a system for the - catatan studi tsdipura web view- in the case of a single serious event a formal...

IAEA SAFETY STANDARDS SERIES No. NS-G-2.11

OPERATINGEXPERIENCE FEEDBACK

FORNUCLEAR INSTALLATIONS

SAFETY GUIDE

INTERNATIONAL ATOMIC ENERGY AGENCYVIENNA, DraftExcerpt Contribution to TM2014

FOREWORD

by Director GeneralTo be adapted before submission to Committees

CONTENTS

INTRODUCTION

Background ....................................................(1.1–1.4)Objective ........................................................ (1.5)Scope .............................................................(1.6–1.9)General...........................................................(1.10–1.12)Structure .........................................................(1.13)

SYSTEM FOR THE FEEDBACK OF OPERATIONAL EXPERIENCE FOR THE OPERATING ORGANISATION OF NUCLEAR INSTALLATIONS

General...........................................................(2.1–2.6)Management System......................................(2.7–2.21)Identification and Reporting.............................(2.22–2.36)Screening........................................................(2.37–2.51)Investigation....................................................(2.52–2.66)Corrective Actions...........................................(2.67–2.80)Trending and Review .....................................(2.81–2.93)Utilization, Dissemination, Reporting and Exchange of Information

.....................................................................

.....................................................................(2.94–2.102)Reviewing the Effectiveness of the Process ...(2.103–2.108)Management System

INVOLVEMENT OF THE REGULATORY BODY

General........................................................... (3.1)Management System......................................(3.2–3.6)Criteria and Procedures for Reporting of Operating Experiences

.....................................................................(3.7–3.18)Screening of Events........................................(3.19–3.22)Investigation, Analysis and Evaluation of Operating Experience

.....................................................................(3.23–3.27)Regulatory Review Overview and Inspection. .(3.28–3.33)Utilization, Disseminating and Reporting of Information

.....................................................................(3.34–3.38)

INTERNATIONAL SYSTEMS FOR THE FEEDBACKOF OPERATIONAL EXPERIENCE

International Organizations.............................(4.1–4.3)International Utility System.............................. (4.4)International Regulatory System..................... (4.5)

APPENDIX I: TYPES OF EVENT REPORT,TIMING, FORMAT AND CONTENT....................................(I.1–I.5).....................................................

REFERENCES

CONTRIBUTORS TO DRAFTING AND REVIEWBODIES FOR THE ENDORSEMENT OF SAFETY STANDARDS

............................................................

1. INTRODUCTION

BACKGROUND

1.1 In 1989 the IAEA issued a Safety Guide on A System for Reporting Unusual Events in Nuclear Power Plants (Safety Series No. 93). The Safety Guide presented a recommended scheme that was based on available national practice and was applicable to the management of safety related operational experience in nuclear power plants. The Safety Guide consisted of two parts: Part I, A National System, and Part II, the IAEA Incident Reporting System. The Incident Reporting System was developed in the early 1980s by the Nuclear Energy Agency (NEA) of the Organisation for Economic Co-operation and Development (OECD) and has been a single system jointly operated by the IAEA and OECD/NEA since 1998.The joint IAEA/NEA Incident Reporting System Guidelines have been published by the IAEA []; they superseded Part II of Safety Series No. 93.

1.2. The IAEA Safety Standards Series publications Safety of Nuclear Power Plants: Commissioning and Operation [] and Legal and Governmental Infrastructure for Nuclear, Radiation, Radioactive Waste and Transport Safety [] set out safety requirements for the feedback of operating experience. In the Nuclear Safety Convention, which entered into force in July 1996, the importance of the feedback of operational experience is fully recognized in Article 19 as a tool of great importance for the safety of the operation of a nuclear power plant and its further enhancement.

1.3. TheIAEA Safety Guide NS-G-2.11, “A System for the Feedback of Experience from Events in Nuclear Installations” was published in 2006.This revised IAEA Safety Guide provides guidance on meeting the requirements as established in Refs [] and constitutes an update and an extension to cover the life cycle of nuclear installationsfrom design to decommissioningand takes account for analysing and reporting of operating experience,including good practices.

1.4. A well executed operating experience (OE) program is an integral part of an installation or utility’s continuous improvement process.

OBJECTIVE (SAME)

1.5. The objective of this Safety Guide is to provide guidance for the establishment and enhancement of an operational experience feedback system from design to decommissioning of nuclear installation at the operator, operating organization, regulatory, national and international levels to enhance safety of nuclear installations. It brings together common elements that typically constitute an effective operational experience feedback system. It should be noted that the process of feedback of operational experience is undertaken by many different organizations throughout the world which, by cooperating, can help to ensure that the overall process of gathering, utilization and exchanging operational experience is efficient and effective. This Safety Guide identifies the various organizations and their roles and responsibilities, and gives guidance on their involvement in the overall process.

SCOPE

1.6. This Safety Guide provides guidance on the main processes in the feedback of operational experience. It identifies the interaction between the different organizations using feedback on operational experience. It provides guidance for all the relevant organizations that are involved in the nuclear industry, such as regulatory bodies, technical support organizations, operating organizations with ongoing, phase out or planned nuclear programs, vendor companies (designers, engineering contractors, manufacturers, etc.), research establishments, technical universities with studies in the nuclear field and international organizations.

