REGDOC-2.1.2, Safety Culture
Preface
This regulatory document is part of the CNSC’s Management System series of regulatory documents. The full list of regulatory document series is included at the end of this document and can also be found on the CNSC’s website.
Over the past few decades, experience in the international nuclear industry and other industries has demonstrated the importance of a healthy safety culture in maintaining the safety of workers, the public, and the environment. An organization that actively fosters a healthy safety culture can have a powerful influence on employee attitudes and behaviours, and consequently on individual and corporate safety performance.
Regulatory document REGDOC-2.1.2, Safety Culture, sets out requirements and guidance for fostering a healthy safety culture and for conducting safety culture assessments. It does the same for security culture. It is important to recognize that both nuclear safety and security and their cultures share the same overall objective, which is to limit the risk resulting from nuclear substances and associated facilities. The two cultures coexist and reinforce each other.
REGDOC-2.1.2 is intended to form part of the licensing basis for a regulated facility or activity within the scope of this document. It is intended for inclusion in licences as either part of the conditions and safety and control measures in a licence, or as part of the safety and control measures to be described in a licence application and the documents needed to support that application.
For proposed new facilities: This document will be used to assess new licence applications for Class I nuclear facilities and uranium mines and mills.
Guidance contained in this document exists to inform the applicant, to elaborate further on requirements or to provide direction to licensees and applicants on how to meet requirements. It also provides more information about how CNSC staff evaluate specific problems or data when they review licence applications. Licensees are expected to review and consider guidance; should they choose not to follow it, they should explain how their chosen alternate approach meets regulatory requirements.
For existing facilities: The requirements contained in this document do not apply unless they have been included, in whole or in part, in the licence or licensing basis.
A graded approach, commensurate with risk, may be defined and used when applying the requirements and guidance contained in this regulatory document. The use of a graded approach is not a relaxation of requirements. With a graded approach, the application of requirements is commensurate with the risks and particular characteristics of the facility or activity.
An applicant or licensee may put forward a case to demonstrate that the intent of a requirement is addressed by other means and demonstrated with supportable evidence.
Important note: Where referenced in a licence either directly or indirectly (such as through licensee-referenced documents), this document is part of the licensing basis for a regulated facility or activity.
The licensing basis sets the boundary conditions for acceptable performance at a regulated facility or activity, and establishes the basis for the CNSC’s compliance program for that regulated facility or activity.
Where this document is part of the licensing basis, the word "shall" is used to express a requirement to be satisfied by the licensee or licence applicant. "Should" is used to express guidance or that which is advised. "May" is used to express an option or that which is advised or permissible within the limits of this regulatory document. "Can" is used to express possibility or capability.
Nothing contained in this document is to be construed as relieving any licensee from any other pertinent requirements. It is the licensee’s responsibility to identify and comply with all applicable regulations and licence conditions.
Table of Contents
- 1. Introduction
- 2. Fostering Safety Culture
- 3. Safety Culture Assessments
- Appendix A: Safety Culture Reference Framework
- Appendix B: Safety Culture Maturity Model
- Appendix C: Safety Culture Maturity Model Indicators and Specific Behaviours
- Glossary
- References
- Additional Information
1. Introduction
This section provides information for all licensees.
A healthy safety culture is a key factor in reducing the likelihood of safety-related events and mitigating their potential impact, and in continually improving safety performance. All workers, from senior managers downwards, have a shared responsibility to ensure that a healthy safety culture is a priority.
The term safety culture is standard terminology in many industries outside the nuclear industry. While the CNSC acknowledges that many definitions of safety culture exist, the CNSC defines safety culture as the characteristics of the work environment, such as the values, rules, and common understandings that influence workers’ perceptions and attitudes about the importance that the organization places on safety. This definition is aligned with others being used in the nuclear industry, sharing common elements and overall goals.
The approach, however, is holistic, and not restricted to only occupational health and safety.
The approach taken in this regulatory document is based upon the following principles:- Principle 1 Every organization has a safety culture.
- Principle 2 Safety culture is influenced by external and internal factors including all workers.
- Principle 3 Safety culture is complex and changes over time.
- Principle 4 Safety culture needs to be assessed and monitored to achieve the common goal of understanding the organization’s safety culture and limiting risk.
- Principle 5 Safety culture assessment and improvement activities are informed by a defined framework of key characteristics known to reflect a healthy culture.
A healthy safety culture is an interpretation of how safety is integrated into everyday work and interactions, rather than a program to be managed. It is reinforced in how people, including leadership, work together to create a deeper understanding of the culture and its impacts on safety. Monitoring to understand safety culture forms the foundation for building systemic safety improvements over time. Monitoring may include a wide range of methods, from simple workplace observations and interactions to comprehensive assessments of safety culture in larger organizations. A mature and continually improving safety culture manifests itself through everyday safety-related discussions, decisions and actions. Additional information on understanding safety culture can be found in IAEA Safety Report Series 83, Performing Safety Culture Assessments, section 2.1 Understanding Culture, Organizational Culture and Safety Culture [1].
The CNSC defines security culture as the characteristics of the work environment, such as the values, rules, and common understandings that influence workers’ perceptions and attitudes about the importance that the organization places on security.
Safety culture and security culture coexist through the shared common objective of limiting risk, and they share common goals and techniques for promotion and monitoring activities. In this document, "safety culture" denotes safety culture and security culture collectively, except where a distinction is made. It is therefore key for all licensees to engage in fostering a healthy safety culture in their organizations.
1.1 Purpose
This regulatory document establishes requirements and guidance for fostering and assessing safety culture.
1.2 Scope
This document contains requirements and guidance for Class I licensees and uranium mines and mills. For all licensees, this document contains useful information; licensees are encouraged to use this document to help them learn more about their organizations’ safety culture. This document provides more specific requirements and guidance related to safety culture, as an elaboration on the management system requirements contained in the CSA standard CSA N286, Management system requirements for nuclear facilities [2].
Nuclear power plants are subject to the requirements of sections 2 and 3, and are recommended to use the information and guidance of sections 1, 2, 3 and Appendices A & B. Other Class I nuclear facilities and uranium mines and mills are subject to the requirement of section 2, and are recommended to use the information and guidance of sections 1, 2, 3 and Appendices A & B.
