7.17. To ensure traceability of the safety assessment, the following issues should be considered:@@- All of the information comprising the safety case should be traceable to its source. Such information sources may include records of observations, measurements, research work, modelling studies as well as decisions and assumptions made during the development of the safety case. Such decisions and assumptions may rely on expert judgement or expert elicitation processes, for which appropriate procedures and documentation are necessary.@@- Expectations relating to traceability depend on the individual or organization using the safety case. Traceability in a safety case intended for scrutiny by the regulatory body should be more rigorously presented than in a document intended for internal use by the operator. @@- If the safety assessment is undertaken iteratively, there may be a tendency for references simply to refer to decisions made in a prior iteration of the safety assessment (‘self-citations’). The reviewer may need to trace through a chain of documents before finding the origin of an assumption, parameter value or decision, which may be time consuming. Further, caveats and limitations to the work included in the primary references may become lost or diluted with subsequent repetition. This can lead to a reduction in confidence in the operator and, consequently, confidence in the safety of the facility by the reviewer. As such, primary references should be cited directly, and each iteration of the documentation should permit straightforward evaluation of its traceability. @@- Referencing of reports from the ‘grey literature’ or proprietary or classified documents should be avoided. If referenced documents are unavailable to the reviewer, their use as a reference would break the chain of traceability.@@- The need to keep the chain of traceability intact back to primary sources of information tends to make documents large and difficult to read. Consequently, a trade-off may need to be made between traceability and transparency. The optimum balance between the two can only be decided upon in each particular situation.