Professional Documents
Culture Documents
IAEA
FOREWORD
by Mohamed ElBaradei
Director General
The IAEAs Statute authorizes the Agency to establish safety standards to protect health and
minimize danger to life and property standards which the IAEA must use in its own
operations, and which a State can apply to its nuclear and radiation related facilities and
activities. A comprehensive body of safety standards under regular review, together with the
IAEAs assistance in their application, has become a key element in a global safety regime.
In the mid-1990s, a major overhaul of the IAEAs safety standards programme was initiated,
with a revised oversight committee structure and a systematic approach to updating the entire
corpus of standards. The new standards that have resulted are of a high calibre and reflect best
practices in Member States. With the assistance of the Commission on Safety Standards, the
Agency is working to promote the global acceptance and use of its safety standards.
Safety standards are only effective, however, if they are properly applied in practice. The
IAEAs safety services which range in scope from engineering safety, operational safety,
and radiation, transport and waste safety to regulatory matters and safety culture in
organizations assist Member States in applying the standards and appraise their
effectiveness. These safety services enable valuable insights to be shared and I continue to
urge all Member States to make use of them.
Regulating safety in nuclear and radiation related activities is a national responsibility, and
many Member States have decided to adopt the IAEAs safety standards for use in their
national regulations. For the Contracting Parties to the various international safety
conventions, IAEA standards provide a consistent, reliable means of ensuring the effective
fulfillment of obligations under the conventions. The standards are also used around the world
by organizations that design, manufacture and apply nuclear and radiation related
technologies in power generation, medicine, industry, agriculture, research and education.
The IAEA takes seriously the enduring challenge for operators and regulators everywhere
of ensuring a high level of safety in the use of nuclear and radioactive materials around the
world. Their continuing utilization for the benefit of humankind must be managed in a safe
manner, and the IAEA safety standards are designed to facilitate the achievement of that goal.
ii
CONTENTS
1. INTRODUCTION
BACKGROUND
OBJECTIVE
SCOPE
STRUCTURE
2. MANAGEMENT SYSTEM
GENERAL REQUIREMENTS
SAFETY CULTURE
GRADING THE APPLICATION OF MANAGEMENT SYSTEM
REQUIREMENTS
DOCUMENTATION OF THE MANAGEMENT SYSTEM
3. MANAGEMENT RESPONSIBILITY
MANAGEMENT COMMITMENT
SATISFACTION OF INTERESTED PARTIES
ORGANIZATIONAL POLICIES
Developing the policies
Implementing policies
Safety, Health and Environment Policies
Quality policy
Change management policy
Security policy
PLANNING
RESPONSIBILITIES AND AUTHORITY FOR THE MANAGEMENT SYSTEM
4.
RESOURCE MANAGEMENT
PROVISION OF RESOURCES
Resources provided by suppliers and partners
Managing information and knowledge
HUMAN RESOURCES
INFRASTRUCTURE AND THE WORKING ENVIRONMENT
Managing material assets
Replacing old technologies
5. PROCESS IMPLEMENTATION
DEVELOPING PROCESSES
Process model
PROCESS MANAGEMENT
GENERIC MANAGEMENT SYSTEM PROCESSES
Control of documents
Control of products
Measuring and testing equipment
Control of records
Purchasing
Communication
Managing organizational change
PROCESSES COMMON TO ALL STAGES
Project management
Work planning and control
Workplace risk assessment
Personnel safety
Control and supervision of contractors
Design
1
1
1
1
2
3
3
5
iii
25
26
29
29
29
31
31
32
34
35
36
36
36
37
39
39
39
40
41
42
42
43
44
44
45
47
48
48
49
52
54
54
56
56
56
57
61
62
64
65
66
Configuration management
Plant modification
Maintenance
Housekeeping and cleanliness
Handling and storage
Inventory management
Identification and labelling of systems, structures and components
Waste management
Environmental management
Regulatory interface
Information technology
Fire protection
Security
6. MEASUREMENT, ASSESSMENT AND IMPROVEMENT
MONITORING AND MEASUREMENT
Management oversight
SELF-ASSESSMENT
Self assessment by senior management
Self assessment by managers and individuals
INDEPENDENT ASSESSMENT
Types of independent assessment
MANAGEMENT SYSTEM REVIEW
NON-CONFORMANCES, CORRECTIVE AND PREVENTIVE ACTIONS
Non-conformance control
Corrective actions
Preventive actions
Event Reporting
IMPROVEMENT
APPENDIX I METHODOLOGY FOR GRADING THE APPLICATION OF
MANAGEMENT SYSTEM REQUIREMENTS
APPENDIX II: MANAGEMENT SYSTEM FOR THE RESEARCH AND DEVELOPMENT
STAGE OF A NUCLEAR FACILITY
APPENDIX III: MANAGEMENT SYSTEM FOR THE SITING STAGE OF A NUCLEAR
FACILITY
APPENDIX IV: MANAGEMENT SYSTEM FOR THE DESIGN STAGE OF A NUCLEAR
FACILITY
APPENDIX V: MANAGEMENT SYSTEM FOR THE CONSTRUCTION STAGE OF A
NUCLEAR FACILITY
APPENDIX VI: MANAGEMENT SYSTEM FOR THE COMMISSIONING STAGE OF A
NUCLEAR FACILITY
APPENDIX VII: MANAGEMENT SYSTEM FOR THE OPERATION STAGE OF A
NUCLEAR FACILITY
APPENDIX VIII: MANAGEMENT SYSTEM FOR THE DECOMMISSIONING STAGE OF
A NUCLEAR FACILITY
REFERENCES
ANNEX I EXAMPLE OF THE CONTENTS OF A BUSINESS PLAN
GLOSSARY
CONTRIBUTORS TO DRAFTING AND REVIEW
iv
80
82
82
82
83
85
86
86
87
88
88
90
90
91
91
91
93
93
94
98
99
101
102
103
103
105
105
106
109
110
118
119
120
130
131
132
133
135
139
141
1. INTRODUCTION
BACKGROUND
1.1.
This Safety Guide supports the Safety Requirements publication on The Management
System for Facilities and Activities [1]. It provides supplementary guidance to the generic
guidance provided in Ref. [2] to enable nuclear facilities1 to comply with the requirements
established in Ref. [1].
1.2
This Safety Guide is part of a series of publications produced by the IAEA dealing
with management systems. Application of the requirements and guidance on the management
system throughout the lifetime of a nuclear facility will contribute to the achievement and
enhancement of high levels of safety standards.
1.3.
Methods and solutions other than those set out in this Safety Guide for fulfilling the
requirements established in Ref. [1] might be acceptable provided they result in at least the
same level of safety.
OBJECTIVE
1.4.
in Ref. [2] for establishing, implementing, assessing and continually improving a management
system which integrates elements of safety, health, environment, security 2 , quality and
economics3. All the topics have a corresponding requirement within Ref. [1].
SCOPE
1.5.
This Safety Guide is applicable the lifetime of a nuclear facility. This includes any
subsequent period of control until there is no significant residual radiation hazard. For a
facility,
this
includes
siting,
design,
construction,
commissioning,
operation
and
Nuclear facilities include nuclear power plants, other reactors (such as research reactors and critical
assemblies), and fuel cycle facilities.
2
This Safety Guide covers the security of nuclear facilities, nuclear material and sources of radiation only to the
extent that security measures for physical protection are essential to safety and the failure of such measures has
consequences for safety.
3
Economic objectives are included in the list of elements that have to be integrated, as it is recognized that
economic decisions and actions may introduce or may mitigate potential risks.
decommissioning (or close-out or closure). The lifetime stages of a nuclear facility might
overlap each other.
1.6.
The guidance in this publication should be used in conjunction with the generic
guidance provided in Ref. [2]. An indication is provided in each section if this guide provides
supplementary guidance to Ref. [2] or if there is no supplementary guidance to Ref. [2].
1.7.
should be included within the suppliers management system for the supply and
delivery of products5.
STRUCTURE
1.8.
This term covers research on items, services and processes impacting safety during the siting, design,
construction, commissioning, operation and decommissioning of a nuclear facility, and the carrying out of the
research activities for which a nuclear facility (e.g. research reactor) is built.
5
A product is an output from a process. Examples include a maintained piece of equipment, or electricity.
6
Senior management means the person who, or group of people which, directs, controls and assesses an
organization at the highest level. In nuclear facilities many different terms are used, including, for example: chief
executive officer (CEO), director general, executive team, plant manager, top manager, site vice-president,
managing director.
4
Section 5 provides guidance on how the processes of the facility can be identified
management system;
GENERAL REQUIREMENTS
GS-R-3 [1] states in paras 2.1 to 2.4 that:
Bringing together in a coherent manner all the requirements for managing the
facility;
Safety shall be paramount within the management system, overriding all other demands.
The management system shall identify and integrate with the requirements contained within
this publication:
stakeholders7);
Requirements from other relevant codes and standards adopted for use by the
organization.
The organization shall be able to demonstrate the effective fulfilment of its management
system requirements.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
2.1.
Senior management should be the sole source of operational direction of the facility.
The management system should define the responsibilities of the process owners and of the
line organization, so that there are clear lines of authority and accountability. The process
owners should support the operational direction with the responsibility to develop effective
processes and to ensure they remain effective. The line organization implements the processes
within their areas of responsibility. More information regarding the operating organization can
be found in Ref. [10].
2.2.
It should be clear within the management system what the reporting mechanisms are
and who has specific reporting responsibilities regarding what, when and how to report and to
whom.
2.3.
Guidance on the processes to be addressed in the management system for the different
stages in the lifetime of the nuclear facility is given in appendices II to VIII of this Safety
Guide. The utility may establish separate organizations for these stages or may combine them
Stakeholder: interested party; concerned party. Stakeholder means an interested party whether a person or a
company, etc. with an interest or concern in ensuring the success of an organization, business, system, etc. To
have a stake in something figuratively means to have something to gain or lose by, or to have an interest in, the
turn of events. The term stakeholder is used in a broad sense to mean a person or group having an interest in the
performance of an organization. Those who can influence events may effectively become interested parties
whether their interest is regarded as genuine or not in the sense that their views need to be considered.
Interested parties have typically included the following: customers, owners, operators, employees, suppliers,
partners, trade unions, the regulated industry or professionals; scientific bodies; governmental agencies or
regulators (local, regional and national) whose responsibilities may cover nuclear energy; the media; the public
(individuals, community groups and interest groups); and other States, especially neighboring States that have
entered into agreements providing for an exchange of information concerning possible transboundary impacts, or
States involved in the export or import of certain technologies or materials.
7
facility. It should be recognized that many activities and outputs from one stage may be
necessary to aid work during later stages and may affect the way that this work is carried out.
The management system, when applied in practice, should give the assurance that the nuclear
facility will conform to specified requirements.
SAFETY CULTURE
GS-R-3 [1] states in para 2.5 that:
The management system shall be used to promote and support a strong safety culture by:
Ensuring a common understanding of the key aspects of safety culture within the
facility;
Providing the means by which the facility supports individuals and teams to carry
out their tasks safely and successfully, taking into account the interaction between
Providing the means by which the facility continually seeks to develop and
improve its safety culture.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
2.4.
organization should rely on a common understanding of the concept itself. Every organisation
has a culture, however only an organization with safety as a primary goal (for example, safety
always taking priority over production) can be said to have developed a safety culture.
2.5.
code of conduct that reflects safety values that are commonly shared by all individuals.
Ultimately the safety culture is revealed in the visible individual and collective behaviours of
the organization.
2.6.
Senior management should establish and promote a set of safety principles to serve as
guidance to taking decisions and promoting behaviour. Examples of such principles used in
some organizations are as follows:
2.7.
good safety culture should be a prerequisite, so that everyone can seek and identify strengths
and weaknesses and thereby enhance the safety culture. The following framework consists of a
set of five key safety culture characteristics, which in turn contain a number of attributes that
are related to safety outcomes. The key characteristics are illustrated below. Furthermore, the
attributes are described together with some guidance on what to look for in relation to these
attributes.
2.8.
Safety is a clearly
recognized value
Safety is integrated
into all activities
Safety is
learning driven
SAFETY
CULTURE
CHARACTERISTICS
Leadership for
safety is clear
Accountability for
safety is clear
The ways that an organization makes and communicates decisions are considered very
important parts of the safety culture because decisions represent values in action. The stated
goals, strategies and plans for the organization establish its objectives and priorities in the
short and longer terms. Reference [1] states that Safety shall be paramount within the
management system, overriding all other demands. Management should consider safety when
establishing goals, strategies and plans, and should use the declared priorities and objectives
when allocating resources.
Attributes:
Refs [12] and [31] require the establishment of a safety policy which states the
individuals;
Resource allocations should be in line with the stated priorities and safety
production or other factors ahead of safety and should take care to explain them
to individuals.
Strategic and longer range planning processes should take account of known
and potential safety issues;
Safety conscious behaviour is socially accepted and supported (both formally and
informally):
conscious behaviour;
Senior managers should be the leading advocates of safety and should demonstrate
their commitment in both words and actions. The safety message should be communicated
frequently and consistently. Leaders should create cultures by their actions (and inactions) and
by the values and assumptions they communicate. A leader is someone who has an influence
on the thoughts, attitudes and behaviour of others. Leaders cannot completely control the
safety culture, but they influence it. Leaders throughout the organization should set an
example for safety, for example through their direct involvement in training and field
oversight of important activities. Individuals in the organization generally deliver the levels of
performance that leaders personally demonstrate. Standards should therefore be set for aspects
that are important for safety.
Attributes:
Leaders should establish clear expectations for performance in areas that affect
Leaders should not accept below standard safety performance for any reason;
weaknesses or vulnerabilities.
organizational);
groups;
A succession plan should be put in place to develop future managers that would
include safety culture aspects.
Individuals should only perform work for which they are trained and qualified;
There should be a systematic approach to training and qualification;
Staffing levels should be consistent with the demands related to safety and
reliability.
