Mars Petcare Safety Standard Book 6.2 Risk Assessment V1 - 0

MARS petcare
Machine Safety Standard
Book 6
6.2 RISK ASSESSMENT
Version 1.0
Machine Safety Standard - Book 6.2
TABLE OF CONTENT
REVISIONS.....................................................................................................................................................................................3
6.2. RISK ASSESSMENT .................................................................................................................................................... 4
6.2.1. Scope ................................................................................................................................................................... 4
6.2.2. Audience .............................................................................................................................................................. 4
6.2.3. Introduction .......................................................................................................................................................... 4
6.2.4. Exclusions ............................................................................................................................................................ 9
INTERNATIONAL STANDARDS RELATIONSHIP ........................................................................................10
DETAILS ON RISK ASSESSMENT AND RISK REDUCTION PER ISO 12100 .............................................11
B1 Legal requirements ........................................................................................................................................................ 11
B2 Risk assessment and risk reduction methodology ......................................................................................................... 12
EXAMPLES OF RISK ASSESSMENT ...........................................................................................................23
C1 Determination of the limit of the machinery.................................................................................................................... 23
C2 Hazard identification, risk estimation, risk evaluation and risk reduction ....................................................................... 26
HAZARDS LISTING .......................................................................................................................................31
TERMINOLOGY .............................................................................................................................................33
RASWIN SOFTWARE ....................................................................................................................................35
NOTE:
This part is one of a series of documents belonging to the Mars Machinery Safety Standard which includes altogether the
following parts:
6.1 OVERVIEW
6.2 RISK ASSESSMENT
6.3 MACHINE GUARDING REQUIREMENTS
6.4 SAFETY FUNCTIONS
6.5 CONTROL OF HAZARDOUS ENERGY
6.6 VALIDATION
6.7 CE-MARKING & DOCUMENTATION
Page 2 of 35
REVISIONS
Version Author Modification Released
V1.0 Rockwell Automation First Release 18/09/2017
PREVIOUS MARS STANDARD INTERCONNECTED REFERENCES
Page 3 of 35
6.2. RISK ASSESSMENT
6.2.1. Scope
In the safety of machinery context, the purpose of risk assessment is to identify hazards, and to estimate and evaluate risks so
that they can be reduced.
6.2.2. Audience
This section of the current Mars standard which is partly referential and partly instructional, is mainly intended for personnel
directly involved in safety machine related tasks as project engineers, maintenance engineers and SES/HSE personal.
6.2.3. Introduction
This document can be used as a risk assessment method.
6.2.3.1.1. Risk assessment and risk reduction
• Measures are required to improve the safety and health of workers at work.
o The employer is required to implement measures to:
 Avoid unacceptable risks
 Evaluate the risks which cannot be avoided
 Combat the risks at source
o Therefore, as per MARS HSE Standard Sites are required:
 Each site must develop / implement a formal site specific Risk Assessment Control Procedure that at
minimum details the local processes addressing the following minimum requirements:
 Identification and regular review of local regulatory requirements for Risk Assessment
 Determination of significant tasks or activities
 Formal risk assessment methodology
 Establishing effective controls
 Risk registry
 New or modified tasks or activities
 Training and competency
 Record-keeping requirements
Page 4 of 35
o Manufacturer shall insure that a risk assessment is carried out on their machinery.
 The machinery shall then be designed and constructed taking into account the results of the risk
assessment.
 Vendor shall provide a formal guarding risk assessment with any new machine prior to delivery
which will implement formal (ISO 12100 based) unit-process specific risk assessments that, at
minimum, shall include the following methodology:
• Determination of the limits of the machinery
• Hazard Identification
• Risk Estimation
• Risk Evaluation
• Determination of whether the risk has been adequately reduced
• If the hazard can be removed or reduced by inherently safe measures, reduction of risk by
design measures
• If the risk can be reduced by guards and protective devices, implementation of
complementary protective measures
• If the risk can be further reduced through communication of limits, publication of
information-for-use documents.
Page 5 of 35
6.2.3.1.2. Strategy for risk assessment and risk reduction
The following chart is a representation of the whole risk assessment and risk reduction process from ISO 12100 Safety of
machinery – General principles for design – Risk assessment and risk reduction
Page 6 of 35
6.2.3.1.3. Team-based approach for risk assessment
6.2.3.1.3.1. General
Risk assessment is generally more thorough and effective when performed by a team. The size of a team varies according to
the complexity of the machine and the process within which the machine is utilized.
The team brings together knowledge on different disciplines and a multiplicity of experience and expertise. The composition of
the team can vary during the risk assessment process according to the expertise required for a specific matter. A team leader
dedicated to the project shall be clearly identified as the success of the risk assessment depends on his/her skill.
Mars requires a minimum of two persons involved in the risk assessment process.
6.2.3.1.3.2. Composition of the team
The team shall have a team leader. The team leader is fully responsible for ensuring that all the task involved in planning
performing and documenting the risk assessment are carried out and that the results/recommendation are reported to the
appropriate person(s)
Team members are selected according to the skills and expertise required for the risk assessment.
The team includes those people who:
a. Can answer technical questions about design and functions of the machinery,
b. Have actual experience of how the machine is operated, set-up, maintained, serviced, etc.,
c. Have knowledge of the accident history if this type of machinery,
d. Have a good understanding of the relevant regulation, standards and in particular ISO 12100 and any specific safety
issues associated with the machinery, and
e. Understand human factors.
Page 7 of 35
6.2.3.1.4. Risk elements and risk scoring method
Risk shall be assessed using a risk scoring system. A risk scoring system, is a tool used to assess risk and how these factors
combine to determine a risk level. The risk factors typically evaluated are the Severity of harm and the Probability of occurrence
of that harm
There are numerous ways of assessing risk involved with a hazard, one of which is the Hazard Rating Number system. In this
technique, numerical values are assigned to descriptive phrases relating to...
• The likelihood of occurrence (LO) of coming into contact with the hazard
• The frequency of exposure (FE)
• The degree of possible harm (DPH)
• The number of persons exposed at the risk (NP)
A Hazard Rating Number is completed using the following calculation:
LO x FE x DPH x NP = HRN
HRN Risk Comment