1.7. This Safety Guide does not deal with the special reporting procedures covered by the Convention on Early Notification of a Nuclear Accident or those that may be necessary under emergency conditions or that are covered by the International Nuclear Event Scale [].

1.8. Although it is accepted that the Fundamental Principle L Confidentiality should be respected in the OE process. This Safety Guide does not deal with nuclear security aspects in detail. More guidance can be found in the Amendment to the Convention on the Physical Protection of Nuclear Material [].

1.9. This document does not cover the Regulatory Experience Process (DS 472 and 473 cover this process).

GENERAL

1.10. OE comprises the installation life cycle from design to decommissioning. OE considers occurrences from all states of operations of the respective installation that learning can be taken from. OE bears in mind operational records, low level events, near misses, reportable events, good practices and all other information pertaining to the installation. The OE system utilizes the information on OE primarily to maintain and improve the safety of the installation.

1.11. An effective OE system should be in place for all organisations related to the nuclear industry involved in safety related activities. The focus and specific arrangements may differ in line with their tasks and responsibilities. Regardless, the OE system should reflect the following:

Reporting and recording of gaps to excellence, precursors, minor problems, near misses, events and good practices;

Collection of external OE Screening of OE — primarily on the basis of actual or potential

safety significance; Investigation; In-depth analysis, including causal analysis; Recommended actions resulting from the assessment, including

approval, implementation, tracking and evaluation; Wider consideration of trends; Dissemination and exchange of information, including by the use of

international systems; Continuous monitoring and improvement of processes by use of OE; A storage, retrieval and documentation system for OE.

1.12. The organizational framework for an OE program will be dependent on the installation/utility structure. Installations will need to perform all functions of an OE program with existing installation resources, however multiple installation utilities tend to have a centralized OE system that is responsible for various aspects of the OE process. These functions include:• The coordination and support of internal OE to ensure compliance to

the process• The screening, analysis, and distribution of external OE among the

relevant installations.• Training of the OE program of personnel• Providing independent investigation of significant events as required

STRUCTURE

1.13. Section 2 covers the system for the feedback of operational experience of the operating organization. The topics management system, identification, reporting, screening, Investigation, corrective actions, trending, review, utilization, dissemination, exchange of information, reviewing of effectiveness of the process are addressed. Section 3 contains the involvement of the regulatory body in the process for the feedback of operational experience. Section 4 comprises international systems for the feedback of operational experience. Additional detailed guidance is provided in Appendix I.

2. SYSTEM FOR THE FEEDBACK OF OPERATIONAL EXPERIENCE FOR THE OPERATING ORGANIZATIONOF NUCLEAR INSTALLATIONS

General

2.1. The IAEA Specific Safety Requirements for the Safety of Nuclear Power Plants: Commissioning and Operation [], in para 5.27 states that the operating organization shall establish and implement a program to report, collect, screen, analyse, trend, document and communicate OE at the plant in a systematic way. It shall obtain and evaluateinformation on relevant operating experience at other nuclear installations todraw lessons for its own operations. It shall also encourage the exchange ofexperience within national and international systems for the feedback ofoperating experience. Relevant lessons from other industries shall also be takeninto consideration, as necessary.

2.2. The IAEA General Safety Requirements Part 6 for Decommissioning of Facilities [], in para 7.5 states that the decommissioning plan shall be updated as necessary in the light of relevant operational experience gained, available lessons learned from the decommissioning of similar facilities, new or revised safety requirements, or technological developments relevant to the selected decommissioning strategy. If an accident occurs or a situation arises with consequences relevant for decommissioning, the

decommissioning plan shall be updated by the licensee as soon as possible and shall be reviewed by the regulatory body.

2.3. The IAEA General Safety Requirements Part 6 for Decommissioning of Facilities [], in para 7.15 states that updates to the final decommissioning plan shall be made as necessary in the light of experience gained in decommissioning, new or revised safety requirements, or new or revised national regulations. Updates to the final decommissioning plan by the licensee shall be subject to review and, if warranted, approval by the regulatory body.

2.4. The IAEA Safety Requirements for the Safety of Nuclear Fuel Cycle Facilities [], in para 4.25 states that when available, information about incidents and events at other installations of the same type as the facility shall also be investigated and lessons learned shall be considered.

2.5. The IAEA Safety Requirements for the Safety of Nuclear Fuel Cycle Facilities [], in para 9.25 states that arrangements shall be made to ensure that significant deviations from operating instructions are identified, and where appropriate, an investigation is carried out into the cause and appropriate actions are taken to prevent recurrence. Such arrangements shall include notification to the regulatory body if the deviations result in the breach of an operational limit or condition.

2.6. OE comprises the installationlife cycle from design to decommissioning. OE considers occurrences from all states of operations of the respective installation that learning can be taken from. OE bears in mind operational records, low level events, near misses, reportable events, good practices and all other information pertaining to the installation. The OE system utilizes the information on OE primarily to maintain and improve the safety of the installation.