10
Leaders should actively seek dissenting views and diverse perspectives and
Individuals should be able to say that their opinion matters and should be able
Leaders should make sure that open communication is valued and potential
and honest manner and should maintain healthy relationships with individuals;
blockages are addressed;
Leaders should visit individuals at their work locations and where possible
should conduct open forum meetings to explain the context for issues and
decisions. Leaders should encourage individuals to ask questions.
When needed, fair and objective methods should be used to resolve conflict and
to settle disputes.
11
Management should establish the authority and decision making powers for all
positions in the organization. These powers should be exercised and there should be clear lines
of authority for safety matters. Accountability means that each individual should know their
specific assigned tasks (i.e. what they have to accomplish and by when, and how to recognize
good results); individuals should either execute these tasks as expected or should report to
their supervisor if they are not able to execute them. The behaviour of management towards
regulators should be such that strong signals are sent to the organization about respect for rules
and the importance of safety. An independent and constructive relationship should therefore
exist between the organization and the regulator.
Attributes:
An appropriate relationship with the regulatory body exists that ensures that the
accountability for safety remains with the licensee:
The regulatory body should perceive the licensee to be open and timely in their
guidance;
Individuals should understand their roles and responsibilities for safety, and
Individuals should know where to go for help with safety issues and should
responsibilities for all aspects of safety under its control (Refs [12] and [31]);
12
When contractors are involved with work, their roles and responsibilities for
safety should normally be defined in contractual documents. Affected
be in the hands of the user and consulted) and adherence (i.e. the degree of
compliance expected) should be clear and well known to individuals;
All
should
observations.
decisions
open
communication
preferably
or
have
reporting
clear
concerns
single-point
or
unusual
Ownership for safety is evident at all organizational levels and for all
individuals:
Individuals should have their own targets regarding safety and continually seek
Individuals should take care of the safety of their own working environment;
improvement.
2.12.
The culture of an organization should embrace everything it does and so, in a healthy
safety culture, it should be clearly apparent that safety is integrated into all activities in the
organization.
Attributes:
Consideration for all types of safety, including industrial and environmental safety
Individuals should follow the approved plans and should seek proper approvals
and efficiently (e.g. resources should be matched to demands, spares and tools
should be available when needed).
Individuals should have a good understanding not only of their own work
processes, but also how these processes interact with other processes.
The reward systems should be aligned with safety policies and should reinforce
14
performance;
People should have a sense of pride in their work and should feel that their
Good working conditions exist with regard to time pressures, workload and stress:
The scheduling of safety critical tasks during night work should be avoided;
working environment;
Individuals should interact with openness and trust and should routinely offer
15
Safety is learning-driven
2.13.
benchmarking and self-assessments are often used to stimulate learning and improve
performance.
Attributes:
Individuals should notice and should be able to question unusual signs and
Management should be questioning of its own attitudes and insights and should
actively seek independent views.
Periodic safety culture assessments should be conducted and used as the basis
adjusted;
16
Organizational and operating experience (both internal and external to the facility)
are used:
Processes should be in place to obtain, review and apply available internal and
ensure that the organization learns and applies the relevant lessons;
Individuals should have confidence in the corrective action processes and they
should be able to point to examples of problems they have reported which have
been fixed;
Checks should be made to see that the actions taken fix the problems;
There should be a low rate of repeat events or errors.
Safety performance indicators are tracked, trended and evaluated and acted upon:
The causes of safety events and adverse trends should be identified and acted
Action should be taken when safety performance does not match the goals,
The organization should be alert to detect and respond to indicators that may
17
2.14.
in place;
of the means by which individuals could achieve this understanding. Such training should not
be considered a one off event, but should be a regularly occurring event given to all
individuals, including the senior management team. As the concept of safety culture develops
in the organization, these training events and opportunities should also serve as a means of
developing the organizations basic framework for safety culture.
2.15.
culture, particularly in the initial efforts to raise the awareness of safety culture issues in the
organization. As the safety culture develops within the organization, these facilitation skills
should be developed for all individuals who will serve in leadership positions.
2.16.
2.18.
Implement change;
When considering how to improve the safety culture it should be recognized that the
organization already has a safety culture in some form that will have been influenced by the
organizational culture, the organizations history and experience, and other cultural forces (e.g.
national culture). The challenge is to transform the safety culture to a state that is more
appropriate to that needed for the organizations future success. Changing the safety culture
should not be a stand-alone goal; it should be a way to contribute to the achievement of the
organizational goals. It should be recognized that it often takes several years to achieve a
major change in the safety culture.
2.19.
The best way to start changing the culture is to concentrate on what the new way of
working should be and to clarify and communicate any new behaviour and thinking. The list
of characteristics of a positive safety culture described above could help to identify the desired
future state of the organizations safety culture. Once the desired future state is well
understood, the present state of the safety culture should be assessed to determine the gap
between the desired future state and the present state. The assessment should provide
information on how the existing safety culture can help in achieving the desired new way of
working and thinking. It should also identify safety culture issues that may hinder the
achievement of goals, strategies, plans and objectives. A specific programme of safety culture
change should then be designed to deal with these issues. The entire safety culture need not be
changed; only elements of it that hinder the achievement of goals should be changed. As the
gaps between the present state and the desired future state are identified, consideration should
be given to what kind of actual change process is needed. For this stage, there are no standard
solutions, and an organization should design its own approach. The approach may involve
training, creation of task groups, system changes, team building and coaching of senior
managers and other employees.
2.20.
Major change initiatives that affect the safety culture should not be launched
prematurely. A careful approach should be used initially to make sure that everyone
understands what the new way of thinking and working is, and to consider how the existing
19
culture can help or hinder. The desired changes should build on the existing culture. It should
be considered how the people who are the targets for change can be sufficiently motivated to
want to change, but they should not become so anxious about learning new things as to resist
change. Consideration should be given to how the existing culture can help the learning
process and make people feel secure.
2.21.
organization that will be able to make its own continual diagnosis, and self-manage whatever
transformations are needed as the environment changes. An organization of this type is likely
compare how they do things with others, so that they are aware of what constitutes excellence
in their field of work. See Ref. [28].
management of safety and safety culture should be established so that problems are detected
and acted upon at an early stage. There is often a delay between the development of
weaknesses in safety culture and the occurrence of an event involving a significant safety
consequence. By being alert to the early warning signs, corrective action can be taken in
sufficient time to avoid adverse safety consequences.
2.23.
The management system should have in place the mechanisms by which the managers
are kept up to date with the early warning signs that have been shown to precede
organizational failures. The following text shows what characterizes the stages of decline and
the early warning signs that have been extracted from root cause analysis of failures in
management of safety and safety culture.
2.24.
20
Incidents not analysed in depth and lessons not learned repetition of a problem
indicating that the fundamental cause (or causes) has not been properly identified;
actions that have exceeded their target date for implementation and the magnitude
of the delay;
Lack of proper verification of readiness for operation plant systems not properly
Employee safety concerns not dealt with promptly safety concerns are ignored or
have to be repeatedly raised before action is taken. For example, lack of a process
of continual improvement;
21
timely manner;
level, with safety issues being ignored when making business decisions;
responsibility for safety;
practices and standards and the organization increasingly operates in a selfreferencing mode;
as well as using the experience of others to improve its own safety. Organizations
become complacent and focus on the successes of the past, and are reluctant to
invest in building new knowledge and skills for the future;
safety culture issues or lack of criteria for when regulatory action should be taken
The management system shall be used to promote and support a strong safety culture by:
Providing the means by which the organization supports individuals and teams to
carry out their tasks safely and successfully, taking into account the interaction
between individuals, technology and the organization.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
2.25.
All safety barriers are designed, constructed, strengthened, broken or eroded by the
action or inaction of individuals. The human side of the business is absolutely critical for safe
operation and should not be separated from the technical side. Ultimately safety is the product
The concept of safety culture has embraced this integration of the people and the
technical sides of the business. But whereas the culture of an organization influences human
behaviour through the basic values, beliefs and assumptions held by the members of the
organization, there are also other factors that have an influence on how humans may act in a
given situation.
2.27.
In a strong safety culture the knowledge and understanding should exist of human
behaviour mechanisms and established human factors principles should be applied in order to
One way of looking at the interaction between the human, the technology and the
organization is the following. Given a certain type of technology (e.g. PWR, BWR) and a
certain operating state (normal operation, transients, outage or emergency), human
performance will be influenced by factors residing within the individual and by those in the
individuals environment.
2.29.
This interaction could be described as follows: in a given situation, the individual has
various types of resources at their disposal to be able to carry out a task successfully. These
resources can reside within the individual in the form of competence, motivation, cognitive
abilities, etc. They can also reside within the environment (via instrumentation, procedures,
computer aids, etc.), through teamwork, communication and leadership, in the management
system and in the culture. When the content, design and organization of the work task
correspond to the individuals needs and capabilities, the conditions exist for the individual to
perform in a way that promotes safe behaviour. This could also be described as safety barriers
to human errors.
2.30.
When analysing events, consideration should be given to the possible influence of all
these factors on human behaviour. They should also be considered when the purpose is to
identify potential weaknesses in the interaction between individuals-technology-organization
23
and how to strengthen or introduce new barriers to prevent human errors. Ideally, these types
of predictive and preventive analysis should be done in interdisciplinary teams. These teams
should include human behaviour expertise, so as to capture the man-technology-organization
interactions from different perspectives and thereby also identifying proper barrier functions.
2.31.
they can avoid making mistakes. In addition, there are various activities that could be carried
out on an individual basis in order to prevent errors. Among these are:
Pre-job briefings, asking the questions: What are the critical steps? What is the
worst thing that can happen? What are the error-likely situations within the work
assignment? What defences are in place to prevent events?;
24
The hazards and the magnitude of the potential impact (risks) associated with the
safety, health, environmental, security, quality and economic elements of each
product or activity;
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
2.32.
To establish the grade for activities, the individual should be guided through a series of
evaluation, a grade is assigned to the item, service or process. The grade assigned can be either
alpha or numeric, the example in appendix I use a numeric identifier. It can be seen that it is
possible to assign a low grade to an item, service or process that is in a Class 1 system, or to
assign a higher grade to an item, service or process with a classification that is lower than class
1. Plant classification is normally defined in the original design documents for the facility.
2.33.
Grade 1 should be selected for activities and items of major safety significance, whilst
at the other end of the scale Grade 4 can be selected when only minor safety or environmental
impact risk exist and when insignificant cost penalties are incurred as a result of failure. The
safety significance of the item, service or process should always be the most important factor in
the assignation of grade and complexity issues should be secondary.
25
2.34.
corresponding to each of the four grades. The criteria used in identifying the related
In general, the highest grade should require the most stringent application of the
management system requirements; the lowest grade the least stringent. The following are
examples of areas where grading should be applied:
Type of assessment;
26
those who use it. Documents shall be readable, readily identifiable and available at the point of
use.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
2.36.
drawings and typically cover the tasks within a process that are carried out within a
department or by an individual.
2.37.
Detailed working documents are used to describe specific work activities and convey
administrative and technical information to individuals performing work. The type and format
of these documents can vary considerably depending on the application involved.
2.38.
(1)
Purpose - Give a clear, concise statement explaining the specific aim(s) of the
(2)
Scope - Define the type and scope of work and the places where the document applies,
document and answer the question why does the document exist?
and delineate the boundaries of the functions, systems and areas treated in the document.
Note: The above two headings (Purpose and Scope) need not be used if the title adequately
covers the content.
(3)
(4)
Definitions - Define those words and terms used in the document that might cause
Identify the individuals and their responsibilities and specify when a required action is needed.
confusion and thus require clarification.
27
(5)
referenced in the document. If documents are referenced in part, state the page and paragraph
numbers. (This can include reference to other work instructions.) Reference documents could
include applicable design or other source documents such as vendors literature, engineering
drawings or plant specifications.
(6)
Prerequisites - State any independent actions that should be performed and by whom,
prior to the use of the procedure or instruction. State any spare parts, special tools or
instrumentation that are necessary (scaffolding, services, etc.) and the required state of the
plant if relevant, plus any special conditions to be used to simulate normal or abnormal
operating conditions.
(7)
Precautions - What precautions are necessary to protect equipment, individuals and the
public or to avoid an abnormal or emergency situation? Identify these in the relevant steps of
the procedure or instruction or highlight them in a separate section.
(8)
Limitations - Are there any limitations on the parameters being controlled? Identify
(9)
process. Give sufficient detail so that a competent individual can perform the function or task
without direct supervision. In some cases it may be appropriate to provide step-by-step
instruction.
(10)
(11)
function can be determined. If tolerances in prescribed limits are allowable, they should be
identified together with any requisite actions (e.g. reporting). Identify the method of
verification to be used. This can be included within the procedure or on check sheets.
Reference documents could be used as a source of acceptance criteria details.
(12)
Records/check sheets - Which documents/forms are used and retained? Check sheets
are recommended when complex procedures or instructions are used. List by title the reports
and documents required to certify or provide that the tasks required in the document have been
accomplished and verified and attach examples of the documents/forms. Identify records as
permanent or non-permanent in accordance with the defined criteria, together with the
retention time for non-permanent records. Mark sample attached forms specimen, record the
date and the identification of those performing the work and, where appropriate, the as found
condition, the corrective action performed and the as left condition.
28
3. MANAGEMENT RESPONSIBILITY
MANAGEMENT COMMITMENT
GS-R-3 [1] states in para 3.1 to3.5 that:
Senior management shall develop individual values, institutional values and behavioural
expectations for the organization to support the implementation of the management system
and shall act as role models in the visible promulgation of these values and expectations.
Management at all levels shall communicate to individuals the need to adopt to these
individual values, institutional values and behavioural expectations as well as to comply with
the requirements of the management system.
Management at all levels shall foster the involvement of all individuals in the implementation
and continual improvement of the management system.
Senior management shall ensure that it is clear when, how and by whom decisions are to be
made within the management system.
The generic guidance that has been developed to provide a means of implementing this
requirement is contained in Ref. [2]; there is no supplementary guidance.
SATISFACTION OF INTERESTED PARTIES
GS-R-3 [1] states in para 3.6 that:
activities and interactions in the processes of the management system, with the aim of
enhancing the satisfaction of interested parties while at the same time ensuring that safety is
not compromised.
