RISK MANAGEMENT FOR INFRASTRUCTURE



Similar documents
Core Infrastructure Risk Management Plan

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:

AFTRS Health and Safety Risk Management Policy

CORP RISK MANAGEMENT POLICY & METHODOLOGY

Pocket Guide to Clinical Risk Management

Risk Management: Coordinated activities to direct and control an organisation with regard to risk.

Title: OHS Risk Management Procedure

RISK MANAGEMENT POLICY

A Risk Management Standard

Hazard Identification, Risk Assessment and Management Procedure. Documentation Control

Risk Management Policy and Framework

POLICY. Number: Title: Enterprise Risk Management. Authorization

Managing Risk in Procurement Guideline

Hazard Identification, Risk Assessment and Control Management

An Introduction to Risk Management. For Event Holders in Western Australia. May 2014

4. Critical success factors/objectives of the activity/proposal/project being risk assessed

G8 Education Limited ABN: Risk Management Policy and Risk Management Framework

Risk Assessment Tool and Guidance (Including guidance on application)

3.0 Risk Assessment and Analysis Techniques and Tools

ERM Program. Enterprise Risk Management Guideline

Guidance for Industry: Quality Risk Management

The Lowitja Institute Risk Management Plan

Motivations. spm adolfo villafiorita - introduction to software project management

Project Risk Management

Quality and Engagement Sub Committee

Computer Security Lecture 13

identify hazards, analyze or evaluate the risk associated with that hazard, and determine appropriate ways to eliminate or control the hazard.

Edwin Lindsay Principal Consultant. Compliance Solutions (Life Sciences) Ltd, Tel: + 44 (0) elindsay@blueyonder.co.

Risk Assessment for Medical Devices. Linda Braddon, Ph.D. Bring your medical device to market faster 1

Risk Management & Assessment at UQ

6. Risk management plans for high risk activities and special events

Quality Risk Management The Pharmaceutical Experience Ann O Mahony Quality Assurance Specialist Pfizer Biotech Grange Castle

SECURITY MANAGEMENT Produce security risk assessments

Risk Assessment and Management. Allen L. Burgenson Manager, Regulatory Affairs Lonza Walkersville Inc.

Bedford Group of Drainage Boards

Risk Management. Policy

RISK MANAGEMENT POLICY. Version 3

Guidance note. Risk Assessment. Core concepts. N GN0165 Revision 4 December 2012

Risk Management Policy

How To Manage Safety Risk In Aviation

Analyzing Risks in Healthcare. February 12, 2014

Occupational safety risk management in Australian mining

Title: Rio Tinto management system

Removal of Gender Restrictions on Australian Defence Force Combat Role Employment Categories

PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT

1.20 Appendix A Generic Risk Management Process and Tasks

RiskManagement ESIEE 06/03/2012. Aloysius John March 2012

Discipline: Technical Services Category: Procedure. Risk Management RM Applicability. ARTC Network Wide. Interstate Network.

Safety Management Systems (SMS) guidance for organisations

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy

DIT HEALTH AND SAFETY OFFICE

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Business Continuity Management Policy

Version: 3.0. Effective From: 19/06/2014

Risk Management Procedure

RISK ASSESSMENT. Australian Risk Management Standard AS/NZS 4360:200 defines a risk as;

Infrastructure Risk Management Plan Template

GUIDANCE MATERIAL GUIDANCE ON THE USE OF POSITIVE PERFORMANCE INDICATORS TO IMPROVE WORKPLACE HEALTH AND SAFETY

LIABILITY RISK MANAGEMENT PROCESS

Common Safety Method for risk evaluation and assessment

Risk Management & Internal Compliance and Control System

Controlling Risks Risk Assessment

Quality Risk Management Principles and Industry Case Studies

Guidance on Risk Assessment and Control

Project Risk Analysis toolkit

Designing an Effective Risk Matrix

Healthcare risk assessment made easy

Information Security Guideline for NSW Government Part 1 Information Security Risk Management

Hazard Identification, Risk Assessment and Control Procedure

Nova Scotia EMO. Hazard Risk Vulnerability Assessment (HRVA) Model. Guidelines for Use. October, 2010

Integration of Risk Management and Internal Audit. Chartered Institute of Management Accountants, New Zealand

Guide to Developing Risk Management Plans for Sport & Active Recreation Clubs

RISK MANAGEMENT STRATEGY

A structured approach to Enterprise Risk Management (ERM) and the requirements of ISO 31000

