SSG-50 Operating Experience Feedback for Nuclear Installations

Hledej:

Sekce	Odstavec	Text
Main
Main	1.1.	IAEA Safety Standards Series No. SSR-2/2 (Rev. 1), Safety of Nuclear Power Plants: Commissioning and Operation [1]; IAEA Safety Standards Series No. SSR-3, Safety of Research Reactors [2]; IAEA Safety Standards Series No. SSR-4, Safety of Nuclear Fuel Cycle Facilities [3]; IAEA Safety Standards Series No. GSR Part 2, Leadership and Management for Safety [4]; and IAEA Safety Standards Series No. GSR Part 1 (Rev. 1), Governmental, Legal and Regulatory Framework for Safety [5] establish safety requirements — based on IAEA Safety Standards Series No. SF-1, Fundamental Safety Principles [6] — for the provision of feedback on operating experience. International conventions such as the Convention on Nuclear Safety [7] (in Article 19) and the Joint Convention on the Safety of Spent Fuel Management and on the Safety of Radioactive Waste Management [8] (in Article 9) also emphasize the importance of providing feedback on operating experience. These safety standards and conventions stress the importance of establishing programmes to collect and analyse relevant operating experience and of acting on the results.
Main	1.2.	In 1989, the IAEA issued IAEA Safety Series No. 93, Systems for Reporting Unusual Events in Nuclear Power Plants¹ . That Safety Guide presented a recommended scheme for the management of safety related operating experience in nuclear power plants that was based on available national practice at the time. In 2006, the IAEA issued another Safety Guide as IAEA Safety Standards Series No. NS-G-2.11, A System for the Feedback of Experience from Events in Nuclear Installations² . NS-G-2.11 superseded and constituted an update and extension of IAEA Safety Series No. 93.
Main	1.3.	This publication is a revision of NS-G-2.11 and supersedes it. This revised Safety Guide updates the recommendations on meeting the obligations, principles and requirements established in international conventions, the Fundamental Safety Principles (SF-1 [6]) and the applicable Safety Requirements publications (Refs [1–5]). This Safety Guide also extends the scope to cover the provision of feedback on operating experience throughout the lifetime of nuclear installations, from design to decommissioning, and provides additional guidance on analysing and reporting operating experience, including good practices.
Main	1.4.	The objective of this Safety Guide is to provide recommendations for establishing, implementing, assessing and continuously improving an operating experience programme for nuclear installations to prevent or minimize the risk of future events³ by learning from events that have already occurred at the installation or elsewhere.
Main	1.5.	This Safety Guide is primarily aimed at operating organizations and regulatory bodies responsible for nuclear installations and describes their roles and responsibilities in the overall operating experience programme. However, this Safety Guide is also of relevance to other organizations involved in the design, construction, commissioning, operation and decommissioning of nuclear installations, including technical support organizations, vendor companies (e.g. designers, engineering contractors, manufacturers), research establishments and universities providing research and safety related services in support of a nuclear facility.
Main	1.6.	This Safety Guide is applicable to all types of nuclear installation that are part of the nuclear fuel cycle, except facilities for the mining or processing of uranium ores or thorium ores and disposal facilities for radioactive waste. The types of nuclear installation to which this Safety Guide applies include nuclear power plants, research reactors (including subcritical and critical assemblies) and adjoining radioisotope production facilities, storage facilities for spent fuel, facilities for the enrichment of uranium, nuclear fuel fabrication facilities, conversion facilities, facilities for the reprocessing of spent fuel, facilities for the predisposal management of radioactive waste arising from nuclear fuel cycle facilities, and nuclear fuel cycle related research and development facilities.
Main	1.7.	This Safety Guide is applicable to the design, construction, commissioning, operation and decommissioning stages in the lifetime of nuclear installations.
Main	1.8.	This Safety Guide does not address the arrangements for the notification and sharing of information established under the Convention on Early Notification of a Nuclear Accident and the Convention on Assistance in the Case of a Nuclear Accident or Radiological Emergency [10], which place specific obligations relating to a nuclear or radiological emergency on the States Parties to the conventions and on the IAEA. IAEA Safety Standards Series No. GSR Part 7, Preparedness and Response for a Nuclear or Radiological Emergency [11], further addresses the requirements on notification and assistance relating to a nuclear or radiological emergency.
Main	1.9.	This Safety Guide does not address operating experience relating to nuclear security, although many of the recommendations in this Safety Guide would be relevant. The main reason that nuclear security related operating experience is not addressed is that some information in the operating experience programme may be subject to confidentiality requirements for security or other reasons established under the Amendment to the Convention on the Physical Protection of Nuclear Material [12]. Guidance on information security is outside the scope of this Safety Guide; such guidance is provided in the IAEA Nuclear Security Series Nos 13, 20 and 23-G [13–15].
Main	1.10.	Section 2 provides recommendations on the operating experience programme to be established and implemented in the operating organization. Section 3 provides recommendations on the operating experience programme for the regulatory body. Additional detailed guidance is provided in the Appendix. Descriptions of the operating experience systems operated by the IAEA are given in the Annex.
Main	2.1.	All organizations with responsibilities for safety should foster mutual understanding and respect through honest and open communication on operating experience as part of a strong safety culture (as indicated by Requirement 12 of GSR Part 2 [4]). This communication should include reporting any deficiencies with potential adverse effects on safety even if they are not covered by formal reporting requirements.
Main	2.2.	All organizations with responsibilities for safety should implement or participate in an effective operating experience programme. A graded approach should be applied so that the participation in such a programme is commensurate with the safety significance of the activities at the installation and with the role of the organization.
Main	2.3.	Requirement 24 of SSR-2/2 (Rev. 1) [1] states that “The operating organization shall establish an operating experience programme to learn from events at the plant”. Paragraph 5.27 of SSR-2/2 (Rev. 1) [1] states further that “[the operating organization] shall obtain and evaluate available information on relevant operating experience at other nuclear installations to draw and incorporate lessons for its own operations”. Similar requirements apply to research reactors (Requirement 88 and para. 7.126 of SSR-3 [2]) and to nuclear fuel cycle facilities (Requirement 73 and para. 9.133 of SSR-4 [3]). Operating experience from other industries with stringent safety requirements (e.g. chemical plants, air or sea transport) should be used, as far as such information can be obtained with commensurate effort.
Main	2.4.	An effective operating experience programme should include the following main elements: Identification and reporting of internal operating experience; Collection of external operating experience⁴; Screening of operating experience, including immediate review of events of specific interest; Investigation and in-depth analysis of relevant operating experience; Trending and review for timely recognition of developing issues; Management of corrective actions resulting from investigation and analysis of operating experience, including approval, implementation, tracking and evaluation of their effectiveness; Use, dissemination and exchange of operating experience, including through national and international reporting systems; Review of the effectiveness of the operating experience programme; Maintenance of a storage, retrieval and documentation system for operating experience.
Main	2.5.
Main	2.6.	The exchange of experience with national and international systems for the gathering of feedback on operating experience may be supported by external organizations (e.g. there may be industry organizations or other national organizations through which reporting might be routed).
Main	2.7.	Principle 3 of the Fundamental Safety Principles [6] states that “Effective leadership and management for safety must be established and sustained in organizations concerned with, and facilities and activities that give rise to, radiation risks”. Paragraph 3.12 of SF-1 [6] further states that “The management system also has to ensure the promotion of a safety culture, the regular assessment of safety performance and the application of lessons learned from experience.”
