national other comments provided by engineering educators
priorities’ to achieve short-term and long-term during that time.
improvements.
Design is a fundamental engineering activity, and This resource is relevant to engineering students
engineers are frequently engaged in the design, from a wide range of discipline areas as well as
development and creation of new or improved to engineering educators who are not experts in
products, processes, systems and services. occupational health and safety. It provides some
basic principles of OHS and integrates these with
Quality and safety in design should be fundamental
concepts of engineering design. The activities are
engineering concerns, not only because a tenet
designed to help engineers develop their capacity
of our Code of Ethics is to ensure the wellbeing
to meet their OHS responsibilities as well as their
of the community, but also because it makes
professional engineering competencies. In this
good engineering sense to develop products,
regard, engineers need to:
processes and systems that ensure our profession’s
continued existence and reputation. Engineers have a. Have a knowledge of workplace hazards and
a professional and legal ‘duty of care’ to design their harmful effects, especially where these
products, processes and systems that are as safe as are not self-evident (e.g. the industrial hygiene
is reasonably practicable. topics of noise, heat, chemicals, radiation).
Safe Design is concerned with eliminating hazards b. Understand common law, statutory OHS
at the design stage or controlling risks to health requirements, responsibilities and penalties.
and safety as early as possible in the planning
c. Understand the risk management process,
and design of products, process or systems and
including risk analysis techniques and typical
items that comprise a workplace, or are used or
industry practices used to control the harmful
encountered at work.
effects of hazards, for example, permit to work
Safe Design is also good business in that if you can systems, personal protective equipment (PPE).
identify and correct design flaws early in the life
d. Understand the principles of designing to
cycle, it is much less costly than trying to remedy
minimize human error.
them later, and essentially a more effective product
exists for the entire product life cycle. e. Be aware of how design can impact on reliability,
safety (environment and people) and unwanted
Engineers, therefore, need to learn some of the
capabilities.
basic principles of Occupational Health and
Safety (OHS) and understand how they apply to f. Be aware of sources of information relating
professional engineering design. In their roles to OHS, e.g. ASCC (formerly NOHSC), State
as decision-makers and designers, they need to WorkCover/WorkSafe Authorities.
understand how to manage risk and apply those
principles to technological projects including
their human interfaces. This resource has been
developed to help meet those needs.
- Increase engineering educator awareness > Level 2: Safety Adaptation: Adapt subject
amongst your Faculty staff about the need for and materials
Safe Design and the availability of resources - Integrate Safety into an existing Technical
> Safe Design Champion Design activity through using the Safe Design
and Build activity (Section 2.3 of Part 2A) and
- Recognise safety as inherently part of providing student support through the Safe
Engineering education and explicitly Design: Concepts, Principles & Tools (Part 1).
acknowledge safety as an ability of your
AN EDUCATIONAL RESOURCE
FOR UNDERGRADUATE
ENGINEERING STUDENTS
>>>>
1.1 SAFETy pRINCIpLES
1.1.1 wHAT DOES IT MEAN TO bE SAFE? > Society is also much more aware of incidents of
‘accidental’ death and is demanding that life be
To be safe means to be free from the risk of harm,
made safe.
however, nothing in life is completely safe.
> Safety has always been considered an important
As engineers, we have a professional and legal ‘duty
part of ‘safety critical systems’ such as nuclear
of care’ to ensure that all our designed products,
power, aviation and military applications
processes and systems are as safe as is reasonably
and much attention has been given to these
practicable. That means that we must understand
applications. With the increased use and
the risks inherent in our technology and its human
pervasiveness of technology in our lives there is
interfaces, and we must design systems that ensure
an increased awareness of the need to focus on
a ‘reasonable’ level of safety for all those who
safety across all engineered products.
interact with those systems now and in the future.
That is a real challenge!
Some Design Related Safety Statistics
The 650,000 occupational injuries and illnesses
1.1.2 wHy FOCUS ON SAFETy? sustained annually in Australia costs the economy
at least $20 billion a year.
There are a number of issues that have caused us
to be more concerned with safety than we have in A research report revealed that for the period 1 July
the past. A few of these issues are described below: 2000 to 30 June 2002:
> Technology is becoming more complex and > 77 workplace deaths can be attributed to poor
there are increased risks associated with human design, this is 37% of all workplace fatalities;
interaction and technology. > 13 of these fatal incidents (16.9%) were
> The complexity of many designed products associated with roll-over protective structures
makes it difficult to identify hazards because (ROPS), 10 of these incidents involved tractors
of the inter-relationship between products, – 5 associated with ROPS and 5 being run over
processes and systems. by the tractor;
> Complex systems may have latent faults > 11 deaths (14.3%) involved design issues
which may not be apparent in the individual relation to guarding – 6 of these involved fixed
elements of the systems but which can lead machinery in which some one became trapped,
to serious risks when the individual elements 3 involved augers or associated power transfer
are combined. shafts, and 2 involved other equipment;
> Workers and operators are often remote from > 9 workers were electrocuted in circumstances
the processes they control and have lost the where residual current devices did not appear
added sensory inputs that warn of danger. As a to be present; and had they been present
consequence of automation, they may also have would have been expected to have prevented
lost the skills necessary to take corrective action the fatality;
in emergencies.
In response to societal demands for safer products > other groups who can influence design
and workplaces, governments, businesses, decisions, such as developers, builders,
engineers and others who are involved in innovation owners, insurers, project managers, purchasers,
are requiring that safety be a fundamental principle clients, OHS professionals, human factors and
in design. The concept of Safe Design attempts to ergonomics practitioners; and
achieve that objective. > suppliers (including manufacturers, importers,
Safe Engineering Design is a process defined as plant-hire), constructors, installers and trades/
the integration of hazard identification and risk maintenance personnel.
assessment methods early in the engineering
design process to eliminate or minimize the risks Life cycle of designed products
of injury or damage throughout the life of the item Safe Design requires an understanding of the each
being designed. The concept encompasses all stage in the life of a designed product, starting with
engineering design including facilities, hardware, the initial conception and continuing through to
systems, equipment, products, tooling, materials, the point where the product no longer affects its
energy controls, layout, and configuration.1 environment.
A safe design approach begins in the conceptual It is more costly to retrofit or modify existing
and planning phases; with an emphasis on making products to achieve safety than it is to ‘design out’
choices about design, methods of manufacture hazards early in the product development. By
or construction and/or materials used which identifying hazards and managing risks as early
1 Modified from Christensen and Manuele (Ed.) Safety Through Design: Best Practices, National Safety Council, 1999
2 This section on Injury and disease causation – a discussion has been prepared by J Culvenor for the Office of the ASCC, October 2005.
3 Kletz, T. 1991, Plant Design for Safety: A User-Friendly Approach, Hemisphere, New York.
f see Section 1.4.10: Safe Engineering Design Safe Design is required for accreditation and
Toolkit*: Code of Ethics professional engineering certification
> All undergraduate engineering courses
Safe Design is a sustainable in Australia must be accredited by their
engineering practice professional association, Engineers Australia,
> Engineering professional standards embrace the in order for their graduates to be recognised
concept of sustainability, with an expectation as engineers. Engineers Australia has set
placed on practising engineers to ensure that criteria that engineers must meet as part of
their work strives to improve the quality of life accreditation. Professional Engineer Stage 1
for this generation and future generations. The competency corresponds to completion of a 4-
holistic concept of sustainability stands on year Bachelor of Engineering degree accredited
the three key integrated pillars of economic, by Engineers Australia.
environmental and social sustainability. Many of these Stage 1 competencies require
> Engineering practitioners have traditionally the enabling skills of risk management, lifecycle
considered the economic issues, and in the concepts and engineering design that Safe Design
last decade, environmental issues have been seeks to develop. However some of these criteria
accepted as issues of increasing importance. require engineers to have abilities in relation to
Now, engineering as a profession is concerned Safe Design;
with technology and its human interfaces,
PE2.2 Understanding of social, cultural, global,
and so it must also focus on societal needs.
and environmental responsibilities and the need
Where does safe design fit in this equation?
to employ principles of sustainable development
By considering safety throughout the entire
- Appreciation of the interactions between
life-cycle of designed products, engineering
technical systems and the social, cultural,
designers can ensure that their developments
environmental, economic and political context
are safe from conception through to disposal,
in which they operate, and the relationships
thus ensuring the well-being of current and
between these factors
future users
- Appreciation of the imperatives of safety and
Safe Design is a national priority of sustainability, and approaches to developing
and maintaining safe and sustainable systems
> The National OHS Strategy (2002-2012),
developed by members of the National - Appreciation of the nature of risk, both of a
Occupational Health and Safety Commission technical kind and in relation to clients, users,
(NOHSC) and endorsed by the Workplace the community and the environment
Relations Ministers’ Council, has a vision to have
Australian workplaces free from death, injury
and disease. To achieve this ideal goal, one of
the national priorities is to eliminate hazards
The basic framework supporting Safe Design The latter includes contractors and those who
consists of laws and regulations enacted through design, manufacture, import, supply or install plant,
governments and management processes equipment or materials used in the workplace.
enacted through business and professional Engineers, therefore, have a duty of care.
standards that guide the conduct of members of
Duty of care places into a legal form what is a
professional groups.
natural moral duty to anticipate possible causes of
injury and to do everything practicable to remove or
minimise these hazards. For employers, this means
1.2.1 LEGAL & REGULATORy FRAMEwORk providing safe premises, safe plant and equipments
Society exerts its demands for a safe environment and safe work systems.
through its government and regulatory systems.