29
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
3.1.
In order to understand and meet the needs and expectations of interested parties, an
organization:
3.2.
Should identify its interested parties and maintain a balanced response to their
Should identify and agree interested parties needs and expectations for satisfaction
Should focus on process improvement to ensure value for the identified interested
parties.
addressed by the organization complying with identified and agreed requirements, for
example:
3.3.
Safety;
Availability;
Reliability;
Cost;
Liability;
Environmental impact.
The benefits to be gained for interested parties and the organization by striving for
requirements;
excellence;
30
3.4.
several steps:
3.5.
Analysis of data.
The results of the measurement of interested party satisfaction should provide an input
Senior management shall develop the policies of the organization. The policies shall be
appropriate to the activities and facilities of the organization.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
Developing the policies
3.6.
The policies of the facility should be as brief as possible to ensure they are effectively
The values, behavioural expectations and beliefs that relate to the policy;
31
3.7.
3.8.
Performance reports;
Written statements of policy should set the direction for the facility
Establishing strategies to implement each policy and integrating these into general
Agreeing plans for improvement and reviewing progress to develop both the
business activity;
Implementing policies
3.9.
The structure and processes for delivering each policy should be clear. Individuals
should know which parts of the processes are relevant to them, to understand the major risks in
the facilitys activities and how they are controlled.
3.10.
have:
In order to understand and implement the policies of the facility, management should
Leadership skills;
Communication skills;
32
3.11.
skills;
Some managers in key positions may provide specific input to the facilities policies.
This would apply to those who devise and develop the management system, investigate
accidents or incidents, take part in review and audit activities or have to implement emergency
procedures.
3.12.
3.13.
In order to understand and implement the policies of the facility, individuals need:
facility should be identified through performance appraisal. This may also arise because an
individual has not absorbed formal on-the-job training or information provided as part of their
induction. Training needs vary over time, and should cover:
3.14.
Safety (including nuclear safety and the health and safety of individuals);
Environment;
33
Quality;
Change management;
Security.
Due to the similarity in content and the nature of these policies, some organizations
choose to combine the policies into one policy. The safety, health and environment policy:
Should state the importance of protecting the safety, health and environment of the
Should confirm that excellence in performance in the areas of safety, health and
commercial success;
Should have a primary goal that no harm should result from activities and that the
organization will be respected and trusted by the workforce, the public and
interested parties;
Should have clear objectives of the policy that include how it is proposed to:
Prevent pollution and minimize waste and the use of natural resources as part of
Learn the lessons from events, implement corrective actions and seek out and
Ensure that the facilitys activities, products are in compliance with applicable
legislation and meet the requirements of good practice and applicable standards
of performance.
Should identify how the policy will be developed and improved for example by:
Working with interested parties, the rest of the nuclear industry and contractors
Informing, instructing, training and developing the people who work for the
year;
facility and ensuring that competent safety, environment and health advice is
available;
Auditing the management system that supports the policy, and setting and
ensuring that they are adequately resourced and carried out by suitably
qualified and experienced people and with regard to safety at all times;
Should state which specific legal requirement the policy has been developed to
Should identify the process for identifying new safety, environment and health
address;
legislation and for ensuring that the facility can comply with it.
Quality policy
3.16.
Should ensure employees have the necessary responsibility and authority to carry
Should state a commitment that products and processes should be of the required
performance;
assigned work.
35
understand and accept their respective roles and obligations in carrying out the
quality policy;
Should define the key documents that govern the levels of performance, such as:
Each facility should issue a policy for promoting and managing change that
encompasses the vision and values of the facility. This policy on change management should:
Security policy
3.18.
Details of security polices have not been included because of the nature of their
content. The content of these policies is governed by the security requirements of each
Member State.
PLANNING
GS-R-3 [1] states in paras 3.8 to 3.11 that:
Senior management shall establish goals, strategies, plans and objectives8 that are consistent
with the policies of the facility.
Senior management shall develop the goals, strategies, plans and objectives of the facility in
an integrated manner so that their collective impact on safety is understood and managed.
8
These goals, strategies, plans and objectives are sometimes collectively referred to as a business plan.
36
Senior management shall ensure that measurable objectives for implementing the goals,
strategies and plans are established through appropriate processes at various levels in the
facility.
Senior management shall ensure that the implementation of the plans is regularly reviewed
against these objectives and that actions are taken to address deviations from the plans where
necessary.
The generic guidance that has been developed to provide a means of implementing this
requirement is contained in Ref. [2]; there is no supplementary guidance. An example of the
typical content of a business plan for a nuclear facility is provided in Annex I.
Senior management in the organization shall be ultimately responsible for the management
system and shall ensure that it is established, implemented, assessed and continually improved.
An individual reporting directly to senior management shall have specific responsibility and
authority for:
The organization shall retain overall responsibility for the management system when an
external organization is involved in the work of developing all or part of the management
system.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
3.19.
The individual with specific responsibility for the development and implementation of
the management system should ensure that those responsible for each process (sometimes
37
referred to as the process owners) provide a periodic report on the status of their process to
enable reports on the performance of the management system to be prepared.
3.20.
Techniques such as benchmarking (internal and external), staying abreast with and
being involved in developments in national and international standards and being aware of
38
4.
RESOURCE MANAGEMENT
PROVISION OF RESOURCES
GS-R-3 [1] states in para 4.1 that:
Senior management shall determine the amount of resources necessary and provide the
resources9 to carry out the activities of the organization and to establish, implement, assess and
continually improve the management system.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
Work may be contracted out to external organizations for reasons of economy or where
another organization is more competent to perform it. This should not be done on a piecemeal
basis but should be based on a firmly established supplier management strategy. This strategy
should clearly identify where goods or services are simply obtained from suppliers or where
the relationship between organization and supplier is a partnership.
4.2.
organization in order to exercise control over the work, so that ultimate responsibility for its
safe and effective execution is maintained internally.
4.3.
been verified by selection criteria and/or experience. However, inclusion on an approved list
should not reduce the facilities responsibility to verify the delivery of goods or services on
each occasion.
Resources includes people, infrastructure, the working environment, information and knowledge, as well as
material and financial resources.
10
Intelligent customer capability is the ability of the organization to have a clear understanding and knowledge of
the product or service being supplied.
9
39
4.4.
given as to how mutual learning to the advantage of both organizations could best be achieved
to maximize the future benefits of continuing the relationship. This may include partners in
project initiation phases such as, development and review. Partnerships should be managed
taking into account any regulations regarding competition.
4.5.
When contracts are let for work to be carried out at the facility by people from other
organizations, the facility should ensure that there is no conflict between the work practices
and standards of the supplier and those of the facility.
Managing information and knowledge
GS-R-3 [1] states in para 4.2 that:
on people and organizational culture to stimulate and nurture the sharing and use of
knowledge; on processes or methods to find, create, capture and share knowledge; and on
technology to store and make knowledge accessible and to allow people to work together
without being together. People are the most important component, because managing
knowledge depends upon peoples willingness to share and reuse knowledge.
4.7.
The instructions for each task should consider the full information needs of those
carrying it out and how needed information is to be provided to the user. The day-to-day
responsibility for ensuring that such information is effectively used lies with the immediate
supervisors of individuals performing such tasks. An example of a good practice is pre-job and
post-job briefings that include review of instructions, review of potential risks, tool checks,
experience from doing this or similar tasks and any impact from other work taking place in the
40
vicinity. Information should be maintained and shared regarding any unexpected or unusual
experiences whilst carrying out the work.
4.8.
Information relating to safety should not be regarded as intellectual property but rather
should be shared freely within the nuclear community. Sharing may be achieved through
contribution to databases, sharing of reports, participation in conferences and seminars, and
benchmarking visits.
4.9.
pertinent knowledge so that it is easily accessible to those who need it for carrying out their
tasks. A facility should have an integrated, systematic approach to identifying, capturing,
managing and sharing its knowledge and, in so doing, enabling groups of people to create new
knowledge collectively to help achieve the objectives of the facility. Such a knowledge
management system helps a facility to gain insight and understanding from its own
experience.
4.10.
Knowledge management should capture knowledge (both tacit and explicit) from
workers before they leave the facility so that the knowledge can be retained and transferred to
others who need the knowledge for job/task performance. The facility should assess and take
mitigating action for any risk it has from the loss of critical knowledge. The facility should
have the knowledge base necessary to facilitate the assimilation of new workers into the
facility and to enhance the skills and knowledge of current workers.
HUMAN RESOURCES
GS-R-3 [1] states in para 4.3 and 4.4 that
Senior management shall determine the competence requirements for individuals at all levels
and shall provide training or take other actions to achieve the required level of competence.
An evaluation of the effectiveness of the actions taken shall be conducted. Suitable proficiency
shall be achieved and maintained.
Senior management shall ensure that individuals are competent to perform their assigned work
and that they understand the consequences for safety of their activities. Individuals shall have
received appropriate education and training, and shall have acquired suitable skills, knowledge
and experience to ensure their competence. Training shall ensure that individuals are aware of
41
the relevance and importance of their activities and of how their activities contribute to safety
in the achievement of the facilitys objectives.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
4.11.
The facility should maintain a human resources plan that deals with both numbers of
staff and competence levels. The human resources plan should include a manpower model that
covers for example, the demography of individuals, the projected use of contractors and off-
site work. The facility should consider the effect of aging on its workforce and should
establish a plan to ensure that sufficient competent staff remains available. The plan should
take into account the lead time necessary to recruit and train key staff such as reactor
operators.
Senior management shall determine, provide, maintain and re-evaluate the infrastructure and
the working environment necessary for work to be carried out in a safe manner and for
requirements to be met.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
Managing material assets
4.12.
Registers should be maintained of all significant material assets. For each material
asset or type of asset there should be a strategy or plan that defines how that asset will be
preserved, maintained, enhanced or replaced, taking the whole life cycle of the asset into
consideration to preserve the contribution of that asset to safety. Appropriate treatment of all
material assets at the end of their useful life should be a major factor in asset management.
4.13.
appropriate levels, recognising that safety takes precedence over economic considerations.
42
4.14.
The process for defining the provision of infrastructure assets should include
security arrangements should be put in place to ensure that the contribution of each asset to
safety is not compromised.
4.15.
Some material assets, such as chemicals or gases, may present a risk to the safety of
individuals or the environment through their use or presence on site. Arrangements should be
in place to identify, manage and mitigate such risks. The long term effects of using items
should be assessed to account for the possibility of repetitive stress injury from the use of
tools, or of eyestrain or consequences of bad posture from the use of display screen equipment.
Replacing old technologies
4.16.
The facility should proactively seek opportunities to replace components of its systems
that are prone to human or mechanical error leading to poor performance with better and more
modern technologies. When replacing old technologies the facility should be able to
demonstrate that the new technology will not compromise safety.
4.17.
In particular, care should be taken to identify and manage situations where original
Where replacements for original systems and components are necessary due to the absence of
original suppliers, an equivalent component replacement process should be established.
43
5. PROCESS IMPLEMENTATION
DEVELOPING PROCESSES
GS-R-3 [1] states in paras 5.1 to 5.5 that:
The processes of the management system that are needed to achieve the goals, provide the
means to meet all requirements and deliver the products of the facility shall be identified and
their development shall be planned, implemented, assessed and continually improved.
The sequence and interactions of the processes shall be determined.
The methods necessary to ensure the effectiveness of both the implementation and the control
of the processes shall be determined and implemented.
The development of each process shall ensure that the following are achieved:
Hazards and risks are identified, together with any necessary mitigatory actions;
The activities of and interfaces between different individuals or groups involved in a single
process shall be planned, controlled and managed in a manner that ensures effective
communication and the clear assignment of responsibilities.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
5.1.
44
maintain and improve all the processes that are necessary for it to achieve its goals, strategies,
plans and objectives for each of these stages. This section contains guidance on processes that
are generic to all stages of a nuclear facility; in addition there is one Appendix for each of the
stages of the lifetime of the nuclear facility, which provides guidance on the processes specific
to each stage.
Process model
5.2.
achieve integrated management of the facility and to ensure they address safety issues whilst
making commercial decisions.
5.3.
A major component of the management system is the process map that describes the
way work should be performed. In some Member States the individual at the most senior
position in the facility may appoint a full time management system manager with
responsibility for controlling the process model of the facility and for providing a standardized
approach to describing and controlling processes. This should ensure that there is consistency
and continuity between the various processes.
5.4.
within a facility. There are many alternate models and terms that could be used to describe the
levels of processes in an organization. Within this example there are three types of process:
45
organization makes adjustments to their plans and objectives when required. Management
processes also cover the management of important relationships beyond the nuclear
facility.
the following example there are three main core process areas. These are operation,
maintenance and engineering support processes.
Monitors (including sampling and testing) to confirm that equipment and systems
Develops the monitoring programmes, analyses the results, and makes adjustments
as required.
Repairs, overhauls and adjusts equipment so that it will work correctly throughout
Carries out inspection and diagnostic testing to determine if and when maintenance
is required;
adjustments as required;
Develops the monitoring programmes, analyses the results, and makes adjustments
as required;
46
(including software);
These processes provide the infrastructure services necessary to perform all the
management and core processes effectively. Typically there are many supporting processes
covering such activities as:
PROCESS MANAGEMENT
GS-R-3 [1] states in paras 5.6 to 5.10 that:
For each process a designated individual shall be given the authority and responsibility for:
supporting documentation;
47
Ensuring that the records required to demonstrate that the process results have
Ensuring that the process, including any subsequent changes to it, is aligned with
the goals, strategies, plans and objectives of the facility.
For each process, any activities for inspection, testing, verification and validation, their
acceptance criteria and the responsibilities for carrying out these activities shall be specified.
For each process, it shall be specified if and when these activities are to be performed by
designated individuals or groups other than those who originally performed the work.
Each process shall be evaluated to ensure that it remains effective.
The work performed in each process shall be carried out under controlled conditions, by using
approved current procedures, instructions, drawings or other appropriate means that are
periodically reviewed to ensure their adequacy and effectiveness. Results shall be compared
with expected values.