Presents very little risk to health and safety. The residual risks are to be controlled by
0-5 Negligible Risk
awareness training and in some cases by warning signs.
These are risks that need to be reduced by applying suitable control measures but are
>5 - 50 Low but significant risk
not considered urgent
Having potentially dangerous hazards, which require control
>50 - 500 High risk
measures to be implemented urgently
These hazards are extreme and the equipment should not be operated until the level
> 500 Unacceptable Risk
has been reduced.
Note:
There is not a direct connection between the risk level estimated through the risk assessment process (Initial HRN) and the
determination of the PLr after risk reduction stage has established that a Safety Function is needed to reduce adequately the
risk. Mainly because we are talking about two different standards ISO 12100 and ISO 138491-1 and, ISO 12100 does not gives
a risk scoring system.
However, as a convention, the parameters used to determine the HRN can be used to determine the PLr in accordance with
table given in Annex B.2 in book 6.4 Safety functions.
Page 8 of 35
6.2.4. Exclusions
For the full understanding of the present document, study of the text of the referred ISO/EN standards is highly recommended.
However, due to international regulations about copyright, those standards cannot be delivered with the current document.
Therefore, it is advised to give legal access to those relevant standards to the concerned personnel.
Page 9 of 35
International Standards Relationship
Location: Worldwide Europe USA Canada Brazil Australia Japan South Korea China
Standard International Local Standard

