Procedural concept for complex risk assessment in a multinational company in Romania

. Globally, the process of assessing the risks to the health and safety of workers is implemented through the use of hundreds of dedicated tools, used in a flexible and complementary way, according to clearly specified criteria. Unfortunately, in the national practice of occupational risk assessment, only one method has become generalized, which is used in a proportion of 90-95%, and the major problem is that often it is not even applied only formally. This paper has an ambitious goal, aiming to offer practitioners in our country a case study on good practice on the procedural structure for achieving and capitalizing on the results of risk assessment, in a manner that is both complex and pragmatic. The concept proposed and successfully implemented at the investigated multinational company, offers a major potential to improve the management of occupational safety and health in economic organizations, regardless of their size, form of ownership or other categories of conditioning.


Introduction
It is well known that the starting point in the design and implementation of an effective occupational health and safety management system is always the assessment of risks at work [2].Achieving risk assessment in an attempt to justify a decision already taken for other reasons, not involving a team in the assessment process or not including workers in the team, inefficient use, sometimes formal, of external consultants, not using the results obtained or not correlating hazards with control measures are just some of the specific errors that continue to weigh on Romania for more than 15 years the quality of the results of a process that continues to be, unacceptably frequently, characterized by an impractical formalism [3].
Occupational risk assessment should always be verified when there is a change that could affect the perception of risks, when new materials or equipment are introduced or when the organization or working conditions change, including transfer to other workshops or decommissioning of the system [4] [9].The effectiveness of the risk assessment process https://doi.org/10.1051/matecconf/202438900001SESAM 2023 is decisively influenced by the integrity of the initial design or planning of the process approach and development structure, a stage called "goal setting" or "scoping" [5], [6], [7].
The analysed multinational company's most important products are high-performance building materials and glass.The staff structure includes 120 employees, namely: administrative technical staff; production staff; maintenance staff and logistics staff.The activities carried out within the company include: • Manufacturing; • Logistics; • Maintenance; • Administration.Manufactured products include standard plasterboard plates; fire resistant plates; moisture-resistant boards; sound insulation boards and also thermal insulation boards.
At the level of the investigated multinational company, the risk assessment is done in accordance with the methodology specific to the Group to which the company belongs, the assessment methodology being standardized and communicated as a Risk Assessment Standard [8].The evaluation follows the specific steps, the preparation of the participants being considered very important.The involvement of staff in risk assessment is a major part of the individual objectives of each employee, their personal objective being to be involved in all OSH activities.

Methodological approach to risk assessment in the investigated company
The company's own risk assessment standard applies to all sectors, activities, companies and units of the Group.It defines the mandatory minimum requirements of the Group, the instruments used, the acceptability criteria and is in addition to the local laws and regulations that are applied as a matter of priority, based on a pre-established questionnaire whose structure is given in Table 1.
Table 1.Pre-established questionnaire on the procedural framework for risk assessment.

1
A guarantor of the methodology has been appointed to the unit 2 The guarantor and all persons responsible for the risk assessment have been trained in the risk assessment methodology 3 The responsibilities of the guarantor and the managers responsible for the evaluation have been defined 4 The risk assessment considers the activities inside and outside the unit 5 There is an implementation and update schedule covering all activities 6 The tree diagram of positions, workstations and tasks was defined taking into account all routine and exceptional activities, as well as those related to the management of accidents and emergencies 7 Employees systematically participate in risk analysis 8 The factory hazard inventory takes into account the hazards listed in the standard 9 Specific risk groups were taken into account in the risk assessment 10 For each hazard identified in the Jobs / Workstations / Tasks, potential accidental impacts have been considered For each hazard identified in the Jobs / Workstations / Tasks, potential impacts as a result of normal operation have been considered (Chronic Risks).
12 A baseline risk assessment method (Initial Residual Risk or Gross Risk) was selected and maintained throughout the assessment 13 The unit uses standard risk assessment methods (P x G or f x P x G) for accidental hazards and Measurement / Level of Risk for Chronic Hazards.

14
In its risk assessment method, the unit defined how it considers that the means of control make it possible to reduce the likelihood or severity of an event 15 The risk assessment is carried out up to the level of tasks 16 The risk assessment was performed for all routine activities 17 The risk assessment was performed for all exceptional activities 18 The risk assessment was performed for all activities related to the management of accidental or emergency situations. 19 The annual action plan shall take into account the results of the risk assessment and prioritization 20 Employees have access to well-documented and up-to-date risk assessment results and know the risks and means of control that have been identified.21 The risk assessment is updated at least once a year and the results are archived

22
The risk assessment shall be updated, if necessary, after each accident, incident/nearmiss and significant hazard reported.

