IEC GUIDE 116:2010

IEC GUIDE 116


®

Edition 1.0 2010-08







GUIDE




colour
inside

Guidelines for safety related risk assessment and risk reduction
for low voltage equipment





IEC GUIDE 116:2010(E)

---------------------- Page: 1 ----------------------
THIS PUBLICATION IS COPYRIGHT PROTECTED

Copyright © 2010 IEC, Geneva, Switzerland



All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form

or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester.
If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication,

please contact the address below or your local IEC member National Committee for further information.



IEC Central Office
3, rue de Varembé

CH-1211 Geneva 20

Switzerland
Email: inmail@iec.ch
Web: www.iec.ch

About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.
ƒ Catalogue of IEC publications: www.iec.ch/searchpub
The IEC on-line Catalogue enables you to search by a variety of criteria (reference number, text, technical committee,…).
It also gives information on projects, withdrawn and replaced publications.
ƒ IEC Just Published: www.iec.ch/online_news/justpub
Stay up to date on all new IEC publications. Just Published details twice a month all new publications released. Available
on-line and also by email.
ƒ Electropedia: www.electropedia.org
The world's leading online dictionary of electronic and electrical terms containing more than 20 000 terms and definitions
in English and French, with equivalent terms in additional languages. Also known as the International Electrotechnical
Vocabulary online.
ƒ Customer Service Centre: www.iec.ch/webstore/custserv
If you wish to give us your feedback on this publication or need further assistance, please visit the Customer Service
Centre FAQ or contact us:
Email: csc@iec.ch
Tel.: +41 22 919 02 11
Fax: +41 22 919 03 00

---------------------- Page: 2 ----------------------
IEC GUIDE 116


®

Edition 1.0 2010-08







GUIDE




colour
inside

Guidelines for safety related risk assessment and risk reduction
for low voltage equipment



INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
PRICE CODE
W
ICS 29.020 ISBN 978-2-88912-150-2
® Registered trademark of the International Electrotechnical Commission

---------------------- Page: 3 ----------------------
– 2 – Guide 116 © IEC:2010(E)


CONTENTS


FOREWORD.4

INTRODUCTION.6


1 Scope.7

2 Normative references .7

3 Terms and definitions .8

4 Basic principles .10

4.1 Principle of safety integration .10

4.2 Basic concepts .11
4.3 Information for risk assessment.14
4.3.1 General .14
4.3.2 Information related to LV equipment description .14
4.3.3 Related standards and other applicable documents .14
4.3.4 Information related to experience on the use .14
4.3.5 Relevant ergonomic principles.15
5 Determination of the limits of the LV equipment.15
6 Hazard identification.15
7 Risk estimation.17
7.1 General .17
7.2 Elements of risk .17
7.2.1 Combination of elements of risk.17
7.2.2 Severity of harm .18
7.2.3 Probability of occurrence of harm .19
7.2.4 Risk index .20
7.3 Aspects to be considered during risk estimation .20
7.3.1 Exposure of persons and livestock .20
7.3.2 Type, frequency and duration of exposure .20
7.3.3 Accumulation and synergy of effects.21
8 Risk evaluation.21
8.1 General .21
8.2 Aspects to be considered during risk evaluation .21
8.2.1 Human factors .21
8.2.2 Reliability of protective measures .22

8.2.3 Possibility to defeat or circumvent protective measures .22
8.2.4 Ability to maintain protective measures.23
8.2.5 Information for use .23
8.2.6 Current values of society .23
8.3 Elimination of hazards or reduction of risk by protective measures .23
8.4 Comparison of risks.24
9 Risk reduction .24
10 Documentation .27
Annex A (normative) Safety aspects relating to low voltage equipment .28
Annex B (informative) Supporting standards .33
Annex C (informative) Examples of hazards, hazardous situations and hazardous
events .34
Annex D (informative) Tool for the application of this IEC Guide .35

---------------------- Page: 4 ----------------------
Guide 116 © IEC:2010(E) – 3 –


Bibliography.38




Figure 1 – Principle of safety integration .11

Figure 2 – Iterative process of risk assessment and risk reduction .13

Figure 3 – Elements of risk for risk estimation.17


Figure 4 – Graph for risk estimation .18

Figure 5 – Risk reduction process.26

---------------------- Page: 5 ----------------------
– 4 – Guide 116 © IEC:2010(E)


INTERNATIONAL ELECTROTECHNICAL COMMISSION

____________



GUIDELINES FOR SAFETY RELATED RISK ASSESSMENT

AND RISK REDUCTION FOR LOW VOLTAGE EQUIPMENT







FOREWORD


1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
This first edition of IEC Guide 116 has been prepared, in accordance with ISO/IEC Directives,

Part 1, Annex A, by the IEC Advisory Committee on Safety (ACOS). This is a non-mandatory
guide in accordance with SMB Decision 136/8.
The text of this IEC Guide is based on the following documents:
Four months’ vote Report on voting
C/1614/DV C/1634/RV

Full information on the voting for the approval of this Guide can be found in the report on
voting indicated in the above table.