type Standard
Risk ISO EN ISO ANSI/ISO CAN-CSA ABNT NBR ISO AS/NZS JIS B KS B ISO GB/T
assessment 12100 12100 12100 Z1002-12 12100 4024.1201 9700 12100 15706
& risk :2010 :2010 :2012 :2013 :2014 :2013 :2013 :2012
reduction
Risk ISO/TR
assessment 14121-2
-practical :2012
guidance
Page 10 of 35
DETAILS ON RISK ASSESSMENT AND RISK REDUCTION PER ISO 12100
B1 Legal requirements
Most developed countries have legal minimum health and safety requirements that will dictate safe machine design.
Generally, compliance with relevant standards provides a presumption of conformity with the corresponding requirements of
legislation. (See Appendix A)
A technical evidence documentation with reference to relevant standard shall be created and available.
Hazard identification and risk management process is the base of this technical file.
In the European Union
Regarding new machines, according to the Machinery Directive 2006/42/EC, Annex I, General Principles:
The manufacturer of machinery or his authorized representative must ensure that a risk assessment is carried out in order to
determine the health and safety requirements which apply to the machinery.
The machinery must then be designed and constructed taking into account the results of the risk assessment.
Machinery which predates 1995 must comply with Directive 2009/104/EC which details the minimum health and safety
requirements for the use of work equipment by workers at work.
It is the employers’ responsibility to ensure that the work equipment made available to workers is suitable for the task without
impairment to their health or safety. This directive came into force on 23rd of October 2009 and all machines must comply with
the requirements laid out in this directive.
Page 11 of 35
B2 Risk assessment and risk reduction methodology
About new machinery, even if the machine builder must perform the risk assessment related to the machinery is placing on the
market; the end user has to carry out an own risk assessment considering the specific environment and /or combination with other
machinery before production starting-up.
Regarding existing machinery functioning on site, it is necessary to have a risk assessment carried out on each of them in order
to ensure that risks are adequately reduced.
In case of new production line resulting has a combination of new and/or existing machinery, a risk assessment has to be carried
out on each of them (if not previously done) and in all cases at all interaction points between the machinery involved in the new
production layout.
Moreover, any modification to be done on a machinery, even if improves the safety level, requires a prior risk assessment.
The methodology indicated in the current document is suitable for new machinery, existing machinery and/or combination of both.
Risk assessment is generally more exhaustive and effective when performed by a team. The team should bring together
knowledge, experience and expertise on different disciplines.
The team should have a team leader fully responsible for ensuring that all the tasks involved in planning, performing and
documenting the risk assessment are carried out and the result/recommendations are reported to the appropriate person(s).
Team members should be selected according to skills and expertise required for the risk assessment. The team should include
those people who:
• can answer technical question about design and functions of the machinery,
• have actual experience of how the machinery is operated, set-up, maintained, serviced, etc.,
• have knowledge of the accident history of the type of machinery,
• have a good understanding of relevant regulations, standards (in particular ISO 12100) and any specific safety issues
associated with the machinery and
• understand human factors
Page 12 of 35
Risk assessment and risk reduction strategy is detailed in ISO 12100:2010 (Safety of machinery– General principles for design
– Risk assessment and risk reduction which
• Specifies basic terminology, principles and a method for achieving safety in the design of machinery.
• Specifies principals of risk assessment and risk reduction to help designers in achieving this objective
• Definitions
- Hazard: A potential source of harm e.g. mechanical/electrical hazard
- Risk: A combination of the probability of harm and the severity of that harm
- Risk Estimation: Defining the likely severity of harm and the probability of its occurrence
- Risk Evaluation: A judgment on the basis of risk analysis of whether risk reduction is required
- Risk Analysis: Combination of the specification of the limits of the machine, hazard identification and risk estimation
- Risk Assessment: Overall process comprising a risk analysis and risk evaluation
- Adequate Risk Reduction: Risk reduction that is at least in accordance with legal requirements taking into
consideration the current state of the art
Page 13 of 35
Stage 1: Determination of the limits of the machine
Risk assessment begins with the determination of the limits of the machinery taking into account all the phases of the
machinery life (i.e. transport, assembly and installation; commissioning; use; dismantling, disabling and scrapping). This means
that the characteristics and performances of the machine or a series of machines in an integrated process, and the related
people, environment and products should be identified in terms of the limits of machinery.
The objective of this step is to have a clear description of the mechanical and physical properties, functional capabilities of the
machine, its intended use and the reasonably foreseeable misuse and the type of environment in which it is likely to be used and
maintained. This is facilitated by an examination of the functions of the machinery and tasks associated with how the machine is
used
Use limits
Use limits include the intended use and the reasonably foreseeable misuse.
Different machine operating modes and different intervention procedures for the users, including interventions triggered by a
machine malfunction;
• The use of the machinery by persons identified by sex, age, dominant hand usage, or limiting physical abilities (visual or
hearing impairment, size, strength, etc.);
• The anticipated levels of training, experience or ability of users including:
 Operators,
 Maintenance personnel or technicians,
 Trainees and apprentices
• Exposure of other persons to the hazards associated with the machinery where it can be reasonably foreseen:
 Persons likely to have a good awareness of the specific hazards, such as operators of adjacent
machinery;
 Persons with little awareness of the specific hazards but likely to have a good awareness of site safety
procedures, authorized routes, etc., such as administration staff;
 Persons likely to have very little awareness of the machine hazards or the site safety procedures such
as visitors.
Space limits
• Range of movements,
• Space requirements for persons interacting with the machine, such as during operation and maintenance,
• Human interaction such as the operator–machine interface, and the machine–power supply interface.
Time limits
• Life limit of the machinery and/or of some of its components (tooling, parts that can wear, electromechanical components,
etc.), taking into account its intended use and reasonably foreseeable misuse, and
• Recommended service intervals.
Other limits
Examples:
• Properties of the material(s) to be processed,
• Housekeeping — the level of cleanliness required, and
Page 14 of 35
• Environmental — the recommended minimum and maximum temperatures, whether the machine can be operated
indoors or outdoors, in dry or wet weather, in direct sunlight, tolerance to dust and wet, etc.
Stage 2: Hazard identification
This is an identification of potential source of harm. The hazard is either permanently present during the intended use of the
machine, or can appear unexpectedly.
Human interaction, states of the machine (normal/abnormal), unintended behavior of the operator, foreseeable misuse all have
to be taken in account.
Table B1 from ISO 12100:2010 provides a list of potential hazards and can be used to help in identification of all hazards. The
table below illustrates examples of the main hazard groups.
1) Mechanical hazards (see Appendix D - part 1 for further details)
Origin
moving elements
Potential Consequences (list is not exhaustive)

− crushing
− shearing
− drawing-in
− entanglement
Origin
cutting elements

− cutting
− severing
Page 15 of 35
2) Electrical hazards (see Appendix D- part 2 for further details)
Origin
live electrical parts

− electric shock
− burn
− puncture
− scald
3) Thermal hazards (see Appendix D– part 3 for further details)
Origin
objects or materials with a high or low temperature
Potential consequences (list is not exhaustive)

