Risk Based Verification: DNV-OSS-300

OFFSHORE SERVICE SPECIFICATION
DNV-OSS-300
Risk Based Verification

APRIL 2004
This document has been amended since the main revision (April 2004), most recently in April 2012.
See “Changes” on page 3.
The electronic pdf version of this document found through http://www.dnv.com is the officially binding version
DET NORSKE VERITAS AS

FOREWORD
DET NORSKE VERITAS (DNV) is an autonomous and independent foundation with the objectives of safeguarding life,
property and the environment, at sea and onshore. DNV undertakes classification, certification, and other verification and
consultancy services relating to quality of ships, offshore units and installations, and onshore industries worldwide, and
carries out research in relation to these functions.
DNV service documents consist of amongst other the following types of documents:
— Service Specifications. Procedual requirements.
— Standards. Technical requirements.
— Recommended Practices. Guidance.
The Standards and Recommended Practices are offered within the following areas:
A) Qualification, Quality and Safety Methodology
B) Materials Technology
C) Structures
D) Systems
E) Special Facilities
F) Pipelines and Risers
G) Asset Operation
H) Marine Operations
J) Cleaner Energy
O) Subsea Systems
© Det Norske Veritas AS April 2004
Any comments may be sent by e-mail to [email protected]

For subscription orders or information about subscription terms, please use [email protected]
Computer Typesetting (Adobe Frame Maker) by Det Norske Veritas
This service document has been prepared based on available knowledge, technology and/or information at the time of issuance of this document, and is believed to reflect the best of
contemporary technology. The use of this document by others than DNV is at the user's sole risk. DNV does not accept any liability or responsibility for loss or damages resulting from
any use of this document.
Amended April 2012 Offshore Service Specification DNV-OSS-300, April 2004
see note on front cover Changes – Page 3
CHANGES
INTRODUCTION
This Service Specification was approved by the Director of Technology in April 2004.
Publication of this Service Specification will make the Service Specification DNV-OSS-303 obsolete.
— This general document gives the common framework and an overview of processes in risk based
verification.
— It introduces a levelled description of verification involvement during all phases of an asset’s life.
— The document facilitates a categorisation into risk levels High, Medium and Low, assisting in an evaluation
of the risk level.
— The document assists in planning the verification through the making of a Verification Plan.
— Providing an international standard allowing a transparent and predictable verification scope, as well as
defining terminology for verification involvement.
• Amendments April 2012

— The restricted use legal clause has been deleted from the front page.
• Amendments October 2011

— A restricted use legal clause has been added on the front page.

Offshore Service Specification DNV-OSS-300, April 2004 Amended April 2012
Page 4 – Contents see note on front cover
CONTENTS
Sec. 1 General ................................................................................................................................................ 6

A. General ........................................................................................................................................................................... 6
A 100 Introduction........................................................................................................................................................... 6
A 200 Objectives ............................................................................................................................................................. 6
A 300 Scope of application.............................................................................................................................................. 6
A 400 Structure of DNV Offshore Service Specifications related to verification........................................................... 6
A 500 Structure of this document .................................................................................................................................... 6
A 600 Structure of related DNV documents ................................................................................................................... 7
B. Definitions and Abbreviations ..................................................................................................................................... 7
B 100 General.................................................................................................................................................................. 7
B 200 Definitions ............................................................................................................................................................ 7
B 300 Abbreviations ...................................................................................................................................................... 9
C. References ...................................................................................................................................................................... 9
C 100 General................................................................................................................................................................. 9
Sec. 2 Principles of Risk Based Verification ............................................................................................. 10
A. General ......................................................................................................................................................................... 10
A 100 Objectives ........................................................................................................................................................... 10
B. General Verification Principles ................................................................................................................................. 10
B 100 Purpose of Verification ....................................................................................................................................... 10
B 200 Verification as a Complementary Activity ......................................................................................................... 10
B 300 Verification Based on Risk ................................................................................................................................. 10
B 400 Verification Management ................................................................................................................................... 10
C. Risk Based Verification Concept ............................................................................................................................... 10
C 100 Elements of the service ...................................................................................................................................... 10
C 200 Asset Planned...................................................................................................................................................... 11
C 300 Asset Specification ............................................................................................................................................. 11
C 400 Risk Assessment ................................................................................................................................................. 12
C 500 Definition of Verification Involvement .............................................................................................................. 12
C 600 Verification Plan ................................................................................................................................................. 12
C 700 Verification Execution ........................................................................................................................................ 13
C 800 Asset Completed ................................................................................................................................................. 13
D. Risk-Differentiated Levels of Verification ................................................................................................................ 13
D 100 Levels of verification .......................................................................................................................................... 13
E. Defining a Verification Plan....................................................................................................................................... 15
E 100 Risk based verification planning ........................................................................................................................ 15
E 200 Selection of Level of Verification....................................................................................................................... 15
E 300 Acceptance criteria.............................................................................................................................................. 15
F. Simplified Verification Planning ............................................................................................................................... 18
F 100 General................................................................................................................................................................ 18
G. Detailed Verification Planning................................................................................................................................... 18
G 100 General................................................................................................................................................................ 18
H. Risk Based Verification and National Regulations .................................................................................................. 18
H 100 General................................................................................................................................................................ 18
App. A Benefits of DNV Risk Based Verification....................................................................................... 19
A. General ......................................................................................................................................................................... 19
A 100 Background information ..................................................................................................................................... 19
A 200 Verification trends .............................................................................................................................................. 19
A 300 Benefits of DNV Risk Based Verification.......................................................................................................... 19
A 400 Other DNV services related to Risk Based Verification .................................................................................... 21
App. B Verification and Certification Documents ..................................................................................... 22
A. Verification Documents .............................................................................................................................................. 22
A 100 Purpose of Verification Documents.................................................................................................................... 22
A 200 Validity of Verification Documents.................................................................................................................... 22
A 300 Verification Documents Provided ...................................................................................................................... 22
B. Certification documents ............................................................................................................................................. 23
B 100 General................................................................................................................................................................ 23
B 200 Validity of Certification documents ................................................................................................................... 23

see note on front cover Contents – Page 5
App. C Example List of Typical High Risk Elements ................................................................................ 25

A. High Risk Elements..................................................................................................................................................... 25
A 100 Offshore installations .......................................................................................................................................... 25
App. D Detailed Performance Requirements and Verification
Activity Descriptions 27
A. Performance Requirements ....................................................................................................................................... 27
A 100 Setting performance requirements ...................................................................................................................... 27
B. Verification Activities ................................................................................................................................................. 27
B 100 Developing Verification Activity Lists............................................................................................................... 27

