General Safety Flashcards
The balance between production and protection is known as the _________ zone. Too much protection leads to __________, while excessive production emphasis leads to ___________.
parity / bankruptcy / catastrophe
Note: Catastrophe will likely come after a gradual fluctuation of declines within the parity zone. Fluctuations will be caused by reactionary protections from less severe accidents or even near misses.
Regarding safety in a technological org., what are the two competing goals?
Production vs Protection
Define risk homeostasis or compensation
An added protection will gradually lead to increased production, thus reducing the protections effectiveness.
Eg: Ship radar led to increased speed in foggy conditions.
Without negative events and conscious efforts regarding protection, name two other factors that will reduce an org’s position in the parity range?
Time
Productive Growth
In modern technologies such as the aviation and nuclear industries, there are very few ____________ accidents. The greatest danger comes from rare, but often disastrous, ____________ accidents.
individual
organization
T or F?
Reason’s “Swiss Cheese Model” of hazard defenses is constantly in flux, with defensive holes changing alignment, or various layers potentially even disappearing completely.
True
What is considered an “active” failure?
An active failure is the direct or immediate cause of an undesirable event at the human - system interface.
What is constitutes an “latent” failure?
A latent failure is the underlying condition(s) that contribute to an active failure
Name two common characteristics of latent failures?
- Origin in upper echelons of an organization.
2. Can lie dormant for long periods until the right set of circumstances align to allow an adverse event
T or F
Latent conditions, if undiscovered and uncorrected, can lead to an increase in active failures and accidents.
True
In the Model of Accident Causality, the system that produces an accident is made up of what three elements?
- Unsafe Acts
- Local Workplace Factors
- Organizational Factors
Note: Accident causality flows from 1 to 3, while investigations are opposite from 3 to 1. Further, investigations must be confined to the manageable boundaries of the org concerned.
Regarding accident causation, in what elements can latent conditions play a factor?
Org Factors
Local Workplace Factors
Human tendencies, along with what element in the accident causation model, tend to produce a large amount of unsafe acts, with very few actually creating holes in defenses?
Local Workplace Factors
Although unsafe acts are implicated in most org accidents, are they a necessary condition?
No - think “Challenger”
What is the most common maintenance lapse in both the aviation and nuclear power industries?
Reassembly omissions
T or F
Latent conditions are always present in complex systems.
True; even now!
T or F
Production and protection processes are part of the same organizational structure.
True
Latent conditions are an ____________ product of strategic decisions. All safety can do, is make the worst __________ at any one time, so they can be corrected.
inevitable / visible
It is said that Risk Mgmt is one damn thing after another.
What is one common reason why latent or defensive weaknesses are not detected and repaired?
Those involved have forgotten to be afraid. Safety is a dynamic, non-event.
Production and profit goals are immediate and constant, whereas bad outcomes are very rare in well defended systems.
A common question after an accident is, “How could the warning signs have been missed?” This is asked by those who are using 20/20 hindsight or _________ _________ vs the limited foresight of accident participants.
outcome knowledge
Several studies have shown that outcome knowledge biases our judgment of accident participants because of what three reasons?
- Overestimation of what they would have known in foresight
- Overestimation of what others knew in foresight
- They misremember what they themselves knew in foresight.
Note: A prior Indication of an accident is only a warning if you know what kind of disaster you will suffer.
Automation mode confusion happens f one of two broad reasons?
- Wrong assessment of active mode
2. Failure to notice a change in mode status
_________ _________ evolved from total quality management (TQM), where all employees share a responsibility for quality, not just quality management inspectors at the end of the line.
Quality assurance (QA)
What is the drawback to exclusive QA?
Allows sign off of steps, or process, without verifying quality of actual work.
Regs and policies often stem from some past event, thus indicating that _________ is increased for violators, even though exceeding the boundaries seems inconsequential, and normally is.
risk
What are the two consequences of operating outside prescribed boundaries?
- Probability of a later error increases.
2. Increased likelihood of a bad result.
T or F
Nearly all hazardous operations require taking actions outside the prescribed boundaries, though judged as acceptable practice by those sharing comparable skills.
True
What condition is likely to build up as a system becomes more opaque to users as in-depth, diverse, and redundant defenses are established?
insidious, latent conditions
In hazardous professions, most experienced workers know “approximately” where the “edge” between safety and disaster is and don’t exceed it, except in extreme circumstances. What they don’t appreciate though, is where they are in relation to it. Deciding when to retreat or cease ops altogether, is dependent on delicate and sometimes ___________ ___________.
fallible judgment.