− burn
4) Noise hazards (see Appendix D – part 4 for further details)
Origin
noisy manufacturing process

− fatigue
− hearing impairment
− loss of awareness
− stress
5) Vibration hazards (see Appendix D– part 5 for further details)
Origin
vibrating equipment

− osteo-articular disorder
− vascular disorder
Page 16 of 35
6) Radiation hazards (see Appendix D Error! Reference source not found.– part 6 for further details)
Origin
laser beam

− burn
− damage to eyes
7) Material / substance hazards (see Appendix DError! Reference source not found. – part 7 for further details)
Origin
Fumes

− breathing difficulties
− irritation
− poisoning
8) Ergonomic hazards (see Appendix D – part 8 for further details)
Origin
Posture

− discomfort
− fatigue
− musculoskeletal disorder
9) Hazards associated with the environment in which the machine is used (see Appendix D Error! Reference source
not found.– part 9 for further details)
Origin
dust and fog

slipping, falling;
suffocation
10) Combination of hazards
Origin
repetitive activity + effort + high environmental temperature
Potential consequences
dehydration, loss of awareness, heat stroke ….
Page 17 of 35
Stage 3: Initial risk estimation
For the risk estimation, a scoring system needs to be used to quantify the risk level of the hazard.
Although there are presently over 100 diverse methods for risk assessment the technique MARS prefers, to ensure global
consistency, is the Hazard Rating Number system.
The HRN is a qualitative method. Using this technique, it is possible to assign a number to a specific risk. In this case, higher
numbers represent greater risks.
Risk is described in EN ISO 12100 as a function of the severity of harm and the possibility of that harm happening, that consists
of the frequency of the event, the likelihood of occurrence and the number of persons exposed.
Probability of
occurrence that harm
FE Frequency of
exposure to the
hazard
Is a DPH Degree LO Likelihood of

Risk function of possible occurrence of the
harm and
of hazard
NP Number of persons
exposed to the hazard
Therefore, four parameters are evaluated in the HRN process:
HRN = DPH x FE x LO x NP
Each parameter has several options. The assessor, as far as possible based on the risk assessment team information, chooses
the most appropriate level from the lists shown below.
Degree of Possible Harm (DPH)

0.1 Scratch / Bruise
0.5 Burn, cut, short illness
2 Fracture: minor bone or minor illness (temporary)
4 Fracture: major bone or major illness (temporary)
6 Amputation of a limb, one eye or partial hearing loss
10 Amputation of two limbs, eyes or total loss of hearing or sight
15 Fatality
Page 18 of 35
Frequency of Exposure (FE)

0.5 Annually
1 Monthly
1.5 Weekly
2.5 Daily
4 Hourly
5 Constantly
Likelihood of Occurrence (LO)

0.033 Little/low possibility, extreme circumstances
1 Highly improbable, but still possible
1.5 Improbable, but still possible
2 Possible, but unusual
5 Although improbable, it may happen
8 Probable – Not surprising
10 Probable – Can be expected
15 Certain – No doubt
Number of Persons at Risk (NP)

1 1- 2 persons
2 3 - 7 persons
4 8 - 15 persons
8 16 - 50 persons
12 More than 50 persons
When each hazard has been assessed by multiplying the factors above, the result is compared with the chart below to assign a
level of risk.
HRN SCORE CHART

HRN Risk Comment
Presents very little risk to health and safety. The residual risks are to be controlled
0-5 Negligible Risk
by awareness training and in some cases by warning signs.
These are risks that need to be reduced by applying suitable control measures
>5 - 50 Low but significant risk
but are not considered urgent
Having potentially dangerous hazards, which require control
>50 - 500 High risk
measures to be implemented urgently
These hazards are extreme and the equipment should not be operated until the
> 500 Unacceptable Risk
level has been reduced.
Page 19 of 35
Stage 4: Risk reduction
The objective of risk reduction can be achieved by the elimination of hazards, or by separately or simultaneously reducing each
of the two elements that determine the associated risk:
⎯ Severity of harm from the hazard under consideration;
⎯ Probability of occurrence of that harm.
All protective measures intended for reaching this objective shall be applied following the three-step method given by ISO
12100:2010.
Process for risk reduction where each step must achieve the intended risk reduction before passing on to the next step
as shown in the following extract from ISO 12100
Page 20 of 35
Step 1: Inherently safe design measures
Safe design measures to eliminate hazards or reduce the associated risks by suitable choice of design features of the machine
itself and /or interaction between the exposed people.
Note: This is the only stage where the hazards can be eliminated avoiding any additional protective measures.
Examples
• Physical aspects - technical knowledge about the machine design and where possible, design the hazard out
• Geometrical factors e.g.
• Choice of technology e.g. belt versus chain
• Positive mechanical action principal e.g.
• Stability
• Maintainability
• Ergonomics
Step 2: Safeguarding and/or complementary protective measures
Appropriate safeguarding and complementary protective measures can be used taking into account the intended use and
foreseeable misuse when it is not possible to eliminate or sufficiently reduce the hazard by design.
Example of combination of guards and protective devices