Main	2.8.	In support of Requirement 12 on fostering a culture for safety, para. 5.2 of GSR Part 2 [4] states that:
Main	2.9.	In support of Requirement 13 on measurement, assessment and improvement of the management system, para. 6.7 of GSR Part 2 [4] states that:
Main	2.10.	Within the management system, management should plan and establish an operating experience programme at the beginning of the lifetime of the installation so that relevant operating experience can be collected, analysed and disseminated throughout the lifetime of the installation, including decommissioning. Management should ensure that the findings of operating experience are used for learning at all levels of the organization and in all areas important for safety. The analysis of operating experience should be complemented by a process to synthesize all relevant operating experience data to identify generic lessons and actions for improvement of the management system.
Main	2.11.	The management system should include procedures for the provision of feedback on operating experience from activities undertaken at the installation, as part of the operating experience programme implemented to prevent recurrence of events and to enhance safety.
Main	2.12.	The responsibility of management to foster a strong safety culture includes a requirement to advocate and support:
Main	2.13.	Management should foster a ‘just culture’⁶ in which shortcomings in human performance are used as learning opportunities. The open reporting of potentially useful experience and a questioning attitude should be encouraged and reinforced at all organizational levels.
Main	2.14.	Management’s decisions regarding the operating experience programme should be driven by the goal of maintaining and improving safety performance to meet the overriding priority of protecting people and the environment against radiation risks.
Main	2.15.	Management should be proactive in identifying drivers of risks at the organizational and management levels and in highlighting the ongoing need to improve safety.
Main	2.16.	Management should foster a positive environment for creating, maintaining and continuously improving the operating experience programme.
Main	2.17.	Management should ensure that the operating experience programme has sufficient dedicated staff with suitable training, qualifications and experience.
Main	2.18.	Management should ensure that the operating experience programme is adequately supported, including with the necessary infrastructure and information technology tools to allow all staff easy access to relevant operating experience information.
Main	2.19.	Management should ensure that all personnel are informed about the objectives of the operating experience programme and their role in its implementation. Expectations for the identification and reporting of events, performance weaknesses and negative trends should be communicated effectively to ensure that those expectations are met by everyone at the installation, including contractors. Opportunities for improvement and good practices should also be clearly communicated. The expectations should be communicated through formal means, such as briefings and group meetings, written instructions and training; through informal means, such as newsletters and information systems; and by example, such as through supervision and coaching.
Main	2.20.	Management should ensure that corrective actions resulting from the operating experience programme are given appropriate priority within budgetary and staffing plans to ensure that they are implemented, with follow-up to review their effectiveness. This should also include the implementation of corrective actions relating to radioactive waste minimization and the early allocation of adequate funds for decommissioning.
Main	2.21.	Management should ensure that records of the operating experience programme are maintained, easily retrievable and retained for an appropriate period (for the life of the installation, if necessary).
Main	2.22.	Management should monitor and review the effectiveness of the operating experience programme on a regular basis, at a frequency commensurate with the type of installation and with the number and significance of the operating experience issues arising.
Main	2.23.	Operating organizations should identify and feed into their operating experience programme all issues such as (a) events, including low level events and near misses; (b) potential problems relating to equipment and human performance; (c) safety related concerns; (d) situations that are likely to give rise to errors and need to be addressed to prevent undesired effects; (e) procedural deficiencies; and (f) inconsistencies in documentation. Opportunities for improvement and good practices that are relevant to safety should also be identified and fed into the programme.
Main	2.24.	The sources of operating experience should include (a) documentation relating to the design, construction, commissioning, operation and decommissioning of the installation, to the fabrication, set-up, and dismantlement of equipment, and to the procurement and testing of goods and services; (b) operational, maintenance and audit records; and (c) results from regulatory inspections and reviews, training sessions, walkdowns, trending, surveillance, benchmarking, peer reviews, self-assessments, and safety and risk analyses. Issues involving non-conforming, counterfeit, fraudulent or suspect items or parts that have the potential to constitute a substantial safety hazard should also be identified and reported within the operating experience programme.
Main	2.25.	Operating organizations should develop procedural guidelines that outline reporting criteria appropriate for the type of installation being operated and consistent with national regulatory requirements. Further guidance on reporting is given in the Appendix.
Main	2.26.	Issues should be identified and reported promptly to facilitate timely screening and the implementation of any immediate actions necessary for safety and follow-up.
Main	2.27.	The identification and reporting of low level events and near misses should be encouraged and included in the operating experience programme, since such events can provide valuable lessons to help avoid more significant events.
Main	2.28.	Everyone in the operating organization should be able to report any issues that they encounter. The operating experience reporting system should be easily accessible to all personnel within the operating organization; the system should be user friendly, and computerized whenever possible. Contractor personnel should have access to the operating experience reporting system when relevant for them. Even if accountability is encouraged by recording who reports an event, anonymous reporting should also be possible.
Main	2.29.	Individuals who report issues should receive feedback, due acknowledgement, and recognition from management to encourage future reporting. Good examples of reporting should be widely communicated within the installation to encourage future reporting and a questioning attitude.
Main	2.30.	An immediate review of events with significant challenges for the safety of the installation should be undertaken by the operating organization to ensure that appropriate immediate actions are taken to restore a safe state and to preclude recurrence. A process should be put in place to ensure that preliminary reports on such events are reported to the regulatory body and to relevant external organizations in a timely manner.
Main	2.31.	In order to apply a graded approach to operating experience, identified issues should be screened in a timely manner to evaluate their significance on the basis of their actual or potential consequences for safety. Written guidance with established criteria for significance should be used for the screening process. The screening process should determine the type of investigation or level of analysis for all reported issues, and necessary compensating or mitigating actions should be initiated commensurate with the significance of the issues.
Main	2.32.	Management should assign a suitably experienced, knowledgeable, multidisciplinary team to the screening task. The team should include personnel with knowledge of relevant technical matters and of human and organizational factors. The screening team should have management support and the authority to allocate the responsibilities necessary to carry out the investigation and analysis of the issues or events.
Main	2.33.	Screening criteria should include the actual or potential consequences of reported issues for nuclear safety, radiation protection, protection of the environment and non-radiation-related safety.
Main	2.34.	Screening should include consideration of the possible implications of an issue for other areas of the installation or operating organization from those in which the issue was reported.
Main	2.35.	Screening should include identifying and prioritizing any immediate actions that might be necessary, in accordance with the safety significance and potential for recurrence of a particular issue or in accordance with the significance of a developing adverse trend.
Main	2.36.	External operating experience (from other nuclear installations and interested parties, such as vendors, suppliers, designers and research institutions) should also be identified and screened for applicability to the installation and significance for safety. Such operating experience should not be dismissed solely, for example, on the basis of differences in design or equipment; all relevant aspects should be considered. Screening for applicability should include consideration of aspects such as the following: Whether immediate actions are necessary in response to significant external operating experience; Whether there are generic implications that may apply to the installation; Whether there is similar equipment at the installation; The possibility of the occurrence of a similar event at the installation; Whether reported corrective actions are applicable to the installation; Whether similar environmental conditions exist; Whether similar management expectations, personnel behaviours, practices or processes (i.e. organizational factors) have been observed in the organization.
Main	2.37.	In operating organizations with nuclear installations in several locations, a centralized group may be considered to conduct screening of external operating experience.