Page 6 – Sec.1 see note on front cover
SECTION 1
GENERAL
A. General
A 100 Introduction
101 This DNV Offshore Service Specification (DNV-OSS) gives an overview of DNV Verification Services.
A 200 Objectives
201 The main objectives of this document are to:
— describe DNV’s Risk Based Verification services
— provide a common communication platform for describing the extent of verification activities, i.e. how to
define a verification scope
— give guidance to owners and other parties for selecting the level of involvement of the verifier
— provide an opportunity to establish efficient, cost effective, predictable and transparent verification plans.
A 300 Scope of application
301 This specification applies to verification during the asset owner’s control of the process leading up to
the completion of a physical asset, and further during the lifetime of the asset until abandonment.
302 This specification is primarily aimed at oil and gas related facilities and installations located onshore or
offshore. The principles may also be applied to general industrial developments.
303 This specification may be adopted for full field development, particular phases of an asset realisation
process or for particular elements. The owner may chose to utilise DNV’s resources for all or selected parts of
the scope.
304 DNV’s Risk Based Verification services may be carried out on assets specified in:
— DNV’s Offshore Standards,
— International or national standards, or
— Owner’s specification
A 400 Structure of DNV Offshore Service Specifications related to verification
401 The DNV Offshore Service Specifications related to verification are organised according to the
pyramidal principles in Figure 1.
General
DNV- service
OSS-300 overview
DNV-OSS-3nn
Object specific
detailed
specifications
Figure 1
Hierarchy of DNV’s offshore service specifications for verification
402 The top level document DNV-OSS-300, describes the overall philosophy and services. The object-
specific documents describe the principles and give detailed information regarding the potential scope of work
for the verification of each object.
403 An object-specific DNV-OSS provides a basis for the development of scope of work for verification
activities. Section 2 gives the service overview and principles for scope of work descriptions. Detailed
examples of scope of work tables are found in appendices to the object specific documents.
404 Some of the object-specific documents also give requirements to achieve and maintain a DNV
Certificate of Conformity (Ref. Appendix B).
A 500 Structure of this document
501 This document contains two sections and four appendices:
Section 1 gives the scope of the document, definitions and references.

see note on front cover Sec.1 – Page 7
Section 2 explains the philosophy and principles of Risk Based Verification. It explains the risk-differentiated
levels of involvement, the elements in the RBV chain and the different methodologies within risk assessment
to develop a Verification Plan.
Appendix A gives the benefits of a targeted and planned verification.
Appendix B gives an overview of the main verification and certification documents issued by DNV, including
the DNV Certificate of Conformity and the DNV Statement of Compliance.
Appendix C is an example list of typical high risk elements for the main types offshore installations
Appendix D gives information on how to develop detailed performance requirements and verification activities.
A 600 Structure of related DNV documents
601 The DNV document systems consist of a three-level hierarchy with these main features:
— Principles and procedures related to DNV’s services are separate from technical requirements and are
presented in DNV Offshore Service Specifications. The documents described in Figure 1 belong here.
— Technical requirements are issued as self-contained DNV Offshore Standards.
— Associated product documents are issued as DNV Recommended Practices.
602 The hierarchy is designed with these objectives:
— Offshore Service Specifications present the scope and extent of DNV’s services.
— Offshore Standards are issued as neutral technical standards to enable their use by national authorities, as
international codes and as company or project specifications without reference to DNV’s services.
— The Recommended Practices give DNV’s interpretation of safe engineering practice for general use by
industry.
Guidance note:
The latest revision of all DNV documents may be found in the publications list on the DNV web site www.dnv.com.
---e-n-d---of---G-u-i-d-a-n-c-e---n-o-t-e---
B. Definitions and Abbreviations

B 100 General
101 The following definitions should be applied only in the context of this document, and may not necessarily
be appropriate for services outside the Risk Based Verification approach as described.
B 200 Definitions
201 Asset: Loose term used to describe the item to be made or maintained. Can refer to a full field
development, a topside facility, a pipeline system, a compressor station etc. or a part of these. It is
interchangeable with the term Object.
202 Certificate of Conformity: A document signed by a qualified party affirming that, at the time of
assessment, the product or service met the stated requirements (BS 4778: Part 2).
Guidance note:
For this OSS, a Certificate is a short document (often a single page) stating conformity with specified requirements.
The results from associated verification shall be contained in a separate (single or multiple volume) report.
203 Certification: Used in this document to mean all the activities associated with the process leading up to
the Certificate.
Guidance note:
In the DNV- OSS when Certification is used it designates the overall scope of work or multiple activities for the issue
of a Certificate, whilst Verification is also used for single activities associated with the work. This in essence means
that Certification is Verification for which the deliverable includes the issue of a Certificate.
Other (related) definitions are:
BS 4778: Part 2: Certification: The authoritative act of documenting compliance with requirements.
EN 45011: Certification of Conformity: Action by a third party, demonstrating that adequate confidence is provided
that a duly identified product, process or service is in conformity with a specific standard or other normative
document.
ISO 8402: 1994: Verification: Confirmation by examination and provision of objective evidence that specified
requirements have been fulfilled.

204 Element: Loose term which can mean anything from a drilling rig to a system or a component. the level
of detail will depend on the situation. In a hierarchic structure elements are below asset.
205 Hazard: A deviation (departure from the design and operating intention) which could cause damage,
injury or other form of loss (Chemical Industries Association HAZOP Guide).
206 HAZOP (HAZard and OPerability study): The application of a formal systematic critical examination to
the process and engineering intentions of new or existing facilities to assess the hazard potential of mal-
operation or mal-function of individual items of equipment and their consequential effects on the facility as a
whole (Chemical Industries Association HAZOP Guide).
207 HAZID, (HAZard IDentification): A technique for the identification of all significant hazards associated
with the particular activity under consideration. (ISO-17776)
208 Life cycle: Loose term which includes all phases of an asset; concept studies, front end engineering
design (FEED), design, procurement, fabrication, hook-up, commissioning, operation/ production,
maintenance, inspection and abandonment.
209 Object: Loose term used to describe the item to be made or maintained. Can refer to a full field
development, a topside facility, a pipeline system, a compressor station etc. or a part of these. It is
interchangeable with the term Asset.
210 Owner: In the document used not just to describe the actual owner, but also to used to reflect DNV’s
contractual partner. In many projects the owner authorises the contractor to act on his behalf and it shall then
mean the contractual partner.
211 Performance requirement: A description of the essential requirements to be met, maintained or provide
on demand by an element. Appendix D may be used for guidance.
212 Risk: The qualitative or quantitative likelihood of an accident or unplanned event occurring, considered
in conjunction with the potential consequences of such a failure. In quantitative terms, risk is the quantified
probability of a defined failure mode times its quantified consequence.
Guidance note:
Risk is not only related to physical failure modes, but also to operational errors, human errors and so on. For some
risks the functional failures or physical failure modes contribute less than 20% while more than 80% of the risk relates
to other devices.
213 Risk Reduction Measures: Those measures taken to reduce the risks to the operation of the system and
to the health and safety of personnel associated with it or in its vicinity by:
— Reduction in the probability of failure.
— Mitigation of the consequences of failure
Guidance note:
The usual order of preference of risk reduction measures is:
a) Inherent Safety.
b) Prevention.
c) Detection.
d) Control.
e) Mitigation.
f) Emergency Response.
214 Safety Objectives: The safety goals for the construction, operation and decommissioning of the asset
including acceptance criteria for the level of risk acceptable to the Owner.
215 Statement of Compliance: A statement or report signed by a qualified party affirming that, at the time of
assessment, the defined asset phase, or collection of activities, met the requirements stated by the Owner.
216 Verification is confirmation by examination and provision of objective evidence that specified
requirements have been fulfilled (ISO 8402: 1994).
Guidance note:
The examination shall be based on information, which can be proved true, based on facts obtained through
observation, measurement, test or other means.
See also Certification.

