The United States Army Homepage The Office of the Assistant Secretary of the Army for Acquisition, Logistics, and Technology (OASA(ALT)) ARMY Knowledge Online PEO STRI homepage Find us on FaceBook
Safety

AR 385-16 System Safety Engineering and Management
Headquarters *Army Regulation 385-16
Department of the Army Effective 4 June 1990
Washington, DC 3 May 1990

Safety

AR 385-16 Front Matter

This UPDATE printing publishes a revision of this publication. Because the publication has been extensively revised, the changed portions have not been highlighted.


Summary. This regulation implements Department of Defense Instruction 5000.36. It updates Army system safety engineering and management policy and reflects realignment of Army Staff safety responsibilities, reorganization of the research, development, and acquisition (RD&A) process, risk management procedures, and updates terminology.


Applicability. This regulation applies to the Active Army, the Army National Guard, and the U.S. Army Reserve.


Internal control systems. This regulation is subject to the requirements of AR 11-2. It contains internal control provisions but does not contain checklists for conducting internal control reviews. These checklists are being developed and will be published at a later date.


Supplementation. Supplementation of this regulation and establish- ment of command and local forms are prohibited without prior approval from HQDA (DACS-SF), WASH DC 20310-0200.


Interim changes. Interim changes to this regulation are not official unless they are authenticated by the Administrative Assistant to the Secretary of the Army. Users will destroy interim changes on their expiration dates unless sooner superseded or rescinded.


Suggested improvements. The proponent agency of this regulation is the Chief of Staff, Army. Users are invited to send comments and suggested improvements on DA Form 2028 (Recommended Changes to Publications and Blank Forms) directly to HQDA (DACS-SF), WASH DC 20310-0200.


Distribution. Distribution of this publication is made in accor- dance with the requirements on DA Form 12-09-E, block number 2187, intended for command levels A for Active Army, A for Army National Guard, and D for United States Army Reserve. This regulation supersedes AR 385-16, 3 September 1985.


AR 385-16 Body Matter AR 385-16 1. Purpose This regulation prescribes policies and procedures, and identifies responsibilities to ensure hazards in Army systems and facilities are identified and the risks associated with these hazards are properly managed. It applies to all Army materiel systems and facilities. It applies during all phases of the life cycle of systems or facilities. The concepts also apply to smaller procurement and acquisition programs such as those at the installation level. Medical-related materiel may require more intensive management, including coordination with other Government agencies.


AR 385-16 2. References Required and related publications are listed in appendix A.


AR 385-16 3. Explanation of abbreviations and terms Abbreviations and special terms used in this regulation are explained in the glossary.