Employees also have OHS duties and
Laws balance the interests of individual citizens,
responsibilities for the safety of themselves and
businesses and corporations with the needs of the
fellow employees. Under OHS legislation employees
nation or state as a whole. The Commonwealth
have two major duties, firstly not to endanger their
government has a responsibility to ensure that
own or others’ health and safety through any act, or
there is an overall national framework that ensures
their failure to act, and secondly they are required
safety, while the states and territories have the
to cooperate with measures introduced to protect
responsibility for making laws about health and
their own and others’ health and safety.
safety and for enforcing those laws.
Reasonably practicable means that you must
Each state and territory has a principal Occupational
demonstrate that you have done your best within
Health and Safety Act, which sets out requirements
the constraints of a business environment and in
for ensuring that workplaces are safe. These
the eyes of the law. When applied to occupational
requirements include the duties of different groups
health and safety, this concept refers to an
of people who play a role in workplace health and
objectively reasonable response to a hazard. In
safety and are known as ‘duty of care’.
doing this, a number of factors need to be taken
into account to determine what would be reasonable
What is ‘Duty of Care’?
and practicable. These factors include4:
Duty of care requires everything ‘reasonably
- Nature and severity of the hazard;
practicable’ to be done to protect the health and
safety of others. This duty is placed on: - Knowledge of the severity of the hazard;
> any others who have an influence on the - Common standards of practice; and
hazards in a workplace. - Cost of solutions.
8 Luntz, H. & Hambly, D. 2002, Torts:Cases and Commentary, 5th edn, Lexis Nexis Butterworths, Chatswood, New South Wales.
9 [1932] AC 562 at 599. (Also Brooks p 219)
10 Kellam (2000, p. 205) cites Malfoot v Noxal Limited (1935) 51 TLR 551.
11 Kellam (2000, p. 206) cites: Hindustan Steam Shipping Limited v Siemens Bros & Co Limited (1955) 1 Lloyds Rep. 167; Australian Shipbuilding Industries (WA) Pty Limited v
Packer (unreported FC SCWA 11/2/93, 192 of 1991.
12 Kellam (2000, p. 206) cites: Helicopter Sales (Australia) Pty Limited v Rotor-Work Pty Limited (1974) 132 CLR 1; Fletcher v Toppers Drinks Pty Limited (1981) 2 NSWLR 911; Grant v
Australian Knitting Mills (1936) AC 85.
13 Kellam (2000, p. 206) cites: Vacwell Engineering Co Limited v BDH Chemicals Limited (1971) 1 QB 88; Devilez v Boots Pure Drug Co (1962) 106 SJ 552; Todman v Victa (1982) VR
849; Norton v Streets Ice Cream (1968) 120 CLR 635; Thompson v Johnson & Johnson Pty Limited (1989) Aust Tort Reports 80-278; H v Royal Alexendra Hospital for Children (1990)
Aust Tort Reports 81-000.
14 Kellam (2000, p. 206) cites: British Charter Co of South Africa v Lennon (1915) 31 LTR 585; Clarke v Wife v Army & Navy Co-op Society Limited (1903) 1 KB 155; Anglo Celtic
Shipping v Elliot (1926) 42 TLR; and others.
15 Kellam (2000, p. 206) cites Blacker v Lake & Elliot (1912) 106 LT 533.
16 Kellam (2000, p. 206) cites Watson v Buckley, Osborne, Garrett & Co Limited (1940) 1 All ER 174
17 VSC 359 (13 Sept 2000).
18 [1936] 2 AllER 781 at 789
19 [1968] 3 All ER 217. (Also Brooks p 219).
20 (1972) 13 KIR 255. (Also Brooks p 220).
Identify Hazards
Control Risks
31 WorkCover NSW, Media Releases, 18 May 2001. Accessed online September 2005 at http://www.workcover.nsw.gov.au/MediaResources/MediaReleases/2001/18may2001.htm
Risk management is a logical and systematic Risk analysis utilises a number of qualitative and
method of establishing the context, identifying, quantitative tools to:
assessing, controlling, monitoring and > identify and evaluate any existing controls;
communicating risks associated with any > determine the likelihood of a harmful event oc-
activity, function or process in a way that will curring; and
enable organisations to minimise losses and > determine the consequences of such an event.
maximise opportunities.
The purpose of risk evaluation is to determine the
The Australian Standard, AS/NZS 4360:2004 Risk level of risk and make decisions about which risks
Management, provides a framework to manage risk, need to be controlled and allows for prioritisation in
however it is generic, independent of any specific controlling the risks.
industry or economic sector, and concerned mainly
Control risks
with work processes. Risk management is not
only about avoiding harm, and therefore avoiding Develop and implement specific strategies and
litigation and losses. It is as much about identifying action plans for increasing safety, potential benefits
opportunities to ensure safety because it is ethical and reducing potential costs.
professional practice, socially responsible and Monitor and review
economically sound to do so.
It is necessary to monitor the effectiveness of all
The process of Risk Management is conceptualised steps of the risk management process. This is
in Figure 1.3 and each of the steps is briefly important for continuous improvement. Risks and
summarised. A more extensive explanation can be the effectiveness of control measures need to be
found in the Risk Management Standard (AS/NZS monitored to ensure changing circumstances do
4360:2004). not alter priorities. It is important to ensure that
control measures have not introduced any new
Communicate and consult
hazards, and to ensure that control measures have
Communicate and consult with internal and external eliminated or reduced the risks.
stakeholders as appropriate for each stage of the
risk management process. Several different approaches can be adopted for
controlling risk. OHS risks are usually managed
Establish the Context using the Hierarchy of Control. The higher up the
Establish the external, internal and risk manage- hierarchy, the more effective the risk control:
ment context in which the rest of the process will
take place.
Safe Engineering Design integrates risk to ensure that the stakeholders objectives have
management principles into engineering design by been considered.
systematically identifying hazards, or minimising
> Define the internal context, including their risk
potential risk, and involving users and decision
policy and the overall goals of the organisation.
makers in considering the full life cycle of the
product, process or system. Both approaches > Establish the risk management context, setting
complement each other so that a holistic approach the scope and boundaries for the specific project
to Safe Design results. Safe Engineering Design and specifying the nature of the decisions that
implements risk management principles at each need to be made regarding risk.
stage in the design process. By identifying hazards > Identify the roles and responsibilities of various
as early in the life cycle as possible, losses in terms parts of the organisation in relation to the
of life, injury and costs can be minimised and safety project, and the relationship between this project
can be ensured for current and future users and other projects in the whole organisation.
Safe Engineering Design can be modelled as a > Decide the criteria against which risk will
sequence of stages (Figure 1.4). At each stage be evaluated. Decisions may be based on
in engineering design, it is possible to consider operational, technical, financial, legal, social,
appropriate risk management strategies. The environmental, humanitarian or other criteria.
composite model enhances the ability for
> Develop a Safe Engineering Design framework
designed products to be safely manufactured,
for the project, by identifying the steps in the
used throughout their life cycle and disposed.
process that need to be taken to ensure that
The following procedures can be drawn from this
risks are addressed throughout the life cycle of
model and form a process for Safe Engineering
the designed product.
Design. The tools provided within the Safe Design
for Engineering Students (SDES) can be used to
support decision-making throughout the process.
1.3.2 DESIGN REQUIREMENTS
> Review historical risks and failures for
1.3.1 DESIGN CONTEXT similar projects.
> Accept the professional and ethical mandate Use a variety of qualitative and quantitative
to ensure that the safety and wellbeing of the techniques and tools to amass sufficient information
community is of paramount concern. concerning possible and probable risk regardless
of whether they are under the control of the
f Toolkit* 1.4.10: Code of Ethics
organisation. Be creative and predict possible and
> Establish the external context, including probably scenarios.
the business, social, regulatory, cultural,
competitive, financial and political environments,
Identify Establish
Problem/ Risk
Need Context
Design Requirements
Gather Identify
Information Risks
Design Options
Design Synthesis
Select Control
Solution Risks
Design Completion
> Systematically generate a list of risks and events > Reconsider the human factors, such as
that might affect the project and consider homeostasis.
possible causes and scenarios. Some techniques > Develop a risk treatment strategy. For any issues
are listed in AS/NZS 3931:1998 Risk analysis of concern OHS, apply the Hierarchy of Control
technological systems – Application guide otherwise apply the Standard Risk Management
> Document in appropriate ways to ensure Treatment Options.
usability throughout the life cycle. Accurate and The Hierarchy of Control requires you to try to
complete documentation is especially important achieve the highest level of control.
to those 'downstream' of the process who
1. Control hazards by eliminating them at the
may need to modify or maintain the product
design stage.
or process.
2. Control hazards by substituting them with
lesser hazards.
1.3.3 Design Options 3. Use engineering controls to isolate people
> Consider the sources of risk and the likelihood of from the hazard.
their occurrence. Risk is analysed by combining 4. Use administrative controls to train and
consequences and their likelihood. warn people of hazards.
> Consider both technical and human factors. 5. Use personal protective equipment to
> Use both quantitative and qualitative techniques reduce exposure to hazards.
to systematically analyse possible risks.
f Toolkit 1.4.8: Hierarchy of Control
f Toolkit 1.4.5: Failure Mode and Effects Analysis > Determine the decision-making approach
(FMEA) to select the optimum solution. Balance the
f Toolkit 1.4.6: Event Tree Analysis (ETA) costs of implementing against the benefits
derived. Consider all the direct and indirect
f Toolkit 1.4.10: Code of Ethics > Consult with appropriate users, operators,
maintainers, handlers.
