Louis Aucamp

LPX-000032-PMG-PLN RISK MANAGEMENT PLAN RISK MANAGEMENT PLAN FOR LEEUWPAN OI BFS EXXARO LPX--RIS-PLN-0001 COMPILED BY: TITLE SIGNATURE Louis Aucamp, BVI Senior Project Manager DATE 2015/06/10 CHECKED AND APPROVED BY: TITLE SIGNATURE DATE Ferdi Smith, BVI Lead Engineer, Civil 2015/06/10 Willem Visagie, BVI Engineering Manager 2015/06/10 Lenro Harmse, BVI Engineering Manager 2015/06/10 ACCEPTED BY: TITLE SIGNATURE DATE Shilendra Pillay OI Project, Civil Engineer 2015/06/10 Sibo Khumalo, OI Project, Project Manager 2015/06/10 Ntokozo Mthimkhulu, OI Project, Eng. Manager 2015/06/10 John Metembo, Exxaro, Principal Civil Engineer 2015/06/10 Gert Fourie, OI Project, Construction Manager 2015/06/10 Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 1 of 22 Risk Management Plan DOCUMENT APPROVALS ROLE NAME SIGNATURE DATE Project Business Sponsor Click here to enter a date. Project Review Group Click here to enter a date. Client Group Click here to enter a date. Project Manager Click here to enter a date. Change Manager Click here to enter a date. Quality Manager Click here to enter a date. Communication Manager Click here to enter a date. DOCUMENT CONTROL DOCUMENT INFORMATION INFORMATION Document Owner Publish Date 10 Jun 2015 DOCUMENT HISTORY VERSION A Doc ID: DATE 2015/06/10 CHANGES Draft LPX--RIS-PLN-0001 Revision: A Date: - Page: 2 of 22 Risk Management Plan ABBREVIATIONS AND ACRONYMS The following acronyms are applicable to this document: For more details, please consult the Glossary. ACRONYM DESCRIPTION ALARP As low as reasonably practical BFS Bankable Feasibility Study BRA Baseline Risk assessment CHPP Coal Handling and Preparation Plant CRA Continuous Risk Assessment DWA Department of Water Affairs EDMS Enterprise Document Management System FEL Front-end loader FEL -3 Front end loading (project implementation phase) IBRA Issue based Risk Assessment IMS Integrated Management System ISO International Standards Organisation m Metre m³ Cubic Metre MFD Mechanical Flow Diagram MHSA Mines health and Safety Act (Act 29 1996) MOC Management of Change MSDS Material Safety Data Sheet OHSA Occupational Health and Safety Act (Act 85 of 1993) PFD Process Flow Diagram QMS Quality Management Systems Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 3 of 22 Risk Management Plan DEFINITIONS The definitions listed below apply to this document. For more details, please consult the Glossary. TERM DEFINITION Agent In our Company’s environment a hazard is referred to as an agent. Agent type Agent type refers to the hazard type. For example Hygiene noise agent type refers to a risk that is classified as a hygiene risk (Noise). Subsequently the agent linked to this agent type would be, for example, “Industrial noise” or “Nuisances noise”. APPROVED Approved by the Engineer in writing. Aspect/Causes/Hazards/Perils Are those factors that results in, or are directly responsible for the event occurring. An element of an organisation’s activities, products and services that can interact with the environment Baseline risk assessment A baseline risk assessment is done to determine the current status of hazard based risks associated with the business. CLIENT Exxaro Consequence Is that which follows from the occurrence of an event and which impacts on the objectives and results in a loss or gain. Continuous risk assessment The purpose of conducting continuous HIRA is to ensure that additional risks introduced by changes in the system are captured and addressed. Most importantly, this form of HIRA is an integral part of day to day management. Examples of continuous Risk Assessments are:  Audits  Pre work assessments (DSTI’s)  General hazard awareness  Machine checklists Corrective control Assist in recovering from an adverse incident and are attached to the consequence - they assist in reducing the impact of a risk. Cost benefit analysis Is a scientific method to determine whether the risk reduction or mitigation measures that have been recommended are economically justifiable. Critical control measures These are risk control measures that are put in place to prevent critical events; that can cause damage to the business, people or the environment. DRAWINGS Fully dimensioned drawings and schedule prepared by the Engineer, showing all members with their size, concrete grade and enforcement layout, and any other information required for construction ECSA Engineering Council of South Africa ENGINEER The individual, or company, responsible for the design, for preparation of the Drawings (or approval of Drawings prepared by others) and where applicable, inspection of construction for conformity with design. Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 4 of 22 Risk Management Plan TERM DEFINITION Environment Means the surroundings in which an organisation operates, including land, humans, water, atmosphere, micro-organisms, plant life, animal life, flora, fauna, natural resources or any part / combination thereof. High risk or significant impact The risk is so great that it should be reduced to at least a tolerable level by applying applicable risk control actions. Impact Is the amount of loss or gain that is sustained from the consequence of a risk. Incident An undesired event has the potential to cause harm to people, property, profits and the environment. Inherent risk Is the level of risk before treatment measures have been taken or the effectiveness of existing controls have been considered ISO International Standards Organization Issue based risk assessment Is a detailed assessment study and is conducted to address particular and specific issues that have arisen in the workplace. It provides recommendations to management and may include the following:  Input into continuous Hazard/Aspect Identification and Risk Assessment  Action plans for the treatment of significant risk; and  Input into training programs, standards, procedures, codes of practice and the safety management system. An issue-based risk assessment can be modified after an accident; incident or dangerous occurrence has taken place. Other factors that could cause an issue-based risk assessment to change are: New equipment, or changes to equipment  Findings that come out of continuous risk assessment  Requests from employees  A change in the baseline risk profile  New knowledge and information becoming available on the level of risk to employees  Changes to legislation. Likelihood Is a qualitative description of probability or frequency Low risk The risk is generally acceptable unless actions are required by legislation. Person competent in the Is a person who is formally trained or has the knowledge, experience execution of risk assessments and ability to execute a risk assessment. Person responsible for risk assessments This is the person assigned to ensure that all requirements of this plan will be complied with when a risk assessment is initiated and executed. This person will typically be the Shift boss / Forman (Production), Mine Overseer / Chief Forman (Maintenance and other areas). Preventative control Prevent risks from occurring and are attached to the risk and its causes and reduce the likelihood of the risk occurring Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 5 of 22 Risk Management Plan TERM Reasonably practical DEFINITION Means practicable having regard to:  The severity and scope of the hazard or risk concerned.  The state of knowledge reasonably available concerning that hazard or risk and of any means of removing or mitigation that hazard or risk.  The availability and suitability of means to remove or mitigate that hazard or risk and the cost of removing or mitigating that hazard or risk in relation to the benefits deriving there from. Residual risk Is the remaining level of risk after considering existing controls Responsible person Is the authorised person appointed in terms of MHSA, responsible for specific equipment or a pre-defined area according to set coordinates. Risk assessment Means a process of collecting, analysing, interpreting, communicating and implementing information in order to identify hazards or aspects and determine the frequency, magnitude, environmental impact and nature of any incident/scenario which may occur in the area and the measures needed to remove, reduce or control potential causes of such incidents/scenarios. Risk assessment team This is a multi-disciplinary group of knowledgeable persons familiar with the hazards in their work areas. Risk controls (Safety measures) Taking measures to reduce either the frequency and/or severity of an undesirable event and to make provision for the losses that can occur. Risk matrix This is an integrated matrix, where the consequence and probability are plotted against each other in order to determine the level of a risk. Risk ranking Risk ranking is the process used to prioritise risks for the purpose of risk reduction or mitigation by using the Company risk matrix. Risk reduction project A risk reduction project is a project with specific objectives to eliminate or reduce a risk within a work area by means of engineering controls. Risk register A document which contains all SH&E risk assessments done such as: Health assessments; Task assessments; Environmental assessments; Process assessments, Transportation assessments, Emergency Management assessments, Security assessments etc. Risk value The value determined from the Company risk matrix by the combination of the expected frequency and consequence of a single incident or a group of incidents or scenarios. Risks Are uncertain future events that could influence the achievement of our business objectives SANS South African National Standard SH&E specialist This refers to a person with specialised knowledge of specific SH&E functions e.g. Hygienist, Safety Coordinator, Safety officer and full time Safety Representatives etc. Tolerable risk Is the level of risk which falls between the high and the low risk. A risk lying in this region can be made as low as reasonably practicable. This level is defined as “tolerable”. Tolerability does not mean acceptability; it refers to the willingness to live with the risk to secure certain benefits and in the confidence that it is being properly controlled. Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 6 of 22 Risk Management Plan Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 7 of 22 Risk Management Plan REFERENCES The following documents are either Applicable Documents - applicable to the extent specified herein and thus forming part of this document. The applicability will generally relate to the Project in terms of policy, procedures, standards, specification, qualification, etc.; or Reference Documents - where the information concerned has been fully extracted from the reference document and added to this document, or where the reference document contains information relevant to this document, or for information only. DOCUMENT NAME RELEVANCE PROJECT REFERENCE DOCUMENTS GCS Project Number: 11-447 Client Reference: 11-447 GCS, Hydrological Investigation on Leeuwpan Mine Report, Version – Draft 3, October 2013 EWPM- Leeuwpan OI BFS Project : Project Scope of Work EWPM- Leeuwpan OI BFS Project : Battery Limits and Interface Plan LPX--CIV-SPE-0001 Leeuwpan OI BFS Project : Civil Infrastructure Design Criteria LPX--STE-SPE-0001 Leeuwpan OI BFS Project : Civil Structural Design Criteria LPX--CIV-SPE-0001 Leeuwpan OI BFS Project : Civil Architectural Design Criteria LPX--ELE-SPE-0001 Leeuwpan OI BFS Project : Electrical and Process Control Design Criteria Risk Matrix Exxaro 5 x 5 company risk matrix ISO 31000:2009 Risk - Principles and Guidelines on Implementation ISO/IEC 31010:2009 Risk Management - Risk Assessment Techniques ISO Guide 73:2009 - Risk Management - Vocabulary ISO 14001 Environmental Management System OSHAS 18001 Occupational Health And Safety Management System LEGISLATIVE REQUIREMENTS National Environmental Management Waste Act (Act No 59 of 2008) Regulation 634 of the National Environmental Waste Management Act (Act No 59 of 2008), Waste Classification and Management Regulations; Regulation 635 of the National Environmental Waste Management Act (Act No 59 of 2008), National norms and standards for the assessment of waste for landfill disposal Regulation 636 of the National Environmental Waste Management Act (Act 59 of 2008), National Norms and Standards for the disposal of waste to landfill Notice 737 of 2013 by the Department of Environmental Affairs, Explanatory Summary of the National Environmental Management: Waste Amendment Bill, 2013 Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 8 of 22 Risk Management Plan DOCUMENT NAME RELEVANCE Police Services Code of Practice SAP412 South African Police Specifications for electrical fencing of magazines Gazette No 26187, Revision of General Authorizations in terms of Section 39 of the National Water Act, 1998 (Act No 36 of 1998) Government Gazette, 18 May 1984 No. 9225, Regulation No 991 Requirements for the purification of waste water effluent National Water Act (Act 36 of 1998) Regulation GN704 Mine Health and Safety Act, 1996 Mineral and Petroleum Resources Development Act, 2002 (Act 28 of 2002) Section 39 (4) of the Act Hazardous Substances Act No 15 of 1973 Environment Conservation Act No 73 of 1989 National Environment Management Act No 107 of 1998 Government Notice No. 704, National Water Act, 1998 (Act No. 36 of 1998) dealing with regulations on use of water mining and related activities aimed at the protection water resources The Dam Safety regulations (published in Government Notice R. 139 of 24 February 2012) Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 9 of 22 Risk Management Plan TABLE OF CONTENTS DOCUMENT APPROVALS .....................................................................................................................2 DOCUMENT CONTROL ..........................................................................................................................2 ABBREVIATIONS AND ACRONYMS .....................................................................................................3 DEFINITIONS ...........................................................................................................................................4 REFERENCES .........................................................................................................................................8 