Team A - Option 1 - Hazard Log
| wdt_ID | Hazard ID | Hazard Title / Description | Causes | Control / Safeguards | Accident Sequence | Accident Description | Accident Severity | Accident Frequency | Risk Class | Recommendations / Actions | ALARP Argument |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 145 | 1 | Pneumatic Pump Overpressure | Pump Failure; High Pressure Air Supply anomaly | Pressure Sensor on output side to Tanker monitored by Control System; Isolation via manual butterfly valve | Pump pressurizes to 200 Bar → Pressure sensor fails to identify pressure increase OR isolating valve not opened within 10s of overpressure warning → rupture of pipework/valve on output side of the pump → pressurized oil spill on Oil Rig → reaches ignition source → catastrophic fire | Catastrophic fire due to pneumatic pump overpressure | Catastrophic - Multiple deaths | Probable - Likely to occur often (e.g. monthly) | A | Add a PRV; Fit an air pressure regulator to the supply leg of the air supply Testing & Maintenance of the components; Automate the Isolating Valve, Add an automated isolating valve to the output from the storage tank to the pump; Training | |
| 148 | 2 | Overpressure of Storage Tank | Failure of PRV; Failure of Butterfly Valve | Material design of Storage Tank proven to 25bar; PRV in storage tanks | Material degradation (corrosion and fatigue) or Procedural failure: Failure of safety systems, The critical event: Catastrophic rupture which will result in oil spill, contamination of equipment and environment, The hazard unfolds: Explosion and fire | Overpressure of Storage Tank results in oil spill on the Platform or into the Sea, leading to catastrophic fire/explosion and/or environmental damage | Catastrophic - Multiple deaths | Remote - Likely to occur sometimes (e.g. every two years) | B | Control System to provide remote monitoring of butterfly valves, Automate the butterfly valves; change butterfly valves to ball valves |
Team A - Option 2 _ Hazard Log
| wdt_ID | Hazard ID | Hazard Title / Description | Causes | Control / Safeguards | Accident Sequence | Accident Description | Accident Severity | Accident Frequency | Risk Class | Recommendations / Actions | ALARP Argument |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 80 | 1 |
Team A - Option 3 - Hazard Log
| wdt_ID | Hazard ID | Hazard Title / Description | Causes | Control / Safeguards | Accident Sequence | Accident Description | Accident Severity | Accident Frequency | Risk Class | Recommendations / Actions | ALARP Argument |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 133 | 1 | Electric Pump Overpressure | Pump Failure Failure of PCB causing pressures in excess of 25bar |
Pressure Sensor on output side to Tanker monitored by Control System; Isolation via manual butterfly valve | Pump pressurizes to 100 Bar → Pressure sensor fails to identify pressure increase OR isolating valve not opened within 10s of overpressure warning → rupture of pipework/valve on output side of the pump → pressurized oil spill on Oil Rig → reaches ignition source → catastrophic fire | Catastrophic fire, environmental damage, injury to personnel, infrastructure damage due to electric pump overpressure. |
Catastrophic - Multiple deaths | Improbable - Unlikely but may occur (e.g. every five years | A | Add a PRV; Automate the Isolating Valve Testing & Add an automated isolating valve to the output from the storage tank to the pump;; Increase Maintenance of the components; Increase the testing & inspection regime; PRV sensing; add in fire detection and alarm across the rig and control centre (local module only at present); removal/separation of ignition sources from with the area of pressurised oil systems; Training; Dangerous Substances and Explosive Atmospheres Regulations (DSEAR) Compliance Assessment Report. Apply additional operating limits Implement an Emergency Cutoff & Implement manual override SOPs for crew. Require additional supervising personnel in the vicinity of the pump and metering system when in action. Install temporary pressure sensors with alarms. Limit pump operation to short cycles with cooldown periods. Conduct weekly inspections of pipework and metering unit. Update crew training on emergency shutdown and pressure management. |