---------------------- Page: 6 ----------------------
Guide 116 © IEC:2010(E) – 5 –


This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.



A bilingual version of this publication may be issued at a later date.




IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates

that it contains colours which are considered to be useful for the correct

understanding of its contents. Users should therefore print this document using a

colour printer.

---------------------- Page: 7 ----------------------
– 6 – Guide 116 © IEC:2010(E)


INTRODUCTION


This non-mandatory IEC Guide is intended to be applied to risk assessment and risk reduction

for safety of low voltage equipment.


This IEC Guide reflects ISO/IEC Guide 51 and gives additional guidance to ISO/IEC Guides

50, 51, and 71 on more detailed practical information for carrying out risk assessment and on

basics to implement risk reduction, in order to assess risks commonly considered during all

relevant phases of the life of low voltage equipment.


This IEC Guide is intended to be applicable for TCs and SCs when they elaborate their own

safety standards for the related products, if they have decided to carry out a structured risk
assessment. This Guide can also be used when new features of a product are not covered by
existing standards.
The use of this Guide implies that safety-related standards are also taken into account when
available (see also Annex B) and using them automatically reflects the state of the art as
defined in ISO/IEC Guide 2.

---------------------- Page: 8 ----------------------
Guide 116 © IEC:2010(E) – 7 –


GUIDELINES FOR SAFETY RELATED RISK ASSESSMENT

AND RISK REDUCTION FOR LOW VOLTAGE EQUIPMENT





1 Scope


This non-mandatory IEC Guide complements ISO/IEC Guide 51 and establishes guidelines
useful for achieving safety in low voltage (LV) equipment. These guidelines include risk

assessment, in which the knowledge and experience of the design, use, incidents, accidents

and harm related to low voltage equipment are brought together in order to assess the risks

during the relevant phases of the life of the equipment, as specified in Clause 6, and to
implement the basics for risk reduction measures. This IEC guide should be used by technical
committees as far as appropriate and to the extent they decide to apply it.
This IEC Guide gives additional guidance to ISO/IEC Guide 50, 51 and 71 on the information
required to allow risk assessment to be performed. Procedures are described for identifying
hazards, estimating and evaluating risk (including comparison of risks) and risk reduction
where necessary. Risks considered in this document include possible damages to persons,
property, and livestock. It is not intended that the structure of this guide be adopted by
technical committees.
The purpose of this IEC Guide is to provide guidance for technical committees for decisions to
be made on the safety of low voltage equipment and the type of documentation required to
verify the risk assessment carried out. Components intended not to be used alone can only be
assessed insofar as the manufacturer can predict the reasonably foreseeable use.
The voltage range considered in this IEC Guide is up to 1000 V a.c. (1 500 V d.c.). Low
voltage equipment generating internal voltages higher than 1 000 V a.c. (1 500 V d.c.) are
covered, provided these voltages are not touchable (example: TV set with internal HV
cascade).
Product standards shall require that the equipment documentation include adequate
information for the safe use of equipment.
This guide does not cover components used within the electrical distribution system or within
an electrical system or machines whose risk assessment depends to a very large extent on
how they are used and incorporated in an electrical system or installation.
NOTE Protective measures to be taken by the user of a product are subject to legal requirements in many
countries, especially in the occupational health and safety framework.

This IEC Guide itself is not intended to be used for the purpose of certification. Product
committees are encouraged to include a clause in product safety standards pertaining to risk
assessment, to be used when the requirements of the standard do not fully encompass all
possible hazards with equipment within the standard’s scope. This clause should incorporate
the principles of this Guide.
2 Normative references
The following referenced documents are indispensable for the application of this document.
For dated references, only the edition cited applies. For undated references, the latest edition
of the referenced document (including any amendments) applies.
IEC Guide 104:2010, The preparation of safety publications and the use of basic safety
publications and group safety publications

---------------------- Page: 9 ----------------------
– 8 – Guide 116 © IEC:2010(E)


ISO/IEC Guide 50:2002, Safety aspects – Guidelines for child safety


NOTE Guide 50 applies in conjunction with ISO/IEC Guide 51:1999.


