REGULATORY GUIDE
Holistic Safety
This document provides guidance to licence holders on the interaction of key technological, individual or
human, and organisational factors necessary to create and maintain optimal safety
REGULATORY SERVICES
REG-COM-SUP-240U v1.1
June 2017
Introduction
Background
Safety management has seen significant developments1. Early safety management focussed primarily on
only the safety of the plant and equipment (the technology), while later practices also considered human
operators (human factors) and the overall management of the organisation (organisational factors). The
current approach to safety management is to address all three aspects—the technology, the individual or
human, and the organisation—and the interaction between them, to both create and maintain safe
operations and reduce the relative risk. This overall approach to safety is known as the holistic approach to
safety or simply, holistic safety.
ARPANSA, like other regulatory bodies in Australia and abroad, has been working on developing capability
in holistic safety. Charged with the function of protecting the health and safety of people under the
Australian Radiation Protection and Nuclear Safety Act 1998 (the Act), ARPANSA proposes to use a holistic
approach to assess and monitor the safety of licence holders and applicants. This guide outlines ARPANSA’s
vision and expectations for holistic safety. The guidelines are consistent with the aims of international best
practice such as the IAEA General Safety Requirements Part 2 – Leadership and Management for Safety.
In this document, the key principles of holistic safety are arranged in seven categories called ‘characteristics’.
Within each ‘characteristic’ are ‘attributes’ that more specifically outline the ways in which the key principles
of holistic safety can be achieved. A Safe Organisation exhibits the key characteristics as described in this
guide. The presence of these characteristics has been found to both increase organisations’ resistance to
incidents and accidents while improving overall safety management and productivity2.
Although each characteristic may be considered separately, there is significant overlap, interaction and
interdependency between the technological, the individual or human, and the organisational aspects of
safety. It is an appreciation of these interconnected relationships that separates holistic safety from other
approaches to safety management3. In addition, the relative contribution of each characteristic and
attribute to overall safety will vary among licence holders and applicants e.g. the technological, individual
or human, and organisational factors that apply to a complex production plant will be different to those of
a small laboratory.
Objective and Scope
The objective of this publication is to provide guidance on key technological, individual or human, and
organisational aspects that are necessary to create and maintain optimal safety. This holistic approach to
safety may be used to assess and monitor compliance with the Act and Regulations. It is intended that a
holistic approach to safety should be adopted by all licence holders, while specific application of the
principles set out in the characteristics and attributes will be tailored to the particular organisation.
Although not mandatory, this guide sets out best practice in holistic safety. This guide does not negate
obligations on licence holders pursuant to the Act, the Regulations and any individual licence conditions.
1
For a more detailed description of the development of safety management, see for example Reason (2008), or Flin et al. (2008) which are
referenced in the bibliography.
2
See for example Weick et al. (2007)
3
For a more detailed description on this aspect, see for example Dekker (2011) or Hollnagel et al. (2006) which are both referenced in the bibliography.
REG-COM-SUP-240U v1.1
June 2017
2 of 18
Table of Contents
Overall Structure of the Characteristics and Attributes
HUMAN CHARACTERISTICS
1—Human Aspects
A safe organisation will possess processes and controls that take account of
weaknesses and strengths in human performance
1.1 The selection of suitably qualified and experienced, competent personnel
1.2 The provision of appropriate training
1.3 Equipment and machine design that account for human factors
1.4 Process design that accounts for human factors
1.5 Operational environment design that account for human factors
2—Non-Technical Skills
A safe organisation will possess and utilise effective non-technical skills
2.1 The non-technical skill of communication
2.2 The non-technical skill of leadership
2.3 The non-technical skill of team-working
2.4 The decision-making process
2.5 The non-technical skill of situation awareness
TECHNOLOGICAL CHARACTERISTICS
3—Defence in Depth
A safe organisation will apply Defence in Depth throughout
ORGANISATIONAL CHARACTERISTICS
4—Management System
A safe organisation will integrate safety and environmental protection
seamlessly into an integrated safety management system
5—Resilience
A safe organisation will build or engineer resilience into the system
5.1 The ability to respond
5.2 The ability to monitor
5.3 The ability to anticipate
5.4 The ability to learn
REG-COM-SUP-240U v1.1
June 2017
3 of 18
6—Safety Culture
A safe organisation will at all levels possess shared values and beliefs for
safety that produce behavioural norms that provide an appropriate and
demonstrable attention to safety
6.1 Safety and security are clearly recognised values
6.2 Leadership for safety and security is clear
6.3 Accountability for safety and security is clear
6.4 Safety and security is integrated into all activities
6.5 Safety and security is learning driven
6.6 Integration across divisional boundaries
7—Protective Security
and Nuclear Security
Culture
Organisations with a good security culture will at all levels possess shared
characteristics, attitudes and behaviours which serve as a means to support
and enhance security
7.1 Security management is informed and integrated
REG-COM-SUP-240U v1.1
June 2017
4 of 18
Characteristic 1—Human Aspects
A safe organisation will possess processes and controls that take account of weaknesses and
strengths in human performance
Explanation and Rationale
In the context of this document, Human Aspects/Factors is a body of knowledge about human abilities,
human limitations, and other human characteristics. Human factors engineering is the application of
human factors to the design of tools, machines, systems, tasks, processes, and environments for safe,
comfortable, and effective human use.