Main	2.38.	When external operating experience is determined to be significant but not applicable to the installation, the basis for this decision should be documented.
Main	2.39.	The results from the screening of all operating experience (internal and external) should be recorded and may be used for evaluation in subsequent self-assessments, periodic safety assessments or peer reviews.
Main	2.40.	Paragraph 5.28 of SSR-2/2 (Rev. 1) [1] states that:
Main	2.41.	The operating organization should implement procedures with criteria specifying the type of investigation that is appropriate for any category of event. The type of investigation should be commensurate with the actual or potential consequences of an event and the likelihood of its recurrence. Events should be investigated using appropriate analysis techniques.
Main	2.42.	The level of investigation and analysis applied should be commensurate with the significance of the event. For example: In the case of an event with the potential to provide major lessons (e.g. an event with severe actual or potential consequences, or significant consequences and a high likelihood of repetition), a formal root cause analysis, tailored to the type of event, should be performed. The root cause analysis should be conducted by a team with appropriate skills and knowledge relevant to the nature of the event. For an event providing fewer and/or less important lessons (e.g. an event with moderate actual or potential consequences), the apparent causes should be identified and corrected. Adverse trends, including those consisting of minor issues, should be reviewed for safety significance and, when necessary, investigated using appropriate techniques to identify causes and generic implications.
Main	2.43.	Management should assign to investigations individuals with the necessary technical knowledge and with skills in investigation techniques. At least one individual on each team conducting root cause analysis should have received formal training (and regular retraining) in root cause analysis and have recent experience in conducting root cause analysis in investigations.
Main	2.44.	Procedures should be developed and implemented setting out how investigations should be conducted, including defining the scope and mandate of the investigation, the methodology to be followed, the time frame, the specific techniques and tools to be used, the composition of the investigation team and the format of the final report.
Main	2.45.	Investigations should be performed without undue managerial or organizational influence over the results. Events with significant implications for safety should be investigated by a team with sufficient independence from the line management to identify and address organizational issues objectively. The objective of the investigation of an event is the prevention of future events. This activity should focus on fact finding and should not be used to assign blame or liability.
Main	2.46.	The investigation should be started as soon as practicable, consistent with maintaining the safety of the installation, to ensure that important information is not lost, invalidated or removed.
Main	2.47.	In the case of events for which root cause analysis is necessary, the analysis should document the following: The complete event sequence (what happened, including how the event developed); A cause analysis identifying technical, human and organizational factors and other contributing factors (why it happened); An assessment of the safety significance (what could have happened); An evaluation of the immediate or compensatory actions taken; Corrective actions identified to prevent recurrence; A strategy for the determination of effectiveness of the corrective actions; An evaluation of the extent to which similar conditions are present in other structures, systems and components or processes at the installation, or in human performance in the organization (‘extent of condition’); An evaluation of the extent to which similar specific root or underlying causes could affect the safety of other structures, systems and components or processes at the installation, or in human performance in the organization (‘extent of cause’); An evaluation of the potential for common cause failures or common mode failures.
Main	2.48.	Relevant internal and external operating experience should be reviewed in an investigation to identify any other similar events and to learn from industry experience. If a previous similar event is found to have occurred at the installation, then the corrective actions taken should be reviewed to identify why the event recurred and to identify more effective corrective or preventive actions.
Main	2.49.	Issues identified in the investigation but not relevant to the causes of the event should be documented and reported through the established reporting system.
Main	2.50.	In cases in which root cause analysis has been carried out, a multidisciplinary management team should review the completed investigation to provide additional assurance that all root causes and organizational contributors have been identified and that corrective actions have been developed to address the causes and to prevent recurrence.
Main	2.51.	The level of analysis applied to external operating experience should be commensurate with the significance of the operating experience and its ability to prevent similar events or to reduce the likelihood of their occurrence at the installation.
Main	2.52.	Paragraph 5.29 of SSR-2/2 (Rev. 1) [1] states that: “Information on operating experience shall be examined by competent persons for any precursors to, or trends in, adverse conditions for safety, so that any necessary corrective actions can be taken before serious conditions arise.” Similar requirements apply to research reactors (para. 7.128 of SSR-3 [2]) and to nuclear fuel cycle facilities (para. 9.136 of SSR-4 [3]).
Main	2.53.	The operating organization should establish a trending and review process to allow recognition of developing or emerging problems so that proactive measures can be taken before serious conditions arise. Trending and review should be performed at the installation level and at the operating organization level.
Main	2.54.	Operating experience data should be collected and stored in a database to enable the timely identification and review of adverse trends and recurring themes. As a minimum, the attributes of each event or issue should be coded on the basis of the affected structures, systems and components; the identified causes; and the actual or potential consequences for safety.
Main	2.55.	Such codes should be assigned by designated individuals with appropriate skills and knowledge to ensure consistency in coding. When applicable, the coding system should be harmonized between the installations of an operating organization, and may be harmonized with coding systems used in other national or international databases of operating experience, to facilitate the exchange of information.
Main	2.56.	The types of trend (including trends in low level events and near misses) that should be identified and reviewed include the following: Recurring issues occurring in several relevant reported events; Events or issues arising particularly in certain operating modes or during certain activities; Recurring failures or degraded performance of particular systems or components; Trends in causes of identified events or issues; Adverse trends in human and organizational performance; Trends involving small incremental changes over a long period of time; Trends identified by comparing current performance to a previous similar operating condition (e.g. comparing two outages); Positive trends.
Main	2.57.	An appropriate review should be conducted in response to identified adverse trends. The level of analysis in the review should be based on the safety significance of the events or issues and the nature and speed of the changes that constitute the trend. For significant trends, root cause analysis should be conducted. Reviews should identify generic issues and derive generic lessons.
Main	2.59.	Paragraph 5.30 of SSR-2/2 (Rev. 1) [1] states that:
Main	2.60.	Recommendations on corrective actions resulting from analysis of external operating experience should be developed to prevent similar events or reduce the likelihood of their occurrence at the installation.
Main	2.61.	Corrective actions should be prioritized on the basis of safety considerations. Safety should not be compromised by any corrective action.
Main	2.62.	The relevant manager(s) responsible for the implementation of a corrective action should be included in its development and should be held accountable for its effective implementation.
Main	2.63.	Senior management should review and approve (a) major corrective actions⁷ resulting from internal events with significant implications for safety and (b) external operating experience providing major lessons.
Main	2.64.	A periodic evaluation should be carried out to review the status of corrective actions that have not been completed and the effectiveness of those that have.
Main	2.65.	Major corrective actions that have not been completed should be assessed periodically in aggregate to check whether the risk to the installation is still acceptable. Extensions to deadlines for, or the modification or cancellation of, major corrective actions should be minimized and should occur only with the approval of the senior management of the installation. The effectiveness of major corrective actions should be reviewed after their completion.
Main	2.66.	If the recommended corrective actions will take a long time to implement, the need for interim or compensatory corrective actions should be analysed so that necessary actions are taken to minimize the risk of recurrence.
Main	2.67.	Corrective actions should be tracked through to completion and close out.
Main	2.68.	Paragraph 5.27 of SSR-2/2 (Rev. 1) [1], para. 7.126 of SSR-3 [2] and para. 9.133 of SSR-4 [3] state that the operating organization “shall also encourage the exchange of experience within national and international systems for the feedback of operating experience.”
