However it will be imperative that during this phase the O&M Engineer should not change any

information which resides in the system until the impact assessment has been completed based on this

initial non-intrusive diagnostic exercise. Note the diagnosis activities should be limited to reading

information (opening and closing displays, logs, files etc.) without changing any information in the

system and in accordance with the appropriate techniques and methods as found in Table B.4 of IEC

61508 Part 2.

Implications for SIS Modification

During the system analysis activities outlined above, if the work request/problem is agreed to be rectified

via a modification to the SIS, then the O&M Engineer should inform the responsible technical authority

within the end user organisation that a formal change request (management of change MOC) is to be

made and as a minimum an impact assessment will be required to be undertaken under the necessary

MOC processes.

Note that this activity is a mandatory requirement that any SIS modifications are to be managed in full

accordance with IEC 61508 Ed 2 and IEC 61511 requirements. Modifications can only proceed with the

full approval of the end users Technical Authority (TA). The responsibility for this modification is owned

solely by the end user and should be managed accordingly utilising their compliant functional safety

management system.

It should also be noted that the change impact assessment should be rigorously reviewed by all

authorised parties concerned. The impact assessment states the implications of the proposed change

and should be documented accordingly to identify as a minimum:

·

The repair or replacement activity affecting SIS performance

·

How does the intended repair / replacement proposed solution impact on determining if the

change on a component or function; has an effect on other components or functions within the

SIS under review; or other systems connected to it?

·

Define any degradation of the SIS whilst repair or replacement is performed and ensure the

Client understands the impact of the degradation so that they can apply additional safety

measures whilst the work is carried out

·

Once the impact assessment form is completed, it shall be reviewed and agreed with the

technical authority or their representative (as an independent reviewer) and approved along with

the Job Method Statement

The risk assessment states the risks which are associated with the implementation of the solution.

Although the probability of the risk may be very small, the effect on the SIS and any potential outcome

could be high. The risk assessment can be prepared with the contribution of a number of parties in

close cooperation with the end user, however the end user has overall responsibilities to determine how

the planned changes may affect the process and plant given their knowledge of the application of the

system.