Exposure Zone Management

Exposure zones shall be defined by the exposure condition and access rule, not by color or terminology alone. Dropped objects, moving equipment, suspended loads, stored energy, and related line-of-fire sources are hazards. Exposure Zone Management focuses on preventing personnel from being exposed to those hazards.

Local names and color codes may vary, but the exposure condition, access rule, Area Authority or local equivalent, required controls, and trigger for change shall be clear.

Work should be designed to eliminate or reduce the need for personnel to enter exposure zones before relying on permission, supervision, or monitoring. Where entry cannot reasonably be avoided, the remaining exposure should be recognized, controlled, authorized at the appropriate level, time-limited where practicable, and reviewed for improvement.

Entry into an exposure zone shall be intentional. Personnel entering an exposure zone shall be required for the current task, authorized by the Area Authority or local equivalent, aware of the exposure condition and access rule, and subject to the controls defined for the work.

Access should be limited to the people, location, and time necessary to complete the task.

Exposure may change as work conditions change. Exposure zones may expand, contract, change access status, or change exposure risk level with task phase, equipment state, load path, pressure, stored energy, weather, visibility, simultaneous activity, temporary work, or abnormal conditions.

Organizations should define how such changes are identified, communicated, controlled, and removed when no longer valid.

Repeated entry into exposure zones should be made visible and reviewed as a potential improvement opportunity. Where personnel repeatedly enter exposure zones for the same task, the organization should consider whether the task can be redesigned, resequenced, mechanized, remotely performed, or otherwise changed to reduce the frequency, duration, number of people exposed, or exposure risk level.

Automated monitoring, AI, cameras, geofencing, alarms, proximity detection, or other technologies may support Exposure Zone Management by improving awareness, alerting, assurance, measurement, and learning. Such systems shall not be treated as permission to keep personnel exposed where the work can reasonably be designed or controlled to avoid exposure.

Where automated monitoring or HMI systems are used, their function, limitations, response expectations, degraded modes, and assurance requirements should be defined.

Where an exposure zone created by a task, equipment state, load path, work activity, environmental condition, or other operation may affect another party, task, crew, asset, or activity, the interface shall be identified, communicated, and controlled.

The applicable access rule, Area Authority or local equivalent, communication method, handover requirement, and stop-work authority should be explicit.

Exposure data should be used to improve work design, strengthen controls, and reduce exposure before harm occurs. Organizations should measure exposure entries, exposure time, and exposure risk level where practicable.

Exposure metrics shall be used for learning and improvement and shall not be used in a way that discourages reporting, conceals necessary work, or incentivizes under-reporting.

An area or work envelope where a person may be exposed to dropped objects, moving equipment, suspended loads, stored energy, or related line-of-fire hazards.

Designing and controlling work so people are kept out of areas where they could be struck, trapped, crushed, or otherwise harmed by dropped objects, moving equipment, suspended loads, or stored energy.

An exposure zone where personnel are not permitted to enter while the hazard or exposure condition is present or active, except under emergency response or other exceptional arrangements defined by the organization.

An exposure zone where entry is limited to personnel who are required for the work, authorized by the Area Authority or local equivalent, and subject to defined access rules and controls.

A common industry term used by some organizations for a high-risk exposure zone, restricted access area, or exclusion area. In these Recommended Guidelines, the term Red Zone is treated as local terminology that should be translated into a defined exposure condition, access rule, Area Authority, and required controls.

The area where a dropped object could reasonably fall, land, deflect, bounce, roll, swing, or otherwise travel, based on the object, height, work activity, environment, and surrounding structures.

An exposure zone whose boundary, access rule, or exposure risk level changes with task phase, equipment position, load path, pressure, stored energy, environmental conditions, simultaneous activities, or abnormal conditions.

A classification used to describe the relative severity, activity, or control condition of an exposure zone or task phase, so that exposure can be prioritized, controlled, and measured according to risk.

Known recurring work where personnel are required to enter an exposure zone as part of the current work method, and where the exposure is identified, controlled, supervised, measured, and targeted for reduction where practicable.

A task-specific, non-routine, abnormal, or emergent entry into an exposure zone that requires deliberate authorization before entry.

The person assigned responsibility for controlling access to an exposure zone and ensuring that the exposure condition, access rule, and required controls remain valid for the work being performed.

Organizations may use terms such as Zone Owner, Area Owner, Responsible Supervisor, or Person in Charge. The local term is less important than clear assignment of responsibility.

An instance where a person enters an exposure zone while the relevant exposure condition is present or active.