TABLE OF CONTENTS .........................................................................................................................10 1. OBJECTIVE .................................................................................................................................11 2. SCOPE .........................................................................................................................................11 3. INTRODUCTION ..........................................................................................................................11 4. MINIMUM REQUIREMENTS .......................................................................................................12 5. RESPONSIBILITIES AND ACCOUNTABILITIES ......................................................................13 6. OVERVIEW OF RISK ASSESSMENT PLAN .............................................................................14 7. STEPS TO CONDUCT A RISK ASSESSMENT .........................................................................14 8. AGENTS ......................................................................................................................................15 9. CONTROL MEASURES ..............................................................................................................16 9.1 Preventative .......................................................................................................................16 9.2 Corrective ...........................................................................................................................16 10. CONTROL OWNERS ..................................................................................................................16 11. RECORD MANAGEMENT ..........................................................................................................16 12. ANNEXURES ...............................................................................................................................17 12.1 Annexure A – Guidelines when to Conduct Risk Assessments ........................................17 12.2 Annexure B – Company Matrix ..........................................................................................19 12.3 Annexure C – Risk Assessment Template ........................................................................21 12.4 Annexure D – Highest Risks ..............................................................................................22 TABLES No table of figures entries found. Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 10 of 22 Risk Management Plan 1. OBJECTIVE To provide minimum requirements for a SH&E Risk assessment methodology by the systematic identification of hazards and the evaluation of risks associated with the company’s activities, products and services, in order to protect people, profit, assets and the environment as well as identify control measures to eliminate or control the level of risk. This plan describes processes for: 1) Identification of potential hazardous events and environmental aspects 2) Evaluation of the level of risk from hazardous events and impact of environmental aspects 3) Identification / implementation of control measures to reduce the risk or environmental impact 2. 4) Identification and regular review of the integrity of critical control measures 5) Review of hazards, risk and control measures SCOPE The scope of this plan includes the risks arising from the company’s activities, products and services, which the company can control or which it can be expected to influence. This plan defines the minimum requirements, responsibilities and the process to be followed in the management, execution and control of SH&E risk assessments. This plan applies to SH&E risk assessments carried out within Company. 3. INTRODUCTION The scope of this plan includes the risks arising from the company’s activities, products and services, which the company can control or which it can be expected to influence. This plan defines the minimum requirements, responsibilities and the process to be followed in the management, execution and control of SH&E risk assessments. This plan applies to SH&E risk assessments carried out within Company. Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 11 of 22 Risk Management Plan 4. MINIMUM REQUIREMENTS  All supervisors must conform to the legal requirement that steps must be taken as may be reasonably practicable to eliminate or mitigate any risk or potential risks to the safety or health of employees and the environment, before resorting to personal protective equipment.  Hazards and environmental aspects associated with the company’s activities, products and services shall be systematically identified and assessed.  