Risk management at the stages of the life cycle of NPP projects

. The article discusses the issues of risk management at all stages of the life cycle of nuclear power plants. The definition and classification by types of risks that arise during the stages of the life cycle and operation of difficult objects such as nuclear power plants. Risk is anything that has the potential to affect each stage of a facility's life cycle, performance, longevity, safety, or project budget. Thus, risk management is the process of identifying, classifying, prioritizing and planning risks. This article not only discusses the identification and classification by types of risks that arise during the construction and operation of such complex facilities as nuclear power plants, but also describes the methods for assessing and managing risks, taking into account the specifics of the construction of nuclear power facilities. There are two methods of risk assessment: quantitative and qualitative. The article describes such Quantitative methods as "Scenario Technology", "Method - Sensitivity Analysis", "Diagramming Technique - Tree Analysis", as well as such Qualitative risk assessment methods as "Assessment of the probability of risk and its impact", "Evaluation Matrix probability/risk of impact”, “Probability and impact”, “Risk classification and assessment of risk urgency. As a result of the analysis of existing risk management methods at all stages of the life cycle, the following conclusions were drawn: Risk identification can occur at any stage of the life cycle of a nuclear power plant, even after completion of construction work and delivery of the project. The maximum number of risks for all stages of the NPP life cycle should be identified at the stage of Sitting and design. The article proposes the format of the risk register table, provides a risk classification scheme, and develops a risk management flow chart at the stages of the NPP life cycle.


Introduction
Risk management is a important scientific and practical task for nuclear power plants in construction at all stages of the life cycle, from site to decommissioning. The risk management system includes the following main stages [1]: -Risk Identification -Risk classification -Analysis, estimation and ranking of risks -Development of countermeasures It can be claimed that the strategic goal of development and existence of nuclear power (target function) is to achieve high technical, economic and social efficiency while minimizing damage to society and the environment [3]. The article life cycle management basics [2] shows that the target function of NPP objects is influenced by all stages of life cycle and each stage has its own risks.
As it is known, life cycle of such complex objects as NPP power units includes the following main stages [3]: 1. Sitting, 2. Designing, 3. Construction, 4. Commissioning, 6. Decommissioning. The available Russian and foreign experience in the construction and operation of NPP power units allows us to assert that all stages of the life cycle are inextricably linked in terms of their impact on the safety of population and the environment, budget and longevity of these complex energy facilities. In terms of life cycle impact, three main factors can be distinguished, which are presented in Fig. 2.  The practical implementation of each stage of the NPP life cycle is associated with certain risks affecting the target function. Risk identification and management is an integral part of the operation of nuclear power facilities.

Risk identification and classification
Risk identification is the determination of events that are more likely to affect the project. Identified risks need to be documented in detail and described in a risk log. Their impact on the project is then assessed and the results predicted, and precautions are identified to prepare responses to emerging risks during the project period [5].
Monitoring and analysis of risks is the step where the project's risk log is recorded and used to track changes. The risk management process depends on the project purpose, design decisions and project timeline, as well as the lifetime of the NPP.
Risks exist at every stage of the NPP lifecycle, from the beginning of the design to the decommissioning of the facility. Let us consider organisational structures of NPP lifecycle stages and link them with risk identification and management system in order to simplify the process of control, forecasting, and finding appropriate solutions before the occurrence of events that are risks.
Risks at all stages of the lifecycle of NPPs can be both negative and positive. Negative risks are damaging and have an undesirable impact on the project. As for positive risks, they are useful and should be used to improve the project performance in all phases of the lifecycle. An example of a positive risk is early completion of the project. However, bear in mind that if positive risks are not managed correctly, the result can be unexpected and unfavourable. Therefore, risk management is important both for negative risks to minimise the damage and for positive risks to maximise the benefit.
In terms of effect, risks arising in the life cycle of nuclear power plants can be divided into several major categories, namely financial, socio-political, environmental and others.
As a result of considering this problem at all stages of the lifecycle, the following structure is proposed in Figure 3.
A detailed design and work plan helps to identify most risks at all stages of the life cycle [2]. In complex projects, such as nuclear power plants, all participants who supervise the lifecycle of the project must be connected to a single server that allows all employees to access information and express their opinions on all issues related to risks for the project. A spreadsheet (risk log) is created to monitor and control all the details that can affect the progress of work at all stages of the life cycle of a nuclear power plant facility [2,5]. The table can have different formats depending on the project and purposes; a suggested variant of the table for risk logging is presented in Figure 4.
Columns that can be added additionally: -Issue raised: who identified the risk.
-Closing date: The date on which the risk was closed.
-Last updated: Date the risk record was last updated. Useful for ensuring that mitigating actions are taken.
-Executor: This field can be used when assigning an executor for the necessary actions to the person responsible for managing this risk [2].