Class II and nuclear substance licensees have no formal requirements, but are recommended to use Appendix C, and the information of sections 1, 2 and 3.
1.3 Relevant legislation
The following provisions of the regulations made under the Nuclear Safety and Control Act are relevant to this regulatory document:
- Paragraph 3(1)(e) of the General Nuclear Safety and Control Regulations (GNSCR) states that an application for a licence shall contain "the proposed measures to ensure compliance with the Radiation Protection Regulations, the Nuclear Security Regulations and the Packaging and Transport of Nuclear Substances Regulations, 2015;"
- Paragraph 3(1)(k) of the GNSCR states that "An application for a licence shall contain the following information: the applicant’s organizational management structure insofar as it may bear on the applicant’s compliance with the Act and the regulations made under the Act, including the internal allocation of functions, responsibilities and authority;"
- Paragraphs 12(1)(a), (b), (c), (f) and (j) of the GNSCR state that "Every licensee shall
(a) ensure the presence of a sufficient number of qualified workers to carry on the licensed activity safely and in accordance with the Act, the regulations made under the Act and the licence;
(b) train the workers to carry on the licensed activity in accordance with the Act, the regulations made under the Act and the licence;
(c) take all reasonable precautions to protect the environment and the health and safety of persons and to maintain security of nuclear facilities and of nuclear substances;...
(f) take all reasonable precautions to control the release of radioactive nuclear substances or hazardous substances within the site of the licensed activity and into the environment as a result of the licensed activity;...
(j) instruct the workers on the physical security program at the site of the licensed activity and on their obligations under that program;..." - Paragraphs 17(b), (c) and (e) of the GNSCR state that "Every worker shall...
(b) comply with the measures established by the licensee to protect the environment and the health and safety of persons, maintain security, control the levels and doses of radiation, and control releases of radioactive nuclear substances and hazardous substances into the environment;
(c) promptly inform the licensee or the worker’s supervisor of any situation in which the worker believes there may be...(i) a significant increase in the risk to the environment or the health and safety of persons;...
(e) take all reasonable precautions to ensure the worker’s own safety, the safety of the other persons at the site of the licensed activity, the protection of the environment, the protection of the public and the maintenance of the security of nuclear facilities and of nuclear substances." - Paragraph 21 (1) (a), (b), (c), (d), (e) of the GNSCR state that "Information that concerns any of the following, including a record of that information, is prescribed information for the purposes of the Act:
(a) a nuclear substance that is required for the design, production, use, operation or maintenance of a nuclear weapon or nuclear explosive device, including the properties of the nuclear substance;
(b) the design, production, use, operation or maintenance of a nuclear weapon or nuclear explosive device;
(c) the security arrangements, security equipment, security systems and security procedures established by a licensee in accordance with the Act, the regulations made under the Act or the licence, and any incident relating to security; and
(d) the route or schedule for the transport of Category I, II or III nuclear material, as defined in section 1of the Nuclear Security Regulations." - Subparagraph 4(a)(i) of the Radiation Protection Regulations states that "Every licensee shall implement a radiation protection program and shall, as part of that program,
(a) keep the amount of exposure to radon progeny and the effective dose and equivalent dose received by and committed to persons as low as is reasonably achievable, social and economic factors being taken into account, through the implementation of- (i) management control over work practices,"
- Subsection 1(1), of the Nuclear Non-Proliferation Import and Export Controls Regulations (NNIECR) defines various terms:
Controlled nuclear equipment means the controlled nuclear equipment and the parts and components for controlled nuclear equipment referred to in the schedule.
Controlled nuclear information means the controlled nuclear information referred to in the schedule.
Controlled nuclear substance means a controlled nuclear substance referred to in the schedule.
Transit means the process of being transported through Canada after being imported into and before being exported from Canada, in a situation where the place of initial loading and the final destination are outside Canada. - Subsections (2), (3) and (4) of the NNIECR state that
(2) All controlled nuclear substances are prescribed as nuclear substances for the purpose of paragraph (d) of the definition nuclear substance in section 2 of the Act, with respect to the import and export of those substances.
(3) All controlled nuclear equipment is prescribed equipment for the purposes of the Act, with respect to the import and export of that equipment.
(4) All controlled nuclear information is prescribed information for the purposes of the Act, with respect to the import and export of that information, unless it is made public in accordance with the Act, the regulations made under the Act or a licence. - Subsection 1(1) of the Nuclear Security Regulations (NSR) defines various terms:
physical protection measure means an element or a combination of elements in place at a nuclear facility for its protection — or for the protection of nuclear substances at the facility — against potential adversaries.
physical protection system means all of the physical protection measures in place at a nuclear facility.
threat and risk assessment means an evaluation of the adequacy of an existing or a proposed physical protection system designed to safeguard against
(a) intentional acts that could pose a threat to the security of a high-security site; and
(b) the exploitation of weaknesses in the physical protection measures of a high-security site. - Paragraph 3 (c) (f) and (g) of the NSR state that
(3) An application for a licence in respect of Category I or II nuclear material, other than a licence to transport, and an application for a licence in respect of a nuclear facility referred to in paragraph 2(b) shall contain the following information...:
(c) a description of the proposed security equipment, systems and procedures;
(f) the proposed plan and procedures to assess and respond to breaches of security; and
(g) the current threat and risk assessment. - Paragraph 3 of the Class I Nuclear Facilities Regulation states that "An application for a licence in respect of a Class I nuclear facility, other than a licence to abandon, shall contain...
(d) the proposed management system for the activity to be licensed, including measures to promote and support safety culture. - Paragraph 3 of the Uranium Mines and Mills Regulation states that "An application for a licence in respect of a uranium mine or mill, other than a licence to abandon, shall contain...(b) in relation to the activity to be licenced...
(v) the proposed management system for the activity, including measures to promote and support safety culture.
1.4 Relevant national and international standards
The International Atomic Energy Agency (IAEA) has identified the need for regulators and licensees to address safety culture. The IAEA’s framework that supports safety culture is embedded in several safety standards documents and safety guides. Safety culture is reflected throughout IAEA Safety Standards Series No. SF-1, Fundamental Safety Principles [3]. This document includes principles concerning the licensee’s primary responsibility for safety, the integration of safety culture with the management system, and the prevention of accidents through the application of defence in depth (SF-1 principles 1, 3, and 8, respectively). SF-1 also underscores the importance of integrating safety and security.
