In this Tip of the Month, we look at how to deal with some of the challenges of managing process safety.  This TOTM is an excerpt of a paper presented by JMC Instructor/Consultant, Clyde Young at the 2008 Mary K. O’Connor Process Safety Symposium.

“Process safety practices and formal safety management systems have been in place in some companies for many years.  Process Safety Management (PSM) is widely credited for reductions in major accident risk and in improved chemical industry performance.  Nevertheless, many organizations continue to be challenged by inadequate management system performance, resource pressures, and stagnant process safety results.”

Meeting the challenges of a PSM system and insuring that the risk associated with our business is addressed can be challenging.  This is one of the reasons that the Center for Chemical Process Safety (CCPS) published their “Guidelines for Risk Based Process Safety” in 2007.  This book is being used as a reference for the PetroSkills HSE course, Risk Based Process Safety Management.  During delivery of this course over the last couple of years, participants have agreed that one of the challenges facing them at the local level is that some elements of the PSM system they work with are somewhat complicated and are focused on trying to achieve consistency throughout an organization.  While the concept of having consistency throughout an organization is an excellent goal, issues at the local level sometimes make this difficult to accomplish.

It is at the plant and process level that catastrophic incidents occur.   It is at this level where resources are sometimes stretched thin and the risk is increased.  What can be done at the plant and process level to simplify things and insure that hazards are identified, addressed and the consequences are reduced?

It is important to know that all processes in the oil and gas industry are designed to run according to specified parameters.  Based on specific criteria, processes are designed to run at a specific flow rate, at specified pressures, temperatures and levels.  This should be considered “normal”.  Unless some kind of batch operation is being dealt with, processes in the oil and gas business are generally designed to run at “normal” for extended lengths of time.

There are four characteristics of an effective management system.  These are:

  • formality,
  • flexibility,
  • accountability and
  • control

A formalized management system uses procedures, policies, and guidelines to direct personnel to the correct actions and the best resources to manage the process.  A flexible system has mechanisms in place to react to conditions if they change.  It is not possible to foresee the future, but it is possible to know what to do, in a formalized way when a situation requires action.  In order for a system to work, people must be held accountable to perform the tasks that are required.  A system with accountability insures that there is no question about who is to do what.  Add these characteristics together, and the system becomes controlled.

To meet the requirements of an effective PSM system, Process Safety Information (PSI) is required, which essentially documents how the process has been designed and built.  Conducting the required Process Hazard Analysis (PHA) study identifies hazards and operability problems that may be built into the process.  Well developed operating procedures directs how the process will be run during “normal” and what will be done to bring the process back to “normal” if there are deviations.  Providing training to personnel insures that those most exposed to the hazards and operability problems are competent to keep the process within the range of “normal” and return it if it deviates.   Mechanical integrity programs keep the equipment in the process from running to failure.  All of the above elements and others are basically used to define and maintain “normal” operations.

In his book, “Managing the Risks of Organizational Accidents,” James Reason talks about active and latent failures in his Swiss cheese model of defenses.  Active failures include errors, omissions, and violations.  Active failures have a direct and immediate effect on the process.  Latent failures include poor design, gaps in supervision, unworkable procedures, and lack of training. These latent failures are always there, may exist for years and can increase the likelihood of active failures.

Process safety management systems are in place to manage the risk associated with the processes we operate.  To manage the risk, it has to be identified, reduced or eliminated.  Incidents have to be responded to and the consequences of such incidents have to be rectified.  Knowing that latent failures exist in all processes and systems, identifying these latent conditions is a key element of identifying risk.

The first of the three simple things to improve process safety management is geared toward identifying risk and especially latent conditions.  Implementing an effective near miss/incident reporting system should help identify latent failures in our processes.

Many organizations have already implemented a near miss/incident reporting program of some kind.  Some of these programs work very well.  In some cases, the program’s start well but reporting begins to taper off after a while.  This can happen because of perceived time constraints or management response that is inadequate or inappropriate.

Whether the theory of H.W. Heinrich’s safety pyramid is to be believed, it would still seem reasonable that if there is a major incident, there were indications that the latent failures were starting to line up, so that the likelihood of an active failure is increased.

Why do near miss/incident reporting systems fail to produce the results desired when they are first implemented? Some reasons include:

  • “It’s inconvenient to fill out a “near-miss form.” It’s less stressful to just forget it happened.”
  • Near-miss experiences are typically private affairs, and there’s no way to hold people accountable for them.
  • Organizational influences have an impact on near-miss reporting.
  • Slogans like “all injuries are preventable”. Employees think to themselves, “If all injuries are preventable and I almost got injured, I sure don’t want anyone to think I’m so careless.”

While these reasons may well have an influence on the success of a near miss/incident reporting system, consider that people have a difficult time deciding if something is a near miss or an incident.  There are many different definitions of a “near miss”.  Incidents are sometimes categorized into tiers or levels and the reporting requirements for each tier are different.  Why can’t issues be simplified to ensure that all important information is collected and analyzed?

To simplify things, let’s change the definition of a near miss/incident to:

“Anything unusual that occurs.”

Think about the concept that all processes are designed to operate as “normal”.  Any operator will tell you that a running process has a certain sound, vibration, feel and even a smell that is “normal”. An effective operator can tell something is not quite right almost immediately. The operator may not know exactly what isn’t right, but any changes to the “normal” are noticed.   All operators and all supervisors of operations need to know anything unusual that occurs.  The problem is that sometimes these things are passed along verbally or in operator logs and there is no formalized process in place to investigate further.  Remember, latent failures need to be identified before they become active failures.

If a near miss/incident is defined as anything unusual that occurs, it becomes very simple to determine if something needs to be reported.  A strange sound or change in the feel of the process will lead to an investigation.  All near miss/incident reports must be investigated.  The investigation can be very simple or it can be very detailed and thorough.  It just depends on what has been reported.  A strange sound may only require someone to observe and write a brief description of what is found.  A failed pump seal may require a more thorough investigation that includes an audit of the facility’s mechanical integrity program.

It is also important to communicate the findings of these investigations so that the latent failures are identified and eliminated or reduced.   Receiving no feedback about a report that is filed is one way to insure that personnel will stop reporting things.   Assigning blame and disciplining personnel is a sure way to drive near misses and incidents underground and insure that nothing is reported.  The focus should be on what happened rather than who did what.

This formalized process doesn’t have to go on forever.  At some point, personnel will begin to understand that all unusual things need to be examined and perhaps even investigated.  The organizations culture will begin to move toward the generative culture where issues dealing with risk and safety are actively sought.  At this point, the organization can step back and take another look at the near miss/incident reporting program and modify it as necessary.

Two other simple things will be presented in future tips of the month.  If you would like a copy of the paper that was presented, please contact John M. Campbell & Co. and request a copy.

To learn more about managing process safety systems, we suggest attending our PetroSkills HSE course, HS 45- Risk Based Process Safety Management.  To enhance process safety engineering skills we suggest any of the JMC foundation courses, which can be found on our website or in our catalog.

By: Clyde Young
Instructor/Consultant

1 Guidelines For Risk Based Process Safety, page ii, American Institute of Chemical Engineers,  Center for Chemical Process Safety

Did you enjoy this post? Do you have a question?
Leave us a Comment below!

Want to read more articles like this?
Subscribe to our RSS Feed or visit the Tip of the Month Archives for past articles.