Risk management
Identifying existing risks and choosing an appropriate way to assess risk is mainly done using a brainstorming or peer review technique. The company brings its employees and experts together so that they can analyse different sources of risk [5,9]. The next step is to prioritise all the identified risks. Since it is not possible to mitigate all existing risks, prioritisation ensures that those risks that may affect the construction work are eliminated [1,14]. Risk analysis is the second stage of the risk management plan, where data collected on possible risks is analysed [5]. An analysis of risks from a prioritised list is carried out. Two categories of methods have been developed [10,14]:

Qualitative and quantitative.
Qualitative methods are more applicable when risk can be ranked somewhere on a descriptive scale from high to low [7]. Quantitative methods are used to determine the probability and impact of identified risks, and are based on numerical estimates. Companies tend to use a qualitative approach as it is easier to describe. Within the quantitative and qualitative categories, there are a number of methods that use different assumptions, making it difficult to select the appropriate risk assessment model for a particular project. The methods should be chosen according to the type of risk and the scale of the project [9,14]. Regardless of the method chosen, the desired outcome of such an assessment should be reliable and depend on the experience gained and the cost of using the method. Important criteria are [10]: -Adaptability -the need to adapt to the requirements of the organisation -Limitations -how limited and simple is the method -Feasibility -the method should be feasible -Ease of use -the method should be clear to use -Reliability -the results should be valid. Are known Qualitative methods of a risk assessment such as "Estimation of probability of risk and its influence", "Matrix of an estimation of probability/risk of influence", "Probability and influence", "Classification of risks and an estimation of urgency of risks".
Quantitative methods require a lot of analysis work. The effort must be weighed against the benefits and outcomes of the method chosen [7]. For example, small projects may only require identification and action on identified risks, whereas larger projects require in-depth analysis. Quantitative methods that assess the impact of risk are more appropriate for medium to large projects because of the resources required for analysis such as sophisticated software and skilled personnel.
Quantitative methods such as "Scenario Technology", "Technique -Sensitivity Analysis", "Charting Technique -Tree Analysis" have been developed.
The essence of the method "Assessment of probability of risk and its impact" is to assess each individual risk and assign it characteristics from a range depending on the degree of danger. The scale of impact ranges from "very low" to "very high". The level of likelihood of each risk and its impact on the durability, quality, and cost of the project at all stages of the NPP life cycle are assessed by survey or discussed in specialist meetings. Depending on the scale of the project and its technical and economic indicators, the impact scale has more or less divisions.

Risk analysis, assessment and ranking.
The probability and impact assessed further are used as the basis for the Risk Impact Probability Assessment Matrix method. The results of the risk assessment are prioritised using various calculation methods that can be found in the literature [13]. The priority score is calculated as the average of probability and impact. To indicate the importance of each risk is assigned a rating and a colour. Priorities are determined by multiplying the impact by the probability. This product indicates which risks have a low, moderate or high priority and allows the appropriate risk response to be assigned. For example, threats with high impact and probability are defined as high risk and may require an immediate response, whereas low-priority threats may be monitored with action taken only when necessary [11,14].