Key principles and elements used in developing this regulatory document are consistent with SF-1, as well as national and international standards, guides and practices. In particular, this regulatory document complements:
- CSA standard N286-12, Management system requirements for nuclear facilities [2]
- the following IAEA publications:
- Safety Report Series No. 83, Performing Safety Culture Self Assessments [1]
- GSR Part 1, Government, Legal and Regulatory Framework for Safety [4]
- GSR Part 2, Leadership and Management for Safety [5]
- GS-G-3.5, The Management System for Nuclear Installations [6]
- NS-G-2.4, The Operating Organization for Nuclear Power Plants [7]
- INSAG-24, The Interface Between Safety and Security at Nuclear Power Plants [8]
- INSAG-15, Key Practical Issues in Strengthening Safety Culture [9]
- Safety Reports Series No.11, Developing Safety Culture In Nuclear Activities [10]
1.4.1 Security culture
Canada is a signatory to the Amendment to the Convention on the Physical Protection of Nuclear Material [11], which obliges member states to apply all Fundamental Principles described therein. One of these concerns security culture.
- Fundamental Principle F: Security Culture
All organizations involved in implementing physical protection should give due priority
to the security culture, to its development and maintenance necessary to ensure its
effective implementation in the entire organization[11, pg5].
In IAEA Nuclear Security Series No. 7, Nuclear Security Culture, [12] the IAEA has identified the need for licensees, regulators, and states to establish an effective nuclear security culture. This will provide greater assurance of preventing, detecting, delaying and responding to theft, sabotage, unauthorized access, illegal transfer, or other malicious acts involving a nuclear substance, prescribed equipment or prescribed information use, storage, or transport.
As mentioned, security culture and safety culture coexist and mutually reinforce one another. Analysis of the characteristics and indicators of both cultures demonstrates significant alignment between the two. The differences are few and could be captured within a single embracing culture without significant process and material change to that in place to currently enhance safety culture.
The combined approach to fostering these cultures in a mutually supporting framework or policy is anticipated to result in mutually supporting activities that foster and enhance an inclusive culture while reducing duplication of effort. An approach of integration of these cultures provides an effective and efficient process which reduces the overall resources required for fostering culture and enables a more comprehensive and consistent approach to enhancement of the culture. Sharing operational experience and knowledge of safety culture development and enhancement methods could assist in enhancing and fostering the security culture characteristics and traits within an existing and mature culture model.
In addition, this regulatory document is based in part on the following publications:
- IAEA TECDOC No. 1801, Management of the Interface between Nuclear Safety and Security for Research Reactors [13]
- IAEA Nuclear Security Series No. 20, Objective and Essential Elements of a State’s Nuclear Security Regime [14]
- IAEA Nuclear Security Series No. 13, Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Revision 5) [15]
- IAEA Nuclear Security Series No. 14, Nuclear Security Recommendations on Radioactive Material and Associated Facilities [16]
2. Fostering Safety Culture
This section contains requirements and guidance applicable to all Class I facilities, and Uranium Mines and Mills.
Licensees shall document their commitment to fostering safety culture in their governing documentation.
This section provides information for all other licensees.
Guidance
2.1 Safety culture governance documentation
Principle 1 reads "Every organization has a safety culture," which should be reflected in an organization’s governing documentation. Licensees are responsible for fostering a healthy safety culture through promoting and reinforcing a collective commitment to safety that is responsive to the risk and complexity of the licensed activities. To achieve this, licensees should use all available avenues, including a reliance on governing documentation (e.g., policies, processes, procedures, and manuals) to define and manage safety goals and performance objectives. This helps provide context to the requirements concerning safety culture found in CSA standard CSA N286, Management system requirements for nuclear facilities [2].
The highest level of governing documentation should make safety the utmost priority – overriding the demands of production and project schedules and forming a basis for promoting a healthy safety culture, including a questioning attitude and a commitment to excellence in the performance of all activities important to safety. Governing documentation may describe the leadership role(s) encompassing the highest levels of responsibility for safety matters, as well as areas where workers share safety responsibility. Leaders may use governing documentation to demonstrate key safety behaviours to workers, while ensuring workers understand their defined safety responsibilities, goals and performance objectives. Promoting and reinforcing a collective commitment to safety includes the continual improvement and practical use of all governing documentation.
2.2 Ongoing monitoring of safety culture
Principle 4 reads "Safety culture needs to be assessed and monitored to achieve the common goal of understanding the organization’s safety culture and limiting risk." Ongoing (essentially continual) monitoring is a key activity to fostering a healthy safety culture. Monitoring safety culture provides management the means as to how safety manifests itself in everyday discussions, decisions and actions. Licensees have many processes and activities providing insight on safety culture, some of which are listed below. These should be periodically viewed, through the licensee’s management review processes, with a safety culture lens, aiming to increase awareness of the organization’s safety culture. Where monitoring activities identify improvement opportunities, consideration should be given to prioritizing and implementing these improvements.
Examples of safety culture monitoring data sources which management can leverage for discussion and analysis include:
- surveys, including topic-based surveys, worker surveys in focused areas, and follow-up surveys
- safety-related focus groups, town hall sessions or feedback tools
- opportunities for workers to discuss and reflect on their personal roles and responsibilities for safety
- seeking feedback on specific focus areas from workers, management, regulators, contractors or stakeholders
- trending and analysis of leading organizational performance indicators, and other organizational audits and evaluations
- trending and analysis of operational performance indicators detected through routine monitoring
- reflecting on formal and informal dialogue focused on safety between management and other workers
- potential for changes in safety culture following significant organizational changes, such as change in ownership, structure or responsibilities
- reporting of and responses to near misses, events or incidents
Additional information on ongoing monitoring of safety culture may be found in NEI 09-07 Revision1, Fostering a Healthy Nuclear Safety Culture [17].
For licensees undertaking safety culture assessments, ongoing monitoring offers a complementary method for monitoring safety culture health between safety culture assessments. For example, these monitoring activities can inform future assessments, such as through trending indicators from previous safety culture assessments. Additionally, information from monitoring activities conducted can be analyzed and understood in the context of safety culture assessment results. For example, insight from completed assessments may suggest new monitoring activities, or be used to refine existing monitoring activities.