The control of processes contracted to external organizations shall be identified within the
management system. The organization shall retain overall responsibility when contracting any
processes.
The generic guidance that has been developed to provide a means of implementing this
requirement is contained in Ref. [2]; there is no supplementary guidance
GENERIC MANAGEMENT SYSTEM PROCESSES
GS-R-3 [1] states in para 5.11 that:
48
approving documents shall be specifically assigned this work, shall be competent to carry it
out and shall be given access to appropriate information on which to base their input or
decisions. It shall be ensured that document users are aware of and use appropriate and correct
documents.
Changes to documents shall be reviewed and recorded and shall be subject to the same level of
approval as the documents themselves.
The generic guidance that has been developed to provide a means of implementing this
requirement is contained in Ref. [2]; there is no supplementary guidance.
Control of products
GS-R-3 [1] states in paras 5.14 to 5.20 that:
Specifications and requirements for products, including any subsequent changes, shall be in
accordance with established standards and shall incorporate applicable requirements. Products
that interface or interact with each other shall be identified and controlled.
Activities for inspection, testing, verification and validation shall be completed before the
acceptance, implementation or operational use of products. The tools and equipment used for
these activities shall be of the proper range, type, accuracy and precision.
The organization shall confirm that products meet the specified requirements and shall ensure
that products perform satisfactorily in service.
Products shall be provided in such a form that it can be verified that they satisfy the
requirements.
Controls shall be used to ensure that products do not bypass the required verification activities.
Products shall be identified to ensure their proper use. Where traceability is a requirement, the
organization shall control and record the unique identification of the product.
Products shall be handled, transported, stored, maintained and operated as specified, to prevent
their damage, loss, deterioration or inadvertent use.
Documents may include: policies; procedures; instructions; specifications and drawings (or representations in
other media); training materials; and any other documents describing processes, specifying requirements or
establishing product specifications.
11
49
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2]. It describes the processes used by nuclear
facilities to control products.
Inspection and testing
5.5.
unit responsible for the work, by another department or by an outside agency independent of
the facility. Individuals should ensure their own work has been performed correctly; however,
individuals performing the work should not inspect their own work for acceptance.
5.6.
Management should ensure that inspections are properly planned. Planning should
address such attributes as product characteristics, inspection techniques, hold and witness
points, acceptance criteria, and the organization or individuals responsible for conducting the
inspections.
5.7.
intended Ref. [12]. All testing should be conducted using established and proven test
requirements and acceptance criteria. Further information on test equipment and testing can be
found in Ref. [9].
5.8.
Arrangements should be established to hold products or stop further work until the
required inspections and tests have been completed and the corresponding reports have been
received and verified by designated individuals. These arrangements should include what to do
if there are negative results of inspections and tests.
5.9.
Inspection and testing plans should identify the sequential inspection and testing
elements necessary to demonstrate conformance with requirements, the means by which they
are to be verified and the relevant acceptance criteria.
5.10.
plan:
50
The identification of who is to perform each inspection and test, and provision for
The identification of hold points beyond which work should not proceed without
can check activities but the work should not be stopped if the inspector is not
present. The inspection can be performed later by reviewing the associated records
of the work;
5.11.
hold points;
Unless otherwise designated, they should be approved by the organization responsible for the
specification of the product or system to be tested. Required tests should be controlled. Tests
may include:
Production tests;
Construction tests;
51
5.12.
Operational tests.
Testing requirements and acceptance criteria should be based on the applicable design
or other pertinent documents. Testing should demonstrate that the safety function of a product
has been maintained. Appropriate testing of computer software should be completed before
operational reliance is placed upon it.
5.13.
Testing instructions should define the test objectives and make provisions for ensuring
that prerequisites for the given test have been met, that adequate equipment is available and
being used, that necessary monitoring is performed and that suitable environmental conditions
are maintained.
5.14.
Test results should be documented and evaluated to ensure that testing requirements
Activities for inspection, testing, verification and validation shall be completed before the
acceptance, implementation or operational use of products. The tools and equipment used for
these activities shall be of the proper range, type, accuracy and precision.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
5.15.
A process for the control, and where necessary, calibration of tools, gauges,
instruments and other measuring, inspecting and testing equipment used for activities
important to the safety of the facility should be established.
5.16.
A process for the control of equipment that is out of calibration, including segregation
to prevent further use and identification and evaluation of the impact of the use on previous
measurements since the last calibration date, should be established.
52
5.17.
Tools, gauges, instruments and other measuring, inspecting and testing equipment
(including test software and devices) used in determining product status and verifying the
acceptability of products should be of the proper range, type, accuracy and measuring
precision.
5.18.
all measuring, inspecting and testing equipment used for the determination of product quality
or operational status should be specified. The responsibility for measuring and testing
equipment controls should be defined. Arrangements should include:
and devices that can affect product quality at prescribed intervals, or prior to use,
against certified equipment having a known and valid relationship to nationally or
internationally recognized standards. If such standards do not exist, the basis used
Confirmation that the measuring and test equipment is capable of the accuracy and
precision necessary;
Controls to ensure that environmental conditions are suitable for the calibrations,
measurements and tests being carried out;
53
Controls to ensure that the handling, preservation, storage and use of calibrated
equipment is such that its accuracy and fitness for use is maintained;
Methods for adding and removing measuring and testing equipment to and from
the calibration programme, including the means to ensure that new or repaired
products are calibrated prior to their use;
5.19.
A process to control the issue of measuring and testing equipment to qualified and
authorized individuals.
Testing hardware, such as jigs, fixtures, templates or patterns, and testing software
used for inspection should be checked prior to use in production and facility and rechecked at
prescribed intervals. The extent and frequency of such checks should be established and
records maintained as evidence of control. Such approved testing hardware should be properly
identified.
Control of records
GS-R-3 [1] states in paras 5.21 and 5.22 that:
Records shall be specified in the process documentation and shall be controlled. All records
Retention times of records and associated test materials and specimens shall be established to
be consistent with the statutory requirements and knowledge management obligations of the
facility. The media used for records shall be such as to ensure that the records are readable for
the duration of the retention times specified for each record.
The generic guidance that has been developed to provide a means of implementing this
requirement is contained in Ref. [2]; there is no supplementary guidance.
Purchasing
GS-R-3 [1] states in paras 5.23 to 5.24 that:
54
Suppliers of products shall be selected on the basis of specified criteria and their performance
shall be evaluated.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
Commercial grade products
5.20.
Certain products with a proven record may be available from commercial stock.
Procurement documents should provide sufficient information from catalogues and suppliers
specifications to enable the correct product to be supplied.
5.21.
All relevant technical data and trial information should be requested. These products
may require confirmatory analysis or testing to demonstrate the adequacy of the product to
perform its intended function.
5.22.
When a commercial grade product is proposed for any safety function, a process
The need to evaluate the capability and controls applied by commercial grade item
suppliers;
Communication
GS-R-3 [1] states in paras 5.26 and 5.27 that:
Information relevant to safety, health, environmental, security, quality and economic goals
The generic guidance that has been developed to provide a means of implementing this
requirement is contained in Ref. [2]; there is no supplementary guidance.
Managing organizational change
GS-R-3 [1] states in paras 5.28 and 5.29 that:
The generic guidance that has been developed to provide a means of implementing this
requirement is contained in Ref. [2]; there is no supplementary guidance. Ref. [32] provides
further information.
The following processes are common to all stages of a nuclear facility. The
applicability of the guidance should be utilized by the facility taking into account the stage of
the nuclear facility, the organization size and structure and the nature of the activities to be
carried out.
56
Project management
5.24.
Project management is the conduct of delivering a project in accordance with its agreed
scope, schedule, cost and quality requirements, dealing with all the challenges and risks
The success of the project depends on its project manager leading a team of dedicated
staff to achieve its objectives. The characteristics of an effective project manager include:
5.26.
Is a good and effective communicator to ensure that the project team is well
Can deal with uncertainties and risks and can take the right decisions in a timely
Possesses the energy, enthusiasm, toughness and quickness to deal with emerging
issues.
In order to perform effectively, the project manager and his team should have authority
authorisation limits;
57
5.27.
The organization of a project should be carefully selected depending on its scope and
complexity. For smaller projects or groups of smaller projects a functional and/or matrix
approach should be considered.
5.28.
A project-dedicated organization can carry out long term and complex projects,
providing in-depth and sustained focus to control the project internally and externally,
especially when interfacing with the customers. Other advantages include:
5.29.
minimize duplication of effort, facilities and personnel and to promote technical exchange of
expertise between different projects.
5.30.
Ensuring project quality and doing it right first time reduces rework and costs and
A clear and well documented management system to meet the standards specified
in the contract;
A learning culture;
conformances;
corrective actions;
58
5.31.
Project management starts during the negotiation phase and continues to the end of the
5.33.
Key activities performed during the pre-project phase include: project implementation
plan, project description, definition of scope and roles of participants and work structure,
supporting contract negotiations, definition of client/contractor performance, definition of
Key activities performed during the project implementation phase include: preparing
project planning, scheduling and control, budget and cost control, and information
management and communications.
5.35.
Key activities performed during the project close-out phase include: negotiations with
the client to close all open commercial and technical issues and address outstanding overall
Appropriate methods and checkpoints should be utilized to ensure that project plans
succeed. This includes: measuring and evaluating progress and taking timely corrective
actions to achieve or exceed predefined completion targets for each milestone, cost and
quality. Performing the work on schedule, meeting quality standards and minimizing rework
effectively ensure good control over cost.
5.37.
All projects are inherently risk ventures. Examples of risk contributors include:
59
5.38.
Poor estimating;
Unrealistic schedule;
A risk management plan should be prepared to define the methodology and tools to
identify and evaluate risk. Budgets should be prepared with contingency provisions taking into
account the accuracy of the estimates, potential for cost escalation and or foreign exchange
fluctuations, and historical experience on similar projects. The project manager should have
the necessary authority to use contingency allowance to deal with unexpected situations
contributing to risk.
5.39.
Controlling the project will depend on the size and complexity of the project itself.
Many organizations establish a project steering committee to control projects. The project
steering committee may consist of:
5.40.
Main or key supplier(s) who represents the interests of those responsible for
Project manager who runs the project on a day-to-day basis on behalf of the
product development;
project board.
The project steering committee will initiate the project and set the different stages,
agree the different stage gates of the project, monitor progress through each stage gate and
resolve major issues that have the potential to impact on cost, schedule and quality. The over-
riding consideration should be to agree and implement the required corrective action(s) while
addressing the associated commercial issues in parallel.
60
5.41.
Finally when a project is completed it should be reviewed for its overall success
Has the project been adequately documented, the necessary records been
generated, maintained and handed over if necessary?
The work planning and control process is utilized during design, construction,
commissioning, operation and decommissioning and therefore it should ensure that work at the
nuclear facility is properly planned and completed in a safe and efficient manner. The work
planning and control process should list and be able to sort all work requests on the basis of
work description, priority assigned, date initiated and configuration requirements to perform
the work. The system should be able to track the status of all work requests, in particular those
on hold for planning, spare parts, materials or other constraints. The system should be capable
of tracking completion of testing prior to return to service.
5.43.
Work planning:
Should identify the relative importance of the work processes with regard to
Should identify and schedule the work necessary to operate and maintain the
safety;
facility;
concise and unambiguous work instructions, which include any inspection and
testing requirements;
61
Should identify any requirements that are part of the work process, such as
Should identify any workplace risk hazards and how they are to be mitigated;
Should identify the required records, such as work completion, spare parts used
Should provide any safety documents, such as permits to/for work and system/item
isolation permits.
In addition to the risk assessments carried out during the planning and control process,
workplace risk assessments (sometimes referred to as point of work risk assessments) should
be required for all activities carried out by the facilitys individuals and by contractors
individuals that may pose a particular risk of injury, harm or damage.
5.45.
In order to carry out an adequate workplace risk assessment the associated workplace
should be visited and account taken of; the route to and from the job; other work (including
routine operations) being undertaken in the area; any changes to emergency arrangements as
well as procedures, training and supervision.
5.46.
In recognition of differing types of risk, there are different types of workplace risk
assessments that could be used and which should be documented and used as an input to work
planning and control. For example:
Area assessment - this assessment addresses the risks relating to the equipment,
services or conditions in the workplace rather than the actual task being carried out
e.g. lighting, floors, traffic routes, fire precautions;
62
Task assessment - during the planning of jobs some risks will be associated
directly with the activity to be undertaken or through work or activities in adjacent
work areas. These risks need to be assessed as an integral part of the work
planning process in the same way as other aspects of the work. Risks should be
These assessments may also require an additional risk assessment where there is a
special, more demanding hazard for example working in confined spaces and opening acid
lines. Each Member State will have differing regulations that require such an assessment to be
carried out.
5.48.
The results of workplace assessments should be communicated to the work teams and
others who may be affected. This includes new starters, contractors and visitors who may be
affected by the work being carried out.
5.49.
5.50.
Pre-job briefing before the work is undertaken for one off or infrequent operations;
Warning notices;
permits);
The main requirement is that anyone involved in a job or coming into contact with it is
made aware of the hazards and risks to their health and safety and knows and understands the
procedures that are in place to remove or reduce those hazards and risks.
63
5.51.
Planned regular review should be carried out to confirm validity of workplace risk
assessments. Post-job briefings can be used to capture human performance, performance and
risk related issues as lessons. When there has been a significant change, such as introduction
required. A record of completed workplace risk assessment should be retained at least until the
next review (in either paper or electronic format). Workplace risk assessments that support
working instructions should be archived together with the instructions.
Personnel safety
Industrial safety
5.52.
for all individuals, suppliers and visitors, and should refer to the industrial safety rules and
practices that are to be adopted. The process should include arrangements for the effective
planning, organization, monitoring and review of the preventive and protective measures.
5.53.
The operating organization should provide support, guidance and assistance for facility
5.54.
Nuclear facility individuals should understand how the industrial safety programme
5.55.
working time lost due to industrial accidents (sometimes referred to as lost-time accidents),
other accidents requiring medical attention, industrial safety non-conformances identified in
the facility, near misses and modifications resulting from industrial safety concerns.
