653 122 2MB
English Pages xxvi, 234 pages : illustrations; 24 cm [260] Year 2019
PROCESS SAFETY LEADERSHIP FROM THE BOARDROOM TO THE FRON TLIN E
Relation of this Book to Other Publications of the Center for Chem ical Process Safety Process Safety Leadership from the Boardroom to the Frontline (2018)
9
Process Safety Metrics: Guide for Selecting Leading and Lagging Indicators (2018)
For a com plete listing of CCPS books, please visit www.wiley.com/go/ccps.
PROCESS SAFETY LEADERSHIP FROM THE BOARDROOM TO THE FRON TLIN E
CENTER FOR CHEMICAL PROCESS SAFETY OF THE AMERICAN INSTITUTE OF CHEMICAL ENGINEERS New York, NY
This edition first published 2019 © 2019 the American Institute of Chemical Engineers A Joint Publication of the American Institute of Chemical Engineers and John Wiley & Sons, Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, except as permitted by law. Advice on how to obtain permission to reuse material from this title is available at http://www.wiley.com/go/permissions. The rights of CCPS to be identified as the author of the editorial material in this work have been asserted in accordance with law. Registered Office John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, USA Editorial Office 111 River Street, Hoboken, NJ 07030, USA For details of our global editorial offices, customer services, and more information about Wiley products visit us at www.wiley.com. Wiley also publishes its books in a variety of electronic formats and by print-on-demand. Some content that appears in standard print versions of this book may not be available in other formats. Limit of Liability/Disclaimer of Warranty While the publisher and authors have used their best efforts in preparing this work, they make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives, written sales materials or promotional statements for this work. The fact that an organization, website, or product is referred to in this work as a citation and/or potential source of further information does not mean that the publisher and authors endorse the information or services the organization, website, or product may provide or recommendations it may make. This work is sold with the understanding that the publisher is not engaged in rendering professional services. The advice and strategies contained herein may not be suitable for your situation. You should consult with a specialist where appropriate. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read. Neither the publisher nor authors shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages. Library of Congress Cataloging-in-Publication Data is available. Hardback ISBN: 9781119519317 Cover Design: Wiley Cover Images: ©Assembly/Getty Images, ©krisanapong detraphiphat/Getty Images Printed in the United States of America 10 9 8 7 6 5 4 3 2 1
Disclaim er It is sincerely hoped that the inform ation presented in this document will lead to an even more impressive safety record for the entire industry; however, the American Institute of Chemical Engineers (AIChE), its consultants, the AIChE’s Center for Chem ical Process Safety (CCPS) Technical Steering Committee and the Process Safety Leadership Challenge Subcommittee m em bers, their employers, their employer’s officers and directors, and Scott B erger and Associates LLC and its subcontractors, do not warrant or represent, expressly or by implication, the correctness or accuracy of the content of the information presented in this book. As between (1) the AIChE, its consultants, the CCPS Technical Steering Com mittee and Subcomm ittee m embers, their employers, their employer’s officers and directors, Scott B erger and Associates LLC and its subcontractors, and (2) the user of this document, the user accepts any legal liability or responsibility whatsoever for the consequence of its use or misuse.
ABOUT AIChE AN D CCPS The American Institute of Chem ical Engineers (AIChE) has led efforts to improve process safety in the chem ical, petroleum, and allied industries for more than six decades. Through strong ties with process designers, constructors, operators, m aintenance professionals, safety professionals, and members of academ ia, AIChE has enhanced communications and fostered continual im provement of the industry’s high process safety standards. AIChE publications and sym posia have become the premier inform ation resources for those devoted to process safety and environmental protection. AIChE formed the Center for Chem ical Process Safety (CCPS) in 1985 after the tragic incidents in late 1984 in Mexico City, Mexico, and B hopal, India. CCPS is chartered to develop and dissem inate technical and leadership guidance and expertise to help prevent fires, explosions, toxic releases, and major environmental impacts. CCPS is supported by more than 200 m em ber-com panies around the world. Members provide the necessary funding and professional expertise to its m any com mittees. A m ajor product of CCPS activities has been a series of guideline and concept-related publications to assist those implementing various elements of a process safety and risk management system. This concept book is part of that series.
TABLE OF CON TEN TS Acronyms and Abbreviations .......................................................... xi Acknowledgements ........................................................................ xiii Nomenclature and Style ................................................................. xv Preface ............................................................................................ xvii Executive Summ ary ........................................................................ xix How to Use this B ook .................................................................... xxv
1 THE BUSIN ESS CASE FOR PROCESS SAFETY ................. 1 1.1 Corporate Social Responsibility ................................................ 2 1.2 B usiness Flexibility ...................................................................... 4 1.3 Loss Prevention ........................................................................... 5 1.4 Sustainable Growth .................................................................... 7 1.5 Leadership Excellence ................................................................ 9 1.6 Summ ary ...................................................................................... 9 1.7 References ................................................................................. 10 1.8 Incidents Represented in Figure 1.2 ...................................... 12
2 LEADIN G AN D MAN AGIN G PROCESS SAFETY ........... 13 2.1 Process Safety Definition ........................................................ 13 2.2 How Process Safety Works: Risk Reduction and Risk Management to Eliminate Accidents ..................................... 22 2.3 Learning from Incidents .......................................................... 25 2.4 Personal Leadership Accountability ...................................... 30 2.5 Downturns and B oom Times: Special Process Safety Leadership Challenges ............................................................. 34 2.6 Com pliance: Required but not Enough ................................. 39 2.7 Management Systems: Helpful but not Sufficient............... 43 2.8 References ................................................................................. 44
vii
viii | Process Safety Leadership from the Boardroom to the Frontline
3 LEADERSHIP ATTRIBUTES ........................................... 47 3.1 Creating a Shared Vision ......................................................... 48 3.1.1 Establish the Im perative for Process Safety ............... 48 3.1.2 Reflect the Im perative in Your Words and Actions .... 51 3.1.3 Drive the Im perative Throughout the Organization .. 54 3.1.4 Earn the Social License to O perate .............................. 57 3.2 Develop and M aintain Knowledge and Competence ......... 60 3.2.1 Personal Knowledge and Com petence ....................... 60 3.2.2 Develop and Em power Others ..................................... 64 3.3 Show Integrity and Com m itment........................................... 71 3.3.1 Courage and Conviction ................................................ 71 3.3.2 Accountability .................................................................. 73 3.3.3 Responsiveness ............................................................... 76 3.3.4 Consistency ...................................................................... 78 3.4 Communicate with Inspiration ............................................... 80 3.4.1 Stay Connected and Visible ........................................... 80 3.4.2 Influence and Drive Process Safety Culture ................ 83 3.5 References ................................................................................. 91
4 Leadership of the Process Safety Managem ent System ..........................................................................................................93 4.1 Identify Required B arriers ....................................................... 94 4.1.1 Start with Risk Criteria and a Risk M atrix .................... 95 4.1.2 Analyze Hazards and Risks ............................................ 98 4.1.3 Identify Required B arriers ........................................... 101 4.2 Manage B arriers ..................................................................... 102 4.2.1 Conduct of O perations and O perational Discipline 102 4.2.2 Standards ....................................................................... 110 4.2.3 Asset Integrity and Mechanical Integrity ................... 113 4.2.4 O perating Procedures and Safe Work Practices ...... 116
Table of Contents | ix
4.2.5 M anagement of Change .............................................. 118 4.2.6 Emergency Management – Preparation and Response ............................................................................................................ 123 4.3 Manage Com petency (Organizational Capability) ............. 127 4.3.1 Com petency ................................................................... 128 4.3.2 Effective Training .......................................................... 130 4.3.3 Process Knowledge M anagem ent .............................. 133 4.3.4 Contractor M anagement ............................................. 135 4.4 Verify Perform ance and Improve ........................................ 139 4.4.1 Audits .............................................................................. 139 4.4.2 Metrics ............................................................................ 141 4.4.3 Incident Investigation and Resulting Actions ............ 143 4.4.4 M anagement Review and Continual Im provement. 146 4.5 B uild and Strengthen Culture ............................................... 151 4.5.1 Introduction to Culture ................................................ 151 4.5.2 Workforce Involvem ent ............................................... 152 4.5.3 Stakeholder O utreach .................................................. 155 4.6 Summ ary ................................................................................. 158 4.7 References ............................................................................... 159
5 Leadership Roles and Accountabilities .................. 161 Table 5.1 Executive Leadership Role ......................................... 164 Table 5.2 Operations Leadership Role ...................................... 166 Table 5.3 Engineering Leadership Role ..................................... 168 Table 5.4 EH& S Leadership Role ................................................ 170 Table 5.5 Research and Development (R& D) Leadership Role 172 Table 5.6 Purchasing Leadership Role ...................................... 174 Table 5.7 Human Resources Leadership Role .......................... 176 Table 5.8 Plant Superintendent Role ......................................... 178 Table 5.9 Maintenance Leadership Role ................................... 180
x | Process Safety Leadership from the Boardroom to the Frontline
Table 5.10 Plant Engineer Role ................................................... 182 Table 5.11 Plant Operator Role .................................................. 184 Table 5.12 M aintenance Technician Role .................................. 187 Table 5.13 Process Safety Specialist Role ................................. 189
6 Deploying Process Safety Leadership Accountability and Responsibility ...................................................... 191 Table 6.1 Corporate Process Safety Leadership Team RACI Matrix ................................................................. 193 Table 6.2 Operations Leadership Team RACI M atrix .............. 197
7 Make it Happen ........................................................ 201 7.1 References ............................................................................... 207
Index ............................................................................ 209
ACRON YMS AN D ABBREVIATION S AIChE API CCPS CEO COO CSB EH& S e-MO C ESD E.U. FM EA HIRA HP HP PSNM HR HSE IEC ISD ISO IPL ITPM KPI LO PA MOC MS NASA
American Institute of Chem ical Engineers American Petroleum Institute Center for Chem ical Process Safety Chief Executive Officer Conduct of O perations The United States Chemical Safety and Hazard Investigation Board Environment, Health, and Safety Electronic M anagem ent of Change (System ) Emergency Shutdown European Union Failure M odes and Effects Analysis Hazard Identification and Risk Analysis High-Potential High potential process safety near-miss Human Resources (leader or function) Health, Safety, and Environment(al), or the Health Safety Executive (of the UK), depending on context International Electrotechnical Commission Inherently Safety Design International Standards O rganization Independent Protection Layer Inspection, testing, and preventive m aintenance Key Performance Indicator Layer of Protection Analysis M anagement of Change M anagement System National Aeronautical and Space Administration
xi
xii | Process Safety Leadership from the Boardroom to the Frontline
OD OM OC OP PHA PPE PSE PSI PSMS PSNM PSSR R& D RACI RAGAGEP RC RCI RCMS RIK RP SEP SIL SIS SWP TQ UK USA
Operational Discipline Organizational M anagem ent of Change O perating Procedure Process Hazard Analysis Personal Protective Equipment Process Safety Event Process Safety Inform ation or Process Safety Incident, depending on context Process Safety M anagem ent System Process Safety Near-Miss Pre-startup Safety Review Research and Developm ent Responsible-Accountable-Com m unicated toInformed Recognized and Generally Acceptable Good Engineering Practices (USA regulations) Responsible Care Root Cause Investigation Responsible Care M anagement System Replacement-in-kind Recommended Practice (of API) Sound Engineering Practices (European regulations) Safety Integrity Level Safety Instrumented System Safe Work Practice Threshold quantity United Kingdom United States of America
®
®
ACKN OWLEDGEMEN TS The Am erican Institute of Chem ical Engineers (AIChE) and its Center for Chem ical Process Safety (CCPS) thank the Process Safety Leadership Subcom mittee members and their CCPS m em ber com panies for their generous efforts and technical contributions to this book. CCPS also thanks the members of the CCPS Technical Steering Comm ittee for their advice and support. CCPS Process Safety Leadership Subcom m ittee The Chairs of the Process Safety Leadership Subcom mittee were Bernard Gross, of Hess Corporation (retired) and John Wincek, originally of Croda, Inc. and currently of Dekra. The CCPS staff consultant was Dan Sliva. The Subcom m ittee m em bers were: Don Abraham son Steve Arendt Vivek B ichave Theresa B roussard Kevin He Fred Henselwood Dave Hurban Hope Luebeck Dan Miller David Prior Hervé Vaudrey Dan Wilczinski
CCPS Emeritus AB SG Consulting Reliance Industries, Ltd. Chevron Shell Nova Chemicals American Electric Power Chemours CCPS Em eritus Honeywell Dekra Marathon Petroleum
xiii
xiv | Process Safety Leadership from the Boardroom to the Frontline
CCPS thanks Scott B erger and Associates, LLC for preparing the m anuscript. Scott Berger, President, served as project manager and co-author. Kenan Stevick, President, KPS, Inc., served as coauthor. The Honorable Israel Dubin (retired) served as editor. Allison B erger provided research assistance for Chapter 1. Steve Eason, President, High Desert Safety, provided guidance on the outline. Cynthia B erger, m em ber of the National Association of Science Writers, provided a final read-through to assure quality. Peer Reviewers B efore publication, all CCPS books receive a thorough peer review. CCPS gratefully acknowledges the thoughtful com ments and suggestions of the peer reviewers. Their work enhanced the accuracy and clarity of these guidelines. Ademola Akanbi Christopher Conlon Kevin He Alok Khandelwal Gregg Kiihne Jennifer Mize Shannon Ross Anne O’Neal Thom as O’Rourke Jeffrey Wanko Jiaqi Zhang
M allinckrodt National Grid Shell Shell B ASF Eastman Venator Corp. Chevron B ASF O SHA (USA) Shell
N OMEN CLATURE AN D STYLE Throughout this book, the abbreviation PSMS has been used to stand for Process Safety Management System. While this term is not yet in comm on usage, the authors felt that it was important to avoid the m ore common abbreviation PSM . Since PSM refers to a regulation of the USA, PSMS helps convey that this book applies globally and specifically addresses the leadership needed to drive and sustain the company’s process safety perform ance and culture. The subcommittee and the authors intended this book to use direct language, as is comm on to management-oriented books. Technically-oriented readers accustom ed to sentence construction like, “It is recommended that leaders consider m easures to…” m ay at first be surprised to read, “As a leader, you m ust….” However, you will soon agree that leadership in process safety requires clear com m unication, clear direction, and disciplined execution at all levels of the organization. Direct language helps accom plish that. In the above exam ple and throughout the book, the use of the word “m ust” does not convey in any way that this book represents a voluntary consensus standard. Like other CCPS books, this book represents best and emerging practices. In that context, “m ust” refers only to what leaders and com panies need to do if they aspire to demonstrate best-in-class process safety leadership. Any key term s used in this book are defined when they are introduced. This book follows the standard CCPS glossary, which can be found at: http://www.aiche.org/ccps/resources/glossary
xv
PREFACE Why, you m ay ask, another book on leadership? The answer is clear and grounded in our current and historical situation. Around the globe, significant hazardous releases continue to occur daily, m any with catastrophic potential. Nearly all look like previous incidents, what Tony B arrell described as “an awful sameness,” and all are preventable. As leaders, how can we accept this, when one of our prim ary roles is to manage risk, including the risk of process safety incidents. Within a few years of its founding, CCPS recognized the importance of leadership in advancing process safety. In Guidelines for Technical M anagem ent of Chem ical Process Safety (Ref. FM.1), the first book describing a Process Safety Management System (PSM S), CCPS wrote: At every level, the critical ingredient in any m anagem ent system is leadership. Leadership is what drives a m anagem ent system. For chemical process safety m anagem ent, leadership is essential to provide visibility, m omentum, a sense of organizational comm itment and direction, and ultim ately reinforcement, through the distribution of rewards and punishments for variable levels of perform ance. Leadership is needed at every level – from the CEO to the first-line supervisor. In the absence of strong, effective, continuing leadership, the desired level of safety perform ance will not be achieved. Over time, additional experience in the CCPS com munity found that the leadership role was even m ore critical. The 20 Process Safety Managem ent System (PSM S) elem ents described in Guidelines for Risk B ased Process Safety (Ref. FM.2) included
xvii
xviii | Process Safety Leadership from the Boardroom to the Frontline
3 elem ents that leaders are specifically responsible for, nam ely, culture, conduct of operations, and m anagement review. Today, additional experience has proven that process safety is much more than a technical discipline with some m anagem ent oversight. Instead, it is a way of professionally doing business that m ust be driven by leaders, from the very top of the organization to the very bottom . This book makes a com pelling business case for process safety, and then lays out in detail the leadership skills and knowledge needed at all levels of the organization to drive consistent, reliable process safety perform ance. Like m any other CCPS publications, this book introduces previously unpublished experience, approaches, and thinking. It builds upon and links to CCPS’s prior work as well as cited literature, the broad experience of the CCPS com munity, and the specific experience of the subcommittee mem bers and the authors. We offer it to you as part of our com mitment to continual improvement, leading to the elimination of process safety incidents. Leaders, working together at all levels in the organization to professionally execute their PSMSs can make great things happen. This is our time to rise to the challenge to reduce process safety incidents by orders of m agnitude. O ur shareholders demand it, our employees deserve it, and our com munities expect it! Scott B erger and Kenan Stevick, May 21, 2018
EXECUTIVE SUMM ARY In 1989, CCPS first identified “leadership support” as a fundam ental requirem ent for process safety (Ref. FM.1). Experience gained by CCPS member companies and others over the past 30 years has certainly borne this out. Any com pany that has had sustained success in reducing process safety incidents has engaged all levels of leadership in process safety. Leaders set policy and risk criteria, ensure implem entation of appropriate barriers, and establish m anagement system s to m anage the broad operational, technical, and support functions required to ensure proper m aintenance of these barriers. Since its first publication on the subject, CCPS has developed num erous support tools for leaders, including: Conduct of Operations and O perational Discipline for Im proving Process Safety in Industry (2011) Essential Practices for Creating, Strengthening, and Sustaining Process Safety Culture (2018) Guidelines for Developing Quantitative Safety Risk Criteria (2009) Guidelines for Integrating M anagement Systems and Metrics to Improve Process Safety Perform ance (2016) Guidelines for Risk B ased Process Safety (2007) Recognizing Catastrophic Incident Warning Signs (2011) The B usiness Case for Process Safety (editions in 2002, 2004, 2007, and 2018), The Process Safety Culture Toolkit (2004); and Vision 20/20 Process Safety: The Journey Continues (2014).