The level of risk or impact shall be assessed for each hazard/environmental aspect, based on its likelihood and potential consequences according to the Company risk matrix (Appendix B).  The measures in place and/or proposed to control the risk from each potential hazardous event and environmental aspect shall be recorded.  Critical control measures shall be identified and shall be implemented, maintained and periodically reviewed. Integrated Management System report can be utilised to list critical controls. Schedule the auditing of the critical controls.  Risk assessments shall be facilitated by suitably experienced and knowledgeable people who have been trained in the applicable risk assessment techniques in consultation with the relevant SH&E representatives.  Risk control shall be adopted in the following preference: 1) Elimination of hazard. 2) Substitution of the hazard with less hazardous equipment, materials and/or processes. 3) Reduction of risk through engineering/design controls (e.g. guarding, active/passive fire protection, shutoff-valves, etc.) 4) Reduction of risk through administrative controls (e.g. Risk management plans, Code of Practices, Special instructions, signs, emergency procedures, training, etc.) 5) Reduction of risk through personal protective equipment. 6) Reduction of risk through behavioral controls (e.g. reliance on awareness of hazards and personal judgement regarding actions to reduce the associated risks) Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 12 of 22 Risk Management Plan  Information regarding hazards and risks associated with the company’s operations, products and services shall be made available to relevant employees and service providers. People shall be trained in hazards, environmental aspects and risk control measures relevant to their duties and their competency shall be periodically evaluated.  All risk assessments must be reviewed by the person responsible for the assessments as required per relevant work instruction or statutory requirements.  All risk assessments and revisions thereof should be kept. The latest updated risk assessment must be available.   The Safety representative of the relevant area must be informed by the responsible person for risk assessment of all risk assessments to be conducted.  All drawings and documentation used must be verified as correct prior to any risk assessment.  A risk assessment shall be conducted/ reviewed when any modifications, incidents, plant additions, erection of new plants, new tasks, requirement changes or complaints occur.  All approved risk control measures stipulated in risk assessments must be complied with. 5. RESPONSIBILITIES AND ACCOUNTABILITIES The responsible Engineer/Manager must ensure compliance to the minimum requirements of this plan. A person responsible for each risk assessment must be assigned by the Manager. This person must ensure that the specific risk is managed by ensuring that: 1) Additional risk controls are identified if the risk is rated high/tolerable 2) The additional risk controls are implemented 3) Critical risk controls are identified and reviewed on a regular basis 4) The risk assessment is reviewed if required (e.g. change, incidents etc.) 5) The applicable employees is aware of the risk effect and the appropriate risk controls Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 13 of 22 Risk Management Plan 6. OVERVIEW OF RISK ASSESSMENT PLAN  If any modifications, incidents, plant additions, new plants, requirement changes or complaints occurs, the relevant risk assessment must be revised or compiled (e.g. Task; Process; Environment; Hygiene; Transport; Non process assessments, etc.).  The person requesting a risk assessment (this can be any individual or the responsible person) must consult the responsible SH&E specialist.  The person responsible for a risk assessment will initiate the risk assessment process according to the applicable risk assessment method statements.  The person responsible for the risk assessment must co-ordinate the risk assessment process.  The person responsible for the risk assessment will obtain the risk assessment history and must consider any other relevant information.  The SH&E personnel should be involved during hazard identification, risk ranking, mitigation, control and monitoring actions. 7. STEPS TO CONDUCT A RISK ASSESSMENT The person responsible for the risk assessment should obtain all available information from sources such as: 1) All applicable previous risk assessments 2) Physical inspection reports 3) Incident reports 4) MSDS 5) Specific requirements (Legal, standards, specifications, etc.) 6) Independent assessments 7) Interviews with area personnel 8) Audit reports  The risk assessment team must identify and incorporate new hazard scenarios in the appropriate risk assessment through a systematic method by referring to an applicable checklist.  