AR 385-16 4. Responsibilities

    a. The Assistant Secretary of the Army (Research, Development, and Acquisition) (ASA(RDA)) will-
    1. Establish Army policy and guidance for materiel research, development, and acquisition which ensure timely and systematic application of system safety.
    2. Monitor the compliance with safety and health criteria listed in requirements documents for appropriate systems under research, development, or modification.
    3. Review system safety status and issues during each milestone decision review (MDR) of new or improved Army Acquisition Executive (AAE)-managed systems or Office of the Assistant Secretary of the Army (Financial Management) (ASA(FM))-managed systems.
    4. Act as risk acceptance authority for risk levels defined by appendix B when delegated the authority by the AAE.
    5. Fund safety research programs to address resolution of generic systemic safety problems.
    6. Provide formal feedback to the combat developer, materiel developer, and the U.S. Army Safety Center (USASC) on safety risks accepted at Materiel Acquisition Decision Program (MADP) reviews for major programs, designated acquisition programs, and where appropriate, materiel change management (MCM) programs. (See AR 15-14.)
    b. The Director of Information Systems for Command, Control, Communications, and Computers (DISC4) will-
    1. Establish Army policy and guidance for information system research, development, and acquisition which ensure timely and systematic application of system safety.
    2. Monitor the compliance of safety and health criteria listed in requirements documents for appropriate systems under research, development, or modification.
    3. Review system safety status and issues during each MDR of new or improved DISC4-managed systems.
    4. Act as risk acceptance authority for risk levels defined by appendix B when delegated the authority by the AAE.
    5. Provide formal feedback to the combat developer, materiel developer, and the USASC on safety risks accepted at MADP reviews for major programs, designated acquisition programs, and where appropriate, MCM programs. (See AR 15-14.)
    c. The Deputy Chief of Staff for Personnel (DCSPER) will-
    1. Act as the system safety representative at the Army Systems Acquisition Review Council (ASARC).
    2. Provide the Army Staff position on recommendations for risk acceptance of residual hazards as identified in a System Safety Risk Assessment (SSRA).
    3. Manage the interface of the Army Human Factors Engineering Program with the Army System Safety Program. (See AR 602-1.)
    d. The Deputy Chief of Staff for Operations and Plans (DCSOPS)
      will-
    1. Establish procedures through the combat development process to ensure that safety and health criteria are included in requirements documents for new or improved Army materiel.
    2. Evaluate the associated residual risks for individual systems and provide formal feedback to using commands on the rationale for accepting those risks whenever a safety materiel change is not funded. (See AR 70-15.)
    3. Ensure DA system safety requirements are included during multiple-Service materiel developments when the other Service has program coordination responsibility.
    e. The Deputy Chief of Staff for Logistics (DCSLOG) will-
    1. Act as the Army Staff (ARSTAF) proponent for the Army Safety- of-Flight (SOF) and Safety-of-Use (SOU) Programs. (See AR 95-3 and AR 70-15.)
    2. Ensure there is an effective reporting system for appropriate feedback of safety issues on fielded systems from the user to the combat and materiel developers and the USASC.
    3. Ensure system safety engineering and management are considered in the integrated logistics support (ILS) process. (See AR 700-127.)
    f. The Chief of Engineers (COE) will
    1. Establish, maintain, and use facility-specific system safety engineering and management and health analysis procedures for the design, construction, and disposal of military construction projects.
    2. Assist the user as necessary in developing the preliminary hazard list (PHL) for facility projects. Coordinate the status of all open hazards with the user during each major design review.
    3. Evaluate potential Army contractors during the architect or engineer selection process to ensure they can comply with the contractual safety requirements.
    4. Ensure that hazards inherent to the design, equipment, and intended use of the facility are identified and eliminated or controlled.
    5. With weapon system design data provided by the materiel developer in the support facilities annex, ensure that current facility-related safety and health information is identified and documented in the support facility annex (SFA) of ILS plans (see AR 700-127 and DA Pam 700-55) according to the requirements of paragraphs 4j and 4k of this regulation.
    6. Ensure facility-related hazards are documented, and corrective actions are implemented to reduce the risk to acceptable levels. Document residual hazards utilizing the SSRA format (fig 1), modified as appropriate, evaluated, and accepted by the appropriate decision authority.
    7. Establish policies and procedures to ensure that changes to the intended use of Army facilities (that are identified by the user) are evaluated as to safety impact and that any increases in risk are resolved or accepted according to appendix B.
    g. The Surgeon General (TSG) will
    1. Manage the Army Health Hazard Assessment (HHA) Program. (See AR 40-10.)
    2. Develop standards in the form of personnel exposure limits or threshold values and human tolerance criteria that, if exceeded, could result in a health hazard.
    3. Develop physiological and medical databases to support safety and health analyses of Army materiel.
    4. Provide technical assistance to materiel developers-program executive officers (PEOs)/program managers (PMs)/testers on evaluating health hazards inherent to, or resulting from, operation of materiel systems.
    5. Review and provide medical input to safety releases for tests.
    6. Ensure that the Health Hazard Assessment Report (HHAR) is included as part of the Safety Assessment Report (SAR).
    7. When acting as a PEO or PM, perform the duties under paragraphs 4j and 4k of this regulation, as appropriate.
    8. When acting as a combat developer, perform the duties under paragraph 4m of this regulation, as appropriate.
    h. The Director of Army Safety (DASAF) will
    1. Develop, coordinate, and disseminate system safety program policies.
    2. Manage the Army System Safety Program and its interface with the Manpower and Personnel Integration (MANPRINT) program and other disciplines.
    3. Coordinate system safety issues with Headquarters, Department of the Army (HQDA) agencies, major Army commands (MACOMs) and PEOs.
    4. Establish, coordinate, and publish annual system safety objectives for implementation by Department of the Army (DA) organizations.
    5. Evaluate compliance with Army system safety program requirements.
    i. The Commander, USASC, will-
    1. Assist the DASAF in developing system safety policies, objectives, and evaluation standards.
    2. Provide technical assistance to ASA(RDA) and DISC4 to determine the accuracy and completeness of SSRAs being considered for AAE-level decisions on acceptance of risk.
    3. Provide an independent safety assessment of ASARC systems to the ASARC secretary (ASA(RDA)). Provide a copy to the Office of the Deputy Chief of Staff for Personnel (ODCSPER) (MANPRINT Directorate).
    4. Develop and maintain an Army accident database for use in risk assessment decisions.
    5. Establish, identify, and maintain a DA program of generic system safety research in support of Army development and acquisition programs.
    6. Develop and disseminate improved system safety engineering techniques.
    7. Provide system safety lessons learned for MANPRINT analyses and input this data to the automated MANPRINT database at Materiel Readiness Support Activity (MRSA).
    j. The Army PEOs will-
    1. Act as the safety officer for assigned systems with responsibility for the proper planning and execution of system safety requirements.
    2. Act as risk acceptance authority for risk levels defined by appendix B.
    k. The PM will-
    1. Ensure that a tailored system safety program is implemented for all systems, to include nondevelopmental items (NDI) and MCM efforts. Develop and update the System Safety Management Plan (SSMP) as part of the acquisition strategy.
    2. Ensure safety criteria are included in design and equipment specifications.
    3. Establish and maintain a Hazard Tracking System to provide a total life-cycle record of the disposition of all system hazards. (See DA Pam 385-16 for guidance on structure and procedures for hazard tracking.)
    4. Include SSRA for all residual hazards being considered for acceptance in all MDR packages and forward to the appropriate decision level. Institute risk management procedures as described in appendix B and act as the risk acceptance authority for risk levels defined by appendix B. A formal SSRA will be used to document the acceptance of all risks exceeding the criteria therein for ""low'' risk. Format for ""low'' risk hazards will be at the discretion of the PM. The PM reserves the option to decide whether or not to prepare a formal SSRA to be sent forward. However, the decision on how to process the ""low''-risk SSRA will have no impact on the tracking of hazards, as all hazards will be tracked. Provide formal feedback to the combat developer, materiel developer, logistician, and the USASC on the safety risks accepted at MDRs and in process reviews (IPRs) for all assigned systems.
