QP Philosophy For Hse Risk Management

STANDARDS PUBLICATION
QP PHILOSOPHY FOR
HSE RISK MANAGEMENT
DOC NO: QP-PHL-S-100
REVISION 1
CORPORATE HSE SUPPORT DEPARTMENT

QP PHILOSOPHY FOR HSE RISK MANAGEMENT
DOC. No. QP-PHL-S-100 Rev. 1
TABLE OF CONTENT
Page No.
FOREWORD
1.0 INTRODUCTION............................................................................................ 5
1.1 QP POLICY REQUIREMENTS...................................................................... 5
1.2 QP HSE MANAGEMENT SYSTEM................................................................ 5
1.3 QP HSE RISK MANAGEMENT (HSE RM)..................................................... 6
1.4 OBJECTIVES................................................................................................. 9
1.5 QP HSE RISK MANAGEMENT PRINCIPLES................................................ 9
2.0 SCOPE………………………………………………………………..................... 10
3.0 APPLICATION ………………………………………………………................... 10
4.0 TERMINOLOGY …………………………………………………….................... 11

4.1 DEFINITIONS ……………………………………………………….................... 11
4.2 ABBREVIATIONS …………………………………………………….................. 13
5.0 REFERENCE STANDARDS AND CODES ……………………….................. 14

5.1 INTERNATIONAL STANDARDS AND CODES............................................. 14
5.2 QP RELATED DOCUMENTS......................................................................... 15
6.0 PROCEDURAL CONCEPTS......................................................................... 16

6.1 GENERAL REQUIREMENTS FOR IMPLEMENTATION & USE OF HSE
RISK MANAGEMENT..................................................................................... 16
6.2 PRINCIPLES FOR ESTABLISHING RISK ACCEPTANCE CRITERIA.......... 18
6.3 MEASURE OF RISK....................................................................................... 18
6.4 TYPES OF RISK ACCEPTANCE CRITERIA AND ASSOCIATED RISKS
LEVELS.......................................................................................................... 18
6.5 RISK TREATMENT........................................................................................ 18
7.0 QP RISK ACCEPTANCE CRITERIA............................................................. 19

7.1 QUANTITATIVE CRITERIA LEVELS............................................................. 19
7.2 QUALITATIVE CRITERIA LEVELS................................................................ 25
8.0 QP HSE RISK ASSESSMENT REQUIREMENTS......................................... 30

8.1 GENERAL....................................................................................................... 31
8.2 PROJECTS..................................................................................................... 31
8.3 OPERATIONS................................................................................................ 32
8.4 ACTIVITIES BEING PERFORMED BY CONTRACTORS FOR QP............... 32
8.5 PROCESSES................................................................................................. 32
8.6 NEW VENTURES/ ACQUISITIONS............................................................... 33
8.7 CLOSURE (MOTHBALLING, DECOMMISSIONING, DISMANTLING &
REMOVAL ACTIVITIES)............................................................................... 34
8.8 MISCELLANEOUS......................................................................................... 34
9.0 QP HSE RISK TREATMENT REQUIREMENTS........................................... 34

9.1 SELECTION OF RISK TREATMENT OPTIONS............................................ 35
9.2 PREPARING AND IMPLEMENTING RISK TREATMENT PLANS................ 35
9.3 REQUIREMENTS........................................................................................... 36
9.4 DEMONSTRATING ALARP .......................................................................... 36
9.5 THE COST BENEFIT ANALYSIS APPROACH ............................................. 38
Doc File No.: PHL-S-100 R1 Page 2 of 49 Custodian Dept: ST

10.0 RESPONSIBILITIES...................................................................................... 39
10.1 EXECUTIVE MANAGEMENT......................................................................... 40
10.2 DIRECTORS AND CORPORATE MANAGERS............................................. 40
10.3 LEADERSHIP (REGIONAL/ DEPARTMENTAL/ BUSINESS UNIT/ SITE)
MANAGEMENT.............................................................................................. 40
10.4 MANAGER, CORPORATE HSE SUPPORT (ST).......................................... 40
10.5 ENGINEERING............................................................................................... 41
10.6 CORPORATE HSE RISK MANAGEMENT STEERING COMMITTEE.......... 41
10.7 CORPORATE HSE RISK MANAGEMENT GROUP...................................... 42
10.8 REGIONAL HSE RISK MANAGEMENT TEAMS........................................... 42
10.9 ENTITY (BUSINESS UNIT/DEPARTMENTAL/SITE) LEVEL HSE RISK
MANAGEMENT WORKGROUPS.................................................................. 43
11.0 COMMUNICATION, DOCUMENTATION, AND MONITORING.................... 44

11.1 COMMUNICATION......................................................................................... 44
11.2 HSE RISK REGISTER.................................................................................... 45
11.3 HSE RISK REGISTER REQUIREMENTS...................................................... 45
11.4 MONITORING & TRACKING OF HSE RISKS & RECOMMENDATIONS..... 45
12.0 APPENDICES................................................................................................ 47
12.1 APPENDIX I – TABLE 2 GUIDANCE ON SELECTION OF TOOLS.............. 47
12.2 APPENDIX II – A TYPICAL HSE RISK REGISTER FORMAT....................... 48
REVISION HISTORY LOG............................................................................ 49

FOREWORD
This document has been developed by Corporate HSE Support Department,

reviewed by User Departments, reviewed and edited by Corporate Quality and
Management System Department and endorsed by QP Executive Management for use
as Corporate Technical Standard.
This document is published for QP Departments/ Contractors/ Consultants utilization.

It is emphasized that this document is to be used throughout QP wherever applicable
and appropriate.
The document in its present form reflects, as far as possible, the Corporation‘s current
requirements taking into account current industry practices and applicable national and
international codes and standards.This document shall be subjected to periodical
review to re-affirm its adequacy to conform to any changes in the corporate
requirements and to include any new developments on the subject.
This corporate philosophy (QP-PHL-S-100) supersedes QP Criteria for Quantitative

Risk Analysis (QP-GDL-S-014).
It is recognized that there will be cases where addenda or other clarifications need to
be attached to the standard to suit a specific application or service environment.
However, the content of the document shall not be changed or re-edited by any user.
Any addendum or clarifications entailing major changes shall be brought to the
attention of the Custodian Department.
The custodian of this document is Corporate HSE Support Department (ST).

Therefore, all comments, views, recommendations, etc. on it shall be forwarded to;
Manager, Corporate HSE Support Department (ST) and copied to Manager,
Corporate Quality & Management Systems Department (QA).

1.0 INTRODUCTION
1.1 QP POLICY REQUIREMENTS
Qatar Petroleum is committed to the protection of the health and safety of its
employees, contractors and members of the public, as well as the protection of its
assets and the environment. QP‘s policy is to conduct its activities such that it strives
towards an incident free, secure, safe and healthy workplace with the objective of
doing no harm while conducting its business.
The Policy furthermore states that QP policy is to conduct its activities such that it;
 Complies with all applicable legislation, regulations and relevant industry
standards,
 Manages occupational health, safety, quality, environment and sustainable
development matters as an integral part of its business activities,
 Promotes the health and safety of its employees, contractors, visitors and the
local community, and
 Considers the environmental impact in all phases of QP business including
engineering design, construction, testing, commissioning, operations,
maintenance and decommissioning of plants, facilities and equipment.
On general HSE issues, QP manages all risks to a level which is ALARP.
1.2 QP HSE MANAGEMENT SYSTEM

The systematic approach to HSE management as required to implement this policy
was documented in the Guide to HSE Management System originally issued mid
2000. The Guideline makes specific reference to ―Hazard Identification and Risk
Management‖ as a separate element of the fifteen elements which comprises the QP
generic HSE MS model. By applying an HSE MS approach based on structured, risk
based assessment and management principles, QP will make informed business
decisions and reduce risk. This will aid prevention of incidents and losses.
Fig. 1: QP Management System Model

Fig. 2: QP HSE Management System Elements
The assessment and control of risk are essential requirements for proactive HSE
management. In order to make a value judgement and to decide acceptability of
risks, easily understood criteria should be set and rigorously followed. Risk criteria
are required to ensure consistency in evaluating the results of relevant studies and to
formulate a proactive approach to accident and incident prevention.
1.3 QP HSE RISK MANAGEMENT (HSE RM)
1.3.1 Organizational objectives relate to a range of the organization's activities; from
strategic initiatives to its projects, processes and operations, and be reflected in
terms of societal, environmental, technological, safety and security outcomes,
commercial, financial and economic measures, as well as social, cultural and
reputation impacts.
1.3.2 All activities of an organization involve HSE risks that need to be managed. The HSE
risk management process aids decision making by taking account of uncertainties

and the possibility of future events or circumstances (intended or unintended) having

effect on agreed objectives.
1.3.3 QP recognises that managing HSE risk effectively is critical to achieving its business
objectives. Every QP Business, Function and Business Unit (Regions, Directorates
and Departments, Projects, etc.) is required to review their business environment,
state clear objectives and:
a. identify HSE risks to the achievement of those objectives;
b. assess the impact and likelihood of the risks materialising;
c. implement effective actions designed to:
 achieve business objectives;
 safeguard company assets from inappropriate use or loss;
 facilitate economic, effective, efficient and safe operations; and
 enable compliance with the boundaries set by the HSE RM standard.
1.3.4 Every QP Business, Function and Business Unit shall monitor, communicate and
report changes in HSE risk environment as well as the effectiveness of actions taken
to manage identified HSE risks on an ongoing basis. QP HSE Risk management
therefore includes the application of logical and systematic methods for;
a. establishing the context;
b. identifying, analyzing and evaluating the risks - an overall process of Risk
Assessment
c. Risk treatment
d. monitoring and reviewing risks;
e. reporting and recording the results appropriately;
f. communicating and consulting throughout this process;
as depicted in Fig. 3.
1.3.5 In 2001, the QP philosophy for Fire and Safety QP-PHL-S-001‖ was issued as a
corporate standard with the primary objective to ensure that the Fire & Safety design
of QP facilities reduces the risk, to plant personnel, third parties, the environment,
production revenue and capital investment during operation of the facilities, to as low
as reasonably practicable. This primary objective shall be assured by utilising a risk
based approach to the design of the facilities, to applying appropriate Codes and
Standards, application of quality assurance procedures, coupled with Technical
Safety reviews; undertaken at key stages in the design process.
1.3.6 A corporate standard titled ―QP Criteria for Quantitative Risk Analysis QP-GDL-S-
014 R 3‖(which is superseded by this document) was issued in 2006 with the
objective to define the criteria to be used in Quantitative Risk Assessment, (QRA),
studies carried out for QP or where QP has a 3rd party interest (i.e. is a major
stakeholder in the project). These criteria are to ensure the consistency of studies in
order that direct comparison may be made between studies.
1.3.7 An inter-departmental procedure titled ―Project Risk Management IP-ENG-030‖ was
originally issued in Jan 2009 with an objective to provide an efficient and effective
risk management process throughout the project life cycle as well as setting out a
control mechanism for minimizing / eliminating project risks, including HSE risks,
applicable to all Capital Projects handled by the Technical Directorate within QP.