B 300 Abbreviations
301
DNV Det Norske Veritas
OS Offshore Standard, used in the form DNV-OS
OSS Offshore Service Specification, used in the form DNV-OSS
QRA Quantitative Risk Analysis
RBV Risk Based Verification
C. References
C 100 General
101 A guide to Hazard and Operability studies, 1979, Chemical Industries Association Limited. London
102 ISO 8402 Quality – Vocabulary, 1994, International Organization for Standardization, Geneva
103 BS4778 Quality Vocabulary, Part 2 Quality concepts and Related Definitions, 1991, British Standard
Institute, London
104 EN 45011 General Criteria for Certification Bodies Operating Product Certification, 1998, European
Committee for Standardization, Brussels
105 ISO 17776 Petroleum and natural gas industries – Offshore production installations - Guidelines on
Tools and Techniques for Hazard Identification and Risk Assessment, 2000, International Organization for
Standardization, Geneva.

SECTION 2
PRINCIPLES OF RISK BASED VERIFICATION
A. General
A 100 Objectives
101 The objectives of this section are to provide:
— an introduction to the DNV Risk Based Verification Concept and the elements of the Risk Based
Verification Chain
— an introduction to the principles of risk differentiated levels of verification activities
— guidelines on the selection of levels of verification.
B. General Verification Principles

B 100 Purpose of Verification
101 Verification constitutes a systematic and independent examination of the various lifecycle phases of an
asset to determine whether it is (or continues to be) in compliance with some or all of the asset specifications.
102 Verification activities are expected to identify errors or failures in the work associated with the asset and
to contribute to reducing the risks to the operation of the asset and to the health and safety of personnel
associated with it or in its vicinity or other unwanted situations.
B 200 Verification as a Complementary Activity
201 Verification shall be complementary to routine design, construction and operations activities and not a
substitute for them. Therefore, although verification will take into account the work, and the assurance of that
work, carried out by the owner and its contractors, it is inevitable that verification will duplicate some work
that has been carried out previously by other parties involved in the asset or system.
B 300 Verification Based on Risk
301 Verification based on risk is founded on the premise that the risk of failure can be assessed in relation
to a level that is acceptable and that the verification process can be used to manage that risk. The verification
process is therefore a tool to maintain the risk below the acceptance limit.
302 Verification based on risk aims to be developed and implemented in such a way as to minimise
additional work, and cost, but to maximise its effectiveness. The development of a risk based verification plan
shall depend on a risk assessment and the findings from the examination of quality management systems,
documents and production activities.
B 400 Verification Management
401 The philosophy and verification methods used shall be described in a Verification Plan to ensure
satisfactory completion of verification.
The philosophy and these methods should ensure that verification:
— has a consistent and constructive approach to the satisfactory completion and operation of the asset
— is available world-wide wherever the owner or his contractors operate
— uses up-to-date methods, tools and procedures
— uses qualified and experienced personnel.
402 All verification activities shall be carried out by competent personnel. Competence includes having the
necessary theoretical and practical knowledge and experience of the activity being examined. An adequate
verification of some activities may require access to specialised technical knowledge.
403 As well as demonstrating competence of individuals, the verification organisation shall also be able to
show competence and experience in verification work for relevant assets.
C. Risk Based Verification Concept

C 100 Elements of the service
101 The risk based verification concept can be visualised to involve the elements in Figure 1. It is a chain
with iterative loops.

Asset Planned
Asset Specification
including overall Owner acceptance criteria,
performance requirements and verification
objectives
Risk Assessment
including identification of hazards and
ranking of hazards based on risk evaluation
Definition of Verification Involvement

including detailing of acceptance criteria and
performance requirements
Verification Plan
including list of verification activities
Verification Execution
including reporting of compliance or non-
compliance
Asset Completed
Figure 1
The DNV Risk Based Verification Chain
102 Asset is used collectively. It is an onshore or offshore installation or part thereof, a system or process, or
a development phase such as feasibility, design, construction, commissioning, operation and decommissioning.
103 The Asset Planned and Asset Decommissioned are the boundaries of the Risk Based Verification process.
104 Asset Specification, Risk Assessment and Definition of Verification Involvement are inputs into the
Verification Plan, while Verification Execution is the implementation of the Verification Plan.
The Risk Based Verification service comprises of one, some or all of these main elements.
C 200 Asset Planned
201 Asset Planned is the starting point for any project or project phase and is the decision of the owner. It
comprises a general description of the project in the form of functionality, safety, capacity, economics etc.
C 300 Asset Specification
301 Asset Specification has been identified as a separate element to focus on the need to address objectives,
acceptance criteria and performance requirements to the asset.
302 This element in the chain comprises:
— detailing of the description at the system level of the project in the form of functionality, safety, capacity,
economics etc.
— identification or definition of verification philosophy, safety objectives etc., including selection of safety
and/or business and/or environmental focus and goals
— identification of codes and technical specifications (e.g. standard company material specifications) to be
adopted
— definition of high level performance requirements for the asset and identification of main elements and
specific performance requirements thereof.

303 The detailing of elements and requirements will vary from project to project. The timing for detailing
will also vary and is affected by matters like contract type and philosophy, owners involvement in the process,
level of innovative elements in the project, life time business philosophy etc.
C 400 Risk Assessment
401 Risk Assessment is the identification of hazards, frequencies of occurrence, consequences and risk
drivers. The risk can be defined on a general level for the project, for different phases of a project or for detailed
elements of the asset.
402 The risk can be evaluated based on safety, environmental impact, economics, schedule, Public
Relations, reputation or other criteria set by the owner.
403 Risk Assessment can be based on engineering judgement (pragmatic) or on analytical processes. In
section E different methods have been described to arrive at the conclusions necessary to formulate a risk based
verification plan.
404 Once the risks have been identified their extent can be reduced to a level as low as reasonably practicable
or as low as corporately required, by means of one or both of:
— reduction in the probability of failure
— mitigation of the consequences of failure.
Guidance note:
Reasonable Practicability
The term “as low as reasonably practicable (ALARP)” has come into use through the United Kingdom’s “The Health
and Safety at Work etc. Act 1974”. Reasonable Practicability is not defined in the Act but has acquired meaning by
interpretations in the courts.
It has been interpreted to mean that the degree of risk from any particular activity can be balanced against the cost,
time and trouble of the measures to be taken to reduce the risk.
It follows, therefore, that the greater the risk the more reasonable it would be to incur substantial cost, time and effort
in reducing that risk. Similarly, if the risk was very small it would not be reasonable to expect great expense or effort
to be incurred in reducing it.
405 The systematic assessment of risks and the implementation of measures to reduce these, results in a
relative ranking of the risk level of the elements and /or sub-elements of the asset.
406 The ranking of the elements will differ depending on the acceptance criteria; safety, environmental
impact, economics, schedule, public relations, reputation or others. Different criteria may be applied to factor
the importance of these.
C 500 Definition of Verification Involvement
501 Definition of verification involvement or level(s) includes defining the cut-off level under which no
verification activity shall be performed and to define the appropriate level of involvement for the others.
502 Based on the relative risk level of the elements the verification intensity should increase towards the
highest risk elements.
Guidance note:
Verification of risk reducing measures e.g. in the form of risk reducing barriers, should be directed towards the risk
reducing measures (barriers) which claims to have the highest risk reducing effects.
503 In this process the overall acceptance criteria from the Asset Specification should be cascaded down to
more detailed performance requirements for individual elements or groups of elements.
504 The risk ranking is used in the selection of the appropriate verification activity level and type to be
described in the verification plan.
C 600 Verification Plan
601 The Verification Plan is the pivot element in the DNV Risk Based Verification systematics.
602 The Verification Plan is the scope of work (SOW) for verification. It should be revisited, re-evaluated
and possibly revised as the project progresses and new information becomes available.
603 The more specific the Verification Plan, the more predictable the verification activities will be.
604 The Verification Plan repeats the verification objective and the criteria for selecting the highest risk
elements and the verification involvement, as given by the Owner. It includes the findings from the risk
assessment step, defines which asset specifications shall be verified, and also the level of involvement by party
and type of verification activity.