    5. Provide adequate resources for the implementation and maintenance of an effective system safety effort.
    6. Compile and apply historical safety and health data (system safety lessons learned) during the early acquisition program.
    7. Establish a system-specific system safety working group (SSWG) to track hazards and ensure program coordination for all major and Army Designated Acquisition Program (ADAP) systems. Nonmajor systems may be grouped by common characteristics under an SSWG. DA Pam 385-16 provides guidance on the composition and other characteristics of the SSWG. The requirements for an SSWG may be fulfilled by another similar group meeting the characteristics identified in DA Pam 385-16. The SSWGs will provide input, including SSMP, to the appropriate MANPRINT Joint Working Groups (MJWGs).
    8. Ensure that current facility-related safety and health information is identified and documented in the SFA of ILS plans. (See AR 700-127 and DA Pam 700-55.)
    9. Provide an SAR and HHAR to the appropriate test agencies 60 days prior to start of any and all testing (including technical demonstrations, technical tests (TTs), and user tests (UTs). Request a safety release (see fig 2) to be issued prior to all tests and pretest-training involving troops. This includes tests with type-classified materiel. U.S. Army Test and Evaluation Command (TECOM) (AMSTE-ST) will coordinate and issue safety releases for all PMs or materiel developers, except for Information Systems Command, U.S. Army Health Services Command (HSC), and Medical Research and Development Command-supported PMs, who will receive safety releases from those headquarters.
    10. Ensure that safety and health issues are identified in all Test and Evaluation Master Plans (TEMPs) to obtain data needed for safety verification of the system.
    11. Ensure final system safety reports and hazard analyses are forwarded to Commander, Defense Technical Information Center (DTIC), ATTN: DTIC-FDAC, Cameron Station, Alexandria, VA 22304-6415, and to the automated MANPRINT database at MRSA, ATTN: AMXMD-C, Lexington Bluegrass Depot, KY 40511-5004. (See AR 70-9.)
    12. Sixty days prior to fielding, provide the gaining commands with all relevant system safety documentation developed during the acquisition process which provides supporting rationale for operational procedures, safety-critical maintenance and other support actions, and unit-level training requirements. As a minimum, these documents will include updated SARs, SSRAs, Hazard Classification Data, and Range Surface Danger Zones. As system fielding is expanded to other commands, update the system safety documentation with lessons learned by initial users. Provide hazard analyses and SSRAs to the combat developer as they are developed.
    13. Track and analyze worldwide accident and incident data, equipment improvement recommendations (EIRs), quality deficiency reports (QDRs), and other field data for indications of hazards inherent in materiel design and use, and take positive action to correct safety problems.
    14. Ensure all hardware modifications, service life changes, and changes to operating procedures are evaluated for safety impact. An explanation of the safety impact will be included in the formal evaluation documentation. If system degradation occurs, an SSRA will be included in the safety impact. Evaluate and report to the combat developer the safety effects of mission changes, and operating and training procedures in fielded systems.
    15. When materiel is reprocured, assure that safety and health evaluations are performed to verify that the safety characteris- tics of the original configuration are not compromised and that no new hazards are introduced. These evaluations will be conducted during the initial production tests (IPTs) or other testing. These evaluations are required when-
      1. specifications have changed significantly over the currently fielded version, or
      2. there is a change in configuration due to competition under a performance specification, or
      3. a mission change has occurred.
    l. Commanders of MACOMs or field operating agencies (FOAs) as using commanders will-
    1. Ensure all systems are used according to safety and health guidance published in technical, field and training manuals, SOUs, SOFs, bulletins, circulars, and Army and Federal regulations.
    2. Provide EIR or QDR for deficiencies, malfunctions, or failures that create unsafe conditions or hazards.
    3. Identify through the accident reporting system inadequacies contributing to an accident and analyze these inadequacies to ensure that safety-compromising trends are identified. (See AR 385-40.)
    4. Define specific safety requirements to the combat developer (unique to the intended area of operations), including any relevant host nation standards, for safety issues.
    5. Review modifications of mission profiles for safety impact. Report the results of this review to the combat developer.
    m. Commanders of MACOMs or FOAs, as the combat developer will-
    1. Include system safety requirements in materiel requirements documents. When possible, qualitative requirements will be supplemented by quantitative ones.
    2. Review PM-provided system safety risk assessments to establish the user representative's position on the acceptability of the associated risk.
    3. Unless earlier established by the PM, establish an SSWG during concept evaluation for major acquisition programs.
    4. Incorporate the expected cost of accidents for alternative designs in the cost and operational effectiveness and analysis (COEA). (See AR 71-9.)
    5. Include any system safety tradeoffs and issues in operation, selection, qualification, and training for the combat developer's input to the MANPRINT Assessment and the System MANPRINT Management Plan (SMMP).
    6. Review modifications of tactics, training, and doctrine related to employment of Army materiel for safety impact. Provide a summary of this review to the user and the materiel developer and PM.
    7. Serve as a member of the technology safety working group to assist in evaluating the adequacy and content of safety and health data for technologies systems throughout the technology base development process.
    n. Commanders of MACOMs or FOAs will, as the user test agency (see AR 71-3)-
    1. (1) Review the safety release for determination of necessary controls and procedures for safe conduct of user testing.
    2. Design the test to verify fixes for previously identified hazards and to investigate specific safety issues. Report all new hazards identified in testing.
    3. Ensure MANPRINT safety issues, concerns, and questions are documented in the independent evaluation plan and the test support plans.
    o. Commanders of MACOMs or FOAs, as the training developer will-
    1. (1) Address residual hazards in assigned systems' programs of instruction, training courses, and associated field manuals.
    2. Ensure all hazards controlled by procedures or training are addressed in training manuals for those systems.
    p. Commanders of MACOMs or FOAs, as materiel development commanders will-
    1. (1) Establish, develop, and implement a tailored system safety program for in-house and contracted basic research or early technology development during research, development, test, and evaluation (RDTE) funding per AR 70-1 appendix C.
    2. Develop and maintain a technology safety working group for basic research and early technology development program (AR 70-1 appendix C). The working group will provide safety and health data for emerging technology and systems to the PEO/PM; materiel developer; Director of Technology, Planning, and Management; and other appropriate user and developer organizations.
    3. Incorporate system safety data and information from the SAR and SSRA into the MANPRINT database at the U.S. Army Materiel Readiness Support Activity.
    4. When acting as the PEO/PM or after the transition of a system from the PEO/PM, perform the duties as appropriate under paragraphs 4j and 4k of this regulation.
    5. When acting as an independent evaluator or tester, perform the duties as appropriate under paragraph 4q below.
    q. Heads of operational test (OT), UT and TT and evaluation agencies, activities, and commands will-
    1. Ensure that test directives, evaluation plans, and test design plans for all TTs and UTs require the collection and recording of data from which an independent assessment of hazards can be made and that the results are documented in all test reports and independent evaluation reports (IERs).
    2. Verify the effectiveness of design changes or procedural control(s) that have been incorporated to reduce the risk associated with previously identified hazards.
    3. Assure a safety release is obtained from the TECOM prior to all tests (as defined in AR 70-10) and pretest training involving troops for all systems except those developed by the Information Systems Command, Health Services Command, or Medical Research and Development Command. In those cases, the safety release is obtained from each command's headquarters safety office. This includes tests with type-classified materiel if used in a new or innovative manner.