Establishing the Context

 The strategic context
 The external context
 The internal context
 Context of Risk management process
 Developing criteria & scope
 Deciding the structure
RISK ASSESSMENT
Identification of the Risks
 What can happen?
 How it can happen?
 Identifying the source of risk,
events – their causes and
potential consequences
Communicate and Consult
Analysing the Risks
Monitor and Review

 Determining presence and
effectiveness of existing controls
 Determining likelihood
 Determining consequence
 Estimating level of risk
Evaluating the Risks

 Compare level of risk with
established criteria
 Whether a risk needs treatment;
 Priorities for treatment;
 Whether an activity should be
undertaken;
 Which of a number of paths
should be followed.
Make decisions
on acceptability
Treating the Risks

 Identify & evaluate treatment options
 Selection of risk treatment options
 Prepare and implement treatment plans
Fig. 3: HSE Risk Management

1.3.8 This corporate HSE Risk Management philosophy is the overarching standard
establishing HSE Risk Management requirements to be followed throughout QP in
all its operations and activities.
1.4 OBJECTIVES
1.4.1 The primary objective of this philosophy is to describe the HSE risk management
concepts, principles and processes which are the minimum recommended for use
within the QP Businesses, Functions and Business Units (Regions, Directorates and
Departments, Projects, etc.). The objective is also to identify the risk tolerability
criteria which shall, as a minimum, be used within QP Businesses, Functions and
Business Units.
1.4.2 The objective is further to provide an efficient and effective HSE risk management
process for planning, identifying, analyzing, mitigating and responding to HSE risks
throughout the life cycle as well as setting out a control mechanism for minimizing /
eliminating HSE risks events impacting the QP.
1.4.3 This philosophy specifically aims:
 To introduce a common and consistent approach to HSE risk management
throughout QP Businesses, Functions and Business Units.
 To introduce common risk terminology as a basis for sharing of the principles,
training methods, ideas and resources throughout QP Businesses, Functions
and Business Units.
 To highlight techniques used to arrive at the qualitative and quantitative risk
assessments of QP Businesses, Functions and Business Units.
 To set the basis for risk acceptance criteria and to set specific and consistent
tolerability criteria for qualitative and quantitative assessment of risk levels which
are applicable throughout the QP Businesses, Functions and Business Units.
1.4.4 The principles of HSE risk management as outlined in this philosophy are meant for
all QP Managers and Supervisors. The philosophy should assist management in
making critical HSE decisions as well as assist line supervision in the day to day
management of site HSE risks.
1.4.5 Since QP HSE MS Element 5 requires all QP businesses to have systems which
identify, assess, and manage risks, this document will be used during the
development and updating of risk management systems and procedures.
1.4.6 This philosophy does not aim to provide detailed guidance on specific hazard/
aspect identification (e.g. HAZOP, HAZAN, HAZID, ENVID) or risk assessment
techniques (e.g. QRA, EIA). Reference should be made to other referred detailed
documentation available either as corporate standards, guidelines or inter
departmental procedures.
1.5 QP HSE RISK MANAGEMENT PRINCIPLES
The following are the HSE Risk Management principles to which QP commits to comply:
a. HSE Risk Management creates and protects value.
b. HSE Risk Management is an integral part of all organizational processes.
c. HSE Risk Management is part of decision making.
d. HSE Risk Management explicitly addresses uncertainty.

e. HSE Risk Management is systematic, structured and timely.

f. HSE Risk Management is based on the best available information.
g. HSE Risk management is aligned with the QP‘s external and internal context
and risk profile
h. HSE Risk Management takes human and cultural factors into account.
i. HSE Risk Management is transparent and inclusive.
j. HSE Risk Management is dynamic, iterative and responsive to change.
k. HSE Risk Management facilitates continual improvement.
2.0 SCOPE
This philosophy applies to all QP Businesses, Functions and Business Units
(Regions, Directorates and Departments, Projects, etc.) throughout the lifecycle of
QP operations and to all activities that these entities undertake. This includes
opportunity development, project execution, routine and non-routine day-to-day
activities.
The activities carried out departmentally or through contracts by all Operational,
Technical and Administration Directorates of QP and QP Businesses overseen by
Operations Directorate, Refining Directorate, Technical Directorate, Oil and Gas
Ventures Directorate, Downstream Ventures Directorate, RLIC Directorate, MIC
Directorate and Administration Directorate are covered by this philosophy.
This document provides principles, applicability, procedural guidance, risk tolerability
criteria and requirements on HSE risk management. As it is not specific to any QP
business or entity, it can be used by any QP business, function, site or facility.
It is also intended that this philosophy be utilized to harmonize HSE risk
management processes in existing and future standards. It provides a common
approach in support of QP documentation dealing with tools / techniques or
processes, and does not replace those documents.. The compliance to this
philosophy is intended to be verified and assured through HSE risk management
auditing process.
3.0 APPLICATION
3.1 The HSE Risk Management shall be applicable; throughout the lifecycle of Qatar
Petroleum facility or plant; and to the complete range of QP activities, including
strategies and business decisions, operations, processes, functions, projects,
products, services and assets.
3.2 To illustrate, following are some examples of QP activities covered under the scope
of this standard:
a. Project HSE risks1 associated with the Concept Definition, Engineering Definition,
Implementation and Handover stages. The project HSE risks shall include project
definition risks as well as project execution risks.
b. Operational HSE Risks associated with offshore and onshore oil and gas
exploration and production activities, including seismic and topographical
surveys, drilling and well operations, field development, operations,
decommissioning and disposal together with the necessary logistical support of
each of these activities.

c. HSE Risks associated with Refining operations and activities such as value
addition to crude and condensate, management of reactor catalyst, blending, risk
based inspections of static equipment and pipelines, LPG filling plants and bulk
loading facilitates, including storage of refined products.
d. Operational HSE Risks associated with Onshore and Offshore operations
including operation and maintenance of well heads and well head treatment
plants, injection Stations, Gas Separation, stripping and recycling. This covers
inspection & monitoring of the Gas Distribution System (GDS) to domestic supply
and refinery facilities, and provision of helicopter services.
e. HSE Risks associated with Export & Storage facilities including export terminals,
ports & jetties and Storage terminals, islands and SBMs together with the
necessary logistical support of the activities undertaken there.
f. Marine activities – HSE risks associated with providing of marine logistics sub
sea inspection and diving services repair and non routine maintenance of fixed
offshore structures, SBMs and maintenance of tankers.
g. HSE Risks involved with Administrative Directorate Activities such as
 Schooling and Corporate training,
 Housing and office accommodation (including housekeeping),
 Building maintenance, catering, transportation, recreation facilities,
 Provision of primary healthcare, medication, health surveillance and
integrated emergency medical responses.
1
The key elements of the project risk management process are specified in an inter-
departmental procedure, IP-ENG-030.
4.0 TERMINOLOGY
4.1 DEFINITIONS
ACCIDENT See ‗incident‘.
AS LOW AS A term used to define tolerable risk acceptable only where risk
REASONABLY reduction is impracticable or cost benefit analysis is carried
PRACTICABLE out and judgment made that cost of risk reduction is grossly
disproportionate when compared to the actual risk reduction
that would be achieved. ALARP means to reduce a risk to a
level which is ‗as low as reasonably practicable‘ and involves
balancing reduction in risk against the time, trouble, difficulty
and cost of achieving it. This level represents the point,
objectively assessed, at which the time, trouble, difficulty and
cost of further reduction measures become unreasonably
disproportionate to the additional risk reduction obtained.
AUDIT Systematic, independent and documented process for
obtaining audit evidence and evaluating it objectively to
determine the extent to which an audit criteria is fulfilled
CAUSE Factor contributing alone or in combination with others to a
Deviation and its Consequences.
CONSEQUENCES Consequences are the results of the failure of controls (or the
absence of controls) to prevent an incident. They are usually
expressed in terms of injury, loss or damage to People,

Assets, Production, Environment and Reputation.

CONTRACTOR A firm which has entered into a legally binding business
agreement contract to supply a product or provide services to
QP. The term is also sometimes applied to suppliers who are
available to provide services but are not currently in a
contractual relationship with QP.
COMPANY Means QATAR PETROLEUM or ―QP‖
ENVIRONMENTAL A study that focuses on the interactions between a proposed
IMPACT project and the surrounding environment. It identifies the
ASSESSMENT significant environmental impacts the project may generate
(EIA) and measures proposed to prevent , control and mitigate them
FREQUENCY Is the number of occurrences of an event per unit time.
HAZARD A source of potential harm or damage, or a situation with
potential for harm or damage
INCIDENT An Incident is a general term for any unplanned event, or
chain of events, which has, or could have caused, injury,
illness, damage or loss. It is used to include all accidents and
near misses.
INDIVIDUAL RISK The risk imposed on an individual, which takes into account
(IR) his/her occupancy or work pattern within the vicinity of the
prescribed hazard, usually expressed as Individual Risk Per
Annum (IRPA).
JOB HAZARD A qualitative method of assessing risks associated with a
ANALYSIS particular job in order to decide upon the measures that
should be taken to reduce the risks. JHA involves breaking the
job or activity down into a number of logical steps, and
identification of the hazards and appropriate control measures
for each step, to prevent harm to personnel, damage to Asset,
adverse impact on the environment or on reputation.
LOCATION LSIR is the risk for a hypothetical individual who is positioned
SPECIFIC at that location for 24 hours a day 365 days per year. Since in
INDIVIDUAL RISK reality people do not remain continuously at one location,
(LSIR) LSIR is a notional risk measure.
NEAR MISS An incident which could have but did not result in injury,
illness, damage, product loss or harm to the company
reputation.
PREVENTION Measures put in place to prevent a threat from releasing a
hazard.
PROTECTION All technical, operational and organisational measures that
prevent the occurrence of an incident or limit the chain of
consequences arising from it. (it includes both Threat controls
and Recovery measures)
PUBLIC With respect to HSE Risk Management, all persons outside a
fenced perimeter boundary of any specific QP facility or site,
irrespective of QP employment status, are regarded as public.
e.g. If considering a credible QP Refinery event, anybody

within the refinery fence is regarded as a worker, whereas

anybody outside refinery fence, including workers in adjacent
facility such as SEEF Limited, non refinery QP employees and
motorists on road, is regarded as public.
RISK Risk is the product of the measure of the consequences of an
event and its associated likelihood
Risk = Consequences x Likelihood
SOCIETAL RISK Societal risk is generally used to describe multiple injury
accidents/fatalities, or to describe risks to ‗unnamed‘
individuals, which could include the public and is usually
described by F-N Curves (Frequency vs. Fatalities listed in
increasing order of magnitude where F denotes the Frequency
of N fatalities or more per year; and N denotes the Number of
fatalities).
Societal Risk may also be calculated as a single value known
as ―Expectation Value‖ (EV) or ―Potential Loss of Life‖ (PLL),
which is given by the expression:
SR =  Frequency of hazard occurring X Proportion of time
person(s) are exposed X Number of people exposed X
Vulnerability
WORKER With respect to HSE Risk Management, worker is defined as
any person who is directly or indirectly authorized to enter a
fenced perimeter boundary of any specific QP facility or site.
This includes all QP employees, all contractor employees
(including sub-contractors), all authorized visitors etc. inside
that facility or site.
LIKELIHOOD In HSE risk management terminology, the word ―likelihood‖ is
used to refer to the chance of something happening, whether
defined, measured or determined objectively or subjectively,
qualitatively or quantitatively, and described using general
terms or mathematically (such as a probability or a frequency
over a given time period)
4.2 ABBREVIATIONS
CBA - Cost Benefit Analysis
CCPS - Centre for Chemical Process Safety
CMPT - Centre for Marine and Petroleum Technology
EIA - Environmental Impact Assessment
EPIC - Engineering, Procurement, Installation and Commissioning
ENVID - Environmental Issues Identification
FAC - First Aid Case
FEED - Front End Engineering Design

F&G - Fire & Gas System

GCC - Gulf Cooperation Council
FMEA - Failure Mode and Effect Analysis
HAZAN - Hazard Analysis
HAZOP - Hazard and Operability Study
HAZID - Hazard Identification
HSE - Health, Safety and Environment
HSE RM - Health, Safety and Environment Risk Management
JHA - Job Hazard Analysis
LP - Loss Prevention
LPG - Liquefied Petroleum Gas
LTI - Lost Time Incident
LWC - Lost Workday Case
MTC - Medical Treatment Case
NGO - Non-Governmental Organization
NIHL - Noise-Induced Hearing Loss
OGP - International Association of Oil & Gas producers
PIN - Project Initiation Note
QP - Qatar Petroleum
QRA - Quantitative Risk Assessment
QP RAM - Qatar Petroleum Risk Assessment Matrix
RAM - Risk Assessment Matrix
RLIC - Ras Laffan Industrial City
RWC - Restricted Work Case
SBM - Single Buoy Mooring
5.0 REFERENCE STANDARDS AND CODES