Project Management Competency Standards

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy

HQMC 20 Aug 04 E R R A T U M. to MCO B OPERATIONAL RISK MANAGEMENT (ORM)

Management and Reporting of Undergraduate Nurse Incidents During Clinical Placement at RCH

Council Meeting Agenda 27/07/15

Risk Assessment: An introduction

Global framework. Safety, health and security for work-related international travel and assignments

A guide for members APES 325 Risk Management for Firms

SOUTHERN RURAL WATER POLICY RISK MANAGEMENT POLICY

RISK MANAGEMENT FOR COMMUNITY GROUPS. ESTABLISH THE CONTEXT The Strategic Context The Organisational Context The Risk Management Context

Safety Regulation Group SAFETY MANAGEMENT SYSTEMS GUIDANCE TO ORGANISATIONS. April

Business Continuity Plan

Business Continuity Business Impact Analysis arrangements

POLICY : CORPORATE RISK MANAGEMENT

Project Risk Management. Presented by Stephen Smith

Civil Air Patrol BASIC LEVEL OPERATIONAL RISK MANAGEMENT

Power plant safety: a wise business move

Risk Management - Enterprise-Wide Risk Management Policy and Framework NSW Health

Clinical Risk Management: Agile Development Implementation Guidance

RISK MANAGEMENT STRATEGY

QUALITY RISK MANAGEMENT (QRM): A REVIEW

Appendix V Risk Management Plan Template

Capital Adequacy: Advanced Measurement Approaches to Operational Risk

WHS Risk Assessment and Control Form

Network Risk Assessment Guideline

Transcription:

RISK MANAGEMENT FOR INFRASTRUCTURE CONTENTS 1.0 PURPOSE & SCOPE 2.0 DEFINITIONS 3.0 FLOWCHART 4.0 PROCEDURAL TEXT 5.0 REFERENCES 6.0 ATTACHMENTS This document is the property of Thiess Infraco and all rights are reserved in respect of it. This document may not be reproduced or disclosed in any manner whatsoever, in whole or in part, without the prior written consent of Thiess Infraco. Thiess Infraco expressly disclaims any responsibility for or liability arising from the use of this document by any third party. Revision Status Issue/ Rev. Date Revision Description By Checked Checked Approved A1 June 2001 Original Issue JG PD RB PS Thiess Infraco Page 1 of 15 TIC-ASM-CON-PP12/A1

1.0 PURPOSE AND SCOPE The purpose of this procedure is to detail the process for Risk Management associated with infrastructure. This procedure shall be read in conjunction with TIC-ASM-CON-PP13 Material Change to Infrastructure Asset Management and shall apply to all infrastructure asset systems. This procedure is based on AS/NZS 4360: 1999 Risk Management 2.0 DEFINITIONS Consequence. The outcome of an event expressed qualitatively or quantitatively, being a loss, injury, disadvcantage or gain. There may be a range of possible outcomes associated with an event. Cost is the cost of activities, both direct and indirect, involving any negative impact, including money, time, labour, disruption, goodwill, political and intangible losses. Event. An incident or situation, which occurs in a particular place during a particular interval of time. Failure Mode and Effects Analysis (FMEA). A procedure by which potential failure modes in a technical system are analysed. Can be extended to perform a failure modes effects and criticality analysis (FMECA). Each failure mode identified is ranked according to the combined influence of its likelihood of occurrence and the severity of its consequences. Frequency Measure of the rate of occurrence of an event expressed as the number of occurances of an event in a given time. Hazard. A source of potential harm or a situation with a potential to cause loss. Likelihood. Term used as a qualitative description of propability or frequency. Loss. Is any negative consequence, financial or otherwise. Monitor. Is to check, supervise, observe critically, or record the progress of an activity, action or system on a regular basis in order to identify change. Probability. Is the likelihood of a specific event or outcome, measured by the ratio of specific events events or outcomes to the total number of possible events or outcomes. Probability is expressed as a number between 0 and 1, with 0 indication an impossible event or outcome and 1 indication an event or outcome is certain. Risk. The chance of something happening that will have an impact upon objectives. It is measured in terms of consequence and likelihood. Risk Analysis. A systematic use of available information to determine how often specified events may occur and the magnitude of their consequences. Risk Assessment. The overall process of risk analysis and risk evaluation. Risk Control. That part of risk management which involves the implementation of policies, standards, procedures and physical changes to eliminate or minimize adverse Thiess Infraco Page 2 of 15 TIC-ASM-CON-PP12/A1