xix
xx | Process Safety Leadership from the Boardroom to the Frontline
among others. However, until now, no comprehensive resource for leaders existed. This book provides leaders at all levels and functions with essential tools to help them fulfill their process safety responsibilities. Many com panies have made im pressive progress in the technical and leadership aspects of process safety. Some com panies m ay believe they have achieved excellence in process safety performance, and some of these m ay actually have done so. However, lessons learned from major incidents at companies thought to have strong process safety perform ance has shown that few have achieved the level of process safety excellence they believed – or needed. Furthermore, at whatever level of excellence attained, even just m aintaining that level requires continual effort. New technologies em erge. Products and processes change. Leaders and operating personnel m ove to new roles. Like equipment, process safety management system (PSM S) perform ance can degrade without maintenance. At the current pace of change, excellence can quickly degrade to m ediocrity or worse. Therefore, as a leader at any level of any com pany that handles or produces hazardous materials, you should use this book to continually evaluate and enhance process safety leadership across your organization – even if you believe your organization has already achieved excellence. As you read, consider the following questions: How can I elevate m y knowledge of process safety? How can I elevate m y team ’s sense of vulnerability as well as m y own? Do I have gaps in im plem enting m y process safety responsibilities?
Executive Summary | xxi
Do leaders in my organization have gaps implementing their process safety responsibilities?
in
What should be m y goals and action plan to develop my process safety leadership? How should I develop process safety leadership in m y organization? How should my team assign clear leadership responsibilities addressing all aspects of the process safety m anagement system (PSMS) under our control? What do I need to do to ensure that m y team faithfully executes our PSMS to ensure that our barriers for preventing incidents stay strong? These questions, and the answers you develop as you read this book, apply whether you are a B oard Director, CEO, business leader, operations leader, or functional leader. They even apply if you are an individual contributor, operator, or craftsm an. Your level in the organization cannot be too high or too low to demonstrate, and to develop, process safety leadership. Chapter 1 of this book sets the stage by making the business case for process safety. While process safety is an ethical im perative – and that should be business case enough – the robust leadership required for process safety brings additional benefits to the top line, the bottom line, and shareholder value. Chapter 2 explains the principles of process safety and the leadership skills required to m ake it work. Chapter 2 also addresses and corrects com mon m isunderstandings about com pliance and incident investigation and highlights economic downturns and resurgences as two areas requiring particularly diligent leadership.
xxii | Process Safety Leadership from the Boardroom to the Frontline
Chapter 3 introduces key leadership attributes important for process safety, many of which apply to every other business function. The chapter introduces the concept of process safety culture and lays out a roadmap to develop or improve culture. Chapter 4 discusses the common elements of process safety m anagem ent system s (PSM Ss). For each element, the chapter highlights roles for leaders at many levels. While reading this chapter, pay attention to roles other than your own. This will help you lead your team in their process safety leadership developm ent, while also helping you develop the leadership skills you will need as you advance through the organization. Chapter 5 considers the spectrum of process safety leadership responsibilities for a representative sam pling of positions in a typical com pany. These positions include line roles from the CEO to the frontline operational personnel, as well as m any supporting roles. Chapter 6 describes a Responsible – Accountable – Com m unicated-to – Inform ed (RACI) exercise that you can do with your team to ensure assignment of all required leadership accountabilities and responsibilities, and establishm ent of the necessary support and comm unication channels. The chapter also presents an exam ple RACI chart for a sm all organization. Chapter 7 sum m arizes the concepts described in the book. Readers who wish to start with the 10,000-meter view before diving into the details m ay choose to start with this chapter. B ut if you start with Chapter 7, do not stop there. Process safety leadership is about getting the details right. So, you must dive into the details.
Executive Summary | xxiii
As you proceed through the chapters, you will see common them es repeated: Know your operation’s hazards and potential consequences and develop a healthy sense of vulnerability. Im plement and know the status of the barriers needed to control the risk of the potential consequences within your corporate risk criteria. If your company does not have risk criteria, you will need to develop them. Maintain all barriers in working order by disciplined execution of every part of the PSMS. Conduct regular managem ent reviews to verify perform ance, keep progress on track, and prevent norm alization of deviance. Learn from incidents and metrics, and implem ent improvements based on what you learn. Many leaders will find it useful to have their entire team read this book together and m eet periodically to discuss it. In such m eetings you and your team can highlight organizational or personal developm ent needs and create action plans and goals. Whether you read this book with a group or alone, flag or dog-ear im portant pages and take many notes in the margins. Take advantage of the personal development and action planners provided in the downloadable materials presented with this book. If your company has operated hazardous facilities for m any years, you will likely find some items in the book that you already do well. Congratulations! B ut keep going, seeking useful nuggets that will help you improve your leadership impact for process safety even more. Ask your team to do the same.
xxiv | Process Safety Leadership from the Boardroom to the Frontline
Some readers may benefit by benchmarking or discussing this book in industry groups. These may include local comm erce leagues, business or trade associations at the regional, national, or international level, and technical, engineering, and HSE societies. Experience from the CCPS community gained in the past 30+ years has shown that when you share your experience in process safety in an open forum, you gain many times the insight from the other participants. Even if your com pany is a CCPS m em ber – which, if not, it should strongly consider – you will benefit from discussing process safety in other industry groups. Thank you for reading this book. There is really no business priority that com es ahead of protecting workers, the operation, the comm unity, and the environment. B ut if you can do this well, you will enjoy m any additional benefits.
HOW TO USE THIS BOOK Any company producing or handling hazardous m aterials has the potential for a catastrophic fire, explosion, or toxic release if they do not control these hazards adequately. If you do not know your risk of a catastrophic incident, you likely have m ore gaps in process safety leadership than you believe. Regardless of your industry, scale, or the com plexity of your com pany, you need leadership and m ulti-disciplinary expertise focused on producing and handling hazardous m aterials safely. You will need to address process safety in design, equipment and raw m aterial purchasing, hiring and training, construction, operation, and maintenance. Everyone in your com pany, regardless of level or function, needs to understand their process safety responsibilities and how these responsibilities fit into the overall risk management process. As you read this book, resist the urge to hurry through portions not applicable to your role. Icons provided throughout the book highlight different role responsibilities: Senior executive Mid-level leader Frontline leader Individual contributor Im portant concept for all
xxv
xxvi | Process Safety Leadership from the Boardroom to the Frontline
Due to the close linkage of leadership to culture, an additional icon highlights the core principles of process safety culture, as described by CCPS in the sister publication of this book (Ref. FM .4). Process safety culture core principle We recomm end that you read this book in its entirety first. This will help you understand the framework of process safety works and how leadership m akes the roles m esh. Then go back and use the icons above to focus on your area of responsibility. Highlight or take note of the subchapters that you m ay need to improve in your area of responsibility or put in your personal development plan. You m ay find the two provided process safety leadership planner templates helpful: a process safety goal/action planner and a process safety personal development/review planner. Download them from : www.aiche.org/ccps/publications/leadership. Ideally, leadership teams and natural work teams will read this book together, meeting periodically to discuss key points and plan action item s.
References FM .1 CCPS, Guidelines for Technical Management for Chemical Process Safety, American Institute of Chemical Engineers, New York, 1989. FM .2 CCPS, Guidelines for Risk Based Process Safety, American Institute of Chemical Engineers, New York, 2007. FM .3 Piper Alpha: Spiral to Disaster, B B C, London, 1997. FM .4 CCPS, Essential Practices for Creating, Strengthening, and Sustaining Process Safety Culture, Am erican Institute of Chemical Engineers, New York, 2018.
1SPDFTT4BGFUZ-FBEFSTIJQGSPNUIF#PBSESPPNUPUIF'SPOUMJOF By 5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST Copyright¥5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST
1 THE BUSIN ESS CASE FOR PROCESS SAFETY A business case for process safety should not be necessary. The need to protect workers, the comm unity, and the environm ent is as obvious as the need to protect market share, provide and protect shareholder value, and m ake payroll. B ut with the m any daily demands of business, leaders can sometimes leave the obvious behind. When a com pany and its leaders leave process safety behind, they lose out on the significant financial and organizational benefits described in this chapter. B efore you embark on im proving your leadership skills related to process safety, you need to understand these benefits. A benchmark survey of CCPS m em ber companies (Ref. 1.1)1 , com bined with data from other sources (Refs. 1.2-1.4), has provided conclusive evidence that methodically implementing process safety delivers five benefits that help a com pany to 1
Process safety is an ethical imperative that com es with significant financial benefits.
A full-color designed pamphlet covering this chapter and m ore can be downloaded free of charge from www.aiche.org/ccps/businesscase or with the downloadable files accompanying this book.
1
2 | 1 The Business Case for Process Safety
sustainability. These benefits are summarized Fig. 1.1 and discussed in this chapter.
M ore M ore Qualitative Quantitative
Figure 1.1: The Five B enefits of Process Safety Cost reduction
Value creation
Loss prevention
Sustainable growth
Leadership Excellence Corporate social responsibility
B usiness flexibility
1.1 Corporate Social Responsibility Consistently strong process safety perform ance helps m ake your com pany more attractive to investors, employees, com munities, governments, and insurers. M aintaining a strong process safety comm itm ent over time tells critical stakeholders that you care about them and your employees, and that you are m anaging the company well. These benefits reflect directly in the prim ary measurement of value – share price. A review of 12 recent m ajor incidents in 4 countries and 4 industry sectors shows the impact of these incidents on share price 2 . 2
Incidents occurring in Germany, India, Japan, and USA. Normalized to the applicable country’s stock market sector index (chemical, petroleum , pharm aceutical, or utilities, as applicable). See Sec. 1.8.
1.1 Corporate Social Responsibility | 3
As Fig. 1.2 shows, after incidents, share prices imm ediately begin to drop relative to the market. The losses can continue for a year or more. Following B hopal, Union Carbide’s stock price dropped continuously relative to the market for 15 years. Figure 1.2 Im pact of Process Safety Incidents on Share Price
Share price compared to month-end before incident, normalized by the relevant mar ket index to eliminate gross market trends.
The decrease in share price includes losses well beyond tangible losses alone. The difference, simply put, is shareholder perception. Nearly every stock is priced well above the value of its tangible assets. This prem ium reflects the confidence of investors in the com pany’s ability to m anage, control risk, innovate, and continue to grow sustainably. Practices for showing this premium on balance sheets vary. In som e cases, balance sheet term s such as Intangible Assets or Goodwill are
4 | 1 The Business Case for Process Safety
used to describe all or a portion of this prem ium . This shareholder confidence premium is built – or destroyed – by factors directly linked to process safety: Actual risk and perception of risk. Corporate im age. Support for the com pany in the com munities in which it operates. Employee engagement and attitudes: is the com pany a preferred place to work? Trust in the com pany from investors, politicians, regulators, activists, and the press.
Privately owned? This still applies. Your company valuation reflects more than the bottom line. It also depends on the external perception of your ability to manage, control risk, and grow sustainably.
1.2 Business Flexibility Com panies that m anage process safety effectively earn the flexibility to freely m anage their businesses and grow profitably, while satisfying all stakeholders – local comm unities, the public, regulatory authorities, governments, investors, and custom ers. B usiness flexibility results from earning the trust of the public and especially of the local comm unity. It is your com pany’s license to operate. And as with any license, those who award it can also revoke it. Every incident represents a lost opportunity. When a major incident occurs, the com pany m ust divert resources to investigation, clean-up, and recovery, as well as legal and regulatory challenges. These resources could otherwise be focused on growth.
1.3 Loss Prevention | 5
Major incidents can also significantly drain available cash. This can force com panies to sell valuable assets, often at a fraction of their value – an additional lost opportunity. And for m any com panies, this can lead to the loss of the com pany and the livelihoods of every em ployee. This flexibility benefits a com pany by: Allowing you to focus on growth and productivity, rather than dam age control and recovery, Protecting cash flow from unexpected disruption, Proving your worthiness to hold a license to operate, Strengthening and m aintaining good relationships with the local com munity; and Helping you obtain approvals for expansion perm its or new facilities more quickly – a critical strength when implementing the new projects needed to compete effectively. A major incident can weaken a com pany’s ability to respond to com petitors’ business actions. A company in a weakened state m ay also become subject to an undesirable takeover. Additionally, incidents can lead to new regulations. This im pacts your com pany and everyone throughout the industry.
1.3 Loss Prevention Com panies that display strong process safety leadership through com petence, culture, and disciplined management receive a windfall benefit every year. This incom e shows up on the bottom line in the savings from incidents that did not occur. Some com panies may avoid m ajor incidents for a time through luck alone. Even then, the costs of smaller incidents and near-m isses continue to add up. And luck eventually runs out. A
6 | 1 The Business Case for Process Safety
strong PSMS, coupled with strong process safety leadership, is the only way to sustainably avoid large and sm all incidents alike. Loss prevention benefits include: Lives saved and injuries prevented: Painful personal and financial impacts of human loss. Reduced property dam age loss: Major incidents cost an average of $330 m illion each (Ref. 1.2). Reduced business interruption loss: B usiness interruption losses typically range from 2 – 3 times the property dam age loss and can be as m uch as 11 times greater (Ref. 1.2). Protected m arket share: After an incident, m arket share m ay be lost, regained only slowly after production has been restored. Companies that sell direct to consumers m ay also see m arket share lost until the com pany’s reputation is restored. Reduced fines and litigation costs: For many incidents, fines can be in the m illions of dollars. The costs of lawsuits brought by victims and affected com munities can be significantly greater. And, in recent years, new laws such as the UK Corporate Manslaughter Act allow senior executives to be tried criminally for serious incidents (See Sec. 2.6). Reduced regulatory attention: A m ajor incident usually results in increased regulatory inspections, which can lead to additional fines and tie up resources. Reduced rem ediation costs: Environmental clean-up costs – even for sm all incidents – can be significant and go on for years. Many of these costs can put a sm aller company out of business. O ften this occurs through a significant stress on cash
1.4 Sustainable Growth | 7
flow. If the com pany does not have sufficient cash to address the capital and sales losses, it may be forced to sell valuable assets at distressed prices, resulting in significant loss of shareholder value.