The three-stage safety culture maturity model described in appendix B is a useful tool to initially establish a safety culture maturity baseline and to monitor changes over time. Safety culture maturity progress can then be tracked with suitable records.
3. Safety Culture Assessments
This section contains requirements and guidance applicable to Nuclear Power Plants.
Licensees shall conduct comprehensive, systematic and rigorous safety culture assessments at least every five years.
This section provides information for all other licensees.
Guidance
A safety culture assessment involves systematically gathering, reviewing and analyzing culturally relevant data, as well as identifying and implementing improvement actions. This is to promote safety, learn about organizational factors affecting safety, and to continually seek an understanding of how culture operates within the organization.
Principle 2 reads "Safety culture is influenced by external and internal factors including all workers". Organizations engaged in complex work involving many interdependent workers and processes can benefit from safety culture assessments.
Principle 3 reads "Safety culture is complex and changes over time." Changes in the organization can affect the safety culture – assessments should be carried out as operational needs dictate (new ownership, governance, structure, responsibilities or new activities such as refurbishment, decommissioning, etc.).
A safety culture assessment provides an opportunity for organizational leaders to actively promote and foster a healthy safety culture. Their support for engaging workers in open discussions, decisions and actions on safety ensures an environment of continual safety improvement. Shared space is a critical aspect of safety culture assessments; these assessments depend on the free flow of views and opinions in an environment of trust.
Information on the concept of shared space, an important consideration in undertaking safety culture assessments, can be found in IAEA Safety Report Series 83, Performing Safety Culture Assessments, section 2.3 Shared Space: Improving Safety Culture Through Healthy Social Interactions [1, pg12-14]. Additional information on safety culture assessments can be found in section 3.1 Purpose and Benefits of Safety Culture Assessments [1, pg15-16].
3.1 Criteria applicable to safety culture assessment methods
Adhering to a set of criteria ensures that safety culture assessments are consistent and subsequent findings are reliable over time. The following criteria apply to safety culture assessment approaches (the overall means) and methods (the specific data collection and analysis tools). Although these are intended for assessments conducted in large organizations, any size or type of licensee may use them to develop, improve and refine safety culture assessments.
Comprehensive
- The assessment approach is used to assess the entire organization, or a range of different job positions, departments, demographics and lines of work.
- The assessment approach covers the range of cultural characteristics/traits being assessed.
- The assessment approach uses a combination of quantitative and qualitative methods in order to build a comprehensive understanding of the licensee’s safety culture.
Systematic
- What is to be assessed is clearly described.
- Methods measure what they claim to measure.
- Information obtained from an assessment method is clearly documented to allow traceability throughout the analysis.
- The assessment produces a clear interpretation of the organization’s safety culture, based on collected data.
- Actions resulting from the assessment are linked to the analysis and the collected data.
Rigorous
- The methods minimize the chance for bias and unwanted subjectivity throughout the stages of scope setting, training, data collection, analysis, review and reporting.
- The methods are defensible and are described in sufficient detail so that they can be replicated by different individuals and across time.
- The assessment approach yields information that is credible because it is based on collected data.
3.2 Preparing for the safety culture assessment
There are different approaches to conducting a safety culture assessment. It may be conducted independently by an external organization or contractor or as a self-assessment by workers within the organization. A safety culture assessment is generally a hybrid of these two types, using a blended team of external participants and workers who represent all areas of the organization.
Organizations that hire a contractor to conduct the assessment have the advantage of increased objectivity over the course of an assessment. Consideration may be given to ensuring that the experience and insights gained from the assessment are retained within the organization. While self-assessments risk being less objective, they are more adaptable and offer learning and development opportunities for workers.
Additional information can be found in IAEA Safety Report Series 83, Performing Safety Culture Assessments section 3.2 Special considerations for Safety Culture Self Assessments [1, pg 17-18].
Safety and security are integrated goals for any nuclear facility. Although safety and security culture assessment methods are generally similar, a security culture assessment places additional emphasis on mitigating the risk (likelihood and consequences) of deliberate malicious acts. As a result, the comprehensive safety culture reference framework (Appendix A) has three indicators specific to security culture: the belief of a credible threat, employee screening practices and ensuring sensitive information is classified and controlled. While safety culture assessments could simultaneously assess security culture, licensees may choose to undertake independent assessments to assess security culture.
3.3 Plan the assessment
Planning the assessment involves applying the chosen assessment method and associated framework, as well as finalizing details of how data will be collected, analyzed, interpreted and reported.
Understanding that safety culture can change over time (Principle #3) will help an organization to maintain and improve safety. A maturity model may be used to describe and interpret the organization’s safety culture, so it can be monitored and improved (see appendix B).
The description of the safety culture assessment’s goals should explain how the assessment supports organizational objectives. An overview of how the safety culture assessment relates to relevant organizational programs and practices (e.g., corrective and preventive action programs, managing human performance, communications) should be included.
The description of the scope can provide a rationale for the organizational areas included in the assessment (e.g., departments, functions, workgroups, on site contractors).
If the current safety culture assessment is not the licensee’s first, planning can include reviewing previous safety culture assessments and the resulting improvement plans, to determine how these actions have affected the organization’s safety culture.
An overview of the assessment process can be found in IAEA Safety Report Series 83, Performing Safety Culture Assessments sections 4.1 – 4.3, covering Organizational Readiness, Application of Shared Space in Safety Culture Assessments, and Process Flow and Steps [1, pg19-26].
Documents related to the planning phase can include organizational context (size, risks, complexity) considered in determining the breadth and depth of data collection and analysis, as well as an overview of each phase of the assessment including associated timelines.
3.3.1 Assessment team selection
Selection of an appropriate assessment team is essential to ensuring the continual development and improvement of the assessment process and outputs.
The team should be selected to ensure adequate knowledge and expertise of safety culture and the organization’s technology. A best practice is to include representatives from another licensee organization or industry on the assessment team. Assessors involved in peer audits have more in-depth industry knowledge, and may also have an advantage relating to interviewees and interpreting data with greater objectivity.