23
The risk assessment is updated after each change (line, equipment, process, work organization, etc.).A health and safety risk assessment is performed in accordance with this standard for all activities: i. inside the boundaries of the unit; ii.
outside the boundaries of the unit under the responsibility of the Group (1) .The evaluation covers all employees and temporary workers, as well as trainees, visitors and customers.The unit ensures that the contractors comply with the laws and regulations but also the OHS standards, in accordance with its own standard on the control of contractors and that the contractors operating in the Group units or under its responsibility carry out the risk control.These contractors must in particular have been carried out risk assessments, at least by their own methods, in accordance with applicable local laws and regulations.Also, the risks associated with the interactions generated by these entrepreneurs with the activities under the responsibility of the Group / Company must be taken into account in the risk assessment of these activities.
This standard defines the process of implementing a comprehensive method of health and safety risk assessment, which forms the basis of the MSS Management System, as defined in the Group's MSS Framework.The process includes all risks to Health and Safety, although we must refer to the special ramifications of this internal standard, which are the Standard for Risk of Exposure to Toxic Agents (TAS) and the Standard for Risk of Noise Exposure (NOS).It is also noted that a risk assessment remains a subjective method, especially with regard to the risk score, no matter how sound the method used.However, it is essential that the method used be applied evenly over the entire perimeter considered, so that it can lead to a homogeneous score, which allows the control measures to be prioritized and the identified risks to be reduced.Each unit manager is responsible for implementing the standard.To this end, it may nominally appoint the members of the management who will be responsible for the correct implementation of the risk assessment in their areas of responsibility.A guarantor of the risk assessment method is also appointed within the unit.This person is usually the Health and Safety Officer / Coordinator.He must ensure that all persons involved in the risk assessment, in particular managers, have sufficient levels of training and that the risk assessment process is carried out in accordance with the standard.
The guarantor of the method must be trained and qualified in conducting risk assessments.It shall ensure that the persons concerned have legal, scientific and technical knowledge relating to Health and Safety and related OHS standards, enabling them to: • identify the health and safety hazards that are present, as well as the associated impacts; • assess existing Health and Safety risks.If the Health and Safety Coordinator (s) is / are different from the guarantor, they must also be instructed in the method.The guarantor implements internal training sessions for management and the teams that will participate in the risk assessments.

Procedural structure and implemented good practices
The risk assessment is carried out in a participatory manner that brings together all stakeholders, in accordance with the seven steps illustrated in Figure 1 and described below from the perspective of good practice:

a. Organizing and preparing the approach
The objectives of this stage are: • Choice of risk assessment methods, in accordance with local laws and regulations and thecompany's own standard; • Designation of a guarantor of the method for the unit, its training and qualification; • Training managers and especially front-line managers (team leaders / department heads, supervisors, etc.) in managing the implementation of risk assessments;

b. Description of work processes and functions
The description of the processes consists in making an inventory of the different activities carried out inside or outside the unit under the responsibility of the company.Next, it is necessary to break them down into different stages and, finally, to organize them into different work positions, in accordance with the organization of work in the unit.

c. Inventory of SEGs / Jobs, Workstations and Tasks
In order to carry out a relevant risk assessment, both limiting the time devoted to itand keeping costs to a minimum, the assessment is carried out on Similar Exposure Groups (SEG).A SEG is defined by the EN 689 standard as "a group of workers with similar, but not necessarily simultaneous, responsibilities.It is assumed that these workers have similar exposure conditions".The EN 689 standard states: "Variations remain within a group with similar exposure, which are both random and systematic.A professional assessment of the homogeneity of the groups formed is essential" [1].
Based on the breakdowns made in the previous step, the working functions are reunited or broken down into SEGs.It should be noted that a SEG is defined for one or more given hazardous situations.Next, a SEG tree diagram is created on which risk assessment is performed, including jobs, workstations, and tasks.The job corresponds to all the duties performed by one or more employees during their working day, possibly on more than one workstation.With flexibility of work, an employee can belong to several jobs in his working day, week or month, for example, by switching from one production line to another.A workstation corresponds to a delimited area of the workplace in which one or more duties are performed by employees within the job.The task corresponds to the basic operation performed by the employees in a job within a specified period of time.
The tree diagram thus constituted is represented in figure 2: Breakdown by functional units in order to carry out the risk assessment.
For this breakdown into workstations and tasks, the following activities will be explicitly considered: • all routine activities: nominal operation and day-to-day operations as defined by the unit, as well as planned maintenance and cleaning operations and other planned activities; • all exceptional activities (non-routine): occasional transition and reduction operations, as well as unplanned maintenance and cleaning operations and other unplanned activities.
Health and Safety risks related to the management of accidental and emergency situations must be taken into account in the activities that are considered in the definition of jobs, workstations and tasks.Risk assessments must be carried out at the level of the tasks so that they can be sufficiently accurate and exhaustive, with the exception of risk assessments for exposure to toxic agents, which must be carried out at the job -level level.
However, for hazardous situations that are common to all tasks that make up a workstation, with the same exposure profile and the same means of control implemented, assessments may be performed at the workstation level.Similarly, for similar hazardous situations which are common to several workstations with the same exposure profile and the same means of control implemented, assessments may be carried out at the station level.Other hazardous situations, such as exposure to noise, may be common to several jobs.In this case, the SEG will bring together these jobs and risk assessments can be performed on these groups of jobs.
Certain jobs may include tasks that are incompatible with the health status of employees with a special situation, which could result in their retirement from these jobs and / or the implementation of additional means of control.As a minimum requirement, employees in risk-sensitive groups are systematically assessed: i) Persons with disabilities; ii) Breastfeeding mothers; iii) Pregnant women; iv) Young workers under the age of 18.

