OPERATIONAL INTEGRITY

MANAGEMENT SYSTEM

RISK AND HAZARD ASSESSMENT

GLOBAL GROUP MINIMUM STANDARD OI-L2-109

Revision: 02
Issue Date: 13 July 2018
Review Date: 13 July 2021
Author: N. Popov
Approver: A. Denielle

REVISION RECORD

Revision: Date: Changes Since Last Issue:

00 09/2013 (Initial issue)

01 09/2016 ‘Who Is This For’ extended to cover various purposes of OIMS Gap Analysis.
‘What Situations Are/Are Not Covered?’ extended to include other locations and
acquisitions.
‘Accountabilities: Manager/Supervisor’ split and re-written. ‘Operational
Integrity’ and ‘Employees and Contractors’ bullets added.
Section 3: new. Sections 4, 5, 6: rewritten
All sections: ‘likelihood’ changed to ‘probability’.
Section 7: Addition to 2nd sentence, added new last sentence.

02 07/2018 Section 10: ‘Reference Documents’ added.

PURPOSE
Group minimum standard to assure compliance with identification and Risk Assessment of HSE hazards, the
evaluation and implementation of control and recovery measures and to document that HSE risks have been
reduced to an acceptable level As Low As Reasonably Practicable (ALARP).

The requirements stated below fully meet Group minimum standards and expectations. All SGS Operations and
Functions shall comply with this Group Minimum Standard and ensure that it is fully implemented within the
corresponding local Level 3 Procedure.

WHO IS THIS FOR?

Managers/Supervisors, Operational Integrity personnel, or any employee conducting an OIMS gap analysis of
various purposes (for development/review of a local Level 3 procedure, an OI audit, a Management Review, etc.).

WHAT SITUATIONS ARE/ARE NOT COVERED?

These requirements apply to:
© SGS Group Management SA - 2018 - All rights reserved - SGS is a registered trademark of SGS Group Management SA

This is an uncontrolled copy when printed, unless signed by an authorised signatory.

The latest revision of this document and the official distribution list are those approved in the OIMS database.
 RISK AND HAZARD ASSESSMENT
OI-L2-109 REV. 02 07/2018
PAGE 2 OF 5

All personnel, including employees, clients, and contractors on SGS locations or locations operated by
SGS.
SGS employees and contractors on locations where work is conducted on behalf of SGS.
It also applies to SGS acquisitions.

These requirements do not apply to Client employees operating on their own sites.

NOTE: Mandatory elements are in orange sections.

GROUP MINIMUM REQUIREMENTS

1. ACCOUNTABILITIES
All applicable personnel shall be held accountable for complying with SGS Group and local legal
requirements.

Managers shall:
Be accountable for the successful implementation and results of the Risk Management process.
Ensure Risk Assessments are conducted during the design phase for new projects.
Ensure resources are made available to enable risk assessments to be conducted, effective
barriers are in place and personnel receive the relevant HSE training.
Validate the Risk Assessments through a formal sign-off process.

Supervisors shall:
Ensure appropriate barriers are in place and correctly implemented with all employees and
contractors on all work sites / operations.
Ensure risk assessments remain valid by reviewing them when new / additional hazards are
introduced, or when activities have changed to beyond the scope of the original assessment, or
formal validity of the RA is overdue, whichever occurs first.
Update existing risk assessments as a result of learning from incidents
Ensure there is a systematic categorization of tasks and hazards, that evaluations of risks are
reasonable, and that barriers are practical to implement.
Ensure effective communication of hazards and barriers to the affected personnel.

Operational Integrity shall:

Provide training material for Risk Assessment process
Facilitate meetings and assure the process is implemented according to the Group minimum
requirements.
Review activities and established barriers to assess if risks have been reduced to As Low As
Reasonably Practicable (ALARP).

Employees and Contractors shall:

Comply with SGS Group and local legal requirements and shall understand their critical roles and
responsibilities identified from the Risk Management process.
Be involved in the risk assessment process to identify hazards, risks and Barriers.
Implement the outcomes of Risk Assessments (supported by the supervisor).
Have the responsibility to “Stop Work Authority” if they have doubts about the hazards and
effectiveness of the barriers; refer to the Group Minimum Standard OI-L2-324 Stop Work Process.

© SGS Group Management SA - 2018 - All rights reserved - SGS is a registered trademark of SGS Group Management SA

This is an uncontrolled copy when printed, unless signed by an authorised signatory.