Risk Classification and Risk Urgency Assessment methods.
These two methods are not as commonly used as the Probability and Impact method. Risk classification is a way of systematising project hazards, for example according to their sources, in order to identify the areas of the project that are most exposed to these risks. The tools that can be used in this method are the work breakdown structure or risk allocation structure. Their role is to develop an effective response to risks. The work allocation structure breaks down large activities into small, manageable units and creates a linked hierarchical series of independent activities, classifying risks and showing their dependencies. The role of the Risk Urgency Assessment method is to prioritise risks according to how quickly they require a response. Lists with risks ranked in order of priority using qualitative methods can be used to draw attention to significant project issues.
Issues that are classified as medium-level risks can be subject to quantitative analysis to enhance monitoring and timely response. Threats that are assessed to be insignificant can be put on a watch list and monitored. In this way, priorities are prioritised to allow the project team to focus on the more dangerous risks. Classification of risks helps to identify weaknesses in the project, to which more attention should be paid [10].
Risk response refers to the actions that should be taken in relation to the identified risks and threats. The chosen response strategy and approach depends on the type of risks at each stage of the NPP lifecycle. For each risk on the register, a responsible person is assigned to monitor the development of response actions that will be agreed with other participants in the risk management process. The less impact a risk has, the more effectively it can be managed. The most common risk response strategies are: prevention, reduction, transfer, retention and monitoring.
Sometimes it is difficult to decide on the appropriate way to respond due to insufficient information. This can be avoided by scheduling time to obtain sufficient information in the response plan. This course of action is called Delayed Decision Making, but this approach is not applicable in all situations because when dealing with critical risks it is necessary to take action from an early stage in the process [10,14].
Prevention is the selection of alternative design solutions that will eliminate many of the risks. If the risk has a significant impact on the project, the best solution is to avoid it by changing the scope of the project or, at worst, by cancelling it [10,15].
It is worth noting that often reducing risks in a project entails an increase in implementation costs, but in the long run there are benefits on the NPP's lifecycle [15]. For some projects, experts are hired to manage high risk activities, as such experts can suggest solutions that the project team has not considered.
Mitigation strategies may include: contingency planning, quality assurance, separation or relocation of activities and resources, crisis management and disaster recovery plans.

Risk transfer.
The management of risks that need to be mitigated can also be transferred to specialised companies that have more appropriate resources and knowledge of the impacts. Collaborative projects, where one project team can benefit from the resources and expertise of another, are a way of sharing responsibility for risks in a project [10,15]. It should be understood that risk is not eliminated in this way, it is only transferred to the party best able to manage it. The transfer of risks and their associated negative consequences is also possible when risks are outside the control of the project team. For example, political problems or workers' strikes. Risks are also natural disasters that are rare and unpredictable. Such risks that are beyond management's control should be transferred to insurance companies [10,15].

Risk retention.
When the risk cannot or is not economically feasible to transfer or avoid, risk retention is the best solution.
Continuous oversight of the risk management programme (RMP) helps to detect and monitor risks and to avoid past risks from the project risk assessment register. [10,15,18,19].
It should be understood that risk identification can occur at any stage of the NPP lifecycle, even after construction work has been completed and the project is delivered. Risks that could affect the life cycle of the project should be identified at the design stage, including for decommissioning activities [15,16,18,19].
Thus, the risk management system in the NPP lifecycle can be represented as a flowchart as shown in Figure 7. The flowchart describes an approach in which risks are tracked through all stages of the lifecycle, as they are interconnected and require management to minimise the impact of risk from 'high' to 'low' in a risk impact matrix. Information on all risks and the decisions made to respond to them, from design to decommissioning, should be contained in a single database, as described in the flowchart. Because a single database allows risks to be tracked at all stages and connects them to each other in a way that allows the risk management team to easily access the necessary information and monitor risks more effectively, as well as allowing normal (authorised) staff to collect and enter risk information promptly.

Conclusions
The following conclusions can be drawn from the analyses carried out.
1. The necessity and possibility of not only identification, but also risk management at all stages of life cycle of such complex facilities as nuclear power plants are shown.
2. Risk identification can be carried out at any stage of NPP life cycle, even after completion of construction works and commissioning of the project.
3. An algorithm for risk management at life cycle stages is proposed.