The duration a person remains inside an exposure zone while the relevant exposure condition is present or active, usually measured as person-time.

Exposure created or changed by a task, equipment state, load path, work activity, environmental condition, or other operation that may affect another party, task, crew, asset, or activity.

The use of sensors, cameras, positioning systems, AI, analytics, alarms, or other automated or digital tools to detect, indicate, record, or communicate exposure zone status, personnel presence, access rule breaches, or changing work conditions.

The displays, controls, alarms, software, hardware, and interaction arrangements through which personnel receive information from, interact with, or control equipment, automated monitoring systems, or control systems.

Exposure zones shall be identified before work begins, and reviewed when work conditions change. Identification should consider fixed areas, temporary work areas, task-based exposure envelopes, equipment movement, load path, dropped object potential, pressure, stored energy, environmental conditions, and simultaneous or interface activities.

Exposure zones should be classified according to the exposure condition and risk level. Classification should consider the potential consequence, activity state, energy state, control status, task phase, and likelihood that personnel may enter or be affected.

Organizations may use the example Exposure Risk Level scale in these Recommended Guidelines or adapt an equivalent scale to suit local operations.

Before relying on access control, the work should be planned to eliminate or reduce the need for personnel to enter the exposure zone. This may include changing the work sequence, relocating standard work positions, using remote observation, changing the equipment state, improving tooling, using mechanization or automation, reducing the number of personnel required, or reducing the duration of entry.

Each exposure zone shall have a defined access rule, Area Authority or local equivalent, and controls appropriate to the exposure condition and risk level. Controls may include No-Entry requirements, Restricted Access requirements, barriers, signage, maps, communication arrangements, supervision, temporary controls, or other measures defined by the organization.

Any remaining exposure shall be authorized at the appropriate level. Planned Repeated Exposure may be authorized through the approved work method, procedure, JSA/JHA, competence requirements, and supervision arrangements. Controlled Exposure Entry should be authorized before the specific entry occurs.

Authorization should confirm that entry is necessary, the remaining exposure is understood, the required controls are in place, stop conditions are defined, and the entry will end when the task is complete or the exposure condition changes.

The exposure condition should be monitored during the work. Monitoring may be by the Area Authority, supervisor, work team, spotter, automated monitoring system, or other means defined by the organization.

Monitoring should confirm that the exposure condition, access rule, and controls remain valid. Where conditions change, the exposure zone should be reassessed, communicated, and controlled before work continues.

Organizations should measure exposure entries and exposure time where practicable. Exposure data should be classified or reviewed by exposure risk level so that high-risk exposure and repeated exposure are visible.

Measurement may be manual, observational, permit-based, procedure-based, or supported by automated monitoring. Where automated monitoring is used, data quality, limitations, and response expectations should be defined.

Exposure data, field observations, incidents, near misses, assurance findings, and repeated entry patterns should be reviewed to identify opportunities to improve work design and controls.

Improvement actions should prioritize high-risk exposure, recurring exposure, degraded controls, and tasks where personnel continue to enter exposure zones because the work method has been normalized around their presence.

Exposure Zone Management should consider both physical areas and task-based exposure envelopes.

Physical areas may include decks, work platforms, access routes, laydown areas, drill floors, workshops, crane operating areas, maintenance areas, or other locations where personnel may be exposed.

Task-based exposure envelopes may be temporary or dynamic. They may be created by load movement, equipment movement, pressure testing, working at height, tubular handling, stored energy, dropped object potential, or other work activities that create exposure only during certain task phases.

Exposure zones shall be classified in a way that identifies the exposure condition and the access rule. The classification should indicate whether the zone is No-Entry, Restricted Access, locally defined as a Red Zone, or otherwise controlled under the organization's terminology.

Where exposure varies by task phase or operating condition, the classification should identify the conditions that activate, change, or remove the exposure zone.

Classification should consider:

• what hazard or activity creates the exposure;
• when the exposure is present or active;
• who may be exposed;
• what access rule applies;
• who is the Area Authority or local equivalent;
• what controls are required;
• what conditions trigger a change in the zone;
• what conditions allow the zone or restriction to be removed.

Organizations should classify or review exposure zones by exposure risk level where practicable. Exposure risk levels should help distinguish lower-risk exposure from higher-risk exposure so that work planning, authorization, monitoring, and improvement targets are proportionate to the risk.

The five-level Exposure Risk Level scale in these Recommended Guidelines may be adopted or adapted by organizations to suit their local operations.