ISO/IEC Guide 51:1999, Safety aspects – Guidelines for their inclusion in standards


ISO/IEC Guide 71, Guidelines for standards developers to address the needs of older persons

and persons with disabilities


3 Terms and definitions


For the purposes of this document, the following terms and definitions apply.
3.1
low voltage equipment
set of electrical devices or electrical apparatuses necessary to perform a specific task such as
generation, transmission, distribution, utilisation of electric energy and with a supply or output
voltage not exceeding 1 000 V for alternating current and 1 500 V for direct current
NOTE Examples of equipment are electric power generator, electrical switchgear and controlgear assemblies,
electrical wiring systems, air conditioning units.
3.2
harm
physical injury or damage to persons, property, and livestock
[ISO/IEC Guide 51, definition 3.3, modified]
3.3
hazard
potential source of harm
NOTE The term hazard can be qualified in order to define its origin (e.g. electrical hazard, mechanical hazard) or
the nature of the potential harm (e.g. electric shock hazard, cutting hazard, toxic hazard, fire hazard).
[ISO/IEC Guide 51, definition 3.5]
3.4
hazard zone
any space within and/or around a LV equipment in which persons, or livestock can be
exposed to a hazard
3.5
hazardous event
event that can cause harm
NOTE A hazardous event can occur over a short period of time or over an extended period of time.
3.6
hazardous situation
circumstance in which persons, property and livestock or the environment are exposed to at
least one hazard. The exposure can immediately or over a period of time result in harm
[ISO/IEC Guide 51, definition 3.6, modified]
3.7
incident
past hazardous event

---------------------- Page: 10 ----------------------
Guide 116 © IEC:2010(E) – 9 –


NOTE An incident that has occurred and resulted in harm can be referred to as an accident. Whereas an incident

that has occurred and that did not result in harm can be referred to as a near miss occurrence.

3.8

intended use

use of LV equipment in accordance with the information for use provided by the supplier


[ISO/IEC Guide 51, definition 3.13, modified]


3.9

malfunction

situation for which the electrical equipment does not perform the intended function due to a

variety of reasons, including:
– variation of a property or of a dimension of the processed material or of the work piece;
– failure of one (or more) of its component parts or services;
– external disturbances (e.g. shocks, vibration, electromagnetic interference);
– design error or deficiency (e.g. software errors);
– disturbance of its power supply;
– surrounding conditions (e.g. condensation due to temperature change).
3.10
protective measure
measure intended to achieve adequate risk reduction, implemented:
– by the designer (inherent design, safeguarding and complementary protective measures,
information for use) and
– by the user (organisation: safe working procedures, supervision, training; permit-to-work
systems; provision and use of additional safeguards; use of personal protective equipment)
3.11
reasonably foreseeable misuse
use of LV equipment in a way not intended by the designer, but which may result from readily
predictable human behaviour
[ISO/IEC Guide 51, definition 3.14, modified]
3.12
residual risk
risk remaining after protective measures have been taken (see also Figure 1)
NOTE This IEC Guide distinguishes:

– the residual risk after protective measures have been taken by the designer;
– the residual risk remaining after all protective measures have been implemented by the user.
[ISO/IEC Guide 51, definition 3.9, modified]
3.13
risk
combination of the probability of occurrence of harm and the severity of that harm
[ISO/IEC Guide 51, definition 3.2]
3.14
tolerable risk
risk which is accepted in a given context based on the current values of society
[ISO/IEC Guide 51, definition 3.7]

---------------------- Page: 11 ----------------------
– 10 – Guide 116 © IEC:2010(E)


3.15

risk assessment

overall process comprising a risk analysis and a risk evaluation


[ISO/IEC Guide 51, definition 3.12]


3.16

safety

freedom from unacceptable risk

[ISO/IEC Guide 51, definition 3.1]


3.17
safety integration
application of the “3-step-methodology” (see Figure1) to reduce the residual risk of a LV
equipment below the level of tolerable risk
NOTE See A.2 for further information.
3.18
adequate protection
protection which permits to achieve the risk reduction to a tolerable level
3.19
single fault condition
condition in which there is a fault of a single protection (but not a reinforced protection) or of a
single component or a device
NOTE If a single fault condition results in one or more other fault conditions, all are considered as one single fault
condition.
[IEC Guide 104:2010, definition 3.8]
4 Basic principles
4.1 Principle of safety integration
Figure 1 shows the principle of safety integration. The minimum necessary risk reduction is
the reduction in risk that has to be achieved to meet the tolerable risk for a specific situation.
The concept of necessary risk reduction is of fundamental importance in the development of
the safety requirements for electrical equipment. The purpose of determining the tolerable risk
for a specific hazardous event is to state what is deemed reasonable with respect to both
components of risk (see 7.2 and Figure 2).