The risk assessment team must evaluate/update the identified hazard scenarios and qualitatively rate each risk by utilising the Company risk matrix (refer to appendix B). Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 14 of 22 Risk Management Plan  The risk assessment team must decide on additional risk control measures where applicable and assign responsibilities for the implementation thereof.  The person responsible must use applicable risk assessment templates  The person responsible and the relevant SH&E specialist evaluates all the high risks of the specific area according to the guidelines (refer to appendix A).  The risk assessment team decides on risk control measures if further risk reduction is needed and records these decisions.  The person responsible must ensure that the risk control measures are implemented / applied.  The business manager must review all the risks of the area after additional risk controls have been developed.  Record of the Risk assessment must be kept.  People shall be trained in the hazards, environmental aspects and the risk control measures relevant to their duties and their competence shall be periodically evaluated in accordance with the training matrix.  Regular audits shall be conducted on the risk control measures / recommendations.  In the event of any modification, incident, addition, new task, requirement change or complaints, the person responsible for the applicable risk assessments must ensure that the relevant risk assessments are re-evaluated and reviewed using the Issue based risk assessment template 8. AGENTS An agent refers to the specific hazard or product applicable and is always linked to an agent type. Examples of agents are: Doc ID: 1) Acetone 2) UV Radiation 3) Noise etc. LPX--RIS-PLN-0001 Revision: A Date: - Page: 15 of 22 Risk Management Plan 9. CONTROL MEASURES 9.1 PREVENTATIVE Preventative control measures refer to the risk controls implemented or to be implemented; that would prevent risks from occurring and are attached to the risk and its causes and reduce the likelihood of the risk occurring 9.2 CORRECTIVE Corrective control measures refer to the risk controls implemented or to be implemented; that would assist in recovering from an adverse incident and are attached to the consequence - they assist in reducing the impact of a risk. Safety measures are classified according to the following categories: 10. 1) Design Engineering 2) Safety devices 3) Administrative 4) Signs & signals 5) Human behaviour CONTROL OWNERS Persons in control of specific control measures. 11. RECORD MANAGEMENT Documents will be managed using a manual filing system. Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 16 of 22 Risk Management Plan 12. ANNEXURES 12.1 ANNEXURE A – GUIDELINES WHEN TO CONDUCT RISK ASSESSMENTS Baseline risk assessment A baseline risk assessment is done to determine the current status of hazard based risks associated with the business. This is a wide - ranging exercise that reviews all potential hazards caused by processes and activities within a geographical area, activity, occupation and/or task. It needs to be comprehensive in order to comply with the MHSA Act. The risk management process involves everyone - Every level of employee has a specific role to play in decisions about risk, including what risks to take - on Risk Appetite and Governance and also how to manage the Risks (Treatment Options and effectiveness of Controls) The art of making wise and justifiable decisions is the hallmark of successful management and requires both pertinent information and good judgement. Safety related decisions, in particular, have traditionally been based on hard-earned operating experience and intuition. As greater demands for improving the safety, health, environmental and economic aspects of facilities are placed on a company’s limited resources, the decision-making process becomes more difficult and the need for better information becomes more critical. Issue Based Risk assessment Is a detailed assessment study and is conducted to address particular and specific issues that have arisen in the workplace. It provides recommendations to management and may include the following:  Input into continuous Hazard/Aspect Identification and Risk Assessment  Action plans for the treatment of significant risk; and  Input into training programmes, standards, procedures, codes of practice and the safety management system An issue-based risk assessment can be modified after an accident; incident or dangerous occurrence has taken place. Other factors that could cause an issue-based risk assessment to change are: Doc ID: New equipment, or changes to equipment LPX--RIS-PLN-0001 