Search Options | ||||
Index | Site Map | FAQ | Facility Info | Reading Rm | New | Help | Glossary | Contact Us |
REVISED
March 1, 1999
MEMORANDUM TO: | William D. Travers Executive Director for Operations |
FROM: | Annette L. Vietti-Cook, Secretary /s/ |
SUBJECT: | STAFF REQUIREMENTS - SECY-98-144 - WHITE PAPER ON RISK-INFORMED AND PERFORMANCE-BASED REGULATION |
The Commission has approved the issuance of the white paper which defines the terms and Commission expectations for risk-informed and performance-based regulation. The paper should be prepared for issuance by the Commission for use by the NRC and interested parties.
Attachment: As stated
cc: | Chairman Jackson Commissioner Dicus Commissioner Diaz Commissioner McGaffigan Commissioner Merrifield OGC CIO CFO OCA OIG OPA Office Directors, Regions, ACRS, ACNW, ASLBP (via E-Mail) PDR DCS |
ATTACHMENT
Risk-Informed and Performance-Based Regulation
The NRC has established its regulatory requirements, in both reactor and materials applications, to ensure that "no undue risk to public health and safety" results from licensed uses of Atomic Energy Act (AEA) materials and facilities. The objective of these requirements has always been to assure that the probabilities of accidents with the potential for adversely affecting public health and safety are low. For reactors, these probabilities were not quantified in a systematic way until 1975 when the Reactor Safety Study (WASH-1400) was published. For non-reactor activities, the situation is more complex. In some areas, high-level waste disposal and transportation, risk assessment has been in use since the 1970s; in others, such quantification is still evolving. Consequently, most of NRC's regulations were developed without the benefit of quantitative estimates of risk. The perceived benefits of the deterministic and prescriptive regulatory requirements were based mostly on experience, testing programs and expert judgment, considering factors such as engineering margins and the principle of defense-in-depth.
There have been significant advances in and experience with risk assessment methodology since 1975. Thus, the Commission is advocating certain changes to the development and implementation of its regulations through the use of risk-informed, and ultimately performance-based , approaches. The Probabilistic Risk Assessment (PRA) Policy Statement (60 FR 42622, August 16, 1995) formalized the Commission's commitment to risk-informed regulation through the expanded use of PRA. The PRA Policy Statement states, in part, "The use of PRA technology should be increased in all regulatory matters to the extent supported by the state of the art in PRA methods and data, and in a manner that complements the NRC's deterministic approach and supports the NRC's traditional defense-in-depth philosophy."
The transition to a risk-informed regulatory framework is expected to be incremental. Many of the present regulations are based on deterministic and prescriptive requirements that cannot be quickly replaced. Therefore, the current requirements will have to be maintained while risk-informed and/or performance-based regulations are being developed and implemented.
To understand and apply the commitment expressed in the PRA Policy Statement, it is important that the NRC, the regulated community, and the public at large have a common understanding of the terms and concepts involved; an awareness of how these concepts (in both reactor and materials arenas) are to be applied to NRC rulemaking, licensing, inspection, assessment, enforcement, and other decision-making; and an appreciation of the transitional period in which the agency and industry currently operate.
1. | Risk and Risk Assessment: This paper defines risk in terms that can be applied to the entire range of activities
involving NRC licensed use of AEA materials. The risk definition takes the view that when one asks, "What is the
risk?" one is really asking three questions: "What can go wrong?" "How likely is it?" and "What are the
consequences?" These three questions can be referred to as the "risk triplet." The traditional definition of risk, that
is, probability times consequences, is fully embraced by the "triplet" definition of risk. |
The first question, "What can go wrong?" is usually answered in the form of a "scenario" (a combination of events
and/or conditions that could occur) or a set of scenarios. | |
The second question, "How likely is it?" can be answered in terms of the available evidence and the processing of
that evidence to quantify the probability and the uncertainties involved. In some situations, data may exist on the
frequency of a particular type of occurrence or failure mode (e.g., accidental overexposures). In other situations,
there may be little or no data (e.g., core damage in a reactor) and a predictive approach for analyzing probability and
uncertainty will be required. | |
The third question, "What are the consequences?" can be answered for each scenario by assessing the probable
range of outcomes (e.g., dose to the public) given the uncertainties. The outcomes or consequences are the "end
states" of the analyses. The choice of consequence measures can be whatever seems appropriate for reasonable
decision-making in a particular regulated activity and could involve combinations of end states. | |
A risk assessment is a systematic method for addressing the risk triplet as it relates to the performance of a
particular system (which may include a human component) to understand likely outcomes, sensitivities, areas of
importance, system interactions and areas of uncertainty. From this assessment the important scenarios can be
identified. | |