d. Identification of hazards and impacts
This stage consists of listing all the hazardous situations at each level of the organization that was established in the previous stage (job, workstation or assignment), with the related means of risk control.The hazardous situations to be considered are grouped according to the following hazard categories: • Organizational and physical restrictions; • Chemical and biological agents; • Toxic agents regarding their health aspects (evaluated according to the TAS standard in the Gaïa Toxic Risk Assessment module [Gaia]); After identifying the hazardous situations that are present, the unit identifies the related impacts, taking into account: • possible accidental impacts on workers; • impacts caused by the normal functioning of activities on Health (Chronic Risks).
Impacts caused by operations, known as "normal health impacts of activities", are health damage and occupational diseases that may be caused by chronic risks arising from the https://doi.org/10.1051/matecconf/202438900001SESAM 2023 activity that is usually carried out at the time of the assessment, wether it was designed in this way or not.A hazardous situation is defined for each hazard and type of impact pair (accidental and normal operation).The implemented means of control are described according to the following 3 categories: i) Engineering/Equipment / Collective protective equipment; ii) Organizational / Behavioral; iii) Personal protective equipment.A reliability level is considered (Low, Medium or High) for each category of control measures.This level of reliability is estimated based on the events that have taken place, the feedback on these means of control and the results of the inspections, and the audits of that post (in particular compliance with existing procedures and conduct of PPE).

e. Risk analysis and evaluation
Prior to the start of the assessment, it is necessary to choose the reference risk assessment method and the risk level assessment method.

a. Choice of reference risk assessment method
First, the unit chooses the reference risk assessment method, which is either a Gross Risk Assessment or an Initial Residual Risk Assessment: • Gross Risk: Estimated level of risk taking into account only the means of control that are inherent in the equipment and could not be easily bypassed by employees (Integrated Protection); • Initial Residual Risk: The level of risk assessed by taking into account all means of control implemented during the initial risk assessment.
Once this choice has been made, the same reference risk assessment method should be used for all unit assessments.

b. Choosing the method for assessing the risk level
In this context, the risk is considered to be the residual risk assessed by taking into account all the means of control implemented and their estimated level of reliability.There are three methods available for assessing the risks to health and safety: • two for accidental risks: a.The standard method(P x G) 2 ; b.The Kinney -Wiruth method adapted by the company (f x P x G3 ); • one for chronic risks (by measurement or qualitative approach).
In order to perform a homogeneous risk assessment, only one method must be chosen and used to assess the exposure to the same hazard, which may be present at different jobs, workstations and tasks within the unit.In the same way, it is recommended to use only one of the two accidental risk assessment methods (P x G or f x P x G), in the same unit and, if possible, in the same activity (working point).

c. Tools for considering the influence of means of control
The company will need to describe in its internal risk assessment procedure how the influence of each means of control is taken into account in reducing the likelihood and / or severity of a Health and Safety event.Although there is no formula for associating control measures with a potential probability or severity of a Health and Safety event, the company's standard provides an example of an indicative method that will support the unit or activity in defining its own criteria.Whatever the relevance of these indicative criteria, they cannot replace the professional judgment which makes it possible to take a decision on the level of risk following a detailed analysis.At the same time, the traceability of this analysis must be ensured.

d. Emergency response
In accordance with the Group's MSS Framework and using the Health and Safety Risk Assessment, the unit identifies emergencies among potential accidents that require immediate action in order to avoid or contribute to the control of a significant accident as a result of its kinematics and the severity of its impacts.The management of these emergencies is described in the unit's contingency plan.