    4. MACOMs of test organizations may issue endorsements to a TECOM safety release if desired. If a safety release endorsement is issued, it will be provided to the test unit and the board, agency, or command conducting the test at least 10 days before test player training begins. A safety release endorsement may require more stringent hazard control measures, but it cannot relax any control measures which are imposed by the safety release. (See AR 70-10 and AR 71-3.)
    r. Army National Guard (ARNG), State adjutants general, and installation commanders will-
    1. Ensure that when accidents occur involving materiel failures, malfunctions, design or procedural defects, the responsible materiel manager commander be promptly notified when the incident results or could result in severe injury or death.
    2. Ensure appropriate EIR or QDR is submitted to the materiel manager for material deficiencies, malfunctions, or failures that create unsafe conditions or hazards.
    3. Prepare a PHL identifying specific hazards related to that type of facility during requirements development for facility projects. This data will be forwarded concurrently to the MACOM and the proper U.S. Army Corps of Engineers (USACE) district.
    4. Evaluate the safety characteristics of local projects. Forward documentation of identified hazards and risk acceptance rationale to next higher headquarters (ARNG documentation will be maintained at the State safety office). These projects include-
      1. Local construction projects (including new construction) as well as modifications to existing facilities.
      2. Locally engineered, fabricated, or purchased equipment or facilities.
      3. Local programs to test new equipment, procedures, doctrine, or organizational concepts.
      4. Local programs to maintain or rebuild materiel and weapon systems.
    5. Report to USACE any deficiencies, malfunctions, failures, or other situations resulting in facility-related hazards.
    6. Identify safety-related information for facility and equipment configuration (early planning and design stages) and the safety impact of changes to the intended use of Army facilities to the USACE district.
    s. The heads of agencies assigned as the logistician will ensure system safety engineering and management are considered in the integrated logistic support process through the review of program management documentation, participation in ILS Management Team, other review meetings, and as an IPR member. (See AR 700-127.)
AR 385-16 5. Policy
  1. Army commanders and managers will implement system safety engineering and management policies consistent with their missions.
  2. System safety will be applied and tailored to all Army systems and facilities throughout their respective life cycles and integrated into other MANPRINT concerns. For NDI systems developed by private industry, depots, other services or foreign govern- ments, application of system safety should start immediately after definition and identification of need. (See AR 70-1 and AR 415-15.)
  3. As part of this total life cycle program, system safety engineering and management will be applied during in-house and contracted basic research, early technology development (AR 70-1 appendix C) and advanced systems concepts for existing, next generation, and notional systems.
  4. An SSMP will be developed for the acquisition of all systems to establish Army management objectives and responsibilities for execution of a system safety program for the life cycle of a system. This will be updated and provided at each MDR.
  5. Contractor system safety program requirements will be tailored according to the guidance contained in Military Standard (MIL-STD) 882.
  6. Systems with residual hazards will not be fielded or used without coordination of the associated risks with the combat developer and the user(s). The AAE or other designated acquisition authority will approve documentation for risk acceptance. The process for reporting and acceptance of residual hazards will be included in the SSMP. (See app B.)
  7. Recommendations on the acceptability of the safety and health characteristics of the system will be available for timely review at all MDRs of Army materiel. For facilities and installation of equipment, system safety engineering analyses will be available for developing design criteria review and approval at design reviews, preconstruction conferences, change order reviews, and preoperational inspections and modifications.
  8. An SSWG or equivalent groups meeting the requirements of DA Pam 385-16 will be formed and maintained throughout the life cycle for all major and ADAPs systems. Nonmajor systems can be grouped by common characteristics under a SSWG. Primary responsibility for establishing this group rests with the PM. If a PM has not been designated, the combat developer will establish the SSWG in coordination with the MJWG.
  9. Historical safety and health data (system safety lessons learned) from other systems will be used in developing new and similar systems and modifications to fielded systems. Also, information from other disciplines, such as human factors engineering (HFE) and health hazards, will be used as part of implementing the system safety effort and identifying system safety hazards.
  10. Verifiable safety and health criteria in the form of military standards, Federal standards, and national consensus standards (for example, American National Standards Institute (ANSI), National Fire Protection Association (NFPA), Department of Transportation (DOT)), or equivalent standards, will be included in requirements documents and will be applied to Army systems according to AR 385-10.
  11. The capability of a contractor to define and achieve system safety requirements will be evaluated during source selection. (See AR 715-6.)
  12. Safety and health verification and evaluation will be an integral part of the system safety effort. Safety and health acceptability of the system will be verified primarily by test and evaluation. (See AR 71-3 and AR 70-10.)
  13. Materiel modification programs (including depot overhaul, renovation, and retrofit) and mission changes will be evaluated for their effects on the overall safety and health features of the system and supporting facility.
  14. An independent assessment of system safety risks will be provided in all ASARC and IPR packages and will be provided directly to the program decision authority by the appropriate safety support for all MDRs and IPRs. A copy will be provided to Chief, MANPRINT Policy Division, HQDA, ATTN: DAPE-MRP, Washington, DC 20310-0300.
  15. All tests and pretest training involving soldiers require safety releases. This includes tests with type-classified materiel if used in a new or innovative manner. Copies of safety releases will be provided to the commander of the organization supplying these soldiers.
  16. Emphasis will be placed on designing out system hazards. Training, administrative procedures, and labels will be used only as a last option. (See priority list in MIL-STD-882.)
  17. Acceptance of system safety risks will be performed at a level of management authority commensurate with the risk. (See app B.) A formal SSRA will be used to document the acceptance of all risks exceeding the criteria therein for ""low'' risk. A separate SSRA will be developed for each residual hazard and will be processed at an appropriate time consistent with the design decision process for that system. It is not desired that processing of SSRAs be deferred until the MDR.
  18. All identified hazards and the status of their corrective actions will be recorded in a hazard-tracking system and maintained until system disposal.
  19. The SSWG will ensure that documentation of safety issues are provided to the appropriate MJWG MANPRINT coordinator for integration and coordination with the other domains of MANPRINT per AR 602-2 in the Materiel Acquisition Process. The MANPRINT program does not replace any of the activities, responsibilities, or reporting channels of the system safety program specified herein. Upon update of the SSMP, a copy will be provided to the MJWG.
AR 385-16 6. Objectives The primary objectives of system safety are as follows:
  1. Maximize operational readiness and mission effectiveness through accident prevention by ensuring that appropriate hazard- control measures are designed into the system in a timely manner.
  2. Ensure hazards associated with new technology or operations are identified for consideration in later applications.
  3. Ensure hazards are eliminated or controlled through design and that risk associated with residual hazards is formally identified, accepted by the appropriate management decision level, and documented.
  4. Identify hazards and manage the risk associated with these hazards for each system or facility throughout its life cycle in all possible configurations and all mission variations.
AR 385-16 Figures
System Safety Risk Assessment
Part I
  1. Item and system identification. (For systems containing radioactive materials or explosives, a brief statement will include identifying the status of the radioactive material license, Army authorization, range fans, or the applicable hazard classifications as listed.)
  2. For each residual hazard, provide the following:
    1. Hazard topic.
    2. Hazard description and consequences or risk acceptance of the proposed configuration. c. Hazard classification (severity and frequency according to MIL-STD-882).
    3. Source document or reference.
    4. Alternative actions that could reduce hazard level.
    3. Recommendations regarding risk acceptance.
    (Project office signature)
Part II
Recommendations by appropriate Safety Manager (Safety)

