Sydney Trains Security Control Centre Standard Operating Procedure contained conflicting instructions on incident response, which were not aligned with the Sydney Trains Network Incident Management Plan (NIMP).
Sydney Trains Security Control Centre Operator was not alerted to tampering of the cameras at Kembla Grange Station that monitored the West Dapto Road Level crossing.
The risk assessments conducted by Southern Shorthaul Railroad (SSR) for shunting and banking operations did not include consultation consisting of effective and meaningful engagement with all relevant stakeholders. This increased the potential that risks could be missed during the risk assessment process.
Southern Shorthaul Railroad's (SSR's) emergency response procedures did not include requirements for banking locomotive operations.
Southern Shorthaul Railroad's (SSR's) training and assessment did not include coupler functionality and the process to ensure correct coupling had occurred. Further, an underpinning procedure for the stretch test (effectively coupled) process did not exist.
There was probably no independent check of the isolation arrangements installed on the night of 29 November. An earlier internal audit of the project also reported instances of testers in charge checking their own work.
Metro Trains Melbourne standards and procedures did not specifically address requirements associated with fuse removal and securement in safety critical scenarios.
Changed level crossing isolation arrangements were not effectively reflected in program documentation, nor effectively disseminated to all those potentially affected. An earlier internal audit of the project also identified instances of scope changes not being documented.
Arc Infrastructure’s procedures included no requirement for a network control officer (NCO) to make an emergency call and advise potentially ‘at risk’ trains that another nearby train had overrun its limit of authority.
The Arc Infrastructure processes for the management of rail traffic overrunning its limits of authority were reliant on the immediate actions of the rail traffic crew and did not explicitly require immediate actions from the network control officer (NCO). This situation increased the risk of driver completely missed signal passed at danger (SPAD) events, particularly in cases where the rail traffic crew’s awareness or capacity was potentially compromised.
The Arc Infrastructure practice of pathing a following train up to the same section of track occupied by a stopped train, coupled with no requirement for the network control officer (NCO) to communicate and confirm rail traffic crews were aware when approaching another stopped train, increased risk.
Pacific National had limited controls for managing the risk of signals passed at danger during driver only operations, including incidents associated with driver fatigue. The safety system relied on a single driver correctly observing and responding to signals at all times, including during the window of the circadian low (when fatigue risk is greatest).
Pacific National's fatigue management procedures required train drivers to not work if they felt fatigued. This requirement primarily relied on drivers self-reporting if they felt fatigued, and there was no proactive assurance that drivers had obtained adequate sleep, including for higher fatigue risk situations. Self-reporting mechanisms were very seldom utilised and Pacific National had not conducted surveys or used other audit mechanisms or processes to identify any perceived or actual barriers to drivers self-identifying fatigue.
Pacific National’s rostering and fatigue management system used the FAID biomathematical model of fatigue to assess the fatigue risks associated with train driver rosters, applying a threshold FAID score of 80 for driver only operations and 100 for other operations. The operator had not conducted analysis to determine that train drivers working rosters according to these thresholds were sufficiently rested to conduct driving duties.
Qube’s operational procedure for train management between Moss Vale and Inner Harbour did not account for locomotive configurations that maintained locomotive dynamic braking during emergency applications. This increased the risk of the train driver avoiding the use of the emergency brake during a runaway event.
The assumptions regarding locomotive configurations that cut-out locomotive dynamic braking during emergency applications was found embedded in other rollingstock operator’s procedures with similarly configured locomotives in NSW.
Network pre-start briefings are a critical control in place to manage the risk of collisions between rail traffic and workers and machinery, and Queensland Rail had undertaken significant work to improve these processes. However, the design of the first-line assurance activities and the limited conduct of second-line and third-line assurance activities provided only limited assurance that the worksite protection aspects of the briefings were being conducted effectively.
The Queensland Network Rules and Procedures did not provide sufficient guidance for rail safety workers to ensure they used standardised rail-specific terminology when communicating safety-critical information.
There was no formal interface agreement between Queensland Rail and the Brisbane City Council to jointly identify and manage ongoing and changing safety risks at the road and rail Interface.
Queensland Rail had insufficient resources available to assess all 1,138 public level crossings at 5 yearly intervals or sooner as required by its level crossing safety Standard, with only one person qualified to conduct level crossing safety assessments.