1 Light curtain
2 Interlocking guard
3 Electrical cabinet
4 Internal fence allowing only sectional access
5 Pressure sensitive mat
6 Two-hand control device
7 Reset actuator
8 Distance guard
Page 21 of 35
Step 3: Information for use

• Intended use of the machine, instructions
• Location of the information
• Signals and warning devices (startup etc.)
• Markings, signs and written warnings
Notes:
Applying the 3 step method described here above, the final residual risk should be negligible (HRN 0-5 - Green).
In the rare case of this it is not possible and the limits cannot be specified again, the effective residual risk will be considered as
acceptable just because it cannot be further reduced.
In this special case, the Step 3 shall include also provision of Safe Operator Procedures and specific training to the authorized
person.
Page 22 of 35
Examples of Risk Assessment
C1 Determination of the limit of the machinery
Example 1
Page 23 of 35
Example 2
Page 24 of 35
Page 25 of 35
C2 Hazard identification, risk estimation, risk evaluation and risk reduction
The examples given hereafter have been done using the HRN method (and with the RASWin software: see Appendix F).
Therefore, information about report reading are given in the first one for an easier understanding.
Example 1
A Z01 All user modes Zone : Zone 1 - Conveyor Drive

Initial hazard evaluation Mode: All user modes Hazard level: High
B
01.1 - Cutting or severing hazard Operator can reach the open chain drive with hands.
Probability (LO): Probable , Not surprising

Exposure frequency (FE): Constant
Probable maximum loss (DPH): Loss of a limb, eye or hearing, permanent
Number of exposed persons (NP): 1-2 Persons
Hazard level (HRN): 240.00
C Corrective measures
Corrective measure No: 1

Selection of safeguard and/or protection device
Access to the hazardous zone during use is not necessary
Fixed safeguard without opening
Additional Information:
Fit a full chain guard to prevent contact with chain and sprocket in accordance with EN ISO 14120.
Reaching distance shall be in accordance with EN ISO 13857.
Final Hazard evaluation Mode: All user modes Hazard level: Negligible
D
Probability (LO): Little/low possibility, under extreme circumstances

Page 26 of 35
A) Information about zones and lifecycle phases of the machine where the hazard has been identified.
B) This the section where the initial hazard is identified:
- Identification number. In this example: 1.1 (Hazard 1 - Zone 1)
- Type of hazard. In this example: cutting or severing hazard (mechanical hazards)
- Hazard description. H In this example: Operator can reach the open chain drive with hands.
- Picture. A generic or a specific picture related to the hazardous situation is usually entered here.
- Initial HRN calculation is reported with detail about related factors.

The calculation of the initial Hazard Rating Number shall be done with no control measures in place as per risk
assessment standard statement.
This means that in case of existing machinery, the potential safety measures already in place have NOT to be
considered in the calculation.
In this example, the initial HRN has a high level and is highlighted in red.
C) This section is used to give information about the recommended Corrective Measures to bring the related hazard(s) to
an acceptable level (adequate risk reduction).
It is possible to insert a generic picture related to the type of safety measure advised (in this example a Fixed Guard).
Reference to the relevant standard is generally mentioned there.
D) Here, the final hazard calculation is reported. This is the potential final assessment when all proposed control measures
have been put in place. It is also possible to insert a picture with those measures graphically represented, like in this
example where the final HRN is negligible and highlighted green indicating that the risk reduction is acceptable.
All the previous parts of the report are common to new machines and existing machines.
The next section is appropriate for existing machines only.
This section of the document refers to the Gap Analysis.
A Hazard Rating Number is calculated identifying the real current situation and tacking into account the already existing
safety measure. This the HRN Gap.
Page 27 of 35
Current state (HRN Gap): Mode: All user modes Hazard level: Low but relevant
Probability (LO): Highly improbable, but still likely

Current corrective policies:

Current state num: 1
At to date, the hazard is partially controlled by a fixed guard with a too large aperture that allow to reach in.
Here, the information about the related hazard is described (ID number, type, description…)
A calculation of the HRN Gap is given as well as a description of the current state.
In the present example, the real residual risk is assessed as Low but relevant and is highlighted in orange.
Consideration:
Since relevant standards about risk assessment state that initial risk has to be assessed with no
control measure in place, in the case of existing equipment it is recommended to proceed to the
gap analysis in order to give the real and current risk level and provide first perception about
remediation works impact and possible prioritization.
Page 28 of 35
Example 2
Z02 All user modes Pallet hoist

02.3 - Crushing hazard Hazards due to contact with the moving pallet hoist. Access at the full pallet outfeed
Probability (LO): Possible, but unusual

Exposure frequency (FE): Hourly
Probable maximum loss (DPH): Fatality
Corrective measures

Protection devices
Light curtains
Additional information:
Fit a muted light barrier. The installation should be in accordance with EN 415-4.

