The URL can be used to link to this page

Home My WebLink About08.f EDB HIRA Report 2025 coy ti 0Cit... I K.\ T� AUPTIA" Hazard Identification and Risk Assessment August 5, 2025 Table of Contents Executive Summary 2 Hazard Identification and Risk Assessment Methodology 2 HIRA Risk Register 4 HIRA Highlights 6 Human Resource Opportunities 8 Other Risk-Related Issues 9 Conclusion 9 1 Executive Summary This report describes the 2025 Hazard Identification and Risk Assessment(HIRA).HIRA provides an evaluation of risks facing the Clay County Utility Authority(CCUA),prioritizes them based on severity and likelihood, and outlines current controls and recommended mitigation strategies. The goal is to reduce operational, reputational, and safety-related impacts through proactive planning and action. This assessment assists senior managers in accomplishing the following: 1. Identifying potential risks facing the organization. 2. Assessing and prioritizing risks based on their projected impact and likelihood. 3. Allocating limited resources to the greatest effect. 4. Organizing and implementing strategies to mitigate and avoid risks. 5. Preparing for and responding to risk events that do occur. 6. Staying informed of new and evolving risks. Hazard Identification and Risk Assessment Methodology Enterprise level risks were collaboratively identified through interviews conducted by the Risk& Safety Manager with each Department Head, the Environmental Compliance Manager, and an Information Technology professional. Each identified risk was scored from 1 (low)to 5 (high) for both Impact and Probability, with a final Risk Rating calculated as their product (Impact x Probability). Risks were ranked from the highest to lowest Risk Rating. Control measures and additional remedies were identified. HIRA Rating Guidelines These guidelines inform, but do not replace, managerial judgement. Probability is the likelihood or frequency that an undesired event will occur. Table 1 provides the guidelines used to estimate the frequency of a particular event. Rate Guideline Remote - not more than 1 event in 10 years Rare -not more than 1 event in 5 years 3 Occasional -more than 1 event in 5 years, but less than annually 4 Frequent- at least 1 event annually Common- 5 or more events annually Table 1—Probability Ratings 2 Impact is the severity should an event occur. Table 2 provides the guidelines used to estimate the impact of an event. The number assigned should be the highest rate with at least one of the listed criteria. Rate Guidelines Insignificant- fiscal impact to CCUA is <$5,000; little to no impact on ri operations; no stakeholder concerns Some - fiscal impact to CCUA is>$5,000 and<$100,000; little to no risk of injury; some limited impact on operations; limited stakeholder concerns Moderate - fiscal impact to CCUA is>$100,000 and<$300,000; risk of injury; 3 significant impact on operations; multiple or influential stakeholders have concerns Severe - fiscal impact to CCUA is >$300,000 and<$1,000,000; risk of death or 4 multiple injuries; extensive impact on operations; extensive stakeholder concerns Critical - fiscal impact to CCUA is >$1,000,000; risk of multiple deaths; total disruption of services to at least one neighborhood for at least 2 weeks Table 2—Impact Rating Risk Rating Risk=Probability x Impact Risk Level Threshold General response Critical x>20 Expedite action High 20>x> 16 Prioritize planning and implementation Medium 16>x> 8 Planned approach; temporary fix Low 8 >x Tolerate or resolve quickly Table 3—Risk Rating 3 HIRA Risk Register Primary Impact Prob Rating Rank Hazard Description Impact Description Risk Owner Current Control 1-5 1-5 1-25 Additional Possible Remedies Vehicle Accidents Auto accidents involving CCUA owned vehicles. Liabilities and repair costs due to bodily injury Chief Human -License checks. lir -Implement dash cam technology. and property damage;injury;death. Resources -Training&vehicle familiarization checklist. -Conduct operational assessment of 360°camera technology. 1 Officer •Liability insurance. 5 ©F •Advanced driver assistance systems(as they become available). •GPS monitoring. •Periodic vehicle inspections by supervisors. In-house vehicle repair&maintenance. -Behind-the-wheel defensive driving training. •Implement progressive discipline for seat belt violations and repeated unsafe driving. Workforce Health and Workplace accidents,injuries,or health issues. Decreased productivity;increased operating Chief Human •Regular department level training and awareness. Quarterly Operations department leadership meeting for safety. Safety Incidents costs;legal liabilities;damage to employee Resources -Formal training(initial and periodic)and safety awareness •Increased number of worksite observations. morale;damage to company reputation;injury. Officer (monthly safety newsletter). -Quick reference guide for chemical exposure and release. •Periodic PPE audits. •Revise safety manual and quick refence guide. •Facility inspections. •Supervisor training. 