Attributes
1.1
The selection of suitably qualified and experienced, competent personnel
1.1.1
Licence holders should ensure requirements for safety and security are considered and assessments of skills
and competencies are undertaken for positions that have a safety or security function.
1.1.2
Licence holders should ensure selection processes result in a suitably qualified and experienced person
(‘SQEP’) to perform in the given position.
1.1.3
Licence holders should ensure that succession plans are in place for all positions having a significant safety
or security function.
1.2
The provision of appropriate training
1.2.1
Licence holders should demonstrate that, where relevant, training covers weaknesses and strengths of
human performance.
1.2.2
Licence holders should ensure that training programs are developed in consultation with SQEP employees.
1.3
Equipment and machine design that account for human factors
1.3.1
Licence holders should ensure that equipment is designed ergonomically.
1.3.2
Licence holders should ensure that equipment is human error tolerant and/or human error evident 4.
1.4
Process design that accounts for human factors
1.4.1
Licence holders should ensure that processes are designed to take account of human factors.
1.4.2
Licence holders should always strive to review and, where necessary, optimise processes to make human
work safer.
4
Refer also to Characteristic 3 Defence in Depth.
REG-COM-SUP-240U v1.1
June 2017
5 of 18
1.5
Operational environment design that account for human factors
1.5.1
Licence holders should ensure that the operational environments are regularly reviewed and optimised for
the safety and security of work being undertaken.
1.5.2
Licence holders should ensure that human factors relevant to radiation and nuclear safety and security are
taken into account when designing or modifying any work area.
REG-COM-SUP-240U v1.1
June 2017
6 of 18
Characteristic 2—Non-Technical Skills
A safe organisation will possess and utilise effective non-technical skills
Explanation and Rationale
Non-technical skills (‘NTS’) are the cognitive, social and personal resource skills that complement technical
skills, and contribute to safe and efficient task performance (Flin et al. 2008, p. 1). The attributes below aim
to assist regulatory officers in their assessment of licence holders’ NTS. Accident investigations invariably
demonstrate a failure in one or more of the following attributes. In order to apply technical skills
effectively, staff need to apply non-technical skills. Good communication, leadership, team-working,
decision-making and situation awareness are necessary for staff to apply technical skills effectively. Thus
improving NTS optimises and complements technical skills.
Attributes
2.1
The non-technical skill of communication
“Communication is the exchange of information, feedback or response, ideas and feelings. It provides
knowledge, institutes relationships, establishes predictable behaviour patterns, maintains attention to the
task, and is a management tool” (Kanki & Palmer 1993 cited in Flin et al. 2008, p. 69)
2.1.1
Licence holders should ensure that the dangers from inadequate communication are made clear and
avoided.
2.1.2
Licence holders should ensure that employees understand communication methods and types, and the
weaknesses and strengths of the different methods of communication.
2.1.3
Licence holders should equip staff with the necessary skills and competencies to communicate effectively.
2.1.4
Licence holders should assess their employees’ competence in communication and provide extra training
where necessary.
2.2
The non-technical skill of leadership
Leadership refers to the personal qualities, behaviours, styles and strategies adopted by the team leaders
that guide and support the other team members, and influences how and whether a team achieves its
objective. The team leaders also influence motives, values and behavioural standards of the team
2.2.1
Licence holders should equip leaders with the knowledge of how leadership can contribute to good or bad
safety and security outcomes.