Current state (HRN Gap): Mode: All user modes Hazard level: High


Current state No. 1
A light barrier is fitted but the gap between the light barrier and the pallet is over 500 mm on one side
Page 29 of 35
Example 3
Z02 All user modes Pallet hoist

02.6 - Combined hazards Hazards due to becoming trapped in the pallet hoist section of the machine

Corrective measures

Trapped key system
Additional information:
Ensure that the doors cannot be closed with persons inside the guarding. This can be
achieved by the provision of a key exchange system.
The alternative is to fit a pre-start warning alarm and an internal emergency stop to
allow a trapped person to prevent restart.
Current state (HRN Gap): Mode: All user modes Hazard level: High


Current state No. 1
The machine is supplied with a key entry system but there is no exchange key to be retained by the exposed person. There is no internal
emergency stop of pre-start warning.
Page 30 of 35
Hazards Listing
The following table is an abstract from Table B1 EN ISO 12100:2010
Number Type Example of Hazards Related relevant

Origin a Potential consequences b standards c
1 Mechanical ⎯ acceleration, deceleration; ⎯ being run over; ISO 13851
hazards ⎯ angular parts; ⎯ being thrown; ISO 13854
⎯ approach of a moving element ⎯ crushing; ISO 13855
ISO 13856
to a fixed part; ⎯ cutting or severing;
ISO 13857
⎯ cutting parts; ⎯ drawing-in or trapping; ISO 14119
⎯ elastic elements; ⎯ entanglement; ISO 14120
⎯ falling objects; ⎯ friction or abrasion; ISO 4413
⎯ gravity; ⎯ impact; ISO 4414
⎯ height from the ground; ⎯ injection;
⎯ high pressure; ⎯ shearing;
⎯ instability; ⎯ slipping, tripping and falling;
⎯ kinetic energy; ⎯ stabbing or puncture;
⎯ machinery mobility; ⎯ suffocation.
⎯ moving elements;
⎯ rotating elements;
⎯ rough, slippery surface;
⎯ sharp edges;
⎯ stored energy;
⎯ vacuum.
2 Electrical ⎯ arc; ⎯ burn; IEC 60204-1
hazards ⎯ electromagnetic phenomena; ⎯ chemical effects;
⎯ electrostatic phenomena; ⎯ effects on medical implants;
⎯ live parts; ⎯ electrocution;
⎯ not enough distance to live parts ⎯ falling, being thrown;
under high voltage; ⎯ fire;
⎯ overload; ⎯ projection of molten particles;
⎯ parts which have become live ⎯ shock.
under fault conditions;
⎯ short-circuit;
⎯ thermal radiation.
3 Thermal ⎯ explosion; ⎯ burn;
hazards ⎯ flame; ⎯ dehydration;
⎯ objects or materials with a high ⎯ discomfort;
or low temperature; ⎯ frostbite;
⎯ radiation from heat sources. ⎯ injuries by the radiation of heat sources;
⎯ scald.
4 Noise ⎯ cavitation phenomena; ⎯ discomfort; ISO 15667
hazards ⎯ exhausting system; ⎯ loss of awareness; ISO 14163
⎯ gas leaking at high speed; ⎯ loss of balance; ISO/TR 11688-1
ISO 11689
⎯ manufacturing process ⎯ permanent hearing loss;
(stamping, cutting, etc.); ⎯ stress;
⎯ moving parts; ⎯ tinnitus;
⎯ scraping surfaces; ⎯ tiredness;
⎯ unbalanced rotating parts; ⎯ any other
⎯ whistling pneumatics; (for example, mechanical, electrical) because
⎯ worn parts. of an interference with speech
communication or with acoustic signals.
Page 31 of 35
5 Vibration ⎯ cavitation phenomena; ⎯ discomfort; EN 1299

