ALARP (As Low As Reasonably Practicable) is a risk management principle requiring that risks be reduced to the lowest level that is reasonably practicable. This page covers what ALARP means in practice and how to implement it for ocean operations.

Why This Exists

ALARP is a legal requirement in many jurisdictions and a best practice in others. It provides a framework for making risk decisions that balances risk reduction with practical constraints. Understanding ALARP is essential for regulatory compliance and defensible risk management.

Who This Is For

  • Safety officers implementing risk management
  • Operations managers making risk decisions
  • Regulators reviewing risk assessments
  • Auditors verifying ALARP compliance
  • Legal counsel defending risk decisions

ALARP Definition

ALARP means reducing risk to the lowest level that is:

  • Technically feasible — Can it be done with available technology?
  • Economically reasonable — Is the cost justified by the risk reduction?
  • Operationally practical — Can it be implemented in practice?

Key point: ALARP is not zero risk. It is the lowest risk that is reasonably practicable given constraints.

ALARP Assessment Process

Step 1: Identify All Reasonably Practicable Controls

For each identified risk, identify all controls that could reasonably be implemented:

  • Elimination — Can the hazard be eliminated?
  • Substitution — Can a less hazardous approach be used?
  • Engineering controls — Can equipment or systems reduce risk?
  • Administrative controls — Can procedures, training, or supervision reduce risk?
  • Personal protective equipment — What PPE is available?

What can go wrong: Controls not identified, controls dismissed without assessment, impractical controls included. Assessment must be thorough and realistic.

Step 2: Assess Cost vs. Risk Reduction

For each control, assess:

  • Risk reduction — How much does this control reduce risk? (quantified where possible)
  • Implementation cost — What does it cost to implement? (capital, operational, maintenance)
  • Cost-effectiveness — Is the cost justified by the risk reduction?

Operational reality: Cost includes not just money, but also operational complexity, maintenance burden, and other practical constraints.

Step 3: Implement Controls Where Justified

Implement controls where:

  • Risk reduction is significant — Control meaningfully reduces risk
  • Cost is reasonable — Cost is justified by risk reduction
  • Implementation is practical — Control can be implemented in practice

What can go wrong: Controls not implemented despite justification, controls implemented without justification, implementation incomplete. Decisions must be documented.

Step 4: Document Decisions

For each control decision, document:

  • Control description — What control was considered?
  • Risk reduction — How much risk reduction would it provide?
  • Implementation cost — What would it cost to implement?
  • Decision — Implement or not implement, and why
  • Decision authority — Who made the decision?

Legal requirement: ALARP decisions must be documented and defensible. Undocumented decisions create legal and regulatory risk.

ALARP Zones

Intolerable Risk

Risk that is unacceptable regardless of cost:

  • Must be reduced — Risk must be reduced below intolerable level
  • No cost-benefit analysis — Cost is not a factor; risk must be reduced
  • Regulatory intervention — Regulators may prohibit operations if risk is intolerable

Operational reality: Intolerable risk is rare but serious. Operations with intolerable risk should not proceed.

ALARP Zone

Risk that is tolerable but should be reduced:

  • Must demonstrate ALARP — Must show that risk is ALARP
  • Cost-benefit analysis — Cost vs. risk reduction must be assessed
  • Documentation required — Decisions must be documented

Most operations fall here: Most operational risks are in the ALARP zone, requiring assessment and documentation.

Broadly Acceptable Risk

Risk that is so low that further reduction is not required:

  • No further action — No need to reduce risk further
  • No documentation required — May not require detailed documentation
  • Rare in practice — Most operational risks are not broadly acceptable

Operational reality: Broadly acceptable risk is rare in commercial diving and subsea operations.

Practical Implementation

Risk Assessment

Start with thorough risk assessment:

  • Identify hazards — All significant hazards must be identified
  • Assess risk — Quantify risk where possible, qualitatively where not
  • Compare to criteria — Compare risk to intolerable and broadly acceptable criteria

What can go wrong: Hazards not identified, risk underestimated, criteria not applied correctly. Risk assessment must be thorough.

Control Identification

Identify all reasonably practicable controls:

  • Brainstorm controls — Consider all possible controls
  • Assess feasibility — Determine which controls are technically feasible
  • Assess practicality — Determine which controls are operationally practical

Operational reality: Control identification requires experience and creativity. External expertise may be needed.

Cost-Benefit Analysis

Assess cost vs. risk reduction:

  • Quantify risk reduction — How much does control reduce risk? (where possible)
  • Quantify cost — What does control cost? (capital, operational, maintenance)
  • Compare — Is cost justified by risk reduction?

What can go wrong: Risk reduction overestimated, cost underestimated, comparison not done. Analysis must be realistic and documented.

Decision Making

Make and document decisions:

  • Decision authority — Who has authority to make ALARP decisions?
  • Decision process — What process is used to make decisions?
  • Documentation — How are decisions documented?

Responsibility: Management typically has decision authority. Decisions must be documented and defensible.

Common Pitfalls

“We Can’t Afford It”

Cost alone is not sufficient reason to not implement a control:

  • Must assess — Cost must be assessed against risk reduction
  • Must justify — Decision not to implement must be justified
  • Must document — Justification must be documented

What can go wrong: Controls dismissed based on cost without assessment, decisions not documented. Cost is a factor, but not the only factor.

“It’s Too Complex”

Complexity alone is not sufficient reason:

  • Must assess — Complexity must be assessed against risk reduction
  • Must consider alternatives — Simpler alternatives may exist
  • Must document — Decision must be documented

Operational reality: Complexity is a valid constraint, but must be assessed, not assumed.

“We’ve Always Done It This Way”

Tradition is not justification:

  • Must assess — Existing practices must be assessed against ALARP
  • Must improve — If better practices exist, they should be considered
  • Must document — Decision to continue existing practice must be documented

What can go wrong: Existing practices not assessed, better practices not considered, status quo assumed acceptable. ALARP requires continuous improvement.

Regulatory Considerations

ALARP may be a legal requirement:

  • UK regulations — ALARP is a legal requirement under UK health and safety law
  • Other jurisdictions — Similar requirements may exist in other jurisdictions
  • Industry standards — IMCA, DNV, and other standards may require ALARP

Responsibility: Operators must comply with legal requirements. Non-compliance creates legal risk.

Regulatory Review

Regulators may review ALARP assessments:

  • Documentation review — Regulators may review ALARP documentation
  • Decision challenge — Regulators may challenge ALARP decisions
  • Enforcement — Non-compliance may result in enforcement action

Audit-worthiness: ALARP documentation must be suitable for regulatory review. Inadequate documentation creates regulatory risk.