Defining safety critical elements and demonstrating their independent verification at a major hazard facility

The purpose of this bulletin is to provide guidance to operators of major hazard facilities when identifying safety critical elements and demonstrating that an independent and competent person will verify that safety-critical elements are or will be suitable and will remain in good repair and condition throughout the life cycle of the facility.

Safety Critical elements are those items of plant or equipment at a major hazard facility that are intended to be the last lines of defence against a major incident and its consequences. The purpose of identifying safety critical elements is to ensure that they receive an appropriate amount of engineering design effort and management so that the operator can be confident that they are correctly selected and will remain functional throughout their lifecycle. As an operator of a major hazard facility you have a duty to identify which items are safety critical elements at your major hazard facility. When considering this topic we recommend that operators also refer to the WorkSafe Good Practice Guidelines particularly, Safety Assessment (Section 5.4).

Defining a safety critical element

Regulation 4 Interpretation

Safety-critical element means any part of a facility or its plant (including a computer program):

a. that has the purpose of preventing, or limiting the effect of, a major incident, and
b. the failure of which could cause or contribute substantially to a major incident.

  • A safety critical element is defined as; any part of a facility or its plant (including a computer program)’. By definition, a procedure or an action by a worker is not a ‘part’ so cannot be a safety critical element.
  • The presence of the word ‘and; means both parts (a) and (b) need to apply when identifying an item as a safety critical element. You should therefore consider what the purpose of the item is when determining whether it is a safety critical element.
  • The WorkSafe Good Practice Guidelines for safety assessment states that some safety-critical elements could be plant or systems that could cause a major incident if it failed, including ‘safety features of primary containment, vessels, and pipe work’. The highlight here is that the ‘safety feature’ of the primary containment is the safety critical element and not the primary containment itself. For example the relief system or level device would typically be the safety critical element and not the vessel or pipework.
  • The word ‘suitable’ refers to the items being fit for purpose. For a safety critical element this may be ensuring that a relief valve is sized correctly or that a level gauge is of a type that will work within expected tolerances in the particular environment it is placed in.
  • When considering a Safety Instrumented Function or a Safety Instrumented System you should consider whether the system is the safety critical element rather than each element or function. Testing against the performance measure may be carried out for the elements with additional checks that the Safety Instrumented Function or a Safety Instrumented System is functional.

Determining who is an independent and competent person to verify that safety-critical elements are or will be suitable and will remain in good repair and condition throughout the life cycle of the facility

Schedule 5 Requirements of safety management system of major hazard facility

9. The safety management system must include the arrangements for independent and competent persons to verify that safety-critical elements are or will be suitable and will remain in good repair and condition throughout the life cycle of the facility. 

Schedule 7 Information required in safety case for upper tier major hazard facility

17. detailed description of the arrangements in place for independent and competent persons to verify that safety-critical elements are or will be suitable and will remain in good repair and condition throughout the life cycle of the facility, including a description of:
a. the nature and frequency of examination and testing
b. review and revision arrangements, and
c. arrangements for the making and preservation of records.

  • We consider safety critical elements as a subset of major incident control measures. Performance standards need to be in place for all major incident control measures and this includes safety critical elements. Examples of performance standards may be tolerances on test or failure rate frequencies. Testing to check that the equipment is within the performance standard is a part of the testing process and may not be the same as verification.
  • WorkSafe differentiates between the inspection (or testing) activity that ensures that the safety critical element is working and the verification process (oversight or validation) that the work has been done correctly. This means that the inspection of a safety critical element may be carried out by one entity with verification by another, or both activities may be done by the same entity.
  • As an operator of a major hazard facility you have a duty to ensure that those verifying that safety critical elements are suitable and will remain in good repair are both independent and competent. WorkSafe does not mandate that the verification must always be carried out by a third party. We consider independence as being free from influence and able to report the results of verification without repercussion.

Effect of other legislation

We accept that some safety critical elements may be independently verified due to duties in other legislation such as HSNO (Hazardous Substances and New Organisms Act and associated Regulations) and PECPR (Pressure Equipment Cranes and Passenger Ropeways Regulations). This verification is acceptable as evidence of compliance with the major hazard facilities regulations if independence and competence can be demonstrated. Items covered by other legislation may also be safety critical element under the major hazard facilities regulations.