1.4 Sustainable Growth Com panies around the world have learned that when they implement a robust PSMS, their productivity and quality increase while costs decrease. The reasons should be obvious. Process safety requires you to: Understand your process better, Envision what can go wrong and how, and then prevent it, Im prove process engineering design,
development
and
front-end
Follow procedures rigorously, Keep equipment, piping, and controls m aintained and in good operational integrity, Stop safely when the process goes out of control, or when som ething just doesn’t look right, Learn from investigating incidents and near-misses; and Manage change religiously. Doing this can lead to: Greater uptime with more stable operation, Longer periods between unplanned and planned shutdowns, Im proved yields and productivity; and Im proved quality and reduced rework.
8 | 1 The Business Case for Process Safety
Moreover, participating in cooperative efforts to promote process safety m ore broadly across the industry also brings real value: Helping suppliers and custom ers improve process safety helps ensure m aterials supply and uninterrupted sales for your com pany. Helping develop standards, guidelines, and regulations exposes you to external knowledge and experience and allows your input to be clearly heard. Maintaining open comm unication with contractors can help bring in best practices learned elsewhere. Embracing process safety as an essential part of the way you do business allows your com pany to measurably increase revenues and reduce costs. The value created can be substantial. The com panies that participated in the study (Refs. 1.3, 1.4) report the following types of financial benefits from their investment in process safety: Increased Productivity and Decreased Downtim e: Due to increased reliability of equipm ent and risk-based m aintenance. Decreased Production Costs: Due to increased work efficiencies. Decreased Maintenance Costs: Due to improved design and maintenance management. Increased Capital Efficiency: Due to im proving frontend engineering and designing to risk criteria. Decreased Downtim e: Due to reduced corrosion and risk-based m aintenance.
1.5 Leadership Excellence | 9
1.5 Leadership Excellence Com panies increasingly organize their operations m anagement and leadership activities in an integrated m anagement system called, among other nam es, O perational Excellence. A closer look at these m anagement systems shows that O perational Excellence depends on executing the core principles of process safety with dedication and professionalism . In an ever more com petitive global Process safety drives business environment, com panies leadership just as need visionary leaders who rigorously much as leadership drives process safety. m anage the details. Process safety requires everyone to show leadership, which helps prepare employees for future leadership roles. And since process safety touches so m any operational and technical roles, it helps produce an ever-growing cadre of leaders and m anagers to drive the future of the com pany. Just as process safety protects the com pany against losses from m ajor incidents that can threaten the sustainability of the com pany, it can also offer protection against other losses – of efficiency, trust, environmental quality, product integrity, and m any more. Process safety is the cornerstone of operational excellence.
1.6 Sum m ary In short, the business case for process safety is like the business case for any other dimension of the business. A robust PSMS operating in a robust culture will enhance your business in five ways, all driving improved profitability and shareholder value: Corporate Social Responsibility: builds the image of your com pany, adding to shareholder value through
10 | 1 The Business Case for Process Safety
increased Goodwill, while helping m ake your com pany a preferred place to work. Business Flexibility: removes barriers to growth and enables your com pany to focus on innovation and m arket developm ent. Loss Prevention: prevents dam age to assets and the broader destruction of shareholder value that accom panies incidents. Sustainable Growth: boosts productivity and quality, while helping to keep your com pany at the forefront of m anagem ent system s and technology. Leadership Excellence: drives leaders to hone their skills and helps develop future leaders. Fig. 1.3 shows how these five benefits help drive the corporate balance sheet and the profit/loss and cash flow statem ents. The rest of this book is dedicated to helping you show and grow the leadership needed to help your com pany realize these benefits.
1.7 References 1.1
CCPS, The Business Case for Process Safety, American Institute of Chemical Engineers, New York, 2018 (and previous editions 2002, 2004, and 2007).
1.2
M arsh Ltd., The 100 Largest Losses 1974-2015, London, 2016.
1.3
CCPS Unpublished research report, “The B usiness Case for Process Safety,” 2001.
1.4
Personal com munications member companies.
from
representatives
of
CCPS
Figure 1.3 Process Safety Impact on All-Around Company Financial Perform ance
1.7 References | 11
12 | 1 The Business Case for Process Safety
1.8 Incidents Represented in Figure 1.2 Aarti Drugs, Ltd., Tar apur, Gujar at, India, 22 M arch 2013. American Electric Power, B everly, O H, USA, 7 Januar y 2007. B ASF, Ludwigshafen, Rheinland Pfalz, Germany, 18 October 2016. B P, offshore of Louisiana, USA, 20 April 2010. B P, Texas City, TX, USA, 23 M arch 2005. Chevron, Richmond, CA, USA, 6 August 2012. Huntsm an, Port Arthur, TX, USA, 29 April 2006. M itsubishi Chem ical, Kam isu-shi, Ibaraki, Japan, 21 December 2007. Pacific Gas & Electric, San B runo, CA, USA, 9 Septem ber 2010. Praxair, St. Louis, Missouri, USA, 24 June 2005. Confidential incident # 1 by personal com munication. Confidential incident # 2 by personal com munication.
1SPDFTT4BGFUZ-FBEFSTIJQGSPNUIF#PBSESPPNUPUIF'SPOUMJOF By 5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST Copyright¥5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST
2 LEADIN G AN D MAN AGIN G PROCESS SAFETY Chapter 1 outlined a com pelling business case for process safety, with both hard and soft benefits. This chapter explains the basic concepts of process safety, highlighting the key points for leaders and addressing common m isconceptions. Chapter 3 outlines what you and others m ust do as leaders to implement these concepts and achieve perform ance expectations.
2.1 Process Safety Definition It is appropriate to start with definitions. A simple definition of process safety that captures its primary goal is: Keeping hazardous m aterials and energy in the equipm ent and piping system s to prevent catastrophic fires, explosions and toxic releases. A Process Safety Management System (PSMS), therefore, is the com plete set of standards, analyses, tasks, and oversight activities required to keep hazardous m aterials and energy within their containment; and if containment is lost to m inim ize potential consequences. Fig. 2.1 presents CCPS’s formal definition of these terms.
13
14 | 2 Leading and Managing Process Safety
Figure 2.1 Process Safety Definitions Process Safety: A disciplined fram ework for m anaging the integrity of operating systems and processes handling hazardous substances by applying good design principles, engineering, and operating practices. It deals with the prevention and control of incidents that have the potential to release hazardous m aterials or energy. Such incidents can cause toxic effects, fire, or explosion and could ultim ately result in serious injuries, property dam age, lost production, and environmental impact. (Source: CCPS online glossary). Process Safety Managem ent System (PSMS): A m anagem ent system that is focused on prevention of, preparedness for, m itigation of, response to, or restoration from catastrophic releases of chem icals or energy from a process associated with a facility. As a leader at any level, you have a professional obligation to know and understand the potential severity of the release of hazardous m aterials. Everyone involved in operations, from the plant operators and maintenance personnel to the CEO has responsibilities that contribute to keeping hazardous m aterials and energy in the equipm ent and piping system s.
2.1 Process Safety Definition | 15
It is im portant to contrast process Process safety safety with the broader subject of perform ance occupational safety and health that correlated to injury rates? deals with all sources of injury or illnesses to em ployees due to their B P executives were on work tasks or environm ent. the Deepwater Horizon Occupational safety and health is rig to present an intended to prevent all types of occupational safety injuries and illnesses, with focus on award on the day they had worst blowout in the prevention of slips, trips, falls, history. Good cuts, thermal burns, musculoskeletal occupational safety injuries, etc. These types of incidents, does not guar antee, or while potentially quite serious or even imply, good fatal, are common to most every process safety. work environm ent. However, process safety hazards are quite specific to the m aterial being handled and the process design. Many executives and m anagers have believed “safety” to be under control based on decreasing occupational injury rates, only to be surprised by a serious fire, explosion, or toxic release event. Due to the following properties of hazardous substances, e.g.: Toxicity, Volatility, Flam m ability; and Stability/reactivity, process safety incidents have a greater potential for im pacting m ore than one person, causing serious injuries. They also have the additional im pacts of property dam age, lost production and environmental harm.
16 | 2 Leading and Managing Process Safety
The risk of catastrophic incidents that could involve several fatalities or severe environment im pacts must be controlled. As discussed in Chapter 1, the loss of shareholder value due to a single process safety incident, as well as the costs, such as cleanup procedures, emergency response and healthcare, lawsuits, victims’ shelter, among others, could be the difference between success and failure for com panies of all sizes. Another typical difference between process safety incidents and occupational safety Incidents is their frequency. Occupational safety incidents typically happen at a higher frequency, with a lower severity (Fig 2.2, Quadrant 2), while process safety incidents typically have a higher severity but happen at a m uch lower frequency (Fig 2.2, Quadrant 3). Figure 2.2 Incident Severity and Frequency Quadrant 3
High severity Low frequency
Process safety Incidents: Fires, explosions, toxic releases, runaway reactions.
Severity
Quadrant 1
Low severity Low frequency
Most desirable and generally acceptable.
Quadrant 4
High severity High frequency
Unacceptable for any type of incident. Quadrant 2
Low severity High frequency
Occupational safety incidents: Slips, trips, falls, cuts, etc.
Frequency You probably have had m ore personal experience with occupational safety incidents, and you may never have experienced a process safety incident.
2.1 Process Safety Definition | 17
Due to the higher frequency, visibility and broad applicability of occupational safety incidents, and their adverse im pact on people, productivity and insurance rates, robust regulations and standards have been enacted to prevent occupational safety incidents. Reputable com panies have strong (occupational) safety management systems, programs and key performance m etrics specifically tailored to preventing and continually reducing occupational safety injuries. B y contrast, process safety Incidents typically occur less frequently but have the potential to have more severe consequences. Process safety regulations, where they exist, tend to be performance-based. This places the onus on the com pany to develop appropriate control measures and implement an effective PSMS instead of sim ply implementing regulations. In other words, process safety requires a m anagem ent system, just like occupational safety. B ut process safety requires com pany and site-specific control measures, and different metrics than occupational safety. As we have discussed, reducing the frequency of serious events involving hazardous m aterials is your fundam ental responsibility as a leader. Doing so has a high return and reducing the frequency of serious events can be effectively accom plished through the rigorous application of a PSMS. CCPS (Ref. 2.1) noted: As the chem ical process industries have developed m ore sophisticated ways to im prove process safety, we have seen the introduction of safety management systems to augment process safety engineering activities.
Management system s for chem ical process safety are com prehensive sets of policies, procedures, and practices designed to ensure that barriers to m ajor incidents are in
18 | 2 Leading and Managing Process Safety
place, in use, and effective. The m anagem ent system s (em phasis added) serve to integrate process safety concepts into ongoing activities of everyone involved in operations – from the process operator to the chief executive officer (emphasis added).
CCPS also provides a good resource for implem enting and improving PSMSs (Ref. 2.2). Process Safety Leading and Lagging M etrics It is essential for effective management of process safety to have key performance indicators (KPIs) of current and future perform ance. Leading and lagging m etrics allow a com pany to continually improve performance. Leading indicators also serve as a predictor of potential future incidents and enable leadership to know the on-going efficacy of the PSMS and when intervention may be necessary. CCPS (Refs. 2.3 and 2.4), API (Ref. 2.5) and IO GP (Ref. 2.18), provide good publications that help a com pany define leading and lagging m etrics for effectively m anaging process safety. Refs. 2.3 and 2.4 define these indicators as follows: Lagging M etrics: A retrospective set of metrics based on incidents that m eet the threshold of severity that should be reported as part of the industry-wide process safety m etric. Leading m etrics: A forward-looking set of m etrics that indicate the perform ance of the key work processes, operating discipline, or layers of protection that prevent incidents. N ear-m iss and other internal lagging m etrics: Less severe incidents (i.e., below the threshold for inclusion in the industry lagging m etric), or unsafe conditions that
2.1 Process Safety Definition | 19
activated one or more layers of protection. Although these events are actual events (i.e., a “lagging” m etric), they are generally considered to be a good indicator of conditions that could ultim ately lead to a more severe incident.
CCPS (Ref. 2.3) further states: These three types of m etrics can be considered as m easurements at different levels of the “safety pyram id” illustrated in (Fig. 2.3 of this book). Figure 2.3 Process Safety Metrics Pyram id Process Safety Incident (Tier 1 PSEs as per API RP754): Incidents that meet the threshold quantity that should be reported as the industry-wide process safety metric. Process Safety Event (Tier 2 PSEs as per API RP754): Incidents that don’t meet the definition of process safety incident (e.g., Loss of Primary Containment incidents that restrict work, require medical treatment, or exceed 10% of the TQ of a PSI) Near Miss: Minor LOPCs or system failures that could have led to an incident (e.g., instrument failed, pipe wall thickness low) Unsafe behaviors or insufficient operating discipline: Measurements to ensure that safety protection layers and operating discipline are being maintained
Industrycommon lagging metrics.
Near-miss reporting metrics. Leading metrics.
Source: Ref. 2.4
Although Fig. 2.3 is divided into four separate layers (safety incidents, other incidents, near-miss, and unsafe behaviors/insufficient operating discipline), it is easier to describe metrics in term s of the categories defined in the figure. CCPS goes on to recomm end that: …all companies incorporate each of these types of m etrics into their internal Process Safety M anagement System s.
20 | 2 Leading and Managing Process Safety
As part of driving a strong process safety culture, you, as a leader, should establish and m onitor KPIs for the key PSMS elements (Ref 2.19): 1. Com mitment to Process Safety. a. Process safety policy, expectations and risk criteria. b. The PSMS, including workforce involvement. c. Equipment designed to recognized and generally accepted good engineering practices (RAGAGEP). d. Stakeholder outreach. 2. Understanding Hazards and Risks. a. Process Safety Inform ation including chem ical reactivity information. b. Process Hazard Analysis, risk assessment, and risk reduction. 3. Managing Risks. a. Asset (Mechanical) Integrity. b. Reactive chemical hazards. c. Operating Procedures. d. Safe Work Practices: Line and equipment opening, isolation of energy, hot work, vessel entry. e. Contractor Management. f.
Training and Performance Assurance.
g. Management of Change. h. Operational Readiness. i.
Conduct of Operations.
j.
Emergency management: preparation and response.
2.1 Process Safety Definition | 21
4. Learning from Experience. a. Measurements and Metrics. b. Incident reporting and investigation. c. Audits. d. Management System Reviews and Continual Im provem ent. In 2013, CCPS conducted a survey of their mem ber com panies’ use of process safety leading indicators (Ref. 2.6). The key high-level findings for the types of leading indicators utilized are repeated here: Ensuring follow-up on actions across the spectrum of PSMSs. Audit corrective actions. PHA actions. Com pletion of safety-critical equipment inspections or calibrations. MOC actions. Unplanned event corrective or preventive actions. Leveraging learning experiences and m anaging deviations: Process safety near-miss reporting including fires. Challenges to safety systems in general and specifically calling out: safety instrumented systems and relief device activations. Ensuring m anagement engagement. Picking the most pertinent measures to your operation and getting them in front of leadership. Including these measures in agendas of various operational reviews and ensuring action.
22 | 2 Leading and Managing Process Safety
When you im plement a strong PSMS, it will help you significantly reduce the risk of catastrophic events and help prevent, reduce and eliminate the likelihood of hum an injury, environmental damage, and the high associated costs from incidents that occur at all levels. Avoiding the high costs associated with process safety incidents contributes to the financial stability of a com pany and can m ake the difference between success or failure to stay in business.
2.2 How Process Safety Works: Risk Reduction and Risk M anagem ent to Elim inate Incidents In order to reduce and m anage risks, you m ust first understand the chem ical or physical hazards in the process, and, depending on your level, the process design. Next, you must identify and assess the potential risks im posed by the process and m aterials. Start by asking these three questions: 1. What can go wrong? 2. How bad can it be? 3. How often can it happen? This evaluation factors in the existing or proposed barriers. You then categorize or calculate the risk, considering the initiating event frequency and the failure rate of the barriers. Process safety professionals form ally categorize or calculate risk as a function of consequence and frequency: Risk=f(Consequence x Frequency) If there is an opportunity reduction or elim ination of the high relative to the corporate Design (ISD) review may be
to reduce the risk through the hazard or the identified risks are risk criteria, an Inherently Safer conducted. An ISD review will
2.2 How Process Safety Works | 23
evaluate a safer process design and/or the use of safer m aterials. CCPS (Ref. 2.7) provides a good reference for ISD. Once you have determ ined the risk, you m ust identify, prioritize, and im plement the appropriate number and robustness of risk reduction measures. Risk reduction m easures are commonly called barriers. Historically barriers identified in a PHA have been called safeguards, while barriers identified in M ost processes risk assessments have been called require multiple independent protection layers (IPL). barriers to control IPLs m ust be form ally evaluated for risk. their failure rate, (i.e., probability of B arriers that are IPL’s are generally failure on dem and). Safeguards, on the more robust. other hand, are likely to have a higher All barriers must failure rate due to the possibility of not be maintained. having form al evaluation criteria. In this book we will use the term “barrier” generically, unless we specifically m ean “IPL” or are using “safeguard” as a verb. Due to their relatively high potential consequences, process unit operations and equipment containing hazardous m aterials typically have m ultiple barriers to prevent specific process safety related scenarios. Som e of these barriers are defined by legal requirements or standards (e.g., Mechanical Integrity, Management of Change, and Procedures), or identified by a Process Hazard Analysis (PHA) or risk assessment such as Layer of Protection Analysis (LO PA) or in some cases a Quantitative Risk Assessment (Q RA). As m entioned, all barriers have a failure rate. M inim izing this failure rate and keeping it low in order to prevent incidents is the intent of the PSM S.