Team members should collectively have knowledge and experience in:
- human factors and behavioural/social sciences
- qualitative and quantitative methods for cultural assessment
- assessments of safety culture
- various functional area specialties (e.g. security, workers both unionized and not unionized as applicable, operations, maintenance, corporate office staff, senior management)
- technologies of the organization
The overall team may reflect a balanced representation of the above, including consideration of worker demographics (age, gender, seniority).
The assessment team lead(s) may be experienced and knowledgeable in safety culture, monitoring of safety culture, and assessment and improvement methods. The team lead’s responsibilities may include:
- selecting team members and team member training, if necessary
- determining roles and responsibilities of team members
- planning and coordinating the assessment
- liaising with management and leadership (union, senior workers)
- communicating with the organization
- ensuring the organization is fully engaged in the assessment
- supervising the process of the assessment
- implementing measures to monitor and improve the assessment process where necessary
- producing preliminary and final reports
During the assessment, the team lead(s) may make decisions about all aspects of the assessment plan (e.g., management interfaces/engagement, team member roles and training, effective application of a safety culture framework and method, reporting of results, and transition to actions).
Additional information on team selection can be found in IAEA Safety Report Series 83, Performing Safety Culture Assessments, section 4.4 Team Composition and Competencies and section 4,5 Roles and Responsibilities [1, pg 27-30].
Documents related to team selection can include rationales of decisions regarding team membership.
3.3.2 Internal communications strategy
Licensees should develop and implement a communications strategy for the assessment, and consider proactively engaging workers and leaders throughout the assessment process. Where possible, safety culture assessments can be integrated with licensees’ overall communications strategies to ensure timely and consistent messaging. Licensees can consider the timing and frequency of communications, potential communication vehicles, and how to tailor messaging to specific audiences.
Communication with internal stakeholders may take place throughout the safety culture assessment, and the resulting planning and implementation of improvement initiatives. Senior management should promote organization-wide participation in all aspects of the assessment via surveys, interviews and other assessment tools.
For security culture, the communications plan must consider that some information is security sensitive; however, for the benefit of greater awareness, all aspects can be shared broadly even if this requires some incidents or lessons learned to be generalized.
A communications strategy can, at the various stages of an assessment and follow-up activities, include a summary of the assessment method, findings and improvement plans. The information should be shared with the following internal stakeholders to the extent possible:
- workers
- management
- organizational groups with special functions or requirements (e.g., security, health and safety committees, union representatives, contractors, etc.)
Licensees can expect and encourage feedback from stakeholders. Feedback can provide insight into the culture of the organization, and can be used to refine the communications strategy.
Additional information on communications throughout the assessment process can be found in in IAEA Safety Report Series 83, Performing Safety Culture Assessments section 4.3 Process Flow and Steps, and specifically the results of an assessment in section 7.2 Communicating the Results [1, pg19-26, 46-47].
Documents related to the communication strategy can include the communications plan. Records related to the communications strategy can include the communications themselves.
3.3.3 Assessment framework
Principle 5 reads "Safety culture assessment and improvement activities are informed by a defined framework of key characteristics known to reflect a healthy culture". A safety culture framework provides a basis for the systematic review of safety culture against a defined set of characteristics. It also provides a common vocabulary to facilitate communications, and aids in developing improvement plans to address the shared perceptions and attitudes of workers. There are several culture frameworks currently in use across a variety of organizations and licensee contexts.
Licensees should ensure that the safety culture assessment framework is mapped against the five safety culture characteristics (see Appendix A of this document).
3.3.4 Assessment method selection
In determining the assessment method, several factors can be considered, including the organization’s size and complexity, and the risks and consequences associated with the licensed activity. The assessment can address the shared beliefs and attitudes on safety and security – at all levels and functional areas of the organization. Assessments of safety culture may include specific language and data-gathering tools tailored to specific topics and workers.
3.4 Data collection
The primary methods used in safety culture assessments are well established social science tools being document review, surveys, focus groups, interviews and observations. One key area of this work is participant confidentiality. Participant confidentiality is crucial in gaining information from participants in safety culture assessments, and the assessment team should take precautions (e.g. restrict the number of team members who can access the identities and contributions of participants, de-identify the contributions of participants) to assure participants’ information is kept confidential.
Additional information on methods can be found in IAEA Safety Report Series 83, Performing Safety Culture Assessments, all of section 5 Methods, which explains the five data collection methods, including their limitations and risks [1, pg 30-37].
3.5 Data analysis
The primary analysis method in safety culture assessments is a thematic analysis. Rather than a linear exercise to compile information to build a case, the analysis is iterative, using parallel streams of information to explore cultural influences. The focus is to analyze the collected data to understand the culture as opposed to exclusively measuring adherence to the framework.
During the assessment, the team may need to refine its scope in order to identify possible patterns that warrant additional attention, data collection and analysis. Emergent themes identified throughout the assessment may lead to supplementary analysis and reflection. The assessment team should periodically review assessment objectives (such as those listed in section 3.1 of this document) to ensure adherence to methodological criteria.
Additional information on analysis can be found in IAEA Safety Report Series 83, Performing Safety Culture Assessments, section 6 Conducting the Analysis and section 6.1 Working with Qualitative and Quantitative data [1, pg 38].
Documents related to the assessment method and associated safety culture framework may include a discussion of how the data collection and analysis techniques applied are comprehensive, systematic and rigorous.
3.6 Assessment report
An assessment report should provide an overview of results: a summary of the analysis process, including general themes as well as the organization’s strengths and opportunities for improvement. Assessment findings may concentrate on one specific area or topic, and should be based on organization-wide data. A description of the data and analysis can be included with each finding. The report can outline the team’s findings, including supporting evidence aligned with the selected assessment framework. Any insights that the team can provide on the underlying cause of the findings will help develop the improvement plan.
Additional information on writing the final report can be found in IAEA Safety Report Series 83, Performing Safety Culture Assessments, section 7.1 Writing the self-assessment report [1, pg 45-46].
Documents related to summarizing the findings may include the executive summary, a description of the assessment process, and the final assessment report.