605 The Verification Plan further consists of listing the elements and their performance requirements
together with the type and depth of scrutiny to which each shall be subjected.
606 The verification involvement level can be described using the tables in Sect.2 of the relevant object
specific DNV-OSS.
607 Detailed scope of work tables listing all the sub-elements of an asset, can either be developed from the
tables in Sec. 2 of the relevant object specific DNV-OSS or they can be based on the example tables included
in the appendices.
608 For information typical high risk elements with respect to safety of personnel, often termed Safety
Critical Elements, are presented in Appendix C.
C 700 Verification Execution
701 Verification Execution is document review, independent analyses, inspection, monitoring, site visits,
process audits, technical audits, testing, etc. according to the Verification Plan.
702 Information arising from execution should be used to identify continuous improvements to the
Verification Plan. E.g. evidence of good systematic control may be used to reduce the verification activities.
703 The purpose of verification activities is to confirm compliance or identify non-compliance with the asset
specification.
C 800 Asset Completed
801 Asset Completed is the end point of any lifecycle phase or phases, which complies with the relevant
planned asset and the asset specification.
D. Risk-Differentiated Levels of Verification

D 100 Levels of verification
101 The level of verification activity should be differentiated according to the risk to the asset or element or
phases thereof. If the risk to the asset is higher, the level of verification involvement is higher. Conversely, if
the risk to the asset is lower, the level of verification activities can be reduced, without any reduction in their
effectiveness.
102 It is emphasised that the activity level describes the depth of the verification involvement. It follows,
therefore, that an increase in the level of involvement above that considered necessary, based on an evaluation
of the risks, involves minimal extra risk reduction for increased cost. This practice is unlikely to be cost-
effective.
103 Verification of assets or elements thereof are typically categorised into Low, Medium and High.
Low is the level of verification applied where the risks to the asset are lower than average. For example, it has
benign contents, it is located in congenial environmental conditions, or the contractors are well experienced in
the design and construction of similar assets. This level may also be appropriate when the Owner (or other
parties) performs a large degree of verification and/or quality assurance work.
Medium is the customary level of verification activity and is applied to the majority of assets.
High is the level of verification applied where the risks to the asset is higher than average. For example, it has
highly corrosive contents, it is in adverse environmental conditions, it is technically innovative or the
contractors are not well experienced in the design and construction of similar assets. This level may also be
appropriate when the Owner chooses to have a small technical involvement or performs little own verification.
Guidance note:
The terms Basic, Regular and Special are sometimes used to describe the level of involvement. If these are used in
connection with DNV Risk Based Verification, then Basic shall mean Low, Regular shall mean Medium and Special
shall mean High.
104 Illustrations of the levels of involvement are given in Figures 2 and 3. Figure 2 illustrates the levels as
a function of probability and consequence of failure. Figure 3 illustrates how increasing depth of scrutiny is
assigned to elements with increasing risk levels.
Guidance note:
An element can be everything from a drilling rig to an important component or system, depending on the detailing
level of the risk assessment being carried out.

Increasing
Probability of Failure
High
Risk
HIGH
MEDIUM
Low
LOW
Low High
Consequence of Failure
Figure 2
Levels of verification
A
B
C
Elements
D
E
F
G
H
I
Axis of increasing risk

and depth of scrutiny
Figure 3
Increasing verification scrutiny as a function of increasing risk level for each element
105 It is the prerogative of the owner of the asset system to choose the level of verification. The selection
should be documented.
106 Different levels of verification can be chosen for different lifecycle phases of the asset, or even within
the same phase if necessary. For example, asset design may be innovative and considered high risk whereas the
installation method is well known and considered low risk. The converse might be true also.
107 The level of verification can be reduced or increased during a phase if the originally chosen level is
considered too rigorous or too lenient, as new information on the risks to the asset becomes available. Care
should be taken to ensure that short term gains do not influence the reduction of verification, which could lead
to a long term detriment.
108 Verification should be planned in close co-operation with the Owner and each of the contractors, to
provide a scope of work that is adjusted to the schedule of each lifecycle element, i.e. to make the verification
activities, surveillance and hold points, an integrated activity and not a delaying activity.
Guidance note:
Many Contractors have adequate quality control systems and quality control departments, with competent personnel
to perform, for example, inspection at plants and specialist engineers competent to review and verify the performance
of plants.
In that case, all verification work need not be done by DNV personnel. Where applicable, the various inspections may
be carried out by competent persons other than DNV personnel.
In that situation a substantial part of DNV’s verification activities may be encompassed by:
- reviewing the competence of the Contractor’s personnel,
- auditing their working methods and their performance of that work, and
- reviewing the documents produced by them.
109 Verification should direct greatest effort at those elements of the asset or system whose failure or reduced
performance will have the most significant impact on safety or the other defined project risks. These elements
are termed high risk elements or sometimes Critical Elements.