Part III
Recommendations by the Combat Developer

(Designated user representative)

Part IV
Recommendations by Materiel Developer

(Designated developer representa- tive)

Part V
*Decision of appropriate Acquisition Manager (app B)

(Acquisition)

*Note: For risks requiring AAE decision, the System Safety Risk Assessment will be coordinated with the Office of the Chief of Staff, Army. HQDA positions on the acceptability of risks will be established by the Deputy Chief of Staff for Personnel according to paragraph 4c(2) of this regulation.

Figure 1. Sample format for documentation of risk assessments

Safety Release
  1. Purpose of this safety release.
  2. References.
  3. System description. Give the name, type, and model number of the system and also the system"s mission. If a component, name the parent system. State the specific test for which the safety release is issued (for example, the test number as it appears in the 5-Year Test Program).
  4. Requirements and background.
    1. Requirements and procedures to conduct testing safely including range safety fans (user test only).
    2. Background and testing (DT only).
      1. Safety Assessment Report (SAR) and Health Hazard Assessment Reports (HHARs) will be enclosed or cited. If no SAR or HHAR exists, identify that fact.
      2. Summarize testing done or other basis (such as analyses or inspections) for safety release.
      3. State results of testing, safety problems, and significant incidents.
      4. Define or enclose development data to assist in preparing range safety fans, requirements, and procedures.
    5. Conclusion and recommendations.
    1. Indicate whether the system is safe for testing or whether it is safe for testing with exceptions. List hazards and any technical, maintenance, or operational limitations or precautions needed to prevent injury and property damage during testing. Include sufficient detail about the restrictions and controls needed during testing and training that the commander does not have to refer to any other data in order to ensure soldier safety. Outline the risks involved (severity and probability) if these limitations or precautions are not followed.
    2. Highlight any known safety problems that will require investigation during testing. Outline any changes made to the system since previous testing or since the SAR or HHAR were written. State the effect on safety from these changes.
    (Signature)
    (TECOM Safety Director or
    Information Systems Command Safety
    Director or Health Service Command
    Safety Director)
    6. The above defined limits and procedures can be realistically supported during the test.
    (Signature)
    (Commander of soldiers involved in
    the test)

Figure 2. Sample format of safety release

AR 385-16 Appendix A
References

AR 385-16 Section I
Required Publications

AR 70-1
Systems Acquisition Policy and Procedures. (Cited in paras 4k(4), 4p(1), 4p(2), 5b, and 5c.)

AR 70-10 Test and Evaluation During Development and Acquisition of
Materiel. (Cited in paras 4q(3), 4q(4), and 5l.)

AR 71-3
User Testing. (Cited in paras 4n and 5l.)

AR 385-10
Army Safety Program. (Cited in para 5j).

AR 385-40
Accident Reporting and Records. (Cited in para 4l(3).)

AR 602-2
Manpower and Personnel Integration (MANPRINT) in the Materiel
Acquisition Process. (Cited in para 5s.)

AR 700-127
Integrated Logistics Support. (Cited in paras 4e(3), 4f(5), and 4k(8).)

DA Pam 385-16
System Safety Management Guide. (Cited in para 4k(3), 4k(7), and 5h.)

DA Pam 700-55
Instructions for Preparing the Integrated Logistic Support Plan.
(Cited in paras 4f(5) and 4k(8).)

MIL-STD-882
System Safety Program Requirements. (Cited in para 5e.)

AR 385-16 Section II
Related Publications
A related publication is merely a source of additional
information. The user does not have to read it to understand this
regulation.

