General Safety

Question 0

The balance between production and protection is known as the _________ zone. Too much protection leads to __________, while excessive production emphasis leads to ___________.

Answer 0

parity / bankruptcy / catastrophe

Note: Catastrophe will likely come after a gradual fluctuation of declines within the parity zone. Fluctuations will be caused by reactionary protections from less severe accidents or even near misses.

Question 1

Regarding safety in a technological org., what are the two competing goals?

Answer 1

Production vs Protection

Question 2

Define risk homeostasis or compensation

Answer 2

An added protection will gradually lead to increased production, thus reducing the protections effectiveness.

Eg: Ship radar led to increased speed in foggy conditions.

Question 3

Without negative events and conscious efforts regarding protection, name two other factors that will reduce an org’s position in the parity range?

Answer 3

Time

Productive Growth

Question 4

In modern technologies such as the aviation and nuclear industries, there are very few ____________ accidents. The greatest danger comes from rare, but often disastrous, ____________ accidents.

Answer 4

individual

organization

Question 5

T or F?

Reason’s “Swiss Cheese Model” of hazard defenses is constantly in flux, with defensive holes changing alignment, or various layers potentially even disappearing completely.

Answer 5

True

Question 6

What is considered an “active” failure?

Answer 6

An active failure is the direct or immediate cause of an undesirable event at the human - system interface.

Question 7

What is constitutes an “latent” failure?

Answer 7

A latent failure is the underlying condition(s) that contribute to an active failure

Question 8

Name two common characteristics of latent failures?

Answer 8

1. Origin in upper echelons of an organization.

2. Can lie dormant for long periods until the right set of circumstances align to allow an adverse event

Question 9

T or F

Latent conditions, if undiscovered and uncorrected, can lead to an increase in active failures and accidents.

Answer 9

True

Question 10

In the Model of Accident Causality, the system that produces an accident is made up of what three elements?

Answer 10

3. Unsafe Acts
4. Local Workplace Factors
5. Organizational Factors

Note: Accident causality flows from 1 to 3, while investigations are opposite from 3 to 1. Further, investigations must be confined to the manageable boundaries of the org concerned.

Question 11

Regarding accident causation, in what elements can latent conditions play a factor?

Answer 11

Org Factors

Local Workplace Factors

Question 12

Human tendencies, along with what element in the accident causation model, tend to produce a large amount of unsafe acts, with very few actually creating holes in defenses?

Answer 12

Local Workplace Factors

Question 13

Although unsafe acts are implicated in most org accidents, are they a necessary condition?

Answer 13

No - think “Challenger”

Question 14

What is the most common maintenance lapse in both the aviation and nuclear power industries?

Answer 14

Reassembly omissions

Question 15

T or F

Latent conditions are always present in complex systems.

Answer 15

True; even now!

Question 16

T or F

Production and protection processes are part of the same organizational structure.

Answer 16

True

Question 17

Latent conditions are an ____________ product of strategic decisions. All safety can do, is make the worst __________ at any one time, so they can be corrected.

Answer 17

inevitable / visible

It is said that Risk Mgmt is one damn thing after another.

Question 18

What is one common reason why latent or defensive weaknesses are not detected and repaired?

Answer 18

Those involved have forgotten to be afraid. Safety is a dynamic, non-event.

Production and profit goals are immediate and constant, whereas bad outcomes are very rare in well defended systems.

Question 19

A common question after an accident is, “How could the warning signs have been missed?” This is asked by those who are using 20/20 hindsight or _________ _________ vs the limited foresight of accident participants.

Answer 19

outcome knowledge

Question 20

Several studies have shown that outcome knowledge biases our judgment of accident participants because of what three reasons?

Answer 20

1. Overestimation of what they would have known in foresight
2. Overestimation of what others knew in foresight
3. They misremember what they themselves knew in foresight.

Note: A prior Indication of an accident is only a warning if you know what kind of disaster you will suffer.

Question 21

Automation mode confusion happens f one of two broad reasons?

Answer 21

1. Wrong assessment of active mode

2. Failure to notice a change in mode status

Question 22

_________ _________ evolved from total quality management (TQM), where all employees share a responsibility for quality, not just quality management inspectors at the end of the line.

Answer 22

Quality assurance (QA)

Question 23

What is the drawback to exclusive QA?

Answer 23

Allows sign off of steps, or process, without verifying quality of actual work.

Question 24

Regs and policies often stem from some past event, thus indicating that _________ is increased for violators, even though exceeding the boundaries seems inconsequential, and normally is.

Answer 24

risk

Question 25

What are the two consequences of operating outside prescribed boundaries?

Answer 25

1. Probability of a later error increases.

2. Increased likelihood of a bad result.

Question 26

T or F

Nearly all hazardous operations require taking actions outside the prescribed boundaries, though judged as acceptable practice by those sharing comparable skills.

Answer 26

True

Question 26

What condition is likely to build up as a system becomes more opaque to users as in-depth, diverse, and redundant defenses are established?

Answer 26

insidious, latent conditions

Question 27

In hazardous professions, most experienced workers know “approximately” where the “edge” between safety and disaster is and don’t exceed it, except in extreme circumstances. What they don’t appreciate though, is where they are in relation to it. Deciding when to retreat or cease ops altogether, is dependent on delicate and sometimes ___________ ___________.