2 -Safety policy manual&Emergency Quick Reference 4 5 Guide. •Quarterly safety meeting for managers. •Use of light duty to return employees to work after an injury. •Random and post accident drug testing. _ Sewer Backup/Water Damaged pipes or joints,aging infrastructure, Liabilities due to property damage or loss of Chief •Fats,oil,and grease educational outreach. •Increase Capital Improvement Program budget to replace old water lines. Main Break blockage due to grease and roots,loss of power business revenue;loss of public trust;DEP Operations -Alarm systems in lift stations. •Increase community outreach related to fats,oils,grease(FOG);leverage expertise of CCUA CPRS to improve to lift stations lead to sewer backups and water consent orders. Officer -TV line inspections of sewer mains on 10 year effectiveness of outreach.Allocate an additional$1,000 for public education materials promoting throwing household grease 4, runoff onto property. preventivitive maintenance schedule. in the trash instead of pouring it down the drain.Anything ranging from door hangers to vehicle wrap. 3 •$1MM annual relining of sewer mains. 3 15 •Use Asset Management system(in work)and FOG database to efficiently target outreach and sewer inspections. $1MM Capital Improvement Program to replace aging •Monitor EPA approval and JEA testing results relating to sonar profiling technology;implement technology to better deploy water mains. sewer line inspection assets. •Implement SCADA monitoring(in-work)of lift stations. Competitively solicit risk response and remediation contractors to create a pre-approved list of best value contractors. Third Party Injury or Abandoned and sometimes unmanned structures Injury or death to child or other intruder due to Chief •Abandoned structures are fenced. •Create an inventory of abandoned locations,prioritize them,and list short term and long term remedies(such as remove, 4 Death at Abandoned present an attractive nuisance. failure to remove or secure abandoned structures; Operations •Access is limited by removing ladders,installing barriers, 3 15 abandon and isolate in place,hold for possible reuse,etc.)for each. Facilities associated premises liability;loss of trust of Officer and locking facilities. public or other stakeholders. Talent/Skills Shortage Difficulty in recruiting and retaining employees Inability to meet business objectives and staff for Chief Human •Internship Program. •Ensure market competitive wages for engineers doing lke work. with the necessary skills and expertise,including organizational growth;increased recruitment Resources •Supervisor training and accountability for developing internal candidates. 5 skilled technical positions such as engineers. costs;loss of operational effectiveness;and Officer •Reassess licensing requirements. IIIII Indicated by 2 or more posted job openings that potential delays in project delivery. 3 15 •Assess job description and compensation of existing mission critical positions. post for longer than one month without identifying a qualified candidate. Non-Compliance with Failure to comply with employment laws and Legal consequences such as lawsuits and fines; Chief Human -Formal complaint process. •Supervisor and management training. 6 Employment Law regulations can result in lawsuits,fines,and loss of employee trust;financial costs associated Resources •Formal hiring process. 5 3 15 damage to the organization's reputation. with remediation and compensation;and damage Officer •Anonymous ethics hotline. to brand reputation. -HR open door practices. Utility Coordination Increased roadway construction in Clay county Unplanned financial expenditures due to county Chief Engineer •CCUA Sr Engineer reviews county roadway plans •Review the County's Capital Improvement Program(CIP)before finalizing CCUA's CIP. 7 Failures will increase the risk of requirements to move changes to roadway construction plans late in the throughout the design. 