What the C681 Stage 2 standard actually looks like delivered on a representative UK construction site, and what it tells the duty holder.

Across the first five parts of this series, the argument has built cumulatively. Residual risk is foundational to the regime, not a flaw in it. The duty holder owns the residual. The future of UXO risk assessment is quantitative articulation of that residual. The procurement framework that helps duty holders commission it is the five questions Part 5 set out.

Part 6 closes the loop. It walks through what the methodology actually looks like delivered in practice on a representative UK construction site, and what the output tells the duty holder that a descriptor would not.

A point worth getting right before the worked example. The methodology this article describes is not new and it is not a Brimstone innovation. CIRIA C681, published in 2009, specified that the Stage 2 Detailed Risk Assessment should provide a semi-quantitative measure of risk. Section 6.1.4 of C681 sets out the equation chain. Appendix A4 provides a worked probabilistic example using Monte Carlo simulation. The methodology has been the published UK standard for sixteen years.

What changed was guidance, not the standard. CIRIA C785 in 2019 introduced a qualitative shorthand for Stage 2 outputs, expressed as high, moderate, or low. The shorthand was meant to make assessments more accessible. The sector adopted it as the default. Over time the original C681 specification drifted out of practice. The descriptor became the deliverable; the underlying calculation became, on many projects, optional.

This article is about what the original C681 standard looks like when delivered as the standard specifies. Brimstone has continued delivering it. The methodology is described here in its own terms, with a representative site to make it concrete.

The site

A brownfield development in the Brickmakers Yard area of east London. Multi-storey residential with associated commercial use. Proposed works include a single-level basement, piled foundations to roughly 18 metres, and associated ground-level construction. The site sits within an area exposed to sustained aerial bombardment during the Blitz, and post-war redevelopment in the surrounding streets has been moderate rather than comprehensive. The exposure profile is typical of east London brownfield sites of this scale.

This is the type of site where the C785 qualitative shorthand might produce a “moderate” or “high” descriptor and stop there. The C681 standard does not stop there. It produces an articulated assessment of the residual risk, with the inputs exposed and the conclusions traceable.

The six inputs

Six site-specific inputs drive the assessment. All of them are collected as part of a standard CIRIA-compliant DRA. The methodology lies in how they are combined, not in what is gathered.

Strike density: bomb census evidence for the area gives a documented density of relevant ordnance per hectare across east London. The Brickmakers Yard area carries a strike density characteristic of the wider Blitz exposure pattern in this part of the city. The figure is anchored in the public bombing records and cross-referenced against military activity records and proximity to documented Blitz targets.

Failure rate: empirical data on dropped or fired ordnance gives a baseline failure proportion. The sector-standard figure for high-explosive aerial ordnance is approximately 10%, and that is the figure the Best Estimate chain uses. The conservative chains apply 15%, not as a competing baseline but as a deliberate sensitivity assumption: the question they answer is what the encounter probability looks like if the true failure rate was materially worse than the consensus figure. Exposing that sensitivity is part of the point of the methodology.

Penetration depth distribution: C681 Figure 6.3 provides the empirical penetration depth dataset for aerial ordnance, derived from the 1941 Ministry of Home Security records. For the representative site, average penetration is used for the Best Estimate, the 95th percentile (P95) penetration is used for the Industry-Aligned chain, and maximum penetration is used for the Worst Case chain. Each is modelled against the site-specific geology.

Post-war attrition: documented clearance and redevelopment activity reduces the residual hazard. For Brickmakers Yard, the reduction is moderate. The area was not subject to comprehensive post-war clearance, and some development may have masked rather than removed UXO. The attrition factor is applied conservatively in the absence of evidence of systematic clearance.

Intrusive footprint: the proposed works define the volume of ground that will be disturbed. For the representative site, this is calculated from the basement volume and the pile cross-sections multiplied by their effective depth of disturbance. The result is the volume of ground at risk of UXO encounter.

Encounter geometry: this combines the intrusive footprint with the penetration depth distribution to produce the Zone of Potential UXO (ZOPU), the three-dimensional volume in which a residual UXO item could be intercepted by the proposed works.

The three-chain output

The C681 Section 6.1.4 equation chain is run three times against three sets of assumptions. The output is presented as three encounter probabilities.

Best Estimate: lower-bound realistic assumptions. 10% failure rate, average penetration depths, lower uncertainty multiplier. For the representative site, this produces an encounter probability of approximately 18% across the proposed works.