24 | 2 Leading and Managing Process Safety
The use of m ultiple barriers and how they can fail leading to an incident is commonly depicted in the “Swiss Cheese Model” (Fig. 2.4). Figure 2.4 Swiss Cheese Model Hazards are contained by m ultiple protective barriers B arriers m ay have weaknesses or “holes” When holes align, hazard m ay pass through all the barriers, resulting in the potential for adverse consequences B arriers m ay be physical or engineered containment, or behavioral controls dependent on people Holes may be latent/incipient, or opened by people
Im plementing risk reduction measures requires strong m anagem ent system s to ensure that you operate barriers within their constraints and/or appropriately inspect, test and m aintain them over the life of the process, and properly evaluate changes. When there is a process safety incident in a plant with established barriers in place to prevent the incident, by definition, each preventive barrier and its associated m anagem ent system failed. Risk is m aximized and incidents are increasingly likely if barriers are not appropriately m anaged. In one docum ented case, in a plant with a weak mechanical integrity management
2.3 Learning from Incidents | 25
system, the com pany had to replace or de-rate 10 vessels in highly hazardous service 10 times m ore frequently than the industry average. Indeed, operating discipline (e.g., m aintaining barriers and operating within their constraints) is so important when managing the risk, we will use the following equation (Ref. 2.8, p. 14): Risk = f
(
Consequence x Frequency Operational discipline
)
Process risk reduction and risk m anagem ent, (m eeting legal requirem ents, corporate risk criteria and standards), are the direct responsibility of line and business m anagem ent and are im portant m easures of m anagerial perform ance. It is necessary for executives to track risk reduction progress with overall PSMS reviews. M anagement system review is discussed in Chapter 4.4.4.
2.3 Learning from Incidents B ottom line: Process safety A high incident rate incidents directly reflect the indicates a systemic efficacy and clearly indicate failures of a breakdown in PSM S effectiveness. facility’s, or com pany’s PSMS. Each and every incident is an opportunity to learn It demands im mediate and improve the effectiveness of the intervention. PSMS at the site, business or com pany level. M any times, the learning and im provement can apply to an entire or industry. It is also im portant to understand that the consequences of hum an failures can be immediate or delayed. Active failures have an imm ediate consequence and are usually m ade by frontline personnel such as operators or m aintenance
26 | 2 Leading and Managing Process Safety
technicians, (e.g., not following a procedure, leaving a valve open when returning a line to service. etc.). Latent failures are m ade by people whose tasks are removed in time and space from operational activities, e.g., designers and decision m akers: m anagers and senior leaders. Latent failures occur in executing process safety standards or work processes and are usually hidden. For exam ple: Poor design of plant and equipment, Ineffective training, Unclear Procedures, Inadequate supervision, Ineffective comm unications, Inadequate resources equipment); and
(e.g.,
funds,
people
and
Uncertainties in roles and responsibilities. Regardless of whether a failure is active or latent, there should always be a m anagem ent system that governs the efficacy of the barrier and the prevention of the incident. Again, whenever there is a process safety incident in a facility, by definition, each preventive barrier in place to prevent the incident – and its associated m anagem ent system – failed. Each applicable functional m anager responsible for the local implem entation of
Im portant! Weakened or failed barriers? Even if you correct the barrierare thatintended failed in an B arriers to incident, you must also prevent incidents of any correct the management severity and should be system element(s) that tested and/or inspected allowed the barrier to to meet acceptance fail. Otherwise, other criteria. Whenever barriers controlledyou by have a sm all or large these elements could release also potentially of m aterial, fail the for the same reasons. specified preventive barrier(s) failed.
the m anagements system
2.3 Learning from Incidents | 27
failure has a direct responsibility: Investigate until you find out where the m anagem ent system failed, and then fix it. An investigation process (another PSMS elem ent) must include the following basic tenets of an effective Root Cause Investigation (RCI): 1. Identify the cause(s) for failure of every required barrier, including both: a. B arriers required by regulations and standards; and b. B arriers validated by hazard/risk assessment. 2. Identify the root cause(s) for failure of every barrier’s m anagem ent system . 3. Involve the function responsible for the implementation of each failed m anagem ent system .
local
4. Establish corrective actions for every failed barrier and failed m anagem ent system . 5. Include the appropriate level of functional ownership for m anagem ent system corrective actions. The rationale for identifying each managem ent system failure is; A m anagement system m ay cover hundreds, if not thousands of protection layers. If an incident occurs and the m anagem ent system is not fixed, a repeat of that incident is highly likely. For exam ple, if an incident occurs because corrosion under insulation has been incorrectly designated in a Management System , fixing it on one piece of equipment without correcting the M anagement System and following-up on applicable equipment, will do nothing to prevent a sim ilar incident from happening again.
28 | 2 Leading and Managing Process Safety
Involve the right people in the investigation or follow-up corrective actions: Involve the function responsible for the local implementation of the failed management system, to: Identify the correct m anagem ent system failure; and Have proper ownership of the corrective action. The function can establish the appropriate level of correction for a managem ent system and drive the improvement. In some cases, a m anagem ent system needs to be corrected at a single facility. In other cases, a management system needs to be corrected across a site, a business, or the entire company. Now let’s consider the importance of near-m iss reporting and investigation. Process safety near-m iss (PSNM) reporting presents an opportunity to learn valuable lessons that m ay prevent m ore serious future incidents.
N ear-m isses are a gift – on a silver platter! Think of near-misses as “near-hits” that could have been serious incidents but for luck. They are valuable gifts to the facility, technology, business or company of the opportunity to identify PSMS gaps and fix them without having an injury or property dam age.
To further strengthen a PSNM reporting program , there is an opportunity to elevate the lessonslearned from the highest potential PSNM events. Identification, investigation, and leveraging of the events with the highest potential for m ajor im pact within the corporation can only further strengthen and drive continual process safety perform ance im provem ent. A High Potential Process Safety N ear-M iss (HP PSN M) is a PSNM event that could have the highest potential for a fatality, significant lost tim e, or significant community impact if the
2.3 Learning from Incidents | 29
circumstances had been slightly different, or for exam ple, if m ore than one barrier failed. The HP PSNM should provide significant learning value to a technology, corporation and potentially the industry for the reinforcement of critical protection layers. The elements of the HP PSNM reporting process should include: 1. Immediate reporting of event to business, technology and the applicable corporate leaders. 2. Form al root cause analysis. 3. Learning experience report for distribution across the technologies and sites (as applicable). 4. Positive recognition of the facility with the insight to report with transparency. Incident investigation results and corporate memory When there is a significant incident in your com pany or in the technology you operate, it is critical for you to integrate the learnings into your corporate m emory. Here are some examples of practices im plemented by som e com panies to help them retain lessons-learned: Created a “Look-back in tim e” video that summ arized and provided pictures of each internal and relatable external incident and correlated them to the PSM S and standards in practice today to prevent the sam e scenarios. Personnel at all levels are required to view the video as part of process safety training courses. Developed technology-specific “Golden Rules” with strict technology and operational requirements. These rules are supported with incident summaries and pictures. All personnel are reminded of the rules on a set frequency.
30 | 2 Leading and Managing Process Safety
Set a site speed limit of 17 MPH to rem ind personnel of an incident that claim ed 17 lives. Personnel are regularly trained on the factors that led to the incident and the barriers that must be utilized. Left debris in place, lodged in a wall, after an explosion. Again, personnel are trained on the incident, and barriers and the debris serve as a visual reminder of the potential energy in their processes. You must strive to ensure your corporate memory builds on your and third-party incidents. You must continue to educate personnel on how these incidents have shaped the corporate standards, procedures and practices. You are responsible for keeping these approaches up to date as a resource and com municating about them for the life of the asset.
2.4 Personal Leadership Accountability Leadership is commonly defined (Ref. 2.9) as: “the action of leading a group of people or an organization.” With the catastrophic potential of operations handling and/or processing hazardous m aterials, this action em bodies taking personal accountability to adhere to the technical and ethical standards of process safety. In other words, leaders m ust be professional in implementing, operating, m aintaining and verifying the PSMS. Professional process safety leadership applies to most roles in a com pany producing or handling hazardous m aterials. B eyond the obvious line and functional roles, engineering, hum an resources, and research & development all have process safety responsibilities that m ust be professionally m anaged. Managing process safety professionally requires leadership at all levels and a continual focus on:
2.4 Personal Leadership Accountability | 31
Earning and m aintaining the com pany’s im plicit social license to operate facilities with hazardous materials. Verifying appropriate knowledge of your m aterials’ hazards/risks. Ensuring knowledge of corporate risk criteria, and the barriers required to be in place to meet risk criteria. Verifying PSMS perform ance to ensure robust barriers are effective. Learning and im provement of the PSMS. When producing or handling hazardous m aterials, there is an obligation of the CEO and the Board of Directors, as leaders of the organization, to protect em ployees and the com m unity, and to properly prepare for and respond to em ergencies. In other words, leaders are obliged to uphold their com pany’s im plicit social license-tooperate. As discussed in Chapter 2.1, the PSMS is the framework for the comprehensive sets of policies, procedures, and practices designed to ensure that barriers to m ajor incidents are in place, in use, and effective. This means that all em ployees, from the CEO to the process operator, m ust understand their roles and have an appropriate level of knowledge of hazards and risks, the corporate risk criteria, and the barriers required to be in place to meet the risk criteria. This also m eans that all employees have the direct responsibility for the appropriate verification and continual improvement of PSMS perform ance to ensure operations are conducted in a professional, incident-free m anner. Leaders m ust also take appropriate actions at the right level regarding when to lead, manage or escalate issues arising from carrying out their respective responsibilities within the PSMS. To quote Peter Drucker: “Management is doing things right.
32 | 2 Leading and Managing Process Safety
Leadership is doing the right things.” B oth are essential attributes in carrying out the PSM S. A single exam ple of this leadership issue is given for several roles in Table 2.1, below. We will look at recommended roles, responsibilities, and cultural interactions m ore comprehensively in Chapter 5. Table 2.1 Exam ple Role Responsibilities Manage
Lead
Escalate
Ensure appropriate resources and funding for risk reduction actions.
Inform board and develop action plans for businesses and sites not on track to meet corporate risk reduction expectations.
Senior Executive Review of business or site progress to meet corporate risk criteria.
O perations Leader (M ultiple facilities in one or more sites) Review of facility’s risk reduction action plan progress to meet corporate risk criteria.
Ensure appropriate resources and funding for facility’s risk reduction and incident corrective actions.
Inform Sr. Executive and develop action plans for facility not on track to meet corporate risk reduction expectations
Production M anager Ensure pressure equipment is taken out of service for inspections and testing at the right timing.
Ensure deficient pressure equipment evaluated for fitness-for-service and repaired as needed, even if production m ust be interrupted.
Keep the facility down until fitness for service issues are resolved and inform executives of the situation and any additional resource needs.
2.4 Personal Leadership Accountability | 33
Table 2.1 (Continued) Exam ple Role Responsibilities Manage
Lead
Escalate
Engineering Leader Support or own key programs or barriers against major potential consequences (e.g., equipment design, maintenance, and RAGAGEP)
Ensure engineering personnel are following RAGAGEP design and maintenance standards.
Inform Sr. Executives and Operation Leaders and ensure significant learnings from incidents with design deficiencies are leveraged through the organization.
Plant Operator Follow startup procedures with appropriate checks prior to placing equipment in service.
Ensure follow up on problems found with pre-startup checks prior to placing equipment in service.
Inform production leadership of issues found with pre-startup checks that prevent the facility from running as soon as they happen.
M aintenance Technician Test, inspect and calibrate safety instrumented systems and ensure they are fit for service.
Ensure follow up on problems found with the testing, inspection and calibration of safety instrumented systems.
Promptly inform leader of issues found in inspection, testing, and calibration of safety instrumented systems that prevent the facility from running.
Process Safety Specialist Review Significant Incidents (internal or external) and near-miss PSM S failures.
Ensure appropriate management system (M S) corrective and preventive actions are taken.
Ensure appropriate leveraging within and outside the company.
34 | 2 Leading and Managing Process Safety
When leaders take a professional approach in m anaging and leading the PSMS, a strong culture develops that will continually im prove process safety perform ance. Process safety culture is defined (Ref. 2.19) as: “The common set of values, behaviors, and norm s at all levels in a facility or in the wider organization that affect process safety.” In essence, a strong culture promotes openness, ensures accountability on actions and escalates issues where needed, by all levels in the organization.
2.5 Downturns and Boom Tim es: Special Process Safety Leadership Challenges Process safety incidents tend to happen m ore frequently during economic downturns. A study by the Marsh M cLennan Group (Ref. 2.10) found that the largest losses in oil and gas production and refining occur during periods of relatively low oil prices. More generally, Chapter 1, Fig. 1.2 shows that a com pany’s share price (relative to its stock m arket sector index) begins trending down even before a m ajor incident sends it decreasing even m ore rapidly. The correlation is obvious. When the business becomes financially challenged, m anagers strive to cut costs. Cost-cutting can take m any forms, including reducing personnel and deferring m aintenance and training. Plants may also run at reduced rates under conditions that are less stable and less fam iliar to operators. If such cuts are m ade without considering the im pact on m aintaining barriers, the barriers can deteriorate and fail. In fact, indiscriminate cost-cutting is one major root cause of m ultiple barrier failures.
2.5 Downturns and Boom Times | 35
Clearly then, leaders need to pay even m ore attention to process safety during downturns. This does not mean you should avoid necessary cost-cutting. B ut it does m ean that you need to carefully ensure that the cuts will not com prom ise the barriers you have in place to meet your corporate risk criteria. This can be accom plished by thorough analysis based on knowledge, experience, and foresight (See Organizational Management of Change, Secs. 3.2.3 and 4.3.1). Som e analysis relates to hum an resources, but quite a lot requires study by engineering professionals. There m ay also be legal requirements that may specify staffing levels and activities that cannot be cut. The evaluation needs to consider the following key points. Personnel cuts Certain roles are considered process safety-critical. This m ay be due to the specialized expertise required. Or, the role may be a key cog in the PSMS, such as the MOC coordinator or the person who approves temporary interlock bypasses. If personnel with specialized expertise are to be replaced by external experts, the experts should be identified and prequalified ahead of time. Keep in m ind that some internal experience m ay be too valuable or too specialized to transfer to external experts. Make sure to transfer all the process safety duties of laid-off personnel to others who have the necessary knowledge, skill, and, especially, time to perform them. Organizational MOC m ust be used to ensure critical tasks and responsibilities are not m issed. The concept of com petency mapping can be a useful tool in this process. CCPS (Ref 2.11) provides good m aterial for this task.