4 3 12 •Sr Engineer manages CCUA costs throughout design and construction. CCUA infrastructure from county right of ways. development process. •Sr.Engineer attends monthly County Bonded Transportation Project status progress meetings. Data Breach and Unauthorized access to sensitive employee Legal consequences;identity theft;loss of trust Information •Multi-factor authorization. •Stonger policies related to physical and credential security,workstation,access cards,and technology procurement;system Cybersecurity Threats information such as payroll data,personal details, from customers and employees;damage to Technology •External 24/7 network security monitoring. specific security policies for each technology system used by CCUA. 8 to Administrative IT and performance reviews. Ransomware, employee morale;financial costs associated with Manager •Firewalls,endpoint protection,patching. 4 3 12 -Develop a computer security incident response plan. Systems malware,and similar threats. remediation and recreating lost data;damage to •Security audits. •Implement a Zero Trust Architecture(ZTA)strategy and network segmentation. brand and public reputation. •Multi-level backup and recovery. •User training. _ Nature-related Risks Natural events that cause destruction of physical Property damage. Chief -Sandbagging of specifically identified liftstations in •Ensure all liftstations in 100 year flood zones have submersible pumps and elevated electrical controls when installed new or facilities. Operations designated flood zones. rehabbed. 9 Officer •Alarm monitoring for excessive water intrusion or lift 4 3 12 •Verify resources are available to sandbag all identified liftstations and manholes where such action would slow water inflow. station failure during a hurricane. •Conduct a vulnerability assessment of capital structures to hurricane,flood,tornado,and wildfire. •Create and implement a FEMA Cost Recover Plan. Environmental Failure to comply with federal,state,and local Fines;litigation;reputational damage. Environmental -Audits,mock inspections,and training conducted by the -Add staff to the Environmental Compliance department to increase the number of audits,mock inspections,and trainings. 10 Compliance Failure environmental regulations. Compliance Environmental Compliance office. 3 4 12 -Purchance and implement an Environmental Compliance database(in work). Manager 4 Primary Impact Prob Rating Rank Hazard Description Impact Description Risk Owner Current Control 1-5 1-5 1-25 Additional Possible Remedies Environmental Lab Lack of control over laboratory analysis errors. Non-compliance penalties and sanctions;delayed Environmental •Test results received from contracted lab are reviewed by •Build CCUA lab(in work)to allow timely results with high level of quality assurance. 11 Testing Errors corrective action affecting public's safety;loss of Compliance hand. 4 3 12 consumer and stakeholder trust. Manager Employee Injury An employee injured or accosted while working Loss of life;injury;workers'compensation costs. Chief •GPS units are deployed on vehicles. •Create dispatcher position for D&C with protocols such as periodic employee check-ins and employee emergency While Working Alone off shift while alone or in a remote location. Operations •Eliminate unnecessary solo shifts. response training. Officer -Create list of work that requires more than one employee on a site such as confined space entry,working with hazardous 12 5 2 10 chemicals,electrical work,working at height,or operating heavy equipment.Annotate work orders with multiple employee requirements. •Prohibit,by work rule,employees from entering a customer residence alone unless approved by COO. Safety Technology:Assess technological options such apps(StaySafe,Ok Alone,etc.,)and alert devices(ROAR Panic button System,SECURalert Wireless Panic Button System,etc.) Physical Security Terrorist or criminal activities that damage water Inability to provide drinking water to the Chief •Alarms to detect intrusion into water plants. •Install infrastructure to add redundancy and additional rerouting capability to water grid. Breach of Water delivery systems or contaminate drinking water. community;delivery of contaminated drinking Operations •Re-routing water and isolating sections of infrastructure to •Annual desktop exercise for Operations Management Team 13 Plants and Wells due water;financial liabilities;loss of public and other Officer bypass and contain poisoned water supplies. 5 2 10 .Assess whether there are In-Situ Sensors that would detect poisons in the water supply. to Malicious Actors stakeholder trust. •Implemented security policy. -Assess the availability of alternatives to temporarily distribute drinking water in a worst case scenario. •Quarterly security working group meetings to assess remedies. Supply Chain Risk Disruption of the chemical supply chain outside Inability to process water and wastewater;rapid Chief •Store wastewater until supply chain disruption is over. •Diversify suppliers. Related to Process- CCUA control.Volatility of energy costs due to and unexpected increase in operational costs; Operations -Move chlorine from low flow to high flow plants. -Stockpile essential supplies. 