2.2.2
Licence holders should equip staff with the necessary skills and competencies of leadership for safety and
security.
REG-COM-SUP-240U v1.1
June 2017
7 of 18
2.3
The non-technical skill of team-working
Team working is a distinguishable group of two or more people who interact, dynamically,
interdependently, and adaptively toward a common and valued goal/objective/mission (Flin et al. 2008, p.
94)
2.3.1
Licence holders should ensure that the risks of inadequate team-working and benefits of effective teamworking for enhancing safety and security are made clear.
2.3.2
Licence holders should ensure that employees understand the positive and negative individual and team
attributes that affect team-working.
2.3.3
Licence holders should equip staff with the necessary skills and competencies to work effectively in a team.
2.3.4
Licence holders should assess their employees’ competence in team-working and provide extra training
where necessary.
2.4
The decision-making process
Decision making is “the process of reaching judgement or choosing an option, sometimes called a course of
action, to meet the needs of a given situation” (Flin et al. 2008, p. 41). They are not pre-planned decisions
previously established in procedures and instructions but spontaneous decisions related to operations and
made by personnel and management under pressure
2.4.1
Licence holders should equip their staff with knowledge on how human decision-making can contribute to
good or bad outcomes.
2.4.2
Licence holders should ensure employees understand the different types of decision-making tools and
processes, their weaknesses and strengths and external factors that can affect decision making.
2.4.3
Licence holders should develop training programs that assist good decision-making.
2.5
The non-technical skill of situation awareness
Situation Awareness is the cognitive process for building and maintaining awareness of a workplace
situation or event”—knowing what is going on around you (Flin et al. 2008, p.17). The personal ability to
take in and process any information within a given situation or time
2.5.1
Licence holders should equip their staff with knowledge of how situation awareness can contribute to good
or bad outcomes.
2.5.2
Licence holders should ensure training covers the basic principles in situation awareness, how situation
awareness can be impaired, and factors that affect it.
2.5.3
Licence holders should develop training programs that assist effective situation awareness.
REG-COM-SUP-240U v1.1
June 2017
8 of 18
Characteristic 3—Defence in Depth
A safe organisation will apply defence in depth throughout
Explanation and Rationale
Defence in depth provides the basic framework for nuclear and radiation safety by implementing diverse
layers of protection at successive levels.
To compensate for potential human and mechanical failures, a defence in depth concept is implemented
using several levels of protection including successive barriers preventing harm to people or the
environment. The concept applies a graded approach and can include protection of the safety barriers
themselves. It includes further measures to protect the public and the environment from harm in case
these barriers are not fully effective.
The detailed attributes and regulatory expectations are addressed in other ARPANSA regulatory guides, for
example Regulatory Assessment Principles for Controlled Facilities.
Level of
Defence in
Depth
Objective
Essential Means
1
Prevents failures and insure that anticipated
operational occurrences/disturbances are
infrequent
Conservative, high quality,
proven design and high quality
in construction
2
Maintain the intended operational states and
detect failures
Process control and limiting
systems, other surveillance
features and procedures
3
Protect against design-basis accidents
Safety systems and accident
procedures
4
Limit the progression and mitigate the
consequences of beyond-design-basis
accidents
Accident management and
mitigation
5
Mitigate the radiological consequences of
beyond-design-basis accidents
Off-site emergency response
REG-COM-SUP-240U v1.1
June 2017
9 of 18
Characteristic 4—Management System
A safe organisation will incorporate safety and environmental protection seamlessly into an
integrated safety management system
Explanation and Rationale
A safety management system (‘SMS’) is the ‘toolbox’ that contains the tools an organisation needs in order
to safely and securely manage its operation. Modern SMS’s used by high reliability organisations are often
incorporated into integrated management systems to include environment, quality and security, where
appropriate, rather than as a standalone component system. ARPANSA’s expectation is that safety and
security management and environmental protection is seamlessly integrated into every aspect of a licence
holder’s activities. The detailed attributes and regulatory expectations are addressed in Regulatory Guide:
Plans and Arrangements for Managing Safety.