36 | 2 Leading and Managing Process Safety
Inspection, testing, and preventive m aintenance (ITPM) Decisions regarding deferred maintenance should be m ade at the right level. Generally, PSM Ss should define the level of approval for such decisions, usually based on the risk of the process and the criticality of the item . In some cases, ITPM intervals may have been set arbitrarily and are overly conservative. Nonetheless, ITPM intervals should not be extended without professional analysis. The analysis should follow a formal deferral process by som eone with the proper expertise. The analysis should demonstrate that the extended interval will not comprom ise safety. Some equipment, such as relief valves and safety instrumented system s, may have specific ITPM standards or regulations that m ust be met. ITPM intervals cannot be extended beyond these standards. Training Defer training based on risk. Professional development and cross-training m ay be deferrable. However, if the integrity of a barrier depends on regular refresher training, that training should not be deferred. Considering that incidents m ay be more likely during downturns, emergency response training should not be reduced. Remem ber that regulations define schedules for some types of training, and these cannot be deferred. Process hazard analysis In general, you should not defer process hazard analyses (PHA), whether for new processes, management of change (M OC) or revalidation. For lower risk processes and PHA revalidations with only m inor changes, a m ore stream lined PHA m ethodology m ay be considered. Such decisions should be
2.5 Downturns and Boom Times | 37
m ade by individuals with the proper expertise following a formal PHA m ethodology selection process. Regulatory requirements may also lim it the use of alternative PHA m ethodologies. CCPS (Ref. 2.12) can help you develop a PHA m ethodology selection process appropriate to your com pany. Take special care to avoid undue tim e pressure on PHA team s. This m ay lead to shortcuts and m issed hazard scenarios. Sim ilarly, avoid PHA overload. Most people experience a decrease in attention and effectiveness after ~6 hours. Asking PHA teams to continue for 8-12 hours per day may not increase throughput significantly and may introduce errors due to fatigue or inattention resulting in unidentified hazards and unassessed or unm itigated risks. Autom ation If you can identify an upcom ing need to downsize sufficiently in advance, autom ation of processes and administration tasks m ay be an effective way to reduce staff. B ear in mind that autom ation will probably increase ITPM and software m aintenance requirements. So, while autom ation m ay facilitate reducing operating and administrative staff, ITPM and system administrator staff may need to be increased somewhat. Autom ation failure mechanism s do differ from human failures. So, your initial risk analysis based on human operators will need to be updated by risk analysis experts to verify that the process still m eets your risk criteria. Inherently safer design Certain inherently safer design options (Ref. 2.7), most notably reductions in, inventories, reactor volumes, and reaction rate m ay be easily achievable during downturns and m ay reduce process risk. It m ay then be possible to reduce
38 | 2 Leading and Managing Process Safety
operating personnel or barriers if professional analysis shows that the corporate risk criteria can be met with these reductions. Special pressures on leaders during downturns During downturns, leaders m ay come under pressure to implement new initiatives to im prove financial perform ance. These can take considerable time and effort, potentially at the cost of distraction from their process safety duties. Leaders and workers alike may also be distracted by worries about the security of their own jobs. B oth form s of distraction should be proactively addressed from the top-down. Executives should adjust priorities to ensure that leaders and workers are not distracted from their process safety duties by other priorities or worries. This should be enforced and supported down to the frontline. Leaders should also m ake a special effort to interact with their personnel, keeping them informed of downsizing efforts and offering personal support. Upturns and expansions present similar challenges Process safety perform ance can also degrade when production ram ps up. This can happen with economic recovery after a downturn, during times of significant business growth, and also during consolidation from m ultiple sites to one site. During such upturns, resources can be stretched thin. This norm ally requires adding
Mind the Gap During times of both negative and positive economic stress, gaps can appear between what the PSMS calls for and what leaders accept. As the gaps grow, risk increases. Pay attention to signs of inappropriate risk acceptance and, instead, implement risk control barriers appropriate to the new situation.
2.6 Compliance: Required but not Enough | 39
personnel. However, rehired personnel m ay be out of practice, and new personnel might not be hired fast enough to fill gaps. New personnel will require training and experience to get fully up to speed. And m ultiple responsibilities handled by a single employee m ay get divided am ong m ultiple employees. This can lead to confusion about responsibilities and tasks being overlooked. During upturns, processes m ay approach safe operating limits, and operations m ay seek to stretch these lim its. Leaders should support the M OC program and help MOC coordinators to resist pressure to short-cut the MO C process. When pushing the process to safe operating limits, MO C becomes more important than ever.
2.6 Com pliance: Required, but not Enough Today, most countries have at least one regulation addressing process safety in som e way. These regulations are generally sensible, and often helpful. However, as a leader, you need to understand that com pliance with regulations and standards alone will not m anage the barriers that control your hazards to m eet your risk criteria. Leaders who believe that com pliance alone makes their com pany safe are often sadly m istaken. Here’s why: Your hazard m ay not be regulated Regulations do not exist to control any single com pany’s risk. At best, they exist to control societal risk overall. At worst, they m ay serve only to prom ote the images of politicians and advocates. As such, regulations define conditions that include som e m aterials, processes, hazards, and inventories
40 | 2 Leading and Managing Process Safety
and exclude others. Exclusion from regulatory coverage may result from factors such as: Low usage in commerce, Lower volume storage com pared to general practice, Difficulty in defining the hazardous property (e.g., runaway reaction potential); and Lobbying. If you have unregulated hazards, your facility m ay be in com plete com pliance, but fail to manage those hazards sufficiently to meet your corporate risk criteria. “Paper” com pliance isn’t necessarily real com pliance Com pliance requires a “paper trail” (or its electronic equivalent) to prove perform ance to regulatory com pliance officers. However, enforcement inspections occur infrequently, and inspectors often do not dig deeper than paper com pliance. B ut even if your paperwork is perfect – which it should be – paper does not and cannot protect your people and your facilities. That only happens when you and your team execute your com pany’s PSMS professionally, operate within defined constraints, m aintain your barriers in a disciplined m anner, and verify that all of these enable you to operate within your risk criteria.
Check for paperonly com pliance Paper does not protect your people or your plants. Periodically check to make sure that the discipline and professionalism in the field match your paperwork.
In fact, an over-reliance on paper com pliance (or its electronic equivalent) can lead to incidents. Norm alization of deviance (See Sec. 3.3.4) can, if not actively prevented, lead to a
2.6 Compliance: Required, but not Enough | 41
“check-the-box” mentality, where the paper shows com pliance but does not represent reality in the field. Regulations are Incomplete Regulations around the world tend to be m odeled after approaches developed in Europe, Japan, the UK, or the USA. Regulatory experts frequently debate about which regulatory approach is better. In truth, each approach has its strong points, but leaves gaps. Therefore, your facility or com pany m ay be in com pliance but fail to satisfactorily perform key steps needed to m anage your risk. European regulations tend to focus most heavily on good vessel design and em ployee knowledge. B ut they are weaker in other parts of the process and tend to overestim ate hum an reliability. UK regulations focus on holding m anagers accountable to a “Safety Case.” While this is an excellent idea, the Safety Cases themselves can lack sufficient detail and rigor. USA-based regulations are quite practical, technical, and informative. B ut despite inclusion of “M anagement” in the regulations’ names, the USA regulations do not include requirements for managers/leaders. In addition, they lim it applicability to a list of hazardous materials, while not explicitly covering m any hazardous m aterials, combustible dusts, chem ical reactivity hazards, and other hazardous conditions. Anywhere in the world, regulations can leave operations and business managers with the impression that they do not have to m anage process safety – the regulatory authority has that responsibility. This is sim ply not correct. The management gap in regulations is beginning to close. Regulators around the world are finding ways to hold executives and operations leaders criminally accountable for incidents.
42 | 2 Leading and Managing Process Safety
Here are some exam ples: Australia: Oil and gas facility Emerging laws hold m anagers are presumed to be leaders criminally intimately fam iliar with and in negligent when control of their operations’ incidents occur. PSMS. If an incident harms a worker, the public, or the environment, the manager can be found criminally negligent (Ref. 2.13). China: As a result of the Tianjin warehouse explosion that killed 173 people, the chief executive was sentenced to death. An additional 48 com pany and governm ent leaders were given lower sentences (Ref. 2.14). Europe and UK: Corporate manslaughter laws are currently emerging. The Germ an CEO of the steel com pany ThyssenKrupp was convicted in Italian court and sentenced to 16 years in prison for the burning deaths of 7 workers (Ref. 2.15). USA: The president of Freedom Industries and another executive served 1 month in prison as a result of a negligent chem ical spill that led to widespread drinking water contam ination. Several others were sentenced to probation (Ref. 2.16). Regulators are neither om niscient nor omnipresent Even if regulations appear to address all hazards in your facilities, you should not rely on a “clean” regulatory inspection as confirmation that you are satisfactorily managing your risks. Inspectors cannot know your process as well as you do, and therefore are likely to overlook gaps in your performance. Moreover, regulatory inspections apply only to a snapshot in time. Gaps can be closed temporarily in preparation for inspections, and new gaps can appear between inspections.
2.7 Management Systems: Helpful but not Sufficient | 43
In summ ary, com pliance with regulations is necessary, but is not enough in itself. Success in process safety requires strong leadership, culture, and m anagement system s to: Im plement all required activities, Operate within constraints, Maintain barriers; and Verify perform ance.
2.7 Managem ent System s: Helpful but not Sufficient Com panies are increasingly implem enting voluntary consensus m anagem ent standards, including CSA Z767 (Canada), ISO 14001 (Global), OHSAS 18001 (Global), RC14001 (USA), and RCMS (USA). These standards typically define a rigorous m anagem ent system framework (See Chapter 4) that regulations typically lack.
®
®
OHSAS 18001 and ISO 14001 are prim arily intended to m anage occupational safety and environmental im pact, respectively. RC 14001 and RCM S, both established by the American Chem istry Council and supported by trade organizations in other countries, broadly address environmental protection, occupational safety, process safety, health, and product stewardship. B ut simply having one or more of these m anagem ent systems does not guarantee that you are adequately controlling your facilities’ hazards to your corporate risk criteria. These standards are only fram eworks. If the activities addressed by the management system are incom plete, hazards will be left uncontrolled. For example, if regulatory compliance (See Sec. 2.6) were implem ented within a m anagement system structure,
44 | 2 Leading and Managing Process Safety
you would have greater confidence in compliance. B ut the problems discussed in Sec. 2.6 would remain. Nonetheless, these fram eworks are useful for m anaging process safety. B ut you need to ensure that they address the full range of process safety elements required to manage your risks to your corporate risk criteria. RC 14001 and RCMS both help ensure com pleteness through a supplem ental Process Safety Code (Ref. 2.17). This code identifies 6 specific leadership practices but makes it clear that the com pany must implement a com prehensive PSM S. These m anagem ent systems are voluntary. Com panies wishing to develop their own PSMS are certainly free to do so. However, a PSMS is necessary. Paper compliance can be a pitfall of voluntary consensus standard m anagement systems. Most standards require an external audit to validate perform ance. However, depending on the subject m atter expertise of the auditor, the audit may not go beyond paper com pliance. As a result, unmanaged risks may well be m issed. To avoid such problem s, audits should be conducted by experts, and perform ance should be com pared to the corporate risk criteria.
2.8 References 2.1
CCPS, Guidelines for Technical Management of Chemical Process Safety, American Institute of Chemical Engineers, New York, 1989.
2.2
CCPS, Guidelines for Implementing Process Safety Management, Second Edition, American Institute of Chemical Engineers, New York, 2016.
2.3
CCPS, Guidelines for Process Safety Metrics, American Institute of Chemical Engineers, New York, 2010.
2.8 References | 45
2.4
CCPS, Process Safety Leading and Lagging Metrics American Institute of Chemical Engineers, New York, 2011.
2.5
API, ANSI/API-RP 754 Process Safety Performance Indicators for the Refining and Petrochemical Industries, 2017.
2.6
CCPS, Process Safety Leading Indicators Industry Survey, American Institute of Chemical Engineers, New York, 2013.
2.7
CCPS, Inherently Safer Chemical Processes: A Life Cycle Approach, American Institute of Chemical Engineers, New York, 2010.
2.8
CCPS, Guidelines for Integrating Management Systems and Metrics to Improve Process Safety Performance, American Institute of Chemical Engineers, New York, 2016.
2.9
Google.com , Dictionary, 2018.
2.10 M arsh Ltd., The 100 Largest Losses 1974-2015, London, 2016. 2.11 CCPS, Guidelines for Defining Process Safety Competency Requirements, American Institute of Chemical Engineers, New York, 2015. 2.12 CCPS, G uide line s for H azar d Evaluation Proce dure s , 3 rd edition, American Institute of Chemical Engineers, New York, 2008. 2.13 Safe Work Australia, Guide for Major Hazard Facilities: Safety Management Systems, Canberra, 2012. 2.14
www.foxnews.com , Chinese Businessman Given Death Sentence in Tianjin Blast, 9 November 2016.
2.15 www.industrial-union.org, ThyssenKrupp CEO for Italy Convicted on Deaths, 20 April 2011. 2.16 www.wsaz.com, Former President of Freedom Industries Sentenced to 1 Month in Prison for Chemical Spill, 17 February 2016. 2.17 ACC, Process Safety Code of Management Practices 2012 and implementation guide 2013. 2.18 IOGP, IOGP Report 456, Process Safety – Recommended Practice on Key Performance Indicators, 2011. 2.19 CCPS, G uide line s for Ris k-B as e d P roce s s Safe ty, American Institute of Chemical Engineers, New York, 2007.
1SPDFTT4BGFUZ-FBEFSTIJQGSPNUIF#PBSESPPNUPUIF'SPOUMJOF By 5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST Copyright¥5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST
3 LEADERSHIP ATTRIBUTES Chapter 1 outlined a com pelling business case for process safety with m any quantitative and semi-quantitative benefits. Chapter 2 then explained the basic concepts of leading process safety, highlighting the key points for leaders and addressing com mon m isconceptions. This chapter begins the process of answering the question, “Now, what must I, as a leader, do to implement these concepts so that we can realize these benefits?” For leaders to fulfill their process safety responsibilities, they m ust demonstrate the same leadership attributes required for success in every other business area. This chapter will discuss how leaders apply these attributes to drive strong process safety cultures and disciplined m anagement system s. Am I a process safety leader? Yes! Everyone from the B oard of Directors and CEO to engineers and operators have process safety leadership responsibilities. These responsibilities, which vary by level and role, will be spelled out starting with this chapter.
47
48 | 3 Leadership Attributes
The discussion in this chapter will follow the structure summ arized in Fig. 3.1. Figure 3.1 Sum m ary of Leadership Attributes Create a shared vision Establish im perative for process safety Live imperative Drive im perative
Build knowledge, com petence, and training Earn social license to operate Develop personal com petence Develop and empower others
Show integrity and com m itm ent Show courage and conviction Take accountability B e responsive B e consistent
3.1 Create a Shared Vision As discussed in the first paragraph of Chapter 1, protecting workers, corporate assets, the public, and the environment is an ethical imperative. As a leader, you should be the first to embrace this im perative, and let it guide you as you carry out your process safety role with integrity. You should pay attention to ensure that your actions and words reflect that imperative. And you should drive that imperative throughout your organization.
Com m unicate with inspiration B e visible and connected Drive culture
Establish the imperative for process safety. Reflect it in your actions and words. Drive the imperative throughout the organization. Earn the social license to operate
3.1.1 Establish the Im perative for Process Safety A strong process safety culture begins with the imperative for process safety (Ref. 3.1). And this imperative begins with you as a leader recognizing:
3.1 Create a Shared Vision | 49
The potential consequences of process safety incidents, The controls and barriers required to prevent and m itigate incidents, Your ultimate accountability for the PSMS and culture; and Your duty to verify perform ance and drive continual improvement. From there, you m ust develop the shared vision, policies, and expectations. Senior executives must know and have a healthy respect for the com pany’s potential worst-case consequences. Senior executives m ust also know, support, and verify the key programs in place to protect against these consequences. Ultim ately, they set the tone for the com pany. Mid-level leaders m ust have a deeper knowledge of the m ost serious potential consequences. They m ust implement the key programs and ensure those program s function properly. And they should live the tone conveyed by senior executives as exam ples for others to em ulate. Frontline leaders need to understand in depth the potential consequences and manage the critical barriers directly. Frontline leaders who interface with production personnel need to m ake the imperative for process safety a reality. Individual contributors need to understand and appreciate the potential consequences that could occur in their areas. They also need to make the imperative for process safety real. This means stopping work or shutting down when the process is unsafe or they are unsure. This also means
50 | 3 Leadership Attributes
questioning their supervisors and pushing back when they sense the imperative may be slipping. You may be thinking, “I already recognize the im portance of process safety, and I have people to m anage it. I guess I can skip this section.” B ut do read on. Experienced leaders know that the imperative for process safety is constantly challenged. All leaders must therefore motivate them selves regularly to make sure the imperative for process safety remains in the front of their m inds and keep the imperative alive at all levels.
Don’t I have people who handle this? If you only “show support” for process safety and do not establish it as an imperative through your leadership and management actions, your organization will not treat process safety as an imperative.