Management System (NEW)

2.7. The IAEA Fundamental Safety Principles [] in para 3.12 states that the management system also has to ensure the promotion of a safety culture,

the regular assessment of safety performance and the application of lessons learned from experience.

2.8. The IAEA General Safety Requirements for the Management System for Facilities and Activities [], in para 2.1 states that a management system shall be established, implemented, assessed and continually improved.

2.9. The IAEA Specific Safety Requirements for the Safety of Nuclear Power Plants: Design [], in para 3.2 states that the management system shall include provision for ensuring the quality of the design of each structure, systemand component, as well as of the overall design of the nuclear power plant, at all times. This includes the means for identifying and correcting design deficiencies, for checking the adequacy of the design and for controlling design changes.

2.10. The IAEA Specific Safety Requirements for the Safety of Nuclear Power Plants: Commissioning and Operation [], in para 5.31 states the operating organization shall be responsible for instilling an attitude among plant personnel that encourages the reporting of all events, including low level events and near misses, potential problems related to equipment failures, short comings in human performance, procedural deficiencies and inconsistencies in documentation that are relevant to safety.

2.11. The operating organization should establish an OE program at the start of the lifecycle of the installation so that relevant operating experience can be gathered and disseminated, and should continue throughout the lifecycle of the installation including decommissioning. (is this clear enough to clarify to cover in the guidances. Lifetime usually from operation not include the design).(is it include dismantling ? no, it is only up to decommissioning).

2.12. Management’s decisions regarding the activities of the OE program should be driven by maintaining and improving safety performance as the overriding priority.

2.13. Management should foster a positive environment in order to create, maintain and continuously improve an OE program such that it is an integral part of the safety culture of their installation.

2.14. Management should create a blame free/just reporting culture in which reporting is encouraged and reinforced throughout the organization, fostering an atmosphere of a questioning attitude and attention to detail.

2.15. Management should ensure that sufficient, dedicated, suitably qualified, and experienced staff are appointed to deliver the defined scope of the OE program.

2.16. Management should ensure that the installation/utility training programmes adequately inform all staff about the role and expectations of the OE program.

2.17. Management should ensure that the OE program is adequately supported with the necessary infrastructure and information technology (IT) tools to permit all staff easy access to OE data.

2.18. Management should ensure that there is adequate funding to support the continued operation and development of the OE program.

2.19. Management should ensure that important corrective actions resulting from the OE program are given suitable priority within the short and long term investment plans.

2.20. The operating organization should establish procedures for the control of activities at the installation for the feedback of operational experience.

2.21. Management should ensure that OE records are maintained, easily retrievable, and retained for the life of the installation.

Identification and Reporting

2.22. The IAEA Specific Safety Requirements for Safety of Nuclear Power Plants: Commissioning and Operation [], in para 5.31 states the operating organization shall be responsible for instilling an attitude among plant personnel that encourages the reporting of all events, including low level events and near misses, potential problems related to equipment failures, short comings in human performance, procedural deficiencies and inconsistencies in documentation that are relevant to safety.

2.23. Nuclear installations should identify all events, issues, error precursors, and good practices and enter them into their OE program.

2.24. Significant events should be promptly reported and captured within their OE program to ensure hazards have been minimized to achieve safe operation.

2.25. Low level events and near misses should be identified and reported because they are the precursors to more significant events

2.26. Relevant external operating experience should be entered into the installation’s OE program.

2.27. Identification should include work practices and areas of activities where good and effective performance is achieved.

2.28. Identification should involve everyone at the installation including contractor personnel and regulators.

2.29. The method for reporting of issues should be accessible to everyone, user friendly, and computerized whenever possible.

2.30. Although data can be captured in different relational databases, they should be integrated into one OE reporting database at the installation.

2.31. Issues involving counterfeit, fraudulent or suspect items or parts should be identified and reported within the OE system.

2.32. Issues should be identified during thephases of the life cycle of the installation (design, construction, commissioning, operation, and decommissioning).

2.33. Efforts to identify issues should be valued and reinforced. The results should therefore be fed back to the person who initiated the report and all other relevant personnel where appropriate.“Good catches” should be made public within the installation to encourage reporting and questioning attitude.

2.34. Management should communicate the expectations for identifying events, poor performance, degrading trends and good practicesto everyone at the installation including staff, contractors, and regulators. The communication of the expectations should be performed by setting the standards through written instructions, continuous example, and training.

2.35. Operating organizations should develop documentation outlining appropriate reporting criteria specific to the type of installation being operated and consistent with national regulatory requirements.

2.36. Prompt notification and reporting of significant issues and events should ensure that they are reported to relevant internal and external organizations. Designated Individuals should be responsiblefor the reporting of significant events to the relevant external organizations.

Screening

2.37. The IAEA Specific Safety Requirements for Safety of Nuclear Power Plants: Commissioning and Operation [], in para 5.29 states that the information on operating experience shall be examined by competent persons for any precursors to, or trends in, adverse conditions for safety, so that any necessary corrective actions can be taken before serious conditions arise.

2.38. A screening process should be implemented to ensure a graded approach to operating experience. Written guidance with established criteria should be utilized for the screening process. (the establishment of the guidance should be recommended first)

2.39. Screening should be performed timely enough to ensure investigations or corrective actions are initiated to mitigate or prevent recurrence of the event.