5.1 INTERNATIONAL STANDARDS AND CODES
IEC/ISO 31010 - Risk management – Risk Assessment Techniques
ISO 31000 - Risk management - Principles and Guidelines
ISO GUIDE 73 - Risk management — Vocabulary

BS EN ISO 17776 - Petroleum and natural gas industries — Offshore

production installations — Guidelines on tools and
techniques for hazard identification and risk assessment
OGP report No. 415 - Asset Integrity – the key to managing major incident risks
CCPS AIChE - Guidelines for Developing Quantitative Safety Risk Criteria
Guidelines
CCPS AIChE - Guidelines for Chemical Process Quantitative Risk
Guidelines Analysis
API RP752 - Management of Hazards Associated With Location of
Process Plant Buildings, CMA Manager's Guide
API RP750 - Management of Process Hazards
CMPT pub. 99/100 - A Guide To Quantitative Risk Assessment for Offshore
Installations
AS/NZS 4360:2004 - Risk Management Guidelines – A Companion to AS/NZS
4360:2004
NORSOK Z-013 - Risk and emergency preparedness analysis
UK HSE - Guidance on ALARP for Offshore Division Inspectors
SPE/Enf/38 Making an ALARP demonstration
UK Guidance on - A guide to the Offshore Installations (Safety Case)
Regulations HSE Regulations, UK Health and safety Executive, 1992
SI 1992/2885
Loss Prevention in - Hazard Identification Assessment & Control, Vol. 1, second
the Process edition by Frank P Lees
Industries
5.2 QP RELATED DOCUMENTS

QP Guide to HSE Management System
QP-PHL-S-001 - QP Corporate Philosophy for Fire & Safety
IP-ENG-030 - Project Risk Management
IP-ENG-041 - Management of Health and Safety in Capital Projects
QPR-STM- 001 - Corporate Procedure for Incident Management
HSEGL-QP-11-01 - QP Guidelines for Managing HSE in Contracts
QPR-STM- 001 - Corporate Procedure for Incident Management
HSEPR-QP-11 - QP Procedure for Managing HSE in Contracts
QP-REG-S-001 - QP HSE Regulations for Contractors
QP-GDL-S-050 - QP Guidelines for registering Hazards & Effects
IP-ENV-001 - Environmental Assessment & Authorization for Capital Projects
QP-GDL-V-003 Corporate Guidelines for Environmental Impact Assessment in
QP Projects

6.0 PROCEDURAL CONCEPTS

6.1 GENERAL REQUIREMENTS FOR IMPLEMENTATION & USE OF HSE RISK
MANAGEMENT
HSE Risk Management process (Fig. 4) comprises of the application of logical and
systematic methods for;
 communicating and consulting throughout the process
 establishing the context
 Risk Assessment – an overall process involving risk identifying, risk analysis,
and risk evaluating
 Risk treatment
 monitoring and reviewing risks;
 reporting and recording the results appropriately.
ESTABLISH THE CONTEXT

COMMUNICATE AND CONSULT
IDENTIFY RISKS
MONITOR AND REVIEW

RISK ASSESSMENT
ANALYSE RISKS
EVALUATE RISKS
TREAT RISKS
Fig. 4 HSE Risk Management Process

Some methods, widely made use of, during each step of overall risk assessment
process are listed below Fig. 5.
Fig-5 METHODS FOR EACH STEP OF RISK ASSESSMENT
HAZARD FREQUENCY CONSEQUENCE RISK

IDENTIFICATION ASSESSMENT ASSESSMENT CRITERIA
METHODS METHODS METHODS METHODS
 Literature  Historical  Source term  Risk matrix

search records models
(external/  Location
 Brainstorming internal)  Atmospheric specific
dispersion individual
 What –If  Fault tree models risk
review analysis
 Hydrodynamic  Individual
 Safety audits  models risk per year

 Safety reviews  Human  Blast and  Societal risk
reliability thermal (F-N curve)
 Checklists analysis radiation
models  Risk Profile
 HAZOP  Common
cause failure  Mitigation  Risk Index
 FMEA analysis models
 HAZID  Event tree  Vessel Collision

analysis modelling
 Theoretical  Evacuation
Modelling Modelling
 Bayesian  Structural and

Analysis marine Events
such as
structural failure
of platforms,
dropped object,
bridge failures.
 Helicopter
crash/impacts

6.2 PRINCIPLES FOR ESTABLISHING RISK ACCEPTANCE CRITERIA

Clause 7.0 of this philosophy specifies the minimum Risk Acceptance Criteria to be
used in performing all risk analyses by or for QP. Acceptance criteria for risk analysis
not described in this document shall be developed by Respective Management and
approved by Corporate HSE Support. A generic Risk Assessment matrix (RAM) is
given in Fig-10 in the sub clause 7.2.
6.3 MEASURE OF RISK
In relation to the internationally recognised practices concerning implementation and
use of risk analyses, the term "acceptance criteria" is used only in reference to the
objective/ subjective measure of risk. This makes the development of and/or decision
on acceptance criteria an integral part of the planning of the risk analyses.
Acceptance criteria must be relevant to and compatible with the method of analysis
to be used. The development of acceptance criteria is thus paramount to all risk
analyses.
6.4 TYPES OF RISK ACCEPTANCE CRITERIA AND ASSOCIATED RISKS

LEVELS
Risk analyses are conducted in organizations on different levels; on routine and non
routine activities, hazardous activities, plant changes, small & major projects,
detailed technical problems, on entire installations and audit as well as incident
investigation processes. The overall QP risk acceptance criteria given in clause 7 are
formulated in such a way as to allow for application to various types of activities and
operations throughout QP Businesses, Functions and Business Units (Regions,
Directorates and Departments, Projects, etc.).
Acceptance criteria can be expressed either in quantitative, semi quantitative or
qualitative terms. The risk acceptance criteria may be subdivided in categories
according to the purpose and the level of detail of the analysis:
 Quantitative risk acceptance criteria and ALARP Principle (for quantitative
studies);
 Risk matrices and ALARP for semi-quantitative and qualitative risk analysis.
A classification into types of acceptance criteria is made according to the purpose
and elaboration degree of the analysis. The following sections introduce
Quantitative, Semi Quantitative and Qualitative Methods of Risk Management.
6.5 RISK TREATMENT
Risk treatment involves a cyclical process of:
a) assessing a risk treatment;
b) deciding whether residual risk levels are tolerable;
c) if not tolerable, generating a new risk treatment; and
d) assessing the effectiveness of that treatment.
Risk treatment options are not necessarily mutually exclusive or appropriate in all
circumstances. The options can include the following:
i. avoiding the risk by deciding not to start or continue with the activity or operation
that gives rise to the risk;

ii. reducing the risk in order to pursue an opportunity by;

 removing the risk source;
 changing the likelihood;
 changing the consequences;
iii. sharing or transferring the risk with another party or parties (including contracts
and risk financing); and
iv. retaining the risk by informed decision.
Risk treatment involves selecting one or more options for modifying risks, and
implementing those options. Once implemented, treatments provide or modify the
controls.
Attempts shall be made, to the extent possible, to eliminate or reduce each risk
identified through a risk analyses. The following objectives are used by QP as part of
the basis for definition of acceptance criteria:
The risk reducing measure shall be prioritised in the following order:
 Eliminate the risk of the accidental event.
 Reduce the probability of the accidental event.
 Reduce the consequences of the accidental event.
The risk reduction effect of the measures shall be documented. In order to ensure
that the measures are cost effective, a cost benefit analysis will be performed.
7.0 QP RISK ACCEPTANCE CRITERIA
The following quantitative and qualitative risk acceptance criteria shall be used
throughout QP. The risk acceptance criteria are subdivided in categories according
to the purpose and the level of detail of the assessments:
 High level risk acceptance criteria with ALARP principle (Including F-N for
Societal risk calculations), for quantitative studies involving new projects or
major modifications to the onshore /offshore installations;
 Risk Assessment Matrixes and the ALARP principle for semi-quantitative and
qualitative risk analyses.
7.1 QUANTITATIVE CRITERIA LEVELS
The following quantitative criteria shall be used in QP in HSE Risk Management decision
making:
 Location Specific Individual Risk (LSIR), for location of developments (Land use
planning purposes),
 Individual risks levels,
 Societal or aggregated risks levels (F-N curve), and
 Level of Concern (thermal radiation, explosion overpressure and toxic exposure)
7.1.1 Location specific individual risk (LSIR)
LSIR is used to indicate the cumulative risk at a particular location. LSIR is the risk for a
hypothetical individual who is positioned at that location for 24 hours a day 365 days per
year.
Since in reality people do not remain continuously at one location, LSIR is a notional risk
measure. The LSIR value provides a tool by which QP and its subsidiaries can make risk
based decisions regarding the location of proposed developments (ie Land Use
Planning).

QP LSIR criteria for development purposes is:

LSIR > 10-4 per year - No development
-4 -5
10 > LSIR > 10 per year - Process development
10-5 > LSIR > 10-6 per year - Control Room and Local Office development
LSIR < 10-6 per year - Administration Building, Canteen, Accommodation etc.
developments
Although land use planning usage is mainly for green field sites, it is also used for
existing developments. However, where existing developments are such that the
LSIR criteria for land use planning cannot practicably be met then, IR will become
the primary factor for decision making.
7.1.2 Individual Risk Tolerability Criteria
A QP individual risk criteria is intended to demonstrate that workers are not exposed
to excessive risks, and QP activities do not impose any additional risks on the
members of public. This is largely independent of number of people exposed and
hence is applied to whole QP activities. The target individual risk level for workers is
an IR of less than 10-6 per year. This value, which is equivalent to the risk of being
struck by lightening, is broadly acceptable to QP.
The numeric value of individual risks, which are regarded as intolerable for
QP is 10-3 per year for existing (In operation Pre 2003) installations and 10-4
per year for new installations (In operation after 2003).
IR value falling within the band between broadly acceptable and unacceptable is
TOLERABLE OR ALARP region, requiring ALARP demonstration, by either
qualitative or quantitative Cost Benefit Analysis (CBA).
Based on above, the Individual Risk Criteria for QP is defined in three regions viz;
the UNACCEPTABLE region, the TOLERABLE OR ALARP region and the
BROADLY ACCEPTABLE region, as depicted in Fig. 6.
Fig. 6: QP Risk tolerability Model

Based on the ALARP principle, which underlines the risk tolerance, the Individual
Risk Criteria for QP is as follows:
a. Individual Risk Tolerability Criteria for Workers (Including contractor
employees)
 For existing (In operation Pre 2003) installations, Individual risk levels above
1x10-3 per year will be considered unacceptable and will be reduced,
irrespective of cost.
 For new installations (In operation after 2003), Individual risk levels above
 Individual risk levels below 1x10-6 per year will be deemed acceptable.
For existing (In operation Pre 2003) installations, Individual Risk levels
between 1x10-6 and 1x10-3 per year and for new (In operation after 2003)
installations, Individual Risk levels between 1x10-6 and 1x10-4 per year will
be reduced to levels as low as reasonably practicable (ALARP). That is the
risk within this region is tolerable only if further risk reduction is considered
impracticable because the cost required to reduce the risk is grossly
disproportionate to the improvement gained.
b. Individual Risk Tolerability Criteria for Public (All those not directly
involved with QP activities)
 For existing (In operation Pre 2003) installations, Individual risk levels above
 For new (In operation after 2003) installations, Individual risk levels above
 Individual risk levels below 1x10-7 per year will be deemed acceptable.