risk. Risk Evaluation. The process used to determine risk management priorities by comparing the level of risk against predetermined standards, target risk levels or other criteria. Risk Identification. The process of determining what can happen, why and how. Risk Management Process. The systematic application of management policies, procedures and pracrices to the task of establishing the context, identifying, analysing, evaluating, treating, monitoring and communicating risk. Sensitivity Analysis. Process for examining how the results of a calculation or model vary as individual assumptions are changed. Stakeholders. Those people and organizations who may affect, or be affected by, or perceive themselves to be affected by, a decision or activity. Thiess Infraco Page 3 of 15 TIC-ASM-CON-PP12/A1

8 Communicate & Consult RISK MANAGEMENT FOR INFRASTRUCTURE 3.0 FLOWCHART TIC-ASM-CON-PP12 1 Establish the Context - Stategic context - Organisational context - Risk management context - Develop risk evaluation criteria - Decide the structure 2 Identify the Risks - What can happen? - How can it happen 3 Analyse Risks Determine existing controls: - Determine likelihood - Determine consequences to estimate level of risk 7 Monitor & Review 4 Evaluate Risks - Compare against criteria - Set risk priorities 5 Accept risk Yes No 6 Treat Risks - Identify treatment options - Evaluate treatment options - Select treatment options - Prepare treatment plans - Implement plans Figure 1: Risk Management Process Thiess Infraco Page 4 of 15 TIC-ASM-CON-PP12/A1

1 Evaluated and ranked risk 2 Risk acceptable Yes 3 Accept No Identify Treatment options 5 Reduce likelihood 6 Reduce consequences 7 Transfer in full or in part 8 Avoid 9 Consider feasibility costs and benefits Communicate and consult Assess treatment options 10 Recommend treatment strategies 11 Select treatment strategy 4 Monitor and review Prepare treatment plans 12 Prepare trearment plans Implement treatment plans 13 Reduce likelihood 14 Reduce consequences 15 Transfer in full or in part 16 Avoid 17 Risk acceptable Yes 18 Retain No Figure 2: Risk Treatment Process Thiess Infraco Page 5 of 15 TIC-ASM-CON-PP12/A1

4.0 PROCEDURAL TEXT The Risk Management process in this procedure follows the basic steps detailed in the reference standard AS/NZS 4360: 1999. TIC-OHS-RSK-PP01 Risk Management details the processes for the management of risk at the working level for day to day activities. This procedure is for more formal documentation of risk involving proposed changes to infrastructure to meet the requirements of notification of material changes to the Department of Infrastructure. 4.1 Responsibilities Project managers, Manager Engineering, Manager Asset Management are responsible for ensuring a risk management study is undertaken to identify any impact on risk resulting from material changes to infrastructure. Line managers are responsible for risk management in the work place in accordance with TIC-OHS-RSK-PP01. 4.2 Process Overview The process involves the following steps: Establishing the context; Identification of risks; Assessing the risks; - Analysing Risks - Evaluating Risks Treating Risks; Monitoring and reviewing Risks; and Communicating and consulting with stakeholders. The following paragraphs para-phrase the reference standard. 4.2 Establishing the Context Establishing the context involves the following: Establishing the strategic context; Establishing the organisational context; Establish the risk management context; Develop risk evaluation criteria; and Define the structure. 4.2.1 Establishing Strategic Context This step is focused on the environment in which the Thiess Infraco operates. The context includes financial, operational, competitive, political (public perceptions/image), social, client, cultural, and legal aspects. At this level and for broader studies it is appropriate to consider risks such as Health and safety (public and staff); Business interruption; Thiess Infraco Page 6 of 15 TIC-ASM-CON-PP12/A1