110 The degree of confidence placed in verification reports depends on the degree of confidence in the
verification activities carried out. Therefore, the verification plan must be transparent and give clear details of
the level of verification for both elements and phases.
E. Defining a Verification Plan

E 100 Risk based verification planning
101 The selection of the level of verification shall depend on the risk level of each element having an impact
on the management of hazards and associated risk levels of the asset.
102 The effort spent to select the overall level of verification and the detailing and differentiation between
different elements will vary from project to project. It is a business decision on how to balance the effort of up-
front planning with that of some additional effort during verification execution.
103 The tools used to arrive at a Verification Plan range from engineering judgement risk assessment to
analytical risk assessments. The former generally reflects less effort in the up-front planning stage while the
latter directs more efforts into the particulars of a specific project.
104 The span in the method is illustrated in Figure 4. Most projects will utilise a combination of tools.
Guidance note:
Typically, for a tender phase it may be useful to utilise engineering judgement to make an initial Verification Plan.
When updating the Verification Plan the appropriate analytical tools can be utilised.
E 200 Selection of Level of Verification

201 Suitable selection factors include:
— overall asset specification
— assessment of the risks associated with the asset and the measures taken to reduce these risks
— degree of technical innovation in the asset system
— experience of the contractors in carrying out similar work
— quality management systems of the Owner and their contractors.
202 To facilitate the selection of the level of verification a set of trigger questions based on the above list of
selection factors, has been prepared and is included in the object specific DNV-OSS.
203 To further assist in the selection of general level of verification Table E1 can give some guidance.
204 The level of verification is selected for each individual element and should reflect the risk level as well
as the type of performance requirements.
Guidance note:
To achieve a consistent verification involvement relative to risk level a practical and visual approach can be to plot
the elements and relative risk levels as in Figure 3. Decide on the maximum level of involvement (L, M or H) and
draw the line to the left of which no verification shall be made. The area enveloping the elements to be verified can
then be split in to areas with uniform verification involvement.
E 300 Acceptance criteria

301 Defined acceptance criteria are essential to confirm compliance and identify non-compliance.

302 The format and detailing may differ. Assets, elements or lifecycle phases for which technical standards
or company specifications exist, may have relatively short and simple acceptance criteria. For assets, elements
or lifecycle phases not readily covered by prescriptive standards, greater effort is directed into the particulars
of the specific project and this often results in more detailed performance requirements.
Table E1 Levels of verification and guidance on typical involvement at system level

Level Typical System Characteristics Description of typical verification involvement
Low — Proven designs with relatively harmless — Review of General Principles and production
content and/or installed in benign systems during design and construction.
environmental conditions. — Review of principal design documents,
— State of the art design, manufacturing and construction procedures and qualification reports.
installation by experienced contractors. — Site attendance only during system testing.
— Low consequences of failure from a — Less comprehensive involvement than level
commercial, safety or environmental point of Medium.
view.
— Relaxed to normal completion schedule.
Medium — Asset in moderate or well controlled — Review of General Principles and production
environmental conditions. systems during design and construction.
— Plants with a moderate degree of novelty — Detailed review of principal and other selected
— Medium consequences of failure from a design document with support of simplified
commercial, safety or environmental point of independent analyses.
view. — Full time attendance during (procedure)
— Ordinary completion schedule. qualification and review of the resulting reports.
— Audit based or intermittent presence at site.
High — Innovative designs. — Review of General Principles and production
— Extreme environmental conditions. systems during design and construction.
— Plants with a high degree of novelty or large — Detailed review of most design document with
leaps in technology. support of simplified and advanced independent
— Contractors with limited experience or analyses.
exceptionally tight completion schedule. — Full time attendance during (procedure)
— Very high consequences of failure from a qualification and review of the resulting reports.
commercial, safety or environmental point of — Full time presence at site for most activities.
view. — More comprehensive involvement than level
Medium.

Asset
Specification
Simplified verification Detailed verification

Combined
planning, based on verification planning, based on
Engineering judgement planning Analytical risk assessment:
Risk assessment HAZID for the asset. This may be done

based on trigger stepwise with increasing detailing on the
questions. more complex components/processes.
Conclude on The predefined tables may be useful

overall references
Risk Identify
Assessment verification elements for
involvement; verification
H, M or L Frequency of occurrence Consequence
and prepare
verification
plan based
on any Analytical assessment of risk and
Prepare combination identification of relative risk levels.
Verification of the The relative risk may be grouped into
Plan based on simplified Low, Medium or High
predefined and detained
tables. verification
planning.
Include Define acceptance criteria or performance
Definition of requirements in more detail
Verification adjustments to
Level tailor for the
particular asset. Prepare Verification Plan based on the
assessed risks, risk drivers and acceptance
Confirm criteria as defined above.
acceptance The type and depth of verification is
criteria to be described using the same terminology as used
sufficient. in the predefined tables.
Verification
Plan
Figure 4
Verificaton planning

F. Simplified Verification Planning

F 100 General
101 Simplified verification planning is mainly based on engineering judgment and reflects DNV's in-house
experience as well as the industry experience as reflected in a number of technical standards. Both have been
used to make up the object specific DNV-OSS’s.
102 The steps in the simplified verification planning are as follows:
— Use trigger questions to assess the overall risk level of the project (or manageable elements thereof).
— Evaluate the risk against the relevant owner or project acceptance criteria (often this can be directly tied to
the owner core values or a sub-set of these) and decide whether the general verification involvement shall
be Low, Medium or High.
— Use the detailed scope of work tables in the object DNV-OSS to make a first draft of a Verification Plan
— Generate the project specific Verification Plan by include a project specific engineering judgment to adjust
the table to suit the project
— Perform the verification execution according to the Verification Plan, making revision to the plan if and
when necessary.
103 Care shall be taken not to use this process without sufficient attention to its built-in simplifications.
Particularly the use of example tables in the appendices can never replace the need for project specific
assessments. They can, however, be very useful starting and reference points.
G. Detailed Verification Planning

G 100 General
101 The analytical verification planning is based on the use of (quantitative) risk methods to establish project
specific identification of the relative risk level of the project elements.
102 Depending on the project size and type the risk assessment will often include an initial qualitative risk
assessment screening prior to a full quantitative risk analysis, QRA.
103 A description on how to carry out HAZID, HAZOPD and QRA in general is not given in this DNV-OSS.
The methodology is described in numerous books and publications on the subject.
104 Particularly for projects or project elements were there are limited or inadequate prescriptive technical
standards or if the performance requirements are of a nature that make available prescriptive standards
inadequate, it is advisable to invest more time and effort in the planning stages.
105 With limited prescriptive standards the need and also the effort required to define the acceptance criteria
for individual or groups of elements will normally increase. Appendix D addresses how to formulate detailed
performance requirements and also how these and the risk elements are developed into verification activity
lists, which are finally included in the Verification Plan
H. Risk Based Verification and National Regulations

H 100 General
101 Many national authorities have specific requirements to the verification activities. These can be in the
form of minimum requirements to documentation of risk and risk reducing measures, which documents shall
be presented to the authorities, mandatory use of standards etc. The authorities may also have requirements to
roles and responsibility, independence of verifier, content and form of verification activities, terminology etc.
102 The particulars of the relevant national requirements shall be observed when planning and performing
Risk Based Verification.
Guidance note:
The Offshore Installations (Safety Case) Regulations in UK can be an example of particular National Authority
requirements. The risk based verification approach fits very well with these regulations, but one needs to ensure that
the correct documents and terminology are used and understood e.g. Major Accidents Hazards, Safety-Critical
Elements, Performance Standards etc.