Ideally, the Board and CEO or President should establish the imperative for process safety. They set broad goals and criteria for the organization to m eet. The CEO may then deliberate with their leadership team, assigning accountabilities and responsibilities through the executive function. Each senior leader m ay then deliberate and empower mem bers of their team s, and so on to the plant floor. In some companies, the imperative for process safety m ay become strengthened through leadership team discussions. In others, leaders m ay strengthen their own imperatives internally through reflection and study. Ideally, you should do both. The imperative for process safety should be supported by a well-defined process safety policy as part of the overall corporate risk management system . Additionally, senior executives should lead a process safety risk review process that considers:
3.1 Create a Shared Vision | 51
Form al risk criteria to help frame goals and provide consistency of efforts, Process risk reduction objectives and plans, Audits to evaluate whether process safety risk is being m anaged properly, Investigation of serious incidents and high-potential near-m isses and evaluation of lessons-learned from external incidents; and Com pany im provement areas and corresponding goals and plans based on the above. B ut how does the B oard and CEO com e Whatever your to embrace the im perative for process level, the safety? That process m ay start with imperative for leadership anywhere in the organization. process safety Lower level leaders can, and often do, starts with you. introduce the im perative to their peers and m anagers, who then in turn propagate it up, down, and across the organization. Whatever your level, the imperative for process safety starts with you.
3.1.2 Reflect the Im perative in Your Words and Actions If someone in your organization reported to you that a unit has shut down due to an equipment failure, how would you respond? No doubt, questions like the following would immediately com e to m ind:
Walk the talk. Talk the walk. Say it with feeling.
How long before we can restart? How much will it cost to repair? Do we have enough inventory to last the outage?
52 | 3 Leadership Attributes
These questions are important and m ust be answered. B ut it would be better to ask these questions first: Was anyone hurt? Is everyone OK? Do we know how it happened and how to prevent a similar failure? How will we know it is safe to restart? If the first questions you ask in such situations focus on process safety, you will demonstrate the imperative strongly. In the real world, production people don’t need to be reminded of the importance of getting production back online. That m otivation comes with the job. Unchecked, that motivation can tem pt them to take unsafe shortcuts or start back up before they fully understand the problem . You, as a leader, m ust bring the bigger picture, which includes the imperative for process safety. Think carefully about how your words and actions telegraph your core belief in the imperative for process safety. No matter which m edia you use to com municate, it should be clear to your team that you expect safe behaviors, actions, and decisions. Likewise, make it clear you will not tolerate unsafe conduct such as shortcuts, unapproved bypasses, and failure to carry out process safety responsibilities. Two pitfalls can trip leaders up in their attem pts to reinforce the im perative for process safety. Pitfall # 1: Your actions don’t match your words Even if you speak passionately about process safety, you m ay inadvertently contradict yourself with your actions and decisions. For exam ple, what would your team think if you:
3.1 Create a Shared Vision | 53
Didn’t approve a purchase of safety-critical equipment or failed to hire personnel needed to operate safely? Cancelled needed process safety training to fill an order? Did not acknowledge positive process safety behaviors? Did not correct negative behaviors? Rewarded a productive em ployee who took shortcuts? Second-guessed an employee who shut down a process to prevent a potential process safety issue? Approved bypassing a critical barrier without asking tough questions about interim controls? Established m ore goals than could be achieved, forcing your team to choose among them? Mark Vergnano, President and CEO of Chemours, says it concisely: “(Process) safety m ust be an obsession – something we think about, teach about, and preach about every day.” Pitfall # 2: Your tone doesn’t m atch your words You can also fail to convince your team of the imperative for process safety if they do not believe that you are sincere. Your sincerity m ay be betrayed by your tone of voice, your body language, or by lack of em pathy. Sim ply stated, you need to feel an emotional comm itm ent to process safety, or your non-verbal cues will betray you. As James Alder, former executive VP of Celanese, said, “I can assure you that if you don’t have that emotional commitment to process safety, it is difficult to sustain it, 24 hours a day, 7 days a week, 365 days a year over m any years. Nobody can pretend that long. You have to feel it emotionally and have a sincere desire that people won’t be hurt. You have to be willing to act and prioritize on that basis” (Ref. 3.2).
54 | 3 Leadership Attributes
3.1.3 Drive the Im perative Throughout the Organization Your com pany will have an imperative for process safety only when it becom es part of everyday life at all levels. As noted above, the imperative may start with leadership at any level. B ut ultimately, to be sustainable, it m ust be driven by the CEO with the support of the Board. Establish expectations
Establish expectations Create the culture Establish the PSMS M anage, track, and verify Improve
From leadership’s shared process safety vision, leaders should develop, implement, and m anage policies, standards, and practices. Details related to these will be discussed in Chapters 4 and 5. However, policies, standards and practices only become expectations when leaders insist on and verify their use, and then act and prioritize accordingly. Create the culture Culture starts with the im perative for process safety and is tightly interwoven with leadership. Just as process safety is more com plex than occupational safety, process safety culture is m ore com plex than occupational safety culture. CCPS’s guidance on process safety culture (Ref. 3.1) derives from lessons-learned in the process industries and other highconsequence sectors including the nuclear industry and spaceflight. The reference guidance defines 10 process safety culture core principles to guide leaders desiring to broadly strengthen culture across the company. Even more im portant than their use for cultureimprovement, the core principles m ust guide the way leaders
3.1 Create a Shared Vision | 55
carry out their process safety responsibilities. As such, the core principles will be woven throughout this chapter, as shown in Table 3.1. Table 3.1 Process Safety Culture Core Principles Core Principle (Ref. 3.1)
See Sec.
1. Establish the Imperative for Process Safety
3.1.1
2. Provide Strong Leadership
3.3.2
3. Foster M utual Trust
3.3.3
4. Ensure O pen and Frank Com munications
3.4.1
5. Maintain a Sense of Vulnerability
3.2.2
6. Understand and Act Upon Hazards/Risks
3.3.2
7. Empower Individuals to Successfully Fulfill their Process Safety Responsibilities
3.2.3
8. Defer to Expertise
3.3.3
9. Combat the N ormalization of Deviance
3.3.4
10. Learn to Assess and Advance the Culture
3.2.3
The core principles are listed above roughly in the order of implementation (or the order in which improvements are considered). Culture change – whether for process safety or any other business initiative – can be difficult. Your role as leader is to purposefully navigate the organization through the culture change and inspire others to live the new culture. Establish the PSM S Many PSM Ss exist across industry. Some are based on regulations, som e on published best practices, and many are developed internally based on experience and culture. These m ay be incorporated into a voluntary consensus management system as described in Sec. 2.7 or som e other framework. In developing your PSMS, keep the m essages of Secs. 2.6 and 2.7 in mind. Do not limit your thinking to regulatory com pliance.
56 | 3 Leadership Attributes
Instead, m ake sure that you have identified and are managing all of the barriers needed to control all of your process risks to within your corporate safety risk criteria. CCPS’s Risk B ased Process Safety M anagem ent (RB PS) system (Ref. 3.3) is an excellent starting point. It provides a checklist of options prompting you to choose the PSM S features m ost useful to your company’s situation. B ut also consider other references, especially those developed specifically with your industry sector in mind, for exam ple: Offshore (Refs. 3.4 and 3.5), Refinery (Refs. 3.6 and 3.7), Chem ical (Ref. 3.8); and Pipeline (Ref. 3.9). Manage and track Leaders are responsible for all aspects of the PSMS, including implem entation, operation, and continual improvement. Depending on level, leaders will have different roles. B ut in each role, leaders have responsibilities related to: Im plem enting the PSM S fully, Operating within the constraints defined by the PSMS and the operating and m aintenance procedures, M aintaining barriers in full working order and approve all barrier bypasses according to the corporate policy; and Verifying PSMS perform ance within their scope of control Chapter 4 discusses the roles of leaders at various levels, and Chapter 5 discusses basic PSMS concepts and leaders’ roles in the PSM S elements. A leader can – and in most cases should – delegate responsibilities for executing PSM S tasks to employees with the
3.1 Create a Shared Vision | 57
appropriate expertise. However, a leader cannot delegate accountability – appropriate to their level – for im plementation, operating within constraints, maintaining barriers, and verifying perform ance. You m ust rem ain personally involved in the assurance of the m ost critical barriers. During your routine business reviews, field visits and communications, challenge and verify the effectiveness of barriers. Also discuss lessons-learned and m etrics. Doing this will send a clear sign of your commitment to process safety. Im prove If you believe that your company’s im perative for process safety, culture, and PSM S are so strong that no improvement is needed, you are m istaken. Experience has shown that without the pursuit of continual im provement, process safety perform ance drops. The imperative for process safety weakens, the sense of vulnerability fades, com placency spreads, trust evaporates, and PSMS im plementation collapses. This can happen quite rapidly. Therefore, one of your m ost im portant leadership functions is to drive continual im provement. Consider gaps identified in the verification activities mentioned above, lessons learned from your incidents and others across industry, and from reevaluating your PSMS com pared to industry best practices. B ased on these gaps, establish improvement goals.
3.1.4 Earn the Social License to Operate Operating facilities have many different operating perm its and licenses issued by their m unicipalities, counties, provinces or states, and countries. These cover the full spectrum of business
58 | 3 Leadership Attributes
activities. Fulfilling regulatory requirements can consum e significant resources. B ut there is one more license that a facility and com pany m ust earn: it’s the social license to operate. No regulation governs the social license to operate, no certificate is issued, and the social license can be revoked at any time. Instead, com munities and the public grant it to a com pany by: Recognizing the benefits of having the com pany in the com munity; and Trusting that the company’s operations will not harm them . In som e ways, the social license to operate is the ultimate test of process safety com petency and that of your facility and com pany. You need to truly understand what your com pany does to prevent process safety incidents and communicate it credibly to a group of people with an external perspective. The ability to do this well should be considered a key leadership job requirement. Often, a facility becom es aware of the social license to operate only when they lose it. The community begins to express doubt in the company’s ability to operate safely. This then leads the com munity to question whether their perception of the facility’s risk outweighs the benefits of having the com pany as a neighbor.
Often leaders become aware of their company’s or facility’s social license to operate when they discover they have lost it.
A m ajor incident will obviously sow doubt in the com pany’s com petency, as will a series of sm aller incidents. Near misses, such as relief devices that open, emergency flaring, and non-drill
3.1 Create a Shared Vision | 59
evacuation alarms can also lead the comm unity to wonder if the com pany can operate safely. Several other factors seem ingly unrelated to process safety m ay also cast doubt on facility com petency: Frequent odors, noise, som etimes even steam ),
and
visible
smoke
(and
Tanker and rail vehicles that are in less than pristine condition, Workers com plaining about working conditions, whether justified or not, Insufficient transparency about your potential consequences and how you manage your plant to prevent them; and Com munity unrest. These factors only seem unrelated. Unusual odor m ay mean sm all losses of prim ary containment. Noise m ay come from failing equipment vibrating excessively in the last stages of their lifetim es. Dirty or poorly maintained vehicles may have resulted from leaks or poor material handling practices. Workers may be justified in complaining about safety. Lack of transparency may create the impression that you have something to hide. Com munity unrest tends to grow when neighbors perceive that conditions have been poor for some time. As a leader, you should be keenly aware of facilities’ need to continually earn and renew their licenses to operate. It’s like being on a never-ending job interview. You need to maintain two-way communication with the com munity, address concerns, and be open. And you need to lead and m anage process safety well to prevent incidents.
60 | 3 Leadership Attributes
3.2 Develop and Maintain Knowledge and Com petence Leaders at any level of the organization m ust ensure that their em ployees, their contractors, and they themselves have the knowledge, skills, and resources they need to execute their process safety roles. Those closest to operations and technology have very specific com petency requirements. Those at higher levels should at least understand the key concepts so that they can m anage em ployees, programs, and the overall enterprise risk. Leadership com petency will be discussed further in Secs. 3.2.1 and 4.3.1
3.2.1 Personal Knowledge and Com petence Leaders responsible for operations and operational decisions have clearly defined needs for their knowledge and com petency. This section discusses three com ponents of process safety com petency for leaders:
Develop personal competence. Develop and empower others.
Sense of Vulnerability: Appreciation of consequences from process safety incidents.
potential
Com petence: Specific process safety knowledge and skills. Intuition: Recognizing warning signs and weak signals. Maintain a sense of vulnerability One or more severe process safety incidents happens somewhere in the world almost every day. However, the number of incidents is relatively small compared to the number of hazardous facilities. Process safety incidents also happen m uch less frequently than occupational safety
3.2 Develop and Maintain Knowledge and Competence | 61
incidents. For this reason, m any facilities, and indeed many com panies, have not experienced major incidents for m any years, if ever. This can create a false sense of security and com placency. The opposite of com placency – a sense of vulnerability – naturally follows a serious incident or near-miss. Think back to the last time you had a close call while driving or stepped into the street and then realized a car was com ing. Im mediately after, you became more focused on For process safety to the surrounding environment, succeed, you need to looking for the next threat. You keep “What could probably drove slower, increased happen?” in mind at all spacing from the car in front, and times. changed lanes less frequently. This continued for a time, until com placency set back in again. Following the 2005 Texas City explosion, m any operations leaders around the world felt a keen sense of vulnerability. They launched many initiatives to im prove process safety culture, m anagem ent system s, and engineering. However, over time, com placency returned and incidents began to occur again across the industry. As a leader, you need to m aintain a sense of vulnerability about the company’s process safety hazards. It does not m ean that you should be scared or overly cautious. But it does mean that you should be very fam iliar with the potential consequences that could result from the facility’s or com pany’s hazards. And then use that knowledge to drive your com mitment and discipline in m anaging those hazards. Keeping a fresh sense of vulnerability is vital. B ut fighting com placency requires effort. Com placency occurs naturally in the human brain. Throness (Ref. 3.10) studied this effect and
62 | 3 Leadership Attributes
found that people forget incidents quickly. Even in facilities that have had catastrophic incidents, workers and leaders were found to have forgotten the lessons learned and becom e com placent in as little as 3 years. Fortunately, Throness found that regular rem inders and retrospectives about past incidents enabled personnel to remember, while instilling the sense of vulnerability in new hires. Leaders play a key role in keeping the m emory of incidents and their lessons-learned alive (See also Sec. 2.3). B e Com petent to Lead Process Safety The com petence and skills needed by leaders vary with level and role. In short, leaders must have general com petence to perform the duties associated with their roles discussed in Chapter 4. Regardless of role, all leaders should have at least a basic knowledge of the process safety principles and know how to perform the duties specified with their role in the PSM S. Depending on your specific role, the technical depth of your knowledge and com petency m ay need to be more advanced. Typical knowledge and com petency requirements for a variety of roles will be addressed in Chapters 4 and 5. You certainly do not need to be as expert in every subject as the people in your reporting structure. B ut you do need to have enough fam iliarity with the m aterial to: Speak knowledgeably about process safety when you are m otivating others in the organization, Understand and critically evaluate the recomm endations m ade by your peers and by those in your reporting chain; and Make the process safety-critical decisions required by your role.
3.2 Develop and Maintain Knowledge and Competence | 63
Leaders should ideally gain this knowledge and com petency by experience in roles with significant process safety com ponents. O f course, this is not always possible. In such cases, leaders should receive specific classroom and on-the-job training, as well as one-on-one mentoring, as part of a purposeful com petency developm ent plan. Training should not be once-and-done; refresher training taking various forms can help strengthen knowledge, trigger improvem ent ideas, and develop leaders for their next roles. Refresher training need not be in the classroom ; numerous global, national, and regional conferences and workshops provide excellent refresher opportunities, as does benchmarking with other com panies and peer coaching. Leaders having very specific process safety job requirements (e.g., auditing) or very broad job requirements (e.g., process safety functional leader) can also benefit from certification. Understand weak signals / warning signs A study by CCPS published in 2011 (Ref. 3.11) observed that during many incident investigations, interviewees stated that they knew the incident would happen. Deeper study identified several hundred warning signs of potential future incidents that could be observed, most with little effort. In other words, as a leader, you should keep your eyes and ears open for people or equipment that: Appears to be sloppy or undisciplined, Is worn-out or not working at full capacity, Is “Checking the box,” not following procedures, or not respecting the PSMS, Does not work or fails often; or In any other way does not look or sound quite right.