The above Individual Risk Tolerability Criteria for QP is depicted in Figs 7 & 8.
Fig. 7: Risk Tolerability Criteria for Individual Risk to Workers and Public –
Existing (In operation pre 2003) Installations
Fig. 8: Risk Tolerability Criteria for Individual Risk to Workers and Public – New (In
operation after 2003) Installations

7.1.3 Societal Risk Tolerability Criteria

Societal risk is the Risk experienced by the group of personnel exposed in a given
time period. Societal risk should not be confused as being the risk to society or the
risk as being perceived by society. The word ―societal‖ is merely used to indicate a
group of people and societal risk refers to the frequency of multiple fatality incidents,
which includes workers and the public. It reflects the severity of the hazard and
number of people in proximity to it (within the hazard range). It is usually taken to
refer to the risk of death, and is expressed as risk per year. Societal risk is also
defined as the relationship between frequency and the number of people suffering a
given level of harm from the realization of specified hazards. Where workers are
isolated and members of public are unlikely to be effected (i.e. Offshore facilities),
the term ―Group risk‖ is often used.
For the interpretation in QP, societal risk shall be used to encompass both public and
worker risk and is expressed in the form of F-N curves.
The Societal Risk Criteria for QP is as follows:
For societal risk, criteria are the demarcation or bands on an F-N curve, as illustrated
in Fig. 9, showing the cumulative Frequencies (F) of events involving N or more
fatalities. The F-N Curve represents societal risk for a single fixed installation only,
like a refinery, a process plant or a platform.
QP considers that as multiple fatalities and large consequence incidents can

significantly impact QP and in turn The State economy, QP has incorporated a risk
aversion of -1 (Minus One) in the slope of FN line, as a precaution against large
consequence incidents. This criteria slope builds in multiple fatality aversion and
encourages inherent design with lower potential for large fatality incidents.
Calculated risk profiles that fall above the top line are considered unacceptable and
must be reduced to tolerable levels immediately, irrespective of cost or alternative
ways of carrying out the operation or activity should be investigated. If there are no
alternatives, then the operation or activity should not proceed. An activity is
considered undesirable above the top line, even if the individual risk criteria are met.
Profiles found below the bottom line require no further mitigation. For profiles
between the lines, additional mitigation should be done, with the goal of moving the
profile closer to the tolerable region.
To illustrate an example of societal risk, note the ‗A‘ in the upper portion of the graph
which is marked ―Unacceptable Risk‖. The ‗A‘ is located at the axis of the lines
‗1x10-4‘ (1 in 10,000 years) and 10 fatalities. The ‗A‘ thus represents an event which
would kill 10 people at a frequency of once in 10,000 years. This is unacceptable.
This principle of societal risk indicates that society‘s tolerance for risk decreases as
fatalities increase.

Fig. 9: F-N Curve: Societal Fatal Risk Tolerability, Single Fixed Installation Only
7.1.4 Level of Concern

QP‘s concern is not only the risk of fatality, but also of injury as a result of; thermal
radiation from fires, peak overpressure from explosion and toxic exposure due to the
release of toxic gases. Therefore, in addition to LSIR, IR and SR, as in sections
7.1.1, 7.1.2 and 7.1.3 above, the following criteria shall be applied during all QRAs.
7.1.4.1 The highest risk event(s) should be identified with the risk levels.
7.1.4.2 Blast peak overpressure from explosion for buildings should not exceed the
following levels:
Blast Protected buildings such as control rooms 700 mbar
Industrial buildings, site roads, utilities etc. 200 mbar
General buildings, offices 70 mbar
Outside QP facility fence 50 mbar
7.1.4.3 Thermal Radiation

37.5 kW/m2 - Indicative of total asset loss (100% fatality)
12.5 kW/m2 - Indicative of piloted ignition for susceptible structures (50% fatality)
6.3 kW/m2 - Indicative of second degree burns after 20 second exposure (1% fatality)
4.7 kW/m2 -Indicative of painful burns and blistering after 20 second exposure (0%
lethality)

All thermal radiation modeling must take into account Solar radiation (=986 W/m 2) in
the consequence estimation.
7.1.4.4 Toxic gas exposure
The consequence distances should be identified for the following levels of H2S gas:
10 ppm - Alarm set point for H2S gas detection
100 ppm - Indicative of ~1% fatality probability (for 30 min exposure)
1000 ppm - Indicative of 50% fatality probability (for 15 min exposure)
7.1.4.5 Flammable Gas dispersion
The consequence distances should be identified for the following:
Lower Explosive Limit
50% Lower Explosive Limit
20% Lower Explosive Limit
7.2 QUALITATIVE CRITERIA LEVELS
7.2.1 Risk Assessment Matrix (RAM)
The Risk Assessment Matrix (Fig. 10 below) is a tool that standardises qualitative
risk assessment, facilitates the Qualitative categorisation of HSE risks and, where
appropriate, used for prioritisation of activities and resources. The matrix axes,
consistent with definition of risk, are Consequences (Impacts) and Probability
(Likelihood). For different applications different overlays can be used.
Risk Assessment Matrix (RAM)
INCREASING LIKELIHOOD/PROBABILITY
CONSEQUENCES A B C D E
Never heard of Has Occurred Has Occurred Occurs Occurs
Potential Asset damage
Environmental Reputation in Industry in Industry in QP several times several times
Severity People & business
effect Impact a year in QP a year at this
losses
site
INCREASING SEVERITY
No injury No damage No Effect No Impact

0
Slight injury or Slight damage Slight Effect Slight Impact

health affects (<QR 35,000)
1 Low Risk
Minor injury or Minor damage Minor Effect Minor Impact

health affects (between QR
2
35,000 and
350,000)
Major injury or Moderate Moderate Effect Moderate
health affects damage Impact
3 (between QR Medium Risk
350,000 and 3.5
Million)
Single fatality Major damage Major Effect Major Impact
or permanent (between QR 3.5
4
total disability Million and 35
Million) High Risk
Multiple Massive damage Massive Effect Massive
fatalities (> QR 35 Million) Impact
5
Fig. 10: Risk Assessment Matrix

A scale of consequences from ‗0‖ to ‗5‘ is used to indicate increasing severity. The
consequences are those of credible scenarios (taking prevailing circumstances into
consideration) that can develop from the release of a hazard. The potential
consequences, rather than the actual ones, are used. These can be thought of as
the consequences that could have resulted from the released hazard if
circumstances had been less favourable.

After assessing the potential consequence, the likelihood on the horizontal axis is
estimated on the basis of historical evidence or experience that such consequences
have materialised within the industry, QP as Corporation or at a QP location. Note
that this should not be confused with the likelihood of the hazard being
realised or the event (incident) occurring; it is the likelihood of estimated
potential consequences occurring.
Estimation of likelihood and consequences is not an exact science. The
consequence estimates are based on envisaged scenarios of what might happen
and likelihood estimates are based on historical data and/or experience that such a
scenario has happened under similar condition, knowing fully well that circumstances
will never be exactly the same. Assessing the risk of a particular scenario should be
done in the above sequence, i.e. first the potential consequences are estimated and
only thereafter the likelihood of such consequences occurring are estimated.
7.2.1.1 Assessment of potential consequences
The consequences of a release of a hazard are identified in each of the four
categories (harm to people, asset damage, adverse environmental effect and
company reputation) by selecting an appropriate description of the vertical axis of the
matrix. Consequences should be estimated as the consequences that could have
resulted from the released hazard if circumstances had been less favourable. On the
basis of what might have resulted under slightly different circumstances.
Examples are:
Scenario Actual outcome Potential consequences
A crane drops a load one Damage to load Fatal injury if a person had
Meter away from a person been under the load
Car rolls over on a desert road Damage to car, no injury Serious injury of fatality
(seat belt worn)
Operator opens wrong valve; Minor pollution Major effect if the spill had
Diesel fuel polluting seashore; not been noticed so quickly
Quickly spotted by someone else
Exposure to H2S; quickly 2 day‘s observation in Fatalities

Rescued and resuscitated hospital; minor injury
Exposure to benzene None Cancer, death

Exceeding the current long
term Occupational Exposure
Limit but not to the level of
Immediately Dangerous to Life
And Health
Flare carries over some liquids Sooting flare Liquid hydrocarbons in

Flare pit. Pit on fire. Heavy
smoke. Complaints. Media publicity.
Damage claims
7.2.1.2 Assessment of probability (likelihood)

The horizontal axis in the matrix represents the measure of likelihood of the
occurrence of an undesired event following the release of a hazard. The scale of the

horizontal axis is defined in general terms as well as average industry figures from
historical data.
This assessment is indicative of likelihood of undesired consequence materialising.
Note that this should not be confused with the likelihood of the hazard being realised
or the event (incident) occurring; it is the likelihood of estimated potential
consequences occurring.
7.2.1.3 Risk ranking
Using theRisk Assessment Matrix, HSE risk is ranked (rated) by three characters
made up as follows:
 The first character is a measure of the likelihood of an undesired event: A to E
 The second character is the consequence severity that could occur with that
event: 0 to 5
 The third character shows to which consequence category the assessment
pertains:
- People (P), Asset (A), Environment (E) and Reputation (R)
The intersection of the chosen column with the chosen row is the risk rating.
Incidents can have same consequences in all the four categories. For the same
scenario, different classifications may apply to P, A, E and R. the overall risk of an
incident is classified as to which of the consequences has the highest rating.
7.2.2 Use of RAM in QP HSE Risk Management
A suitable application for using the Risk Assessment matrix as an element of QP
HSE Risk Management system to identify and reduce risks to As Low As
Reasonably Practicable (ALARP) is shown in Fig. 11.
CONSEQUENCES INCREASING LIKELIHOOD / PROBABILITY

POTENTIAL
SEVERITY
A B C D E
Environment
Reputation
damage &
business
lossess
Never heard in Has occurred in Has occurred in Occurs several Occurs several
impact
People
Asset
effect
Industry Industry QP times a year in times a year

QP this site
INCREASING SEVERITY
0 No injury / No damage No effect No impact

health
effects
1 Slight injury Slight damage Slight effect Slight impact
or Health (<QR 35,000) Manage for Continuous improvement
effects
2 Minor injury Minor damage Minor effect Minor impact (Blue Zone)
or Health (between QR
effects 35,000 and
350,000)
3 Major injury Moderate Moderate Moderate Incorporate risk
or Health damage effect impact
effects (between QR
reduction measures,
350,000 and and demonstrate
3.5 Million)
4 Single Major damage Major effect Major impact ALARP Intolerable,
fatality or (between QR
permanent 3.5 Million and
Reduce to Yellow Zone
total 35 Million) (Yellow Zone) before the activity or
disability operation takes place,
5 Multiple Massive Massive Massive
investigate alternatives,
fatalities damage impact impact
(> QR 35 (Red Zone)
Million)
Fig. 11: Matrix for HSE Risk Management

The QP Risk Assessment Matrix shown above is a useful tool that will help line
management in understanding HSE risk related statements in policy, procedures and
strategic objectives, and their interpretation (in terms of tolerable HSE risk) in their day-
to-day operations and assets.
Tolerable HSE risk should be separately assessed for People, Assets, Environmental
and Reputation Impact. The shading shown in the above figure is the recommended
minimum practice.
The focus provided by using the QP RAM enables QP line management to determine
whether the HSE risk levels arrived at in the QP‘s operations and activities are tolerable
and whether they fit with current corporate policies and procedures. For example, if an
operation or activity would result in scenarios that lie in an area on the QP RAM that the
QP would normally regard as ‗unacceptable‘ in policy terms (Red Zone), then alternative
ways of carrying out the operation or activity should be investigated. If there are no other
alternatives, then the operation or activity should not proceed.
Risk will always have to be reduced to a level that is both tolerable and As Low As
Reasonably Practicable (ALARP); however, in the yellow and red shaded areas a
documented demonstration is required.
ALARP can be demonstrated if alternatives have been considered and it is concluded

that further HSE risk reductions are impracticable and/or the cost thereof are grossly
disproportionate to the improvements gained.
The QP RAM can also be used on a scenario-by-scenario basis to prioritise HSE risk
reduction efforts. It is adaptable to varying levels of information and depths evaluation. It
has a built-in presentation format that lends itself to the review. Because it is qualitative,
expert knowledge is not required, however experts can reach risk understanding fairly
quickly.
The matrix should be used for defining which operations or facilities require a
quantitative risk assessment. If the risks of an installation would initially, without special
measures, end up in the red area, an assessment would be required to demonstrate that
controls for high risks are in place, and to show that the risks are tolerable and have
been reduced to ALARP.
If there are no risks in the red area, a documented assessment should demonstrate that
existing risks are tolerable and reduced to ALARP.
7.2.3 Risk Assessment Matrix-Scale Interpretations

7.2.3.1Likelihood Scale
The horizontal scale is the ‗increasing likelihood‘ with a range varying from highly
unlikely to frequent. In every application the same range of likelihood should be used
in order to promote a consistent assessment of risk. The terminology used to
describe the likelihood can be different from one application to the other dependent
on type and size of the operation, activity or installation. Various examples of
acceptable definitions and descriptions are provided in the Table 1 below.