Exposure zone identification and classification should be reviewed when:

• the work scope changes;
• equipment, layout, or work methods change;
• temporary work creates new exposure;
• environmental conditions change the exposure;
• simultaneous activities overlap;
• automated monitoring or control systems are introduced or changed;
• incidents, near misses, observations, or exposure metrics indicate that exposure is not being adequately controlled.

When identifying and classifying exposure zones, the work team should be able to answer:

• What can harm a person?
• Where could the person be exposed?
• When does the exposure become active?
• What changes the boundary, access rule, or exposure risk level?
• Who controls the exposure zone?
• What must happen before personnel may enter?
• What conditions require the work to stop or the zone to be reclassified?

Standard work positions should be located outside exposure zones wherever practicable. Where the task requires personnel to observe, operate, signal, communicate, inspect, or intervene, the planning process should consider whether the work position can be relocated, protected, or supported by remote observation or communication methods.

Where personnel are required to enter an exposure zone, the equipment state and energy state should be considered before entry is allowed. This may include stopping movement, lowering or securing loads, depressurizing, isolating, inhibiting restart, confirming stable conditions, or otherwise reducing the active exposure condition.

Where equipment remains energized, moving, suspended, pressurized, or otherwise active during entry, the remaining exposure should be clearly identified and controlled through Planned Repeated Exposure or Controlled Exposure Entry.

Planned Repeated Exposure should be reviewed as an improvement opportunity. Repeated exposure may be necessary in the current work method, particularly in manual or less automated operations, but it should not become invisible. Repeated exposure should be measured where practicable and reviewed for opportunities to redesign, resequence, mechanize, automate, or otherwise reduce exposure.

The following practice expectations should be used to support implementation:

• Minimum expectation: exposure is recognized, controlled, authorized, and supervised.
• Improving practice: repeated exposure is challenged and reduced in frequency, duration, and number of people exposed.
• Leading practice: work is redesigned so routine exposure is eliminated where practicable, and remaining exposure is exceptional, visible, and reviewed.

No-Entry Zones shall prohibit personnel entry while the hazard or exposure condition is present or active, except under emergency response or other exceptional arrangements defined by the organization.

No-Entry Zones should be used where the exposure condition is such that personnel should not be present during the activity. Examples may include active overhead work, suspended load paths, pressure or stored-energy operations, moving equipment envelopes, dropped object exposure areas, or other conditions where the organization has determined that entry is not permitted while the exposure is active.

Controls for No-Entry Zones should be appropriate to the exposure risk level, duration, and operating context. These may include physical barriers, locked or hard barriers where practicable, signage, access-point control, announcements, permit conditions, supervision, automated monitoring, or other controls defined by the organization.

Emergency access and egress shall be considered when No-Entry Zones are established. Emergency egress must not be impeded.

A Restricted Access Zone shall limit entry to personnel who are required for the work, authorized by the Area Authority or local equivalent, and subject to defined controls.

A Restricted Access Zone is not simply open to trained or experienced personnel. Entry should be allowed only where:

• the person is required for the current task;
• the task cannot reasonably be performed from outside the zone;
• the person is authorized by the Area Authority or local equivalent;
• the exposure condition and access rule are understood;
• the required controls are in place;
• entry is limited to the people, location, and time needed;
• stop conditions are understood.

Personnel not required for the current task shall not enter a Restricted Access Zone while the exposure condition is present or active.

Where the work method requires repeated entry into a Restricted Access Zone, this should be managed as Planned Repeated Exposure. Where entry is non-routine, abnormal, emergent, or task-specific, this should be managed as Controlled Exposure Entry.

Additional personnel should not join a task inside a Restricted Access Zone unless the work is paused where necessary, the Area Authority or local equivalent is informed, the plan is reviewed, and the additional person's role, location, exposure, controls, and stop conditions are understood.

Access points should be clearly identified and marked where practicable. Personnel should be able to recognize when they are approaching an exposure zone and what access rule applies.

Barriers and signage should match the exposure risk level, duration, and operating context. Temporary barriers should be suitable for the work environment, visible to affected personnel, and removed when no longer valid. Permanent or recurring exposure zones should be supported by durable markings, signs, maps, or other communication methods appropriate to the facility or activity.

Maps or diagrams should show zones, access routes, egress, safe positions, and Area Authority location where relevant. Where zones are dynamic or task-based, maps and diagrams should be supported by task planning, communications, briefings, displays, or other means that show when the exposure condition is active or has changed.

Temporary zones shall be communicated to affected personnel before or when they are established, and removed when no longer valid.

Emergency egress must not be impeded.

For each exposure zone, an Area Authority or local equivalent shall be identified. The Area Authority should be the person with sufficient knowledge of the work, authority over the activity, and visibility of the exposure condition to control access and respond to changing conditions.