> Prepare and implement risk treatment plans for
the life cycle of the designed product. > Document to ensure that others can follow your
design plans and modifications.
> Document to ensure that you can demonstrate
1.3.5 Design Completion duty of care.
> Conduct walk throughs and test runs.
> Ensure that key information, concerning actions
> Test with various users of the product in taken to address safety, is adequately recorded
its current stage and consider future users and transferred from the design/planning phase
throughout its life cycle. and that those involved at later life cycle stages
have access to information about any residual
> Anticipate misuse throughout its life cycle.
risks that may affect their health and safety.
> Document results and observations to ensure
that users downstream in the life cycle will be
able to control risks and ensure safety. Summary
To achieve Safe Design in engineering,
engineers should:
1.3.6 Monitor and review throughout
the life cycle > Accept their professional responsibility to ensure
> Vigilant monitoring is essential to ensure the safety and wellbeing of the community as
safety throughout the life cycle of the their paramount concern
designed product. > Understand the basic principles of Safe Design
> On-going review ensures that the data obtained > Know and follow the underpinning legal,
through monitoring is available for feedback into business and professional framework for safety
the system.
> Integrate risk management concepts with
> Ensure that the safety recommendations and engineering design methodology and follow a
residual risks within the design are documented Safe Engineering Design process
for users 'downstream' in the life cycle.
> Consider human factors
> Take steps to ensure that essential modifications
> Apply Safe Design principles throughout the
and maintenance are carried out and
entire life cycle of designed products
documented for future users.
> Implement Safe Design as early in the life cycle
as possible, and
> Continually develop their professional abilities as
Safe Design engineers.
A wide range of knowledge, skills and attitudes are Professional Responsibility tool
needed to be able to effectively create engineered f Toolkit 1.4.10: Code of Ethics
products that meet the Safe Design principles.
There are also many tools and techniques that have
been developed to help you systematically identify 1.4.1 DESIGNER MISCONCEpTION CHECkLIST
and assess risk and deal with the complexity of
socio-technical systems. Some tools and techniques Purpose of the tool
are relatively generic while others are specialised for
particular types of engineered products. This tool has been developed to help designers
systematically test products and processes for
There are many tools available for identifying, design misconceptions (Health & Safety Executive,
analysing, and evaluating risks. This Safe Design 2003). It was thought that Safe Design could be
Engineering Toolkit presents some simple but improved through examining accident reports
powerful tools that we have adapted for this and identifying the types of misconceptions that
resource. The intention of the toolkit is to provide an may have been inherent in the engineered system
introductory overview of each of the tools so that the or operating procedures which contributed to
reader is aware of systematic approaches to safe the accident.
Design and can analyse the educational material
presented in this resource. This analysis resulted in categorising around 30
main types of misconceptions that designers of
Guidewords and checklist tools these seemed to suffer and which would therefore
f Toolkit 1.4.1: Designer Misconception Checklist make their designed product contain hazards.
These misconceptions include those designers have
f Toolkit 1.4.2: Construction Hazard Analysis of operators, operators’ intentions and the operating
Implementation Review (CHAIR) guidewords environment. An operator is anyone involved in the
f Toolkit 1.4.3: Plant Hazard checklist operational life of a system, including maintenance
staff and people carrying out mid-life modifications.
f Toolkit 1.4.4: Process Flow guidewords
A set of about 20 misconceptions that operators of
Risk Analysis tools hazardous installations made was also identified,
f Toolkit 1.4.5: Failure Mode and Effects but is not discussed in this document. Those
Analysis (FMEA) misconceptions include those the operator may
have about the design, its rationale and boundaries
f Toolkit 1.4.6: Event Tree Analysis (ETA)
of safe operation.
f Toolkit 1.4.7: Fault Tree Analysis (FTA) This tool was not designed to replace technical
Risk Treatment tool analysis such as HAZOP* or FMEA but to
complement them and provide another perspective
f Toolkit 1.4.8: Hierarchy of Control (HoC)
on hazard identification.
f Toolkit 1.4.9: Incident Investigation * HAZard and Operability
1.4.2 Construction Hazard Analysis The overview guidewords used for the whole design
Implementation Review concept are:
guidewords > Environmental Conditions
In the construction industry the HAZOP process
> Toxicity
has been adapted by Workcover NSW and industry
partners to create the Construction Hazard > Environmental Impact
Assessment Implication review (CHAIR). CHAIR-1 > Inspection and Testing
is a conceptual design review. There are two sets of
> Documentation and Quality Control
guidewords.
> External Safety interfaces
The generic guideword used for each design
element are: > Fire/Explosion identified
> Size > Utilities and Services
> Position/Location > Maintenance.
> Movement/Direction
Process of using the tool
> Energy
The user systematically works through the
> Egress/Access guidewords one-by-one. The guidewords are used
> Heights/Depths to trigger thinking about hazards.
Consequences
Person Resp..
Safeguards
Guideword
Risk Issue
Causes
Action
No.
1.4.3 Plant Hazard checklist > coming in contact with moving parts of the
plant during testing, inspection, operation,
As a designed item, Plant are a major source of
maintenance, cleaning or repair?
hazards. The checklist reproduced below was
developed by WorkSafe Victoria. > being trapped between the plant and materials
or fixed structures?
a) Entanglement > other factors not mentioned?
Can anyone’s hair, clothing, gloves, necktie,
jewellery, cleaning brushes, rags or other materials c) Cutting, stabbing and puncturing
become entangled with moving parts of the plant, or Can anyone be cut, stabbed or punctured due to:
materials in motion?
> coming in contact with sharp or flying objects?
b) Crushing > coming in contact with moving parts of the
Can anyone be crushed due to: plant during testing, inspection, operation,
maintenance, cleaning or repair of the plant?
> material falling off the plant?
> the plant, parts of the plant or work pieces
> lack of capacity for the plant to be slowed, disintegrating?
stopped or immobilised?
> work pieces being ejected?
> parts of the plant collapsing?
> the mobility of the plant?
> being thrown off or under the plant?
> uncontrolled or unexpected movement of
> uncontrolled or unexpected movement of the the plant?
plant or its load?
> other factors not mentioned?
> the plant tipping or rolling over?
Can anyone come into contact with fluids under > unprotected holes, penetrations or gaps?
high pressure, due to plant failure or misuse of > poor floor or walking surfaces, such as the lack
the plant? of a slip-resistant surface?
> steep walking surfaces?
h) Electrical
> collapse of the supporting structure?
Can anyone be injured by electrical shock or burnt
due to: > other factors not mentioned?
> the plant contacting live electrical conductors?
k) Ergonomic
> the plant working in close proximity to
Can anyone to be injured due to:
electrical conductors?
> poorly designed seating?
> overload of electrical circuits?
> repetitive body movement?
> damaged or poorly maintained electrical
leads and cables? > constrained body posture or the need for
excessive effort?
> damaged electrical switches?
> design deficiency causing mental or
> water near electrical equipment?
psychological stress?
> lack of isolation procedures?
> inadequate or poorly placed lighting?
> other factors not mentioned?
> lack of consideration given to human error or
human behaviour?
Table 1.4: Failure Mode and Effect Analysis table for a ball point pen
Potential effects of
Potential causes of
potential failure be
Potential Failure
OCCURRENCE
DETECTION
detected?
SEVERITY
Function
Actions
failure
failure
Mode
Part
RPN
Provides Vacuum on Debris Check
Outer Hole gets Make hole
grip for ink supply 7 ingress into 3 clearance of 5 105
tube blocked larger
writer stops flow hole hole
Provide Introduce
Incorrect Too much QC on ink
Ink writing High flow 4 2 4 32 more rigid
viscosity solvent supply
medium QC
Provide
Incorrect Too little QC on ink No action
Ink writing Low flow 4 2 3 24
viscosity solvent supply required
medium
(Adapted http://www.nomogen.co.uk/QualityPublications/fmea.htm)
1.4.6 Event Tree Analysis (ETA) most risk analysts. Which events are worth investing
resources for an event tree analysis is a judgement
Purpose of this tool process, which should take into account the overall
risk management strategy. Of particular importance,
Fundamentally, event trees provide a means for
though, will be those events, which have a direct
quantitatively analysing the probability that a system
causal relationship with system failure.
will respond successfully or end up in failure
given that an undesired event has occurred. The
Process of using the tool
initiating event may be a failure within a system or
an external event. ETA starts with an initiating event Event tree analysis is suitable for situations, which
and then searches forward through time to identify meet two criteria. Firstly, a given component’s
the possible sequences of events that could arise in response to an event will be classified as success
response. or failure; there is no scope for partial success or
failure. Secondly, the system design is such that
The initiating (undesired) event is the starting point
in response to the initiating event there is a logical
for the analysis. In a given system there will be
sequence of components that will be engaged in
many events that could be analysed via an event
response to the event.
tree. In a complex system there will be so many
events that performing event tree analysis for each The construction of the event tree is straight
of them will probably be beyond the resources of forward. Once an initiating event has been chosen
for analysis, the system components that are
Success System
(1-PFB) Success
Success
(1-PFA) Success System
(1-PFC) Success
Failure
Initiating PFB
Failure System
Event
PFC Failure
Failure System
PFA Failure
Opens Pressure
(1-PF1) Decreases
Pressure
Too High Opens Pressure
(1-PF2) Decreases
Fails
PF1
Fails
Explosion
PF2
Figure 1.6: Event Tree for excessive pressure in a nuclear plant (After Leveson, 1995)
Reference
Leveson,N.G. (1995) Safeware: System Safety and Computers, Addison-Wesley Publishing Company, 1995
Examination of the event tree in Figure 1.6 1.4.7 Fault Tree Analysis (FTA)
reveals that there are two branches that resolve
to a successful outcome and one that does not. Purpose of this tool
Calculation of the probability of failure in the event
Fault Tree Analysis (FTA) is a technique for
of an over pressure event is a straight forward
determining the fundamental fault or sets of faults
computation based on the process described in
that lead to an undesirable event. As such FTA is a
the previous section. Examination of the event
suitable tool to further analyze undesirable events
tree, however, does not reveal any information
identified by other tools such as ETA and HAZOP.
concerning the mechanism or mechanisms that
Analysis of the probabilities associated with the
led to either of the valves failing. Should the
fundamental causes enables the system designer
probability of failure be intolerable, then other risk
to focus on those causes/faults that are most severe
assessment tools would have to be applied to the
in their consequences or most frequent in their
scenario to determine the possible failure modes
occurrence.
and, if required, the likelihood of each of these
failure modes. Fault trees are one such tool and this
Process of using the tool
scenario is also used as the example application for
the fault tree toolkit. FTA starts with a pre-identified undesirable event.