Main	2.69.	Paragraph 5.32 of SSR-2/2 (Rev. 1) [1] states that:
Main	2.70.	Relevant operating experience should be shared with other organizations in a timely manner at appropriate levels (e.g. at the level of designers, constructors, installations or operating organizations, or national and international organizations). Recipients of different specified types of information may include organizations with planned or ongoing nuclear power programmes; technical support organizations in the nuclear field; vendor companies, including designers, engineering contractors and manufacturers; regulatory bodies; and centralized international reporting systems.
Main	2.71.	Lessons learned from internal and external operating experience should be implemented in relevant processes, such as training, revision of procedures, work management, and design and modification of the installation.
Main	2.72.	Personnel should use the lessons from operating experience in their activities to improve safety and prevent events. This use should be actively encouraged and reinforced by management.
Main	2.73.	Relevant operating experience should be made readily accessible in a user friendly form (with due regard for the sensitive nature of certain information) to all operating organization personnel for use in their work, for example in pre-job briefings, management meetings and planning outages.
Main	2.74.	Although the operating organization is required to encourage the exchange of experience, legal requirements and commercial interests may restrict the dissemination of some information. In particular, information that could affect nuclear security should be identified, and its confidentiality should be protected as required by national law or regulation. Guidance on information security can be found in IAEA Nuclear Security Series No. 23-G, Security of Nuclear Information [15].
Main	2.75.	Paragraph 5.33 of SSR-2/2 (Rev. 1) [1] states that: “The operating experience programme shall be periodically evaluated to determine its effectiveness and to identify any necessary improvements.”
Main	2.76.	The effectiveness of the operating experience programme should be assessed using methods such as self-assessment, benchmarking and independent peer review⁸ Such assessment should be carried out on a regular basis by teams of experienced personnel who are familiar with the operating experience programme.
Main	2.77.	Criteria and performance indicators for assessing the effectiveness of the main elements of the operating experience programme should be developed and implemented. Performance indicators should include both process based and result based indicators.
Main	2.78.	The results of various assessments of the effectiveness of the operating experience programme should be used to identify areas for improvement and to address them by appropriate measures. The assessments should also be used to determine whether previous improvement measures have been effective in addressing specific performance gaps.
Main	2.79.	The operating organization should establish and maintain a system for the storage, retrieval and searching of operating experience. The system should be able to be effectively searched using an appropriate coding or keyword system.
Main	2.80.	Relevant operating experience information should be retained for use throughout the installation’s operating lifetime, including as input for periodic safety review, deterministic and probabilistic safety assessment, the design and implementation of plant modifications, and ageing management.
Main	3.1.	The regulatory body and all other organizations with responsibilities for safety should foster mutual understanding and respect through honest and open communication, including on operating experience. Such communication should include safety related issues that are not covered by formal reporting requirements, consistent with Requirement 21 of GSR Part 1 (Rev. 1) [5]. Specifically, such communication may also include good practices and positive occurrences.
Main	3.2.	Every regulatory body with safety related responsibilities should establish and implement an effective operating experience programme. A graded approach should be used to apply the programme in a manner commensurate with the risks associated with the activities at the regulated installation(s).
Main	3.3.	The regulatory body should develop national regulations and, when appropriate, associated regulatory guidance, requiring operating organizations to establish and maintain operating experience programmes and ensure that operating experience is appropriately analysed, that lessons to be learned are disseminated, and that appropriate records relating to the safety of facilities and activities are saved and available. The regulatory body should ensure that such programmes are in place at operating organizations.
Main	3.4.	The regulatory operating experience programme should include operating experience reported by operating organizations, as well as regulatory experience. In accordance with Requirement 15 of GSR Part 1 (Rev. 1) [5]:
Main	3.5.	The regulatory body should ensure that the operating experience process is capable of handling typical expected events and also very significant or major events (e.g. severe accidents at nuclear installations).
Main	3.6.	The focus and specific arrangements of the operating experience process may differ depending on the regulatory body’s particular responsibilities. Nevertheless, the regulatory operating experience process should include the following: Collection of domestic operating experience (from within the State), other national operating experience (from other States) and international operating experience (from international reporting systems); Screening of operating experience, including immediate review of events of specific interest; Investigation and analysis of relevant operating experience, commensurate with its significance for safety; Trending and review for timely recognition of developing issues; Identification and enforcement of appropriate corrective actions to be taken by the operating organization to prevent recurrence of events and to improve safety; Identification and implementation of corrective actions to improve regulatory body processes based on operating experience; Dissemination and exchange of information, including through international systems; Periodic review of the effectiveness of the operating experience process; Maintenance of a system for the storage, retrieval and documentation of operating experience.
Main	3.7.	The regulatory operating experience programme should be managed by appropriately trained, experienced and qualified personnel to facilitate the timely determination of appropriate regulatory response to an issue.
Main	3.8.	Paragraph 6.7 of GSR Part 2 [4] states that:
Main	3.9.	The regulatory body’s management system should provide for lessons from operating experience to be incorporated into the relevant regulatory processes. Regulations and guides should be reviewed and revised as necessary to keep them up to date, with due consideration of relevant operating experience gained. The analysis of operating experience should be complemented by a process to synthesize all relevant operating experience data to identify broader lessons and actions for the improvement of the management system.
Main	3.10.	The regulatory body’s operating experience programme should be adequately resourced, and all personnel should be appropriately trained and qualified for their assigned roles in the process, in order to meet the operating experience programme objectives.
Main	3.11.	The regulatory body should specify (a) criteria for determining which events operating organizations are required to report to it and (b) requirements for the reporting to be provided for such events. The criteria and the requirements should apply a graded approach based on the actual or potential consequences for safety.
Main	3.12.	The minimum criteria for reporting events to the regulatory body are provided in para. A.1 of the Appendix.
Main	3.13.	The reporting criteria should cover the stages of the nuclear installation’s lifetime, including design, construction, commissioning, operation and decommissioning. The reporting criteria should also include consideration of subjects such as occupational protection, fire safety and protection of the environment if such events would not be reported under other regulations.
Main	3.14.	The regulatory body should specify requirements for the type of event report, the timing of reporting and the format and content of the different reports. Paragraphs A.2–A.7 of the Appendix provide details of appropriate reporting requirements.
Main	3.15.	In addition to operating experience reported by operating organizations, other relevant information should be included in the regulatory body’s screening process. This other information may include reports on operating experience produced by other regulatory bodies or by international forums, relevant information from the databases of international operating experience reporting systems (e.g. those described in the Annex) and the results of other international topical studies.
Main	3.16.	Screening should be based on the actual or potential safety significance of the event. International operating experience that has safety significance should be screened promptly to facilitate the timely identification of any actions that are necessary for safety. The screening process should be based on established criteria and expert judgement.
Main	3.17.	The screening of reports from operating organizations regulated by the regulatory body should include confirming the safety significance of the event and verifying that no obvious additional safety measures are required. The screening should also include confirming the accuracy, completeness and timeliness of the report and its consistency with the prescribed reporting criteria and requirements. The regulatory body should obtain clarification or further information from the operating organization if necessary.
Main	3.18.	The outcomes of the screening process should be documented and may include recommendations for internal limited or widespread dissemination, recommendations for generic communication, recommendations for reactive inspections or for further analysis of the issue, or other necessary regulatory actions.
Main	3.19.	The regulatory body should establish requirements for performing the investigation of events reported by the operating organization to the regulatory body, commensurate with the safety significance of the event. Additional criteria for requiring such investigations should include the presence of novel causes (including for common cause failures or common mode failures), the existence or likelihood of repeat occurrences, and the potential for generic lessons to be identified.