2.40. Screening should establish the level of significance using written significance level criteria. This should determine the type of investigation or analysis for all reported issues.

2.41. Significance level criteria should factor in consequence or potential consequence with regard to nuclear safety, environmental safety, radiological safety, and industrial safety.

2.42. Screening should include prioritization according to safety significance, recurrence and recognition of adverse trends.

2.43. Suitably experienced, knowledgeable, and multi-disciplinary team should be assigned to the screening task. The team should also include personnel with knowledge of matters concerning human performance and behaviours.

2.44. The screening team members should have high enough authority to allocate resources necessary to carry out the investigation or analysis of the issues or events. Management should be involved.

2.45. Screening should consider generic implications of the issue being screened and how it can affect other areas of the installation or utility.

2.46. External Operating Experience should not be dismissed only on the basis of technical issues, all aspects should be considered.

2.47. If significant external operating experience is determined not applicable, the personnel making the determination should document the bases for this decision.

2.48. Screening of Operating Experience should also include relevant information from vendors, suppliers, designers and research institutions

2.49. The results of screening of external events at the installation level should be recorded for evaluation in subsequent periodic self-assessments or peer reviews. The history of the screening process for external events should be made available to the regulatory body if so required.

2.50. In Organizationswith nuclear installations based in several locations, a centralized group may be considered toconduct screening of international and national operational experience (this may be a joint undertaking involving several utilities)

2.51. Screening by the centralized group should include a review of:

a. International external Operating Experience for relevance to one or more installations

b. National Operating Experience for generic implications to other installations internal and external to the utility including trends affecting more than one installation.

Investigation

2.52. The IAEA Specific Safety Requirements publication on Safety of Nuclear Power Plants: Commissioning and Operation [] states in para. 5.28 “Events with safety implications shall be investigated in accordance with their actual or potential significance”. Events with significant implications for safety shall be investigated to identify their direct and root causes, including causes relating to equipment design, operation and maintenance, or to human and organizational factors. The results of such analyses shall be included, as appropriate, in relevant training programs and shall be used in reviewing procedures and instructions. Plant event reports and non-radiation-related accident reports shall identify tasks for which inadequate training may be contributing to equipment damage, excessive unavailability of equipment, the need for unscheduled maintenance work, the need for repetition of work, unsafe practices or lack of adherence to approved procedures.”

2.53. The operating organization or installation should have procedures in place specifying for the type of investigation that is appropriate for an event of any particular type.

2.54. The procedures should outline the conduct of an investigation in terms of means of scope, initiation, duration, composition of the investigation team and the format of the final report.

2.55. Investigations should be initiated in a timely manner to ensure the preservation of data or other important information necessary to the successful performance of the root cause investigation

2.56. The level of the investigation carried out should be commensurate with the actual or potential consequences of an event and the frequency of recurring events.

2.57. The scope of investigations of events should vary appropriately:

- In the case of a single serious event a formal root cause analysis with extensive use of root cause analysis techniques applicable to the type of event should be performed

- For an event with moderate consequences the apparent causes should be identified and corrected

- Issues with no consequences as a minimum should be trended

2.58. The investigation should be performed of sufficient depth to identify the root causes of significant events. This should include identification of extent of condition1 and extent of cause1

2.59. Root cause investigations should formally document the following:

- Establishment of the complete event sequence (what happened including how the problem developed)

- Cause analysis – root causes and contributing causes (why it happened)

- Assessment of the safety significance (what could have happened);

- An evaluation of the immediate or compensatory actions taken

- Identification of corrective actions to prevent recurrence

- Strategy for the determination of effectiveness of the corrective actions

2.60. Investigators should search appropriate internal and external event databases to identify other similar events, to determine if previous corrective actions taken were not effective at preventing recurrence.

2.61. Issues identified during the investigation but not relevant to the causes of the event should be reported.

2.62. When a formal investigation has been completed, trend codes should be updated to reflect the final causes of the event.

2.63. At least one individual on the team performing the apparent or root cause investigations should have received formal training and has recent experience to lead theinvestigations.

2.64. All Individuals performing the investigation should be knowledgeableininvestigation techniques and inthe use of human error prevention tools.

2.65. A committee of suitablytrained, experienced, knowledgeable, and multi-disciplinary team should be assigned to review the completed investigations to ensure all root causes have been identified and that corrective actions have been developed to address the root causes and identified contributing causes. Management should be involved.

2.66. Potential organizational issues should be investigated by an independent group to ensure objectivity with the results of the investigation.

Corrective Actions

2.67. The IAEA Specific Safety Requirements on Safety of Nuclear Power Plant: Commissioning and Operation SSR 2/2 [] in para 5.30 states “As a result of the investigation of events, clear recommendations shall be developed for the responsible managers, who shall take appropriate corrective actions in due time to avoid any recurrence of the events. Corrective actions shall be prioritized, scheduled and effectively implemented and shall be reviewed for their effectiveness. Operating personnel shall be briefed on events of relevance and shall take the necessary corrective actions to make their recurrence less likely.”