The tolerable risk will depend on many factors (for example, severity of injury, the damage to
property, the number of people exposed to danger, the frequency at which a person or people
are exposed to danger and the duration of the exposure).
In case of choices between options for different safety measures in product standards, these
standards should clearly show the principles how the manufacturers have to implement risk
assessment including safety integrations by their own thorough investigations about their
equipment. In such cases manufacturers have increased responsibility for the safety of their
products. Especially when products get more and more complex, manufacturers themselves
have the best knowledge of the specific characteristics and related contents of their own
equipment. Further the following inputs may also be considered:
– requirements from various origins, both general and those directly relevant to the specific
application;
– guidelines from various origins;

---------------------- Page: 12 ----------------------
Guide 116 © IEC:2010(E) – 11 –


– discussions and agreements with the different parties involved in the application;

– international discussions and agreements; the role of national and international standards

are becoming increasingly important in arriving at tolerable risk criteria for applications;


– industry standards and guidelines;

– independent industrial, expert and scientific advice from advisory bodies;

– current values defined by all involved stakeholders.






Tolerable risk
Safe
Unsafe
st
1 step:
inherent
safety measures
nd
2 step:
technical
safety measures
residual
risk
rd
3 step:
information
for use
Necessary
Actual
risk reduction
risk reduction
Risk

IEC  1967/10
NOTE Sometimes it is possible that tolerable risk is already achieved by applying step 1 or steps 1 and 2.
Figure 1 – Principle of safety integration
4.2 Basic concepts
Safety-related risk assessment is a series of logical steps which starts with the determination
of the limits of the LV equipment (see Clause 5) The next step entails, in a systematic way,
the examination of the hazards associated with LV equipment (see Clause 6). After a
subsequent risk estimation (see Clause 7) and risk evaluation and/or risk comparison (see
Clause 8), risk assessment is followed, whenever necessary, by risk reduction (see Clause 9).
When this process is repeated, it gives the iterative process for eliminating hazards as far as
practicable and for implementing protective measures.
Risk assessment includes (see Figure 2):
a) risk analysis,
1) determination of the limits of the LV equipment (see Clause 5);
2) hazard identification (see Clause 6);

---------------------- Page: 13 ----------------------
– 12 – Guide 116 © IEC:2010(E)


3) risk estimation (see Clause 7);

b) risk evaluation / risk comparison (see Clause 8).


Risk analysis provides the information required for the risk evaluation which in turn allows

judgments to be made on the safety of the LV equipment.


Risk assessment relies on judgmental decisions. These decisions shall be supported by

qualitative methods complemented, as far as possible, by quantitative methods. Quantitative

methods can be appropriate when the potential severity and extent of harm are high and

resources or data permit. Quantitative methods are useful to assess alternative protective

measures and to determine what gives better protection.

NOTE The application of quantitative methods is restricted by the amount of useful data which is available and in
many applications only qualitative risk assessment will be possible.
The risk assessment shall be conducted in such a way that it is possible to document the
procedure that has been followed and the results that have been achieved (see Clause 9).
Risk assessment determines whether risk reduction is required. Guidance on how to do risk
reduction is given in Clause 9.

---------------------- Page: 14 ----------------------
Guide 116 © IEC:2010(E) – 13 –







Start



Definition of the limits
of the LV equipment
incl. intended use and

reasonably
foreseeable misuse
see Clause 5

Risk
analysis
Hazard identification
see Clause 6
Risk estimation
see Clause 7
Risk reduction
see Clause 9 Risk assessment
Risk evaluation/
risk comparison
see Clause 8
Is tolerable
risk
No
achieved ?
Yes
Safety achieved
IEC  1968/10

NOTE The process of risk assessment on LV equipment should be implemented as follows:
– identify the appropriate scope and target users of the LV equipment (see Clause 5);
– identify the intended use and reasonably foreseeable misuse of the LV equipment (see Clause 5);
– identify the hazards during each life cycle stage of the LV equipment such as design, manufacture, installation,

maintenance, repair and disposal (see Clause 6);
– estimate the risks caused by each identified hazard (see Clause 7);
– evaluate the risks caused by identified hazards (see Clause 8);
– if the results of the risk assessment on the LV equipment show that the residual risk is at a tolerable level, no
further action is needed (see Clause 8);
– if the residual risk is not tolerable, risk reduction has to be implemented (see Clause 9);
– the loop is repeated until the residual risk is reduced to a tolerable level.
Figure 2 – Iterative process of risk assessment and risk reduction

---------------------- Page: 15 ----------------------
– 14 – Guide 116 © IEC:2010(E)


4.3 Information for risk assessment

4.3.1 General


The information needed for risk assessment and any qualitative and quantitative analysis

should include the following:

a) limits of the LV equipment (See Clause 5);

b) description of the various phases of the whole life cycle of the LV equipment (e.g.

transport, assembly and installation, commissioning and use);

c) design drawings or other means of establishing the nature of the LV equipment;

d) any accident, incid
...