Sellafield Ltd

Sellafield + Sword GRC

How Sellafield has complete visibility of their risks across the business with a one-stop-shop for business risks and an escalation engine ready to go when needed


Nuclear Power


United Kingdom



The Background

Sellafield Ltd is the company responsible for safely delivering decommissioning, reprocessing and nuclear waste management activities on the Sellafield nuclear site in West Cumbria, England on behalf of the Nuclear Decommissioning Authority (NDA). Sellafield Ltd is a wholly owned subsidiary of Nuclear Management Partners (NMP) a consortium of American company URS, British company AMEC and French company Areva.

Safe secure site stewardship reducing risk

Currently, the NDA invests more than £1.7bn of their budget to fund the critical work at Sellafield every year.

As the holder of the nuclear site licence Sellafield Ltd’s mission is to deliver safe, secure site stewardship whilst demonstrating value for money and urgency in the reduction of risks and hazards posed by Sellafield’s historic facilities and wastes. Sellafield is home to some of the most challenging and unique nuclear decommissioning programmes anywhere in the world and Sellafield Ltd’s focus is to safely accelerate the clean up of these legacy facilities.

Gary Williams, Risk Systems Manager at Sellafield Ltd explains: “The work breakdown structure at Sellafield covers all aspects of site operations which are, setting site strategy, programme management and operations. At the operations level, the work is highly varied and includes cleaning up legacy facilities, major decommissioning and new build projects, managing existing commercial operations (such as reprocessing of spent nuclear fuel), managing site infrastructure and standard business operations such as health and safety, human resources, IT, and security. All these different operations have associated risks and many have critical and crucial interdependencies.”

Active Risk Manager provides us with a one-stop shop for business risks – risks can be escalated if a manager thinks it necessary and it will appear on the appropriate risk register, with dependencies highlighted. This gives us total visibility of risks across the business.

Gary Williams, Risk Systems Manager, Sellafield Ltd.

An enterprise-wide approach to risk

One of the key requirements for Sellafield’s success was the business driver behind the company adopting a single risk management system across all the site operations. Following a review of many risk management systems, including those developed inhouse, Sellafield procured Active Risk Manager (ARM) from Sword GRC as a central repository for all risk related information.

Williams continues; “We had an array of risk management systems – from databases developed locally, professional ones, electronic spreadsheets or simply hard copies. Many of these systems required significant manual intervention to interface with one another, so we needed to find a solution that could pull all risk information together to provide a joined up, organisation-wide view of risk.

“Using ARM we realised that we could cover every aspect of the work breakdown structure across the business, from the highest strategic risks to operational tasks, and we could use ARM’s functionality to indicate the crucial interdependencies across the organization.”

ARM is used to manage risk for every aspect of operations. All risks on day to day operations, projects and infrastructure, and asset care are recorded and monitored using ARM.

Consistent approach to risk across the organisation

As well as the business benefit of greater visibility of risk, adopting ARM has enabled Sellafield Ltd to achieve its goal of adopting a single risk management approach across the organization, supporting a more consistent approach to risk management.

Sellafield has fifteen scoring schemes defined in ARM, allowing risks to be assessed relative to the scope to which risks are identified. Each risk has a risk owner, with risk responses assigned by name and dates by which the responses need to be completed. Use of e-mail alerts is also being piloted covering risk and responses.

The new report developer with ARM, Risk Performance Manager (RPM), has been recently adopted by the Sellafield risk team. To date over half of the risk management practitioners have been trained, with plans to roll it out to all ARM users.

“We expect to see the benefits of producing reports more easily with RPM. An important part of our process is to provide consistent monthly status reports which we can design and produce with the click of a button,” said Williams.

Want to save this for later?

Download the case study.