3.7 Respond to the assessment and transition to action
Licensees should respond to assessment results by developing and implementing an improvement plan. This can include an analysis of the assessment results and offer opportunities for organizational leaders to reflect on these results. The process of translating assessment findings and insights into actions may be integrated into existing programs and processes, such as problem identification and resolution systems; corrective and preventive action programs; leadership critical reflective conversations about safety culture; safety culture monitoring panels; and other organizational improvement processes.
The improvement plan represents a road map toward the organization’s vision of the desired safety culture, and it should contain goals and timelines for achieving them. The licensee may articulate or reaffirm this vision in subsequent communications; the characteristics of a healthy safety culture can help articulate and refine this vision, which may be compared to the current safety culture state based on the assessment. Any gaps will inform management as to where to focus the improvement plan, and identify positive characteristics that should be protected and fostered.
Licensees can prioritize improvements based on assessment results, with consideration to the potential impact to safety and security, trends from previous assessments, and the unique context of their organization and work environment, as well as organization’s vision of the desired safety culture. How a licensee chooses improvements following an assessment, and the commitment to implementing these improvements, should be consistent with its management system and lead to improvements.
Additional information on the transition into action can be found in in IAEA Safety Report Series 83, Performing Safety Culture Assessments, section 7.3 Transition to Action [1, pg 47-49].
Records on the assessment report and improvement plan may include a discussion of how the assessment findings are integrated with safety culture monitoring activities and the organization’s processes and practices to improve safety. Specific corrective/preventive actions may be described along with the expected results and timelines for implementation.
Appendix A: Safety Culture Reference Framework
This Appendix provides guidance for all licensees.
The following list is a reference framework for demonstrating a commitment to safety, and describes five characteristics of a healthy safety culture. It includes observable and measurable indicators for each safety culture characteristic and can help licensees clearly demonstrate how they foster safety culture in their organization. The framework is adapted from the GS-G-3.5, The Management System for Nuclear Installations [6]; and IAEA Nuclear Security Series No. 7, Nuclear Security Culture [11]. Since healthy safety and security cultures have similar characteristics and indicators, these are consolidated. Indicators that apply only to security culture are marked with an asterisk (*).
Safety is a clearly recognized value
- Resources are allocated as necessary to ensure safety.
- Multiple mechanisms are used to clearly communicate the value of safety in the organization.
- Timely decisions are made that reflect the value and relative priority placed on safety.
- The importance of safety is documented and demonstrated in the operation of the organization.
- The promotion of a healthy safety culture is prevalent throughout all aspects of the management system.
- Workers understand that safety, security, and production are closely linked.
- Workers understand that a credible threat to security exists, and acknowledges that nuclear security is important*.
- There is a sense of urgency to correct significant safety weaknesses or vulnerabilities.
Accountability for safety is clear
- There are clearly defined roles and responsibilities for all levels and positions in the organization.
- Workers are held accountable for adherence to established policies and procedures.
- Shared safety responsibilities are delegated to individuals and teams with appropriate authority.
- There is a high degree of compliance with, and understanding of, regulatory requirements.
- Complete and accurate information is provided to the CNSC, and other stakeholders as appropriate, in a timely and open manner.
- Workers demonstrate a commitment to safety throughout the organization and an understanding of how they contribute to safety goals.
- Workers understand how their roles and interfaces contribute to maintaining safety.
A learning organization is built around safety
- Lessons learned from experiences internal and external to the organization, including successes and challenges, are used as a basis for continual improvement.
- Safety culture assessments, including self-assessments are used to improve performance.
- Processes exist to identify and correct problems in a timely manner, and to develop, implement, and measure the effectiveness of corrective and preventive actions.
- Various training methods are used to maintain and improve professional and technical competence of members of the organization.
- Safety performance indicators are continually developed, tracked, evaluated and acted on.
- Workers are encouraged and recognized for reporting concerns or suspicions, are free from reprisal, and feel that they have been heard when they voice issues.
- A questioning attitude is maintained by all members of the organization to constantly challenge the safety of day-to-day activities.
- There is systematic development of individual competencies.
- There is an appreciation throughout the organization for diversity of opinion.
- Lessons learned are shared with domestic and international partners.
Safety is integrated into all activities in the organization
- Documentation and processes, from planning to implementation and review, are complete and followed in accordance with management system requirements.
- Classification and control measures are implemented to protect sensitive information.*
- Safety performance indicators are continually tracked, trended and evaluated in order to monitor safety; ineffective performance indicators are refined and improved to ensure they continually reflect the health of the licensee’s safety culture.
- Documented screening processes match the risks and threats associated with the specific employment roles and responsibilities*.
- Workers have the necessary knowledge of work processes and adhere to them.
- Workers are involved in risk assessment and decision-making processes.
- Workers are empowered to identify and address issues related to safety matters.
- There are good housekeeping practices, well maintained materials and equipment, and good working conditions in place.
A safety leadership process exists in the organization
- All workers are involved and motivated in promoting a healthy safety culture.
- Managers are visible and actively involved in both preventive and reactive safety-related activities.
- Change management processes are in place and are followed to achieve orderly transitions.
- Collaboration, mutual respect, safety conscious behaviour and teamwork are encouraged, supported and recognized.
- Commitment to safety is evident at all levels of the organization.
- The impact of informal leaders on safety culture is recognized and leveraged to continually improve safety culture.
- There are clear expectations and policies to support open communications.
- Managers communicate clear expectations for performance in areas that affect safety.
- A proactive and long-term approach to safety is demonstrated in decision making.
- Managers do not abuse authority to circumvent safety or security.
- Managers seek continual improvement in security and work to prevent complacency from compromising overall safety objectives.
Appendix B: Safety Culture Maturity Model
This appendix provides guidance for all licensees.
Understanding how safety culture changes over time, both positively and negatively, is essential to fostering safety culture. The safety culture maturity model presented here, as well as the associated indicators in Appendix C, have been adapted from the following IAEA publications:
- IAEA-TECDOC No. 1329, Safety Culture in Nuclear Installations: Guidance for Use in the Enhancement of Safety Culture [18]
- INSAG-15, Key Practical Issues in Strengthening Safety Culture [9]
- Safety Series Report No.11, Developing Safety Culture in Nuclear Activities – Practical Suggestions to Assist Progress [10]
Note that specific activities or behaviours within an organization, group or team will often fit into more than one stage depending on the specific indicators used. Organizations, groups, or teams may fluctuate between these stages over time.