This event is then drilled-down through the system
structure to determine the fundamental faults that
can trigger the undesired event. The Fault Tree
diagrams used to capture this analysis are based
on logic symbols. A subset of the symbols used is
shown in Table 1.5.
Output Event Event resulting from events occurring lower in the tree
Event immediately above the AND gate occurs if all of the events
AND Gate
immediately below the gate have occurred
Events in the diagram are represented by a must have occurred for the higher event to be
rectangular block. The undesired event at the top triggered. Conversely an event fed by an OR-
of the diagram is referred to as the top event. Sub- gated combination of events is triggered if any of
events, which are triggered by combinations of the subordinate events has occurred. Events are
other events are also denoted by the rectangular decomposed through the system through the use
block and are referred to as intermediate of gated event combinations until such time as the
events. The use of logic ‘gates’ enables different basic events have been identified. Such events are
combinations events to be specified as the denoted by the circle symbol. Figure 1.7 illustrates
trigger for an event. If the events serving as an a generic fault tree highlighting the use of each of
input to a higher event are combined through an the diagram components.
AND gate, then all of these subordinate events
Top Event
Explosion
Valve 1 Valve 2
Pressure Computer Computer position position
Monitor Response Fails to Issue indicator indicator
Failure Too Slow Command
fails on fails on
Figure 1.8: Fault Tree for an explosion in a nuclear plant (After Leveson, 1995)
Reference
Leveson, N.G. (1995) Safeware: System Safety and Computers, Addison-Wesley Publishing Company, 1995
> The Australian Safety and Compensation A database of over 720 examples of solutions
Council website. to overcoming OHS problems. Many of these
include examples of Safe design.
This site hosts a range of resources relevant to
Safe Design. There are a range of publications - http://www.ascc.gov.au
that extend the material covered in the Safe > Bad Human Factors Design
Design: An Engineering Resource Package
Over 90 examples of designed items which
to a much greater depth and more generally
because of bad design are difficult to use
about Occupational Health and Safety in the
or hazardous.
Australian context.
- http://www.baddesigns.com/examples.html
- http://www.ascc.gov.au
> NIOSH Fatality Assessment and Control
> The National Committee of Engineering
Evaluation (FACE) Program
Design website.
An accident database containing a brief synopsis
The NCED aims to promote design excellence
of an accident which led to a fatality.
and awareness through media of publications,
conferences and both national and international - http://www.cdc.gov/niosh/face/
exhibitions. Engineering Design addresses issues
> Safety resources from the military
of creating and delivering innovative, useful,
reliable and economical technical solutions to Check the archive of Safety photos and
meet human wants or needs. One of NCED’s success stories
main objectives is to promote links between - http://www.safetycenter.navy.mil/
industry, and tertiary and secondary learning
institutions for the strategic development of > Google image search:
design learning and experience in all aspects Images to help illustrate Unsafe and Safe Design
of design. can often be found here
- http://www.ncedaust.org/index.htm
- http://www.google.com.au/imghp?hl=en&tab=wi&q=
STUDENT ACTIVITIES
AN EDUCATIONAL RESOURCE
FOR UNDERGRADUATE
ENGINEERING STUDENTS
>>>>
part a: Safe DeSign – StUDent
actiVitieS
contentS
.1 introDUction 3
Overview
This activity has been designed to help you develop
the ability to identify hazards and risks. You will also
learn about some of the common misconceptions
that designers have, based on those which have
been embedded in design and caused fatalities.
During the activity a list of known hazard inducing
design assumptions are tested against the item
represented in the image. Through completing this
activity, you will develop your skills in identifying
risks and develop a greater understanding of how
incorrect assumptions and misconceptions can
contribute to unsafe design.
Activity
For each the following Images (A, B & C), identify
the risk issues through using the designer
misconception checklist (Safe Design Engineering
Toolkit 1.4.1).
> Fill out the documentation for each of the
images.
Scenario
You have just hired a car from Los Angeles Airport. This photograph represents part of the dashboard from
that vehicle containing the speedometer and tachometer.
Actions needed
Criticality
Photo: J Culvenor
Scenario
This is an emergency stairway in a hotel. This stairway is used as a permanent access to a swimming pool
on the top floor. The stairwell is used many times per day. The stairs are constructed of concrete with a
metal railing
Scope Stairway
Type of misconception
Actions needed
Criticality
Scenario
The image is of yellow street lights at night. The arrow points to a different type of light (this is a HINT)
Actions needed
Criticality
Overview
This activity should help you to develop your
ability to identify hazards and risks through using
guidewords. By completing this activity, you should
be more proficient at recognising hazards and be
better able to understand the implications of poor
design regarding safety. Through discussion and
debate, you should also be developing the ability to
conceptualise safer design.
Activity
For each the following Images (A, B & C),
> identify the risk issue using the Construction
Hazard Assessment Implementation Review
(Safe Design Engineering Toolkit 1.4.2).
> Fill out the CHAIR documentation.
> Suggest alternate design options to eliminate or
reduce the risk issue.
The generic guidewords to be used for this
activity are:
Photo: J Culvenor
Scenario
This wooden structure is used for loading and unloading livestock from semi-trailers into a livestock holding
yard. These structures are often located near a public road and on a property boundary.
Safeguards
Guideword
Risk Issue
Causes
Action
No.
Photo: J Culvenor
Scenario
Split systems and other air conditioning systems are a relatively common feature in multi-level buildings
Consequences
Safeguards
Guideword
Risk Issue
Causes
Action
No.
Photo: J Culvenor
Scenario
A common sight on many roads in rural Australia is a stock crossing point used to move livestock from one
part of a property to another.
Safeguards
Guideword
Risk Issue
Causes
Action
No.
l) Suffocation
Can anyone be suffocated due to lack of oxygen, or
atmospheric contamination?
Photo: J Culvenor
Scenario
Access to tractors is often positioned between the wheels.
Photo: J Culvenor
Scenario
The grain auger is an essential piece of farm equipment which is used to move grain from one location
to another.
Photo: J Culvenor
Scenario
Silos need a system for operating the opening at the top of the structure. Access is often provided by a
ladder up the side of the structure.
Scenario
Bench grinders are a commonly used product both at home and in the workplace. Examples of use include
to shape metal, sharpen tools or prepare metal for welding.
FMEA Template
(Adapted from ‘Event Tree Analysis’, P.L. Clemens, Feb 2002, Jacobs Sverdrup)
(Adapted from ‘Event Tree Analysis’, P.L. Clemens, Feb 2002, Jacobs Sverdrup)
Overview
A Risk Management problem associated with road
safety is presented. This activity is designed to
develop the student capabilities associated with
Risk Identification and Risk Control.
Activity
For the following scenario,
> fill in the hazard identification and
significance table.
> fill in the risk control table.
Scenario
Bob, driving his car, was in a single-vehicle road
accident. The accident occurred on a country road
in Victoria at night. The road was relatively straight,
flat, horizontal and dry. His car collided with the
left hand side of a bridge railing. The bridge railing
is approximately fifty years old and made of stone.
There are many bridge railings of this type. Bob
was nineteen years old at the time and recorded a
blood alcohol reading of 0.03%. He suffered major
injuries and survived. No other passengers were in
the vehicle. (example J. Culvenor 1997)
Reference:
Culvenor, J (1997), Breaking the Safety Barrier: Engineering New paradigms in Safety Design, PhD Thesis, University of Ballarat
Photo: J. Culvenor
.3.1 Safe DeSign anD bUilD and at least one major design project. Many
engineering faculties initiate design experiences in
Overview the early stages of a course with challenging design
and build exercises such as spaghetti bridges,
The goal of this activity is to give students an
gravity-powered vehicles or website development.
opportunity to develop and utilise their Safe Design
In addition, a number of undergraduate design
abilities while undertaking a design and build
competitions, such as the Weir-Warman competition
exercise. It is intended to be used in conjunction
for Mechanical engineers, are available to
with any existing design and build project that
encourage students to think creatively and solve
is currently used by an engineering educator
problems in an innovative way. These various
within their undergraduate engineering course.
design-and-build projects can be used to as a
By broadening the design requirements of the
mechanism to introduce or reinforce safe design
existing project to include safe design it provides
principles and concepts.
an opportunity for educators to introduce a greater
degree of ‘real-world’ constraints to these design The following activities can be used to enhance
and build activities. existing design oriented projects to ensure that
students develop an awareness of safety issues and
Intended learning outcomes ultimately the ability to accept their responsibilities
for safe design. The activities have been designed to
> Awareness of engineers' responsibilities for
apply to a wide range of design activities from basic
safe design.
to complex and to be easily integrated into existing
> Ability to identify safety issues and risks. subjects and projects.