2.68. Corrective actions should address all root causes and contributing causes.

2.69. Corrective actions should be implemented in a timely manner. (lowest frequency ?)

2.70. At the time corrective actions are being specified, a review of open corrective actions should be performed to determine if they conflict with other open corrective actions.

2.71. Senior Management of the installation should review and approve important corrective actions.

2.72. Due date extensions, modification, or cancelation of important corrective actions should be minimised and should be approved by Senior Management of the installation.

2.73. When recommended corrective actions take a long time to implement, to minimize the time at risk of recurrence, interim or compensatory corrective actions should be put in place.

2.74. Personnel at the appropriate level within the nuclear installations should be accountable for the effective implementation of corrective actions. The owner of the corrective action should be involved in the development of the corrective actions.

2.75. Corrective actions should be prioritized. Those actions affecting safety should be given the highest priority. Too many open corrective actions may overwhelm the intended beneficiary and may result in some important actions being left pending for too long.

2.76. The corrective action backlog should be assessed periodically in aggregate to determine the cumulative risk to the installation.

2.77. A periodic evaluation should be carried out to review the need for items in the pending corrective actions list.

2.78. Corrective actions should be tracked to completion.

2.79. Effectiveness of the implementation of all (low/moderate/high significance) corrective actions should be performed after complete implementation.

2.80. A committee of experienced, knowledgeable, and multi-disciplinary team should be assigned to review the corrective actions have been developed to address the root causes. Management should be involved.

Trending and Review

2.81. The IAEA Safety Requirements for Commissioning and Operation [] states in para. 5.29 that “information of operating experience shall be examined by competent persons for any precursors to, or trends in, adverse conditions for safety, so that any necessary corrective actions can be taken before serious conditions arise.”

2.82. Information from all reported issues including low level events and near misses should be trended.

2.83. Trend analysis of low level events and error precursors should be performed early enough so that the operating organization can initiate an investigation and take corrective actions to prevent a significant event occurrence.

2.84. Data from all relevant installation databases should also be trended to obtain a broader perspective of strengths and weaknesses at the installation. For example, trending of information from industrial safety reports, radiological contamination reports, records of maintenance work, quality assurance reports can provide useful insights.

2.85. The following types of trends should be carried out and reviewed:

- Short term trends that develop quickly

- Trends that have developed over a longer period of time

- Trends that compare the current performance to a previous similar operating condition (for example comparing two outages to each other)

2.86. Installation trend reports should be provided to managers at a regular intervals.

2.87. Utility trend reports that trend the performance of the installations should be developed and provided to Senior Managers at a regular intervals.

2.88. Once an abnormal trend has been identified it should be treated as an event, and the established reporting program should be used to initiate an

appropriate analysis. The level of the analysis should be based on the significance of the trend and its potential consequences. A thorough root cause investigation should be made so as to identify causal and contributing factors to explain why a trend is occurring.

2.89. A comprehensive and detailed coding system should be applied to make the data easily searchable and consistent that enables all reported issues to be characterized to identify recurring themes.

2.90. A small multi-disciplined group of experienced individuals should assign the trend codes to ensure consistency and accuracy of the trend codes.

2.91. An installation’s coding system should be harmonized between the installations within a utility, and with other national or international OE programs to facilitate the comparison of information between these bodies.

2.92. Trending should identify:

—Recurring issues derived from all reported events

—Abnormal trends relating to work groups of the installation;

—Abnormal trends in certain operating modes and during certain activities;

—Recurring failuresor degrading performancesof systems and components;

—The differences between trends during an outage in comparison with

trends during non-outage periods;

—Overall trend to Human Performance and Safety Culture;

2.93. Trending should be performed at the installation level, utility level and national level.

Utilization, dissemination, reporting and exchange of information

2.94. The IAEA Specific Safety Requirements publication on Safety of Nuclear Power Plants: Commissioning and Operation [] para 5.32 states that the operating organization shall maintain liaison, as appropriate, with support organizations (manufacturers, research organizations and designers) involved in the design, in order to feed back information on operating experience and to obtain advice, if necessary, in the event of equipment failure or in other events.

2.95. The IAEA Specific Safety Requirements publication on Safety of Nuclear PowerPlants: Commissioning and Operation [] establishes in para. 5.27… that the operating organization “shall obtain and evaluate information on relevant operating experience at other nuclear installations to draw lessons for its own operations”. It shall also encourage the exchange of experience with the national and international systems for the feedback of operating experience. Relevant lessons from other industries shall also be taken into consideration, as necessary.” and in para. 5.32 “ the operating organization shall maintain liaison as appropriate with support organizations (manufacturers, research organizations, and designers) involved in the design in order to feedback information on operating experience and to obtain advice, if necessary, in the event of equipment failures or in other events”.

2.96. Effective use of the feedback of operational experience should beactively encouraged and reinforced by management.

2.97. Information on operating experience should be made readily accessible to all installation personnel for use in various work processes. For example: pre-job briefings, management meetings, outage schedules etc…

2.98. Operating Experience should be included in relevant training programs.

2.99. Operating Experience should be utilized during the review of procedures and instructions.

2.100. Appropriate information relating to the feedback of operational experience should be timely sharedwith relevant bodies. This should occur at appropriate levels (e.g. the installation level, the operating organization level, and the national and international level). A list of possiblerecipients for different types of information should include: regulatory bodies, organizations with planned or ongoing nuclear programs, technical support organizations in the nuclear field, vendor companies including design firms, engineering

contractors and manufacturers, and centralized international reporting systems.