2. | Deterministic and Probabilistic Analyses: All safety regulation ultimately is concerned with risk and addresses
the three questions discussed in item 1 above. In practice, NRC addresses these three questions through the body of
regulations, guidance, and license conditions that it uses to regulate the many activities under its jurisdiction. The
current body of regulations, guidance and license conditions is based largely on deterministic analyses and is
implemented by prescriptive requirements. As described in the PRA Policy Statement, the deterministic approach to
regulation establishes requirements for engineering margin and for quality assurance in design, manufacture, and
construction. In addition, it assumes that adverse conditions can exist and establishes a specific set of design basis
events (i.e., what can go wrong?). The deterministic approach involves implied, but unquantified, elements of
probability in the selection of the specific accidents to be analyzed as design basis events. It then requires that the
design include safety systems capable of preventing and/or mitigating the consequences (i.e., what are the
consequences?) of those design basis events in order to protect public health and safety. Thus, a deterministic
analysis explicitly addresses only two questions of the risk triplet. In addition, traditional regulatory analyses do not
integrate results in a comprehensive manner to assess the overall safety impact of postulated initiating events. |
PRA and other risk assessment methods (also described in the PRA Policy Statement) consider | |
Since risk assessment methods were first used to gain a better understanding of the risk associated with some of the
activities and facilities that the NRC regulates, substantial event data and increased sophistication and experience in
the use of certain risk assessment methods (e.g., Probabilistic Risk Assessment (PRA), Integrated Safety
Assessment (ISA), and Performance Assessment (PA)) ha | |
While the traditional deterministic approach to regulation has been successful in ensuring no undue risk to public
health and safety in the use of nuclear materials, opportunities for improvement exist. Given the broad spectrum of
equipment and activities covered, the regulations can be strengthened and resources can be allocated to ensure that
they are focused on the most risk-significant equipment and activities, and to ensure a consistent and coherent
framework for regulatory decision-making. The different "risk-informed" and/or "performance-based" approaches
to regulation described below, if properly applied singly or in combination, would provide such a framework. | |
3. | "Risk Insights": The term "risk insights", as used here, refers to the results and findings that come from risk
assessments. The end results of such assessments may relate directly to public health effects as in the Commission's
Safety Goals for the Operation |
Risk insights have already been incorporated successfully into numerous regulatory activities, and have proven to be
a valuable complement to traditional deterministic approaches. Given the current maturity of some risk assessment
methodologies and the current body of event data, risk insights can be incorporated more explicitly into the
regulatory process in a manner that will improve both the efficiency and effectiveness of current regulatory requirements. | |
4. | "Risk-Based Approach": Regulatory decision-making is required in both the development of regulations and
guidance and the determination of compliance with those regulations and guidance. A "risk-based" approach to
regulatory decision-making is one in which such decision-making is solely based on the numerical results of a risk
assessment. This places heavier reliance on risk assessment results than is currently practicable for reactors due to
uncertainties in PRA such as completeness. Note that the Commission does not endorse an approach that is "risk-based"; however, this does not invalidate the use of probabilistic calculations to demonstrate compliance with
certain criteria, such as dose limits. |
5. | "Risk-Informed Approach ": A "risk-informed" approach to regulatory decision-making represents a philosophy
whereby risk insights are considered together with other factors to establish requirements that better focus licensee
and regulatory attention on design and operational issues commensurate with their importance to public health and
safety. A "risk-informed" approach enhances the deterministic approach by: (a) allowing explicit consideration of a
broader set of potential challenges to safety, (b) providing a logical means for prioritizing these challenges based on
risk significance, operating experience, and/or engineering judgment, (c) facilitating consideration of a broader set
of resources to defend against these challenges, (d) explicitly identifying and quantifying sources of uncertainty in
the analysis (although such analyses do not necessarily reflect all important sources of uncertainty), and (e) leading
to better decision-making by providing a means to test the sensitivity of the results to key assumptions. Where
appropriate, a risk-informed regulatory approach can also be used to reduce unnecessary conservatism in purely
deterministic approaches, or can be used to identify areas with insufficient conservatism in deterministic analyses
and provide the bases for additional requirements or regulatory actions. "Risk-informed" approaches lie between the
"risk-based" and purely deterministic approaches. The details of the regulatory issue under consideration will
determine where the risk-informed decision falls within the spectrum. |
6. | Risk-Informed Approach and Defense-in-Depth |