Answer 27

fallible judgment.

Question 27

FAA System Safety

What are the key components of the following statement?

The application of special technical and managerial skills in a systematic forward-looking manner to identify and control hazards throughout the life cycle of a project, program, or activity

Answer 27

1. Application of special technical or managerial skills
2. Systematic, forward looking
3. Identification and control of hazards
4. Over entire life of program

Question 28

Formal FAA System Safety Attributes are:

Answer 28

1. Responsibility - accountable
2. Authority - power
3. Procedures - documented
4. Controls - checks and restraints
5. Process Measurement - assess
6. Interfaces - who’s affected?

Question 29

What are the three minimum process requirements of FAA System Safety?

Answer 29

1. Process design must incorporate safety attributes and provide for safe operation
2. Processes must be followed
3. Processes must work as planned

Question 30

T or F

Care must be taken to minimize the likelihood that warnings will become superfluous or that preventative measures create unexpected consequences.

Answer 30

True

Question 31

Human performance is categorized into three levels of performance. Ranging from the least to most complex problems they are:
1.
2.
3.

Answer 31

1. Routine
2. Trained for Problems
3. Novel Problems

Question 32

Responses to routine, knowledge based, and novel problems are respectively categorized as:
1.
2.
3.

Answer 32

1. Automatic or skill based - Mowing
2. Mixed or rule based - Pilot
3. Conscious or knowledge based - Upper Mgmt since more options. Resorts to when forced, min. capacity or tendency for knee jerk response, especially when under stress

Question 33

A focus on product conformity and customer satisfaction describes what?

Answer 33

Quality Assurance

Question 34

Ensuring that risk controls, once designed and put in place, perform in a way that continue to meet their safety objectives describes what?

Answer 34

Safety Assurance

Question 35

T or F

SMS attempts to effectively combine SA and QA processes.

Answer 35

True

Question 36

Org’s generally operate within a zone of safety called _________ _________.

Answer 36

safety space

Question 37

An org’s position within the safety space is determined by fluctuations in safety process effectiveness that are reflected toward either end of the spectrum by increasing __________ or __________.

Answer 37

resistance / vulnerability

Question 38

The three ingredients that drive an org’s safety engine to its strategic apex, and are the province of top management, are _________, _________, and __________. Define what is meant by each.

Answer 38

Commitment - motivation & resources

Competence - quality of org’s safety info system

Cognizance - awareness of dangers that threaten ops.

Question 39

What are two symptoms of an org that lacks cognizance?

Answer 39

1. Positional Paradox - Those at the top, with the greatest decision all autonomy, blame the personal shortcomings of workers mostly following procedures with equipment provided.
2. Tick-off Phenomenon - Can afflict technical managers assigned to safety positions. They consider each safety measure done once put in place. There is no subsequent monitoring or adjustment.

Question 40

Cognizant org’s consider safety to be a _________ _________, with what characteristics?

Answer 40

guerrilla war

Long, with no conclusive victory, where long periods of peacefulness mean heightened danger.

Question 41

In setting safety goals, which is the most effective strategy?

A. Setting a negative production process, such as reducing lost time accidents by 1/2.

B. Setting up a long-term fitness program of measuring and improving processes, design, hardware, training procedures, maintenance, planning, budgeting, goal conflicts, etc.

Answer 41

B

Question 42

What are the five reasons near misses should be quantified and analyzed?

Answer 42

1. Provide free lessons
2. Proper conclusions yield vaccines
3. Insight into small defensive failures
4. Frequency allows quantitative analysis
5. Slows the process of “forgetting to be scared” so long as upper mgmt is fully engaged.

Question 43

What are the quick and dirty aspects of the FAA’s system safety attributes?

Answer 43

Who, what when, where, and how.

Question 44

ASIAS, an FAA info share safety database administered by MITRE, stands for?

Answer 44

Aviation Safety Information Analysis and Sharing

Question 45

Hazard is described as a _______ _______ _______ to a person / property or ________ non-compliance.

Answer 45

source of harm / regulatory

Question 46

Risk Assessment combines the ________ and _______ of a hazard’s _______ _______.

Answer 46

severity / probability / credible outcome

Question 47

The acronym “TEAM” refers to what four broad categories of controls that may be applied to risk?

Answer 47

Transfer
Eliminate
Accept
Mitigate

Question 48

Credible hazard identification is the ________ ________ ________ within a system that could lead to a ________ ________ ________.

Answer 48

recognition of components / credible adverse outcome

Examples:

• Banana peel
• Large, healthy tree
• Large, dead tree
• Failure to follow a procedure
• Removal of RAINBOE from aircraft

Granularity of hazard identification is based on system description and by what is intended to be mitigated.

Question 49

While credible security hazards can be lumped under safety, security hazards are really considering ________ as a _______ _______ _______ to persons or property.

Answer 49

threats / source of harm

Question 50

Risk is what may happen when a hazard ________ itself.

Answer 50

manifests

Question 51

The process of identifying _______ associated with a hazard is known as _______ _______.

Answer 51

risk(s) / risk analysis

Question 52

T or F

Risk analysis is a preliminary step in determining the credible adverse outcome associated with each risk imposed by the hazard

Answer 52

T