hazards ⎯ misalignment of moving parts; ⎯ low-back morbidity;
⎯ mobile equipment; ⎯ neurological disorder;
⎯ scraping surfaces; ⎯ osteo-articular disorder;
⎯ unbalanced rotating parts; ⎯ trauma of the spine;
⎯ vibrating equipment; ⎯ vascular disorder.
⎯ worn parts.
6 Radiation ⎯ ionizing radiation source; ⎯ burn; EN 12198-1
Hazards ⎯ low frequency electromagnetic ⎯ damage to eyes and skin; EN 12198-3
radiation; ⎯ effects on reproductive
⎯ optical radiation (infrared, visible capability;
and ultraviolet), including laser; ⎯ mutation;
⎯ radio frequency electromagnetic ⎯ headache, insomnia, etc.
radiation.
7 Material/ ⎯ aerosol; ⎯ breathing difficulties, ISO 14123-1
substance ⎯ biological and microbiological suffocation;
hazards (viral or bacterial) agent; ⎯ cancer;
⎯ combustible; ⎯ corrosion;
⎯ dust; ⎯ effects on reproductive
⎯ explosive; capability;
⎯ fibre; ⎯ explosion;
⎯ flammable; ⎯ fire;
⎯ fluid; ⎯ infection;
⎯ fume; ⎯ mutation;
⎯ gas; ⎯ poisoning;
⎯ mist; ⎯ sensitization.
⎯ oxidizer.
8 Ergonomic ⎯ access; ⎯ discomfort; ISO 6385
hazards ⎯ design or location of indicators ⎯ fatigue; ISO 9355-1
and visual displays units; ⎯ musculoskeletal disorder; ISO 9355-3
⎯ design, location or identification ⎯ stress; ISO 10075
of control devices; ⎯ any other (for example, ISO 10075-2
⎯ effort; mechanical, electrical) as a EN 614-1
⎯ flicker, dazzling, shadow, consequence of a human error. EN 13861
stroboscopic effect; IEC 61310.
⎯ local lighting;
⎯ mental overload/underload;
⎯ posture;
⎯ repetitive activity;
⎯ visibility.
9 Hazards ⎯ dust and fog; ⎯ burn;
associated ⎯ electromagnetic disturbance; ⎯ slight disease;
with the ⎯ lightning; ⎯ slipping, falling;
environment ⎯ moisture; ⎯ suffocation;
in which the ⎯ pollution; ⎯ any other as a consequence of
⎯ snow; the effect caused by the sources of the
machine is
⎯ temperature; hazards on the machine or parts of the
used ⎯ water; machine.
⎯ wind;
⎯ lack of oxygen.
10 Combination ⎯ for example, repetitive activity + ⎯ for example, dehydration, loss
of hazards effort + high environmental of awareness, heat stroke
temperature
a - A single origin can have several potential consequences.
b - Some potential consequences can be related to several origins of hazard.
c - It is not an exhaustive list of standards.
Page 32 of 35
Terminology
In alphabetical order
Adequate risk reduction: Risk reduction at least in accordance with the legal requirements under consideration of
the current state of the art.
Danger zone: Any zone within and/or around machinery in which a person is exposed to risk of injury or
damage to health.
Diagnostic function: Function intended to detect faults in the control system and produce a specified output
information or activity when a fault is detected.
Emergency situation: Hazardous situation needing to be urgently ended or averted.
Exposed person: Any person wholly or partially in a danger zone.
Failure: The termination of the ability of an item to perform a required function.
Harm: Physical injury or damage to health.
Hazard: A source of possible injury or damage to health.
Hazardous machine function: Any function of a machine, which generates a hazard when operating.
Hazardous situation: Any situation in which a person is exposed to a hazard or to hazards.
Inherently Safe Design Protective measure which either eliminates hazards or reduces the risks associated with
Measure: hazards by changing the design or operating characteristics of the machine without the
use of guards or protective devices.
Machine control system: System which responds to an input from, for example, the process, other machine
elements, an operator, external control equipment, and generates an output(s) causing
the machine to behave in the intended manner.
Machinery: An assembly of linked parts or components at least one of which moves with the
appropriate machine actuators control and power circuits, etc. joined together for a
specific application, in particular for the processing treatment, moving or packaging of a
material.
Operator: The person or persons given the task of installing, operating, adjusting, maintaining,
cleaning, repairing or transporting machinery.
Performance Level: Discrete Level used to specify the ability of the safety –related parts of a control system to
perform a safety function under unforeseeable conditions
Preliminary Hazard Analysis: PHA is an inductive method, whose objective is to identify, for all phases of life of a
specified system / subsystem / component the hazards, hazardous situations and
hazardous events which could lead to an accident.
Procedures and training: Formal or informal training, checklists, certification or experience requirements, personal
protective equipment use.
Protective Measure: Measure intended to achieve risk reduction.
Reasonably foreseeable The predictable use of a machine in a way not intended by the supplier or user, but which
misuse: may result from human behavior.
Reliability: The ability of a machine or components, or equipment to perform a required function
under specified conditions and for a given period of time without failing.
Residual risk: Risk remaining after safety measures have been taken.
Page 33 of 35
Risk Analysis: Combination of the specification of the limits of the machine, hazard identification and risk
estimation
Risk Assessment: A comprehensive estimation of the probability and the degree of the possible injury or
damage to health in a hazardous situation in order to select appropriate safety measures.
Overall process comprising a risk analysis and risk evaluation.
Risk Estimation: Defining the likely severity of harm and the probability of its occurrence.
Risk Evaluation: A judgment on the basis of risk analysis of whether risk reduction is required.
Risk: A combination of the probability and the degree of the possible injury or damage to health
in a hazardous situation.
Safeguarding: Protective measure using safeguards to protect persons from the hazards which cannot
reasonably be eliminated or from the risks which cannot be sufficiently reduced by
inherently safe design measures
Safety Component: A component placed on the market separately to fulfil a safety function when in use and
the failure or malfunctioning of which endangers the safety or health of exposed persons
Safety function: Function of a machine whose failure can result in an immediate increase of the risk(s)
(as defined in ISO 12100, ISO 13849-1 and IEC 62061)
Safety Integrity: Probability of a Safety Related Electrical Control System or its subsystem satisfactorily
performing the required safety functions under all stated conditions
Safety of control systems: Ability of safety-related parts of a control system to perform their safety function(s) for a
given time according to their specified category or performance level
Safety of machine: The ability of a machine to perform its function, to be transported, installed, adjusted,
maintained, dismantled and disposed of under conditions of intended use specified in the
instruction handbook without causing injury or damage to health.
Safety Related Part of a Control Part of a control system that responds to safety-related input signals and generates
System (SRP/CS): safety-related output signals
Safety-related electrical control Electrical, electronic or programmable electronic part of a machine control system whose
system (SRECS): failure can result in an immediate increase of the risk(s)
Task: Any specific activity that is done on or around the machine during its lifecycle.
Warning devices: Visible/audible alarms to trigger avoidance or corrective responses (e.g., signals, lights,
signs, and horns). Training and discipline in recognizing and responding is necessary.
Their value to personnel with vision or hearing impairments is questionable.
Page 34 of 35
RASWin SOFTWARE
Originally, RASWin software has been created to help the user in managing the risk assessment process of a machinery or
combination of machinery.
Today, RASWin software can be used to manage the progression through the whole safety lifecycle.
The main features of RASWin are:

