Documents or other media which describe process or establish criteria shall be adequately prepared, reviewed, approved, issued, distributed, authorized and, as required, validated.

In the same way, records reflecting the fulfilment of quality requirements shall be specified, prepared, reviewed, approved and maintained in good condition for an established period of time. Both documents and records should be adequately stored for predefined periods of time.

21.1.3 Work management

Work shall be planned and performed in accordance with established requirements and administrative controls, and using approved documents that are periodically reviewed.

Important elements to be considered in a work management process are the following: [112]

The main objective of the commissioning period is to demonstrate that the nuclear power plant has been constructed and functions according to the design intent and therefore the operation stage may start. An adequately established and implemented quality assurance programme will provide confidence of the fulfilment of such goal.

Commissioning is specifically considered in Chapter 22 so that the items covered in the previous and the following paragraphs are considered in a much broader sense, not only from the quality assurance point of view.

The IAEA has established internationally accepted criteria and practices on quality assurance in commissioning (IAEA, 1996c).

The initial design and the subsequent changes shall be carried out in accor­dance with established codes, standards, requirements and design bases.

The adequacy of design shall be verified and validated, before the imple­mentation, by additional individuals or groups. Design changes should be justified and submitted to controls commensurate with the original design.

21.1.4 Procurement

Suppliers shall be evaluated and selected on the basis of specified criteria and periodically assessed. The procured items or services shall meet estab­lished requirements.

Suppliers of services acting on site should be subject to control and supervision commensurate with the safety relevance of the task performed.

If decommissioning is not considered, operation is the last and longest stage of a nuclear project. The technical aspects of decommissioning are consid­ered in Chapter 24.

In this period, the quality assurance programme must retain criteria applied in previous stages, because design, construction and commissioning are still present to a lesser extent but with the same relevance. Additionally, the programme must have an operational focus to consider the three basic facts that characterize the nuclear generation of electricity:

• The large amount of energy stored in the reactor

• The necessity of removing the reactor’s residual heat for a long period of time

• The manipulation of radioactive products.

Safe and reliable operation of a nuclear power plant cannot be achieved without a sound quality assurance programme adequately established and implemented.

The IAEA has established internationally accepted criteria and practices on quality assurance in operation (IAEA, 1996d).

Inspection and testing activities shall be performed under administrative controls and specified criteria. More specifically, it is necessary to establish a methodology to identify those works that require inspection or testing and the technique to be applied.

21.1.5 Assessment

The adequacy and effectiveness of the quality assurance programme shall be assessed at different scopes, levels and frequencies. More specifically, management at all levels shall regularly assess the processes for which it is responsible, in order to determine its effectiveness and identify and correct those weaknesses and barriers that hinder the achievement of quality objec­tives. Additionally, audits, reviews, checks and other methods of assessment, performed by personnel not involved in the work being assessed, shall be conducted on behalf of management in order to promote improvement.

Design is the first stage of a nuclear project in which quality assurance has to be applied within the context of this chapter. The correct application, from the beginning, of the quality assurance principles will provide ade­quate confidence that all criteria, regulations, codes and standards have been taken into account and incorporated in the design process of safety — related systems, structures and components. This will prevent deviations, with consequences that could require difficult and expensive corrective actions, and will be the basis for safer, more reliable and efficient phases of construction, commissioning and operation.

The IAEA has established internationally accepted criteria and practices on quality assurance in design (IAEA, 1996a).

21.1.6 General considerations

The design stage of a nuclear power plant overlaps the construction stage. The responsible organization may establish separate organizations for these stages or combine them under one organization. In any case, the responsi­bilities and interfaces shall be clearly defined and the status of the plant established.

The design changes during all subsequent phases must be, at least, devel­oped and implemented in accordance with the same criteria.

Additionally to the criteria identified in Section 21.3, the programme should consider aspects such as organization, interfaces, procedures, grading and human factors. In the following, some guidance on such aspects is provided.

In the area of organization and during all stages of a nuclear project, one of the more important aspects of the design control is the establishment of a single design authority. The design authority, also known as the principal designer, is the organization responsible for:

• Establishing the design requirements

• Control of interfaces

• Technical adequacy of the design process

• Ensuring that design output documents accurately reflect the design basis

• Approval of design products.

These responsibilities are applicable whether the process is conducted fully in-house, partially contracted to outside organizations, or fully contracted to outside organizations.