2.101. Legal requirements and commercial interests could restrict the dissemination of some information. The regulatory body and the operating organization should make the necessary arrangements with the organizations concerned to ensure that any restrictions on the information to be disseminated are minimized.

2.102. Access to all OE information should be easy, quick and user friendly.

Reviewing the effectiveness of the process

2.103. The IAEA Specific Safety Requirements publication on Safety of Nuclear Power Plants: Commissioning and Operation [] establishes in para. 5.33 “the operating experience program shall be periodically evaluated to determine its effectiveness and to identify any necessary improvements”.

2.104. Effectiveness of the Operating Experience program should be assessed utilizing the following methods

— ‘Self-assessment’ by the operating organization of the nuclear installation;

— Peer review to determine whether the process meets established international standards;

— Regulatory inspection.

2.105. Effectiveness should be determined by experienced individuals familiar with the event analysis methodology.

2.106. Indicators of the effectiveness of the process should be developed. These mayinclude the number, the severity and the recurrence rate of events and thecauses of different events.

2.107. Recurring events should be reviewed to identify whether improvementscan be made in the process for the feedback of operational experience.

2.108. The operating organization should issue a periodic report, at least annually, that summarizes the effectiveness of the OE process and should identify areas for improvement and corrective actions taken to address the issues identified.

3. INVOLVEMENT OF THE REGULATORY BODY

General

3.1. The IAEA General Safety Requirements Part 1 on Governmental, Legal and Regulatory Framework for Safety states in Requirement 15 [] that the regulatory body shall make arrangements for analysis to be carried out to identify lessons to be learned from operating experience and regulatory experience, including experience in other States, and for the dissemination of the lessons learned and for their use by authorized parties, the regulatory body and other relevant authorities.

Management System

3.2. The IAEA Fundamental Safety Principles [a] in para 3.12 states that the management system also has to ensure the promotion of a safety culture, the regular assessment of safety performance and the application of lessons learned from experience.

3.3. In General Safety Requirements Part 1 for Governmental, Legal and Regulatory Framework for SafetyRequirement 19 [] states that the regulatory

body shall establish, implement, and assess and improve a management system that is aligned with its safety goals and contributes to their achievement.

3.4. The regulator’s management system should include a process for screening, investigation, analysis, evaluation, review, inspection, utilization, dissemination, reporting and storage of the authorized party’s and other external OE. The process should be monitored by appropriate means to determine its effectiveness as well as to identify and to implement any necessary improvements.

3.5. This process should be periodically subjected to internal and external reviews (e. g. IAEA IRRS, ROPER missions)

3.6. The regulator’s management system should integrate the outcomes of the OE process in the regulatory strategy and in all other relevant areas.

Criteria and Procedures for Reporting of Operating Experiences (new

for this chapter )

3.7. The regulatory body should specify the reporting criteria for notifying of events, incidents or accidents considered significant to safety and security. The criteria should reflect the possible radiation risks and the complexity of the facility or activity.

3.8. The regulatory body should specify the procedures for reporting events, incidents or accidents including time scales for reporting, reporting format, minimum contents of the report, and administrative arrangements for report distribution. These arrangements should define the roles and responsibilities of personnel from both the authorized party and the regulatory body.

3.9. The regulatory body should require where appropriate that an investigation should be carried out by the authorized party and reported

within the specified period of time, covering details of the event, incident or accident, details of doses associated, the findings of the investigation performed.

3.10. These investigations should contain the description of the event sequence, the causes and root causes, analysis of actual and potential safety significance, remedial actions and proposals for mid-term and long-term corrective and preventive actions. The lessons learned from previous related occurrences at the same site or other installations should be captured. The investigation should consider technical, human and organisational aspects.

3.11. The regulatory body should require that the authorized party communicates any change in the perception of the safety significance of an event in a timely manner. Any significant changes to the findings of the investigation and implementation of subsequent actions should be communicated as well.

3.12. The regulatory body should support that the authorised party utilises a graded approach for their investigations reflecting the safety significance and complexity of the events.

3.13. Regulatory bodies should specify requirements for periodic reporting and progress reporting on operating experiences. These periodic reports should include low level events and near misses.

3.14. The reporting criteria for events that should be required to be reported to the regulatory body include the following:

A plant shutdown or suspension of activity as required by the operational limits and conditions

An operation or condition prohibited by the operational limits and conditions.

Any event or abnormal condition that resulted in the condition of the nuclear installation, including its principal safety barriers, being seriously degraded.

Any natural phenomenon or other external condition that posed an actual threat to the safety of the nuclear installation or that

significantly hampered site personnel in the performance of duties necessary for safe operation.

Any event or abnormal condition that resulted in the manual or automatic operation of the protection system or of engineered safety features

Any event in which a single cause or condition cause a significant loss of operability of a safety system.