Table 1: Likelihood Scale

Type and size Increasing Likelihood
of Operation or
Installation
Standard Never heard Has occurred Has occurred Occurs several Occurs several
Description In industry in industry in QP times a year in times a year this
QP site
Major Installation Never heard Has occurred Has occurred Occurs several Occurs several
e.g. Offshore in our industry in our industry in QP times a year in times a year this
Platform, LNG QP location
Plant, Refinery etc.
Process Has not Has occurred Has occurred Has occurred Occurs several
Downstream, occurred in in our industry once in QP several times times in one of
Storage, our industry in QP since the units of QP
Loading areas, company
Export Terminals, existence
Ports
Drilling rig Credible but Has occurred Has occurred Has occurred Occurs several
not heard of in drilling industry in a major more than 1/yr times per year on
in drilling drilling in a major a drilling rig
industry company drilling rig
Transportation Has not Has occurred Has occurred Has occurred Has occurred
Activities occurred in in industry in in QP in last 3 in QP in last 1 more than once
industry last 5 years years year in QP in last year
7.2.3.2 Consequence Scale

a. People
No. Description
0 No injury or health effect
1 Slight injury or health effect
 No treatment case or First Aid case (FAC)
 Illness that results in noticeable discomfort, minor irritation or transient effects that are
reversible after exposure stops
2 Minor injury or health effect
 Medical treatment case (MTC)
 Lost workday case or restricted work case, where either has duration of up to and
including 5 days.
 Illness with reversible health effects such as food poisoning and dermatitis
3 Major injury or health effect
 Lost workday case (LWC) or restricted work case (RWC), where either has a duration
exceeding 5 days.
 Illness with irreversible health effects such as sensitisation, NIHL, chronic back disorders
or repetitive strain injury
4 Injury resulting in one fatality or Permanent total disability
 One fatality or permanent total disability
 Illness with irreversible health effects such as corrosive burns, asbestosis, silicosis,
Cancer
 Mental illness due to stress with irreversible health effects
5 Injury resulting in More than one fatality
 Two or multiple fatalities
 Illness with irreversible health effects such multiple asbestosis from single exposure
situation
 Cancer in a large exposed population

b. Asset damage and other consequential business losses

No. Description
0 No damage
1 Slight damage – Costs less than QR 35,000
2 Minor damage – Costs between QR 35000 and QR 350,000
3 Moderate damage – Costs between QR 350,000 and QR 3.5 Million
4 Major damage – Costs between and QR 3.5 Million and QR 35 Million
5 Massive damage – Costs in excess of QR 35 Million
The above costs are total consequential business loss to QP. This is indirect loss due to asset
damage, impact on environmental or company reputation. It comprises losses such as lost production,
process unit downtime, product quality costs, cost of environmental cleanup, cost or recovery/disposal
of waste and cost of reprocessing off-grade product.
c. Environmental effect
No. Description
0 No effect – No environmental damage
1 Slight effect – Slight environmental damage, contained within the premises,
2 Minor effect – Minor environmental damage, but no lasting effect
3 Moderate effect – Limited environmental damage that will persist or require cleaning up
4 Major effect – Severe environmental damage that will require extensive measures to
restore beneficial uses of the environment
5 Massive effect – Persistent severe environmental damage that will lead to loss of
commercial or recreational use or loss of natural resources over a
wide area
d. Reputation
No. Description
0 No impact – No impact on reputation.

1 Slight impact – Local media awareness but no discernible concern
2 Minor impact – local public concern, local media coverage
3 Moderate impact – slight impact in the state Some local public concern; local
stakeholders are aware Extensive attention in local media, some
national coverage
4 Major impact – Likely to escalate and effect QP reputation National public concern,
impact on state stakeholders, involvement with potential international
NGO action Extensive attention in GCC media, some international
coverage Potential for regulatory action leading to restricted
operations or licensing
5 Massive impact – Severe impact on QP reputation
International public concern
International media attention
Significant Potential for effect on state standards with impact on
access to new areas, businesses, grant of licenses etc.
8.0 QP HSE RISK ASSESSMENT REQUIREMENTS

The activities and operations, undertaken by QP Businesses, Functions and
Business Units (Regions, Directorates and Departments, Projects, etc.) require
different levels / layers of HSE Risk Assessments using various proven
methodologies, tools and techniques. For the sole purpose of HSE Risk
Management, all activities and operations, undertaken by QP Businesses, Functions
and Business Units (Regions, Directorates and Departments, Projects, etc.) are
identified in following broad categories. These categories are;

a. General
b. Projects
c. Operations
d. Contractor activities
e. Processes
f. New ventures / Acquisitions
g. Closure
h. Miscellaneous
8.1 GENERAL
All the activities undertaken or overseen by QP Directorates and/or Departments are
covered under this category. Some of the examples of Departmental activities are as
below.
 Schooling
 Corporate training
 Housing and office accommodation (including housekeeping),
 Building maintenance
 Catering
 Transportation
 Recreation facilities
 Providing of marine logistics
 Subsea inspection and diving services
 Repair and non routine maintenance of fixed offshore structures
 Maintenance of tankers
 Provision of primary healthcare, medication, health surveillance and integrated
emergency medical responses
It is a requirement that HSE Risk Assessment will be carried out for all these
activities using any one of or a combination of different methodologies / tools /
techniques before undertaking the activity. Table-2 in appendix-I provides the
guidance on selection of the tools.
8.2 PROJECTS
This category covers all the activities undertaken through projects including, but not
limited to, all capital projects executed by the Technical Directorate, all projects
executed by Operation Engineering, and projects resulting from Plant Change
Requests (PCRs).
Various HSE Risk Assessments are envisaged to be performed throughout all
phases of project execution i.e. starting from Project Initiation to handover and
completion (Project Stage 1 to Project Stage 5) given below.
Project Stages 1 to 5
 Project Initiation
 Concept Definition (Feasibility studies and concept optimization)
 Engineering definition (FEED)
 Implementation (EPIC)
 Handover and completion
During execution of a project, management of Health and Safety hazards and
related risks, throughout the project life cycle, shall be carried out by various H&S

activities which include initiation and maintenance of an H&E Register, development

of Health and Safety plan, Environmental Plan at the beginning of a project stage,
development of scope of work related to H&S and environment, review and approval
of H&S deliverables and environmental deliverables, management of HSE in
contracts, procurement, construction, testing & commissioning. Detailed
requirements are specified in Inter-departmental procedures IP-ENG-041, IP-ENV-
001 and QP-GDL-V-003.
Table-2 in appendix-I provides guidance on selection of the tools, during different
project stages.
8.3 OPERATIONS
This category covers all the activities undertaken by regions / business units / sites
within Operations Directorates and/or Departments during all operation‘s activities,
covering, but not limited to, the following.
 Start-up
 Routine activities
 Non-routine / hazardous or critical activities
 Periodic overall site risk assessment (e.g. offshore & onshore assets including
platforms, rigs, production plants, storage areas, ports, jetties, warehouses,
laboratories)
 SBM Operations
 Changes to plant / systems / equipment / procedures through Plant Change
Requests
 Small modifications / repairs
It is a requirement that HSE Risk Assessment will be carried out for all these
operational activities using any one of or a combination of different methodologies /
tools / techniques before undertaking the activity. Table-2 in appendix-I provides
the guidance on selection of the tools.
8.4 ACTIVITIES BEING PERFORMED BY CONTRACTORS FOR QP
This category covers all the activities of Contractors and applicable to all contracts
in Qatar Petroleum whether at the corporate, regional or operational levels of the
corporation. It is a QP requirement that HSE Risk Assessment will be carried out
for all the activities being performed by contractors for QP, using any one of or a
combination of different methodologies / tools / techniques before undertaking the
activity. Table-2 in appendix-I provides the guidance on selection of the tools.
Management of HSE in Contracts shall be in compliance with HSEGL-QP-11-01;
QP Guidelines for managing HSE in contracts & HSEPR-QP-11; QP Procedure for
managing HSE in Contracts. Guidelines to Contractors on QP HSE Regulations,
applicable during construction, are provided in QP-REG-S-001; QP HSE
regulations for Contractors.
8.5 PROCESSES
This category covers two main processes, namely Incident Investigation and Auditing /
Inspections undertaken throughout QP.
It is a QP requirement that all incidents, including near misses with high or significant
risk, whether actual or potential, shall be subjected to detailed investigation with the
principal objective to establish all factors that contributed to the incident including

direct and indirect causes, immediate and remote factors, basic and underlying
causes, latent failures and, or root causes.
Use of Risk Assessment Matrix for incident management shall be in compliance with
QPR-STM-001 Corporate Procedure for Incident Management. As per the
procedure, significant Incidents are those within High and above on the Risk
Assessment Matrix (RAM).
Periodic HSE Auditing is undertaken throughout QP at both, specific internal to
business units / Department / sites (First Party) and Corporate (Second Party).
Corporate HSE, being the conscience keeper on behalf of the MD conduct second
party HSE RM Audit of all locations and facilities to; ensure compliance with
corporate requirements, identify improvement opportunities and devise intervention
measures.
Findings from HSE Auditing shall be classified in accordance with the QP Risk
Assessment Matrix (Fig. 11) and the Rating Level table (Table-3 below) in line with
QP HSE Risk Management Auditing Standard (To be developed)
Table 3 – Audit Finding Rating Level

Classification Description
The Audit finding is likely to cause a significant undesirable
effect on the achievement of the QP entity‘s objectives and is
High likely to have a notable impact on other QP entities, therefore
warranting immediate correction and reporting to the
executive management.
The Audit finding is likely to cause a significant undesirable
Medium effect on the achievement of the QP entity‘s objectives,
therefore warranting immediate reporting to the Leadership.
The Audit finding is likely to cause insignificant undesirable
Low effect on the achievement of the QP entity‘s objectives, but its
correction would enhance HSE.
All findings are to be classified during brainstorming session of the auditing team,
based on their professional judgment. While classifying the findings, the risk criteria
{e.g. P(people)-4B, A(Asset)-3D) etc.} shall be included in the report. The primary
criteria for rating each finding shall be the risk to achieve the entity‘s business
objectives.
8.6 NEW VENTURES/ ACQUISITIONS
All the new ventures and/or acquisitions, green field as well as brown field sites,
either fully owned or managed by QP, or in joint venture with any other organization,
are covered in this category.
It is a requirement that appropriate HSE Risk Assessment, commensurate with the
complexity and details of the venture, will be carried out for all the new ventures
and/or acquisitions using most appropriate and applicable methodologies / tools /
techniques, at an early stage of finalizing the venture.