64 | 3 Leadership Attributes
Table 3.2 gives exam ples of several types of warning sign. Table 3.2 Exam ple Warning Signs Warning Sign Category
Exam ple
Leadership and culture
Conflict between production goals and process safety goals
Training and competency
Poor training attendance
Process safety information
Poor or inconsistent labeling
Procedures
O perators appear unfam iliar with procedures
Asset integrity
A philosophy of run-to-failure
M anaging change
Risk assessm ents conducted to support changes already made
Audits
Repeat findings from prior audits
Learning from experience
Frequent leaks and spills
Physical observations
B uild-up of residue or dust
Treat any warning sign or weak signal as an impending process safety incident. Then, understand the reason for the warning sign and correct the underlying problem before it escalates to an incident.
3.2.2 Develop and Em pow er Others A com pany that handles hazardous m aterials m ust have the necessary process safety com petence to m anage these hazards. Unless you are very early in your process safety journey, you probably have most of these com petencies distributed adequately throughout the organization. However, organizations never rem ain static. B usinesses grow, shrink and transform , em ployees leave or get promoted and m ust be replaced, and technology advances change the way
3.2 Develop and Maintain Knowledge and Competence | 65
people work. Therefore, com petency gaps continually emerge and m ust be system atically addressed. Developing others For this reason, leaders must continually assess the com petency gaps and develop their people to fill those gaps. The full range of process safety com petencies is quite broad, including knowledge and skills in: Engineering, Process developm ent and operation, Construction, Maintenance and inspection, Management, Regulatory and legal Com munications; and, of course, Leadership, among others. CCPS (Ref. 3.12) provides an excellent resource for identifying and mapping competency requirements. You m ay choose to delegate this task to a hum an resources leader and m any leaders do. However, you are still accountable for identifying the com petencies required and ensuring they are present in the organization. In recent years, the form al practice of organizational m anagem ent of change (OM OC) (Ref. 3.13) has emerged to help leaders do this. Like management of change (MOC), which evaluates potential process safety impacts of process-related changes, OMOC evaluates the impact of personnel and organizational changes.
66 | 3 Leadership Attributes
You do not need to perform the training or coaching to develop others personally. However, you should actively engage with your employee through the process. Specifically: Identify the training need in collaboration with the employee, Support the em ployee by providing encouragement, time to be trained, and assignments that help develop proficiency, Visit training classes reinforcing comments,
to
provide
supportive
and
Recognize em ployees’ development efforts; and Testing and challenging their com petence through inquiry and verification. Your role in developing others goes Develop your beyond your reports. You will also likely need peers and to develop your peers and your m anagement. leaders too! This need arises from the constant change in technologies, processes, and organizational structures. Each change brings with it a need to refine com petency. Some reasons you m ay need to develop your peers and m anagement include: Individuals new to their roles, Process or organizational changes where the MOC identified new training and com petency requirements, Exam ination of metrics suggest a training or com petency gap; and New inform ation about processes or their hazards are identified. Developing others also extends beyond your facility, your com pany, and even your industry segm ent. At first glance it
3.2 Develop and Maintain Knowledge and Competence | 67
m ight seem absurd to develop the process safety com petence of people who m ight be your com petitors. B ut in fact, experience has shown that sharing your com petency with others is paid back m any-fold. Why? B ecause when you share, others will share what they have learned with you. And if the com panies you are sharing with are your suppliers or customers, you also help ensure the reliability of your supply chain. Empower Individuals to Successfully Fulfill their Process Safety Responsibilities In January 1986, as the space shuttle Challenger entered its final launch countdown, the launch director sought the numerous sign-offs required for launch. Allan MacDonald, responsible for the solid rocket boosters, refused to sign-off. MacDonald explained that the outside temperature was too low to ensure integrity of the O-rings sealing the joints between sections of the boosters. Eager to launch to meet an aggressive schedule, the director appealed to MacDonald’s leadership and ultimately overrode his decision. The O-rings failed, and the Challenger exploded 73 seconds after launch (Ref. 3.14). Empowering everyone on your team to fulfill their process safety responsibilities follows directly from ensuring com petence and establishing the im perative for process safety. At the most basic level, em powerment means giving every employee the authority to shut down and/or stop work if they have any doubts about safety. B ut it goes well beyond that. Em powerment also includes: Trusting recommendations about staffing levels, required barriers, maintenance requirements, safe operating windows, etc.,
68 | 3 Leadership Attributes
Accepting results and recomm endations of hazard analyses, inspections audits, and incident investigations; and Supporting leaders on your team in their efforts to train and em power their staffs. When em ployees exercise their shut-down / stop-work authority, it is vital that you accept their decision without question and offer positive reinforcement. If em ployees feel that their leaders have questioned their decision in any way, they m ay feel that their jobs are threatened. This may cause them to be reluctant to exercise their authority the next time. In situations other than shut-down / stop work, empowerment links directly to an expectation that em ployees base their recommendations on professional analysis. For exam ple, suppose one of your leaders recommends that staffing be adjusted. In that case, the leader should back up his recomm endation with sound reasoning, explaining how process safety com petency needs will be met. Or, if the leader recomm ends a process im provement, he or she should back up their recommendations with a com petent and completed M OC. A useful tool for this purpose is the doctrine of com pleted staff work (Ref. 3.15). Com pleted staff work requires that every recomm endation m ade to a superior contain sufficient information to evaluate the recommendation with no additional information. Such a recommendation: Identifies the opportunity or problem to be solved, Details the recomm ended course of action and explains why it should be approved, Identifies potential alternative actions and explains why they are not recommended,
3.2 Develop and Maintain Knowledge and Competence | 69
Details the implementation plan; and Discusses ways to measure that the implemented change is working, along with potential back-up plans. Demand thoughtful com pliance Sec. 2.6 discussed in detail why com pliance with process safety regulations and standards alone will not be sufficient to protect the com pany. Indeed, even if the com pany has a very detailed, well-designed PSMS to control hazards and manage barriers, that alone m ight not be sufficient. Thoughtful com pliance requires an imperative for process safety and a sense of vulnerability. B ut even then, the “thinking” part of thoughtful com pliance requires com petence. So, if som eone tells you that your facility or company is in compliance, ask: Com pliance with what? Which regulation? With the m anagem ent system ? With the corporate risk criteria? How do you know? O nly because the boxes have been checked? Or do you know because you are holding your organization accountable? M ore specifically: Were PHAs and audits done with appropriate technical rigor? Were action item s identified through PHAs, audits, incident investigation, and other processes implemented and closed in a timely m anner? Were barriers identified with appropriate rigor? Are barriers m aintained adequately? Are processes and the PSM S itself operated within the required constraints? And even if you are satisfied of com pliance, ask “Is there som ething else outside our PSM S that we m ight be missing?”
70 | 3 Leadership Attributes
In September 1998, the Longford Gas plant in Victoria State, Australia, suffered a massive explosion, crippling the plant and leaving the entire state without gas for heating, power, and m anufacturing for 3 weeks. Many contributing causes were identified. Among them were audits and PHAs done by “checking-the-boxes” in the corporate PSM S. Even though the com pany had one of the most advanced PSM Ss at the time, the PSMS was defeated due to a lack of thoughtful com pliance. Learn to Assess and Advance the Culture Experience may not be the best teacher, but it is the m ost effective. Part of every leader’s – and every employee’s – com petence developm ent should be based on lessons learned from experience. These lessons m ay com e from incidents, near-misses, and even observation of weak signals, as well as lessons learned from external incidents. B road learning – for leaders and employees alike – is the primary reason for conducting incident investigations (See Sec. 4.4.3). Knowledge and skills can weaken over time. This can happen through lack of practice. B ut it can also happen through a process called normalization of deviance, where repeated sm all deviations from performing the skill correctly build to becom e large, dangerous deviations (See Sec. 3.3.4). Refresher training, therefore, does not apply only to operators and m echanics. You also need to refresh your process safety skills and knowledge to help m aintain your imperative for process safety and your sense of vulnerability. Unfortunately, refresher training m ay not be very m otivating. It is much m ore productive to keep knowledge and skills sharp through striving for continual improvement in technology, m anagement system s, and culture. This helps
3.3 Maintain Commitment | 71
m aintain and build skills, but also can lead to improved process safety culture – and fewer incidents.
3.3 Show Integrity and Com m itm ent All m anagement system s breakdown if there is not a consistent effort to ensure the right activities and corresponding actions are being carried out. Strong leadership in carrying out PSMS activities and utilizing Key Performance Indicators (KPIs) of PSMS perform ance will help prevent this. KPIs are discussed in Chapter 2.1. There are also many exam ples of incidents where cost or production pressures led to catastrophic outcomes. All of these issues require a strong com mitment on your part to ensure PSM S are being effectively m anaged, both in good tim es and when under pressure of any kind.
3.3.1 Courage and Conviction You have a personal responsibility to conform to the technical and ethical standards of process safety. Let’s follow a practical exam ple of where you will have to demonstrate courage and conviction in an area that happens in every production facility. This exam ple is applicable to almost every type of safety equipment or system . You have a pressure vessel (V1) with a loss of metal leading to wall thickness less than the inspection/test acceptance criteria. The technical standard requires a Fitness for Service evaluation by the inspector. The inspector perform s the evaluation and indicates that V1 m ust be kept out of service for repair. Of course, the plant is set to begin producing a product that m ust be delivered to an important customer by the end of the
72 | 3 Leadership Attributes
m onth. If the product is not received, the custom er will have to shut down, with significant financial im plications for both com panies. The repair is estimated to take 1 week. You are being pressured by the business to find a way to start up the plant to produce the needed product. After all, the production run will only last a few weeks, so the repair would not be delayed that long. What should you do? Project your commitment The fitness for service standards allow for higher levels of evaluation with more data and by a higher level of expertise. This evaluation also has acceptance criteria that must be met or repairs m ust be conducted. You inform the business of this option, that you have started the evaluation and it will be com pleted by the end of the next day. This higher-level evaluation m ay have one of 3 outcomes: 1. V1 m ust be repaired before being put back in service. 2. V1 m ay be allowed to run with restrictions, e.g., at a lower pressure or rate with systems in place to ensure the vessel is operated within these constraints. 3. V1 m ay be allowed to run at normal conditions, but with a specified future repair date. Also communicate your com m itm ent to abide by the results of this evaluation. And, that the repair m aterial is being procured immediately, so, whatever the outcom e, no additional time will be lost. Set a line you will not cross The higher level of fitness for service evaluation indicates that V1 m ust be repaired im mediately. You inform the business
3.3 Maintain Commitment | 73
of the results and that the plant will be down for a week to com plete repairs. The business agrees and thanks you for taking the tim e to perform additional evaluations to help the com pany’s profitability. Even though the plant m ust be kept down for the repair, the business implications to the customer are minim ized relative to the potential business interruption associated with vessel failure. In essence you have used science, data and engineering calculations to properly evaluate and determ ine a path forward without com prom ise. This approach also served to diffuse a difficult situation. In other words, you have upheld the professional obligations of m anaging a facility with hazardous m aterials, while also providing the custom er with less service interruption than if you had experience a vessel failure. Keep process safety on par with other business priorities As you lead, conduct, or support operations with hazardous m aterial, your first priority is to ensure system s are operated within their constraints and m aintained as required. B alance this with your responsibility to evaluate ways to keep operations running. B oth m ust be performed in a professional m anner, conforming to the company’s ethical and technical standards. Effective leaders ensure PSM S are: Executed with the same dedication and rigor as other business priorities; and Executed in a manner that is com plimentary to running the business.
3.3.2 Accountability B eing an effective leader, also m eans being accountable for PSMS activities and subsequent follow-up actions.
74 | 3 Leadership Attributes
This requires strong leadership to If you are not continually ensure hazards are developing and understood and risks are acted on and sustaining a strong process safety m inim ized consistent with the corporate risk criteria. If you are not developing culture, who will? and sustaining a strong process safety culture, who will? Who will pay the price if you are not accountable for the PSMS activities and subsequent follow-up actions? Provide strong leadership Strong leadership means that you accept accountability and that you know your responsibilities are continually being perform ed and verified. Several exam ples are given here that can easily be extrapolated to all roles and responsibilities discussed in Chapter 4. Senior executive: Corporate risk criteria and risk managem ent programs, standards, policies, and procedures are im plemented and followed. Expectations for meeting corporate risk criteria are defined, progress is reviewed, roadblocks are removed. KPIs are in place for risk m anagement program s and there are leading and lagging indicators for incidents. The PSMS is continually improved. Production, m aintenance, and technical leaders know their responsibilities and are accountable for them. Serious incidents and high potential near-m isses are reviewed for com pany-wide action, including external incidents relevant to the com pany.
3.3 Maintain Commitment | 75
Verification activities are trended and reviewed for potential improvement opportunities. Process safety spending is reviewed, approved, and tracked. Underspend is evaluated with the same criticality as overspend. Mid-level leader, especially if you are in an operations role: Appropriate barriers are identified and implem ented as a result of effective process hazard and risk assessments. B arriers are being operated within their constraints. B arriers are being inspected, tested and m aintained. Adequate resources are provided to perform all PSM S requirements. Process safety is treated with the same priority as other business requirements. Self-assessm ent, feedback m echanism s and KPIs for the PSMS are acted on and the PSM S is continually im proved. This includes incident and near-m iss reporting, investigation, analysis and follow-up. Understand and act on hazards and risks As a leader, you personally m ust have a strong understanding of the processes under your control appropriate to your level. You m ust also understand their toxic and physical hazards. This will help you lead, m ake decisions, and take action. Hazard and risk assessments will identify appropriate barriers needed to control the hazards and reduce the risk. PSMS activities, including inspections of barriers, will reveal follow-up actions. If hazards are not controlled or there are break-downs in the PSM S that are not addressed, an incident
76 | 3 Leadership Attributes
will likely happen or the risk will not be controlled consistent with your corporate risk criteria. You owe it to the people operating the process and living in the com munity to act. Your potential incidents are not unique. Most all incidents you could experience have happened before in the industries that handle or process hazardous materials. Challenge yourself to review your significant incidents and high potential near-m isses. Are any of them truly unique or did your team know of the hazard but miss som ething along the way? Are the managem ent system failures in near-m isses the same as the m anagem ent system failures in incidents? Did you m iss an action that needed to be taken?
3.3.3 Responsiveness It is generally accepted that the highest impact on culture comes from the things you measure and how you respond to significant events. This can either drive the culture in a positive direction or negative direction. The desired level of responsiveness is well-described by CCPS (Ref. 3.3): The organization recognizes that only a brief period often exists between the recognition of a problem and suffering the consequences of the problem . Priority is placed on the timely communication and response to lessons learned from incident investigations, audits, risk assessm ents, and so forth. M ism atches between practices and procedures (or standards) are resolved in a timely m anner to prevent norm alization of deviance. The organization emphasizes the tim ely reporting and resolution of employee concerns. The tone and content of the response can be even more important than the timeliness, if either are wrong or m isleading.
3.3 Maintain Commitment | 77
Fostering mutual trust is critical to keeping a team working together on a com mon objective such as a PSMS. Deferring to expertise helps m ake your commitment to process safety more visible, and helps you foster mutual trust. Foster m utual trust Fostering mutual trust can be characterized (Ref. 3.3) as follows: Employees trusting managers to do the right thing in support of process safety. Managers trusting employees to shoulder their share of responsibility for performance and to report potential problems and concerns promptly. Peers trusting the motivations and behaviors of peers. Employees having confidence that a just system exists in which honest errors can be reported without fear of reprisals. Organizational perform ance, communication, and behaviors are such that the com munity can trust the facility, and the facility can be confident of a continued license to operate. People are willing to accept others evaluating or checking their actions related to critical tasks/activities that control process safety risks. To m aintain this level of m utual trust, responses to events and activities need to address all appropriate roles, be objective and data-based, and stay focused on improving the PSMS. One group cannot be singled out where m ultiple failure points are being resolved.
78 | 3 Leadership Attributes
Defer to expertise An organization has a culture of deference to expertise when it: Puts a high value on training and developing individuals and groups; and Allows key decisions to be m ade, naturally and by design, by the proper people based on their knowledge and expertise, rather than their rank or position. A great exam ple is the pressure vessel, V1, discussed in Chapter 3.3.1. In this case, the request was escalated to the engineering group to do a more rigorous fitness for service evaluation to determine a needed repair tim ing. The business trusted that the needs of the business were considered and the right level of expertise was used. The production m anager trusted the expertise conducting the evaluation and the business to accept the result.