As for interfaces, necessary arrangements shall be established between the principal designer and the organizations involved in commissioning and operating activities. The control should be performed through workflows of information, communication channels, distribution of responsibilities and mechanisms for the resolution of problems and discrepancies.

Procedures, adequately prepared, reviewed and approved, shall define design activities such as:

• Planning

• Calculation

• Verification and validation

• Control of inputs and outputs

• Review and analysis

• Configuration control.

The application of specific quality assurance requirements may be graded considering their significance to nuclear safety. To establish the necessary grading of an item, service or process, the individual responsible should be guided through a series of questions, adapted to the case, to enable them to determine the significance, the hazards and the magnitude of the poten­tial impact and the possible consequences in case of failure. Some examples of design activities that could be graded are the following:

• The need for and level of review and approval

• The degree of verification

• The retention time for design records

• The degree of verification and test.

Finally, the human factor shall be considered, in terms of providing a safety-conscious and stress-free work environment, so that it allows the work to be performed in safe and satisfactory conditions.

The design process has types of activities whose specificities must be taken into account in the quality assurance system. The basic activities in the design process are the following:

• Planning

• Inputs and requirements

• Verification and validation

• Change control and outputs.

Planning

In the area of planning, every organization involved in design should plan the activities at the earliest opportunity, according to their scope, and in a chronological and documented way. The plans should include, where appro­priate, the following:

• Scope of work

• Schedule of activities

• Inputs from disciplines such as safety, reliability, human factors and standardization

• Design methods

• Requirements (software, tests)

• Verification and validation activities

• Training requirements

• Controls and assessments.

Inputs and requirements

As for design inputs, procedures should be established in order to ensure that data and their modifications are adequately identified, documented, approved and controlled. Procedures should assure that data have enough detail to allow the development of the associated activities. Examples of design inputs are the following:

• Functional and performance requirements

• Applicable codes, regulations and standards

• Technical parameters such as pressure and temperature, among others

• Physical requirements such as mechanical, chemistry, electrical and structural, among others

• Requirements to prevent undue risk to the health and safety of the public

• Maintenance, reliability and test requirements

• Experience feedback

• Probabilistic safety analysis

• Human error prevention

• Interface requirements.

Analysis of design criteria should be performed in order to confirm or clarify the design basis parameters. The analysis, addressing the general criteria specified for the project, should be sufficiently detailed and docu­mented to enable assessment by qualified personnel other than those who carried out the analysis.

The example of the United Kingdom, with one of the oldest nuclear licens­ing authorities, is relevant because radiation risks have not been singled out from the many other risks to which workers, the public and the environment are subjected.

The main legislation for governing the safety of nuclear installations in the UK consists of the Health and Safety at Work Act of 1974 (HSW Act), the Nuclear Installations Act 1965 (NIA65) and the Ionizing Radiation Regulations 1999 (IRR99). The organizational scheme is peculiar in the sense that radiation protection is embedded into the protection of health and safety of workers and members of the public against all types of aggres­sions, while in most other countries radiation is singled out as a very distinct and rather hazardous agent.

Within this context, the UK has created a chain of institutions. The Health and Safety Commission (HSC) was established by the HSW Act. Its primary function is to make arrangements to secure the health, safety and welfare of persons at work, and the public, in the way that undertakings are conducted. This includes proposing new laws and standards, conducting research, providing information and advice. The Health and Safety Executive (HSE) is the corporate body appointed to enforce health and safety law under the general direction of the HSC. The HSE is the licensing authority for nuclear installations and regulates the design, construction, operation and decommissioning of any nuclear installation for which a nuclear site license is required under the Nuclear Installations Act. Such installations include nuclear power stations. The Nuclear Safety Directorate (NSD) is a directorate within the HSE. Its mission is to secure effective control of health, safety and radioactive waste management at nuclear sites for the protection of the public and workers, and to further public confi­dence in the nuclear regulatory system. The Nuclear Installations Inspectorate (NII) forms the major part of the NSD. It is to the NII that the day-to-day exercise of the HSE’s licensing function is delegated. The

Government has announced its intention to create a more integrated, focused, independent and accountable nuclear regulatory body. The pro­posal is to create an Office for Nuclear Regulation (ONR) as a stand-alone statutory corporation outside the HSE.