The three stage descriptive safety culture maturity model below can be also used to assess security culture maturity, so that it can be monitored and improved.
Stage 1: Requirement-driven
Safety is primarily reactive and driven by formal rules and management direction.
Safety is viewed principally as a technical and procedural issue related to worker safety. Adherence to established rules and externally imposed regulations become the overriding reasons for safety in the performance of work. Procedural violations are understood primarily as individual worker issues as opposed to an outcome of organizational processes. Most workers believe that safety is primarily a responsibility of management or a designated authority, and that safety requirements and procedures are generally imposed upon them by others.
Stage 2: Goal-driven
Good safety performance becomes an organizational objective and is dealt with primarily in terms of safety goals.
There are processes and procedures for achieving safety goals. These processes are grounded in clear organizational objectives, which describe how specific organizational values and goals relate directly to safety. Improvement initiatives are administered and monitored by suitably qualified and experienced persons, while workers have the option to contribute to improvements in safety performance. Safety targets are monitored for effectiveness and strengthened over time, and safety goals are systematically integrated across all areas. It is understood that worker performance depends on effective organizational systems.
Stage 3: Continually improving
Safety is seen as a continually improving and proactive process, beginning with all workers sharing a clear vision of and value for safety.
All workers, including managers and contractors are personally and actively involved in enhancing safety throughout the organization. Everyone has a clear understanding of safety-related requirements and how their own responsibilities contribute to achieving and sustaining enhancements to safety in their everyday tasks. Complacency towards risks and threats is identified and eliminated through attention to process safety, and all workers share a questioning attitude.
Appendix C: Safety Culture Maturity Model Indicators and Specific Behaviours
This appendix provides information for Class II and Nuclear Substances licensees.
The following table lists indicators and describes specific behaviours related to the three stages of maturity of an organization’s safety culture. The sources for this table are explained in the introductory paragraph of Appendix B.
Indicator | Stage 1: Requirement-driven | Stage 2: Goal-driven | Stage 3: Continually improving |
---|---|---|---|
Planning | Problems are not anticipated, and the licensee reacts to each problem as it occurs. | The licensee concentrates primarily on day-to-day matters, with limited long-term focus on building value through safety. | The licensee acts strategically with a focus on the longer term as well as awareness of the present. It seeks to anticipate problems and deal with their causes before they happen. |
Communication and teamwork | Communication between individuals and departments is poor. Collaboration between departments and functional areas is not encouraged. | Management encourages cross-departmental and cross-functional teams and communication. Senior managers function as a team and coordinate departmental and functional decisions. | Workers recognize and demonstrate the need for collaboration between departments. They receive management support, recognition and resources needed to collaborate. |
Response to errors | Most mistakes are hidden by work-arounds. Only mistakes with severe consequences are identified and are blamed on workers for their failure to comply with rules. | Management’s approach to mistakes is to put more controls in place via procedures and retraining; blaming workers is less prevalent. | Almost all mistakes are viewed in terms of work process variability. It is more important to the licensee to understand what has happened than to find someone to blame; this understanding is used to modify work processes and reinforce worker perceptions. |
Role of management | Management is seen primarily as endorsing the rules, pushing workers, and expecting results. | Management’s role is seen as applying management techniques. | Coaching workers to improve safety performance is a part of management’s role. Management is accountable for modelling continual safety improvements. |
Learning | There is little listening to or learning from safety-related experience inside or outside the organization. A defensive posture is assumed in the face of constructive criticism. | The licensee is somewhat open to learning from other organizations, especially techniques and best practices. | Learning from others both inside and outside the organization is valued; time is made available and devoted to adapting such knowledge to improve safety performance. |
Value of safety ("safety-production balance") | Safety is viewed as a required nuisance. Short-term profit or productivity goals are seen as all-important and often take priority over safety. | Safety is thought to imply higher cost and reduced production. | Safety and production are seen as interdependent. |
Stakeholder relationships | Regulators, suppliers, and contractors are treated cautiously or in an adversarial manner. | The licensee’s relationship with regulators, suppliers, and contractors are kept distant rather than close; there is a cautious approach where trust must be earned. | Collaborative relationships are developed between the licensee and regulators, suppliers, customers, and contractors. |
Value of diversity | Workers are viewed as "system components" who are defined and valued solely in terms of what they produce. Diversity is seen as a weakness. | Diversity is acknowledged as important, but rarely exploited. Diversity is used intermittently in decision-making. | Workers are respected and valued for their contribution to overall performance and for their knowledge of safety as applied. Diversity in opinions is sought and embraced. |
Adherence to processes | There is little or no awareness of work or business processes. Expectations are not put in writing and are often assumed. | There is a growing awareness of the impact of influence of culture in the workplace. It is not understood why added controls do not yield the expected results in safety performance. Expectations are written and adherence is expected. | Workers believe in and follow work processes in the organization, and help managers to oversee them. |
Conflict management | Dissenters are punished for their viewpoints. There is an adversarial relationship between management and other workers. | Dissenters are tolerated but not encouraged. Conflict is seen as disturbing, and is discouraged in the name of teamwork. | Questions are encouraged and dissenters’ viewpoints are appreciated. Conflict is recognized, and it is addressed by finding mutually beneficial solutions. Management and workers have a respectful and supportive relationship. |
Systems view | Workers perform in isolation; "not my problem" is commonly heard. | Workers are cognizant of how their role and tasks performed affect the organization. | Workers are fully aware of broader organizational goals and how they contribute to them. Decisions are made in the full context of their safety impact on work or business processes, as well as on departments and overall safety performance. |
Performance management | Performance incentives are not aligned with safety and security goals. Workers are rewarded for obedience and what they produce and deliver, regardless of long-term consequences. | Individual performance incentives are aligned with attaining safety and security goals. It is important to meet or exceed short term productivity goals; workers are rewarded for exceeding goals, regardless of the long-term results or consequences. | Performance incentives – both individual and collective – are aligned with attaining safety and security goals. Short-term performance is measured and analyzed so that changes can be made to improve long-term performance. The licensee rewards not only those who produce, but also those who support others’ work and the achievement of organizational goals, including safety. Workers are also rewarded for improving processes as well as results. |
Feedback | Feedback is rarely given. | Feedback is given and improvement is consequently expected, regardless of context. | Feedback is routine and it becomes typical to use it to make improvements. |
Training | Training is understood as an imposition and impediment to getting work done. | Training is understood as a necessity. | Training is understood as an investment. |
Glossary
For definitions of terms used in this document, see REGDOC-3.6, Glossary of CNSC Terminology, which includes terms and definitions used in the Nuclear Safety and Control Act and the regulations made under it, and in CNSC regulatory documents and other publications. REGDOC-3.6 is provided for reference and information.