Public image/reputation; Equipment/asset damage Environmental damage Internal and external stakeholders are identified along with areas of potential impact. Communication policies with these parties need to be established. 4.2.2 Establish Organizational Context It is necessary to understand organizational capabilities, goals and objectives and the strategies in place to achieve them. Risk management takes place in the context of the wider goals, objectives and strategies. Failure to achieve objectives, or the specific activity, or the project being considered is one of the risks that need to be managed. Policy and goals help define the criteria by which it is decided whether a risk is acceptable or not, and form the basis of options for treatment. 4.2.3 Establish the Risk Management Context This step involves establishing goals, objectives, strategies, scope and parameters of the activity to which the risk management process is to be applied. Setting the scope and boundaries for the application of the risk management process involves: Defining the project or activity and establishing its goals and objectives; Defining the extent of the project in time and location; Identifying any studies needed; their scope, objectives, resources required, generic sources of risk, and areas of impact. Defining the extent and comprehensiveness of the risk management activities to be carried out. Factors to consider are: - Roles and responsibilities of various parts of the organisation(s) participating in managing the risk, - Relationships between the project or activity and other projects or activities being undertaken. 4.2.4 Develop Risk Evaluation Criteria Decide the criteria that risk is to be evaluated against. Decisions concerning risk acceptability and risk treatment will usually be based on operational, technical, financial, legal, or social (Public Relations or Environmental) criteria. The risk criteria must correspond to the type of risks and the way in which risk levels are expressed. Thiess Infraco Page 7 of 15 TIC-ASM-CON-PP12/A1

4.2.5 Define the Structure This step involves separating the activity or project into a set of elements. These elements provide a logical framework for identification and analysis, which helps ensure significant risks, are not overlooked. The structure chosen depends on the nature of the risks and the scope of the project or activity. For a material change that involves a change to infrastructure: The process of change (ie construction and commissioning) may be considered as one part of the exercise and the effect of the change considered as a separate study. The principle risks are considered to be: - Collision (PR1) - Injury to the public (PR2) - Injury to staff (PR3) - Derailment (PR4) - Infrastructure failure (PR5) - Rolling Stock failure (PR6) Other examples of Risk Types used in previous changes are: - Effect on public and employees - On time running - Equipment and asset damage - Legal liability - Equipment and asset damage - Public relations - Effect on the environment - Effect on user comfort 4.3 Risk Identification This step seeks to identify the risks to be managed. It should include all risks whether or not they are under control of Thiess Infraco. This step involves determining: What can happen How and why it can happen Tools and techniques to be used 4.3.1 What can Happen The aim is to generate a comprehensive list of events, which might affect each element of the structure in paragraph 4.2.5 above. These are considered in more detail to identify what can happen. Thiess Infraco Page 8 of 15 TIC-ASM-CON-PP12/A1

4.3.2 How and why it can happen Having identified a list of events, it is necessary to consider possible causes and scenarios. There are many ways an event can be initiated. It is important that no significant causes are omitted. 4.3.3 Tools and Techniques to be Used Checklists, judgements based on experience and records, flow charts, brain storming, systems analysis, scenario analysis and systems engineering techniques are the approaches used to identify risks. 4.4 Risk Analysis This step involves consideration of the sources of risk (events and hazards), their consequences and likelihood in the context of existing control measures. The objective is to separate the minor acceptable risks from the major risks, and to provide data to assist in the evaluation and treatment of risks. Excluded risks are to be listed, where possible to demonstrate the completeness of the risk analysis. 4.4.1 Determine Existing Controls It is necessary to identify existing management, technical systems and procedures to control risk and assess their strengths and weaknesses. 4.4.2 Consequences and Likelihood The consequences of an event and the likelihood of it occurring are assessed in the context of existing controls. Consequences and likelihood are combined to produce a level of risk. They may be determined by using statistical analysis or calculations, or where no data is available, by subjective estimates. Possible sources of information are: Past records Relevant experience Industry practice and experience Relevant published literature Experiments and prototypes Engineering models Specialist and expert judgements Techniques include: Structured interviews with experts in areas of interest Use of multi-disciplinary groups of experts Individual evaluation using questionnaires Use of computer and other modelling Use of fault trees and event trees FMECA (failure modes, effect and criticallity analysis). Thiess Infraco Page 9 of 15 TIC-ASM-CON-PP12/A1