> Ability to integrate safety principles into
engineering design.
Approach to adding Safe Design to Design and
Build Projects
> Ability to understand inter-relationships between
This activity is designed to illustrate how safe
safety and other design requirements.
design concepts can be embedded within a
> Awareness of the need to consider safety design-and-build project using the tools available
implications in a design activity. in the Safe Design Guide. The intention is not to
provide a definitive mechanism for embedding safe
Context in which it could be used design within any design and build projects since
All Engineering courses are required to develop there is too much diversity in the currently used
student design capabilities. This is achieved in a projects to specify which Safe Design tools are the
variety of ways, ranging from unstructured problem most appropriate. For example, a project in civil
based activities to integrated design projects. engineering or construction would most likely find
Undergraduate engineering course accreditation the CHAIR guidewords are the most suitable risk
(Stage 1 from Engineers Australia) requires students identification tool whereas a project in Mechanical
to undertake two or more construction projects Engineering may find the Plant Hazard Checklist the
500mm
225mm
Develop Concept
Design
Supply / Install
Commission / Use
Maintain
Decommission
Disposal / Recycle
>>>>
. caSe StUDieS
Read the following scenario and be prepared to > ‘Because assembly-line machinery was already
answer the discussion points. tooled when engineers found this defect, top
Ford officials decided to manufacture the
car anyway’
Student notes
Overview
This case study is a summary of the events
surrounding the F-111 Deseal/Reseal case that
were presented at a Board of Inquiry in September
2001. The case shows how major safety issues
in the workplace can arise from a combination
of workplace culture and the use of hazardous
materials. While some of the organisational and
cultural features of the workplace described here
are unique to the military, others are relevant
to many other large industrial organisations. It Image: http://www.defence.gov.au/raaf/images/for_site/wallpaper/
highlights the importance of the need to design F111.jpg
effective processes and systems not just products In 1963, the Royal Australian Air Force (RAAF)
for ensuring safety. It shows the ‘downstream’ ordered 24 F-111 aircraft but it was not until 1973
consequences of not addressing safety ‘upstream’ that the aircraft arrived at Amberley Air Force
at a design stage. It recognises that decision- Base. The fuel tanks in the F-111 were designed
making in engineering can involve ambiguity and to be integral to the aircraft’s structure and unlike
differences in opinion. many other aircraft the fuel tanks did not contain
an internal bladder but required a sealant for the
Intended learning outcomes joints and mating surfaces to prevent leaks. A
> Awareness of hazards 'downstream' due to the specially developed sealant that could withstand the
design of products. environmental conditions arising from supersonic
flight was developed. However, fuel leaks were
> Understanding of the complexity of designing
discovered soon after delivery and it became
safe processes.
evident that the fuel tanks would need to have the
> Appreciation of organisational and cultural original sealant removed and a new sealant applied.
factors which impact the effective design A deseal/reseal program was initiated and the
and enforcement of safe processes within a desealant used had potential risks due to its toxicity
workplace. and very low flash point. There are seven fuel tanks
> Ability to identify risk control strategies to deal located within the aircraft; in the fuselage ahead of
with hazardous substances. the wings, within the wings, behind the wings and
either side of the tail.
Activity Consequently, for more than 20 years, the RAAF
Read the following scenario and be prepared to maintenance personnel have been working in
answer the discussion points. cramped and confined spaces, using highly toxic
chemicals to deseal and reseal the fuel tanks of F-
111 aircraft. Although personal protective clothing
was provided (gloves, respirators, coveralls), the
high temperatures of the tropical climate and the
difficulty of working with such restrictions in a
confined space led to staff not always using the
protective gear that was provided. The personal
Choice of Action
a) Keep on working as directed by your supervisor
and try to catch up on lost time.
b) Keep on working as directed by your supervisor
and decide to have a meeting with your
supervisor at the end of the day.
c) Refuse to continue working on the site and go
back to head office to sort it out.
d) Contact the Depot Manager onsite to see if he
has a copy of the rules and seek clarification
about the safety equipment.
e) Try to contact your supervisor’s boss, who
happens to be a family friend.
LECTURE NOTES
AN EDUCATIONAL RESOURCE
FOR UNDERGRADUATE
ENGINEERING STUDENTS
>>>>
part b: Safe DeSign – StUDent
actiVitieS – lectUrer noteS
contentS
.1 introDUction 3
Photo: J. Culvenor
Scenario
This is an emergency stairway in a hotel. This stairway is used as a permanent access to a swimming pool
on the top floor. The stairwell is used many times per day. The stairs are constructed of concrete with a
metal railing.
Scope Stairway
Type of misconception Benign condition.
What are the assumptions? Operating conditions have no impact upon the function of the guard rail.
Under what conditions this assumption Person (especially child) who has wet feet after exiting the pool could slip and fall
could be contradicted? through the rails.
Stairway may not have originally been designed as an access point for a pool.
Actions needed Remove possibility of falling through guard rail by placing extra rails, timber sheet or
mesh across the gaps.
Criticality Medium.
Scenario
The image is of yellow street lights at night. The arrow points to a different type of light (this is a HINT)
* Toolkit content can be found at section 1.4 of PART 1 – Concepts, Principles & Tools
Photos: J Culvenor
Image with ramp in hazardous orientation Image with ramp in ‘Safe Design’ orientation
(This image provided to students) (This image not provided in student handout and
shows potential design solution)
Scenario
This wooden structure is used for loading and unloading livestock from semi-trailers into a livestock holding
yard. These structures are often located near a public road and on a property boundary.
Safeguards
Guideword
Risk Issue
Causes
Action
Photos: J Culvenor
Image with air conditioning unit in hazardous Image with air conditioning units in ‘Safe Design
location (This image provided to students) location. (This image not provided in student
handout and shows potential design solution)
Scenario
Split systems and other air conditioning systems are a relatively common feature in multi-level buildings.
Safeguards
Guideword
Risk Issue
Causes
Action
Heights/ Injury of Fall Injury/ Warning, Fall Relocate air-conditioning unit to ground
Depth OR maintenance fatality restraint level for improved access
worker
Egress/
Access
Photos: J Culvenor
Image with traffic crossing point in hazardous Image with traffic crossing point in ‘Safe Design
location (This image provided to students) location. (This image not provided in student
handout and shows potential design solution.)
Scenario
A common sight on many roads in rural Australia is a stock crossing point used to move livestock from one
part of a property to another.
Safeguards
Guideword
Risk Issue
Causes
Action
Egress/ Contact between Animal crossing Injury/ Warning Eliminate interaction between traffic and
Access animals & road fatality, loss animals.
traffic of life
> Use the hierarchy of control to describe risk 2. Handout required resources to each group.
control options. Electronic copies of the images from the Safety
Album may also be used by the instructor to
Context in which it could be used project the images.
This activity can be used as an individual or small 3. Get students to work through the Plant Hazard
group activity. It can also be used as an ice-breaker checklist for each image and discuss their
to get students to explore their own experiences opinions and then complete the documentation
with poorly designed items. This activity could be for hazard/risk identification and risk control.
used in early to mid stage design subjects and
4. Discuss any issues arising:
communications subjects. It would also be possible
to adapt this activity to an online quiz environment a. the difficulty in predicting hazards during design;
by providing multiple choice selection of a subset b. What they see as the benefits and limitations
of the plant hazard checklist. In the Safety Album of this tool to trigger discussion, identify and
(R3 of Resources listed in Part 1) there are lots document hazards; and
of links to sites that have extensive databases of
c. Students own examples of poorly designed items.
images that can be substituted for the images given
in this resource. This would allow the instructor
to customise the activity for their discipline and
context. The hazards covered by the checklist are
quite broad and apply to both lifestyle items as well
as workplace items.
* Toolkit content can be found at section 1.4 of PART 1 – Concepts, Principles & Tools
o) Other hazards
Can anyone be injured or suffer ill-health from
exposure to: chemicals; noise; toxic gases or Image with tractor access ladder in hazardous
vapours; vibration; fumes; radiation; dust; other location. (This image provided to students.)
factors not mentioned?
Photos: J Culvenor
Image with unguarded grain auger. (This image
provided to students.)
Example D: Scenario
Bench grinders are a commonly used product
both at home and in the workplace. Examples of
use include shaping metal, sharpening tools, and
preparing metal for welding.
Example D: Risk/hazard identified from Plant
Hazard checklist
> Design a guard on the grinder to direct sparks Personal Protective Equipment
towards the floor and away from the operator. > Glasses for protection from flying objects.
> Incorporate a guard to prevent a disintegrating > Dust mask for protection against airborne
grinding wheel striking the operator. particulates.
> Ensure design is compliant with relevant > Gloves for protection against friction and burns.
electrical standards.