With the further additional mitigations, following HazID Panel review of the PCB failure, the initial Cat A risk has been assessed to reduce to Catastrophic/Improbable- Cat C: Apply additional operating limits Implement an Emergency Cutoff & Implement manual override SOPs for crew. Require additional supervising personnel in the vicinity of the pump and metering system when in action. Install temporary pressure sensors with alarms. Limit pump operation to short cycles with cooldown periods. Conduct weekly inspections of pipework and metering unit. Update crew training on emergency shutdown and pressure management. The risk associated with the continued operation of pumping oil from the wellhead to the tanker cannot be entirely eliminated due to the essential nature of the activity. However, in accordance with ASEMS guidance and the principles of ALARP (As Low As Reasonably Practicable), the following justification is provided: Hazard Identification and Control Measures: All relevant hazards have been identified and documented in the Hazard Log. Additional safety controls have been introduced to mitigate these risks. Each control has been assessed for practicability and found to be both feasible and effective. Design Compliance: The rig has been designed with reference to DSA01 standards and Good Practice Guides. Where full compliance with DSA01 has not been achievable, compensatory measures have been implemented to reduce residual risks to ALARP. Cost Benefit Analysis (CBA): A formal CBA has been conducted to evaluate the proportionality of implementing the additional safety controls. In all cases, the cost of implementation has been deemed reasonable when compared to the safety benefits gained. ALARP Conclusion: Based on the above, and in alignment with ASEMS requirements, it is concluded that all reasonably practicable measures have been taken. Therefore, the residual risk is considered to be reduced to a level that is ALARP. |
| 134 | 2 | High Voltage | Component Failure; Insulation Failure; lack of maintenance; human error | SQEP operators, SQEP maintainers, training, maintenance schedules; SOPs; routing of high voltage cables away from high risk areas | Procedural failure: Failure to isolate and prove dead, Equipment failure or environmental factor, The critical event: Insulation breakdown and arc flash initiation, resulting in electrical fire. The hazard unfolds: The high-energy event, The outcome: Serious injury or fatality | Death or Serious injury and/or Fire Damage to equipment as as result of failure of High Voltage electrical system | Catastrophic - Multiple deaths | Remote - Likely to occur sometimes (e.g. every two years) | C | Training of operators and maintainers; third party assurance; routing of high voltage cables away from hazards; adequate fire detection & suppression system; regular thermographic surveys / cable inspections | |
| 135 | 3 | Overpressure of Storage Tank | Failure of PRV; Failure of Butterfly Valve, Failure of NRV (enabling reverse flow OR failing to release pressure in the tank) | Material design of Storage Tank proven to 25bar; NRV to Storage Tank prevents backflow from pump into tank; Control System provides remote monitoring of butterfly valve; PRV in storage tanks | Material degradation (corrosion and fatigue) or Procedural failure: Failure of safety systems, The critical event: Catastrophic rupture which will result in oil spill, contamination of equipment and environment, The hazard unfolds: Explosion and fire | Overpressure of Storage Tank results in oil spill on the Platform or into the Sea, leading to catastrophic fire/explosion and/or environmental damage. | Catastrophic - Multiple deaths | Improbable - Unlikely but may occur (e.g. every five years | C | PRV sensing/Detection system; automated isolating valve on output from the Storage Tank; Metering System for storage tank fill level; bunded tanks; overflow storage tank; elimination of ignition sources within the hazard area | |
| 136 | 4 | Noise | Running Machinery; inadequate PPE; personnel operating to close to machinery | Training; SOPs; PPE; noise damping; warning signs; personnel to follow the RA. | Injury to personnel operating to close to the machinery | hearing damage to personnel | Negligible - At most a single minor injury or minor occupational illness | Occasional - Likely to occur several times (e.g. annually) | C | Training of personnel, follow RA, wear PPE and monitor noise levels regularly around machinery, regular inspections and maintenance of machinery, regular breaks for personnel. | |
| 137 |
Task B – Risk Assessment
For each option above, complete a risk assessment of all identified hazards, using the definitions and the matrix provided below.
Severity Definitions
Frequency Definitions
Risk Matrix
Risk Class Definitions
Conclusion
Now that you have completed the hazard analysis of the three technical options, update the Padlet below to capture:
- Your findings from the hazard analysis of each option
- Which is your preferred option, based upon the outcome from the hazard analysis, and justify your selection