• Definition of the hazard areas
• Risk-analysis module in accordance with ISO 12100 and ISO TR 22100-2
• Corrective measures based on ISO standards – guided solutions
• PL calculation module
• Safety requirements specifications
• Validation
• Safety project management
RASWin is part of the Rockwell Automation Safety Lifecycle Toolkit.
To use RASWin a regular license is required.

A demo version is downloadable at the following address:
http://www.rockwellautomation.com/global/support/configuration.page
Page 35 of 35

Mars Petcare Safety Standard Book 6.2 Risk Assessment V1 - 0

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Mars Petcare Safety Standard Book 6.2 Risk Assessment V1 - 0

Uploaded by

Copyright:

Available Formats

MARS petcare

Machine Safety Standard

Version Author Modification Released

V1.0 Rockwell Automation First Release 18/09/2017

PREVIOUS MARS STANDARD INTERCONNECTED REFERENCES

6.2. RISK ASSESSMENT

6.2.3.1.1. Risk assessment and risk reduction

6.2.3.1.2. Strategy for risk assessment and risk reduction

6.2.3.1.3. Team-based approach for risk assessment

6.2.3.1.3.2. Composition of the team

The team includes those people who:

6.2.3.1.4. Risk elements and risk scoring method

• The frequency of exposure (FE)

• The degree of possible harm (DPH)

• The number of persons exposed at the risk (NP)

A Hazard Rating Number is completed using the following calculation:

HRN Risk Comment

International Standards Relationship

Standard International Local Standard

DETAILS ON RISK ASSESSMENT AND RISK REDUCTION PER ISO 12100

In the European Union

B2 Risk assessment and risk reduction methodology

Stage 1: Determination of the limits of the machine

Stage 2: Hazard identification

1) Mechanical hazards (see Appendix D - part 1 for further details)

Potential Consequences (list is not exhaustive)

Potential Consequences (list is not exhaustive)

2) Electrical hazards (see Appendix D- part 2 for further details)

Potential Consequences (list is not exhaustive)

3) Thermal hazards (see Appendix D– part 3 for further details)

Potential consequences (list is not exhaustive)

4) Noise hazards (see Appendix D – part 4 for further details)

Potential consequences (list is not exhaustive)

5) Vibration hazards (see Appendix D– part 5 for further details)

Potential consequences (list is not exhaustive)

Potential consequences (list is not exhaustive)

Potential consequences (list is not exhaustive)

8) Ergonomic hazards (see Appendix D – part 8 for further details)

Potential consequences (list is not exhaustive)

Potential consequences (list is not exhaustive)

10) Combination of hazards

Stage 3: Initial risk estimation

Is a DPH Degree LO Likelihood of

Therefore, four parameters are evaluated in the HRN process:

Degree of Possible Harm (DPH)

Frequency of Exposure (FE)

Likelihood of Occurrence (LO)

Number of Persons at Risk (NP)

HRN SCORE CHART

Stage 4: Risk reduction

Step 1: Inherently safe design measures

Step 2: Safeguarding and/or complementary protective measures

Example of combination of guards and protective devices

Step 3: Information for use

Examples of Risk Assessment

C1 Determination of the limit of the machinery

C2 Hazard identification, risk estimation, risk evaluation and risk reduction

A Z01 All user modes Zone : Zone 1 - Conveyor Drive

Probability (LO): Probable , Not surprising

Hazard level (HRN): 240.00

Corrective measure No: 1

Probability (LO): Little/low possibility, under extreme circumstances

Hazard level (HRN): 0.99