learning organization
A work environment where people continually build on their capability to reach their goals, where new and challenging ways of interacting and behaving are encouraged in order to meet future organizational challenges, and where everyone has the opportunity to make sense of their work together.
safety culture assessment
A periodic evaluation of safety culture using a defined framework and method for data collection, analysis, interpretation and reporting.
security culture
The characteristics of the work environment, such as the values, rules, and common understandings that influence workers’ perceptions and attitudes about the importance that the organization places on security.
References
- International Atomic Energy Agency (IAEA), IAEA Safety Report Series No. 83 Performing Safety Culture Self Assessments, Vienna, 2016.
- CSA Group, N286-12, Management System Requirements for Nuclear Facilities, Mississauga, 2012.
- IAEA, IAEA Safety Standards Series No. SF-1, Fundamental Safety Principles, Vienna, 2006.
- IAEA, IAEA Safety Standards Series No. GSR Part 1, Government, Legal and Regulatory Framework for Safety, Vienna, 2010.
- IAEA, IAEA Safety Standards Series No. GSR Part 2, Leadership and Management for Safety, Vienna, 2016.
- IAEA, IAEA Safety Standards Series No. GS-G-3.5, The Management System for Nuclear Installations, Vienna, 2009.
- IAEA, IAEA Safety Standards Series No. NS-G-2.4, The Operating Organization for Nuclear Power Plants, Vienna, 2001.
- IAEA, International Nuclear Safety Group report INSAG-24, The Interface Between Safety and Security at Nuclear Power Plants, Vienna, 2010.
- IAEA, International Nuclear Safety Group report INSAG-15, Key Practical Issues in Strengthening Safety Culture, Vienna, 2002.
- IAEA, IAEA Safety Series Report No.11, Developing Safety Culture in Nuclear Activities – Practical Suggestions to Assist Progress, Vienna, 1998.
- IAEA, IAEA Information Circular 274 Rev. 1 Mod. 1 Amendment to the Convention on the Physical Protection of Nuclear Material, Vienna, 2016.
- IAEA, IAEA Nuclear Security Series No. 7, Nuclear Security Culture, Vienna, 2008.
- IAEA, IAEA-TECDOC No. 1801, Management of the Interface between Nuclear Safety and Security for Research Reactors, Vienna, 2016.
- IAEA, IAEA Nuclear Security Series No. 20, Objective and Essential Elements of a State’s Nuclear Security Regime, Vienna, 2013.
- IAEA, IAEA Nuclear Security Series No. 13, Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Revision 5), Vienna, 2011.
- IAEA, IAEA Nuclear Security Series No. 14, Nuclear Security Recommendations on Radioactive Material and Associated Facilities, Vienna, 2011.
- National Energy Institute NEI 09-07 Revision 1 Fostering a Healthy Nuclear Safety Culture, Washington DC, 2014.
- IAEA, IAEA-TECDOC No. 1329, Safety Culture in Nuclear Installations: Guidance for Use in the Enhancement of Safety Culture, Vienna, 2002.
Additional Information
- Canadian Nuclear Safety Commission, History of Discussion paper DIS-12-07, Safety Culture for Nuclear Licensees, Ottawa, 2013.
- International Atomic Energy Agency (IAEA), IAEA-TECDOC No. 1707, Regulatory Oversight of Safety Culture in Nuclear Installations, Vienna, 2013.
- IAEA, (draft) technical guidance, Enhancing nuclear security in organisations associated with nuclear and/or radioactive material.
- World Association of Nuclear Operators, PL 2013-1, Traits of a Healthy Nuclear Safety Culture, London, 2013.
- Nuclear Quality Standard Association, NSQ-100 Guidelines: Section B – Safety Culture, 2016.
- IAEA, IAEA Nuclear Security Series technical guidance No. 28-T, Self-Assessment of Nuclear Security Culture in Facilities and Activities, Vienna, 2017.
CNSC Regulatory Document Series
Facilities and activities within the nuclear sector in Canada are regulated by the Canadian Nuclear Safety Commission (CNSC). In addition to the Nuclear Safety and Control Act and associated regulations, these facilities and activities may also be required to comply with other regulatory instruments such as regulatory documents or standards.
Effective April 2013, the CNSC's catalogue of existing and planned regulatory documents has been organized under three key categories and twenty-five series, as set out below. Regulatory documents produced by the CNSC fall under one of the following series:
- 1.0 Regulated facilities and activities
- Series 1.1 Reactor facilities
- 1.2 Class IB facilities
- 1.3 Uranium mines and mills
- 1.4 Class II facilities
- 1.5 Certification of prescribed equipment
- 1.6 Nuclear substances and radiation devices
- 2.0 Safety and control areas
- Series 2.1 Management system
- 2.2 Human performance management
- 2.3 Operating performance
- 2.4 Safety analysis
- 2.5 Physical design
- 2.6 Fitness for service
- 2.7 Radiation protection
- 2.8 Conventional health and safety
- 2.9 Environmental protection
- 2.10 Emergency management and fire protection
- 2.11 Waste management
- 2.12 Security
- 2.13 Safeguards and non-proliferation
- 2.14 Packaging and transport
- 3.0 Other regulatory areas
- Series 3.1 Reporting requirements
- 3.2 Public and Aboriginal engagement
- 3.3 Financial guarantees
- 3.4 Commission proceedings
- 3.5 CNSC processes and practices
- 3.6 Glossary of CNSC terminology
Note: The regulatory document series may be adjusted periodically by the CNSC. Each regulatory document series listed above may contain multiple regulatory documents. For the latest list of regulatory documents, visit the CNSC's website.
Page details
- Date modified: