Identify the hazards, mitigate the risks

Safety is a practice that needs to constantly be examined and refined in order to avoid an unsafe event

By Mike Duta, Michael Kingsley and Mike Miller, Rockwell Automation October 26, 2010

A team’s ultimate goal is to win, but without defining roles, agreeing on a game-day strategy and choosing the right plays, achieving that goal is nearly impossible.

Facility management, safety program managers and machine designers may all agree that employee safety is a top priority for their company. However, without a clear method for identifying hazards and appropriately mitigating risk, providing employee safety on the factory floor can be a blurry challenge.

The best way to determine and illustrate machine safety is through a risk assessment.

A thorough assessment helps identify the areas of risk within a plant and pinpoint the best people and technologies to minimize those risks. A risk assessment will also help companies establish acceptable levels of risk for their operations, which in turn helps determine what safety strategies – people, processes and technologies – they need. Performing a risk assessment will lay the framework and help chart the course for an effective machine-guarding strategy designed to protect a company’s investments in personnel and machinery.

Comply with standards

A machine designer’s first motivation for conducting a risk assessment often is to help ensure a particular machine complies with appropriate safety standards. Risk assessment documentation should be filed and maintained for the entire life of a machine and serve as documented proof of a company’s due diligence and self-certification of compliance with safety standards.

“At General Motors, we created a risk assessment program to help identify potential hazards, determine safety automation needs and ensure that machines and equipment meet applicable code requirements. But the findings also helped cost-justify investments in innovative safety solutions where upgrades were needed,” said Mike Douglas, the company’s senior manager and consultant, Global Health & Safety, Design, Standards and Technologies.

In the United States, conducting a risk assessment provides a method for complying with the OSHA CFR 1910.147(a)(2)(ii)(B) standard known as the “Minor Service Exception to Lockout/Tagout.” The minor service exception allows employees to access hazardous areas of a machine to perform minor service without performing a full lockout/tagout as long as certain criteria are met. The 2003 edition of the ANSI/ASSE standard known as “Control of Hazardous Energy – Lockout/Tagout and Alternative Methods” (Z244.1) requires that machine builders specify safety system controls above and beyond lockout/tagouts.

Global safety standards

Additionally, a risk assessment is typically required to comply with all worldwide machine safety standards. For example, EN ISO 13849-1 is one international safety standard that mandates a risk assessment. According to the European Commission’s Machinery Directive, after Dec. 31, 2011 – the end of a two-year grace period following the original deadline of Dec. 29, 2009 – machine builders shipping into or out of Europe will be required to conduct and document a risk assessment under EN ISO 13849-1.

Furthermore, global manufacturers, including some of the world’s leading automotive manufacturers, are already specifying that any machine in their plants worldwide complies with the international safety standards. Therefore, machine builders will need to conduct a risk assessment as the first step in continuing to serve global customers with manufacturing plants worldwide.

Risk assessments also help define a machine’s level of safety, i.e., freedom from unacceptable risk. A safe machine might simply be considered a machine that can be operated and maintained under minimum exposure and with minimum risks to its operator and environment. A risk assessment serves as an effective method for properly identifying and assessing the real hazards involved in operating a particular machine. To get started, a machine designer should follow these five key steps:

The Steps of Risk Assessment

1. Define all known machine characteristics and limits.

To define all the known characteristics and limits of the machine, detailed information about the machine and its intended use must be documented. This information generally is collected once and then maintained as part of the risk assessment file for the life of the machine. It is important to capture accurate data because it will be used as justification for any conditional assumptions made later in the risk assessment process, such as when considering the speed and/or potential of a hazardous energy source or component.

Developing the limits of the machine should include documenting various pieces of information about the machine’s general use – for example, operational specifications, energy sources, production rates, expected production environment, expected training or experience of an operator or technician. This is the beginning of the documentation process, and the information should be collected prior to beginning the next phase of assessment. A typical worksheet is shown below.

2. Identify all tasks in order to identify all hazards.

Next, identify all known hazards associated with operating and maintaining the machine. To accomplish this, first identify and list all known routine, repetitive and integral tasks that personnel perform while operating the machine. Step through each task methodically to allow hazards to be more easily identified. Consider tasks for all affected personnel such as operators, maintenance, engineering, custodial, quality control, and so forth.

For example, a janitorial task may require cleaning scrap from around or underneath the machine. A potential hazard could be an unexpected startup of the machine while the employee reaches or has climbed under the machine for cleaning. Be sure to reveal as many potential hazards as possible by asking personnel to describe their exact actions while completing the task. For example, a maintenance employee may indicate that a certain maintenance task requires reaching an arm up above a machine’s part or into a machine. Revealing this action could indicate one or more new potential hazards.

Also identify and document any conditional exposure to machine-based hazards. For example, guests may be exposed during facility tours, or subcontractors who must work in proximity of the machinery may be exposed during their work.

Hazard identification should provide a clear list of all reasonably foreseeable hazard scenarios – even seemingly improbable hazards such as unexpected startup.

If the assessment is being conducted on an existing machine, it is also a best practice to photograph each potential hazard and include this in the risk assessment documentation. This will provide reference material to a designer for future design stages or subsequent risk assessment processes.

3. Estimate all known risks associated with each identified hazard.

The next step involves estimating the components of risk associated with the hazard exposure in order to calculate an ultimate risk and/or risk reduction level. While various safety standards may have slightly different definitions, risk can be generalized as the combination of the severity of harm and the probability of the occurrence of that harm. Depending on the risk model being utilized (they are all very similar), the methodology may estimate risk by assessing two, three, or four risk parameters. For example, a three parameter model may assess the following parameters:

  1. Severity of harm;
  2. Frequency of exposure to the hazard;
  3. Likelihood of avoiding the hazard

Machine safety risk models are designed to be fairly straightforward and do not require complicated quantitative or statistical estimations. Instead, the models require you to select a qualitative value from two or three possible selections. For example, severity of harm may be estimated as either minor (reversible) or major (irreversible). The process has been simplified in this respect to make it possible for a broad range of personnel to perform it.

When identifying hazards and estimating risk, it is necessary to maintain a level of conservativeness, while incorporating common sense and experience. For instance, many companies make the mistake of planning for the worst but disregard the likelihood of less severe but more frequently experienced incidents.

4. Evaluate the risks.

After the team has estimated and documented the risk parameters, tabulate an initial risk value. This initial risk value will then be evaluated relative to acceptable risk established by the company. This generally is determined to be some fixed value in the matrix, but will also require some rationalization by the team.

If the initial risk is determined to be of an acceptable level, apply some level of mitigation, no matter how low the risk. It is important that low risk items are identified and assessed – as these less severe risks can lead to highly severe incidents.

If the initial risk is determined to be unacceptable, the risk assessment team must evaluate the task and hazard exposure in order to recommend new safeguards and mitigation measures.

5. Risk reduction.

If the risk has been evaluated as unacceptable, it will be necessary to apply risk mitigation measures to reduce the risk to an acceptable level. Ideally, the best way to minimize a hazard is to design it out of a machine or process all together.

This can usually be accomplished during the conceptual design phase when process functional requirements, as well as required operational and maintenance tasks are defined initially. This will allow designers and engineers to more effectively minimize hazards, such as pinch points or sharp edges, that otherwise would require safeguarding. If the hazard cannot practicably be minimized, then it will be necessary to apply safeguarding to effectively reduce the risk.

Ideally, machine designers should take a hierarchical approach (see below) to risk reduction. This approach, as defined in the figure below, is defined by a qualitative scale of safeguarding effectiveness. The top measure (design it out) being the most effective, while the bottom measure (personal protective equipment) being least effective. This globally accepted risk reduction hierarchy provides a risk reduction strategy.

This approach is often used in conjunction with a correlated risk chart to determine what type of measure is appropriate for a particular application and level of risk. In addition, it provides an effective check and balance to assure that mitigation measures, like warning signs, are not applied alone as mitigation for higher level risks.

Hierarchy of Risk Reduction Measures

  1. Design out or minimize the risk.
  2. Use fixed enclosing guards or distance guarding to protect against exposure to hazards.
  3. Use interlocked guarding or other safety devices to protect against or detect exposure to hazards.
  4. Use awareness methods, i.e., lights, horns, etc.
  5. Develop safe working procedures, focused safety training, and operator awareness of residual risk.
  6. Specify the use of appropriate personal protective equipment and policies.

6. Estimate residual risk / re-evaluate

Finally, the team needs to calculate residual risks to determine if the newly installed safeguards have created new potential risks. Once residual risk is calculated, re-evaluate whether an acceptable risk level was achieved. In some cases, the process of risk reduction for a single hazard may have to be implemented several times before the risk is mitigated to an acceptable value.

In addition, the team must ensure that newly applied safeguards allow personnel to operate machinery safely and maintain productivity. For example, if the newly installed safeguard impedes a worker’s ability to perform a job quickly and comfortably, the worker might choose to override or remove the safeguard, which causes a new and potentially higher risk.

To effectively employ modern safety design standards and safety-rated technology, all industries must form more proactive relationships between OEMs and end-users. In this case, safety can be addressed earlier in the equipment lifecycle and the process of risk assessment can be a more collaborative effort industry-wide. In turn, this will help drive the cost of implementing safety solutions down, while increasing worker safety and improving productivity in the industrial environment.

-Mike Duta is manager of Machine Safety Services, Michael Kingsley, CFSE, is a safety consultant, and Mike Miller is director of Global Safety Market Development for Rockwell Automation.