5.56.
The underlying causes of industrial accidents and industrial safety problems should be
identified and corrected. Results of cause analyses should be used to identify opportunities to
improve industrial safety. Lessons learned from investigations and from other industry
operating experience should be used to improve performance.
5.57.
material and any required actions should be incorporated into the facilitys industrial safety
64
A process should be established and implemented for radiological safety for each
working group, area and activity to ensure that radiation exposure is as low as is reasonably
achievable. For further guidance see Ref. [3]
Control and supervision of contractors
5.59.
A process should be developed to control and supervise contractors carrying out work
at a nuclear facility. Contractors should perform work under the same controls as, and to the
same working standards as, nuclear facility individuals.
5.60.
When using contractors the facility should control and supervise their actions to ensure
there is no compromise to safety and to ensure there are no potential risks or hazards either
immediate or latent. The hazards may result in an immediate danger to the contractor's
workers or workers around them - or the hazard may be left behind as latent or inherent
defects that could be revealed later.
5.61.
The facility should ensure that contractors are competent for the work assigned to
them. Contractors who perform work at the facility should receive appropriate training in the
facilities procedures and practices to enable them to carry out work safely. Adequate time
should be provided for this training. The facility may have to take responsibility for this
training in relation to radiological safety, conventional safety practices at the facility,
emergency arrangements and permit for work systems. The practices for training for
contractors should be at least as good as those for the facilitys employees, for the same or
equivalent tasks.
5.62.
The control and supervision of contractors should ensure that contracted work is
carried out to an adequate standard. For work that impacts on nuclear safety the facility should
maintain an oversight, e.g. contractors carrying out Safety Analysis Report (SAR) preparation
and review, design, construction, commissioning, modification or maintenance etc. to ensure
that the end product meets suitable standards of nuclear safety. In such situations the facility
should:
65
5.63.
where appropriate);
In order to be able to control and supervise its contractors the facility should have the
facility should know what is required, should fully understand the need for a contractor's
services, should specify requirements, should supervise the work and should technically
review the output before, during and after implementation. The concept of intelligent customer
relates to the attributes of an organization rather than the capabilities of individual post
holders.
Design
5.64.
The design process requires the use of sound engineering/scientific principles and
appropriate design standards. The design process should also address the requirements of Ref.
[19] and take into account the guidance provided in the series of IAEA safety guides on design
of nuclear power plants Ref. [20].
5.65.
The following guidance should be taken into account when developing the design
process or processes:
and control, that are important to safety should be first identified and then
classified on the basis of their function and significance with regard to safety,
Design
requirements,
inputs,
processes,
outputs,
changes,
records
and
include all requirements for the design, such as the technical bases for the design
66
design. Those carrying out verification should not have participated in the
development of the original design (but they may be from the same organization).
The extent of verification should be based on the complexity, associated hazards
and uniqueness of the design. Some typical design verification methods include
designs should not require verification unless they are intended for different
computer programs, and sources of design input that support design output
normally support evidence that the design was properly accomplished.
5.66.
The design process should include the following activities, which are described in the
67
The design process can be initiated in support of building a new nuclear facility project
or other nuclear structures, systems and components as needed. The overall scoping and
initiation of the design activity should be carried out after a review of the contracts, work
orders and other such high level documents that require an organization to perform design
activities. The organization responsible for the nuclear facility, its safety and licensing should
select a qualified design organization, which can undertake the design function and all related
activities.
This design organization should establish all the key requirements for the design after
68
5.69.
For the specific structures, systems and components, the applicable design parameters
could also be covered in the related design documents such as design requirements, design
specifications and safety design guides.
Selecting the principal designer
5.70.
The facility should select an individual (often referred to as the principal designer) who
has responsibility for specifying the design requirements and for approving the design output
on its behalf.
5.71.
Control of interfaces;
The design activities should be carried out in a logical planned sequence to ensure that
the designed facility can be safely sited, constructed, commissioned, operated and
decommissioned.
5.73.
The overall design of the nuclear facility, structures, systems and components should
be organized in discrete packages and work assignments that clearly identify the scope,
activities for performing the design activities and activities for preparing design documents.
5.74.
Design planning should take place at the earliest opportunity before the beginning of
design activities. Plans should define the activities to be performed in manageable units
(typically a work breakdown and structure).
5.75.
69
5.76.
All key interfaces with jurisdictional authorities, customers and other parties
Design methods;
for use);
Resource requirements;
Points at which checks of the design process will take place and the frequency of
such checks.
In addition to general planning requirements, design planning should also consider the
Availability of components/materials;
Qualification of suppliers;
All relevant inputs that can impact on the design directly or indirectly should be
considered. The design input documentation12 should define the requirements to be satisfied
by the design. These design input documents are normally prepared, reviewed and approved
by the facility.
Design input documents may also be called design requirements, design specifications, design guides, analysis
basis documents, technical specifications and flow sheets.
12
70
5.78.
Establishing and determining the design inputs will vary with each different design. As
well as inputs derived from general contractual requirements, customer input and commercial
considerations (including cost and marketability), design inputs should be derived from:
5.79.
Basic inputs that are available in the early stages as covered by contracts and high
Derived inputs that become available after conceptual and detailed design
The design inputs could include the following parameters based on their applicability
Security considerations;
Safeguards considerations;
71
construction,
decommissioning.
installation,
commissioning,
operation
and
Hydraulic and pneumatic: flow, pressure, fluids, velocities, and suction and
discharge heads;
In-service
requirements,
including
reliability,
redundancy,
accessibility,
Engineering input data, including validity of reference data, test reports, analyses,
and in-service reports;
Sufficient detail should be provided in the design input documents to serve as reference
basis for making decisions, performing verification and validation for the conceptual and
detailed design, evaluating design changes and setting up commissioning tests and criteria.
Review of design concepts and selection
5.81.
The responsible design organization may examine one or more concepts to evaluate
various options in terms of their suitability and adequacy to select the preferred approach. All
such resulting design concepts should be evaluated, documented and approved.
72
5.82.
Such evaluation may consider the feedback from previous design, procurement,
preferred design concept should be identified, documented and justified with supporting
information.
The design tools and computer software used in design, safety analysis, plant control,
calculations and data management should be selected based on their appropriateness and
adequacy for the application and use. All such tools should be suitably qualified based on
applicable codes and standards. Such tools and software should be compatible between the
various design organizations to the maximum extent possible.
5.84.
Where analytical and process control computer software is used, appropriate measures
The need for conceptual design, safety, environmental and security analyses should be
examined and when required be prepared based on optimum or preferred design concept.
These documents may require submission and approvals based on applicable laws and
regulations.
5.86.
The need for a conceptual safety analysis should be evaluated and when required
should be prepared based on selected design concept(s). This is generally done for new,
complex, first of a kind designs that are critical to nuclear safety.
Calculations, analyses and studies should be documented in sufficient detail and should
be controlled in a manner that subsequent users of the design, during the various lifetime
stages of the facility, can understand the design and make informed decisions. This requires
documenting, for example, inputs, assumptions, modelling, test and development work and
73
results, safe operating parameters and envelope, key acceptance criteria and parameters for
commissioning tests.
5.88.
Design activities should ensure that specified requirements are correctly translated into
5.89.
Design specifications;
Functional specifications.
baseline listing of all key design documents based on the contractor, customer and
jurisdictional requirements. This should cover the design documents needed for the various
activities of the facility in all stages, such as for procurement and manufacturing, construction
and installation, commissioning, operation, maintenance and decommissioning. The baseline
listing should include the following:
Traceability requirements;
Safety analysis is an important part of the design process that is carried out to examine
the various postulated conditions, accidents and events that may impact on the performance
and operation of nuclear facility equipment, components, structures and systems. The need for
the type and extent of safety analyses should be evaluated in view of the governing codes and
standards and regulatory requirements and when required should be prepared based on the
selected design concepts.
74
5.91.
In some Member States the safety analyses are documented in reports such as
Preliminary Safety Analysis Reports (PSAR) and Final Safety Analysis Reports (FSAR) and
in Probabilistic Safety Analyses (PSA). These reports are updated as required. All analyses
should include the purpose, methods, assumptions, input and sources, computer modelling
information, test and development work, results and key references. The selected tools for the
safety analyses such as computer programs should be verified and validated to confirm their
suitability and adequacy for the type of analyses being performed.
Defining the safe operating envelope
5.92.
component, structures and systems configurations and operating limits that is acceptable for
safe operation.
Individuals who did not perform the design activity or make the design decisions for
5.94.
the design being verified should normally perform design verification activities.
confirming that the design work is correct, that the design meets the requirements, and that the
verification activities have been properly completed. Those carrying out verification and
validation should have access to sufficient background and supporting information in order to
gain an understanding of the design intent.
5.95.
with prescribed requirements. Design verification processes should be used throughout the
various design phases including the conceptual design, detailed design and safety analyses
phase to ensure that each phase has reached a satisfactory level of completion before going on
to the next design step.
5.96.
At the start of a design activity, the design organization should identify design
verification activities of each design or revisions to the design. Formal design documents
(including design verification documents) are normally subject to verification.
75
5.97.
5.98.
The nature and extent of design verification should be based on the following criteria:
Degree of standardization;
When previously finished and verified designs are to be used for a new application,
5.99.
as
Acceptable design verification methods should include various review methods such
Alternative analysis;
Verification by test;
Design review.
5.101. Design reviews are generally conducted by a group of subject matter experts led by
the senior designer with considerable experience and broad knowledge of the subject.
76
5.102. At appropriate stages of the design, formal verification reviews of the design process
should be planned, completed and documented. Participants in these reviews should include
representatives of organizational units from the design organization concerned with the design
stage being reviewed, and other individuals as required. Reviews may range from reviews by
single individuals to reviews by many organizations.
5.103. The objective of the review is to provide assurance that the output documents will be
correct and fully address the requirements (for example functional, safety and regulatory
requirements, and industry codes and standards) of the design specification.
5.104. The principal designer should determine the scope and extent of the review. As part of
the review it should be established that procedures have been followed, that designated
individuals have participated, and that the results are adequately documented and checked
prior to the release of design documents.
5.105. The design review should anticipate and identify potential problem areas and
inadequacies and initiate corrective actions to ensure that the final design meets the design
intent.
5.106. In the design review certain basic questions should be addressed. These questions
should include, but not be restricted to:
Were any assumptions made, are they adequately described and what is their
basis?
standards followed?
77
5.109. Qualification testing verifies the design of a system or component or a specific design
feature of a prototype or a production unit by operating the item under controlled conditions
and measuring and evaluating its performance. The organizations performing qualification
testing should have a qualification-testing programme that meets the requirements of
applicable standards.
5.110. Test requirements should be identified in a test specification document. Test results
should be included in a test report. Test reports should be reviewed for validity and relevancy
to the test requirements against the acceptance criteria specified in the test specification
document.
5.111. Where computer programs and associated documentation are part of the design output,
displaying reactor operation, they should be subject to a set of verification and validation
tests. Software development plans, design verification plans or quality plans should identify
international standards should be identified and followed. Software verification and validation
test documentation should provide information, or reference the documents containing
information on:
78
5.112. The manager of the design organization responsible for the design should ensure that
the design is adequately verified by confirming that all planned verification activities have
been completed before approval of any design documents. This is normally carried out by
reviewing evidence of completed verification activities.
5.113. The adequacy of design and design verification methods applied to all major designs
as defined in the applicable design verification plan should be confirmed. The validation of
the design of components, structures, equipment and systems should be done during the
commissioning phase. The designer should document all the key requirements such as
performance, functional and control parameters, safety assumptions and objectives that need
to be confirmed during commissioning. The design documents should provide the relevant
information for commissioning tests and the acceptance criteria to be followed by the
commissioning organization.
5.115. The design organization should also provide records of design changes it has
introduced during the design activities. Changes should be reviewed and approved by
individuals who have information and knowledge of the requirements and intent of the original
design, processes and practices.
5.116. Design changes, whether initiated by the designers within the facility, or at the facility,
verified. Documents affected by the change should be identified. If the change is approved, the
affected documents should be revised, approved and released. Activities impacted by the
change should be verified.
5.117. Permanent and temporary changes during construction, commissioning and operation
stages should be documented, verified, and approved before they are implemented.
or operational groups that permit deviations from design should be processed in accordance
79
with approved procedures. These procedures should define methods for identification, nature
and resolution, approval, issuing and filing of concessions.
5.119. Design baseline should be identified, documented and maintained. Changes to the
baseline design should be identified, reviewed, approved and documented through the change
control process.
Configuration management
5.120. Configuration management is a process of identifying and documenting the
configuration management process should ensure this consistency and is fundamental to safe
operation. For example, after maintenance is carried out, the plant, systems and components
should be returned strictly to their design configuration.
5.121. The principal concern relating to inadequate configuration management is the loss of
the ability to perform safety actions when needed. Not having the right information available
at the right time and in the right format for engineering and operations staff can lead to human
errors with potential safety and economic consequences. In many cases, the effort required to
respond to and correct these errors is greater than the effort required to maintain plant
configuration.
5.122. It is assumed that every facility has already knowingly or unknowingly employed the
to configuration management and relevant awareness of the plant management with respect to
configuration management.
80
5.124. Configuration management recognizes that there are three elements, which should be in
Design requirements are technical requirements; they are derived from standards,
regulatory requirements and the design process, which impose limits on the final
design including the consideration of margins and which are reflected in the design
documentation;
Facility configuration documentation is the set of all the documents that contains
configuration information that defines how the plant is designed, how it is operated
and how it is maintained. These documents can be categorized as either:
Design information;
Programme planning;
81
information should be supported by, and be consistent with, the design requirements.
5.127. The process of configuration management should ensure that responsibilities are
defined, including those for design bases, safety analysis bases, design processes, operation,
maintenance and change processes. This description of responsibilities should define precisely
who is responsible for what, including the interfaces, transfer of responsibility and for
documents and other related information. The process should also define the responsibilities
for the following organizations:
The design organization in charge of modifications to the design (if not the same
Plant modification
5.128. A process should be established and implemented to control modifications to the
systems, structures and components. See Refs [11] and [12].