Links
WorkSafe Victoria 2003, Roll Over Protection
Structure (ROPS): Farm Safety Series, Worksafe,
Melbourne, www.worksafe.vic.gov.au
> An ability to recognise the roles of all parties and 3. Identify contributory factors that could have
examine how their decisions affected safety. impacted the accident and management of that
accident (Environment, Equipment; Skills and
> Understand the methodology used in an
experience; Operating/work system, Ergonomic
Accident Investigation.
factors (relationship between people and their
> Identify measures that would control the risk(s). environment, equipment etc). A mind map
or other graphical tool could be used to show
Context in which it could be used relationships between contributory factors.
This activity can be used as an individual or small 4. Identify the design decisions that each of the
group activity. This activity could be used in design organisations (City Council, PaperMunchers, Top
or management subjects where the significance of Trucks) took which may have contributed to the
human factors upon technology and work system accident. Consider what other options they had
design is stressed. which may have reduced the risk to the workers
* Toolkit content can be found at section 1.4 of PART 1 – Concepts, Principles & Tools
Photos: J Culvenor
The lifting work is fairly hard so I bought everyone 4. Paper (every second week) in a cardboard box
elastic back belts that I saw at an expo. Jo took it off or tied in bundles.
on the day of the accident, perhaps because it was The four waste collections are on the same day of
hot. We did have a system of sharing the driving the week. A notice explaining the collection of the
and lifting work. That broke down a little bit because waste was posted to all TidyTown residents.
we needed to create a light job.
After we thought up the ideas for the collection
After the accident, I could see that the workers were system, we invited tenders for collection. The
not working safely. A friend who is a safety advisor garbage and green-waste collection was awarded to
at a local manufacturing firm suggested SSAFeTy our own waste department. The recycling and paper
System (Super Safety Action Friendly Tips System). collections were awarded to PaperMunchers for two
The idea is that the workers monitor each other’s years (they have about six months to run).’
unsafe acts and issue them with ‘friendly’ reminders
when they are doing something dangerous. It’s from You asked about why the paper is not in a
the USA! I am getting a consultant to come and wheelie bin?
teach everyone.’ ‘The residents did not want too many bins on the
street on one day. It would be untidy and take
Flo: ‘Trek worked in the recycling area for about a
up space for parking. Since not everyone gets
year and then was off work with a shoulder injury.
newspapers it seemed that if something was going
The insurance company told me to create a light
to be on the ground then newspapers would be
job for him. The recycling jobs are all the same so I
best. A box of newspapers is also fairly easy to
thought truck driving would be ok. I had Trek drive
handle. I can easily lift one box with two weeks
the truck with Jo and moved Jay into the sorting
papers. It’s not heavy.’
area. Jay complained, as usual, about the lifting and
that Jo would now need to do it all. But out on the
Solution
collection they can work at their own pace so if it
gets a bit too much for Jo toward the end of the day
Identify all the parties/stakeholders including
they can just slow down. I think it worked quite well
both individual people and organisations
until the accident. Jo must have been crossing the
road. I know Ty told them not to when they started Employers/Employees
so it’s Jo’s own fault.’ > Cyril the Chief Executive Officer of Tidy Town
City Council which is responsible for Waste
You visit the City of TidyTown and talk to Cyril,
collection.
the Chief Executive Officer of TidyTown Council:
> Ty and Flo who are Directors of PaperMunchers
‘Over two years ago we decided to improve waste
the Waste Collection contracting company.
management. A key problem was the amount
of recyclable material being sent to landfill and I > Jay, Jo and Trek who are waste collectors
developed a new waste collection system. We asked employed by PaperMunchers.
residents what they wanted and came up with a
Public
great system involving four collections:
> Lenni is the car driver who is a member of
the public.
City Council (broad system design of waste Supervision – safety rules (crossing the road) were
collection) set up but there was no follow up or supervision.
There was no follow-up even after the accident.
Manual collection – This is the main problem.
Would this make much difference? Are all the
Everything (except the sorting injury) stems from the
hazards addressed through this measure?
manual collection. The council is the source of this
decision. A bin could have been used a bin except Work to finish – set up work to finish system and
for concerns about taking up space on the street. should know this would lead to workers finding the
What about collecting the bin on another day? The quickest way.
same bin could even be used (i.e. recycling one
Consultation – lack of consultation about swapping
week, paper the next, in the same bin). What about
work positions, introducing back belts, and
a split bin?
introducing new safety system.
Hazard assessment of manual collection –
Maintenance – Lack of maintenance on the radio.
Once set up should the council have required
a hazard management plan for this reasonably SSAFeTY system – PaperMunchers need to ensure
dangerous activity? supervision regardless of how workers look out for
each other. More importantly as Jay suggests the
Crossing the road – Given there was to be manual
work has many hazards.
collection, could the Council have solved the road
crossing problem by having separate sides of Hazard management – generally. Discuss the need
roads on separate days (i.e. odds one week, evens for hazard assessment. What really can supervision
the next). There would then be no temptation (by each other through SSAFeTY system or the
for a worker to cross the road as there would employers themselves) really achieve? Even done
be nothing to collect. An alternative might be to the ‘ideal’ way, is the job safe?
require residents to move bins across the road (this
TopTrucks (equipment designer)
is actually already done in some narrow streets
Should TopTrucks alert buyers about the serious
to avoid reversing manoeuvres where trucks can
manual handling hazards associated with a manual
not turn).
load truck?
PaperMunchers (implement waste collection
Collecting from one side of the road – The manual
system and design to some degree)
truck has a rear load hopper. Could Toptrucks
Perhaps should have engaged with council at design the manual truck as a side load system
tender stage regarding manual collection. Might thereby discouraging collection from both sides of
have limited opportunities to change but could the road. This would also remove the need to stand
perhaps have put in complying tender (manual behind the truck which exposes the worker to a car
paper collection) and non-complying (but safer) collision from the rear or possibly being run over if
alternative tender based on a wheelie bin. the truck reverses.
Noise levels – Should TopTrucks design the paper
compactor to be as quiet as possible. Is there a
designer duty for this and is there a limit?
* Toolkit content can be found at section 1.4 of PART 1 – Concepts, Principles & Tools
Solutions
The FMEA for the existing jack and an FMEA
based on the corrective actions listed in the FMEA
are included in the tables on the following page.
Comments are attached to each of the corrective
actions to explain the anticipated effect they will
have on the system.
* Toolkit content can be found at section 1.4 of PART 1 – Concepts, Principles & Tools
FMEA Template
Failure Mode Effects S Rating Causes O Rating Control Tests D Rating RPN Recommended Action
Hose leaks Jacking 8 Poor hose 5 50% hose 7 280 Introduce pressure test for all hose
function material inspected
impaired
Hose leaks Oil mess, pump 9 Cut hose 5 None 3 135 Modify assembly machine to reduce
damage hose damage
FMEA Template
Failure Mode Effects S Rating Causes O Rating Control Tests D Rating RPN Recommended Action
> Copy of tutorial exercise for each student. Finally have the students determine a means for
identifying the most critical component in the
> Copy of the ETA tool (section 1.4.6 from Safe system with regard to improving the likelihood of
Design Engineering Toolkit*). keeping the basement dry in the event of a flood.
This element of the tutorial could be left out to
Assessment Criteria / Guidelines create a shorter tutorial.
No assessment criteria are provided for this activity. This tutorial is based on the same scenario as that
used for Fault Tree Analysis. An optional exercise
Method of Presentation if both tutorials are run is to compare the FTA and
Review Event Tree Analysis (ETA) concepts based ETA analyses. This will highlight the ways in which
on ETA toolkit from section 1.4.6 from Safe Design ETA and FTA focus on different aspects of the same
Engineering Toolkit. Key points to highlight at system. FTA focuses on the causes for failure. ETA
relevant stages of the exercise: focuses on the likelihood of the system recovering
from an undesired event.
> Need to establish sequence of operation for
components. With regard to the exercise the
Activity
pump and alarm will operate simultaneously but
in terms of design the pump is primary and the The reservations division system for a major airline
alarm is only of consequence if the pumps fails. occupy a 10 story building. The basement of the
building contains a backup generator so that 24/7
> A component’s operation is either success or
availability can be maintained even during black-
failure. There is no partial success. For example
outs. In heavy rain the basement is prone to minor
a damaged pump may have sufficient capacity
flooding. The basement is protected from flooding
to deal with some floods. ETA cannot handle
by the system shown in Figure 1. Rising flood
partial operation. Such a pump is treated as
waters close the float switch S, powering the pump
being a failure.
P from an uninterruptible power supply. An Alarm
A is also sounded, alerting operators to perform
manual pumping using a bilge pump, B, should
(Adapted from ‘Event Tree Analysis’, P.L. Clemens, Feb 2002, Jacobs Sverdrup)
Operates
Dry
(1-PFS)
Operates
Closes Dry
Sounds (1-PFB)
(1-PFS)
(1-PFA) Fails
Fails Flooded
PFB
Basement PFP
Flooding Silence
Flooded
PFA
Remains
Open
Flooded
PFS
Figure 3: ETA Analysis of basement flooding highlighting paths through the tree that lead to overall success
Operates
Dry
(1-PFS)
Operates
Closes Dry
Sounds (1-PFB)
(1-PFS)
(1-PFA) Fails 1
Fails Flooded
PFB
Basement PFP
Flooding Silence 2
Flooded
PFA
Remains
Open 3
Flooded
PFS
Intended Learning Outcomes This tutorial is based on the same scenario as that
used for Event Tree Analysis. An optional exercise
> Understand how to qualitatively analyse a simple
if both tutorials are run is to compare the FTA and
system using FTA.