FAA System Safety
What are the key components of the following statement?
The application of special technical and managerial skills in a systematic forward-looking manner to identify and control hazards throughout the life cycle of a project, program, or activity
- Application of special technical or managerial skills
- Systematic, forward looking
- Identification and control of hazards
- Over entire life of program
Formal FAA System Safety Attributes are:
- Responsibility - accountable
- Authority - power
- Procedures - documented
- Controls - checks and restraints
- Process Measurement - assess
- Interfaces - who’s affected?
What are the three minimum process requirements of FAA System Safety?
- Process design must incorporate safety attributes and provide for safe operation
- Processes must be followed
- Processes must work as planned
T or F
Care must be taken to minimize the likelihood that warnings will become superfluous or that preventative measures create unexpected consequences.
True
Human performance is categorized into three levels of performance. Ranging from the least to most complex problems they are:
1.
2.
3.
- Routine
- Trained for Problems
- Novel Problems
Responses to routine, knowledge based, and novel problems are respectively categorized as:
1.
2.
3.
- Automatic or skill based - Mowing
- Mixed or rule based - Pilot
- Conscious or knowledge based - Upper Mgmt since more options. Resorts to when forced, min. capacity or tendency for knee jerk response, especially when under stress
A focus on product conformity and customer satisfaction describes what?
Quality Assurance
Ensuring that risk controls, once designed and put in place, perform in a way that continue to meet their safety objectives describes what?
Safety Assurance
T or F
SMS attempts to effectively combine SA and QA processes.
True
Org’s generally operate within a zone of safety called _________ _________.
safety space
An org’s position within the safety space is determined by fluctuations in safety process effectiveness that are reflected toward either end of the spectrum by increasing __________ or __________.
resistance / vulnerability
The three ingredients that drive an org’s safety engine to its strategic apex, and are the province of top management, are _________, _________, and __________. Define what is meant by each.
Commitment - motivation & resources
Competence - quality of org’s safety info system
Cognizance - awareness of dangers that threaten ops.
What are two symptoms of an org that lacks cognizance?
- Positional Paradox - Those at the top, with the greatest decision all autonomy, blame the personal shortcomings of workers mostly following procedures with equipment provided.
- Tick-off Phenomenon - Can afflict technical managers assigned to safety positions. They consider each safety measure done once put in place. There is no subsequent monitoring or adjustment.
Cognizant org’s consider safety to be a _________ _________, with what characteristics?
guerrilla war
Long, with no conclusive victory, where long periods of peacefulness mean heightened danger.
In setting safety goals, which is the most effective strategy?
A. Setting a negative production process, such as reducing lost time accidents by 1/2.
B. Setting up a long-term fitness program of measuring and improving processes, design, hardware, training procedures, maintenance, planning, budgeting, goal conflicts, etc.
B
What are the five reasons near misses should be quantified and analyzed?
- Provide free lessons
- Proper conclusions yield vaccines
- Insight into small defensive failures
- Frequency allows quantitative analysis
- Slows the process of “forgetting to be scared” so long as upper mgmt is fully engaged.
What are the quick and dirty aspects of the FAA’s system safety attributes?
Who, what when, where, and how.
ASIAS, an FAA info share safety database administered by MITRE, stands for?
Aviation Safety Information Analysis and Sharing
Hazard is described as a _______ _______ _______ to a person / property or ________ non-compliance.
source of harm / regulatory
Risk Assessment combines the ________ and _______ of a hazard’s _______ _______.
severity / probability / credible outcome
The acronym “TEAM” refers to what four broad categories of controls that may be applied to risk?
Transfer
Eliminate
Accept
Mitigate
Credible hazard identification is the ________ ________ ________ within a system that could lead to a ________ ________ ________.
recognition of components / credible adverse outcome
Examples:
- Banana peel
- Large, healthy tree
- Large, dead tree
- Failure to follow a procedure
- Removal of RAINBOE from aircraft
Granularity of hazard identification is based on system description and by what is intended to be mitigated.
While credible security hazards can be lumped under safety, security hazards are really considering ________ as a _______ _______ _______ to persons or property.
threats / source of harm
Risk is what may happen when a hazard ________ itself.
manifests
The process of identifying _______ associated with a hazard is known as _______ _______.
risk(s) / risk analysis
T or F
Risk analysis is a preliminary step in determining the credible adverse outcome associated with each risk imposed by the hazard
T