8.7 CLOSURE (MOTHBALLING, DECOMMISSIONING, DISMANTLING &

REMOVAL ACTIVITIES)
This category covers the end stages of the asset such as decommissioning,
dismantling and removal undertaken throughout QP.
Mothballing of process equipment that has handled hazardous substances offers
many opportunities for knowingly and unknowingly compromising the mechanical
integrity of the process facilities. Prior to mothballing, Risk Assessment shall be
conducted to address the following areas, as appropriate:
 Preparing equipment for mothballing (decommissioning)
 Monitoring equipment in a mothballed state
 Preparing equipment for return to active service (recommissioning)
 Inspecting equipment prior to returning to service
 Preparing equipment for dismantling and/or removal (D&R)
The HSE Risk Assessment shall lay emphasis on the parts that are to be applied
and implemented prior to and during the mothballed condition.
This requirement applies to significant segments of processes that are mothballed.
Mandatory requirements for safety studies for small D&R activities (e.g., removing a
single piece of equipment or other minor changes) should be adapted to the
hazard(s) involved. HSE Risk Assessment is not a mandatory requirement for small
management-of-change activities involving D&R nearing the end of their commercial
life are potentially susceptible to operation for some time without strong technical
support.
To protect against degradation of HSE Risk Management actions, entity
management must ensure that appropriately knowledgeable personnel are retained
throughout the phase-out and that all appropriate HSE RM activities are carried out
until the process is fully terminated.
A shutdown procedure, analogous to start-up procedures commonly developed for
new facilities, developed to provide adequate attention to all of the unique conditions
that may develop during the phase-out must also be subjected to Risk assessment.
8.8 MISCELLANEOUS
Any of the QP activities and operations, not falling in any of categories 8.1 to 8.7
above, shall fall in this category.
It is a requirement that HSE Risk Assessment will be carried out for all the activities
falling under this category using any one of or a combination of different
methodologies/ tools/ techniques before undertaking the activity. Table-2 in
appendix-I provides the guidance on selection of the tools.
9.0 QP HSE RISK TREATMENT REQUIREMENTS

Based on a comprehensive picture of all significant HSE risks in the context of the
objectives of the relevant QP entity (Business Unit / Department / Site), QP Risk
assessment process assists in prioritisation of actions and allocating resources.
Where the management of the HSE risk needs major improvement before the risk
can be regarded as acceptable, this is indicated by the red colour code. For risks
where improvement is needed but of a less fundamental nature, the colour yellow is

used. Blue is used to denote risks where management considers the risk is broadly
acceptable.
For risks that are not acceptable, time de-limited actions are required that will result
in the risk being acceptable (the ―get-to-blue goal‖).
Three generic actions can be taken to manage risks.
a. Avoid or reduce the risk: Use alternatives, put in place appropriate controls
(preventative and detective) to manage the risk to maximise value.
b. Transfer and/or share risk: Some risks are transferred (for example to an
insurance company) or shared (for example with contractors or joint venture
partners).
c. Terminate or forego activity: Risks are avoided, for instance by stopping an
activity or withdrawing from a project or operation. Generally, risks are retained
and managed when an entity (e.g. Business Unit / Department / Site) has the
capability to manage it better than others and is sufficiently rewarded for that.
Alternatively, risk is transferred or shared when others are better able to manage
the risk at an acceptable cost.
The implications of transferring risks to a third party are assessed as part of this
decision. For example, in most of the QP‘s projects, contractors are involved to
provide goods and services. The assessment of the capabilities of contractors and
their selection is therefore a key factor in managing HSE risk. A decision to transfer
risk to a contractor takes into account the contractor‘s ability to manage that risk and
their willingness to accept the risks.
The impact of the actions being taken and/or changes in the risk environment will
change the acceptability of the risk. For example if a risk is assessed as ―yellow‖ and
―improving‖ for several consecutive periods a re-assessment of its acceptability level
is needed, which may lead to a change in acceptability to ―blue‖.
9.1 SELECTION OF RISK TREATMENT OPTIONS
Selecting the most appropriate risk treatment option, either individually or in
combination, involves balancing the costs and efforts of implementation against the
HSE benefits derived, with regard to legal, regulatory, and other requirements such
as social responsibility, values and perceptions of stakeholders and the protection of
environment.
Risk treatment itself can introduce risks. A significant risk can be the failure or
ineffectiveness of the risk treatment measures. Monitoring needs to be an integral
part of the risk treatment plan to give assurance that the measures remain effective.
Risk treatment can also introduce secondary risks that need to be assessed, treated,
monitored and reviewed. These secondary risks should not treated as a new risk &
be incorporated into the same treatment plan as the original risk. The link between
the two risks should be identified and maintained.
9.2 PREPARING AND IMPLEMENTING RISK TREATMENT PLANS
The purpose of risk treatment plans is to document how the chosen treatment
options will be implemented.
The information provided in treatment plans should include:
 the reasons for selection of treatment options, including expected benefits to be
gained;

 responsible for
implementing the plan;
 proposed actions;
 resource requirements including contingencies;
 performance measures and constraints;
 reporting and monitoring requirements; and timing and schedule.
Treatment plans should be integrated within the management processes and
discussed with appropriate stakeholders. Decision makers and other stakeholders
should be aware of the nature and extent of the residual risk after risk treatment. The
residual risk should be documented and subjected to monitoring, review and, where
appropriate, further treatment.
9.3 REQUIREMENTS
9.3.1 Unacceptable Region / Red Zone / High Risk
This level of risk exposes QP to intolerable consequences on People, Assets,
Environment or Reputation. The hazard should be eliminated or its risk reduced to
tolerable levels immediately or alternative ways of carrying out the operation or
activity should be investigated meaning that ACTION MUST BE TAKEN
IMMEDIATELY TO REDUCE THE RISK IRRESPECTIVE OF COST. If there are no
other alternatives, then the operation or activity should not proceed.
9.3.2 Tolerable or ALARP Region / Yellow Zone / Medium Risk
This level of risk exposes QP to moderately tolerable consequences on People,
Assets, Environment or Reputation. The hazard(s) must be managed to reduce the
frequency and/or the severity of the hazardous events and the risk must be reduced
to levels as low as reasonably practicable (ALARP). That is the risk within this region
is tolerable only if further risk reduction is considered impracticable because the cost
required to reduce the risk is grossly disproportionate to the improvement gained.
RISK REDUCTION MEASURES TO ALARP LEVELS MUST BE PLANNED AND
DOCUMENTED.
9.3.3 Broadly acceptable Region / Blue Zone / Low Risk
This level of risk exposes QP to broadly acceptable consequences on to People,
Assets, Environment or Reputation. Though these are generally accepted without
any further action, it is a QP requirement to manage low risks for continuous
improvement.
Risk will always have to be reduced to a level that is both tolerable and As Low As
Reasonably Practicable (ALARP); however, in the yellow and red shaded areas a
documented demonstration is required.
The documented assessment demonstrating ALARP shall include;
 Agreed actions, responsible person(s), and completion date(s).
 Assurance activities to regularly follow the progress to ensure actions are closed
per the plan.
9.4 DEMONSTRATING ALARP
ALARP is considered demonstrated if alternatives have been considered and it is
concluded that further risk reductions are impracticable and the cost thereof are
grossly disproportionate to the HSE benefit gained.

In all cases consideration should be given to reducing risk to ALARP reflecting the
balance of cost and HSE benefit. To reduce a risk to ALARP involves balancing
reduction in risk to a level, objectively assessed, where the cost of further reduction
measures becomes unreasonably disproportionate to the risk reduction obtained.
Demonstrating ALARP requires consideration of all the hard and soft issues related
to a range of options. It requires a judgmental decision with the full knowledge of all
options, associated risks and costs.
Specifically in the context of engineering, ALARP is not just a demonstration that
risks of the preferred or selected option are considered acceptable and/or
comparable to other similar developments. Demonstrating ALARP requires
consideration of fundamentally different options to provide assurance that QP gets
best value for money over the lifetime of a facility or operation.
In defining ALARP risk reduction measures, the potential for changes in risk
tolerability criteria with time should be borne in mind for those projects or operations
with a considerable life span. Rather than applying fit-for-purpose now, the
contingency should be built-in which allows for seamless ALARP upgrade without
costly retrofits. What is considered ALARP today may no longer be acceptable in
the future, for example:
a) the applicable legislation may change,
b) public awareness may increase and/or tolerance may decrease,
c) QP‘s HSE objectives may become more stringent.
Determining the exact level of ALARP is difficult and depends on many factors such
as internal/external influences and the nature of the hazards and associated risks.
One may arrive at different ALARP definitions for identical risks which occur at
different locations. As such it is critically important to fully understand the effects of
risk reduction measures, specifically for those risks which require multiple measures
to achieve ALARP. The effects of the individual measures should be fully explored
with a view to avoiding potential clashes and/or overlaps.
Every effort should be made to ‗design out‘ rather than add on mitigating
controls/measures. In the various attempts to achieve ALARP one should be
cautious and not over-complicate:
 equipment and process control/shutdown system designs,
 procedures for systems and processes, and
 personnel training and qualification criteria.
Specifically for projects, ALARP should be pursued with risk reduction measures that
have obvious, clear and measurable effects on the estimated risk level. Application
of these measures may initially appear expensive but should have preference over
combinations or multitudes of measures which, albeit easier and at less cost from a
project perspective, have obscure effects or require significant
operations/maintenance effort in the medium/long term. In addition to the long term
cost liability, there is the danger that some of these overlapping measures become
neglected with time and possibly excessive reliance is put on what are deemed to be
the key risk reduction measures.
Where quantitative risk assessment is used, then the costs of the various options
can be compared with the respective risks. In qualitative analysis, ALARP is
established using standards, legislative requirements and judgement based on

experience. Regardless of the risk assessment methodology used, it still needs to

be demonstrated, that risks are ALARP.
Review the Risks
Depending on the magnitude of risks and the potential consequences of hazards,
these should be periodically reviewed by the management. The reviews should
involve those parts of the organisation which are involved in day-to-day management
of these hazards i.e. the production, engineering, maintenance and HSE functions.
As a typical issue for these reviews one should verify if the base assumptions have
changed since the original design was implemented or since the risks were reviewed
previously e.g.:
 Has the plant/equipment performance lived up to the expectations of the original
design in terms of accidents, incidents and equipment uptime?
 Has the product or equipment price changed significantly i.e. what is the current
cost of production loss and/or equipment replacement?
 Have there been significant and unexpected changes over time and/or technical
integrity of equipment e.g. excessive corrosion, wear/tear?
 Have there been significant hardware changes and if so, have the risk associated
been adequately reviewed in the context of previously defined risk levels?
 Is the average experience level of plant operators and maintainers still the same?
 Can new technology provide reduced risks at same or less cost?
 Have legislation and/or public perceptions changed regarding what is now
considered acceptable/unacceptable?
 Have there been changes outside QP influence which could affect overall risk
levels e.g. population build-up around facilities in previously isolated areas,
increased road traffic, security aspects, etc?
Specifically for those issues which are managed at ALARP risk level but still remain
toward the upper end of the ALARP region, management should insist on a
minimum review frequency (e.g. annually) to be conducted by appropriate personnel.
The documented results of these reviews must be fully auditable.
9.5 THE COST BENEFIT ANALYSIS APPROACH
The Cost Benefit Analysis (CBA) approach is an effective risk management tool as it
aids consistency in resource allocation decisions. CBA can be used for risk
evaluation where total expected costs are weighed against the total expected
benefits in order to choose the best or most profitable option. The CBA approach
requires monetary evaluation of risks or the monetary evaluation of the loss. Some
typical examples are:
 loss of life
 loss of or damage to a natural resource
 loss of plant, assets (e.g. rebuild cost)
 loss of product and/or revenue
 loss of sales or customers (e.g. through loss of reputation)
 cost of clean-up (e.g. following accidental and/or chronic contamination)
CBA can be qualitative or quantitative or involve a combination of quantitative and
qualitative elements. Quantitative CBA aggregates the monetary value of all risk
reduction measures against benefits to all stakeholders that are included in the
scope and adjusts for different time periods in which costs and benefits accrue. The

evaluation of measures to avert loss of life requires ‗Valuation of life‘ for which
different figures have been used by various industries and countries.
QP does not specify a common ‗Valuation of life‘ criterion which is to be applied
throughout QP. It will be acceptable to use British Health & Safety Executive (UK
HSE), or individual entity defining appropriate criteria, which match industry
standards as pertaining to their specific business. A significant consideration in this
is the QP expectation that QP Businesses / Functions / Directorates should
continually improve their performance towards meeting or exceeding their particular
industry benchmarks, standards and expectations.
10.0 RESPONSIBILITIES
Ultimate responsibility for effective management of HSE risks rests with the
executive management. The leadership should ensure that HSE risk management is
fully integrated across the organisation and into all its activities. Line management in
Businesses, Functions and Business Units (Regions, Directorates and Departments,
Projects, etc.) has the responsibility to implement this philosophy.