Any liquid or airborne releases of radioactive material to unrestricted areas in excess of authorized limits (generally as specified in the operational limits and conditions), or exposure of site personnel in excess of authorized limits.

Any event that posed an actual threat to the safety of the nuclear installation or that significantly hampered site personnel in the performance of duties necessary for safe operation, including fires, releases of toxic gases and radioactive releases.

Declaration of an emergency condition as specified in the emergency plan.

Any problem or defect in the safety analysis, design, construction, manufacturing, supply chain, installation or operation that results in, or could result in, an operating condition that had not previously been analysed or that could exceed design basis conditions.

Any event that results in the death of or serious injury to personnel on the site.

3.15. These criteria should cover thephases of the installation life cycle including design, construction, commissioning, operation, shut-down, and decommissioning.

3.16. These criteria should cover non-nuclear events related to worker safety, fire safety, radiation protection, environment etc. if not reported under other regulations.

3.17. In line with Requirement 21 of the General Safety RequirementPart 1 the regulatory body and the authorized party should foster mutual

understanding and respect through frank and open communication on operational experiences. As a good practice these communications should also include occurrences that are not covered by formal reporting requirements.

3.18. In line with Requirement 22 of the General Safety RequirementPart 1 the regulatory body should ensure stability of regulations procedures and arrangements as well as their practicability. It is a good practice to discuss modifications to regulations, procedures and arrangements with stakeholders before implementation.

Screening of Events

Reportable Events

3.19. After receiving an event report the regulatory body should check the report regarding its compliance to the reporting criteria, its accuracy and completeness in due time. The regulatory body should contact the authorized party where clarifications or further information are required.

3.20. The regulatory body should have arrangements to identify events that need further regulatory attention. These arrangements should facilitate the screening and dissemination of information within the regulatory body for further review.

3.21. The regulatory body should run a system for storage and easy retrieval of reported events. The coding system used should be as far as practicable in line with international coding systems for OE to facilitate further international utilization.

Other Information

3.22. The regulatory body should screen other sources of information including regular reports of the authorized party (e. g. monthly reports, yearly reports), operating experiences from national and foreign nuclear industry, international organisations and non-nuclear industry.

Investigation, Analysis and Evaluation of OE

3.23. A thorough review and assessment of the authorized party’s event reports should be performed by the regulatory body in order to determine whether the facility or activity complies with the relevant safety objectives, principles and criteria.

3.24. The objective of this review is to confirm that the event was adequately investigated, the root causes were correctly identified, and the corrective and remedial actions wereadequate to prevent recurrence and wereplanned and taken timely and adequately. The regulatory body’s review should cover the identification of lessons to be learned and the sharing of safety related information.

3.25. If the nature of the event warrants it, the regulatory body should conduct or arrange for an independent investigation, this should be undertaken in a graded approach. Criteria for independent investigations include safety significance, novel causes, repeat occurrences, generic lessons to be learned. This independent investigation may be performed in the frame of a reactive inspection.

3.26. The regulatory body should analyse the reported events to identify positive and adverse trends and patterns. These analyses should also recognise information about low level events and near misses.

3.27. Regulatory staff involved in event review and investigation should be knowledgeable of the importance of human and organisational factors and suitably qualified and trained in appropriate methods. The regulatory body should assess whether the results of review and investigation might have an impact on regulatory requirements, rules, regulations, and standards.

Regulatory Review, Overview and Inspection

3.28. The regulatory body should ensure that a system for operational experience is in place at the authorized party. This system should record the

identification, screening, investigation, evaluation, trending, corrective action, utilization of OEand self-assessment performance.

3.29. The IAEA General Safety Requirements Part 1 for Governmental, Legal and Regulatory Framework for Safety [] states in Requirement 25 that the Regulatory Body should use a graded approach to review the operating experience commensurate with the radiation risks associated.

3.30. The regulatory body should periodically inspect all parts the OE system of the authorized party to ensure that they are applied and effective. This should cover reporting, evaluation, investigation, trending of eventsas well as low level events and near misses, the corrective action program, the utilization of learning from operating experience, utilization operating experience, as well as adequacy of management, organisation, resources and training.

3.31. Additional inspections of the OE programs or parts of it should be undertaken when shortfalls are identified.

3.32. In addition to routine inspection activities, the regulatory body should carry out reactive inspections at short notice if an abnormal occurrence warrants immediate investigation.

3.33. The regulatory body should overview the authorized party’s Safety Performance Indicator program to identify significant information on the party’s OE performance.

Utilization, Disseminating, and Reporting of Information

3.34. The regulatory body should use the operating experiences to provide guidance to authorized parties based on lessons learned and good practices for the improvement of the installation’s safety. Considerations should be given to the inclusion of organisations involved in new build projects. The information should also be used to support and enhance the regulatory body’s strategy and to improve rules, regulations and standards.

3.35. Principle 2 of the Fundamental Safety Principles [], states that the regulatory body must set up appropriate means of informing parties in the vicinity, the public and other interested parties, and the information media about the safety aspects (including health and environmental aspects) of facilities and activities and about regulatory processes; and to consult parties in the vicinity, the public and other interested parties, as appropriate, in an open and inclusive process.