Characteristic 5—Resilience
A safe organisation will build or engineer resilience into the system
Explanation and Rationale
Resilience Engineering is the intrinsic ability of a system to adjust its functioning prior to, during, or
following changes and disturbances so that it can sustain required operational safety and security under
both expected and unexpected conditions (Hollnagel et al. 2011, p. xxxvi). The application of resilience
engineering principles can also assist in the management of entirely unexpected conditions as it leads to
improved understanding of system behaviour within an organisation and of potential intervention
methods. Licence holders should address and apply the principles of resilience into their systems and
operations to ensure safety and security is maintained under both expected and unexpected conditions.
Attributes
5.1
The ability to respond
5.1.1
Licence holders should undertake analysis of their system’s design and operation to identify any credible
deviations that may lead (immediately or via cascading error) to an increased risk or loss of effective
control.
5.1.2
Licence holders should regularly review their identification of any credible deviations taking account of
operational experience within their own organisation and the wider industry.
5.1.3
Licence holders should equip their systems and staff with the capability to respond to any deviations
(identified and unidentified) and resume optimal operational safety and security.
5.1.4
Licence holders should ensure response capability and readiness is maintained.
REG-COM-SUP-240U v1.1
June 2017
10 of 18
5.2
The ability to monitor
5.2.1
Licence holders should have a list of relevant indicators to monitor system status and performance.
5.2.2
Licence holders should ensure that arrangements are in place so that indicators are closely monitored,
validated and accountabilities are established.
5.2.3
Licence holders should ensure there is a clear basis that determines when the list of indicators is revised.
5.2.4
Licence holders should ensure monitoring facilitates response in a timely manner.
5.3
The ability to anticipate
5.3.1
Licence holders should ensure systems and arrangements are in place to identify future safety and security
challenges that may arise.
5.3.2
Licence holders should ensure the identification of future safety and security challenges is conducted on a
regular basis, and communicated, shared and disseminated within the organisation.
5.4
The ability to learn
5.4.1
Licence holders should ensure there are clear principles behind which deviation from normal operation
(including near-misses) are investigated.
5.4.2
Licence holders should strive to improve safety and security by learning lessons from what goes well and
what goes badly.
5.4.3
Licence holders should ensure they have sufficient and continuous resources to facilitate data collection,
analysis and learning from operational experience.
5.4.4
Licence holders should ensure learning from operational experience is effective, timely, continuous, and
maintained at all organisational levels and across organisational boundaries and demonstrate learning is
effective and occurs at the individual as well as the organisational level.
Characteristic 6—Safety Culture
A safe organisation will, at all levels, possess shared values and beliefs for safety that produce
behavioural norms that provide an appropriate and demonstrable attention to safety
Explanation and Rationale
Safety Culture interacts with an organisation’s structures and control systems to produce behavioural
norms. It is the core values, beliefs and behaviours resulting from a collective commitment by leaders and
individuals throughout an organisation that appropriately prioritise safety against other organisational
goals to allow business objectives to be undertaken without undue risk. Organisations with a positive safety
culture are characterised by communications founded on mutual trust, by shared perceptions of
importance of safety and by confidence in the efficacy of preventative measure. The attributes below aim
to assist regulatory officers in their assessment of safety culture.
REG-COM-SUP-240U v1.1
June 2017
11 of 18
Attributes
6.1
Safety and security are clearly recognised values
6.1.1
Documentation, communications and decision making demonstrates a high priority is given to safety and
security.
6.1.2
The strategic business importance of safety and security is reflected in the business plan.
6.1.3
Safety and security are a primary consideration in the allocation of resources.
6.1.4
A proactive and long term approach to safety and security issues is shown in decision making.
6.1.5
Individuals are convinced that safety and production go hand in hand.
6.1.6
Safety and security conscious behaviour is socially accepted and supported (both formally and informally).
6.2
Leadership for safety and security is clear
6.2.1
Senior management should demonstrate real commitment to safety and security as a core value.
6.2.2
Leadership should provide informed questioning and strong oversight for safety and security, and clearly
and visibly support conservative decision-making.
6.2.3
Leaders should recognise the potential for conflicts between safety and security and foster an approach
that integrates safety and security in a mutually supporting manner.
6.2.4
Leaders must be seen to always model safe and secure behaviours.
6.2.5
Commitment to safety and security is evident at all levels of management.
6.2.6
Management involvement in safety and security related activities is demonstrated.
6.2.7
Management seeks the active involvement of individuals in improving safety and security.