The Area Authority or local equivalent should:

• understand the exposure condition and access rule;
• authorize or refuse entry in accordance with the defined controls;
• confirm that personnel entering the zone are required for the task;
• confirm that required controls are in place;
• communicate changes in exposure condition or access status;
• stop or pause the work where the exposure condition or controls are no longer valid;
• withdraw or close entry permission when the task is complete or the exposure condition changes.

Organizations may assign equivalent roles using local terminology, provided the responsibility is clear and understood by the work team.

The following practice expectations should be used to support implementation:

• Minimum expectation: access rules, Area Authority, barriers or other controls, and communication methods are defined for each exposure zone.
• Improving practice: access rules are reviewed against actual work practice, repeated access, temporary zones, and field observations.
• Leading practice: access control is integrated with dynamic zone status, exposure risk levels, automated monitoring where used, and exposure metrics that trigger redesign.

Planned Repeated Exposure applies to known recurring tasks where entry into an exposure zone is part of the current work method.

Planned Repeated Exposure:

• shall be identified in the work method, procedure, JSA/JHA, or equivalent planning document;
• shall have defined access rules and Area Authority or local equivalent;
• shall define when entry is allowed and when entry must stop;
• should be measured through exposure entries, exposure time, and, where applicable, exposure risk level;
• should be reviewed for reduction or redesign.

Planned Repeated Exposure recognizes that some manual or less automated operations currently require repeated human intervention. The exposure is not treated as prohibited, but it must be visible, controlled, measured, and targeted for improvement.

The work method should define:

• the task or task phase requiring entry;
• the exposure condition and exposure risk level;
• the personnel or roles permitted to enter;
• the equipment, energy, or load state required before entry;
• the communication method between the entrant, Area Authority, equipment operator, or other affected personnel;
• the expected duration or task limit for entry;
• the conditions that require personnel to leave the zone;
• the review trigger where exposure is repeated or higher risk.

Where Planned Repeated Exposure occurs frequently, the organization should review whether the task can be redesigned, resequenced, supported by tooling, mechanized, automated, or otherwise changed to reduce exposure.

Controlled Exposure Entry applies to non-routine, abnormal, emergent, or task-specific entry into an exposure zone.

Controlled Exposure Entry:

• shall confirm why entry is necessary;
• shall confirm what exposure remains;
• shall identify who is entering;
• shall define the required controls;
• shall define stop conditions;
• shall be authorized before entry;
• shall end when the task is complete.

Controlled Exposure Entry should be used where entry is not already covered by an approved work method for Planned Repeated Exposure, or where the planned conditions have changed. It should also be used where the work is abnormal, the exposure condition is higher than expected, controls are degraded, the task requires a temporary change in access rule, or the Area Authority determines that additional authorization is required.

The authorization should confirm:

• why entry cannot reasonably be avoided;
• whether the work can be delayed until the exposure condition is lower;
• what equipment, load, pressure, stored energy, or other exposure remains;
• who will enter and what task they will perform;
• who controls the exposure zone during entry;
• what controls, communication methods, and emergency arrangements are in place;
• what stop conditions apply;
• how permission will be withdrawn when the task is complete.

Authorization should match the exposure type and risk level.

The authorization method should be proportionate to the exposure condition, task complexity, and exposure risk level. It should not create unnecessary paperwork for routine controlled tasks, but it should make residual exposure visible and owned.

• Planned Repeated Exposure may be authorized through the approved work method, task procedure, JSA/JHA, competence requirements, and supervision arrangements.
• Controlled Exposure Entry should be authorized immediately before task-specific, abnormal, emergent, or non-routine entry.
• Level 4 or Level 5 exposure may require elevated approval, additional verification, or stronger stop conditions.
• Emergency or rescue entry should be governed by emergency response arrangements and pre-planned rescue controls, not improvised paperwork.

When the task requiring entry is complete, or when the exposure condition changes, permission to remain in the exposure zone shall be withdrawn unless a new authorization is given.

Personnel who have entered the exposure zone should inform the Area Authority or local equivalent when the task is complete and when they have left the zone. The Area Authority or local equivalent should confirm whether the zone status, barriers, signs, communications, or temporary controls need to be changed or removed.

Emergency access and rescue arrangements should be considered when exposure zones are established. Emergency response plans should address how personnel may be rescued or assisted without creating uncontrolled additional exposure.

Emergency access should not rely on improvised permission arrangements. Where rescue or emergency intervention could require entry into a No-Entry Zone or high-risk exposure zone, the organization should define the response arrangements in advance where practicable.