Main	3.20.	The regulatory body should establish procedures for its own independent investigation of events at an installation, and for the analysis of international operating experience. Investigations and analyses should be carried out using a graded approach in accordance with the findings of the screening process. Such investigations may include reactive inspections.
Main	3.21.	The regulatory body should analyse the information from reported events, investigations and other sources of operating experience to identify trends and patterns. As appropriate, these analyses may also include consideration of information on issues not meeting criteria for formal reporting, such as low level events and near misses.
Main	3.22.	Reviews of operating experience should include evaluation of potential generic issues and should draw generic lessons from investigations and analyses of major operating experience when applicable.
Main	3.23.	On the basis of the results of independent investigations, analyses and reviews of operating experience, the regulatory body should require that additional appropriate corrective actions be taken by the operating organization when they are considered necessary to improve safety and prevent recurrence of events with safety significance. The requirements imposed by the regulatory body should be commensurate with the significance for safety, in accordance with a graded approach. When corrective actions are significant for safety, the regulatory body should monitor the operating organization’s implementation of the required corrective actions to ensure that it is effective.
Main	3.24.	On the basis of the results of analyses and reviews of operating experience, the regulatory body should develop and implement corrective actions to improve its management system, regulatory requirements and regulatory practices when relevant to address applicable lessons from operating experience.
Main	3.25.	Lessons learned from national and international operating experience should be used by the regulatory body in relevant activities such as licensing, inspection activities and the development of regulations and guides.
Main	3.26.	Requirement 15 of GSR Part 1 (Rev. 1) [5] states that: “The regulatory body shall make arrangements for…the dissemination of the lessons learned [from operating experience] and for their use by authorized parties, the regulatory body and other relevant authorities.” Paragraph 3.5A of GSR Part 1 (Rev. 1) [5] states that: “Relevant information and lessons learned from operating experience and regulatory experience shall be reported in a timely manner to international knowledge and reporting networks.”
Main	3.27.	Even if the goal is to communicate as openly as possible, legal requirements and commercial interests may restrict the dissemination of some operating experience. In particular, information that could affect nuclear security should be identified, and its confidentiality should be protected as required by national law or regulation. Guidance on information security can be found in Ref. [15]. When disseminating information, particular care should be taken not to jeopardize ongoing technical assessments or investigations.
Main	3.28.	The regulatory body should put procedures in place to share domestic operating experience with other States and the international community, for example through international reporting systems (e.g. those described in the Annex) as well as through working groups and regular contact with other regulatory bodies. These activities can also be enhanced through bilateral and multilateral agreements between States.
Main	3.29.	The regulatory body should periodically inspect operating organizations to ensure that their operating experience programmes are effective and consistent with the recommendations in Sections 2 and 3. The regulatory body should verify that operating experience has been adequately used, when appropriate. Additional inspections of the operating experience programme or parts thereof, or another regulatory response, should be undertaken if shortcomings relating to the regulatory requirements are identified.
Main	3.30.	The regulatory body’s own operating experience programme should be monitored by appropriate means to determine its effectiveness as well as to identify and implement necessary improvements. The regulatory operating experience programme should be periodically subjected to internal and external reviews.
Main	3.31.	The regulatory body should establish and maintain a system for the storage, retrieval and searching of operating experience. Effective searching of the system should be possible using an appropriate coding or keyword system.
Main	A.1.	The regulatory body should specify the criteria for the types and severity of events that are required to be reported by operating organizations. As a minimum, these criteria should cover the following types of event: Any installation shutdown required by the operational limits and conditions; Any operation or condition prohibited by the operational limits and conditions; Any event or abnormal condition that resulted in the condition of the installation, including its principal safety barriers, being seriously degraded; Any natural phenomenon or other external condition that posed an actual threat to the safety of the nuclear installation or that significantly hampered site personnel in the performance of duties necessary for safe operation; Any event or abnormal condition that resulted in the manual or automatic operation of a protection system or of other engineered safety features; Any event in which a single cause or condition resulted in a significant loss in the operability of a safety system; Any liquid or airborne release of radioactive material to unrestricted areas in excess of authorized limits (generally as specified in the operational limits and conditions); An event in which site personnel were exposed in excess of authorized limits; Any event that posed an actual threat to the safety of the installation or that significantly hampered site personnel in the performance of duties necessary for safe operation; such events include fires, releases of toxic materials or radioactive releases; Any declaration of an emergency class [11, 16] as specified in the emergency plan; Any problem or defect in the safety analysis, design, construction, manufacturing, supply chain, commissioning or operation that resulted in, or could have resulted in, an operating condition that had not previously been analysed or that could have exceeded design basis conditions; Any event that resulted in the death or serious injury or illness of personnel at the installation.
Main	A.2.	As a minimum, the reporting requirements should include: A preliminary report, providing information relating to events that challenge (or have the potential to challenge) safety, or other events as specified by the regulatory body. Acceptable communication methods and time frames for the preliminary report should be specified by the regulatory body. A main report, providing detailed information on events after sufficient time has passed to allow for the completion of investigations (and sufficient time for the regulatory body to have been notified of any changes made since the issue of the preliminary report). As a minimum, the main report should include a description of the event sequence, including all failures; identification of direct causes, root causes and contributing factors; analysis of the potential for common cause or common mode failures; analysis of the ‘extent of condition’ (i.e. consideration of the risk of additional failures of the same type) and analysis of the ‘extent of cause’ (i.e. identification of more generic causes behind the specific root causes); and a description of short, medium and long term corrective actions. Lessons from any previous related occurrences either at the same installation or at others should be captured. The report should include consideration of technical, human and organizational aspects and external factors. Follow-up reporting to complement the main report if new facts come to light or new insights are gained. Periodic reporting of operating experience information, provided routinely or, as specified by the regulatory body, on regular, agreed timescales (e.g. results of trend analysis of low level events or other trending data, periodic safety assessment reports).
Main	A.3.	The preliminary report should contain: Identification of the installation affected; Descriptions of the status of the installation at time of the event and at present; The date and time of the event and its detection; A brief description of the event sequence; Details of any radiation exposure or injury to personnel and any radioactive release; Descriptions of any immediate actions taken; An initial assessment of the significance of the event, including the actual and potential safety consequences and implications of the event; Contact details for enquiries or further information.
Main	A.4.	For States that use the International Nuclear and Radiological Event Scale, the preliminary report may also contain a provisional event rating [17, 18].
Main	A.5.	The preliminary report should be followed by a brief written confirmation, as appropriate, to ensure that adequate information has been transferred. Before the main report is submitted, additional information may need to be submitted for reasons such as the following: Further degradation in the level of safety of the installation, or recovery from a degraded level of safety; Major changes in the assessed significance of the event, as a result of developments or of further evaluation; New information; The need to correct factual errors.
Main	A.6.	A main report should then be prepared by the operating organization. This report should be submitted to the regulatory body (and possibly other organizations, such as technical support organizations, in accordance with national practices) as soon as practicable within a period of time to be defined by the regulatory body. The main report should be marked as provisional if additional information is to be gathered later for evaluation, and if necessary, a follow-up report should be submitted to finalize the main report.