AR 11-2
Internal Control Systems

AR 15-14
System Acquisition Review Council Procedures

AR 40-10
Health Hazard Assessment Program in Support of the Army Materiel
Acquisition Decision Process

AR 40-60
Policies and Procedures for the Acquisition of Medical Material

AR 70-9
Army Research Information Systems and Reports

AR 70-15
Product Improvement of Materiel

AR 70-17
System/Program/Project/Product Management

AR 70-25
Use of Volunteers as Subjects of Research

AR 71-9
Materiel Objectives and Requirements

AR 95-3
Aviation: General Provision, Training, Standardization and
Resource Management

AR 140-478
Facilities, Projects, and Programs

AR 415-15
Military Construction, Army (MCA) Program Development

AR 415-20
Project Development and Design Approval

AR 415-25
Facilities for Research, Development, Test, and Evaluation

AR 415-32
Performance of Military Construction Projects in the Continental
United States by Troop Units

AR 415-35
Minor Construction

AR 602-1
Human Factors Engineering Program

CFR 260
Resource Conservation and Recovery Act, RCRA, Volume 40, Code of
Federal Regulations

DODD 5000.1
Major and Non-Major Defense Acquisition Programs

DODI 5000.2
Defense Acquisition Program Procedures

DODI 5000.36
System Safety Engineering and Management

DA Pam 738-750
The Army Maintenance Management System

TB 700-2
Department of Defense Explosives Hazard Classification Procedure

AR 385-16 Appendix B
Risk Acceptance Requirements and Associated Documentation
Decisions to accept risks associated with residual system safety hazards will be made at a management level commensurate with the risk. AR 70-1 establishes the AAE/PEO/PM chain as the programmatic decision structure for system acquisitions and modifications. Risk assessment criteria contained in MIL-STD-882 will be used to assess risks in Army systems and facilities. Based on these criteria, risks will be categorized in a three-tiered hierarchy which is tailored to the individual system requirements and which is applicable to the individual program decision authority structure. Figure B-1 provides the Department of the Army model for risk acceptance authority. This model can be used if appropriate for any program. Should program requirements dictate a different decision authority, an appropriate matrix will be developed by the PM. The recommended matrix will be submitted for approval to the AAE or designated authority. For new start systems, this should be done as part of the MDR I Acquisition Strategy. The risk acceptance hierarchy will be published and updated as required in the appropriate System Safety Management Plan.

Figure B-1. Decision authority matrix

AR 385-16 Glossary

AR 385-16 Section I

Abbreviations

AAE
Army Acquisition Executive

ADAP
Army Designated Acquisition Program

AMC
U.S. Army Materiel Command

AMSAA
Army Materiel Systems Analysis Agency

ANSI
American National Standards Institute

AR
Army Regulation

ARNG
Army National Guard

ARSTAF
Army Staff

ASARC
Army Systems Acquisition Review Council

ASA(RDA)
Assistant Secretary of the Army (Research, Development, and Acquisition)

COE
Chief of Engineers

COEA
Cost and operational effectiveness and analysis

CSA
Chief of Staff, U.S. Army

DA
Department of the Army

DA Cir
Department of the Army circular

DA Pam
Department of the Army pamphlet

DASAF
Director of Army Safety

DCSLOG
Deputy Chief of Staff for Logistics

DCSOPS
Deputy Chief of Staff for Operations and Plans

DCSPER
Deputy Chief of Staff for Personnel

DISC 4
Director of Information Systems for Command, Control, Communications, and Computers

DOD
Department of Defense

DODD
Department of Defense directive

DODI
Department of Defense instruction

DOT
Department of Transportation

DT
development testing

DTIC
Defense Technical Information Center

EIR
equipment improvement recommendation

FOA
field operating agency

HAZMIN
minimization of toxic and hazardous waste

HFE
human factors engineering

HFEA
human factors engineering analysis

HHA
health hazard assessment

HHAR
health hazard assessment report

HQDA
Headquarters, Department of the Army

HSC
U.S. Army Health Services Command

IER
independent evaluation report

ILS
integrated logistics support

IPR
in process review

IPT
initial production test

MAA
mission area analysis

MACOM
major Army command

MADP
Major Acquisition Decision Program

MANPRINT
Manpower and Personnel Integration

MCM
materiel change management

MCMR
materiel change management report

MDR
milestone decision review

MIL STD
military standard

MJWG
MANPRINT Joint Working Group

MRSA
Materiel Readiness Support Activity

NDI
nondevelopmental item

NFPA
National Fire Protection Association

ODCSPER
Office of the Deputy Chief of Staff for Personnel

OT
operational test

OTEA
Operational Test and Evaluation Agency

PEO
program executive officer

PHL
preliminary hazard list

PM
program manager

QDR
quality deficiency report

RD&A
research, development & acquisition

RDTE
research, development, test, and evaluation

SAR
safety assessment report

SFA
support facility annex

SMMP
System MANPRINT Management Plan

SOF
safety of flight

SOU
safety of use

SSMP
System Safety Management Plan

SSPP
System Safety Program Plan

SSRA
System Safety Risk Assessment

SSWG
System Safety Working Group

TECOM
U.S. Army Test and Evaluation Command

TEMP
Test and Evaluation Master Plan

TRADOC
U.S. Army Training and Doctrine Command

TSG
The Surgeon General

TT
technical test

USACE
U.S. Army Corps of Engineers

USAR
U.S. Army Reserve

USASC
U.S. Army Safety Center

USATHAMA
U.S. Army Toxic and Hazardous Materials Agency

UT
user test

AR 385-16 Section II

Terms

Terms used here are according to those in MIL-STD-882 unless Army requirements dictate otherwise.

Accident

Any unplanned event or series of events that result in death, injury, or illness to personnel, or damage to or loss of equipment or property. (Within the context of this regulation, accident is synonymous with mishap.)