e. Staff/workers information
Employees and temporary staff of the unit have access to the documented and updated results of Health and Safety risk assessments.They are particularly aware of the risks and means of control that have been identified for the jobs/positions they hold [10].

f. Defining actions
In accordance with the MSS Framework, the unit develops an annual action plan that includes corrective actions and preventive actions to reduce and control risks.In order to develop this action plan, the unit shall set priorities for risks and related actions.For each action, the expected risk reduction must be systematically estimated.In order to prioritize the risks and delimit those that are significant, the unit scores for all identified risks, according to the types of risk levels included in Table 2: The "Very Critical" risks must be categorically subject to control and risk reduction measures in the annual Health and Safety Action Plan.Precautions must be taken to reduce these "very critical" risks.For other risks, the unit should prioritize the related measures that may be included in its annual action plan, depending on the: • Expected reduction of risk as a result of the measure; • The cost of the measure; • Ease of implementation of the measure; • Number of people exposed.
Control measures (prevention and protection) are barriers placed between the hazards inherent in a system and the materialization of an undesirable event.Control measures can be identified from the very beginning of the risk identification phase.For an existing system, both the measures already implemented and the possible applicable alternatives can be identified.The effect of the application of the control measures on the level of risk must https://doi.org/10.1051/matecconf/202438900001SESAM 2023 be evaluated for each risk factor, the evidence of the results being able to be registered in the "Risk Register", the process being repeated later with a predetermined periodicity.Risk control and mitigation measures mainly concern: • equipment, processes and products; • work organization and procedures; • behavior; according to the following control hierarchy: • elimination of risks; • substitution of hazards; • use of integrated protection; • use of Personal Protective Equipment as a last resort.

g. Update
The Health and Safety Risk Assessment is reviewed in accordance with local laws and regulations and in particular in the event of: • modification of equipment, processes, products or services; • occurrence of a Health and Safety event (occurrence of an accident or incident, significant unsafe situations reported); • certain suggestions from staff regarding risk control; • certain observations resulting from audits or inspections; • implementation of risk reduction and control measures; • amendments to laws and regulations or Health and Safety standards; • changes in scientific and technical knowledge concerning the hazards present in the unit or the means of control used.Also, the entire health and safety risk assessment is reviewed at least annually in a participatory manner.The decision to update the assessment for a job, workstation and / or task is made following this review.The procedure described is followed in accordance with all legal and local obligations and procedures, the company standard being the minimum limit to be implemented.

Conclusions
It is important to establish critical control measures for the proper management of the system, especially if the number of control measures is large.Criticality (the importance of a measure) plays a major role in determining the frequency of maintenance, testing and management actions.The main factors that need to be considered when identifying critical control measures are the following: • the control measure allows the control of several significant risk factors; • the control measure allows to prevent the most probable causes of some events; • the control measure is intended to reduce the effects of undesirable events with serious or catastrophic consequences; • the possibility that back-up control measures may be known to be ineffective or unreliable; • the number of safety barriers for a significant hazard is too small.All control measures identified during the various stages of the risk identification process must be evaluated from the point of view of: • functionality, i.e. the performance of the function for which it is intended; • reliability, both individually and in combination with other control measures; • the position of the measure in the hierarchy, i.e. its importance in ensuring the state of safety; • independence and diversity.Is it possible for a set of control measures to lose their functionality due to a single failure or will the failure of one measure also lead to the failure of others?There is an area of performance indicators for all control measures, especially for measures considered critical.Performance indicators measure both how control measures perform their functions and how the management system monitors and maintains safety measures.Performance indicators generally refer to certain standards or levels of the company's performance target.Measures can be qualitative or quantitative and can include absolute targets that do not allow any deviations or targets that allow deviations from certain tolerable limits.Change management is a major component of any successful business / activity, and as a result the identification of specific risks of change and the necessary means of control must be integrated into the change management plan.Within the investigated multinational company, all these requirements materialize practically in a holistic, systemic, systematic and participatory manner.

24
Management implements technical and scientific supervision measures corresponding to the Health and Safety risks present in the unit 25 Performance indicators set by own standard are available and tracked during unit management analysis

Fig. 1 .
Fig. 1.The procedural structure of the risk assessment in the investigated company.

•
Establishment of participatory working groups and organization of risk assessment; Training group members so that they can actively participate; • Defining the responsibilities and objectives of all those involved; • Preparation of an implementation schedule.

Table 2 .
Risk criticality grid applied in the investigated company.