The following practice expectations should be used to support implementation:

• Minimum expectation: entry is required for the task, authorized, controlled, communicated, and stopped when conditions change or the task is complete.
• Improving practice: planned repeated exposure is measured and reviewed for reduction.
• Leading practice: routine exposure entries are redesigned out where practicable, and remaining entries are exceptional, risk-scaled, time-limited, and visible in exposure metrics.

The conditions that establish, change, or remove a Dynamic Exposure Zone should be defined in the work plan, procedure, permit, risk assessment, or equivalent control document where practicable.

The plan should identify:

• the task phase or condition that activates the zone;
• the expected boundary or affected area;
• the access rule that applies during each phase;
• the Area Authority or local equivalent for each phase;
• the communication method used when the zone changes;
• the conditions that require personnel to leave the zone;
• the conditions that allow the zone to be downgraded or removed.

Where a dynamic zone changes during the work, affected personnel should be informed before the change where practicable. If the change is immediate or abnormal, the work should be controlled to prevent personnel entering or remaining in the affected area until the new exposure condition is understood.

Temporary exposure zones may be established for work such as maintenance, lifting, pressure testing, working at height, equipment movement, dropped-object risk, stored energy, or other temporary activities.

Temporary zones shall have a defined access rule and Area Authority or local equivalent. Temporary barriers, signs, announcements, briefings, permits, or other communication methods should be used as appropriate to the exposure risk level, duration, and number of personnel who may be affected.

Temporary zones should be removed when the exposure condition is no longer present. Where a temporary zone becomes recurring or long term, the organization should review whether a permanent or procedural control is required.

Where the exposure condition changes and the access rule is no longer clear, the work should be paused until the zone is reassessed and communicated.

Pause or reassessment triggers may include:

• unexpected equipment movement or loss of position;
• unexpected load movement or suspended-load instability;
• introduction of pressure, tension, or stored energy;
• loss, degradation, or bypass of a control;
• weather, visibility, vessel motion, or environmental changes;
• conflicting simultaneous activities;
• alarm, automated monitoring, or HMI uncertainty;
• personnel entering or remaining in a zone contrary to the access rule.

Organizations may adapt the number of levels, names, and criteria to suit their operations, provided the system distinguishes lower-risk exposure from higher-risk exposure and supports improvement targets. The following five-level scale is the default DROPS example for discussion:

• Level 1: Low-energy / dormant condition. No active overhead work, no moving equipment, no suspended load, no pressure or stored-energy activity.
• Level 2: Controlled low-risk activity. Routine nearby activity with stable conditions and clear separation.
• Level 3: Active exposure condition. Equipment movement, lifting, tubular handling, pressure, or stored energy present, with controls in place.
• Level 4: High-energy or degraded-control condition. Higher consequence activity, reduced visibility, abnormal task phase, temporary controls, or overlapping exposure zones.
• Level 5: Critical exposure condition. Jarring, high-tension, high-pressure, heavy lifts, unstable loads, fatal dropped-object potential, severe weather/motion, or emergency/recovery conditions.

The scale should be used to support planning and prioritization. It should not be used as a substitute for task-specific risk assessment. A low exposure risk level does not remove the need for basic controls, and a high exposure risk level should prompt stronger justification, controls, monitoring, authorization, and improvement review.

The following practice expectations should be used to support implementation:

• Minimum expectation: dynamic or temporary exposure zones are identified, communicated, controlled, and removed when no longer valid.
• Improving practice: dynamic zones are classified by exposure risk level and linked to task phases, stop conditions, and communication methods.
• Leading practice: dynamic zone status is integrated with work planning, automated monitoring where used, exposure metrics, and redesign triggers for repeated high-risk exposure.

The intended function of the automated monitoring, AI, or HMI system shall be defined before it is credited as part of the Exposure Zone Management process.

The definition should include, as applicable:

• what the system is intended to detect, indicate, record, or control;
• what the system does not detect;
• the alert recipient and expected response;
• the required response time;
• the exposure zones, task phases, equipment states, and environmental conditions within its intended operating envelope;
• whether the system is advisory, supervisory, or linked to equipment control;
• the safe state, stop condition, or restart control that applies where the system is linked to equipment control.

The system should not be used outside its defined operating envelope without review. Where the system is uncertain, unavailable, degraded, or outside its validated conditions, the organization should define the fallback controls required for the work to continue.