Main	A.7.	The main report should be as comprehensive as possible and should be set out in an orderly and consistent manner. The main report should include the following: Basic information (e.g. the date of identification of the event, the method of detection, the extent of the condition as appropriate, the manufacturer, the component model or part number of the relevant equipment, and confirmation of the information transmitted in the preliminary report); A narrative description of the course of the event; An assessment of the safety significance (consequences and implications); An explanation of the direct and root causes and any other causal factors; A description of any corrective actions taken and/or planned; Lessons identified; Keywords with their respective codes for the classification of the event in databases.
Main	A.8.	The operating organization should include in the main report sufficient technical detail for persons familiar with the design of the installation. In addition to technical details, whenever appropriate the reports should contain data on the human factors necessary for an understanding of the event without the need for additional information. The standard format and contents of reports to relevant international reporting systems (e.g. those described in the Annex) may be considered for adoption in national systems for the provision of feedback on operating experience in order to link national and international systems more effectively.
Main	A.9.	The operating organization should submit follow-up reports if the initial report is known to be incomplete or if significant additional information becomes available. The operating organization should also submit specific additional information and assessments if it considers them to be necessary or if the regulatory body requests such information and assessments to complete its understanding of an event. INTERNATIONAL ATOMIC ENERGY AGENCY, Safety of Nuclear Power Plants: Commissioning and Operation, IAEA Safety Standards Series No. SSR-2/2 (Rev. 1), IAEA, Vienna (2016). INTERNATIONAL ATOMIC ENERGY AGENCY, Safety of Research Reactors, IAEA Safety Standards Series No. SSR-3, IAEA, Vienna (2016). INTERNATIONAL ATOMIC ENERGY AGENCY, Safety of Nuclear Fuel Cycle Facilities, IAEA Safety Standards Series No. SSR-4, IAEA, Vienna (2017). INTERNATIONAL ATOMIC ENERGY AGENCY, Leadership and Management for Safety, IAEA Safety Standards Series No. GSR Part 2, IAEA, Vienna (2016). INTERNATIONAL ATOMIC ENERGY AGENCY, Governmental, Legal and Regulatory Framework for Safety, IAEA Safety Standards Series No. GSR Part 1 (Rev. 1), IAEA, Vienna (2016). EUROPEAN ATOMIC ENERGY COMMUNITY, FOOD AND AGRICULTURE ORGANIZATION OF THE UNITED NATIONS, INTERNATIONAL ATOMIC ENERGY AGENCY, INTERNATIONAL LABOUR ORGANIZATION, INTERNATIONAL MARITIME ORGANIZATION, OECD NUCLEAR ENERGY AGENCY, PAN AMERICAN HEALTH ORGANIZATION, UNITED NATIONS ENVIRONMENT PROGRAMME, WORLD HEALTH ORGANIZATION, Fundamental Safety Principles, IAEA Safety Standards Series No. SF-1, IAEA, Vienna (2006). Convention on Nuclear Safety, INFCIRC/449, IAEA, Vienna (1994). INTERNATIONAL ATOMIC ENERGY AGENCY, Joint Convention on the Safety of Spent Fuel Management and on the Safety of Radioactive Waste Management, IAEA International Law Series No. 1, IAEA, Vienna (2006). INTERNATIONAL ATOMIC ENERGY AGENCY, IAEA Safety Glossary: 2016 Revision, IAEA, Vienna (in preparation). INTERNATIONAL ATOMIC ENERGY AGENCY, Convention on Early Notification of a Nuclear Accident and Convention on Assistance in the Case of a Nuclear Accident or Radiological Emergency, Legal Series No. 14, IAEA, Vienna (1987). FOOD AND AGRICULTURE ORGANIZATION OF THE UNITED NATIONS, INTERNATIONAL ATOMIC ENERGY AGENCY, INTERNATIONAL CIVIL AVIATION ORGANIZATION, INTERNATIONAL LABOUR ORGANIZATION, INTERNATIONAL MARITIME ORGANIZATION, INTERPOL, OECD NUCLEAR ENERGY AGENCY, PAN AMERICAN HEALTH ORGANIZATION, PREPARATORY COMMISSION FOR THE COMPREHENSIVE NUCLEAR-TEST-BAN TREATY ORGANIZATION, UNITED NATIONS ENVIRONMENT PROGRAMME, UNITED NATIONS OFFICE FOR THE COORDINATION OF HUMANITARIAN AFFAIRS, WORLD HEALTH ORGANIZATION, WORLD METEOROLOGICAL ORGANIZATION, Preparedness and Response for a Nuclear or Radiological Emergency, IAEA Safety Standards Series No. GSR Part 7, IAEA, Vienna (2015). INTERNATIONAL ATOMIC ENERGY AGENCY, Amendment to the Convention on the Physical Protection of Nuclear Material, IAEA International Law Series No. 2, IAEA, Vienna (2006). INTERNATIONAL ATOMIC ENERGY AGENCY, Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Revision 5), IAEA Nuclear Security Series No. 13, IAEA, Vienna (2011). INTERNATIONAL ATOMIC ENERGY AGENCY, Objective and Essential Elements of a State’s Nuclear Security Regime, IAEA Nuclear Security Series No. 20, IAEA, Vienna (2013). INTERNATIONAL ATOMIC ENERGY AGENCY, Security of Nuclear Information, IAEA Nuclear Security Series No. 23-G, IAEA, Vienna (2015). FOOD AND AGRICULTURE ORGANIZATION OF THE UNITED NATIONS, INTERNATIONAL ATOMIC ENERGY AGENCY, INTERNATIONAL LABOUR OFFICE, PAN AMERICAN HEALTH ORGANIZATION, UNITED NATIONS OFFICE FOR THE COORDINATION OF HUMANITARIAN AFFAIRS, WORLD HEALTH ORGANIZATION, Arrangements for Preparedness for a Nuclear or Radiological Emergency, IAEA Safety Standards Series No. GS-G-2.1, IAEA, Vienna (2007). INTERNATIONAL ATOMIC ENERGY AGENCY, OECD NUCLEAR ENERGY AGENCY, INES: The International Nuclear and Radiological Event Scale User’s Manual, 2008 edn, IAEA, Vienna (2013). INTERNATIONAL ATOMIC ENERGY AGENCY, The Use of the International Nuclear and Radiological Event Scale (INES) for Event Communication, IAEA, Vienna (2014).
Main	A–1.	Intergovernmental and international non-governmental organizations support the activities of their members, including regulatory bodies and operating organizations. One function of these organizations is to facilitate and promote the sharing of operating experience among their members. Some of these organizations maintain databases for the recording, storage and retrieval of operating experience by their respective members. This Annex describes three such database systems maintained by the IAEA: the International Reporting System for Operating Experience (IRS); the Incident Reporting System for Research Reactors (IRSRR); and the Fuel Incident Notification and Analysis System (FINAS).
Main	A–2.	Such organizations may arrange forums, working groups and technical meetings to exchange, evaluate and document information on operating experience and on the programmes that manage operating experience.
Main	A–3.	Such organizations may also provide training for their members on the effective use and exchange of operating experience.
Main	A–4.	The IRS, the IRSRR and FINAS are all included in a web based common platform for event reporting on the IAEA’s Nucleus web portal. The system allows access to authorized users only.