Maintenance
5.129. A process should be established and implemented for the maintenance of the systems,
structures and components of the facility. See Refs [9] and [12].
Housekeeping and cleanliness
82
provide a clean workplace and to encourage a high standard of workmanship. The process
should establish, maintain and enforce standards for housekeeping and cleanliness that:
Protect open systems and equipment from foreign material during maintenance
Control the movement of materials, equipment, tools and individuals in and out of
Encourage individuals to leave an area cleaner than it was before they carried out
and modification;
work areas;
system/component closure;
an activity within it.
be used to the extent possible and the identification should be transferred to each part of an
item before it is subdivided.
5.132. Provisions should be made to prevent the damage, deterioration or loss of items. For
this purpose, items should be stored in a manner that provides for ready retrieval and
protection. Storage should be controlled to prevent deterioration of degradable material, such
as elastomer seals, O-rings and instrument diaphragms.
5.133. Maintenance should be performed on items held in storage such as large pumps and
motors, including periodically checking energized heaters, periodically changing desiccants,
rotating shafts on pumps and motors, changing oil on rotating equipment, and other
maintenance requirements specified by the vendor.
83
5.134. Items removed from or placed into stores, including surplus material returned to store,
should be promptly documented so that the stores inventory is accurate. The stores record
system should also indicate the location of materials and parts in all designated storage areas.
Access to storage areas should be controlled.
5.135. Handling and storage should include arrangements for shelf-life management. For
example, an item whose shelf life has expired should be discarded unless an engineering
evaluation is conducted and engineering approval obtained prior to use of the item.
5.136. For critical, sensitive, perishable or high value items, special arrangements such as
protective enclosures, provision of inert gas atmosphere, moisture and temperature control,
should be specified and provided. These measures could also be applied to installed items
subject to extended out-of-service conditions.
5.137. The process should also cover field storage of consumables such as lubricants and
solvents to ensure they are properly stored and identified.
5.138. Storage practices should ensure that:
Corrosive chemicals are well segregated from equipment and metal stock;
Stainless steel components are protected from halogens and from direct contact
Relief valves, motors and other equipment are stored on their bases;
Elastomers and polypropylene parts are stored in areas not exposed to light;
Material, equipment and storage facilities are properly protected from rodents;
5.139. Items removed from storage should be protected. Handling of items should consider
factors such as weight, size, certification and regular inspection of hoisting/lifting equipment,
chemical reactivity, radioactivity, susceptibility to physical shock, damage or electrostatic
sensitivity, sling location, balance points and method of attachment. Special handling tools and
equipment should be provided, controlled and inspected periodically as necessary to ensure
safe and adequate handling.
Inventory management
5.140. The process for inventory management should be designed so that spares and other
consumable items are available when required to ensure that safety is not compromised. The
facility should first establish an inventory register and ensure that the procurement process is
aligned to maintain stocks at an acceptable level. This can be achieved by:
Demand forecasting;
Understanding lead times for the manufacture and procurement of spares and
consumable items;
Historical information.
5.141. The facility management may choose to arrange to obtain spares at the time of
procurement of the original products. The spares should meet the same requirements as the
originals, with additional requirements to assure protection during long term storage. The
factors to be considered in determining the quantities of spares in the inventory include the
following:
manufacture;
85
Obsolescence.
5.143. Component identification and labelling is developed during design stage, implemented
and confirmed during construction and commissioning stages and maintained during operation
and decommissioning stages. System, structure and component identification and labelling
should not be compromised by activities during the facility lifetime. Necessary user-friendly
Waste management
5.144. The generation of radioactive waste during commissioning, operation and
decommissioning should be minimized and provisions made for the safe handling, storage,
transport and disposal of radioactive waste liquids, solids and gases. See Ref. [4].
5.145. The control of radioactive wastes should ensure they are within authorized limits and
conditions and should include for example:
Maintaining inventories;
Generating and keeping records such as Waste Package Specifications and Waste
Package Data Sheets.
5.146. For further guidance on radioactive waste management see Refs [3,5,6,7].
5.147. The facility should ensure that the transportation of radioactive waste to a licensed
repository satisfies regulatory requirements, and that the final waste packages meet waste
acceptance criteria for disposal.
5.149. Reference [8] establishes requirements for the safe transport of radioactive material.
Environmental management
5.150. The facility should develop a process for the management of the environmental aspects
of its activities, products or services that should be controlled in order to avoid a significant
negative impact on the environment.
5.151. The facility should determine its environmental objectives and targets relevant to the
nature, scale and impact of its activities, products or services, from the perspective of past,
existing and planned activities.
Contamination of land;
87
5.153. The process should address the environmental impact of all of the facilitys activities in
all lifetime stages. Note: environmental aspects should also be addressed in all other processes
if applicable.
5.154. For information regarding discharge pathways for radioactive releases and how toxic
releases to the environment should be identified and monitored see Refs [3] and [10].
Regulatory interface
5.155. The facilitys management system should establish a process by which regulatory and
statutory requirements are clearly described and met. See Ref. [12]. The facility should also
ensure that interface arrangements are established with all relevant regulatory bodies. For
example, this would include meetings (types, frequency, terms of reference), reporting and
communication routes etc. The interface arrangements should also identify the information
needs of the regulatory bodies see Ref. [33].
Information technology
5.156. Management system controls should be considered throughout all phases of the
information technology lifetime: the acquisition and supply of a new system, development,
operation and maintenance.
The needs of future stages in the facility lifetime are taken into account.
systems may be paper based or implemented using software tools, or a combination of both
techniques.
88
5.159. Plant control software that could affect safe and reliable operation, such as computer
codes and data used in computerised protection and control systems, should be verified and
validated. Installed plant control software should be subject to periodic checking to ensure
continued computer program integrity. See Ref. [15].
89
Fire protection
5.160. The facility should establish and implement a fire prevention and protection process to
protect individuals and items that is appropriate to the stage in the lifetime of the facility. See
Refs [12,13,14].
Security
5.161. The facility should establish and implement a security process to prevent individuals
from deliberately carrying out unauthorized actions that could jeopardize safety. The process
should be appropriate to the stage in the lifetime of the facility. See Ref. [12].
90
The effectiveness of the management system shall be monitored and measured to confirm the
ability of the processes to achieve the intended results and to identify opportunities for
improvement.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
Management oversight
6.1.
through their day-to-day line management activities. Other more structured mechanisms
include:
Should observe work being carried out to ensure standards are being
Should be visible, available and listen to suggestions and complaints from their
maintained;
individuals;
91
each individual or functional unit. The reviews should be carried out on a predetermined frequency and timing to enable a composite view of performance to be
established and communicated to individuals.
Such reviews should consider historical performance and future plans related to
the goals, strategies, plans and objectives that are described within each
departments plan.
targets;
Endorsement of strategies;
92
achieving the facility goals, strategies, plans and objectives identified in the
Senior management and management at all other levels in the organization shall carry out
self-assessment to evaluate the performance of work and the improvement of the safety
culture.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
Self assessment by senior management
6.2.
93
6.3.
following:
6.5.
areas against specific criteria by using the most appropriate technique identified above. Some
self-assessments are carried out periodically (for example, every two years).
6.6.
6.7.
Events;
Visits to or review of information from other nuclear facilities that show potential
programme;
processes;
example, some form of guidance is used to ensure completeness and consistency) Self95
there are not enough people or resources to accomplish the self-assessment and
other work);
6.9.
Being open minded and having the ability to accept different approaches.
6.10.
6.11.
(actions not yet completed) and completed products, performance trends, lessons
learned critiques, operating experience, and regulatory or other commitments;
96
Information that may indicate that more significant problems could result if not
Feedback from external groups, such as regulatory authorities, the IAEA and
industry organizations.
6.12.
Each function within the facility should routinely conduct its own self-assessments of
6.13.
6.14.
6.15.
Ongoing discussion of potential issues should help make the issues more
its performance.
those being assessed to help ensure understanding and ownership of the results.
understandable and help provide better acceptance by those who must ultimately correct the
weaknesses identified.
6.16.
Management should verify that problems identified by the self-assessment process are
promptly entered into the corrective action programme or other tracking systems for resolution
to ensure that resolution of issues is timely and prioritized based on their impact on safety and
reliability.
6.17.
need further action, the reason for this decision should be documented and communicated to
the identifier. This should be done with care and sensitivity so as not to discourage future
problem identification.
6.18.
Management should periodically review the results of ongoing self-assessment activities with
employees to improve performance. The following are some typical communication methods:
Group meetings;
6.19.
6.20.
Other groups which can use the information to improve their performance.
Feedback on the usefulness of the results from managers whose areas were
been implemented;
evaluated;
INDEPENDENT ASSESSMENT
GS-R-3 [1] states in paras 6.3 to 6.6 that:
98
An organizational unit shall be established with the responsibility for conducting independent
assessments.13 This unit shall have sufficient authority to discharge its responsibilities.
Individuals conducting independent assessments shall not assess their own work.
Senior management shall evaluate the results of the independent assessments, shall take any
necessary actions, and shall record and communicate their decisions and the reasons for them.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
Types of independent assessment
6.21.
Peer evaluation
6.22.
individuals from one or more other organization to seek improvements and to promote good
practices. The evaluation team should consist of experts in all areas of evaluation in order to
promote the sharing of experience and to develop relationships between the peers and the
people at the facility.
6.23.
practices, a set of performance indicators, objective standards and criteria against which
performance could be evaluated. For a facility, objective standards and criteria that define
The size of the assessment unit differs from organization to organization. In some organizations, the assessment
function may even be a responsibility assigned to a single individual or to an external organization.
13
99
against the objectives and criteria, and subjective, in that it uses the collective knowledge of
the peers to identify areas for improvement and good practices.
6.25.
During the evaluation, observation of the work should be done and a judgment should
be made on the basis of the methods used and results achieved. A written report of problems
and good practices observed should be presented to management. Management should develop
an action plan to implement any improvement and ensure that information on good practices is
made known to others within the facility.
Technical review
6.26.
Senior management may arrange for a review of the technical content of activities and
6.27.
Different techniques can be used, such as inspection and testing as well as emergency
6.28.
Senior management should define in clear terms the scope of each technical review,
6.29.
Those who are asked to perform a technical review should be demonstrably qualified
what is expected, when it will be implemented and who will implement it.
An assessment of safety culture should cover the whole nuclear facility organization. It
is difficult to capture all the layers of a culture, where some aspects are not visible or may not
even be at a conscious level. It is therefore advisable to use several assessment tools to be able
to determine the current maturity of the safety culture of the facility. The assessment tools that
could be used include interviews, focus groups, questionnaires, observations and document
reviews.
6.31. The safety culture characteristics and attributes (see paragraphs 2.9-2.13) should form
the basis for the assessment. Thus, when developing interview questions, items for a
100
questionnaire or issues to discuss in focus groups, these characteristics and attributes should be
covered.
6.32. The assessment should be carried out by a designated team representing the different
levels and functions of the nuclear facility. Included in this team should also be a specialist in
human factors, in order to ensure that appropriate assessment tools are developed and applied,
as well as to carry out the analysis of results (including statistical analysis of questionnaire
results) and their interpretation. The assessment team should receive training in how to
develop the assessment tools and the steps to consider in the assessment process.
6.33.
Focus groups alone may be used to obtain a sample of the facilitys safety culture. The
focus group should discuss the comparison between the safety culture characteristics and
attributes with current practices to identify strengths and areas for improvement. The focus
groups should consist of cross-functional representatives and/or representatives within an
organizational unit. There should, however, be enough focus groups to obtain a realistic
assessment of the whole facility.
6.34.
The assessment team should summarize results and identify areas for improvement
and may suggest actions to be taken. These results should be reported to an appropriate
management level that is responsible for the implementation of improvement actions. A
follow-up assessment should be performed taking into account the time needed for
improvement actions to have had a more profound effect on the safety culture.
MANAGEMENT SYSTEM REVIEW
GS-R-3 [1] states in paras 6.7 to 6.10 that:
Results delivered and objectives achieved by the organization and its processes;
Weaknesses and obstacles shall be identified, evaluated and remedied in a timely manner.
The review shall identify whether there is a need to make changes to or improvements in
policies, goals, strategies, plans, objectives and processes.
The generic guidance that has been developed to provide a means of implementing this
requirement is contained in Ref. [2]; there is no supplementary guidance.
The causes of non-conformances shall be determined and remedial actions shall be taken to
Products and processes that do not conform to the specified requirements shall be identified,
Accepted;
The status and effectiveness of all corrective and preventive actions shall be monitored and
reported to management at an appropriate level in the organization.
102
Potential non-conformances that could detract from the organizations performance shall be
identified. This shall be done: by using feedback from other organizations, both internal and
external; through the use of technical advances and research; through the sharing of
knowledge and experience; and through the use of techniques that identify best practices.
Non-conformance control
The generic guidance that has been developed to provide a means of implementing the
requirement for non-conformance control is contained in Ref. [2]; there is no supplementary
guidance.
Corrective actions
The following guidance has been developed to provide a means of implementing the
requirement for corrective action in nuclear facilities. It is supplementary to, and should be
read in conjunction with, the generic guidance contained in Ref. [2].
6.35.
The corrective action process is an important way of improving safety, reliability, and
6.36.
Some nuclear facilities use a single, formal facility-wide corrective action system to
track, select, evaluate, trend, and resolve all issues; other organizations report and track issues
using a variety of tracking systems. These other types of tracking systems are typically
managed at the departmental level and are separate from the facility corrective action process.
Such tracking systems are periodically reviewed to make sure important problems that should
be in the facility corrective action system are not being reported at an inappropriate level.
Ongoing management monitoring helps ensure these tracking systems are used as intended
and do not reduce the effectiveness of the corrective action process.
6.38.
Problems reported in the corrective action programme should be reviewed promptly for
their effect on safety, reliability, operability, and to determine if they have met the threshold
103
for reporting to any regulatory authorities. It is often beneficial to have a defined, consistent
review process that is monitored to ensure consistent results. The possible existence of generic
problems should be considered during the problem review.