4.4.3 Types of Analysis The types of analysis are: Qualitative analysis Semi-quantitative analysis Quantitative analysis Quantitative analysis is usually undertaken to provide a general indication of the level of risk initially. Where appropriate this is followed by a more specific quantitative analysis. 4.4.4 Qualitative Analysis Uses word form or descriptive scales to describe the magnitude of potential consequences and the likelihood that those consequences will occur. The scale s are adapted or adjusted to suit the circumstances. Table 1 shows Qualitative Measures of Consequence. Table 1 shows Qualitative Measures of Likelihood. Table 3 shows a Qualitative Risk Analysis Matrix Level of Risk. Table 4 shows examples of consequences and qualitative measures that were used for a risk analysis for a speed increase. Level Descriptor Example detail description 1 Insignificant No injuries, low financial loss 2 Minor First aid treatment, dealt with internally, medium financial loss 3 Moderate Medical treatment required, external assistance required, high financial loss 4 Major Extensive injuries, loss of operational capabilities, major financial loss 5 Catastrophic Death(s), business seriously threatened Table 1: Qualitative Measures of Consequence Level Descriptor Example detail description A Almost certain Is expected to occur in most circumstances B Likely Will probably occur in most circumstances C Possible Might occur at some time D Unlikely Could occur at some time E Rare May occur only in exceptional circumstances Table 2: Qualitative Measures of Likelihood Thiess Infraco Page 10 of 15 TIC-ASM-CON-PP12/A1

Likelihood Insignificant 1 Minor 2 Consequences Moderate 3 Major 4 Catastrophic 5 A (Almost certain) H H E E E B (Likely) M H H E E C (Possible) L M H E E D (Unlikely) L L M H E E (Rare) L L M H H Table 3: Qualitative Risk Analysis Matrix Risk Criteria E: Extreme risk; immediate action required to reduce risk. H: High risk; senior management attention needed. M: Moderate risk; management responsibility must be specified. L: Low risk; Risk generally acceptable, manage further by routine procedures Effect on Public and Employees 1. Fatalities and permanent disability 2. Serious lost time injury or illness 3. Moderate lost time injury or illness 4. Minor lost time injury or illness 5. No lost time On Time Running (OTR) 1. Major cancellation (more than one line) 2. Cancellation (one line) 3. Transposition s 4. Delays > 3 minutes 5. Delays < 3 minutes Legal Liability Equipment And asset Damage($) Public Relations 1. >$500K 1. >$500K 1. Loss of accreditation 2. $100K - $500K loss 3. $50K - $100K loss 4. 5K - $50K loss 5. Less than $5K loss 2. $100K - $500K loss 3. $50K - $100K loss 4. 5K - $50K loss 5. Less than $5K loss 2. Major negative media coverage Effect on environment 1.>$500K 2. $100K - $500K loss remediation costs Local actions 3. 3. $50K - $100K loss remediation costs Customer complaints (phone calls, letters) 5. on site complaints 4. 5K - $50K loss remediation costs 5. Less than $5K loss remediation costs Effect on user comfort 1. Extremely rough ride 2. Very rough ride 3. Rough ride 3. Noticeably rough ride 5. No discomfort in ride Table 4 Examples of Consequences with Quantitative Measures 4.4.5 Semi-quantitative Analysis For a semi-quantitative analysis, qualitative scales (extreme, high, moderate, and low) are given values. The objective is to produce a more detailed prioritization than is usually Thiess Infraco Page 11 of 15 TIC-ASM-CON-PP12/A1

achieved in a qualitative analysis. Table 5 provides an example of this. Note: The consequences in Table 4 are list in reverse order to Table 1. Table 5 cannot be used with Table 1. Tables 4 and 5 were used in courses run by Alara. CONSEQUENCES 1 2 3 4 5 PROBABILITY A B C D E 1 2 4 7 11 3 5 8 12 16 6 9 13 17 20 10 14 18 21 23 15 19 22 24 25 Table 5: Semi-qualitative Risk Ranking 4.4.6 Quantitative Analysis This approach uses numerical values for both consequences and likelihood using data from a variety of sources (see paragraph 4.4.2). Consequences may be expressed in terms of monetary, Technical or human criteria similar to Table 5 above. Likelihood is usually expressed as a probability, a frequency, or a combination of exposure and probability. 4.5 Risk Evaluation This step involves comparing the level of risk found during the analysis process with previously established criteria. The output of a risk evaluation is a prioritized list of risks for further action. If resulting risks fall into the low or acceptable risk categories they may be accepted with minimal further treatment. Low and accepted risks should be monitored and periodically reviewed to ensure they remain acceptable. Risks not falling into low or acceptable risk category should be treated one or more of the following options below. 4.6 Risk Treatment Risk treatment involves identifying the range of options for treating risk, assessing those options, preparing risk treatment plans and implementing them. 4.6.6 Identifying Options for Risk Treatment Figure 2 illustrates the risk treatment process. Options are: Avoid the risk Reduce the likelihood of occurrence. Reduce the consequences. Thiess Infraco Page 12 of 15 TIC-ASM-CON-PP12/A1