7. | "Performance-Based Approach": A regulation can be either prescriptive or performance-based. A prescriptive
requirement specifies particular features, actions, or programmatic elements to be included in the design or process,
as the means for achieving a desired objective. A performance-based requirement relies upon measurable (or
calculable) outcomes (i.e., performance results) to be met, but provides more flexibility to the licensee as to the
means of meeting those outcomes. A performance-based regulatory approach is one that establishes performance
and results as the primary basis for regulatory decision-making, and incorporates the following attributes: (1)
measurable (or calculable) parameters (i.e., direct measurement of the physical parameter of interest or of related
parameters that can be used to calculate the parameter of interest) exist to monitor system, including facility and
licensee , performance, (2) objective criteria to assess performance are established based on risk insights,
deterministic analyses and/or performance history, (3) licensees have flexibility to determine how to meet the
established performance criteria in ways that will encourage and reward improved outcomes; and (4) a framework
exists in which the failure to meet a performance criterion, while undesirable, will not in and of itself constitute or
result in an immediate safety concern. The measurable (or calculable) parameters may be included in the regulation
itself or in formal license conditions, including reference to regulatory guidance adopted by the licensee. This
regulatory approach is not new to the NRC. For instance, the Commission previously has approved performance-based approaches in 10 CFR Parts 20, 50 (Option B, Appendix J and the Maintenance Rule,10 CFR50.65) , 60, and
61. In particular, the Commission weighed the relative merits of prescriptive and performance-based regulatory
approaches in issuing 10 CFR Part 60. |
A performance-based approach can be implemented without the use of risk insights. Such an approach would
require that objective performance criteria be based on deterministic safety analysis and performance history. This
approach would still provide flexibility to the licensee in determining how to meet the performance criteria.
Establishing objective performance criteria for performance monitoring may not be feasible for some applications
and, in such cases, a performance-based approach would not be feasible. | |
As applied to inspection, a performance-based approach tends to emphasize results (e.g., can the pump perform its
intended function?) over process and method (e.g., was the maintenance technician trained?). Note that a
performance-based approach to inspection does not supplant or displace the need for compliance with NRC
requirements, nor does it displace the need for enforcement action, as appropriate, when non-compliance occurs.(5) | |
As applied to licensee assessment, a performance-based approach focuses on a licensee's actual performance results
(i.e., desired outcomes), rather than on products (i.e., outputs). In the broadest sense, the desired outcome of a
performance-based approach to regulatory oversight will be to focus more attention and NRC resources on those
licensees whose performance is declining or less than satisfactory. | |
8. | "Risk-Informed, Performance-Based Approach": A risk-informed, performance-based approach to regulatory
decision-making combines the "risk-informed" and "performance-based" elements discussed in Items |
The definitions and concepts in this paper have proven suitable for application to nuclear power plants and certain non-reactor activities (e.g., PA of geologic repositories). While different in detail, these activities are similar in terms of system complexity and the application of probabilistic methods to the determination of safety. In simpler situations, the concepts and definitions should prove equally suitable provided that NRC adopts a flexible framework for the implementation of risk-informed, and ultimately performance-based , regulation across the full spectrum of the materials, processes, and facilities regulated by the NRC.
1. CDF is the frequency of the combinations of initiating events, hardware failures, and human errors leading to core uncovery with reflooding of the core not imminent.
2. LERF is the frequency of those accidents leading to significant, unmitigated releases from containment in a time-frame prior to effective evacuation of the close-in population such that there is a potential for early health effects.
3. Risk curves (also known as Complementary Cumulative Distribution Functions (CCDFs) or Farmer curves) are estimates of the probability that a given consequence will be exceeded.
4. Defense-in-depth is an element of the NRC's Safety Philosophy that employs successive compensatory measures to prevent accidents or mitigate damage if a malfunction, accident, or naturally caused event occurs at a nuclear facility. The defense-in-depth philosophy ensures that safety will not be wholly dependent on any single element of the design, construction, maintenance, or operation of a nuclear facility. The net effect of incorporating defense-in-depth into design, construction, maintenance, and operation is that the facility or system in question tends to be more tolerant of failures and external challenges.
5. Not every aspect of licensed activities can or should be inspected using this approach. For example, if a licensee is unsuccessful in meeting the criteria defined by a performance-based regulation, the inspector should then focus on the licensee's process and method, to understand the root cause of the breakdown in performance, and to understand how future poor performance may be avoided.