6.39.
The corrective action system should formally define what is a significant problem and, if
recurrence is unacceptable, where root cause evaluation techniques should be applied.
6.40.
immediate (or apparent) cause and may not address the root cause. For very simple problems,
the cause may be obvious and more detailed analysis to determine corrective actions is not
necessary. For problems of lower significance, corrective actions may correct the immediate
problem but may not prevent recurrence. If similar problems occur, trending can identify
common problems and trend analysis can identify the root (or common) causes.
6.41.
to review significant problems using a well defined method to identify root causes,
contributing causes, and corrective actions to prevent recurrence. Any root cause evaluation
should include a review that is broad enough to help ensure that corrective actions prevent
recurrence not only where the problem occurred, but also in other places where it could occur.
6.42.
Contributing causes may not only be errors made by individual employees, but may
6.43.
Employees who identify problems should receive prompt feedback about corrective
actions. Informing employees of corrective actions taken or planned helps motivate workers to
continue using the corrective action process. Feedback may be direct or through easy access to
and equipment. Trend coding can be used to assist trend analysis provided it is applied
consistently and with the caution that the number of trend codes is limited.
104
6.45.
Consistently trending problems of a given type (such as procedure errors) within the
6.46.
entire facility may help identify weaknesses that exist in more than one part of the facility.
should include the consideration of any outstanding or unresolved issues, and agreed
corrective actions. This should ensure that priorities are appropriate and underlying issues with
common causes are being addressed.
This page intentionally left blank.
Preventive actions
The following guidance has been developed to provide a means of implementing the
requirement for preventive action in nuclear facilities. It is supplementary to, and should be
read in conjunction with, the generic guidance contained in Ref. [2].
6.47.
conformance reports, audit reports, maintenance reports, operating logs, significant event
registers and plant safety reviews. This analysis should seek out trends in order to identify
problem areas requiring root cause analysis, to confirm that appropriate actions have been
taken to prevent repetition of the non-conformances and to enhance safety and performance.
6.48.
should be assessed in order that suitable preventive measures can be developed and
implemented.
6.49.
Implementation of preventive actions may proceed in stages. In such cases each stage
should be clearly defined and should specify the means of verification that assures that the
actions have been effective. Prior to implementation, all proposed actions should have been
agreed, documented and authorized.
Event Reporting
105
6.50.
The criteria for selection of significant events and equipment problems to be reported
to the utility, regulatory bodies and other national and international bodies should be
established.
6.51.
Significant events and equipment problems meeting these criteria or of generic interest
Opportunities for the improvement of the management system shall be identified and actions
to improve the processes shall be selected, planned and recorded.
Improvement plans shall include plans for the provision of adequate resources. Actions for
improvement shall be monitored through to their completion and the effectiveness of the
improvement shall be checked.
The following guidance has been developed to provide a means of implementing this
requirement for nuclear facilities. It is supplementary to, and should be read in conjunction
with, the generic guidance contained in Ref. [2].
6.52.
6.53.
performance and efficiency benefits such as cost reductions and improved cycle times.
should be established:
Long term commitment and engagement from senior management throughout the
All individuals of the facility using the processes are actively encouraged and
The facility should have implemented a process management approach such as that
The facility should identify the systems and processes that are working well in
entire facility;
order to maintain and extend the good practices and to reinforce correct behaviour;
106
6.54.
The processes should be aligned with the objectives of the facility through the
A structured approach for continual improvement should be used that focuses on the
way a facility can improve its processes. It is recognized that there are many different
approaches and methods available in the market place to improve processes.
6.55.
safety. All changes to the plant, the facility and its processes are properly evaluated for impact
on safety, and that implementation is controlled effectively with additional safety measures if
necessary during the period of change.
6.56.
Figure 3 depicts the continual improvement cycle of the management system showing
how it relates to the aspects of measurement, assessment and improvement as well as other
aspects of the management system.
107
MANAGEMENT
DECIDE WHICH
OPTIONS TO
IMPLEMENT
In order to make their
decision management
must have a clear
understanding of
priorities, cost/benefits,
resources, and their
impact on goals,
strategies, plans and
objectives
ESTABLISH
GOALS,
STRATEGIES
PLANS &
OBJECTIVES
IMPLEMENT
IMPROVEMENT
CONDUCT:
INDEPENDENT
ASSESSMENT
SELF
ASSESSMENT
NONCONFORMANCE,
CORRECTIVE/
PREVENTIVE
ACTION
MONITORING &
MEASUREMENT
OF THE
PROCESSES
MANAGEMENT
SYSTEM REVIEW
IMPROVEMENT
OPTIONS
No
SUGGESTED
IMPROVEMENTS
FROM OTHER
SOURCES
The shaded boxes depict requirements of the management system. The start box is the
establish goals, strategies plans and objectives box.
108
Step 1
Plant
Class
No
Yes
No
No
Step 4
Assign
Grade
Alpha or
numeric
Step 3 Consider
Other Factors
Yes
Yes
No
Yes
No
Yes
No
NOTE: The organization should quantify and define the terms (major, minor, low etc.) used
in step 2 of their grading methodology based on the risks and hazards and the magnitude of
the potential impact (risks) associated with the safety, health, environmental, security,
quality and economic elements of each product or activity
109
II.1.
The purpose of this appendix is to provide supplementary guidance to the main body of
this publication that is specific to this stage in the lifetime of the nuclear facility. For the
research and development stage the facility should develop and implement a management
system that:
II.2.
Takes into account the guidance contained within the main body of this
publication;
provides assurance that safety requirements are adequately addressed. This should be
be solved, or the performance of an item to be improved, and there may be many possible
solutions and technologies that could be used.
II.4.
R&D organizations should consider applying the guidance given in Appendices III to
For success in the R&D activities, the involved managers at all levels:
The guidance provided in this appendix for the R&D stage could also be used for any R&D activities carried
out during any of the later nuclear facility lifecycle stages.
14
110
II.6.
Should demand good work practices as the only acceptable way of performing and
Should ensure that intellectual property rights are preserved and protected.
supporting R&D;
authorities and interfaces are clearly defined and understood, particularly between the
functions of: (1) managing the resources necessary to support research work; (2) performing
the research; and (3) carrying out assessments over the course of the R&D project. These
relationships can be complex because some researchers may also have individual functions
that are carried out at different times. In every case, however, the functions of performing the
research and carrying out assessment should be organized so that they are clearly independent.
II.7.
II.8.
important to safety by developing a plan for each R&D project (R&D plan).
sharing an interest in the R&D project. In these cases, agreed methods of collaboration should
be adopted.
II.9.
developing an R&D plan and for performing and/or supervising the work defined in the plan.
The principal investigator/researcher may subsequently assign some or all of the work to other
II.10. The management of the organization responsible for the R&D activities should ensure
that the roles, responsibilities and authorities for reviewing and approving R&D plans are
defined. Reviewers should consider, for example, the technical direction of the work, user
requirements, assumptions, resources and schedule implications.
II.11. Senior management of the organization responsible for the R&D activities should
review the possible alternatives and document its decisions, justifying its choice of a specific
111
ensure that the work results have been properly validated, the safety implications assessed, and
approval obtained, if appropriate, from the regulatory body
II.13. Interfaces should be described in the R&D plan and arrangements between the
organizations performing work should be agreed to. For example, the following interfaces
should be addressed:
Interfaces between internal and external organizations during the R&D activities;
Interfaces at the end of the R&D activities, such as those related to the use and
application of the results.
GRADING
II.14. When developing the structured approach to the grading of the management system
requirements, the following could be considered:
The amount and nature of the materials to be used and the degree to which the
The scale and technical complexity of the activity and the facilities to be used;
work poses risks or hazards to individuals, the public and the environment;
involved;
112
The impact that missed milestones or delayed milestones will have on the
schedule, the ease or difficulty of schedule recovery, the loss of key individuals
and delays in recruiting new individuals and in receiving critical equipment or
making it functional;
The extent to which other work depends on the results of the R&D activities;
RECORDS
II.15. Management of the R&D activities should establish requirements for ensuring that all
appropriate aspects of R&D activities are adequately documented and recorded. This includes
work from the initial conception and design of the R&D plan through to the conduct and
analysis of the research results.
II.16. Laboratory and work notebooks and other recording methods should be used.
II.17. Entries in laboratory notebooks should be traceable to the work performed and
developed to an adequate level of detail, and should be legible, complete and correct.
II.18. All appropriate laboratory notebooks, other records and the data from the R&D
II.19. Training should be provided commensurate with the hazards associated with the work
being performed and with its nuclear safety importance. The principal investigator/researcher
performing or assessing R&D activities for a nuclear facility should have a basic knowledge of
nuclear safety.
PROCESS IMPLEMENTATION
II.20. Processes to be implemented during research will be dependent on the type and nature
of the research activity. The following guidance should be used as a appropriate
113
extent of the R&D activities to be performed and possible results, hypotheses and calculated
predictions. The detail contained in the plan should be only as complex as the R&D project
demands and should ensure that a qualified peer can replicate the work.
II.22. The R&D plan should incorporate user requirements and expectations, and should
reference applicable technical standards. It should also describe or refer to the environment,
safety, health and regulatory requirements that apply, how they will be handled, and how
funding and other resources will be made available for clean-up at the end of the project. The
plan should include the expected or intended influence of the results on nuclear safety.
II.23. The R&D plan should describe the purpose of the work. It should also identify criteria
that can be used to assess success or failure of the work and to indicate when it is completed.
Hold points at which management (and/or peers) can review and consider these criteria should
be included.
II.24. The R&D plan should provide a brief historical overview of the work. This should
include references to publications that describe previous experiments, theories, feedback from
the users of the products of previous R&D activities or technological developments that have
led to the work described in the R&D plan.
II.25. The R&D plan should contain a description of the basic conditions and of the relevant
II.26. The R&D plan should describe how support and technical individuals having the
necessary education, experience and skills would be assigned to perform the work.
II.27. The principal investigator/researcher should ensure that the R&D plan is reviewed and
approved. The R&D plan should describe dependencies or relationships with other projects or
114
areas of R&D. If similar work is to be performed elsewhere, this should be stated together
with a brief explanation of how the work could be coordinated.
II.28. The R&D plan should identify the proposed duration (term) of the work and how
resources will be planned and allocated. Considerations are, for example, individuals, graduate
students, post-doctoral fellows, budgets and equipment.
II.29. The R&D plan should describe milestones and deliverables for the work, including, for
example, the construction of items, scheduled evaluations and assessments, the development
of technological processes or products, and the presentation of interim and final research
results.
II.30. The R&D plan should describe the facility and equipment requirements for carrying
out the work and should include:
An explanation of how the facilities will be used, the required location and gross
A statement of whether outdoor work is required and, if so, its location and
floor area, and a brief description of the probable impact on the facilitys services;
needed in order to perform the work;
environmental impact;
and details of new equipment and materials that will have to be procured;
II.31. Sound engineering and scientific practices should be applied to the design and
construction of the equipment/apparatus described in the R&D plan. The design and
configuration of the equipment/apparatus should be documented. For further guidance on
design see Ref. [2] and Ref. [19].
II.32. Sound engineering and scientific practices should be applied to the design and
application of supporting computer software. The design assumptions, range of applicability
115
and users instructions should be documented. Performance criteria for software validation
should be defined to ensure that the R&D goals are achieved.
CONDUCTING RESEARCH AND DEVELOPMENT
II.33. All work performed as a part of the R&D plan should follow sound engineering and
scientific principles in order to ensure that goals are achieved.
II.35. The items associated with the R&D plan should be properly stored and shelf-life
limitations should be observed.
II.36. During the commissioning of equipment, apparatus or prototypes, the calibration and
performance requirements of testing, measurement and diagnostic equipment and apparatus
should be defined to a level of detail that ensures that the R&D goals are achieved. Calibration
and performance requirements for testing, measurement and diagnostic equipment and
apparatus should be maintained throughout the data gathering activities.
II.37. In the operation stage and data gathering stage, the principal investigators/researchers
should ensure that the systems and subsystems of the experimental equipment and apparatus
are functioning as intended. This includes, for example:
operating properly, for example checking power supplies and devices that use
gases and fluids, and are correctly calibrated;
Ensuring that the proper materials and chemicals are being used;
Ensuring that the data that will enable the researcher to achieve the research
objectives are being recorded.
116
II.38. Individuals performing the R&D and support work should evaluate their own
performance and should look for ways to improve the quality of their work.
DATA ANALYSIS AND REPORTING
II.39. When analysing data for acceptability, researchers should define:
The results obtained and how the results have been used, so that competent experts
Whether the R&D results have been documented adequately and can be validated.
A description of the apparatus and the operations and data gathering activities;
technological developments;
gathering activities;
II.41. Management of the R&D activities should review and approve the final research
report.
II.42. Deviations from expectations prescribed in the R&D plan should be recorded and
analysed to determine if they are true non-conformances, or if they are improvements, which
actually benefit the R&D project. For further guidance on non-conformance control and
corrective actions see Ref. [2].
117
III.1.
The purpose of this appendix is to provide supplementary guidance to the main body of
this document that is specific to this stage in the lifetime of the nuclear facility. For the siting
stage, the facility should develop and implement a management system that:
Takes into account the guidance contained within the main body of this
Takes into account the relevant activities described in the series of IAEA safety
publication;
guides when developing the processes and organizational structure Ref. [18].
These safety guides extensively describe the activities that need to be described in
the management system processes during the siting stage.
III.2.
When developing the structured approach to the grading of the management system
The intended end use of the knowledge and data that result from siting activities,
The scale and technical complexity of the siting activity, whether it is a new or
The extent to which other siting work, or later work, depends on the results of the
siting activities;
118
IV.1. The purpose of this appendix is to provide supplementary guidance to the main body of
this document that is specific to this stage in the lifetime of the nuclear facility. For the design
stage the facility should develop and implement a management system that:
Takes into account the guidance contained within the main body of this
Takes into account the relevant activities described in the series of IAEA safety
publication;
guides Ref. [20] when developing the processes and organizational structure.