14 Critical Chemicals fluctuations in global energy markets. sudden increases in energy prices make budgeted Officer -Collaborate with other utilies. u, funds inadequate to pay electricity or fuel costs. 5 2 10 .Annual desktop exercise for Operations involving transferring chemicals from low use to high use plants. •Plan to recalibrate quality to EPA standards. Energy efficiency initiatives;life cycle costing for pump purchase decisions;alternative or renewable energy sources. Employee Relations Conflict between employees,grievances,or Decreased productivity;increased absenteeism; Chief Human •Annual employee survey. -Supervisor training program. Issues dissatisfaction with management. decreased morale;potential legal action;damage Resources •Annual wage survey,market competitive salary,retirement, •New employee tour and Executive Director luncheon. to the organization's reputation as an employer; Officer and benefits. -Human Resource conferences. increased administrative and legal costs due to •Take home vehicle. -Human Resources department presentations. 15 organized labor activities. •Tuition reimbursement. 3 3 9 .pet insurance. •Employee retirement committee. •Wellness incentive program. •Professional development through training and conferences. Contractual Failures Contractual and legal documents leading to Unbudgeted,increased costs of construction; Chief Engineer •Using industry standard EJCDC contract. •Developing CCUA standard contract template consistent with CCUA processes. 16 unfavorable outcomes. costs and expenses due to contractual related 4 2 I 8 disputes. Lead and Copper Lead is highly toxic,especially to children.Long Public outrage-loss of community trust and Environmental •Engaged consultant to meet requirements of Lead and •Implement new initiatives(compliance database,CCUA-owned laboratory)and maintain ongoing compliance with existing term exposure to copper can cause liver and reputation;fines,mandatory corrective actions, Compliance Copper Revised Rule.Intern assisting in identifying rules. 17 kidney damage.CCUA is required to comply and increased administrative costs due to Manager 'unknowns'(a DEP requirement). 4 2 8 with Lead and Copper rule which is promulgated increase scrutiny from regulators;replacing lead by the EPA and enforced by DEP. components in CCUA infrastructure;legal and settlement costs due to lawsuits. Workforce Turnover High turnover rates(exceeding 12%). Increased recruitment and training costs;loss of Chief Human •Market competitive wages/raises. Supervisor training program. institutional knowledge;decreased productivity; Resources •Training programs. •Performance pay. 18 disruption in operations;increased workload and Officer 4 2 , 8 •Interview techniques that ensure clear job expectations before hire. decreased morale among remaining employees. Risks arising from Dependence on other public entities. Delayed or inefficient operational effects; Chief •Engage the services of lobbyist. •No changes relationships with increased costs due to liabilities assumed by Operations •Networking through professional associations and 19 independent public actions or inactions of other entities. Officer managerial contacts with regulators. 3 2 6 entities. •Managers monitor proposed rule-making actions by regulators. Violence Against an Acts of workplace violence. Injury or death of an employee due to violence in Chief Human •Police presence on cutoff days. •Training-CCSO and other. Employee the work place. Resources •Police presence for select adverse employment actions. 20 Officer •Badges,panic systems,cameras. 5 1 5 •Background checks. •EAP services. 5 HIRA Highlights Observations • Risks linked to human resources (accidents, turnover, compliance, employee relations) dominate the top half of the register. • External forces such as aging systems and regulatory oversight influence infrastructure- related risks (e.g., sewer backups, construction delays). • Cybersecurity and environmental compliance are emerging risks. Summary of Top Risks Risk Rating Owner 1 Vehicle Accidents 25 Chief HR Officer 2 Workforce Health and Safety Incidents 20 Chief HR Officer 3 Sewer Backup/Water Main Break 15 Chief Operations Officer Key themes: Personnel safety, public liability, infrastructure resilience, and legal/regulatory compliance. Issues and Remedies 1. Vehicle Accidents (Rating: 25) • Issue: Highest-rated risk due to daily exposure and potential for injury or death. • Current Mitigations: License checks; Online training &vehicle familiarization checklist; Liability insurance; GPS monitoring; In-house vehicle repair&maintenance. • Alternatives: o Continue implementing dash cameras. (Implemented) o Hand-on defensive driver training. o Assess 360°vehicle cameras and other technology. o Enforce seat belt usage through progressive discipline. 