ETA analyses. This will highlight the ways in which
> Be aware of how FTA enables single points of ETA and FTA focus on different aspects of the same
failure in a system to be identified. system. FTA focuses on the causes for failure. ETA
focuses on the likelihood of the system recovering
Required Resources from an undesired event.
> 30-45 minutes.
Activity
> Copy of tutorial exercise for each student.
The reservations division system for a major airline
> Copy of the FTA tool, section 1.47 from Safe occupy a 10 story building. The basement of the
Design Engineering Toolkit*. building contains a backup generator so that 24/7
availability can be maintained even during black-
Assessment Criteria / Guidelines outs. In heavy rain the basement is prone to minor
No assessment criteria are provided for this activity. flooding. The basement is protected from flooding
by the system shown in Figure 1. Rising flood
Method of Presentation waters close the float switch S, powering the pump
P from an uninterruptible power supply. An Alarm
Review Fault Tree Analysis (FTA) concepts based
A is also sounded, alerting operators to perform
on FTA toolkit from section 1.47 from Safe Design
manual pumping using a bilge pump, B, should
Engineering Toolkit.
the automatic pump fail. Correct operation of either
Key points to highlight at relevant stages of of the pumps will effectively keep the basement
the exercise: from flooding.
> AND-gate and OR-gate logic. The cut set elements are:
> Impact ORed events have on system failure {1, 2}
compare to ANDed events.
{1, 3, 4}
> This exercise does not include the quantitative
{1, 3, 5, 6}
aspects of FTA whereby probabilities are
assigned to each of the causes thus enabling the Single points of failure are identified by the cut sets
prioritisation of corrective actions. elements containing only two events, the driving
event (water present in the basement) and the point
> Cut set generation is to be done via inspection.
of failure. So in this example, the float switch is a
More rigorous techniques exist for the generation
single point of failure.
of cut sets and these aid correctness.
* Toolkit content can be found at section 1.4 of PART 1 – Concepts, Principles & Tools
(Adapted from ‘Event Tree Analysis’, P.L. Clemens, Feb 2002, Jacobs Sverdrup)
Solutions
Figure 2: FTA Analysis of basement flooding. Note numbers included in independent events to aid listing of the cut set
Flooded
Basement
1 Pump System
Water Not Activated
Present in
Basement
2 Pumping
Float Fails
Switch Fails
to Close
3
Manual Pumping
Automatic
Fails
Pump
Fails
4 Bildge Pump
Alarm Fails
Fails
5 6
Bilge Pump Operator
Broken Inattentive
* Toolkit content can be found at section 1.4 of PART 1 – Concepts, Principles & Tools
Rumble strips (Administrative) > Identify a full range of causal factors using the
accident analysis models.
Reflective strips (Administrative)
> Recognition of precursor factors (work systems;
Warning devices in cars (Administrative)
plant and equipment; work environment; people
Training (Administrative) issues; and interactions) that lead to the injury:
Alcohol limits (Administrative) > Ability to identify measures that would control
the risk(s) using the hierarchy of control.
Age limits (Administrative)
Speed limits (Administrative) Context in which it could be used
Warning signs (Administrative) This activity can be used as an individual or small
Helmets (Personal Protective Equipment) group activity. This activity could be used in design
or management subjects where the significance of
(Example: J Culvenor 1997)
human factors upon technology and work system
Reference: Culvenor, J (1997), Breaking the Safety Barrier: Engineering New paradigms in
design is stressed.
Safety Design, PhD Thesis, University of Ballarat
* Toolkit content can be found at section 1.4 of PART 1 – Concepts, Principles & Tools
.3.1 Safe DeSign anD bUilD (Stage 1 from Engineers Australia) requires students
to undertake two or more construction projects
inStrUctor noteS and at least one major design project. Many
engineering faculties initiate design experiences in
Overview the early stages of a course with challenging design
The goal of this activity is to give students an and build exercises such as spaghetti bridges,
opportunity to develop and utilise their Safe Design gravity-powered vehicles or website development.
abilities while undertaking a design and build In addition, a number of undergraduate design
exercise. It is intended to be used in conjunction competitions, such as the Weir-Warman competition
with any existing design and build project that for Mechanical engineers, are available to
is currently used by an engineering educator encourage students to think creatively and solve
within their undergraduate engineering course. problems in an innovative way. These various
By broadening the design requirements of the design-and-build projects can be used to as a
existing project to include safe design it provides mechanism to introduce or reinforce safe design
an opportunity for educators to introduce a greater principles and concepts.
degree of ‘real-world’ constraints to these design The following activities can be used to enhance
and build activities. existing design oriented projects to ensure that
students develop an awareness of safety issues and
Intended learning outcomes ultimately the ability to accept their responsibilities
> Awareness of engineers' responsibilities for for safe design. The activities have been designed to
safe design. apply to a wide range of design activities from basic
to complex and to be easily integrated into existing
> Ability to identify safety issues and risks. subjects and projects.
> Ability to integrate safety principles into
engineering design. Approach to adding Safe Design to Design and
Build Projects
> Ability to understand inter-relationships between
safety and other design requirements. This activity is designed to illustrate how safe
design concepts can be embedded within a
> Awareness of the need to consider safety
design-and-build project using the tools available
implications in a design activity.
in the Safe Design Guide. The intention is not to
provide a definitive mechanism for embedding safe
Context in which it could be used
design within any design and build projects since
All Engineering courses are required to develop there is too much diversity in the currently used
student design capabilities. This is achieved in a projects to specify which Safe Design tools are the
variety of ways, ranging from unstructured problem most appropriate. For example, a project in civil
based activities to integrated design projects. engineering or construction would most likely find
Undergraduate engineering course accreditation the CHAIR guidewords are the most suitable risk
Indicative Example
Resources required (time, handouts)
This is context dependent Introduction to Mechanical and Mechatronic
Engineering – Into-the-Wind Design-and-
Build Project
Method of presentation
This is an adaptation of a project for a 1st year
Instructors may choose elements from these
Mechanical Engineering subject at the University of
activities to suit their individual needs and
Technology, Sydney developed by Terry Brown.
constraints. Ideally the activities require a briefing
component, using Part 1 of this resource, and The following document provides the details for the
adapting the lecture slides (Part 2.2) to their major design project for this subject. The project is
The Federal Government’s Sustainable Technologies > The wind source will be a domestic electric fan
Department is looking to provide funds to support with overall dimensions as shown above.
small companies in developing sustainable > The fan will be set to the highest speed setting.
technologies. They currently have a project that
> The vehicle must carry a "payload" across a
requires a company to design, develop and
"track" a distance of 2m.
manufacture several small wind powered vehicles.
Companies are invited to design and build one > The vehicle design should maximise the ratio
vehicle. The selection of the successful company of "payload" (m) to time (t) taken to cover the
will be based in part on the performance of the distance of 2m, i.e. (m/t).
vehicle in a competition between rival companies.
500mm
225mm
..1 forD pinto caSe StUDy > Code of Ethics (Safe Design Engineering Toolkit*
section 1.4.10)
inStrUctor noteS
> Students Notes for this example.
Overview
Suggested Assessment criteria/guidelines
The scenario used is a classic case that has been
No assessment criteria are provided for this activity.
influential in automotive safety. It contains many
of the challenges of engineering design which are
Method of presentation
still relevant today and which must be addressed
if Safe Design is to become a fundamental part 1. Form students into small groups (2-4 students).
of engineering. This activity can also be done by having
individuals do the activity and then combine
This discussion oriented activity is designed to
to discuss their opinions. There are extensive
explore an Engineers professional responsibilities,
online resources (listed in Student Notes)
ethical frameworks when dealing with issues related
available on this topic and instructors could get
to safety and approaches to making decisions about
students to do pre-reading prior to class.
public safety
2. Handout required resources to each group.
Intended learning outcomes 3. Get students to read the scenario
> Awareness of professional responsibilities of 4. Discuss the suggested discussion points and
engineers in relation to safety. other relevant issues.
> Awareness of Institute of Engineers, Australia
Code of Ethics. Scenario
> Awareness of the appropriateness of risk/cost- In the 1960’s there was strong competition in the
benefit analysis for public safety decisions. American small car market. To be competitive in
this market, Ford needed to have a product that
Context in which it could be used had the size and weight of a small car, had a low
cost of ownership and clear product superiority. The
Small group activity suitable for extensive
Ford Pinto went on to become one of the 1970’s
discussion. The example is suitable for discussions
best selling cars.
about ethics, engineering economics and design.
The Ford Pinto was designed to meet these criteria.
Resources required (time, handouts) The strict design specifications were that the car
was to weigh less than 2000 pounds and cost
> 30-45 minutes depending on the extent to
less than $2000. Ford also decided on a short
which students own views are presented to the
production schedule. Instead of the normal time
entire class.
from conception to production of 43 months for a
new model, the Pinto was scheduled for 25 months.
* toolkit content can be found at section 1.4 of part 1 – concepts, principles & tools
> ‘Because assembly-line machinery was already > Unit cost: $200,000 per death, $67,000 per
tooled when engineers found this defect, top injury, $700 per vehicle.
Ford officials decided to manufacture the > Total Benefit (180* $200k) + (180* $67k) +
car anyway.’ (2100*$700)= $49.5M.
> ‘For more than eight years afterwards, Ford
Risks/Costs
successfully lobbied against a key government
> Sales: 11 Million cars, 1.5 Million light trucks.
safety standard that would have forced the
company to change the Pinto’s fire prone > Unit cost: $11 per vehicle.
gas tank.’