These safety guides extensively describe the activities that need to be described in
the management system processes during the design stage.
IV.2. When developing the structured approach to the grading of the management system
requirements, the following could be considered:
119
V.1.
The purpose of this appendix is to provide supplementary guidance to the main body of
this document that is specific to this stage in the lifetime of the nuclear facility. For the
construction stage the facility should develop and implement a management system that:
V.2.
Takes into account the guidance contained within the main body of this
publication;
The facility should develop and implement a management system that describes the
overall arrangements for the management, performance and assessment of the nuclear facility
during construction.
V.3.
V.4.
The appointed individual should have the necessary resources within the construction
activities.15
Ensuring that construction and facility work is carried out in accordance with
programmes of work;
V.5.
15
120
suppliers and other organizational units performing the work. They should be defined in
writing and should be included in procurement documents. Interfaces that should be addressed
are, for example:
Construction organization with the owner (if the construction organization is not
organized at the level of the organization rather than the individual, even though
GRADING
V.6.
When developing the structured approach to the grading of the management system
Level of traceability;
Purchasing.
121
PROCESS IMPLEMENTATION
V.7.
The processes for the construction stage should be identified by examination of the
specifications for structure, system and component design, procurement documents and
drawings, and construction work plans and schedules.
V.8.
This examination should ensure that all activities necessary for site fabrication,
installation, and inspection and testing have been identified, and that they can be accomplished
as specified.
V.9.
V.10. The principal activities of the individuals in the construction organization should
include as a minimum:
allocated areas and are provided, where appropriate, with the necessary site
services, information and instructions regarding the applicable industrial safety
requirements;
issue to both the individuals of the construction organization and the supplier, and
establishing that the suppliers site industrial safety arrangements recognize the
applicable documents;
Monitoring the industrial safety policies and activities of all individuals on the
construction site in order to ensure compliance with statutory and regulatory
requirements;
122
implemented and that facility checks are appropriate and in accordance with
inspection and test plans and associated surveillance schedules;
Carrying out inaugural inspection for the system or components which will be later
Arranging the controlled handover of completed work from one supplier to another
documents.
the handover of completed works from one supplier to another and to those responsible for
commissioning of the nuclear facility in order to maintain the integrity of the completed
works. These provisions should include the following steps:
(1)
commissioning organization for components, systems, structures and their related records
should be planned and implemented.
(2)
When the construction and commissioning organizations are satisfied that the transfer
can be accomplished, a joint check should be carried out of the transferred items and the
associated documents. Both parties should sign formally to indicate transfer of responsibilities.
123
V.13. Whereas the construction organization should retain responsibility for coordinating and
planning the overall construction of the nuclear facility, suppliers should be responsible for
producing detailed plans of the work that they will be carrying out and for obtaining the
construction organizations approval of these plans where necessary.
V.14. Planning should take into account requirements for site fabrication, installation,
inspection and testing of structures, systems and components important to safety, such as:
The need for the identification, preparation and control of procedures and work
instructions;
The need for records to be validated at the end of construction that will be
transferred to the commissioning or operation organization to be maintained for
the lifetime of the facility.
START UP MEETING
V.15. Following the award of a construction or facility contract, a start up meeting should be
convened between the supplier and the construction organization to establish that the supplier
is fully aware of the construction organizations requirements on, for example:
Interface arrangements;
Methods of communication;
124
Housekeeping;
Site security;
Site training;
activities)
Control of sub-suppliers.
The meeting should also finalize the arrangements for satisfying these requirements.
CONTROL OF DESIGN INFORMATION
V.16. Lines of communication and arrangements for the issue of design information among
V.17. A process should be established to address queries from the supplier with respect to the
design information issued. Where the query may have an impact on nuclear safety during
operation, it should be addressed to the principal designer for a response.
V.18. Field changes that may arise during the construction activities and have impact on the
design information (for example drawings, specifications, instructions) should be reviewed,
actioned, approved and validated by the owners representatives and/or designer. Original
design documentation should be updated for design corrections or clarifications. A completed
set of as constructed drawings, which includes accepted deviations from the baseline design,
should be provided at the end of the construction phase. This set of drawings should be part of
the handover package.
125
includes controls necessary to protect sensitive mechanical, electrical and control equipment
against internal and external contamination from dirt, dust and foreign material. Particular
attention should be paid to exclude foreign material from piping systems by control of
openings during installation.
V.20. Flushing of piping systems should be conducted to confirm that system cleanliness
meets the cleanliness requirement before a system is placed in service.
V.21. When procuring items for the facility, cleanliness requirements should form part of the
procurement documentation so that these items arrive on the site at an acceptable standard.
V.22. To preserve the requisite quality of the items being constructed or installed, measures
for performing housekeeping, cleaning and preservation should be established. These should
include:
Methods and techniques for control of the site area, individual structures and
systems, the facilities, and the material and equipment being incorporated into the
nuclear facility;
their abuse, misuse, damage, deterioration or loss of identification. Where possible, items
arriving at the construction site should be visually inspected before unloading to verify that
there is no damage.
V.24. After receiving items, inspection should be carried out to ensure that the applicable
specifications are fulfilled, such as that:
Inert gas blankets and the condition of desiccants, where relevant, have not been
compromised;
STORAGE
V.25. Storage should be provided as specified to segregate and protect items prior to their
facility and use. The methods and conditions of storage to prevent corrosion, contamination,
deterioration and physical damage should be specified.
V.26. Storage areas should be established and controlled, taking account of aspects such as:
Access;
Preventive maintenance;
Security;
Safety grades.
127
V.27. Inspections should be performed as necessary to ensure that the specified conditions
are maintained and any non-conformances are handled. These inspections may need to
continue during the commissioning and operation stages. Handover arrangements should be
established.
HANDLING
V.28. All items should be properly handled, with account taken of aspects such as:
Weight;
Size;
Surface finish;
Orientation;
Preservation of coatings;
V.29. The use of items such as special cartons, containers, protective devices, hoists,
manipulators and transport vehicles should be considered where handling operations are of a
nature likely to cause damage. Operators and handlers of all such items should be competent.
Equipment for handling items should be used and maintained in accordance with State
regulations and standards.
V.30. Items that the construction organization have procured for issue to the contractor
should be stored and maintained in such a way as to ensure that there is no deterioration of the
item and that it can fulfil its design function. Where appropriate, records for the item should be
transferred from the contractor in the handover package.
VERIFICATION OF CONSTRUCTION WORK
128
V.31. The construction organization should establish verification methods and schedules that
identify the level of inspection and verification required.
V.32. Before offering an item or service for acceptance, the supplier should verify that all
defined procurement requirements have been satisfied. Acceptance by the purchaser should
not absolve the supplier from responsibility to provide products fit for purpose nor should it
preclude subsequent rejection.
V.33. Construction activities carried out by contractors and suppliers should be performed
based on inspection and test plans, which should be submitted for approval by the facility. As
appropriate, depending upon work complexity and safety importance of the system, hold
points and witness points should be established within the inspection and test plan by the
facility in order to assess and accept the addressed activities. A plan should be prepared by the
facility in order to ensure that all design and regulatory requirements are achieved during
construction activities.
V.34. The process should include arrangements to confirm that construction and installation
activities are complete. This should be formally documented by the use of a check sheet or
similar that records the checks to be carried out to confirm that structures, systems and
components have been constructed and installed to the specified requirements.
V.35. A typical check sheet includes:
Confirmation by all parties that the check has been carried out.
129
VI.1. The purpose of this appendix is to provide supplementary guidance to the main body of
this document that is specific to this stage of the lifetime of the nuclear facility. For the
commissioning stage the facility should develop and implement a management system that:
Takes into account the guidance contained within the main body of this
Takes into account the relevant activities described in the IAEA safety guide Ref
publication;
[21] when developing the processes and organizational structure for the
commissioning stage.
V1.2. When developing the structured approach to the grading of the management system
Level of traceability;
Level of in-process controls and need for hold points or witness points;
Details of all commissioning phases, with related tests and milestones well
The compilation of the as-found test procedures with all related documentation to
the commissioning;
130
VII.1. The purpose of this appendix is to provide supplementary guidance to the main body of
this document that is specific to this stage in the lifetime of the nuclear facility. For the
operation stage the facility should develop and implement a management system that:
Takes into account the guidance contained within the main body of this
Takes into account the relevant activities described in the series of IAEA safety
publication;
guides Ref. [22] when developing the processes and organizational structure.
These safety guides extensively describe the activities that need to be described in
the management system processes during the operation stage. In particular the
guidance described in Ref. [26] should be considered.
VII.2. When developing the structured approach to the grading of the management system
requirements, the following could be considered:
Need to carry out operating experience feedback, both internal and external.
131
VIII.1. The purpose of this appendix is to provide supplementary guidance to the main body of
this document that is specific to this stage in the lifetime of the nuclear facility. For the
decommissioning stage the facility should develop and implement a management system that:
Takes into account the guidance contained within the main body of this
Takes into account the relevant activities described in the series of IAEA safety
publication;
guides Ref. [23,24,25] and the requirements publication Ref. [29] when
developing the processes and organizational structure during the decommissioning
The controls applied to dismantling the plant, removing equipment and demolition.
activities;
132
REFERENCES
[1]
[3]
[2]
[4]
[6]
[5]
[7]
[8]
TS-R-1 Regulations for the Safe Transport of Radioactive Material, 2005 Edition
[9]
[10]
Safety Requirements
plants
[11]
[13]
NS-G-1.7 Protection against internal fires and explosions in the design of nuclear
[12]
[14]
[16]
[15]
[17]
[18]
[19]
[20]
[21]
[22]
[23]
[24]
[25]
[26]
[27]
[28]
[30]
[29]
[31]
[33]
[32]
134
that there are many ways of presenting and structuring this information; the annex does not
suggest any preferred method.
The business plan sometimes carries a pictorial representation of the objectives of the facility
such as
This section of the plan is normally written by the most senior manager in the facility
and conveys their personal support and endorsement of the business plan. It also spells out the
role of all individuals to assist in the delivery of the plan. For example:
This Business Plan lays out the measurable and achievable goals for the facility that will
move us forward toward our vision of top decile performance and continue our commitment to
provide safe, reliable energy for our customers. It will help keep us focused on our goals.
We will continue to operate using our balanced focus on Safety, Operations, Cost and People
and take the best practices of our fleet peers to develop successful strategies towards
excellence.
I encourage every employee to become familiar with the strategies embodied in this business
plan and to consider your role in making our facility a top decile performer.
Key Dates
A-2.
This section identifies any key milestones or dates for the facility such as planned
outages, IAEA OSART missions and key business planning review dates.
Table of contents
135
A-3.
and
This is a standard table of contents that indexes the goals of Safety, Operations, Cost
People
and
departments/sections.
their
associated
objectives
and
targets
and
the
responsible
The business planning process provides a forum to manage priorities for the facility,
including the inclusion of new work and exclusion of lower priority activities, on an on-going
basis. As actions are completed an opportunity is afforded to include new high priority
actions.
A-5.
The business plan will be actively managed on an on-going basis taking corrective
Vision/mission/values
A-6.
This section outlines the vision/mission and values that have been developed by the
In this example of a business plan the four balanced scorecard goals of Safety,
Operations, Cost and People are used. Facilities should determine their own set of balanced
scorecard goals.
A-8.
This section outlines the sub-headings for each goal of the business plan and their
related objectives and targets. Each sub-heading has a series of specific implementing actions,
the responsible persons and due dates for the detailed actions necessary to deliver the business
plan. There could be as many as 20 actions assigned to different parts of the organization
under each sub-heading. The following list is provided as an example only. It uses the four
goals of the balanced scorecard example as the main headings:
Safety:
Industrial Safety
Radiological Safety
Nuclear Safety
136
Operations
Backlog Reduction
Material Condition
Engineering Excellence
Operational Focus
Maintenance
Configuration Management
Corrective Action/Self-Assessment
Unit 1 Stabilization
Cost
Standards
Asset Management
People
Accountability
Morale
Worker Productivity
Human Performance
Employee Development
Training
This section defines those risks that, if left uncontrolled, would have the highest
likelihood of and impact on preventing the facility from meeting its goals. Each risk is aligned
to a goal.
A-10. This section outlines the costs for the forthcoming year and their projection for future
years. It includes manpower numbers and operations and maintenance budgets. The large
137
capital expenditure projects that have been approved are also included. This section is often
distributed on a restricted basis or published separately.
Performance measures
A-11. This section defines the performance measures that have been identified based on the
goals and objectives for the organization. For each fiscal year the performance measures will
be implemented as part of on-going business plan management. Corrective actions based on
the trending of performance measure results will be identified.
138
GLOSSARY
independent assessment. Assessments such as audits or surveillances carried out to determine
the extent to which the requirements for the management system are fulfilled, to evaluate
The management system integrates all components of an organization into one coherent
system to enable the achievement of all of the organizations objectives. These elements
include the structure, resources and processes. Personnel, equipment and organizational
culture as well as the documented policies and processes are parts of the management
system. The organizations processes have to address the totality of the requirements on
the organization as established in, for example, IAEA safety standards and other
international codes and standards.
139
authorizations and thereby regulating nuclear, radiation, radioactive waste and transport
safety. The national competent authority for the regulation of radioactive material
safety culture. The assembly of characteristics and attitudes in organizations and individuals,
which establishes that, as an overriding priority, protection and safety issues receive the
attention warranted by their significance.
140
DAHLGREN-PERSSON, K.
DIAZ-FRANCISCO, J.M.
Eletronuclear, Brazil
DUA, S.S.
DURHAM, L.
FLORESCU, N.
FRANKLAND, J.
HERTL, B.
HILLE, M.
Framatome-ANP, Germany
KAWAKUBO, Y
KERHOAS, A
KOSKINEN, K.
LAVENDER, C.
MAQUA, M.
Gesellschaft
MEYERS, S.
NICHOLS, R.
PEYROUTY, P.
PIERONI, N.
REDMAN, N.
TOTH, A
VINCENT, D.
VINCZE, P.
Germany
fr
Anlagen-und
Reaktorsicherheit
mbH,
141