History of the IRS	A–5.	The IRS is operated jointly by the IAEA and the OECD Nuclear Energy Agency (OECD/NEA) and is a mechanism for providing feedback on international operating experience for nuclear power plants. Its objective is to provide proper reporting and feedback on safety significant events from nuclear power plants, for use by the international community. The information obtained is used for the dissemination of lessons learned worldwide. A similar system has been created by the World Association of Nuclear Operators, which also provides its members with various briefings and reports based on the reported events. The World Association of Nuclear Operators’ system includes a web based event reporting system that provides a flexible and efficient tool for operators to exchange information. The resilience of these systems has proven that feedback on international operating experience is possible to obtain and can lead to remedial action being taken by States to improve nuclear safety.
History of the IRS	A–6.	The initial system (then called the Incident Reporting System, which was also abbreviated IRS) was created in 1979–1980 by the Committee on the Safety of Nuclear Installations of the OECD/NEA as a reaction to deficiencies in operating experience feedback highlighted by the Three Mile Island accident. The IRS was intended to be used by regulatory bodies but would also be open to operators and the nuclear industry. The objective of the IRS was the timely exchange of information on operating experience in nuclear power plants to: Avoid the recurrence elsewhere of incidents that took place in one State; Facilitate the analysis of general safety issues and the sharing of experience; Assist in developing a larger databank for potential analysis purposes; Contribute to the better regulation of nuclear power plants; Provide additional guidance for safety research programmes.
History of the IRS	A–7.	The IRS has functioned in accordance with guidelines agreed to by national nuclear regulatory bodies of the participating States. These guidelines can be summarized as follows: Participating States report any incidents in their nuclear power plants that are significant from a safety point of view. A detailed description of the incident is provided through the IRS, so that nuclear regulatory bodies can evaluate its technical significance. The IRS reports are distributed through the IRS coordinators designated by their participating States.
History of the IRS	A–8.	Reporting was based on two types of report: short reports to be provided within one month of the event and more detailed reports to be submitted within three months. To fulfil the objectives of the IRS, it was expected that, for all events, a detailed report would be sent to the IRS. Although reporting criteria had been established, the selection of events to be reported to the IRS was mainly subject to the judgement of the coordinators, with a minimum reporting rate of one report per unit per year.
History of the IRS	A–9.	During the 1980s, the original objectives of the IRS remained practically unchanged. But the importance of lessons learned was emphasized, and additional interest groups (e.g. experts in human factors and probabilistic safety assessment) were granted access. Thus, the objectives and expectations of the IRS became broader. Also, to support access to and use of the information reported to the IRS, a CD-ROM version of the database was created. More demanding requirements developed for the content of IRS reports and, particularly, the quality of information in the reports, and therefore the requirements on reporting time were relaxed. However, it became increasingly difficult to fulfil the expectations of each interested party.
History of the IRS	A–10.	In 1996, the Convention on Nuclear Safety [A–1] entered into force and gave a more formal international basis for operating experience feedback. Article 19 of the convention states:
History of the IRS	A–11.	In 1995, the first comprehensive database in the IRS, the Advanced Incident Reporting System, was created and responsibility for processing and reviewing reports (including quality checking) was transferred to the IAEA.
History of the IRS	A–12.	In 2006, the web based IRS was created to facilitate efficient data input and report availability. With the creation of the web based system, easy access to the information was expanded to operating organizations, and the need for CD-ROM distribution and hard copies was eliminated. Each IRS report becomes part of this web based system. Users are officially registered, and appropriate levels of access are assigned to individuals in accordance with their roles in order to maintain the security of the system. When a new report is posted on the web based IRS, the users are automatically informed by email.
History of the IRS	A–13.	In 2010, the name of the system was changed to the International Reporting System for Operating Experience to reflect the expanded view and use of operating experience feedback. The system kept the abbreviated name IRS.
Description of the IRS	A–14.	The objectives of the IRS are to exchange important lessons learned from operating experience gained in nuclear power plants, to promote the provision of feedback on events of safety significance, to help prevent occurrences or recurrences of serious incidents or accidents, and to inform the international nuclear community of issues of potential safety significance.
Description of the IRS	A–15.	The IRS is a worldwide system, containing only events of safety significance, reported on a voluntary basis, in a timely manner and in English. Although such analysis may be possible, the IRS is not intended to be a source for statistical studies or component reliability studies.
Description of the IRS	A–16.	The effectiveness of the IRS, including the timely sharing of important lessons learned from operating experience and the provision of proper feedback on those lessons learned, depends on national regulatory bodies. The primary users are the regulatory bodies and their technical support organizations. Operating organizations, utilities, vendor companies (design firms, engineering contractors, manufacturers, etc.), research establishments and universities can also be given access to help them in the prevention of similar events.
Description of the IRS	A–17.	Guidelines [A–2] and a coding manual [A–3] are available for the users and national coordinators of the IRS. The guidelines and the coding manual provide guidance on event report preparation, on submission to the IRS and, specifically, on the coding element of IRS reports in order to ensure uniform coding of reported events. The guidelines and the coding manual support the national coordinators in achieving a consistent and high level of quality in their IRS reports. Once an event report has been transmitted to the IRS, it is the responsibility of national coordinators to decide on its further distribution for official use within their State.
Description of the IRS	A–18.	The IRS increases worldwide awareness of potential and actual problems in nuclear power plant operations. It draws attention to those incidents that, if not dealt with in a timely fashion, could escalate to more serious events. The heightened awareness from operational feedback has resulted in numerous improvements to plant equipment, procedures and training in many nuclear power plants, thereby reducing the potential for subsequent failures that could result from unusual events.
Use of the IRS	A–19.	The IRS database contains specific reports that comprise detailed descriptions and preliminary analyses of the causes of events that may be relevant to other plants. The analysis may lead to corrective action by plant management or by regulatory bodies. That database also contains information that details corrective actions taken at other plants, both inside and outside of the reporting State. The analysis of IRS reports can also assist in determining whether a particular event is generic or recurring in nature. Recurring events may reveal several types of problem relating to the safety of nuclear power plants.
Use of the IRS	A–20.	The IRS scope includes topical studies of events of particular interest. Topical studies constitute a major component of the IRS related activity. Such studies are intended to provide the basis for in-depth evaluations and to identify topical or generic issues. These studies have focused on the importance of human actions, common mode failures or fires, plant shutdown procedures and low power operation modes and on the need for constant vigilance during plant improvements and modifications. The IAEA and the OECD/NEA also produce a common report, referred to as the ‘Blue Book’. The Blue Book [A–4] usually covers a period of three years and highlights important lessons learned from around three hundred events reported to the IRS. This report is primarily aimed at senior officials in industry and government who have decision making roles in the nuclear power industry.
Use of the IRS	A–21.	Another potential use of IRS data is the application of operational feedback in the design of the next generation of nuclear power plants. Operating experience from nuclear power plants has demonstrated that design modifications documented in IRS reports can have a significant impact on safety.
Use of the IRS	A–22.	More than thirty States are participating in the IRS, including a large majority of those with operating nuclear power plants. In the framework of the operation of the IRS, regular technical meetings are organized to exchange information on safety related events, discuss the operation of the IRS and advise the IAEA on further improvements.
History of the IRSRR	A–23.	The IRSRR is a system for collecting, maintaining and disseminating reports on events that are received from States participating in the system. The objective of the IRSRR is to improve the safety of research reactors through the exchange of operating experience.
History of the IRSRR	A–24.	The IRSRR was established in 1997 to facilitate the exchange of information between research reactor facilities about events and the causes of and lessons learned from these events in order to avoid the occurrence of similar events in other facilities. The IRSRR is a web based system administered by the IAEA and available through its Nucleus web portal. Access to the IRSRR database is restricted to the nominated national and local coordinators.