3.36. The regulatory body should set arrangements for disseminating information related to OE. This information should cover immediate notification of important events and regular sharing of OE with the government, parliament, public, stakeholders and national, foreign and international organisations. Any legal or commercial restrictions to the publication and dissemination of information should be minimised as far as reasonably achievable.

3.37. For the purpose of communication on the safety significance of events the regulatory body should use INES [].

3.38. The regulatory body should have arrangements to collect OE from Member States, report relevant domestic events and corrective actions taken using systems such as the IRS, international working groups and meetings, regular contacts with other regulatory bodies, etc.

4. INTERNATIONAL SYSTEMS FOR THE FEEDBACK OF OPERATIONAL EXPERIENCE

International Organizations

4.1. The goal of international OE systems includes the sharing of experiences; minimize duplication of efforts and optimizing the use of resources. International OE systems including databases for recording and storage of OE related data should be defined, maintained and operated by

the international organizations to enable contributions and to maximize the benefit for the international community.

4.2. International organisations should provide the means to share the international OE by facilitating fora, working groups, technical meetings etc. and to produce guidance documents and technical reports to reflect international good practices.

4.3. The international organisations should provide training related to OE, organize review missions and provide technical and scientific support to member organisations.

International Utility System

4.4. The installation should actively participate in relevant international OE feedback systems. The installation should have procedures in place to identify and to provide relevant national OE to the international systems in a timely manner and to deal with international information received.

International Regulatory System

4.5. The regulatory body should actively participate in relevant international OE feedback systems. The regulatory body should have procedures in place to identify and to provide relevant national OE to the international systems in a timely manner and to deal with international information received.

Appendix I

REPORTING CRITERIA AND CATEGORIESTYPES OF EVENTS REPORT, TIMING, FORMAT AND CONTENT

I.1. The preliminary report (sometimes termed the early notification report) should be submitted by the operating organization to the regulatory body electronically or by telephone or facsimile.

The preliminary reports should contain Installation affected Status of the installation at time of the event and at present Date and time of event and detection Brief narrative of the event sequence Any exposure injury and release Immediate actions taken First risk perception, provisional INES rating Contact details

These preliminary reports should be followed by a brief written confirmation, as appropriate, to ensure that adequate information is transferred. Before a detailed written report (herein-after termed the main report) is submitted, additional information may be needed for reasons such as the following:

Further degradation in the level of safety of the plant; —Major changes in the perception of the significance of the

event as a result of a subsequent evaluation; New information; The need to correct factual errors.

I.2. A main report should then be prepared by the authorised party. This report should be submitted to the regulatory body (and possibly other organizations) as soon as practicable. The main report should be marked as provisional if additional information is to be gathered later for evaluation and, if necessary, submitted in a follow-up report to finalize the main report.

I.3. The authorised party should submit follow-up reports if the

initial report is known to be incomplete or if significant additional information becomes available. The operating organization should also submit specific additional information and assessments as it considers necessary, or at the request of the regulatory body if the regulatory body finds it necessary for a complete understanding of an event. When such a request is made, the information and assessments should be provided within an agreed time period. If, after the main report is submitted, significant further corrective actions are taken or more information gained from further investigations becomes available, this should be reported to the regulatory body as follow-up information. Reports should, wherever possible, be communicated and disseminated widely to relevant bodies and should be considered for serving as the basis for information to be exchanged internationally.

I.4. The operating organization should prepare the main reports in sufficient technical detail for persons conversant with the design of the nuclear installation. In addition to technical details, whenever appropriate the reports should contain data on human factors necessary for an understanding of the event without the need for additional information. The standard format and contents of reports to the IAEA/NEA International Reporting System on operating experiences [1] may be considered for adoption in national systems for the feedback of operational experience, to link national and international systems more effectively.

I.5. The main report should be as comprehensive as possible and should be set out in an orderly and consistent manner. The main report should include the following:

Basic information; Narrative description; Safety assessment (consequences and implications); direct and root causes or causal factors corrective actions (taken and/or planned); Lessons learned; Guide keywords with their respective codes.

Appendix II

Deleted because the relevant information is captured in this Guideline and other details are already included in Tech. Docs.

APPENDIX III

INVESTIGATION AND ANALYIS OF EVENTS


APPENDIX IV

APPROVAL AND IMPLEMENTATION OF CORRECTIVE ACTIONS


REFERENCES

TO BE ADAPTEDBEFORE SUBMISSION TO TM-PARTICIPANTS

Annex I

DATA MANAGEMENT FOR THEFEEDBACK OF OPERATING EXPERIENCE


REFERENCES TO ANNEX I

Annex II

EXAMPLE OF ELEMENTS OF A NATIONAL FEEDBACK SYSTEM FOR OPERATING EXPERIENCE


FIG. II–1.An example of elements of a national system for the feedback of operating experience.


CONTRIBUTORS TO DRAFTING AND REVIEW

To be adaptedbefore submission to Committees

BODIES FOR THE ENDORSEMENTOF SAFETY STANDARDS

To be adaptedbefore submission to Committees

a system for the - catatan studi tsdipura web view- in the case of a single serious event a formal...

Documents