> Total cost: (12.5*$11) = $137.5M.
It was concluded by Mother Jones from Pinto
Ford appear to have decided that it was not
accident reports and crash test studies that
‘reasonably practicable’ to fix the problem during
‘if you ran into that Pinto you were following at manufacture. It preferred to ‘retain the risk’ and
over 30 miles per hour, the rear end of the car make payments as required. There were no
would buckle like an accordion, right up to the Standards for withstanding rear–end collisions at a
back seat. The tube leading to the gas-tank specified speed until after 1977.
cap would be ripped away from the tank itself,
The Department of Transportation announced in
and gas would immediately begin sloshing onto
May 1978 that the Pinto fuel system had a ‘safety
the road around the car. The buckled gas tank
related defect’. Ford recalled 1.5 million Pintos. The
would be jammed up against the differential
modifications included a longer fuel filler neck and
housing (that big bulge in the middle of your
a better clamp to keep it securely in the fuel tank, a
rear axle), which contains four sharp, protruding
better gas cap in some models, and placement of a
bolts likely to gash holes in the tank and spill
plastic shield between the front of the fuel tank and
still more gas. Now all you need is a spark from
the differential to protect the tank from the nuts and
a cigarette, ignition, or scraping metal, and
bolts on the differential and another along the right
both cars would be engulfed in flames. If you
corner of the tank to protect it from the right rear
gave that Pinto a really good whack—say, at 40
shock absorber. (Centre for Auto Safety)
mph—chances are excellent that its doors would
jam and you would have to stand by and watch The consequences of Ford’s actions were
its trapped passengers burn to death.’ significant. Millions of dollars of civil lawsuits were
filed against Ford and awarded against the car
maker. In 1979 Ford Motor Company was charged
with reckless homicide but was acquitted in 1980.
The Ford Pinto ceased production within months.
> How to effectively inform the public about the Small group activity suitable for extensive
increased safety risks associated with certain discussion. The example is suitable for discussions
types of vehicles. about ethics, engineering economics and design.
6. When other costs have been cut as much as Resources required (time, handouts)
they can, one way to increase revenue is to get
products to the market as quickly as possible. > 20 minutes depending on the extent to which
This happened in the Ford Pinto case. This students own views are presented to the entire
will increasingly be a challenge to implement class.
whilst ensuring there is a thorough and > Students Notes for this example.
integrated approach to Safe Design. How can
this challenge be met? Suggested Assessment criteria/guidelines
Issues that could be raised in discussion No assessment criteria are provided for this activity.
> Could companies more explicitly document
how safety issues that arise during product Method of presentation
design can be accommodated during the 1. Form students into small groups (2-4 students).
manufacturing process? This activity can also be done by having
> Could systematic approaches to Safe Design be individuals do the activity and then combine
built into existing Standards. to discuss their opinions. There are extensive
online resources (listed in Student Notes)
> If sub-contracting is used to speed up available on this topic and instructors could get
concurrent product development, can students to do pre-reading prior to class.
contractual obligations be used to specify Safe
Design requirements? 2. Handout required resources to each group.
* Toolkit content can be found at section 1.4 of PART 1 – Concepts, Principles & Tools
AN EDUCATIONAL RESOURCE
FOR UNDERGRADUATE
ENGINEERING STUDENTS
QUIZ
>>>>
pArt C: sAFe design QuiZ
This section aims to both develop and assess aspects of student learning about Safe Design. The quiz uses
multiple choice, matching and ordering types of questions.
Question 1 MAtChing
Pair up definitions with terms:
Answer 1
1–G; 2–D; 3–F; 4–B; 5–E; 6–C; 7–A
Answer 2
Question 3 True/False
You are a professional mechanical engineer. You have designed and overseen construction of a playground
for the local school, a task for which you did not charge. Since you are not being paid for your professional
services you are absolved of any duty of care.
True
False
Answer 3
S True
R False
Question 4 Ordering
Order these elements of the OHS regulatory framework from those having overarching influence to least
influence over engineering practice:
Industry Standards/Guidance Notes
Standards
Codes of Practice
Regulations
Acts
Answer 4
1–Acts; 2–Regulations; 3–Codes of Practice; 4–Standards; 5–Industry Standards/Guidance Notes
Answer 5
R Acts R Regulations
S Industry Standard/Guidance Notes S Codes of Practice
S Australian and International Standards*
* Unless Australian standards are contained/called up in regulation or an Act.
Answer 6
R Contractors and sub-contractors
R Employees
R Employers
Answer 7
R Acts
R Regulations
S Risk Management Standards
R Criminal and Civil Legal action
R Disciplinary action by the Institute of Engineers, Australia or the Professional Standards Association
Answer 8
R Contractors and sub-contractors
R Employers
R Employees
Answer 9
S When referred to in a Code of Practice
R When explicitly referred to in an Act or Regulation
S Always
S None of the above
Answer 10
S it is a framework for risk management that is focussed specifically in engineering risks
S its purpose is to enforce uniform risk management systems in all contents
S it is designed to be a stand-alone, comprehensive standard that does not require interaction with other
professional standards
R none of the statements above.
AS/NZS 4360:1999, Risk Management provides a generic framework for establishing the content,
identifying, analysing, evaluating, treating, monitoring and communicating risk.
Answer 11
R must reflect the culture and practices of the organisations in which they are applied.
S must not be influenced by the particular cultures and organisational practices in which they are applied.
Question 12 Matching
The following diagram shows an overview of the Risk Management process. Match the letters in the
diagram with the appropriate term.
A F
A is D is
B is E is
C is F is
Answer 12
A is Communicate & Consult D is Analyse & Evaluate risks
B is Establish the Context E is Control risks
C is Identify risks F is Monitor and Review
Answer 13
R the probability of an event that impacts upon the organisation’s objectives
R the consequences of an event upon the objectives of an organisation
S the likelihood of people’s exposure to an event that has an impact upon an organisation’s objectives
Answer 14
R risk identification
R risk analysis
R risk evaluation
S risk treatment
Answer 15
R financial criteria
R legal criteria
R humanitarian criteria
R technical criteria
Answer 16
S Avoid
S Treat
R Transfer
S Accept
S Ignore
Answer 17
S should not be developed until after the risk treatment is completed
S must be determined before any of the risk management processes commence
R must be established before the risk identification process begins, but may be subsequently refined
S must be firmly established before the risk identification process begins, and must not be altered
S are universally set and not subject to how the risks emerge in individual contents.
Question 18 Matching
Once a hazard is identified and the risk analysed, there are 4 strategies for dealing with hazard. Match the
strategy with the correct definition.
Answer 18
1–D; 2–A; 3–C; 4–E; 5–B
Answer 19
R Establishing the content of risk management
R Risk identification
R Risk analysis
R Risk evaluation
R Risk treatment
Answer 20
R establishment of the content
R risk identification
R risk analysis
R risk evaluation
R risk treatment
Answer 21
S semi-quantitative analysis
S quantitative analysis
R qualitative analysis
Answer 22
R reducing the likelihood
R reducing the consequences
R transfer the risk
R avoid the risk
Answer 23
R Experiments and prototypes
R Relevant published literature
R Economic, engineering or other models
S Personal opinion
Question 24 Ordering
The Hierarchy of Control is a variety of risk control options that are used to manage occupational health
and safety risk. Please order these, with the most protective and therefore preferred option at the top and
decreasing through to the least preferred option.
Elimination
Administrative (procedural) controls
Engineering controls
Personal Protective Equipment
Substitution
Answer 24
1–Elimination; 2–Substitution; 3–Engineering controls; 4–Administrative (procedural) controls; 5–Personal
Protective Equipment
Answer 25
S True
R False
Question 26 True/False
Controlling risk through the use of administrative controls (e.g. guidance and training on the safe use of
forklifts) is always effective.
True
False
Answer 26
S True
R False
Question 27 True/False
Controlling risk through the use of administrative contrls (e.g. pilot and air traffic controller training) and
technology is always effective.
True
False
Answer 27
S True
R False
Answer 28
1. Reduce the height of aircraft landing gear
2. Increase aircraft component reliability
3. Provide a special motorised maintenance trolley
4. Increase supervision to ensure compliance with safety rules
Question 29 Ordering
Kelly is a gardener at a metropolitan hospital. Kelly was cleaning a ‘gang’ mower when she cut her foot.
Kelly had seen other gardeners clean the mower by hosing the blades with water while operating them in
reverse. Kelly was washing the mower in this way when her left foot touched the moving blades. The blades
left deep cuts in her big toe and two adjacent toes. There had been no verbal or written instruction about
how to wash the mower safely. The hospital provides safety boots but Kelly was not wearing them at the
time of the accident. Often outdoor workers wear their own shoes claiming that they are more comfortable.
The hospital has now developed a code of practice for the safe operation of the gang (example J. Culvenor).
Please ORDER the risk control options from preferred to least preferred based on the hierarchy of control
Remind all outdoor staff to wear safety boots
Provide training in the new code of practice
Re-sow the grass with a slower growing native variety
Use sheep to graze the grass
Answer 29
1. Use sheep to graze the grass
2. Re-sow the grass with a slower growing native variety
3. Provide training in the new code of practice
4. Remind all outdoor staff to wear safety boots
Answer 30
1. Pipe the liquid from the receiving storage area to the production line
2. Provide forklifts with dual controls such that they can be driven in reverse
3. Improve the lighting in the ‘roadway’ section of the factory
4. Create a strict rule that in the interests of safety the existing walkways must be used