6.2.8
Leadership must ensure that the safety and security management system is not just on paper.
6.2.9
Management shows a continual effort to strive for openness and good communication throughout the
organisation (vertically and horizontally) whilst being mindful of the need to maintain appropriate security
practices (i.e. the need to know principle).
6.2.10
Management is receptive and seeks out operational information (good and bad news).
6.2.11
Relationships between managers and individuals are built on trust.
6.2.12
Management has the ability to resolve conflicts as necessary.
6.2.13
Management welcomes constructive criticism from both internal and external sources.
6.2.14
Leadership recognises the potential for perverse incentives. 5
5
Perverse incentives include reward structures which lead to unsafe outcomes. For example, focussing solely on personnel safety and
implementing a series of reward structures for divisions with fewer incidents may come at the expense of adequate reporting of incidents and
accidents, as well as monitoring the safety of work processes i.e. maintenance of plant and equipment. Management should recognise this
potential for perverse incentives and avoid it, wherever possible.
REG-COM-SUP-240U v1.1
June 2017
12 of 18
6.2.15
Leadership recognises, and where practicable, take into consideration any synergies between safety and
security but also consider potential conflicting requirements, when implementing measures to improve
safety and security outcomes.
6.3
Accountability for safety and security is clear
6.3.1
It acknowledged that the ultimate responsibility for safety and security lies with the licence holder.
6.3.2
Management delegates responsibility with appropriate authority to enable clear accountabilities to be
established.
6.3.3
Ownership for safety and security is evident at all organisational levels and for all individuals.
6.3.4
Roles, responsibilities and accountabilities for safety and security are clearly defined and understood at all
levels.
6.3.5
There is a high level of compliance with procedures and instructions.
6.3.6
Where there is deviation from procedures, the deviations are reported, risks are assessed and procedures
updated, where appropriate, in a timely manner.
6.4
Safety and security is integrated into all activities
6.4.1
Consideration of all types of safety, including facility safety, OHS and environmental safety, and of security
is evident in all business activities.
6.4.2
High standards of documentation, procedures and instructions are maintained throughout the organisation.
6.4.3
Individuals have the necessary knowledge and understanding of the work processes.
6.4.4
Factors affecting work motivation and job satisfaction are given due consideration.
6.4.5
Good working conditions exist with regard to time pressures, workload and stress.
6.4.6
There is cross-functional and interdisciplinary cooperation and teamwork.
6.4.7
Housekeeping and material conditions reflect commitment to excellence.
6.5
Safety and security is learning driven
6.5.1
A questioning attitude prevails at all organisational levels.
6.5.2
Normalisation of, or complacency about, risks is prevented.
6.5.3
Open reporting of deviations and errors is encouraged.
6.5.4
Internal self-assessments and where appropriate, external assessments, are used.
6.5.5
Organisational experience and operating experience (both internal and external to the facility) are used.
6.5.6
Learning is facilitated through the ability to recognise and diagnose deviations, to formulate and implement
solutions, and to monitor the effects of corrective actions in a timely manner to facilitate a cycle of
continuous improvement.
6.5.7
Safety and security performance indicators are developed, tracked, trended, evaluated and acted upon.
REG-COM-SUP-240U v1.1
June 2017
13 of 18
6.5.8
There is systematic development of individual competences which take account of developing operational
knowledge and experience.
6.5.9
There is recognition and prevention against the slow, incremental movement of organisations towards less
safe or secure states—organisational drift.
6.5.10
The potential detriments of moving towards ever smaller margins and incrementally cutting back at safety
and security resources (‘salami slicing’) are considered in safety and security assessments.6
6.6
Integration across divisional boundaries
6.6.1
Licence holders should ensure good communication and learning on safety and security matters is
maintained across divisional boundaries.
6.6.2
Licence holders should maintain an independent safety group, reporting directly to the CEO, with real
powers to investigate and intervene across the organisation.
6
This is also known as drift or system drift. Often small incremental changes in operations can have little individual effect on overall
performance. These small changes, such as short-cuts and work-arounds, are done in order to be more efficient—and often with good
intentions. However, over time, these small changes can erode safety margins and push operations further and further towards unsafe system
safety thresholds. Eventually, this can then result in often unexpected incidents and accidents. It is important licence holders are aware of this
drift that can occur and closely monitors its system functions and operations.