Organizations should identify and manage system limitations, including:

• false alerts and missed detections;
• latency;
• blind spots and degraded modes;
• data quality;
• sensor or camera coverage;
• lighting, weather, vibration, obstruction, or environmental effects;
• maintenance, calibration, validation, and testing requirements;
• cybersecurity or connectivity limitations where relevant.

Automated monitoring should be periodically reviewed to confirm that it continues to support the intended safety function. Review should include field feedback, alarm or alert history, missed detections, nuisance alerts, overrides, bypasses, degraded modes, and changes to the work environment.

Alerts used for Exposure Zone Management should be useful, timely, understandable, and actionable. They should have a defined recipient and a defined response.

Where alerts are frequent, late, unclear, wrong, or not actionable, they may reduce trust and should be reviewed. Nuisance alerts should not be allowed to become a normal part of work. Alarm shelving, suppression, bypass, or override should be controlled, justified, and reviewed.

The work team should understand:

• what the alert means;
• who must respond;
• what action is expected;
• when work must stop;
• how the alert is cleared;
• what to do if the system is unavailable, uncertain, or degraded.

HMI used to support Exposure Zone Management should present information in a way that supports timely and reliable human action.

Where relevant, the HMI should clearly show:

• exposure zone status;
• personnel location or presence where monitored;
• equipment, load, or energy state;
• advisory, supervisory, or active-control mode;
• alert priority and required response;
• degraded, uncertain, stale, or unavailable data;
• stop condition and restart status.

The HMI should not increase workload, confusion, or reliance on informal interpretation during high-risk task phases. Where the system requires operator action, the operator should have sufficient information, time, authority, and control means to respond effectively.

Automated monitoring data should be governed in a way that supports safety, learning, and improvement. Organizations should define data ownership, access, retention, review, and privacy expectations in accordance with company and legal requirements.

Monitoring should not be introduced as hidden surveillance or as a tool for blame. If personnel believe the system is primarily punitive, entries, overrides, or weak signals may be concealed. The purpose of monitoring should be communicated as exposure reduction, control assurance, and improvement.

The following practice expectations should be used to support implementation:

• Minimum expectation: the system function, limitations, alert response, and fallback controls are defined before the system is credited.
• Improving practice: system performance is reviewed using false alerts, missed detections, overrides, degraded modes, and field feedback.
• Leading practice: automated monitoring is integrated with dynamic zone status, exposure metrics, safe-state controls, HMI quality, and work redesign triggers.

Exposure metrics should help organizations move from counting incidents to reducing exposure before harm occurs. A period with no incidents may still include significant exposure. Measuring exposure helps identify tasks where harm has not occurred but where personnel are repeatedly placed in the line of fire.

Exposure metrics should be used to identify:

• tasks or task phases with repeated exposure;
• tasks with high exposure risk levels;
• changes in exposure over time;
• work methods that depend on repeated manual intervention;
• opportunities for redesign, mechanization, tooling, sequencing, remote operation, or improved controls.

Exposure time should be interpreted with consideration of exposure risk level. A large amount of low-energy exposure is not equivalent to a small amount of critical exposure.

Where practicable, organizations should review exposure data by risk level, with particular attention to Level 4 and Level 5 exposure. Improvement targets should prioritize exposure conditions with the greatest potential consequence, uncertainty, degraded controls, or repeated entry.

Exposure measurement may be manual, observational, procedure-based, permit-based, task-based, or supported by automated monitoring. The method should be appropriate to the maturity of the organization, the risk level of the work, and the reliability of available data.

Organizations may begin with simple measures, such as the number of entries into defined exposure zones, repeated entry by task, or estimated exposure time for recurring activities. More mature programs may use automated monitoring, time-in-zone data, task-state data, and exposure risk level classification.

Exposure metrics should be reviewed at a defined frequency and by personnel with authority to improve the work. Metrics should lead to decisions, such as:

• redesigning the task;
• changing the work sequence;
• improving tools or handling aids;
• changing standard work positions;
• modifying barriers, signs, or access routes;
• improving automated monitoring or HMI;
• improving competence, supervision, or communication;
• escalating recurring high-risk exposure for management review.

Improvement actions should be tracked to completion. Where exposure remains high or repeated, the organization should document why further reduction is not currently practicable and identify future improvement opportunities.

Exposure metrics shall not be used in a way that discourages reporting, hides necessary work, or rewards under-reporting. The purpose of exposure measurement is to make work visible so it can be improved.

Targets should be designed carefully. A target to reduce entries should not encourage personnel to skip required work or conceal necessary exposure. A target to reduce exposure time should not encourage rushing. Metrics should be reviewed alongside operational context, task quality, control effectiveness, and worker feedback.