The latest revision of this document and the official distribution list are those approved in the OIMS database.
 RISK AND HAZARD ASSESSMENT
OI-L2-109 REV. 02 07/2018
PAGE 3 OF 5

2. DEFINITIONS
ALARP – As Low as Reasonably Practicable – The point at which the costs (in time, money and
effort) of further risk reduction is grossly disproportionate to the risk reduction achieved.
Barrier – A risk Control or a Recovery Measure. Barriers provide the means of preventing an event
or incident, or of mitigating the consequences. A Barrier can be an item of equipment or a human
intervention.
Control – In the context of managing risk a type of Barrier that is a means of preventing an
incident. Controls can be engineering, procedural or behavioural.
Hazard – A hazard is an agent that has the potential to harm the health and safety of people or to
damage assets, the environment, or reputation.
Recovery Measure – A Barrier that reduces the consequences of the release of a hazard as a
result of an incident. Recovery Measures can be engineering, procedural or behavioural
measures.
Risk – A risk is the potential for realisation of unwanted, negative consequences from a hazard.
The combination of the probability and consequence(s) of a specified hazardous event occurring,
including the severity of injury or ill health that may be caused by the event or exposure(s).
Risk Assessment (RA) – A step in the Risk Management process. Risk Assessment is measuring
two quantities of the risk, the magnitude of the potential consequences, and the probability that the
consequences will occur. Risk assessments can be qualitative or quantitative, depending on the
method for evaluating the two risk quantities.
Risk Assessment Matrix (RAM) – A tool that standardizes qualitative risk assessment and
facilitates the categorization of risk from hazards to people, assets, environment, and company
reputation.
Risk Management – Coordinated activities to direct and control an organisation with regard to risk.

3. RISK ASSESMENT EXPECTATIONS

Risk Assessments shall be conducted on all hazards and activities (such as task, operation, project,
acquisition, etc.) performed or planned by SGS Group with the following expectations to be met:
a) There shall be a systematic and documented identification of hazards and HSE impacts of all
planned and ongoing SGS activities.
b) Hazard and impact information shall be used in conjunction with information on operational
practices (actual and proposed), in order to make an assessment of risk in terms of probability and
severity.
c) Risk assessment information shall be used to determine Barriers (risk controls and recovery
measures) to minimize risks to an acceptable level ALARP.
d) The feasibility of barriers shall be assessed with reference to the magnitude of the risk, the Global
OIMS minimum requirements, and the commercial and business needs of SGS.
e) In the case of new projects / major modifications or mergers/acquisitions, the hazard identification
and risk assessments shall be conducted at a stage early enough for barriers to be incorporated in
the design stage.
f) Risk Assessments are dynamic and must be reviewed and updated whenever a procedure,
process or method of work is changed, when non-routine tasks are undertaken, or every three
years, whichever comes first.
g) Local Procedures shall ensure that hazard and risk assessment information and documentation is
communicated to those persons involved or impacted by the activity.
h) Under no circumstances is an activity to be performed without a clear understanding of the hazards
involved and implementation of those barriers that are to be used to minimise risks to an
acceptable level, ALARP.

© SGS Group Management SA - 2018 - All rights reserved - SGS is a registered trademark of SGS Group Management SA

This is an uncontrolled copy when printed, unless signed by an authorised signatory.

The latest revision of this document and the official distribution list are those approved in the OIMS database.
 RISK AND HAZARD ASSESSMENT
OI-L2-109 REV. 02 07/2018
PAGE 4 OF 5