Acquisition and modification process

The MJWG, as a minimum, includes representatives from all MANPRINT domains plus the AMC MSC ILS/MANPRINT Manager. The group manages all MANPRINT issues and provides oversight to ensure that MANPRINT plans are executed and objectives met. The group is established by the TRADOC proponent combat developer 3 to 6 months prior to Operational and Organizational Plan submission, and its representation depends on available assets and type of acquisition.

Army Acquisition Executive (AAE)

Principal advisor and staff assistant to the Secretary of the Army for acquisition of Army systems.

Combat developer (CBTDEV)

Command or agency that formulates doctrine, concepts, organization, training, materiel requirements, and objectives. Represents the user community over the life cycle of the system.

Cost and operational effectiveness and analysis (COEA)

Comparison between costs to develop, produce, distribute, and maintain a materiel system and the ability of the system to meet the requirement for eliminating or reducing a force or mission deficiency.

Hazard

A condition that is a prerequisite for an accident.

HAZMIN

The minimization of toxic and hazardous waste according to current regulations of the Environmental Protection Agency, as well as other county, State and Federal agencies, is of increasing concern to the Armed Forces. Consideration of HAZMIN early in the research, development, and acquisition cycle may reduce hazardous waste problems later, during production, maintenance, transportation, storage, and final disposal of equipment. Materials proposed for new systems should be compared with the list of hazardous materials published in the Resource Conversation and Recovery Act, RCRA, Volume 40, Code of Federal Regulations, CFR 260 series. If such material is proposed for use, then studies should be made to find less hazardous material or to justify continued use. AR 200-1 applies. The U.S. Army Toxic and Hazardous Materials Agency (USATHAMA) is available to assist as needed.

Health hazard

An existing or likely condition, inherent to the operation, maintenance, storage or disposal of materiel or a facility, that can cause death, injury, acute or chronic illness, disability, or reduced job performance.

Health hazard assessment

The application of biomedical and psychological knowledge and principles to identify, evaluate, and control the risk to the health and effectiveness of personnel who test, use, or service Army systems.

Human factors engineering

A comprehensive technical effort to integrate into Army doctrine, materiel development, and materiel acquisition (to ensure operational effectiveness) all relevant information on-

  1. Human characteristics.
  2. Skill capabilities.
  3. Performance.
  4. Anthropometric data.
  5. Biomedical factors.
  6. Safety factors.
  7. Training.
  8. Manning implications.
Independent evaluation
The process used by the independent evaluators to independently determine if the system satisfies the approved requirements. It will render an assessment of data from all sources, simulation and modeling, and an engineering or operational analysis to evaluate the adequacy and capability of the system.

Independent safety assessment

That document prepared by the USASC and forwarded to the AAE assessing the risk of the residual hazards in a system prior to the MDRs.

Inherent hazard

An existing or permanent hazard (such as voltage, for example).

Life cycle

The life of a system from conception to disposal.

MANPRINT

A comprehensive management and technical program to enhance human performance and reliability in the operation, maintenance, and use of weapon systems and equipment. MANPRINT achieves this objective by integrating the full range of human factors engineering, manpower, personnel, training, system safety and health hazards considerations into the materiel development.

Materiel acquisition decision process

Those milestone reviews held to determine if a system is ready to progress to the next phase of the acquisition process.

Materiel developer (MATDEV)

Command or agency responsible for the functional support for the research, development, and acquisition process.

Operational independent evaluator

A command or agency, normally OTEA or TRADOC, independent of the materiel and combat developers, that conducts operational independent evaluations of Army systems.

Operational tester

A command or agency that plans, conducts, and reports the results of operational testing. Operational testers are OTEA or designated operational testers, normally TRADOC.

PEO-Separately reporting PM

Individual responsible for administering a defined number of major or nonmajor acquisition programs who reports to and receives direction from the Army Acquisition Executive (AAE).

Project-product manager

Individual chartered to conduct business on behalf of the Army who reports to and receives direction from either a PEO, the AAE, or other materiel developer and is responsible for the centralized management of a specified acquisition program.

Residual hazards

Hazards that are not eliminated by design.

Risk

An expression of possible loss in terms of hazard severity and hazard probability.

Risk assessment

An evaluation of a risk in terms of loss should a hazard result in an accident and against the benefits to be gained from accepting the risk.

Safety

Freedom from those conditions that can cause death, injury, occupational illness, or damage to, or loss of, equipment or property.

Safety assessment report

A formal summary of the safety data collected during the design and development of the system. In it, the materiel developer summarizes the hazard potential of the item, provides a risk assessment, and recommends procedures or other corrective actions to reduce these hazards to an acceptable level.

Safety confirmation letter

A separate document or part of the independent evaluation report (IER) or position letter that provides the materiel developer with the DT or OT agency safety findings and conclusions, and states whether the specified safety requirements are met.

Safety-health verification

The development of data used to evaluate the safety and health features of a system to determine its acceptability, primarily done during developmental test (DT) and user or operational test (OT) and evaluation and supplemented by analysis and independent evaluations.

Safety Release

A formal document issued to any user or technical test organization before any hands-on training, use, or maintenance by troops. The Safety Release is a stand-alone document which indicates the system is safe for use and maintenance by typical user troops and describes the specific hazards of the system or item based on test results, inspections, and system safety analyses. Operational limits and precautions are included. The test agency uses the data to integrate safety into test controls and procedures and to determine if the test objectives can be met within these limits. A Limited Safety Release is issued on one particular system (Bradley Fighting Vehicle, Serial No. XXXXX). A Conditional Safety Release is issued when further safety data are pending (for example, completion of further testing or a certain safety test) and restricts a certain aspect of the test.

System

A composite, at any level of complexity, of trained personnel, procedures, materials, tools, equipment, facilities, and software. The elements of this composite entity are used together in the intended operational or support environment to perform a given task or achieve a specific production, support, or mission requirement.