Revision: A Date: - Page: 17 of 22 Risk Management Plan  Findings that come out of continuous risk assessment  Requests from employees  A change in the baseline risk profile  New knowledge and information becoming available on the level of risk to employees  Changes to legislation Continuous Risk assessment The purpose of conducting continuous HIRA is to ensure that additional risks introduced by changes in the system are captured and addressed. Most importantly, this form of HIRA is an integral part of day to day management. Examples of continuous Risk Assessments are: Doc ID:  Audits  Pre work assessments using checklists  General hazard awareness  Mini risk assessment. LPX--RIS-PLN-0001 Revision: A Date: - Page: 18 of 22 Risk Management Plan 12.2 ANNEXURE B – COMPANY MATRIX CAPITAL PROJECT AND ASURANCE RISK Hazard Effect / Consequence STANDARD RISK MATRIX 1 2 3 4 5 Insignificant Minor Moderate Major Catastrophic No impact on overall project timeline May result in overall project timeline overrun of less than 5% May result in overall project timeline overrun of between 5% and less than 20% May result in overall project timeline overrun of between 20% and less than 50% May result in overall project timeline overrun of 50% or more No impact on the budget of the project May result in overall project budget overrun of less than 5% May result in overall project budget overrun of between 5% and less than 20% May result in overall project budget overrun of between 20% and less than 50% May result in overall project budget overrun of 50% or more Less than R5m R5m to less than R50m R50M to less than R500m R500m to R5b R5b or more on Minimal quality issues that can be addressed in a short timeframe with minimal interactions Some quality issues that requires immediate management action Significant quality issues that requires senior project management interaction Significant quality issues that requires sponsorship intervention with significant resource and cost implications for rework First aid case / Exposure to minor health risk Medical treatment case / Exposure to major health risk Lost time injury / Reversible impact on health Single fatality or loss of quality of life / Irreversible impact on health Multiple fatalities / Impact on health ultimately fatal Minimal environmental harm – L1 incident Material environmental harm – L2 incident remediable short term Serious environmental harm – L2 incident remediable within LOM Major environmental harm – L2 incident remediable post LOM Extreme environmental harm – L3 incident irreversible No legal impact Minor legal concerns with minor impact Some concerns manageable of impact legal with level Serious legal concerns and significant impact on operations Legal non compliance with risk of shutdown of operations with significant cost impacts Slight impact public awareness may exist but no public concern Limited impact local public concern Considerable impact - regional public concern National impact national public concern International impact international public attention Loss Type Timeline Budget Investment Return – NPV loss No impact quality Quality Safety / Health Environment Legal & Regulatory Reputation / Social / Community LIKELIHOOD 5 Almost Certain 4 Likely Doc ID: Risk Rating The unwanted event has occurred frequently; has a 90% and higher probability of reoccurring 11 Medium 16 Significant 20 Significant 23 High 25 High The unwanted event has a probability of between 60% and less than 90% of occurring 7 Medium 12 Medium 17 Significant 21 High 24 High LPX--RIS-PLN-0001 Revision: A Date: - Page: 19 of 22 Risk Management Plan 3 Possible 2 Unlikely 1 Rare Doc ID: The unwanted event has a probability of between 30% and less than 60% of occurring 4 Low 8 Medium 13 Significant 18 Significant 22 High The unwanted event has a probability of between 1% and less than 30% of occurring 2 Low 5 Low 9 Medium 14 Significant 19 Significant The unwanted event has never occurred, has a probability of less than 1% of occurring 1 Low 3 Low 6 Medium 10 Medium 15 Significant LPX--RIS-PLN-0001 Revision: A Date: - Page: 20 of 22 Risk Management Plan 12.3 ANNEXURE C – RISK ASSESSMENT TEMPLATE Doc ID: LPX--RIS-PLN-0001 Who and when must action existing &proposed measures Revision: A Risk Rating Consequence Likely to Happen Rev: Revised Risk Score Likelihood (Poten tial Danger ) Possible Conseque nce / Unwante d Event Existing &Propose d Control Measures Initial Risk Score Risk Rating Energy / Hazard / Risk Risk Assessment Number: Consequence N o Task / Acti vity Description Likelihood ISSUE BASED RISK ASSESSM ENT Date: Acceptance of Responsibility Sign Person - Date Page: Complet e 21 of 22 Risk Management Plan 12.4 ANNEXURE D – HIGHEST RISKS To be completed Doc ID: LPX--RIS-PLN-0001 Revision: A Date: - Page: 22 of 22