Industry-Aligned Estimate: published sector assumptions for direct comparison against typical industry practice. 15% failure rate, P95 penetration depths, mid-range uncertainty. For the representative site, this produces an encounter probability of approximately 26%.

Worst Case: conservative assumptions. 15% failure rate, maximum penetration depths, upper uncertainty multiplier. For the representative site, this produces an encounter probability of approximately 22%. The worst case can produce a lower probability than the industry-aligned chain because deeper penetration depths increase the ZOPU faster than the residual probability rises. This is a methodologically significant feature of the calculation, not a quirk.

All three encounter probabilities for the representative site sit in the High band by C785 reference. The qualitative shorthand would compress these three figures into a single descriptor. The C681 standard preserves the differentiation, exposes the assumption sensitivities, and gives the duty holder three reference points rather than one.

What the output tells the duty holder

The article promised the methodology would tell the duty holder things a descriptor could not. Six are worth naming for the representative site.

A defensible figure. The duty holder records 18% Best Estimate, 26% Industry-Aligned, 22% Worst Case in the project risk register, alongside the assumption set behind each figure. A regulator asking how the residual risk was characterised receives a structured answer with documented inputs, not a category with no underlying calculation.

Exposed assumptions. The duty holder can see that the failure rate sits between 10% and 15%, that the penetration depths are anchored in the 1941 Ministry of Home Security dataset, and that the post-war attrition is conservatively applied. Each assumption is challengeable, confirmable, or refinable.

Sensitivity to design changes. If the basement deepens or the pile depths increase, the assessment can be re-run against the updated intrusive footprint. The Best Estimate, Industry-Aligned, and Worst Case probabilities move accordingly. The duty holder sees the effect of design changes on residual risk before construction commences, not after.

A basis for tolerability. With three encounter probabilities in front of them, the duty holder makes a reasoned decision about whether the residual is tolerable for the proposed works. Mitigation strategies (intrusive survey, watching brief, exclusion zones, design adjustments) are specified against the actual probability, not against a category.

Triggers for revision. The assessment lists explicit conditions under which it must be revisited. Pile depth increases above a defined threshold. Excavation footprint expansions of a defined percentage. Discoveries on adjacent sites. The DRA functions as a live document, which is what C785 specifies it should be in any case.

An audit trail. If a UXO incident occurs and the regulator investigates, the duty holder produces the assessment, the inputs, the assumptions, the calculation, and the revision history. The discharge of the CDM 2015 duty is documented in a form that withstands scrutiny.

What the descriptor would have said

The same site, treated under the C785 qualitative shorthand alone, would have produced “High” and stopped. The duty holder would have known the site was High and would have been pointed toward mitigation. They would not have known how High, what specifically drives that conclusion, how sensitive it is to assumptions, or what design changes would move it. They would have a category and no operational basis.

That is not a criticism of the descriptor. The descriptor remains useful as triage and as the headline output for procurement comparison. The point is that the descriptor on its own is not what C681 specified Stage 2 should deliver. The methodology described above is.

The destination

Six parts ago, the series opened with a question. After Plymouth, what does “low risk” actually mean? The answer has been built across the series. Risk descriptors compress a multi-factor picture into a single category. Residual risk is inherent to the regime. The duty holder owns it. Quantitative articulation is the methodology the original CIRIA standard specified. The procurement framework that secures it is the five questions Part 5 set out.

Part 6 has shown what that methodology looks like delivered. A brownfield east London site, six inputs, three chains, encounter probabilities with exposed assumptions, sensitivity to design changes, revision triggers, audit trail. The output gives the duty holder something to own. The descriptor alone does not.

None of this is new. The standard was published in 2009. Brimstone has been delivering it. The sector drifted from the standard after 2019; the duty holder community is now coming back to it as the post-Plymouth realities make the gap between descriptor and operational reality visible.

The framework permits the methodology. CIRIA specified it. The duty holder needs it. Whether the sector returns to it is now a question of demand from the client side, which is where lasting methodological change usually starts. The case is made.

Previous: Part 5 – Five questions to ask your UXO consultancy

For regular updates, project insights, and industry guidance, follow Brimstone UXO on LinkedIn, Facebook, Instagram, and YouTube.

Brimstone CPT Rig

"*" indicates required fields

Join the Brimstone Members Club

The Brimstone Members Club is more than just a mailing list – it’s your gateway to insider content, fun giveaways, company updates and an exclusive welcome discount*. Find out more

Name*
Privacy*
Marketing*
Remnant
This field is for validation purposes and should be left unchanged.