History of the IRSRR	A–25.	The participating States benefit through the exchange of information on events worldwide, the lessons learned and the corrective actions taken by the operating organization. This heightens the awareness among the participating States to take actions to prevent similar events in their research reactors and can help in identifying appropriate actions.
History of the IRSRR	A–26.	The participating States also use the IRSRR to identify trends and safety deficiencies of a generic nature. The analysis of events helps in identifying and implementing measures to mitigate the consequences of the events. The analysis of the events is also used to determine generic and common causes for the events and to find directions for defining IAEA programmes on research reactor safety. IRSRR data on operating experience can also be used in the design of the new research reactors.
Description of the IRSRR	A–27.	Each participating State designates a national coordinator who is responsible for event reporting to the IRSRR. Reporting to the IRSRR is voluntary. Guidelines [A–5] for the IRSRR system and a user manual [A–6] are available from the IRSRR pages on the Nucleus web portal. Events that meet one or more of the following criteria could be considered as appropriate for reporting to the IRSRR: The event identifies important lessons that may allow the international research reactor community to prevent the occurrence of a similar event or to avoid the occurrence of a more serious event. The event itself had significant consequences for safety or reduced the defence in depth significantly. The event is similar to events previously reported to the IRSRR but provides new lessons.
Description of the IRSRR	A–28.	The report can be submitted in preliminary form, containing the known details at the time of reporting, in which case a subsequent main report is prepared that replaces the preliminary report. If additional information becomes available at a later stage, a follow-up report can be generated and submitted.
Description of the IRSRR	A–29.	The report contains the date of the event, an abstract, a narrative description of the event, a preliminary assessment of safety significance (including identification of the direct causes, consequences and implications), the results of any root cause analysis, and details of any corrective actions and lessons learned. The written report is often supported by drawings, sketches or other means of illustration. The national coordinator also identifies the categorization codes for the important aspects of the event in accordance with the codes listed in the IRSRR guidelines, and assigns the report as ‘specific’ or ‘generic’.
Use of the IRSRR	A–30.	Biennial meetings of national (and local) coordinators are held to exchange information on reported events. The participants also discuss the ways to improve the functioning of the IRSRR. These meetings serve to strengthen the mechanisms for the exchange of experience in the assessment of events and in the improvements made to reduce the likelihood of similar events. Experts also provide training to the participants on event investigation techniques.
Use of the IRSRR	A–31.	Access to IRSRR reports is restricted to the authorized national coordinators of the participating States. Information contained in the reports is technical, and may be proprietary, and is not intended for distribution to the general public. This restriction encourages openness among the participating States to disclose the event details.
Use of the IRSRR	A–32.	More than fifty States are participating in the IRSRR.
History of FINAS	A–33.	The objective of FINAS is to provide an international focal point for operating experience from nuclear fuel cycle facilities worldwide with the aim of improving the safety of such installations. This objective can be achieved by providing timely and detailed information on both technical and human factors relating to events of safety significance that occur at these facilities. The collection, evaluation and dissemination of event reports help to prevent the occurrence or recurrence of events of adverse significance for safety.
History of FINAS	A–34.	Following the establishment of an early prototype of the FINAS system at the OECD/NEA, operation of the web based system was transferred to the IAEA in 2006. The overall system is now managed jointly by the IAEA and the OECD/NEA in accordance with the wishes of the national coordinators who constitute its steering committee.
Description of FINAS	A–35.	FINAS has about thirty members, representing around 90% of the world’s nuclear fuel cycle facilities. The database covers events at nuclear fuel cycle facilities dating back to 1992.
Description of FINAS	A–36.	Membership of FINAS is open to States with at least one of the following: One or more nuclear fuel cycle facilities in operation; A nuclear fuel cycle facility that is not in operation but has not been decommissioned; A project to build a nuclear fuel cycle facility.
Description of FINAS	A–37.	The scope of FINAS includes any type of installation in the nuclear fuel cycle other than nuclear power plants, research reactors and radioactive waste disposal facilities. Associated activities relating to facilities in the scope of FINAS, such as radioactive waste management and decommissioning, are included. Facilities in the scope of FINAS include: Uranium and thorium mines and mills; Refining facilities; Conversion facilities; Enrichment facilities; Fuel fabrication facilities; Radioisotope production facilities; Radioactive waste treatment and conditioning facilities; Nuclear fuel handling and intermediate storage facilities; Nuclear reprocessing facilities; Nuclear fuel cycle related research and development laboratories.
Description of FINAS	A–38.	The transport of nuclear fuel is currently not considered part of the reporting system (although individual States may make their own determination to report on specific cases).
Use of FINAS	A–39.	Information in FINAS is restricted, which means that authorized users can access and distribute information within their own organizations, but bulk copying or publication is prohibited. Users can access FINAS through the IAEA’s Nucleus web portal. Users can be officially nominated by their national coordinator or by their government. National coordinators are also responsible for advising the IAEA when a user’s access is to be terminated.
Use of FINAS	A–40.	Guidelines for FINAS have been published [A–7], and a user manual is available from the FINAS pages on the Nucleus web portal.
Use of FINAS	A–41.	National coordinators in States enter event reports on-line into FINAS, which are then checked by the FINAS event review group. The reports are made available to all users when approved. National coordinators are then responsible for the distribution of learning from these reports to authorized personnel and for the provision of feedback to FINAS when preventive and corrective actions are implemented in national fuel cycle facilities as a result of event reports from other States.
Use of FINAS	A–42.	The IAEA and the OECD/NEA take turns to host technical meetings of national coordinators. These meetings provide an opportunity for the exchange of information and for enhanced learning from the reports provided, as well as for further development of the FINAS database.
Use of FINAS		[A–1] Convention on Nuclear Safety, INFCIRC/449, IAEA, Vienna (1994).
Use of FINAS		[A–2] INTERNATIONAL ATOMIC ENERGY AGENCY, OECD NUCLEAR ENERGY AGENCY, IRS Guidelines: Joint IAEA/NEA International Reporting System for Operating Experience, IAEA Services Series No. 19, IAEA, Vienna (2010).
Use of FINAS		[A–3] INTERNATIONAL ATOMIC ENERGY AGENCY, OECD NUCLEAR ENERGY AGENCY, Manual for IRS Coding: Joint IAEA/NEA International Reporting System for Operating Experience, IAEA Services Series No. 20, IAEA, Vienna (2011).
Use of FINAS		[A–4] INTERNATIONAL ATOMIC ENERGY AGENCY, OECD NUCLEAR ENERGY AGENCY, Nuclear Power Plant Operating Experience from the IAEA/NEA International Reporting System for Operating Experience 2012–2014, IAEA, Vienna (2018).
Use of FINAS		[A–5] INTERNATIONAL ATOMIC ENERGY AGENCY, Guide on Incident Reporting System for Research Reactors, IAEA, Vienna (2000).
Use of FINAS		[A–6] INTERNATIONAL ATOMIC ENERGY AGENCY, User Manual on Incident Reporting System for Research Reactors, IAEA, Vienna (2009).
Use of FINAS		[A–7] INTERNATIONAL ATOMIC ENERGY AGENCY, OECD NUCLEAR ENERGY AGENCY, IAEA/NEA Fuel Incident Notification and Analysis System (FINAS) Guidelines, IAEA Services Series No. 14, IAEA, Vienna (2006).