see note on front cover App.A – Page 19
APPENDIX A
BENEFITS OF DNV RISK BASED VERIFICATION
A. General
A 100 Background information
101 This appendix gives background information on verification and the possible benefits thereof.
A 200 Verification trends
201 Verification has historically been carried out with a variety of scope and depth of involvement. The depth
of involvement, or level of verification, has not always been very transparent.
202 There are national authorities requiring verification or even certification of offshore or onshore
installations (assets) and have appointed specific organisations qualified for this work.
203 Some of these national authorities may have detailed requirements to the verification or certification
activity, while others leave the definition of the necessary work up to the appointed organisation. Other national
authorities require specific documents to be verified and approved by them, some hold the owner responsible
for the verification activities, others again may not have any specific requirements.
204 The trend is that authorities remove themselves from the prescriptive regimes and convert to functional
requirements and safety and risk approaches. It is therefore believed that there will be a stronger demand for
measurable objectives to be presented by the owners. The objectives are linked, as a minimum, to the
expectations from the authorities on safety to the work force, the public and the environment. Economics may
be an additional minimum requirement from the owner and his partners.
205 As a means to fulfilling these expectations business today is often characterised by a defined desire to
systematically balance expected costs and benefits. The aim is an optimum control of the uncertainties (or risks)
related to the objectives.
206 Even where national authorities do not require verification of installations (assets), verification (or
certification) is a convenient tool for the owner to get an independent evaluation of the contractor(s) work or
to show financiers, partners, insurers and the public that the asset complies with relevant safety levels and other
requirements in the asset specification.
207 It is good business practice to subject important work to a third-party check as this reduces the possibility
of errors remaining undetected. Third-party verification will ensure that the verifier has an independent view
and perspective when performing this activity. Furthermore, it will avoid the situation where errors could be
overlooked by engineers or others because of their closeness to the work with the asset.
208 Systematic risk based assessment methods are more often used to identify the risk associated with the
elements. Based on this identified risk, focus is put on the relevant acceptance criteria pertaining to integrity,
functionality, survivability, availability, reliability, maintainability, and environmental impact of an asset
throughout its lifecycle.
209 The result of the systematic identification of risk can be utilised in the design and construction by the
Contractor and by the Owner or a 3rd party to optimise the verification activities through a well defined and
transparent verification plan.
210 Not all projects nor all high risk elements have great degrees of novelty or innovation requiring a large
degree of sophistication when predicting risk. The high risk elements or phases can often be determined by
what is addressed in international technical standards and from general experience. For these projects the
ability to communicate the correct or desired level of verification may be the most time consuming exercise.
211 At the other end of the scale are the projects that have greater uncertainty, and often appears to be high
risk, but which need to be systematically addressed to be able to identify the hazards, the probability and
consequences of occurrence and the risk levels of the elements. For these projects the correct identification and
ranking of the risk of the elements is essential for the project optimisation process and planning of the
verification activities. However, it is also for these necessary to be able to communicate the level of verification
and link it to the associated risk.
212 For almost all projects, interface activities are important and many have experienced that inadequate
interface management can be very costly and time consuming.
A 300 Benefits of DNV Risk Based Verification
301 Business today is characterised by the need to balance cost and benefits through a better understanding
and mastering of the assets and their associated risks. Risk Based Verification aims at balancing the efforts to
control the operational and technological risks and for an optimum control of risks and uncertainties from the
concept stage to decommissioning or abandonment of any asset. It may provide cost and time savings compared
with prescriptive verification or certification by focusing on risk and by prioritising verification efforts.

Page 20 – App.A see note on front cover
302 The use of a more elaborate analytical method to plan the verification may give substantial cost benefits
during the verification execution. Particularly for projects characterised by the following:
— a high degree of complexity
— significant elements of new or unproven technology
— proven elements being introduced to new operating conditions or applications
— participants having limited experience in a type of asset or development
— challenging development programmes.
303 DNV aims through Risk Based Verification, to instil confidence in our customers. Through independent
and competent scrutiny the intent is to confirm that the asset is designed, constructed and/or operated so that:
— it is fit for its intended purpose,
— its level of integrity is as high as reasonably practicable
— the associated risk to health, life, property and environment is as low as reasonably practicable.
304 Such confidence arising from Risk Based Verification is not necessarily limited to DNV’s traditional
customers – it can be extended to contractors or other project participants, owners, financiers, partners, insurers
etc. that an asset complies with a relevant basis, even in areas where formal references may be missing or are
under development.
305 The advantages for DNV’s customers in applying a Risk Based Verification approach may include:
— reduced probability of undesirable events
— improved availability and reliability
— cost and time savings through avoiding undue attention to areas and activities that are low contributors to
risk
— contributing to optimised expenditure (CAPEX, OPEX and RISKEX) in high risk areas
— early involvement in projects to ensure correct decisions and minimal rework
— a demonstrable and auditable case for safety or other owner or project core values
— active support to, and demonstration of achievement of, these core values
— confirmation, and increased visibility, of the above to (project) partners and other stakeholders and to
Regulatory Bodies.
306 For a new asset development Risk Based Verification services should seek to reduce any uncertainty in
the design as early as possible, and if any weaknesses are revealed allow for effective management of necessary
changes, ref. Figure 2 “Effects of Early Involvement”. DNV’s verification experience reinforces the important
message of early involvement and the need for in-depth knowledge of the activities required to obtain optimal
resource allocation for the verification process. A proactive approach is required and places particular emphasis
on roles and responsibilities.
Increase
Ability to Cost of
Influence Change
Concept Commissioning
Time
Figure 1
Effect of early involvement
307 The above processes should consider all phases of the asset lifecycle. For example during the offshore
commissioning phase of a new asset there may be temporary items of equipment provided which should be
identified as high risk elements (e.g. temporary fire/gas detection).
308 DNV believes that a strong focus on the development of the Verification Plan will support a common
interpretation of verification philosophies and requirements (which may differ from one project to another),
and this should facilitate a more cost effective verification execution and provide for greater potential value to
be obtained from the overall verification process.
309 Database applications (for example DNV’s Verifier software) can be implemented to assist with
development and execution of Verification Plans, including the capability to record the status of all verification

see note on front cover App.A – Page 21
activities, and provide reports on their status. Such database applications can assist co-ordination by making
the status available to all involved in verification, including the customer, simultaneously.
Input
Management
Verification Planning
Risk Management Design
Verification
Construction
Operation
Management
Optimum output
Figure 2
The asset realisation process
310 The optimisation can be regarded as the process to shrink the total volume of the circle in Figure 2 and
to find the ideal balance between Contractor and 3rd party volumes within that circle.
311 Alternatively, the volume of the ball can be used to indicate the cost of the process. The correct balance
between the two sides may reduce the total volume of the whole process and at the same time achieve the
optimum asset. By optimum asset we mean one that through its lifecycle is suitable for the operation and has
the correct balance between the quality, cost, environmental impact, safety, schedule and any other elements
defined by Owner.
A 400 Other DNV services related to Risk Based Verification
401 Any of the areas of Risk Based Verification involvement can be integrated with other DNV services,
potentially with enhanced effectiveness, such as:
— Project Risk Management
— assisting with development of project HSE philosophy
— conducting, or participating in, Hazid
— risk studies or assessments (e.g. QRA)
— reviewing the customer’s formal safety assessment (safety case) to confirm the adequacy and robustness of
the process
— providing a suitable computer application to manage verification requirements and findings
— managing other legislative compliance requirements on behalf of the customer or asset owner
— developing or reviewing Reliability Centred Maintenance (RCM) and Risk Based Inspection (RBI)
philosophies and procedures.