10.1 EXECUTIVE MANAGEMENT

In line with their ‗Duty of care‘ towards all QP employees and stakeholders, the
Executive Management (Corporate leadership) have the responsibility to lead and
manage HSE Risk Management activities. The regional / business unit / functional /
site leadership have the responsibility to assign adequate resources to HSE RM in
line with Corporate vision.
Executive management should:
 Ensure that the organisation has access to sufficient knowledge, skills and
experience and resources to manage the HSE risks in a responsible manner and in
accordance with legislation.
 Allocate HSE risk management responsibilities and accountabilities.
10.2 DIRECTORS AND CORPORATE MANAGERS
Corporate HSE Manager, in consultation and association with the Directors of;
Operations, Technical, Oil & Gas Ventures, Downstream Ventures, Refining, RLIC,
MIC, Administration, Finance, and Industrial Security Directorates; and Corporate
O&S Manager, shall designate;
a) HSE Risk Management steering committee chaired by ST at corporate level,
b) Regional HSE Risk Management Teams – one each for Mesaieed, Ras Laffan,
Offshore, Dukhan and Doha.
The Directors, within their Directorates, and the Corporate Managers, within their
Corporate Departments, shall ensure that the proper resources are committed to;
 Demonstrate overall management leadership and commitment.
 Pay appropriate attention to HSE Risk Management during business activities
such as forming joint ventures, making acquisitions, contract operations,
decommissioning, and process phase-out.
 Audit regional / entity‘s HSE Risk Management programs. Coordinate transfer of
HSE Risk Management responsibilities between entities.
 Coordinate HSE Risk Management information exchange among sites.
10.3 LEADERSHIP (REGIONAL/ DEPARTMENTAL/ BUSINESS UNIT/ SITE)
MANAGEMENT
Regional/functional/business unit/site management shall be ultimately responsible
for accepting and implementing the recommendations resulting from the Risk
Assessment process. Responsibilities of regional / functional / business unit/ site
management shall include the following:
 Be ultimately responsible for accepting and implementing the recommendations
resulting from the Risk Assessments.
 Demonstrate management leadership and commitment.
 Designate entity HSE Risk Management Multidisciplinary working group.
 Ensure compliance with the corporate risk management program by selecting
and making available resources to the working group.
 Provide for and encourage employee involvement.
10.4 MANAGER, CORPORATE HSE SUPPORT (ST)
Manager, Corporate HSE Support shall be responsible for the following:
 Set direction and strategy for QP HSE Risk Management.
 Chair the Corporate HSE Risk Management steering committee.

 Publishing and maintaining corporate HSE Risk Management standards,

guidelines and procedures.
 Ensure that a uniform process for HSE risk management is implemented,
maintained and operated across the entire corporation.
 Monitor status of critical HSE risks and their treatment
 Devise intervention strategies for HSE risk reduction
 Provide bi-annual status to Executive Management on QP HSE risks.
Manager, Corporate HSE Support shall be supported by Corporate HSE risk
Management steering committee as extended arm of QP Corporate.
10.5 ENGINEERING
On Minor & Major / Capital projects, Engineering shall provide leadership for the
incorporation of HSE Risk Management concepts in the design and construction of
new or modified facilities, with involvement and participation by the operating unit.
The H&S activities for project phase have been specified in an inter-departmental
procedure for ―Management of H&S in Capital Projects‖ (Refer IP-ENG-041). The
environmental activities have been specified in an inter-departmental procedure on
Environmental Assessment and Authorization (Refer IP-ENV-001).
Specific responsibilities shall include the following:
 Participate in the preparation of the Design & Engineering package, with primary
emphasis on the process and equipment design bases.
 Conduct appropriate safety study(ies), in accordance with abovementioned IP on
―Management of H&S in Capital Projects‖ (IP-ENG-041).
 Conduct appropriate environmental study(ies), in accordance with above
mentioned IP on ―Environmental Assessment and Authorization‖ (IP-ENV-001).
 Manage the safety performance of construction contractors involved in the
construction of the facility.
 Manage the assurance of efforts for desired fabrication, delivery, assembly, and
installation of process equipment for the new or modified facility.
10.6 CORPORATE HSE RISK MANAGEMENT STEERING COMMITTEE
A corporate HSE Risk management Steering Committee, designated by Corporate
HSE Manager, in consultation and association with the Directors, shall be chaired by
Manager, Corporate HSE Support. The Head of HSE Risk Management shall
coordinate the corporate HSE Risk Management Steering Committee and chair the
same in absence of ST on his behalf. Heads of regional HSE risk management
teams, Manager of Corporate Environment & Sustainable Development and
nominated representatives from regional teams shall serve as members of the
Committee. The committee shall be an overseeing corporate body for monitoring
HSE risk management processes, systems and results throughout QP. The
committee shall be responsible for;
 Providing support to Manager, Corporate HSE Support, as an extended arm of
QP Corporate, in discharge of his HSE RM responsibilities.
 Aligning and ensuring uniform HSE Risk management processes throughout
QP, as a nodal corporate entity.
 Being change agents in HSE Risk management throughout QP.
 Coordinating QP HSE Risk Management resource pool for competence sharing,
HSE Risk Management auditing and stakeholders engagement.

 Reviewing, updating and maintaining corporate HSE RM standards.

 Conducting assurance assessments of sites HSE RM programs on an ongoing
basis through regular audits.
The committee shall meet at a quarterly periodicity or as requisitioned by the
Chairman on a need basis.
10.7 CORPORATE HSE RISK MANAGEMENT GROUP
The corporate HSE Risk management group in ST department shall be responsible
for the following;
 Preparation, review, updating and maintenance of corporate HSE Risk
Management standards, guidelines and corporate procedures.
 Support creating of QP detailed procedures on specific Hazard identification or
Risk Assessment techniques.
 Providing HSE Risk Management consulting services and guidance to regions &
entities.
 Facilitating training in HSE RM.
 Oversee HSE Risk Management performance and management systems for the
Corporation.
 Custodianship of company knowledge of Risk Assessment techniques, in order
to identify essential tools and resources.
 Providing HSE RM auditor training and maintaining a list of qualified HSE RM
lead auditors.
 Conducting corporate level audit of risk management processes on an ongoing
basis.
 In concert with entity HSE RM workgroups, collecting and analyzing internal and
external HSE RM metrics for trends, key learnings, and appropriate corrective
actions
 Communicating such learnings to regions (operational areas) / business units /
departments / sites.
 Directing & guiding on HSE Risk management requirements of external
governing bodies
 Interaction with peers as Corporation representatives to share best practices in
field
 Coordinate HSE Risk Management resources of the corporation
 Monitoring & review of the critical recommendations resulting from the analyses.
 Feedback incident management and communication results into HSE Risk
management for integration
 Integrate risk management outputs with emergency planning, preparedness and
response (planning for accepted & residual risks)
The Head of HSE Risk Management shall coordinate the corporate HSE Risk
Management Steering Committee and chair the same in absence of ST on his
behalf.
10.8 REGIONAL HSE RISK MANAGEMENT TEAMS
In order to ensure involvement of all stakeholders in HSE Risk Management decision
making process throughout QP, all QP Businesses, Functions and Business Units
are sub divided in 5 regions, viz, Mesaieed, Dukhan, Ras Laffan, Doha and Offshore.
The geographical boundaries of assets, facilities, departments shall be forming each

region. Corporate HSE Manager, in consultation and association with the Directors,
shall designate the Regional HSE Risk Management Teams – one each for
Mesaieed, Ras Laffan, Offshore, Dukhan and Doha with one of the members of the
team as leader. Their responsibilities shall include the following:
 Team leaders to represent the region on the corporate HSE Risk Management
Steering Committee.
 Facilitate and support implementation and maintenance of an appropriate HSE
Risk Management system for the QP entity.
 Ensure that adequate auditing resources are identified and appropriate HSE RM
audits are completed, as per HSE RM Audit Program.
 Review, analyse and trend the audit results from entity level HSE risk
management auditing process and propose interventions for improvement
 Coordinate and support corporate level HSE risk management process audits.
 Coordinate HSE RM information exchanges through HSE Risk Management,
Corporate HSE Support.
10.9 ENTITY (BUSINESS UNIT/DEPARTMENTAL/SITE) LEVEL HSE RISK

MANAGEMENT WORKGROUPS
Each QP entity shall designate a HSE Risk Management multidisciplinary
workgroup. One of the members of the workgroup shall be identified as leader,
preferably operations management, and represent the Department / site in regional
HSE Risk management committee. The other members of the workgroup shall be
competent and experienced persons representing all functions and area e.g.
production, engineering, maintenance, HSE.
The following activities shall be the primary responsibilities of this workgroup:
 Assist line managers in fulfilling their stated HSE RM responsibilities.
 Develop, issue, and update entity HSE RM procedures.
 Facilitate and support implementation of an appropriate HSE RM system for the
entity, and plan regular reviews of risks involved in the processes.
 Assist entity in HSE RM programs, special hazards evaluations and HSE RM
audits.
 Workgroup leader to serve on the regional HSE Risk Management Team.
 Monitor individual entities‘ HSE RM programs through reviews of significant
safety studies, critical quantitative risk assessments, serious incident and other
reports, and auditing compliance with the QP HSE RM.
 Audit the line organization for compliance with site HSE RM guidelines. Analyze
and trend audit results and prepare reports to entity management,
acknowledging strengths, propose interventions for improvement and
recommending upgrades and corrective actions, where appropriate.
 Coordinate and support corporate level HSE risk management audits.
 Monitor & review the critical recommendations resulting from the various
assessments.
 Provide quarterly update / status on entity‘s HSE risks to Leadership, Regional
HSE Risk Management Committee, Corporate HSE Support and Corporate HSE
Risk Management group.