6 2. Workforce Health and Safety (Rating: 20) • Issue: Incidents may lead to lawsuits,workers compensation claims, and workforce dissatisfaction. • Current Mitigations: Regular department level training and awareness; Periodic PPE audits; Safety policy manual & Emergency Quick Reference Guide; Quarterly safety meeting for managers; Use of light duty to return employees to work after an injury; Random and post-accident drug testing. • Alternatives: o Quarterly Operations Department leadership meeting for safety. (Implemented) o Increased number of worksite observations. o Quick reference guide for chemical exposure and release. o Revise safety manual. 3. Sewer Backups/Water Main Breaks (Rating: 15) • Issue: Affects public trust; Liability costs for damage and lost revenue, DEP consent orders. • Mitigations: Fats, oil, and grease (FOG) educational outreach; Alarm systems in lift stations; TV line inspections of sewer mains on 10-year schedule; $1MM annual for relining sewer mains; $1 MM annual to replace aging water mains. • Alternatives: o Increase Capital Improvement Program budget to replace old water lines. o Increase community outreach. o Use Asset Management system(in work)to target inspections. o Monitor emerging sonar profiling technology. o Implement SCADA monitoring (in-work) of lift stations. 7 Human Resource Opportunities 1. Talent/Skills Shortage (Rating: 15) • Issue: Long vacancies disrupt operations. • Current Mitigations: Internship Programs. • Alternatives: o Review licensing requirements and job descriptions; market competitive wages for engineers doing like work. o New supervisor&manager training (Implemented). 2. Non-Compliance with Employment Law (Rating: 15) • Issue: Potential for uncapped liability and other legal consequences; employee trust. • Current Mitigations: Formal complaint and hiring processes; Anonymous reporting hotline, HR open door practices. • Alternatives: o New supervisor&manager training. (Implemented) 3. Employee Relation Issues (Rating: 9) • Issue: Decreased morale and productivity; legal costs; recruitment and retention. • Current Mitigations: Employee surveys, wage surveys, take home vehicles, tuition reimbursement, retirements committee, wellness incentives,professional development. • Alternatives: o New employee tours. (Implemented) o Supervisor training. (Implemented) 8 New Manager and Supervisor Training • Issue: New supervisors and managers typically are technically excellent; however, supervision requires entirely new skill sets and knowledge. Supervisors are the critical node in the organizational structure regarding risk management. • Solution: o Current supervisors and managers are undergoing training on soft skill topics such as: • Leadership. • Organizational standards. • People Management Skills. • Legal and Ethical Responsibilities. o All new managers and supervisors will be required to complete the training within the first six months of assuming a position. Other Risk-Related Issues Security—CCUA has formed a committee led by the Chief Operations Officer to meet quarterly to identify,prioritize, resolve, and make recommendations related to physical security of CCUA property. Compliance—CCUA, led by its Chief Human Resources Officer, has begun auditing CCUA policies to ensure their compliance with Florida and Federal Law. Policies recently reviewed include Drug Free Workplace (F.S. 440), Public Records (F.S. 119), and provisions related to employment law(Fair Labors Standards Act, FMLA, ADA, and rules related to discrimination). Earlier this year the Executive Director led and completed a revision of CCUA's procurement policy that ensures compliance with various applicable Florida laws. Public Records—CCUA has instituted an ongoing initiative to improve the effectiveness of its record management program and compliance with F.S. 119 and other related Florida laws. Disaster Cost Recovery—CCUA processes inadequately prepare the organization for successful cost recovery through FEMA. CCUA is exploring process and rule modifications to better position itself should it be necessary to seek Public Assistance funding. Conclusion The 2025 HIRA register lists and prioritizes significant risks to CCUA's operations and reputation. To the extent CCUA implements alternatives, they will reduce vulnerability, safeguard personnel and customers, and promote organizational resilience. 9