Page 22 – App.B see note on front cover
APPENDIX B
VERIFICATION AND CERTIFICATION DOCUMENTS
A. Verification Documents
A 100 Purpose of Verification Documents
101 Verification documents are issued by DNV. The purpose of these documents is to provide documentation
that objective evidence has been presented to confirm compliance with the requirements and to document the
work performed by DNV.
Guidance note:
Examples of document forms are found in the objects specific DNV-OSS.
102 Intermediate verification documents act as a form of progress reporting showing satisfactory completion
of complete life cycle verification activities for various issues, items or phases of the asset.
103 The verification documents follow the hierarchy shown below and in Figure 1:
— Statement of Compliance
— Verification Report
— Intermediate documents
— Audit reports
— Verification Comments
— Visit reports
104 A description of each of these is given in the respective object specific DNV-OSS.
Statement of Compliance
with accompanying
verification report
Verification Report
Intermediate documents
Figure 1
Document hierarchy for verification
A 200 Validity of Verification Documents

201 Verification documents are, in principle, documents confirming that an examination has been carried out,
and are valid only at the time of issue.
A 300 Verification Documents Provided
301 The types of documents issued by DNV relative to the different stages of the verification process are

see note on front cover App.B – Page 23
illustrated by Table B1.

Table B1 Asset VERIFICATION – Documents provided by DNV
Reference Standard
DNV Offshore Standard or other agreed technical standard
for verification
Design Construction Operation
and Assemblies
of Components
Manufacturing
Manufacturing
Detail Design
of Equipment
Maintenance
Completion
Conceptual
Installation
Operation,
Design
Project
Repair
Project Phases
and
Types of
Verification
Statement of Compliance for individual phase or natural part thereof
Documents
Provided
B. Certification documents
B 100 General
101 DNV Certification is a special form of verification where the total scope is defined by DNV. Reference
is given to the section on definitions. For statutory certification the scope should in principle be defined by the
regulating body.
102 The certification documents consist of the verification documents described above with an overlying
Certificate of Conformity. Hence, the hierarchy of documents are as illustrated in Figure 2. In relation to the
project phases, reference is given to Table B1.
B 200 Validity of Certification documents
201 In general the same validity, i.e. the time of issue, applies as for verification documents.
202 However, for Certificates of Conformity, a specified period of validity and maintenance conditions for
ensuring this validity may be given in the certificate.
Certificate of Conformity
with accompanying
verification report
Statement of Compliance
with accompanying
verification report
Verification Report
Intermediate documents
Figure 2
Document hierarchy for certification

Page 24 – App.B see note on front cover
Table B1 Asset CERTIFICATION – Documents Provided by DNV

Reference Standard
DNV Offshore Standard
for certification
Design Construction Operation
of Components
Manufacturing
Manufacturing
Detail Design
of Equipment
Maintenance
Completion
Assemblies
Conceptual
Installation
Operation,
Design
Project
Repair
Project Phases
and
and
Certificate of
Certificate of
Conformity
Conformity
(retention)
Types of
Certification Statement of Compliance for individual phase or
Documents natural part thereof
Provided
Pre - Maintenance of
Certification phase Certification Certification Certification

see note on front cover App.C – Page 25
APPENDIX C
EXAMPLE LIST OF TYPICAL HIGH RISK ELEMENTS
A. High Risk Elements

A 100 Offshore installations
101 The following table presents typical high risk elements with respect to safety of personnel for the main
types of offshore installation. These are often called safety critical elements (ref e.g. UK Safety Case regime).
This list is intended as a tool to help to ensure that key systems identified as high(est) risk are not omitted.
However, the list can never be guaranteed to be exhaustive and shall never be used without due considerations.
FPSO/FPU
FLOTEL
MODU
FOI
TYPICAL HIGH RISK ELEMENTS
STRUCTURE
Jackets and Piles - - - X
Gravity Based Structure - - - X
Jack-up Legs and associated Jacking and Locking Systems X X - -
Hull (including Watertight Closures) X X X -
Drilling Derrick X - - X
Firewater Caisson and Supports - - - X
Topsides Primary Structure including Bridge and Flare Tower X X X X
Helideck X X X X
Lifting (cranes) and Hoisting (drilling equipment) X X X X
Crane Pedestal X X X X
Foundations X X X X
Blast Protection including Blast Venting Provisions X - X X
Dropped Object Protection incl. Subsea Protective Structures X X X X
Turret - - X -
DRILLING
Mud Systems X - - X
Blowout Preventer System X - - X
Choke and Kill (including Emergency Blowdown) X - - X
Cement System X - - X
Marine Riser System X - - X
Well Control Instrumentation X - - X
Diverter system X - - X
POWER
Emergency Power X X X X
Battery Systems X X X X
Protection of Electrical Equipment X X X X
IGNITION PREVENTION
Electrical Earthing Continuity X X X X
Electrical Equipment in Hazardous Areas X X X X
Protection of Hot Surfaces X X X X
Natural Ventilation X X X X
FIRE AND GAS
Gas (Flammable and Toxic) Detection System X X X X
Fire Detection System X X X X
Deluge X X X X
Sprinklers X X X X
Fire Pumps X X X X
Firewater Ring Main X X X X
Foam System X X X X

Page 26 – App.C see note on front cover
Gaseous Systems (e.g. Halon, CO2) X X X X

Passive Fire Protection (including Doors, Walls and Penetrations) X X X X
Ventilation Systems X X X X
EMERGENCY RESPONSE AND EVACUATION
Temporary Refuge X X X X
Escape Routes X X X X
Helideck Systems (Markings, Nets, Obstacle Marking/Lighting etc.) X X X X
Escape (battery-backed) Lighting X X X X
Internal Communications (e.g. Public Address,/General Alarm, Manual Alarm X X X X
Call Points, Telephones)
External Communications (including Marine and Aviation) X X X X
TEMPSC X X X X
PPE (incl. Lifejackets, Survival/Immersion Suits, Helideck Crash Equip.) X X X X
ESCAPE SYSTEMS
Descent to Sea Systems (Personal Descent Devices, Knotted Ropes, Nets) X X X X
Ladders to Sea X X X X
Life rafts X X X X
Standby Vessel and associated Fast Rescue Craft X X X X
HYDROCARBON CONTAINMENT
Hydrocarbon Piping and Equipment (including Valves and Instrumentation) - - X X
Emergency Shutdown System including Software, Process Shutdown, High X X X X
Integrity Protection Systems, Overpressure Protection Systems etc.
Relief and Blowdown System X X X X
High Speed Machinery Trips X - X X
Local Atmospheric Vents X - X X
Drains (Open and Closed Hazardous) X X X X
Risers and Riser Emergency Shutdown Valves - - X X
Pipelines - - X X
Pipeline Subsea Isolation Valves - - X X
MARINE
Mooring (including Move-off) X X X -
Navaids (including Lights, Foghorns, Marine/Weather Monitoring Systems) X X X X
Radar Early Warning System X X X X
Ballast and Bilge (Stability) X X X -
Inert Gas System - - X -
Dynamic Positioning System X X X -
Thrusters X X X -
TEMPORARY EQUIPMENT
Bridge Connections to Support Vessels X X X X
Gas Cylinders and Attachments X X X X
Power Generators X X X X
Temporary Public Address/General Alarm Systems X X X X
Well Test Equipment X - - X
Radioactive Source Store X - X X
Explosives Store X - - X
SAFETY MANAGEMENT SYSTEM X X X X