REG-COM-SUP-240U v1.1
June 2017
14 of 18
Characteristic 7—Protective Security and
Nuclear Security Culture
Secure organisations successfully protect the integrity of the organisation and its radioactive
materials, to reduce the likelihood or impact of security incidents caused by malicious acts,
and deliberate or inadvertent actions.
Organisations with a good security culture will at all levels possess shared values and beliefs
for security that produce behavioural norms that provide an appropriate and demonstrable
attention to security.
Explanation and Rationale
A safe organisation will apply best practice for the management, use, storage and transportation of
radioactive materials to successfully protect the integrity of an organisation and its radioactive materials.
These actions will reduce the likelihood or impact of any security incidents which occur deliberately or
inadvertently or through malicious intent. Organisations within the jurisdiction of the Australian
Commonwealth will adopt the requirements of the Australian Government Protective Security Policy
Framework.
Protective Security Definitions
Personnel Security
Personnel security refers to the practices, services and technologies that provide a level of assurance that
individuals who access Government resources have appropriate honesty, trustworthiness, maturity,
tolerance and loyalty.
Information Security
Confidentiality: ensures information is accessible only to those authorised and with a need to have access.
Integrity: ensures the accuracy and completeness of information and processing methods are safeguarded.
Availability: ensures authorised users have access to information and associated assets when required.
Physical Security
Physical security refers to the physical protection afforded to an organisation’s functions and resources
including their employees, information, assets and clients.
Nuclear Security Culture
Nuclear Security Culture is the assembly of characteristics, attitudes and behaviour of individuals,
organisations and institutions which serves as a means to support and enhance nuclear security.
Nuclear security culture plays an important role in ensuring that individuals, organisations and institutions
remain vigilant and that sustained measures are taken to prevent and combat the potential threat of the
REG-COM-SUP-240U v1.1
June 2017
15 of 18
misuse of radioactive material to cause harm to individuals or the environment. These threats may
originate from within or be external to the organisation, and may be intentional, unintentional or malicious.
Safety and security share a common objective of reducing risk. However, while both nuclear safety and
nuclear security considers the risk of inadvertent human error, nuclear security places additional emphasis
on deliberate acts that are intended to cause harm. As security focuses on deliberate acts, security culture
requires different attitudes and behaviour, such as confidentiality of information and efforts to deter
malicious acts, as compared with safety culture.
Attributes
7.1
Security management is informed and integrated
The synergies between safety and security require readers to understand and apply all sections of this guide
as they apply to security in addition to those shown below.
7.1.1
Licence holders should recognise that there are significant synergies between safety and security cultures,
and use these to promote effective security management.
7.1.2
Licence holders should demonstrate appropriate application of the “need-to-know-principle” and foster the
development of an appropriate Security Culture across the organisation.
7.1.3
Licence holders should manage the conflicts that can exist between safety and security requirements and
foster an approach that integrates safety and security in a mutually supporting manner.
7.1.4
Licence holders should include the consideration of security requirements in traditional safety analysis
techniques.
REG-COM-SUP-240U v1.1
June 2017
16 of 18
Appendix
References
Chapanis, A 1991, ‘Making human factors truly human factors’, Human System IAC GATEWAY, vol. XI, no. 3, pp. 7-9.
Civil Aviation Authority 2006, Crew Resource management (CRM) Training CAP 737, Civil Aviation Authority Norwich,
UK.
Dekker, SWA 2011, Drift into Failure, Ashgate, Farnham.
Flin, R O’Connor, P, Crichton, M 2008, Safety at the Sharp-End – A guide to non-technical skills, Ashgate, Farnham.
Flin, R Glavin, R Maran, N & Patey, R 2003, Anaesthetists’ Non-Technical Skills (ANTS) System Handbook v2.0,
University of Aberdeen, Aberdeen, Scotland.
Hollnagel, E 1992, Cognitive Reliability and Error Analysis Method, Elsevier, Oxford.
Hollnagel, E 2004, Barriers and Accident Prevention, Ashgate, Farnham.
Hollnagel, E Paries, J Woods, DD Wreathall, J 2006, Resilience Engineering, Ashgate, Farnham.
Hollnagel, E Paries, J Woods, DD Wreathall, J 2011, Resilience Engineering in Practice – A guidebook, Ashgate,
Farnham.
International Civil Aviation Organisation 2009, Safety Management Manual (2nd Ed.), International Civil Aviation
Authority, Quebec.