4. RISK ASSESMENT PROCESS

Effective identification of hazards, assessment of those risks associated with any given hazard or
activity, and implementation of barriers is best performed by following the listed guidelines:
a) Identify Activities to be performed.
b) Identify all Hazards associated with each activity.
c) Identify “existing” Barriers (barriers already in place).
d) Assign an “initial” risk rating for each hazard (by determining probability and severity of potential
consequences) utilising L4-109-01 Risk Assessment Matrix. The “initial” risk rating takes into
consideration the existing barriers already in place.
e) Assess the tolerability of the initial risk (if the initial risk is deemed at an acceptable level ALARP).
f) If the initial risk is not deemed ALARP the Risk Assessment Team will then identify further barriers
(refer to section “Risk Mitigation Hierarchy”) and re-assess those activities and hazards considering
further barriers that manage risk to an acceptable level ALARP.
g) Assign “reduced” risk rating. The “reduced” risk must be deemed As Low As Reasonably
Practicable (ALARP); no more than that which can reasonably be achieved. If after all barriers as
set by the Risk Mitigation Hierarchy have been evaluated and the reduced risk is still greater than
ALARP, the Risk Assessment Team will revisit the activity in an attempt to achieve a rating that is
ALARP. If this cannot be accomplished, the activity cannot be done without the express written
permission of the senior manager on site, and after consultation with Client representatives, where
applicable.
h) Record risk assessment results on L4-109-02 Risk Assessment Form.
i) Implement the barriers as required and communicate the Risk Assessment information.
j) Review and revise the Risk Assessment whenever new / additional hazards are introduced, or
when activities have changed to beyond the scope of the original assessment, or when formal
validity of the RA is overdue, whichever comes first.

5. RISK ASSESSMENT TEAM

A Risk Assessment Team shall be constituted to evaluate each hazard and/or activity performed on all
sites/projects. The Risk Assessment Team shall consist of a minimum number of 3 with the makeup as
follows:
Person who performs and/or experienced in the activity.
Risk Assessment moderator. Someone trained in the Risk Assessment process.
Another person not related to the activity being assessed.
Technical Specialists (where required).

6. USING THE RISK ASSESSMENT MATRIX (RAM)

The Risk Assessment Matrix (RAM) is used to classify each risk associated with the hazard or activity
being evaluated. It measures the probability of a negative consequence and the amount of harm
(severity) that consequence may cause to people, assets, environment, and reputation. All four
categories of harm are to be assessed for each hazard/activity.

The Incident Reporting and Management, OI Audit, and OI Non-conformity standards/procedures must
be aligned to use the RAM for managing/assessing actual incidents, near-misses, hazards/risks and
non-compliances.

© SGS Group Management SA - 2018 - All rights reserved - SGS is a registered trademark of SGS Group Management SA

This is an uncontrolled copy when printed, unless signed by an authorised signatory.

The latest revision of this document and the official distribution list are those approved in the OIMS database.
 RISK AND HAZARD ASSESSMENT
OI-L2-109 REV. 02 07/2018
PAGE 5 OF 5

7. RISK MITIGATION HIERARCHY

Once hazards are identified and risks are evaluated, Barriers must be identified and implemented to
reduce risk to achieve an acceptable level of risk As Low As Reasonably Practicable (ALARP). The risk
mitigation hierarchy is as follows in order:
a) Elimination,
b) Substitution,
c) Engineering controls,
d) Administrative controls,
e) Personal Protective Equipment.
When selecting and implementing Barriers preference shall be given to those at the top of the risk
mitigation hierarchy.

8. RECORD RETENTION
Records shall be managed and retained as required by the Group Minimum Standard, OI-L2-715
Records Management.

9. TRAINING REQUIREMENTS
Training shall be managed and conducted as required by the Group Minimum Standard, OI-L2-112
Employee Training, Competency, and Certification.

10. REFERENCE DOCUMENTS

OI-L2-112 Employee Training, Competency, and Certification
OI-L2-715 Records Management
OI-L2-323 Permit to Work
OI-L2-324 Stop Work Process

10.1 FORMS

10.1.1 RISK ASSESSMENT M ATRIX

OI-L4-109-01 Risk Assessment Matrix

10.1.2 RISK ASSESSMENT FORM

OI-L4-109-02 Risk Assessment Form

10.2 ATTACHMENTS

10.2.1 RISK ASSESSMENT IN SOP

OI-L4-109-03 Risk Assessment in SOP

10.2.2 RISK MITIGATION HIERARCHY

OI-L4-109-04 Risk Mitigation Hierarchy

10.2.3 GUIDANCE: RISK ASSESSMENT IMPLEMENTATION

OI-L4-109-05 Guidance: Risk Assessment Implementation

__________________________________________________________________________________________

** End of Document **

Controlled printed copies carry authorised signature here.........................................................

__________________________________________________________________________________________

© SGS Group Management SA - 2018 - All rights reserved - SGS is a registered trademark of SGS Group Management SA

This is an uncontrolled copy when printed, unless signed by an authorised signatory.

The latest revision of this document and the official distribution list are those approved in the OIMS database.