The following practice expectations should be used to support implementation:

• Minimum expectation: repeated and high-risk exposure is identified and reviewed.
• Improving practice: exposure entries, exposure time, and risk level are measured where practicable and linked to improvement actions.
• Leading practice: exposure data is used as a proactive KPI to reduce Level 4 and Level 5 exposure, redesign repeated exposure tasks, and verify that improvements reduce actual exposure.

The interface review should address:

• what creates or changes the exposure;
• who may be affected;
• who is the Area Authority or local equivalent;
• what access rule applies;
• how changes are communicated;
• what happens when zones overlap;
• who has stop-work authority;
• how handovers are managed.

The review should be completed before work begins where the interface is foreseeable. Where a new interface is created during the work, the work should be paused or controlled until the affected parties understand the exposure condition and access rule.

Where exposure zones overlap, the access rule, Area Authority, communication method, and stop-work authority shall be clear.

If two or more activities create exposure at the same time, the organization should confirm whether the work can proceed safely, whether the activities should be separated by time or location, whether one exposure zone should take precedence, or whether the work should be stopped until the overlap is removed.

Interfaces should be communicated to affected personnel before work begins and when conditions change. Communication may include permits, task briefings, toolbox talks, shift handovers, radio communication, signage, maps, displays, PA announcements, or other methods appropriate to the work.

Handovers should include the current exposure condition, access rule, temporary zones, dynamic changes, Area Authority or local equivalent, ongoing entries, stop conditions, and any degraded controls.

This section should remain focused on exposure interfaces. Contractor, marine, lifting, and SIMOPS-type situations may be used as examples, but the section should not become broad contractor management or SIMOPS doctrine.

Examples may include:

• a lifting operation creating an exposure zone for personnel not involved in the lift;
• a suspended or moving load affecting another work group;
• a vessel, deck, platform, or shore-side activity creating a shared exposure envelope;
• maintenance work creating a temporary dropped-object or stored-energy exposure for operations personnel;
• simultaneous work changing access routes, egress, or safe positions;
• automated equipment movement creating exposure for a manual task.

The following practice expectations should be used to support implementation:

• Minimum expectation: interface exposures are identified, communicated, and controlled before affected personnel are exposed.
• Improving practice: overlapping zones, handovers, and changing conditions are actively coordinated during the work.
• Leading practice: recurring interface exposures are reduced through integrated planning, shared visualization, task sequencing, and joint review of repeated conflicts.

Organizations shall assign accountable ownership for the Exposure Zone Management process. The accountable owner should ensure that the process is established, implemented, reviewed, and improved.

The organization should define responsibilities for:

• accountable ownership of the Exposure Zone Management process;
• Area Authority responsibilities;
• competence and training requirements;
• field verification of access rules and controls;
• Management of Change for permanent changes;
• review and control of temporary or dynamic exposure zones;
• assurance of automated monitoring, AI, and HMI systems where used;
• periodic review of exposure metrics and improvement actions.

The Area Authority or local equivalent shall control access to the exposure zone in accordance with the defined access rule and controls.

Supervisors, equipment operators, entrants, spotters, contractors, and affected personnel should understand their responsibilities for maintaining the exposure zone, communicating changes, complying with access rules, and stopping work where controls are not valid.

Personnel should be empowered to stop or pause work where the exposure condition, access rule, or controls are unclear.

Organizations shall define competence and training requirements for personnel with Exposure Zone Management responsibilities.

Competence requirements should be appropriate to the role and may include:

• understanding exposure zones, access rules, and local terminology;
• recognizing dropped object, moving equipment, suspended load, stored energy, and line-of-fire exposure;
• understanding No-Entry, Restricted Access, Planned Repeated Exposure, and Controlled Exposure Entry requirements;
• recognizing dynamic zones and changing exposure conditions;
• using barriers, signs, maps, permits, communications, or automated monitoring systems;
• understanding stop conditions and emergency arrangements;
• using exposure metrics and observations for improvement.

Organizations should verify that Exposure Zone Management controls are implemented and effective in the field. Verification may include field observations, inspections, permit reviews, task reviews, exposure data reviews, assurance checks, audits, or review of automated monitoring data where available.

Verification should consider whether:

• zones are correctly identified and communicated;
• access rules are understood and followed;
• Area Authority responsibilities are clear;
• Planned Repeated Exposure is visible and controlled;
• Controlled Exposure Entry is authorized and closed;
• dynamic zones are updated when conditions change;
• automated monitoring or HMI systems are performing as intended;
• exposure metrics are leading to improvement actions.