International Nuclear Safety Advisory Group 1986, INSAG 1 - Summary Report on the Post-Accident Review Meeting on
the Chernobyl Accident, International Atomic Energy Agency, Vienna.
International Nuclear Safety Advisory Group 1988, INSAG3 - Basic Safety Principles for Nuclear Power Plants,
International Atomic Energy Agency, Vienna.
International Nuclear Safety Advisory Group 1991, INSAG4 - Safety Culture, International Atomic Energy Agency,
Vienna.
International Nuclear Safety Advisory Group 1999, INSAG 12 - Basic Safety Principles for Nuclear Power Plants 75INSAG3 Rev. 1, International Atomic Energy Agency, Vienna.
International Nuclear Safety Advisory Group 1999, INSAG 13 - Management of Operational Safety in Nuclear Power
Plants, International Atomic Energy Agency, Vienna.
International Atomic Energy Agency 1994, TECDOC 743 -ASCOT Guidelines for Organisation Self-Assessment of Safety
Culture and by ASCOT, International Atomic Energy Agency, Vienna.
International Atomic Energy Agency 1996, TECDOC 260 - ASCOT Guidelines for Organisation Self-Assessment of Safety
Culture and by ASCOT, International Atomic Energy Agency, Vienna.
International Atomic Energy Agency 1997, SRS No. 1 - Examples of Safety Culture Practices, International Atomic
Energy Agency, Vienna.
International Atomic Energy Agency 1992, SRS No.11 - Developing Safety Culture in Nuclear Activities Practical
Suggestions to Assist Progress, International Atomic Energy Agency, Vienna.
International Nuclear Safety Advisory Group 2002, INSAG-15 -Key Practical Issues in Strengthening Safety Culture,
International Atomic Energy Agency, Vienna.
REG-COM-SUP-240U v1.1
June 2017
17 of 18
International Atomic Energy Agency 2002, TECDOC-1329 - Safety culture in nuclear installations Guidance for use in
the enhancement of safety culture, International Atomic Energy Agency, Vienna.
International Atomic Energy Agency 2001, TECDOC-1321 - Self-assessment of safety culture in nuclear installations
highlights of good practices, International Atomic Energy Agency, Vienna.
International Atomic Energy Agency 2005, SRS No. 42 - Safety Culture in the Maintenance of Nuclear Power Plants,
International Atomic Energy Agency, Vienna.
International Atomic Energy Agency 2006, Safety Standards GSR Part 2 – Leadership and Management for Safety,
International Atomic Energy Agency, Vienna.
International Atomic Energy Agency 2006, Safety Standards GS-G-3.1 - Application of the Management System for
Facilities and Activities, International Atomic Energy Agency, Vienna.
International Atomic Energy Agency 2008, Nuclear Security Standard No 7 - Nuclear security culture: implementing
guide, International Atomic Energy Agency, Vienna.
International Atomic Energy Agency 2008, SCART Guidelines - Reference report for IAEA Safety Culture Assessment
Review Team, International Atomic Energy Agency, Vienna.
International Atomic Energy Agency 2009, Safety Standards GS-G-3.5 - The Management System for Nuclear
Installations, International Atomic Energy Agency, Vienna.
Joint Aviation Authorities 1992, NOTECHS, Non-technical skill evaluation in JAR-FCL, Joint Aviation Authorities,
Hoofddorp, Netherlands.
Reason, J 1990, Human Error, Ashgate, Farnham.
Reason, J 1997, Managing the Risks of Organisational Accidents, Ashgate, Farnham.
Reason, J 2008, The Human Contribution – Unsafe acts, accidents and heroic recoveries, Ashgate, Farnham.
Weick, KE and Sutcliffe, KM 2007, Managing the Unexpected (2nd Ed.), John Wiley, San Francisco.
Wickens, DC Gordon, SE & Liu Y 1998, An introduction to human factors engineering, Addison Wesley Longman, New
York, USA.
ARPANSA 2007, Radiation Protection Series No. 11 – Code of Practice: Security of Radioactive Sources
http://www.arpansa.gov.au/publications/codes/rps11.cfm.
Australian Government Protective Security Policy Framework http://www.protectivesecurity.gov.au/Pages/default.aspx.
REG-COM-SUP-240U v1.1
June 2017
18 of 18