Transfer the risk. Retain the risk Measures to reduce consequence and likelihood are referred to as risk controls. Examples of measures for reducing or controlling likelihood are: - Audit and compliance programs - Formal reviews of requirements, specifications, design, engineering and operations - Inspection and process controls - Preventive maintenance - Quality assurance, management and standards - Research and development, technological development - Structured training - Supervision - Testing, trials - Technical controls - Organisational arrangements. Examples of measures for reducing or controlling consequence are: - Contingency planning - Contract conditions - Design features - Disaster recovery plans - Engineering and structural barriers - Minimising exposure to sources of risk - Separation or relocation of an activity and resources 4.6.7 Assessing Risk Treatment options Options are assessed based on the extent of risk reduction and the extent of additional benefits or opportunities created. Selection of the most appropriate option(s) involves balancing the cost of implementing each option against the benefits derived from it. The cost of managing risks needs to be commensurate with the benefits obtained. Where large reductions in risk may be achieved with relatively low cost, they should be implemented. Rare but severe risks may warrant risk reduction measures although not justifiable on economic grounds. The adverse impact of risks should be made as low as reasonably practicable, irrespective of any absolute criteria. Risk treatment options consider how risk is perceived by the affected parties and the most appropriate ways to communicate to those parties. 4.6.8 Preparing Treatment Plans Plans document how the chosen options shall be implemented. Plans identify responsibilities, schedules, the expected outcome of treatments, budgeting, performance measures and the review process to be put in place. Thiess Infraco Page 13 of 15 TIC-ASM-CON-PP12/A1

4.6.4 Implementing treatment Plans Responsibility for treatment of risk should be borne by those best able to control the risk. Responsibilities should be agreed between the parties at the earliest possible opportunity. If after treatment there is a residual risk, a decision shall be taken as to whether to retain that risk or repeat the risk treatment process. 4.7 Monitoring and Review Risks, effectiveness of risk treatment plan, strategies and the management system used to set up control implementation all need to be monitored. Risks and the effectiveness of control measures need to be monitored to ensure circumstances do not alter risk priorities. Ongoing review is necessary to ensure that the management plan remains relevant. 4.8 Communication and Consultation Communication and consultation need to be considered at each step of the risk management process. A communication plan for both internal and external stakeholders needs to be developed as early as possible. The plan should address issues relating to both the risk itself and the process to manage it. Perceptions of risk can vary, due to differences in assumptions and concepts and the needs, issues and concerns of stakeholders as they relate to the risk or the issues under discussion. Stakeholders are likely to make judgements of the acceptability of a risk based on their perception of risk. Stakeholders can have a significant impact on decisions made. It is important that their perceptions of risk and benefits are identified, documented, and understood. 4.9 Documentation Requirements A risk assessment and development of a risk management strategy needs to be documented in an appropriate report comprising the following structure: Title Page Executive Summary Introduction Brief description of the risk management process: - How the context was established - Identification of the risks - Assessment of the risks - Treatment of the unacceptable risks - How monitoring and review was undertaken - How consultation and communication was executed Description of Definitions used: - Incident/risk categories - Probability - Consequence - Risk ranking Results: Thiess Infraco Page 14 of 15 TIC-ASM-CON-PP12/A1

- Risk Register - Risk treatment schedule and plan - Risk action Plan Summary of recommendations for new controls to put in place. Examples of forms to document the risk analysis are: Risk Register TIC-ASM-CON-PP12-PF01 (Attachment 1). Risk Treatment Schedule and Plan TIC-ASM-CON-PP12-PF02 (Attachment 2). Risk Action Plan TIC-ASM-CON-PP12-PF03 (Attachment 3) 5.0 REFERENCES TIC-ASM-CON-PP01 - Material Change to Infrastructure Asset Management AS/NZS 4360: 1999 - Risk Management AS 4292.1: 1995 Railway Safety Management Standard Conditions of Accreditation under the provisions of the Transport Act 1983. 6.0 ATTACHMENTS TIC-ASM-CON-PP12-PF01 TIC-ASM-CON-PP12-PF02 TIC-ASM-CON-PP12-PF03 Risk Register Risk Treatment Schedule and Plan Risk Action Plan Thiess Infraco Page 15 of 15 TIC-ASM-CON-PP12/A1

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information