11.0 COMMUNICATION, DOCUMENTATION, AND MONITORING

11.1 COMMUNICATION
Communication and consultation with all stakeholders is required during all stages of
the HSE risk management process to ensure that those accountable for
implementing the risk management process including all stakeholders understand
the basis on which decisions are made, and the reasons why particular actions are
required. Essentially, the communication and consultation should address issues
relating to the risk itself, its causes, its consequences, and the measures being taken
to treat it.
Communication and consultation with all stakeholders is important as they make
judgments about risk based on their perceptions of risk. These perceptions can vary
due to differences in values, needs, assumptions, concepts and concerns of
stakeholders. As their views can have a significant impact on the decisions made,
the stakeholders' perceptions should be identified, recorded, and taken into account
in the decision making process.
Changing business conditions and decisions made in the course of running the
business will continuously alter the risk profile of a QP entity (Business unit /
Department / Site). This makes it important to have, frequent and explicit formal
discussions about risk, in order to maintain continued awareness as to which risks
are significant. It also requires transparent communication of significant risk to
decision makers so that decisions are made with a full understanding of the risks and
opportunities involved and how these will be managed.
During the process of Risk Assessment, QP entity managers shall appoint risk
owners for each risk.
Risk owners will be responsible for, ensuring that clear definition and assessment of
the risk is maintained and for considering the effectiveness of the existing actions to
manage the risk. They will monitor the risk and track actions of treatment measures.
They will communicate with the concerned manager on the status at a monthly
periodicity.
The summary status shall be presented to the Management of the QP entity
management and Leadership, by entity level HSE risk management workgroups
every quarter.
The leadership teams (Concerned managers) of the QP entity are required to review
and report their HSE risks on a quarterly basis to the Corporate HSE RM Steering
committee. This facilitates aggregation of operational area (business units /
departments / sites) HSE risks.
The reporting format is left to their management‘s judgment taking into consideration
the size and maturity of their respective QP entity and the volatility of the risk
environment. However, all entities demonstrate how proactive HSE risk management
has been applied as an integral part of their management activities.
Examples of proactive HSE risk management include the assessment of risks in the
plan, indication of actions taken to manage HSE risks, and management‘s
discussions on HSE risks.
At Corporate level, the Executive Management and the Corporate HSE Risk
Management Steering Committee review risks that impact the QP‘s objectives.

Corporate HSE Risk Management group through Manager, Corporate HSE Support,
shall present a QP wide summary status report to executive management every six
months.
11.2 HSE RISK REGISTER
Various Safety studies and Risk/Impact assessments will generate large amounts of
information, both quantitative and qualitative, that must be systematically recorded.
Wherever possible, an electronic database shall be used for recording the
information. The advantage of using such a database is that the data can be readily
retrieved or reported.
A HSE Risk Register is a management tool that enables the user to manage and
present Risk Assessment information. This is a consolidated repository for risk
information across all areas of activity and various phases of the assets.
In order to instill an effective and structured integrated process for the management
of HSE risks, an HSE Risk Register is a logical starting point. For a QP entity, HSE
Risk Register shall be unique. However, the information recorded may be linked to
QP wide corporate HSE risk register, in a formal and structured manner. This will be
a corporate repository and will assist in management demonstration of HSE risk
control. The HSE Risk Registers will serve as a useful internal communication and
management tool. HSE Risk Registers will also be useful for training and education
of operators, engineers and maintenance personnel.
11.3 HSE RISK REGISTER REQUIREMENTS
Every QP entity shall prepare and maintain an up-to-date HSE Risk register. In
operating assets, an HSE Risk Register may be prepared from inputs of Risk
Assessment work, from Audits and from incident investigations, recorded in
whatever existing formats. Recently published corporate Guidelines for recording
Hazards & Effects (QP-GDL-S-050) requires recording of output of related safety
studies in Hazards & Effects register. Relevant details from Hazards & Effects
register will be linked to HSE Risk Register.
An example of the HSE Risk Register is appended in Appendix II.
The HSE Risk Register for each entity shall be prepared by the members of
respective HSE Risk Management workgroup. The same shall be reviewed by the
HSE Risk Management workgroup and signed-off by its leader, before being finally
approved and signed-off by the respective Manager. The register shall be updated
as and when significant Risk Assessment results are to be incorporated. However
the maximum periodicity shall be two years.
The updated & current version of the HSE Risk register shall be kept as a controlled
copy with the entity‘s HSE Risk Management workgroup leader and concerned
Manager. A secondary copy shall be given to the HSE Risk management group in
Corporate HSE Support by the respective approving authority.
11.4 MONITORING & TRACKING OF HSE RISKS & RECOMMENDATIONS
The HSE Risk Register of a QP entity provides line managers with a high level
overview of the entities‘ risk status at a particular point in time and becomes a
dynamic tool to monitor and track risks, risk controls, actions to be taken and
residual risk.

This shall form the basis for management information on HSE Risks and regular
summary reporting to Leadership / Executive Management. It shall provide HSE Risk
Management workgroups with a mechanism & tool for tracking and monitoring risks
and risk controls.
Corporate HSE Risk management group shall also monitor and track status of critical
recommendations at a six monthly periodicity. Corporate HSE Support shall provide
a status report to Executive Management, through Corporate HSE Risk management
group, at a six monthly periodicity.

12.0 APPENDICES
12.1 APPENDIX I : TABLE 2 GUIDANCE ON SELECTION OF TOOLS
Qualitative Assessment/
Stage
Hazard Hazard and OHSAS HIRA(Hazard

Risk Assessment Tools Job Hazard Analysis Task Based Risk Layer of Protection Fault tree analysis Event tree analysis Quantifed Risk QP Alarp
Tool box meetings Checklist Brainstorming What if Analysis What-if Checklist Identification Safety Review operability study Identification & Risk Bow tie analysis Conceptual QRA
and techniques (JHA) Assessment (TBRA) Analysis (LOPA) (FTA) (ETA) Assessment (QRA) Demonstration
(HAZID) (HAZOP) Assessment)Consequence
/Probabilty matrix
General
Activities undertaken or
overseen by QP Directorates
and Departments
Project Initiation
Concept Definition
(Feasibility studies and
concept optimization)
Projects
Engineering definition
(FEED)
Update Update QRA
Implementation (EPIC) HAZOP
Handover and completion
HAZOP on
Start-up startup
procedures
QP Risk Assessment Requirements
Routine activities
Non-routine / hazardous or
critical activities
Periodic overall facility Risk Assessment

Operations
Annual unitwise Risk

Assessment of QP facilities and
Assets units e.g. Well head, Gas
compressor, Tank farm, Liquid
& Gas loading facility, Pipeline,
Refinery Process units etc.
Once in 5 years overall Risk Update Update QRA
HAZOP
Assessemnt of each QP facility
and Asset e.g. NGL plants,
Refinery, Offshore Installations,
Chemical plants etc.
Plant Changes
Small modifications / repairs

Miscelaneous Closure Ventures / Processes Contractor
Activities
Activities being performed

by contractors for QP
Incident / accident analysis
Audits
Acquisition
New
Acquisitions
Decommissioning,
dismantling and removal
Any activity, operation or

process not covered by any
of the above stages
LEGEND
QP requirement and/or is specified in QP Corporate documentation as "Mandatory"
Applicable, specified in Corporate documentation as "If Applicable"
Not Applicable, specified in QP Corporate documentation as "Not Applicable"

12.2 APPENDIX II – A TYPICAL HSE RISK REGISTER FORMAT
HSE RISK REGISTER

QP Business, Function or Business Unit - ____________________________________________
Directorate / Corporate Departments - ___________________________
Area / Site - ___________________________
Risk Identification, Assessment, Ranking and Management
With existing safeguards Post Recommendations
Effect / Existing Safeguards Recommended
Sl. Risk Event Probability/Likelihood & Probability/Likelihood & Responsibility Assurance
Consequence (Controls) / Consequence / Im pact
Safeguards (Controls) Consequence / Im pact
Reference Remarks
No. Description Risk rating Risk rating with date activities
/ Impact (Mitigation Measures) P A E R
/ (Mitigation Measures) P A E R
1.0 Work place

1.1 Quarterly Brainstorming
departmental
Objective Review
High Low __
HSE Risk
management review
meetings
2.0 Environmental
2.1
Medium Low
3.0 Health
3.1
Medium Low
Revision No._____ Date __________________ Revision No._____ Date __________________

Update due on Date __________________
Created by - Update recorded by -
Reviewed by - HSE Risk Management workgroup
Signature - Updation reviewed by - HSE Risk Management workgroup
______________________________________________ Signature - _______________________________________
(Leader, HSE Risk Management workgroup) (Leader, HSE Risk Management workgroup)
Approved by - Concerned Manager Updation approved by - Concerned Manager
Signature - Signature -
______________________________________________ ______________________________________________
(Manager, ……………………………………..) (Manager, …………………………………………..)

REVISION HISTORY LOG
Revision: 1 Date: 6/12/2011
Reason for Change/Amendment

Item Revised:
Changes/Amendment:
This corporate philosophy is developed to cover the corporate

requirements for HSE Risk Management.
This corporate philosophy (QP-PHL-S-100) supersedes QP Criteria

for Quantitative Risk Analysis (QP-GDL-S-014)
Note:
The revision history log shall be updated with each revision of the document. It shall
contain a written audit trail of the reason(s) why the changes/amendments have occurred,
what the changes/amendments were and the date at which the changes/amendments
were made.

QP Philosophy For Hse Risk Management

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

QP Philosophy For Hse Risk Management

Uploaded by

Copyright:

Available Formats

STANDARDS PUBLICATION

DOC NO: QP-PHL-S-100

CORPORATE HSE SUPPORT DEPARTMENT

DOC. No. QP-PHL-S-100 Rev. 1

3.0 APPLICATION ………………………………………………………................... 10

4.0 TERMINOLOGY …………………………………………………….................... 11

5.0 REFERENCE STANDARDS AND CODES ……………………….................. 14

6.0 PROCEDURAL CONCEPTS......................................................................... 16

7.0 QP RISK ACCEPTANCE CRITERIA............................................................. 19

8.0 QP HSE RISK ASSESSMENT REQUIREMENTS......................................... 30

9.0 QP HSE RISK TREATMENT REQUIREMENTS........................................... 34

Doc File No.: PHL-S-100 R1 Page 2 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

11.0 COMMUNICATION, DOCUMENTATION, AND MONITORING.................... 44

REVISION HISTORY LOG............................................................................ 49

Doc File No.: PHL-S-100 R1 Page 3 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

This document has been developed by Corporate HSE Support Department,

This document is published for QP Departments/ Contractors/ Consultants utilization.

This corporate philosophy (QP-PHL-S-100) supersedes QP Criteria for Quantitative

The custodian of this document is Corporate HSE Support Department (ST).

Doc File No.: PHL-S-100 R1 Page 4 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

1.2 QP HSE MANAGEMENT SYSTEM

Fig. 1: QP Management System Model

Doc File No.: PHL-S-100 R1 Page 5 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

Fig. 2: QP HSE Management System Elements

Doc File No.: PHL-S-100 R1 Page 6 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

and the possibility of future events or circumstances (intended or unintended) having

Doc File No.: PHL-S-100 R1 Page 7 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

Establishing the Context

Analysing the Risks

Monitor and Review

Evaluating the Risks

Treating the Risks

Fig. 3: HSE Risk Management

Doc File No.: PHL-S-100 R1 Page 8 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

Doc File No.: PHL-S-100 R1 Page 9 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

e. HSE Risk Management is systematic, structured and timely.

Doc File No.: PHL-S-100 R1 Page 10 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

Doc File No.: PHL-S-100 R1 Page 11 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

Assets, Production, Environment and Reputation.

Doc File No.: PHL-S-100 R1 Page 12 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

within the refinery fence is regarded as a worker, whereas

Doc File No.: PHL-S-100 R1 Page 13 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

F&G - Fire & Gas System

5.0 REFERENCE STANDARDS AND CODES

Doc File No.: PHL-S-100 R1 Page 14 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

BS EN ISO 17776 - Petroleum and natural gas industries — Offshore

5.2 QP RELATED DOCUMENTS

Doc File No.: PHL-S-100 R1 Page 15 of 49 Custodian Dept: ST

DOC. No. QP-PHL-S-100 Rev. 1

6.0 PROCEDURAL CONCEPTS