System MANPRINT Management Plan (SMMP)

The SMMP serves as the planning and management guide and an audit trail to identify the tasks, analyses, tradeoffs, and decisions that must be made to address MANPRINT issues during the materiel acquisition process. The SMMP is initiated by the combat developer or training developer when the mission area analysis (MAA) identifies a battlefield deficiency requiring development of new or improved materiel. The SMMP will be updated as needed throughout the materiel acquisition process.

System safety

The application of engineering and management principles, criteria, and techniques to optimize safety within the constraints of operational effectiveness, time, and cost throughout all phases of the system or facility life cycle.

System safety engineering

An engineering discipline requiring specialized professional knowledge and skills in applying scientific and engineering principles, criteria, and techniques to identify and eliminate hazards or reduce the risk associated with the hazards.

System safety lessons learned

A collection of real or potential safety or health-related problems based on data analysis or experience that can be applied to future and current systems to prevent similar recurrences.

System safety management

An element of management that defines the system safety program requirements and ensures the planning, implementation, and accomplishment of system safety tasks and activities consistent with the overall program requirements.

System Safety Management Plan

A management plan that defines the system safety program requirements of the Government. It ensures the planning, implementation, and accomplishment of system safety tasks and activities consistent with the overall program requirements.

System Safety Program Plan (SSPP)

A description of planned methods to be used by the contractor to implement the tailored requirements of MIL-STD-882, including organizational responsibilities, resources, method of accomplishment, milestones, depth of effort, and integration with other program engineering and management activities and related systems.

System Safety Risk Assessment

A document that provides a comprehensive evaluation of the safety risk being assumed for the system under consideration at the milestone decision review.

System safety working group

A group, chartered by the PM, to provide program management with system safety expertise and to ensure communication among all participants.

Technical independent evaluator

A command or agency, independent of the PM or developing major subordinate command, that conducts technical independent evaluations of Army systems, normally Army Materiel Systems Analysis Agency (AMSAA) or TECOM.

Technical tester

The command or agency that plans, conducts, and reports the results of Army development testing on behalf of the command or agency.

Technical tests

A generic term for testing which gathers technical data during the conduct of development testing, technical feasibility testing, qualification testing, joint development testing, and contractor or foreign testing.

Test agency

An organization that conducts development tests or user tests.

User test

A generic term which encompasses testing which requires the use of user representative user troops and units for early user test and experimentation, force development test and experimentation, innovative tests, concept evaluation program tests, training effectiveness analysis tests, initial operational test and evaluation, follow-on operational test and evaluation, and joint user tests.

AR 385-16 Index

This index is organized alphabetically by topic and subtopic. Topics and subtopics are identified by paragraph number.

Army Acquisition Executive, 4a, 5f, app B
Army Materiel Command, 4p
Army Systems Acquisition Review Council, 4a, 4h, 4i, 5n
Assistant Secretary of the Army for Research, Development and Acquisition, 4a, 4i
Chief of Engineers, 4f
Combat Developer, 4k(14), 4m, 4l(3)
Cost and Operational Effectiveness Analysis, 4m(4)

Director of Army Safety, 4h
Deputy Chief of Staff for Logistics, 4e
Deputy Chief of Staff for Operations and Plans, 4h
Deputy Chief of Staff for Personnel, 4c, 4i(3), 5n
Director of Information Systems for Command, Control, Communications and Computers, 4b
Equipment Improvement Recommendation, 4k(13), 4l(2), 4r(2)

Field Operating Agency, 4l
Human Factors Engineering, 4h, 5i
Health Hazard Assessment, 4h, 5i
Health Hazard Assessment Report, 4g(6), 4k(19)

Installation Commanders, 4n, 4o, 4p
Independent Evaluation Report, 4q(1)
Integrated Logistic Support, 4e, 4f(5), 4k(8), 4s
Support Facility Annex, 4f(5), 4k(8)
In-Process Review, 4s
Major Acquisition Decision Program, 4b(5), 4g(1)
MANPRINT, 4i(3), 4i(7), 4k(7), 4k(11), 4n3, 4o(3), 5b, 50n
MANPRINT Joint Working Group, 4k(7), 5(h), 5s
System MANPRINT Management Plan, 4m(7)
Materiel Change Management, 4a(6), 4b(5), 4k(1)
Materiel Development Commanders, 4p, 4m(6)

Nondevelopment Item, 5b
Program Executive Officer, 4g(4), 4g(7), 4j, 4p(4), app B
Preliminary Hazard List, 4f(2), 4r(3)
Program Manager, 4g(4), 4g(7), 4k, 4m(2), 4m(3), 4m(6), 4p(2), 4p(4), app B

Quality Deficiency Report, 4k(13), 4l(2), 4r(2)
Safety Assessment Report, 4g(6), 4k(9)
Safety of Flight, 4e(1)
Safety of Use, 4e(1)
Surgeon General, 4g
System Safety Management Plan, 4k(1), 4k(7), 5d, 5f, 5t
System Safety Risk Assessment, 4f(6), 4i(2), 4k(4), 4k(12)(13), 4m(2), 4p(3), 5(3)(c), 5g, app B, fig 1
System Safety Working Group, 4k(7), 5h

Test and Evaluation Master Plan, 4k(10)
Technology Safety Steering Committee, 4m(7), 4p(2)
Testing

User Test, 4k(9), 4q(1)
Technical Test, 4k(9), 4q(1)
Agencies, 4k(9), 4n, 4q
U.S. Army Corps of Engineers, 4r(3), 4r(5), 4r(6)
U.S. Army Safety Center, 4a(6), 4b(6), 4e(2), 4i

Contact Us  |  Accessibility  |  Privacy & Security  |  No Fear Act Notice  |  FOIA  |  A-Z

Last modified on Nov 24, 2010 3:37:06 PM