see note on front cover App.D – Page 27
APPENDIX D
DETAILED PERFORMANCE REQUIREMENTS AND VERIFICATION
ACTIVITY DESCRIPTIONS
A. Performance Requirements
A 100 Setting performance requirements
101 Performance requirements should describe the essential requirements that a high risk element must meet,
maintain, or provide on demand. Ideally it is a statement, which can be expressed in qualitative or quantitative
terms, of the performance required of a system, item of equipment or procedure and which is used as the basis
for managing a risk and any events requiring emergency response, through the lifecycle of the asset.
102 The most suitable performance requirement should ideally satisfy all of the following conditions:
— it requires measurement of the performance/capability of a parameter of the component/system
— the measured parameter provides evidence of the ability of the component/system to prevent, or limit the
effect of, an unplanned event
— acceptance criteria/range are defined for the parameter in question
— the parameter can be monitored/measured.
Guidance note:
DNV’s experience is that performance requirements should be at a level that sets an objective for the element in
question, they should not describe how that objective is to be achieved, or how it is to be demonstrated (verified), this
is part of the verification plan.
103 As a minimum the following characteristics should be considered in generating performance

requirements:
— functionality – what the element must achieve
— reliability – how often it will be required to operate satisfactorily
— availability – how often it will be required to operate on demand
— survivability – the conditions under which it will be required to operate, e.g. if exposed to fire, blast,
vibration, ship impact, dropped objects, adverse weather etc.
104 The consequence of a performance requirement not being met (demonstrated) should also be considered.
If the consequences are such that an unplanned event cannot result, or a significant reduction in the
effectiveness to prevent, detect, control, mitigate, or monitor a major unplanned event cannot result, then the
performance requirement should not be considered as necessary.
105 In the same way that parts of an asset may be considered as high risk for certain periods of its lifecycle
it is possible for performance requirements to be applicable during specific phases of an asset’s lifecycle only.
At all times that a part of an asset is high risk, there must be at least one performance requirement.
Guidance note:
Quantitative performance requirements for reliability or availability of an element are essential for high risk elements
containing instrument-based protective systems. Where such performance requirements are specified, it is
recommended that the precise requirements are fully defined (i.e. not just “reliability to be ....”), that there is a clear
means of verifying the requirement, and that verification can provide positive demonstration of the element’s
suitability. DNV’s preferred style of such performance requirements is to specify the maximum probability of failure
on demand for each safety function (complete loop), consistent with the concept of Safety Integrity Level (SIL) as
described in IEC 61508.
B. Verification Activities
B 100 Developing Verification Activity Lists
101 The objective of an activity is to confirm that the performance requirements are achieved. The
verification activity list constitutes the main pert of the Verification Plan and corresponds to the example tables
included as Appendix to the object specific DNV-OSS.

Page 28 – App.D see note on front cover
102 The list should give details of what needs to be done, by whom and when. For each performance
requirement there should be at least one examination activity. The activity list should include:
— what is to be done – a description of the examination activity to be performed to verify that the criteria
specified in each performance requirement is met
— type of examination activity to be performed, e.g. inspection, witness, review, monitoring
— extent of involvement in activity, where applicable (e.g. percentage of sample)
— how often it is to be repeated (if at all, e.g. for initial suitability only)
— unique identifier for each activity, for control and reporting purposes (ideally aligned to high risk element
and performance requirement identifier)
— a clear reference to a specific performance requirement and high risk element for each activity
— note of specific documents or processes (e.g. planned maintenance activities, rolling inspection
programmes) which will be used as a basis for verification or for reference as part of the examination
activity.
103 The activity list should state which examinations shall only be performed prior to the high risk element
being put into service (examination for “initial suitability”). No further activities of this type will be performed
during operation, unless modifications are made to the element. Other examination activities (examination for
continued suitability), especially during the operational phase, should be repeated at intervals specified to
ensure that the high risk element to which it refers maintains its suitability and adequacy.
104 The following may contribute to the specification of interval or frequency of examination:
— requirements of recognised codes and standards,
— risk assessments
— assumptions and conclusions of risk and/or reliability studies on relevant systems
— extent of installation maintenance routines and inspection plans
— interval between the asset operator’s assurance activities,
— manufacturer’s recommendations for the equipment
— findings of previous examination activities (including those for related high risk elements or performance
requirements).
105 The activity list may often (but optionally) be contained in a database application in order to facilitate
the dynamic process of modifications and updates, and also provides for a powerful management and reporting
tool.

Risk Based Verification: DNV-OSS-300

Uploaded by

Risk Based Verification: DNV-OSS-300

Uploaded by

OFFSHORE SERVICE SPECIFICATION

Risk Based Verification

DET NORSKE VERITAS AS

© Det Norske Veritas AS April 2004

Any comments may be sent by e-mail to [email protected]

• Amendments April 2012

• Amendments October 2011

DET NORSKE VERITAS AS

Sec. 1 General ................................................................................................................................................ 6

DET NORSKE VERITAS AS

App. C Example List of Typical High Risk Elements ................................................................................ 25

DET NORSKE VERITAS AS

DET NORSKE VERITAS AS

B. Definitions and Abbreviations

DET NORSKE VERITAS AS

DET NORSKE VERITAS AS

DET NORSKE VERITAS AS

B. General Verification Principles

C. Risk Based Verification Concept

DET NORSKE VERITAS AS

Definition of Verification Involvement

DET NORSKE VERITAS AS

DET NORSKE VERITAS AS

D. Risk-Differentiated Levels of Verification

DET NORSKE VERITAS AS

Axis of increasing risk

DET NORSKE VERITAS AS

E. Defining a Verification Plan

E 200 Selection of Level of Verification

E 300 Acceptance criteria

DET NORSKE VERITAS AS

Table E1 Levels of verification and guidance on typical involvement at system level

DET NORSKE VERITAS AS

Simplified verification Detailed verification

Risk assessment HAZID for the asset. This may be done

Conclude on The predefined tables may be useful

DET NORSKE VERITAS AS

F. Simplified Verification Planning

G. Detailed Verification Planning

H. Risk Based Verification and National Regulations

DET NORSKE VERITAS AS

DET NORSKE VERITAS AS

DET NORSKE VERITAS AS

DET NORSKE VERITAS AS

A 200 Validity of Verification Documents

DET NORSKE VERITAS AS

illustrated by Table B1.

DET NORSKE VERITAS AS

Table B1 Asset CERTIFICATION – Documents Provided by DNV

DET NORSKE VERITAS AS

A. High Risk Elements

DET NORSKE VERITAS AS

Gaseous Systems (e.g. Halon, CO2) X X X X

DET NORSKE VERITAS AS

103 As a minimum the following characteristics should be considered in generating performance

DET NORSKE VERITAS AS

DET NORSKE VERITAS AS

You might also like