Any organization that proposes a nuclear installation falling within the scope of NIA65 must apply for a nuclear site license. NIA65 also states that a license can be granted only to a corporate body and that it is not transfer­able. It follows that the licensee must be a company, which is also a user of the site. It is important that no doubt exists about the identity of the cor­porate body, which has legal responsibility for the safe operation of an installation and absolute liability for injury to persons or damage to prop­erty. Where a new site is to be licensed or where an existing site is to be used for additional activities, the applicant must submit a safety case[111] to the HSE for assessment. That submission must include:

• A reference design (an initial statement of design and the safety criteria to be applied)

• A preliminary safety report (intended to show, in principle, the means by which the reference design can meet the applicant’s safety criteria)

• A preconstruction safety report (a more comprehensive statement on safety analysis)

• Proposal for research and development work in support of the safety case

• Proposals for quality assurance (the means for ensuring that design, manufacture, inspection and construction are carried out reliably to the required standard)

• A contract design (the design intended for construction).

Under the UK licensing process, an operator must obtain a number of permissions before construction or operation of any nuclear installation, including nuclear power stations. The whole process starts with a generic design assessment (GDA), which allows a new power station design to be assessed before an application is made for the permissions required to build that design at a particular site. This allows early resolution of design issues arising from the assessment to be taken into account. Guidance has been provided by the HSE on how to handle the GDA (HSE, 2007a, 2007b, 2008a, 2008b).

Requests for a GDA normally originate from a reactor vendor. However, requests may also be initiated by vendor-operator partnerships. Con­sequently, the term ‘Requesting Party’ is used to identify the organization seeking the GDA and to distinguish it from a nuclear site license applicant. The regulators consider that it is important for potential site operators/ licensees to be engaged in the GDA process, as ultimately they will be required to demonstrate sufficient knowledge of the design before receiving permission to construct and operate a nuclear power station. The operator may also wish to be part of the design process to allow the design to be adapted to its particular needs. The generic design assessment process, referred to as ‘Phase 1’ in the HSE manuals, is in four stages and takes approximately 3.5 years to complete.

Design verification is a process that aims to get a reasonable assurance that the design developed fulfils all the applicable requirements, including those related to inputs, planning, design execution and control of interfaces.

Verification is performed using one or more methodologies, applied by a person or group different from that which carried out the design to be veri­fied. Those people will have enough access to all necessary information to perform the task.

The required verification shall be performed before the affected docu­ments are issued for purchasing, fabrication, erection or transmission to another organization in order to be used in additional design activities. When criteria cannot be reasonably fulfilled, the unverified part will be identified and controlled; in any case, the verification will be finished before the element acceptance.

The scope of the design verification depends on the safety significance of the affected element, the design complexity, the degree of normalization, the technological development status and the experience with similar previ­ous designs.

Once a design has been submitted to a design verification process, it is not necessary to repeat it for identical designs. However, the applicability of normalized or previously approved designs, against the input data and requirements, will be verified. Additionally and if it exists, the experi­ence feedback on normalized or previously approved designs shall be considered.

The original design and the verification activities shall be documented and traced in the records, allowing subsequent supervisions or audits on the applied methodology.

There are three methodologies to perform design verifications:

• Design review

• Alternative calculations

• Qualification tests.

In the following paragraphs the previous methodologies and validation will be described.

In order to analyse the technical manpower required in the development of a nuclear programme, it is convenient to divide it into three primary categories: professionals, technicians and craftsmen.

Professionals

This refers to all managerial and technical personnel whose normal minimum formal educational requirement is a Bachelor of Science (B. Sc.) degree or equivalent from a recognized or accredited institution of higher learning (i. e. university or college).

Professionals are obviously the primary component of the manpower required to plan and supervise the implementation of, and assume respon­sibility for, all activities within the nuclear power programme. They also require the longest lead times for their development.

Many activities that involve professionals need a relatively high number of mechanical and chemical engineers. This is to be expected in a technology involving power plants with large high-technology equipment requirements and a fuel cycle with complex chemical processes. The level of educational requirements of professional manpower for the main activities involved in a nuclear power programme requires different specialities, such as:

• Master of Science (M. Sc.) / B. Sc. in engineering with the following:

— Nuclear engineering

— Power plant engineering

— Mechanical engineering

— Electrical engineering

— Electronics engineering

— Chemical engineering

— Civil engineering

• M. Sc. / B. Sc. in metallurgy, physics and chemistry

• B. Sc. in geology, hydrology, meteorology, ecology, biology and seismol­ogy and environmental sciences

• Computer programming technician

• Bachelor of Arts (B. A.) in economics and business administration

• Master of Arts (M. A.) in law

• M. A. in commerce

• Accountants

• B. A. in journalism.