Permanent changes to equipment, layout, work method, access routes, automated monitoring, HMI, or exposure zone classification should be managed through the organization's Management of Change process or equivalent.

Temporary changes should be controlled through the work planning, permit, task risk assessment, or temporary control process. Temporary changes should be removed or reviewed when no longer valid.

Governance should support implementation without making the document overly corporate. The focus should be on clear responsibility, competence, verification, change control, and improvement.

Organizations should periodically review Exposure Zone Management performance, including:

• repeated exposure tasks;
• high-risk exposure entries;
• exposure metrics and trends;
• incidents, near misses, and observations;
• field verification findings;
• automated monitoring performance;
• completion and effectiveness of improvement actions.

The following practice expectations should be used to support implementation:

• Minimum expectation: responsibilities, competence, verification, and change-control arrangements are defined.
• Improving practice: field verification and exposure metrics are reviewed to identify gaps and improvement actions.
• Leading practice: Exposure Zone Management is embedded into planning, engineering, technology assurance, work control, performance review, and continuous improvement.

This appendix should help organizations map existing terms such as Red Zone, Yellow Zone, Green Zone, Restricted Access Zone, No-Entry Zone, No-Go Zone, Exclusion Zone, Drop Zone, Black Zone, and local color-code systems to the Exposure Zone Management model.

The crosswalk should show how each local term maps to:

• exposure condition;
• access rule;
• Area Authority or local equivalent;
• required controls;
• trigger for change;
• relationship to No-Entry, Restricted Access, Planned Repeated Exposure, or Controlled Exposure Entry.

This appendix should provide a checklist based on the process model:

1. Identify.
2. Classify.
3. Design.
4. Control.
5. Authorize.
6. Monitor.
7. Measure.
8. Improve.

This appendix should provide the five-level Exposure Risk Level example scale and space for organizations to adapt criteria to their operations.

The example scale should support consistent discussion and benchmarking while allowing organizations to adapt the criteria to their equipment, work methods, and operating context.

This appendix should help organizations identify recurring tasks where personnel enter exposure zones as part of the current work method.

The template should capture:

• task or task phase;
• exposure condition;
• exposure risk level;
• roles required to enter;
• frequency and duration of entry;
• controls and stop conditions;
• current justification;
• improvement opportunities;
• review owner and review date.

This appendix should support non-routine, abnormal, emergent, or task-specific entry into exposure zones.

The prompt sheet should ask:

• Why is entry necessary?
• Can the task be delayed or performed from outside the zone?
• What exposure remains?
• Who is entering?
• Who controls the zone?
• What controls are in place?
• What communication method is used?
• What stop conditions apply?
• When and how will permission be withdrawn?

This appendix should provide examples of exposure metrics and improvement targets, including:

• exposure entries;
• exposure time;
• exposure time by exposure risk level;
• Level 4 and Level 5 exposure entries;
• repeated exposure by task;
• avoided exposure;
• exposure reduction over time;
• redesign actions completed.

The appendix should include guidance on avoiding perverse incentives and using metrics for learning and improvement.

This appendix should provide a compact self-assessment based on the minimum, improving, and leading practice expectations used throughout the document.

The self-assessment should help organizations identify current maturity, priority gaps, and improvement actions without turning the Recommended Guidelines into a complex maturity model.

This appendix should support responsible use of automated monitoring, AI, and HMI systems.

The checklist should include:

• intended function;
• operating envelope;
• limitations;
• false alerts and missed detections;
• latency and blind spots;
• data quality;
• alert recipient and response;
• override, bypass, or suppression rules;
• degraded mode;
• safe state or stop condition where linked to equipment control;
• privacy and data governance;
• review and improvement arrangements.

This appendix should help organizations identify and control exposure interfaces between tasks, crews, contractors, assets, vessels, equipment, or simultaneous activities.

The checklist should address:

• what creates or changes the exposure;
• who may be affected;
• Area Authority or local equivalent;
• access rule;
• communication method;
• overlapping zones;
• stop-work authority;
• handover requirements.

This appendix should provide example layouts or diagrams showing how fixed, temporary, dynamic, No-Entry, Restricted Access, Drop Zone, and interface exposure concepts may be displayed.

Examples should be clearly marked as illustrative only. They should not imply that one layout, color code, or zone shape is suitable for all operations.

This appendix should identify the DROPS baseline sources and supporting external evidence used to develop the Recommended Guidelines. It should also note where external source use is restricted, permission-required, metadata-only, or otherwise limited.

External sources should be treated as supporting evidence only. DROPS remains the authority for the final Recommended Guidelines.