3.3.4 Consistency Leaders will have a strong positive impact on culture by insisting on consistency: Consistency of response, Consistency of com pletion of PSM S activities or follow-up actions; and Consistency in addressing m ism atches between practices and procedures (or standards). On the other hand, a lack in consistency by leaders will impact the culture negatively.
3.3 Maintain Commitment | 79
It is im portant to set high standards and verify perform ance for groups and individuals. This prevents the degradation of standards of perform ance and substandard conditions. Com bat the norm alization of deviance Norm alization of deviance is defined as: “A gradual erosion of standards of perform ance as a result of increased tolerance of nonconform ance” (Ref. 3.1). Norm alization of deviance m ust not be tolerated in a PSM S. In fact, a zero-tolerance policy should be adopted for willful violations of process safety standards, rules or procedures. Let’s look at some industry exam ples: Equipment is not repaired because production is needed. Alarm s are silenced because of repetitive nuisance alarm s. Processes operate outside safe operating windows, e.g., with disabled alarms or barriers. Procedures don’t work or are not followed. PHA actions are m arked as com plete without having been addressed (e.g., due to cost concerns). B arriers are bypassed to address process problem s without proper evaluation. Sm all leaks are accepted without repair. All of these exam ples resulted in serious incidents when leaders accepted normalization of deviance and failed to take action. CCPS (Ref. 3.16) provides detailed guidance on preventing norm alization of deviance.
80 | 3 Leadership Attributes
3.4 Com m unicate with Inspiration If leadership is the engine that drives process safety, then com munication fuels that engine. Every leadership attribute m entioned previously in this chapter can work only if it is com municated. Likewise, the way you display the other leadership attributes discussed in this chapter will influence how well your team trusts, believes, and acts upon your process safety communications. In other words, com m unication depend on what you do and who you are. Therefore, as a leader you should cultivate your process safety com munications across the organization carefully and with intent. You should also m ake sure your actions and non-verbal cues support your comm unications.
3.4.1 Stay Connected and Visible Nothing will underm ine your message of process safety faster than staying aloof from your operations. Depending on your level and role, you m ay not be able to regularly visit plants, sites, or global operations. B ut you should m aintain close connections to the operations within your control. Everyone in the operation should know where you stand and be able to communicate concerns and ideas. Ensure Open and Frank Comm unications You should also make sure that people in your organization can communicate with you openly and frankly about their process safety concerns and recom mendations. Many obstacles can inhibit comm unication. Lack of trust and credibility in the leader, as mentioned above, can be one of the largest. Trust m ust be continually earned. One way you earn trust is through your follow-up on concerns and
3.4 Communicate with Inspiration | 81
recomm endations. This does not m ean that you m ust implement every suggestion or address every concern raised. However, suggestions and concerns should at least be acknowledged with thanks to the subm itter. And some kind of resolution should result, such as: Im plementing the suggestion, Im plementing a different, better, or more cost-effective solution; or Explaining why the suggestion is not necessary or inadvisable. Organizational silos can also inhibit comm unications. Consider the situation where you wish to improve equipment reliability in order to im prove onstream efficiency and reduce m inor incidents caused by leaks. Clearly, the maintenance, m echanical integrity, and engineering functions m ust collaborate to find the solution. Unfortunately, these functions squabble over who should take the lead, and m ay even point to the others as the reason for the problem . It may, therefore, seem that your communication has fallen on deaf ears. B reak-down silos related to process safety the sam e way you would break down any other silos: First, create a unified vision. In other words, bring the leaders of the three functions to agree that improving onstream efficiency and reducing leaks is a worthwhile goal that they support wholeheartedly. Make this “our goal” rather than “m y goal.” Next, empower these leaders to identify the root causes of the problem and propose m ulti-functional solutions. Finally, create m otivations and incentives that help keep the team on track.
82 | 3 Leadership Attributes
In some regions of the world, hierarchical cultures can m ake upward comm unication of concerns quite difficult. In such cultures, people are accustomed to instructions flowing down from higher levels, and information flowing back up. People who live in such a culture may view this as norm al, and if ever asked to share concerns, generally keep the concerns to themselves. No one solution will address all hierarchical cultures. Possible approaches include: Using persons whose roles exist outside the hierarchy to collect and transm it concerns upward and help shape a collective vision. Establishing safety as something that must exist outside of the hierarchical culture. As a leader in any role, your Com munication com munications should go beyond is not a one-time visions, problem s, and solutions. Many of effort. You must your comm unications should be related to communicate your PSMS responsibilities: initiating over and over actions, following-up, tracking closures, again. taking action on KPIs, requesting or giving approvals, and providing required oversight. Your com munications m ay serve to facilitate discussions or teamwork between other functions. And you m ay find frequently that you need to educate people in other parts of the organization, including those above you, about specific process safety challenges. In all comm unication efforts, patience is an oftenoverlooked virtue. You m ay be seeking fast action. However, you m ay first need to educate the other parties in the subject m atter so they can answer in a thoughtful way. When you seek input from a group about potential problem s, you may need to allow
3.4 Communicate with Inspiration | 83
an awkward silence for a few m oments to allow someone to get their thoughts together or get up the courage to raise an issue in front of their peers. You m ay have to listen to a lot of repetitive comm ents from a worker or community group just to earn their trust that you care about them .
3.4.2 Influence and Drive Process Safety Culture As discussed earlier, hum ans and organizations have the innate tendency to norm alize deviance, lose the sense of vulnerability, and become com placent. Leaders therefore need to keep their com munication skills sharp and use them effectively to m aintain process safety culture. Communication fuels the engine of culture: without regular comm unication reinforcing process safety culture, the engine will sputter and stop. Selling process safety – the first time, and again Driving the culture will likely require you to repetitively sell the benefits of process safety. While there are subtle differences around the world, sale of any business initiative generally requires you to: 1. Define the needs, 2. Create the vision of how the needs will be met, 3. Describe the process of getting there; and 4. Appeal to the feelings of the audience. Generally, leaders will have greater success if they involve their peers and reporting chain in the process of m aking the sale. Defining the need, particularly in financial or com petitive term s, helps grab the audience’s attention. The vision helps get everyone thinking of success. The process helps them understand that what you are suggesting is achievable. And
84 | 3 Leadership Attributes
finally, appealing to emotion helps the audience feel good about their decision. At one level, process safety is a m oral imperative that should not require a business case. Unfortunately, leaders who start there, appealing to emotion, often fail to secure more than lip service. B ut even if they m ake the sale on emotion alone, the lack of a clear vision or process will doom the effort before it starts. Re-selling process safety, ideally with continual improvements, should be done proactively. Otherwise, norm alization of deviance and complacency m ay erode perform ance. Define the needs At the highest level, the com pany needs to protect its employees, its neighbors, the environment, and of course its financial perform ance. B ut what does this really m ean? Som e com panies will attempt to define these in relative terms. For exam ple, som e com panies will say, “We want our employees to be X tim es less likely to die on the job com pared to when they are driving to work.” Considering this m ore broadly, the com pany will then develop a series of sim ilar statements addressing fatalities, personal injuries, environmental damage, impact to com munities, and magnitudes of losses. The com pany then organizes these statem ents in the form of risk criteria. The needs, then, are to ensure that the risks of every process m eet the risk criteria. Such work m ay be undertaken by the senior leadership team , often with an experienced facilitator. A leadership team
3.4 Communicate with Inspiration | 85
m ight also delegate this task to a cross-functional group of expert em ployees, and then endorse the result. It is also possible to define needs in more generic term s. However, the use of sound technical analysis as required by the risk criteria approach tends to lead to more consistent results that are easier to m anage rigorously. Create the vision Initially, not all processes m ay m eet the risk criteria. This m ay be determ ined through process hazard and risk analysis or may be based on KPIs, incident investigations, and audits. The com pany then creates a vision of how it will reduce risk to m eet the risk criteria. In som e cases, risk m ay be reduced by modifying the process to lower its potential consequences if an incident occurs. In others, risk m ay be reduced by im plementing barriers. The vision describes the company’s process for reducing risk to meet its risk criteria. A typical vision m ight include some or all of the following: We will accept no risk greater than X (i.e., a defined upper risk limit). Any process with that risk will be shut-down and not restarted until risk-reduction measures have been im plemented. There is a risk we consider major but will accept for (a short time increm ent) if (list of firm requirements) are m et. When the time is up, barriers must be in place. There is a risk we still consider significant but we will accept for (a longer time increm ent) if (list of firm requirements) are met. When the tim e is up, barriers m ust be in place. There is a risk we consider generally acceptable.
86 | 3 Leadership Attributes
Many com panies illustrate the above concepts using a risk m atrix (See Sec. 4.1.1). Again, this work m ay be done by the senior leadership team with facilitation or m ay be delegated to experts for subsequent endorsement by the leaders. Describe the process of getting there CCPS defines a very comprehensive PSMS (Ref. 3.1) and criteria for a strong process safety culture (Ref. 3.3). These, or sim ilarly comprehensive systems m ay be used as a m odel by which to identify gaps in the company’s or site’s current PSM S. There will certainly be aspects of CCPS’s PSMS and culture definition that are more important to the com pany and others that don’t apply. These can be used to prioritize gaps to be addressed. As above, this gap analysis can be done by or be sponsored by the leadership team . Appeal to feelings To help make your peers and the rest of the organization sense an em otional com mitment to process safety, it is important to engage with them . Ask insightful questions to learn how they feel about process safety and hear their ideas for improvement. You m ay or may not learn things that you had not considered before, but you do help make them feel part of the process and buy in. Make use of the skills in the corporate com m unication and/or m arketing department. Logos, acronym s, posters, and slogans can help reinforce key messages. Some com panies identify key behaviors they wish their employees to exhibit. They then reinforce these behaviors with posters throughout the workplace, along with additional com munications and observations.
3.4 Communicate with Inspiration | 87
Many com panies successfully define certain unbreakable rules, sometim es called “cardinal rules,” as a means to link feelings with certain critical actions. B reaking such a rule can lead to term ination. Such cardinal rules cover areas such as: B ypassing of interlocks and other barriers, Lock-out/Tag-out (sometimes called Lock/Tag/Try), Line/vessel opening, Hot work, PPE; and Fall and drop protection, among others. The cardinal rules generally apply to areas that can lead directly to death, serious injury, or m ajor loss. When com municating them, leaders can make it clear – potentially with supporting case studies showing why these rules are so crucial, and therefore why the penalty is so severe. Industry sector biases Change is generally met with resistance, and the first step in resisting is denying the need for change. In the m ajor hazard industries, this typically appears in statements such as “Why do we need process safety? We don’t handle X – some hazardous m aterial – like com pany Y. We only handle Z.” Your processes or materials may indeed be less hazardous than som eone else’s. This is not relevant! Unless your process safety risks are truly de minim is (Ref. 3.17 provides exam ple de m inim is criteria), you m ust focus on the hazards of your processes and ensure that you control your risks within your risk criteria.
88 | 3 Leadership Attributes
Table 3.3 describes som e exam ple sector biases and why these scenarios are likely to be m isleading. Table 3.3 Sector B iases Exam ples Sector Chem ical or petrochem ical
Plastics
Exam ple Bias Statem ents Other com panies handle m ore toxic, flam mable, or reactive m aterials. We only m elt and extrude plastic.
Refining
We’re only doing distillations. We don’t have hazardous reactions.
Oil and gas production
We’re only pumping oil (or gas) out of the ground.
Oil and gas exploration
We’re only drilling and pouring cement.
Why Biases are M isleading Our chemicals and processes have hazards that can lead to major incidents. Our plastics m ay decom pose or burn. We m ay have dust hazards. Our distillates are either flam mable or com bustible and above their flashpoint. We use toxic HF in alkylation. Underground reservoirs may be under high pressure. Crude m ay contain flam mables. Gas m ay form hydrates that can block flow. Im proper com pletions can lead to major oil and gas releases.
3.4 Communicate with Inspiration | 89
Table 3.3 (Continued) Sector B iases Exam ples Sector Pharm aceutical and sm all-scale chem ical plants
Food
Microchips, m ining, metal refining, etc.
Exam ple Bias Statem ents Our reactions are on a m uch sm aller scale. Our operators are highly trained chem ists. We don’t handle chem icals.
We don’t run chem ical processes.
Why Biases are M isleading Some reactions are highly energetic or use very flamm able or toxic m aterials.
Hazards of ammonia refrigeration are well known. We have m any potential dust explosion hazards. We hydrogenate oils. Many chemicals used in these industries are highly toxic and/or flam mable.
If you are facing a sector bias in your organization, you should recognize that this is just the first step on the way to changing the culture. You must show leadership by responding with one of m any case histories applicable to your sector available in the general literature, including the detailed CSB reports and videos (www.csb.gov). Very likely, your company and your sector trade or professional organization have directly applicable case histories you can use as well. You can then say, “It’s true we don’t handle X, but here are the hazards we do handle, and what can happen if we fail to m anage them. We do have to manage these hazards to our risk criteria. Here’s what we need to do.”
90 | 3 Leadership Attributes
Generational biases The industrialized econom ies are in the m iddle of a tectonic shift in experience, as B aby Boomers retire and pass their responsibilities to Generation X. Unfortunately, due to relatively lower hiring in the 1990s and 2000s, there are not enough leaders and engineers in Generation X. Therefore, som e of these responsibilities m ust pass to M illennials and PostMillennials. Millennials are also taking significant responsibilities in em erging econom ies, as growth outstrips the availability of experienced leaders and engineers. Much has been written about the difference between these generations that does not need to be repeated here. When it com es to process safety, the issue is not one of bias, but of experience. Thanks to em erging academ ic standards, m any new graduates know more about process safety than ever before. As will be discussed in Sec. 4.3.2, however, training alone does not m ean com petence. Millennials need to gain the experience of their Boomer predecessors. Without this experience, they m ay m iss im portant issues or over-analyze. Therefore, it is important to onboard young engineers with training that includes sharing case studies and lessons-learned from past years and setting an expectation that they in turn pass these war stories on. Take advantage with the im proved academ ic exposure to process safety by assigning onboarding roles with process safety responsibilities, with the appropriate oversight. This can help build both a strong sense of vulnerability and an acceptance of the need for leadership. Encourage new employees and be prepared for a lot of questions and recomm endations. Respect new em ployees’ questions and answer them as fully as possible. Use questions and recommendations as teaching opportunities: coach how
3.5 References | 91
recomm endations could be even more effective, or why they will not work. And prepare young em ployees to become leaders, because before long, they will be.
3.5 References 3.1
CCPS, Essential Practices for Developing, Strengthening, and Implementing Process Safety Culture, American Institute of Chemical Engineers, New York, 2018.
3.2
CCPS, Inspiring Process Safety Leadership – The Executive Role (Video), American Institute of Chemical Engineers, New York, 2013.
3.3
CCPS, Guidelines for Risk Based Process Safety, American Institute of Chemical Engineers, New York, 2007.
3.4
United States B ureau of Environmental Enforcement, Final Rule for 30 CFR Part 250 Subpart S - Safety and Environmental Management Systems, Was hington, DC, 2010.
3.5
United Kingdom Health and Safety Executive, The O ffshore Installations (Safety Case) Regulations, B ootle, 2005.
3.6
API, 2018 Publications, API Publications Store, Ann Arbor, 2018.
3.7
IOGP, International Standards, IO GP B ookstore, London, 2018.
3.8
ACC, Responsible Care Process Safety Code of Management Practices, https://responsiblecare.americanchemistry.com /ProcessSafety-Code/, Washington, DC 2012.
3.9
PHMSA, Pipeline Safety Regulations 49 CFR Parts 190-199), Washington, DC, 2017.
®
3.10 Throness, B , Keeping the Memory Alive, Preventing Memory Loss That Contributes to Process Safety Events, Proceedings of the Global Congress on Process Safety, 2013. 3.11 CCPS, Recognizing Catastrophic Incident Warning Signs in the Process Industries, American Institute of Chemical Engineers, New York, 2011.
92 | 3 Leadership Attributes
3.12 CCPS, Guidelines for Defining Process Safety Competency Requirements, American Institute of Chemical Engineers, New York, 2015. 3.13 CCPS, Guidelines for Managing Process Safety Risks During Organizational Change, Am erican Institute of Chemical Engineers, New York, 2013. 3.14 M cDonald, A., Truth, Lies, and O-Rings: Inside the Space Shuttle Challenger Disaster, University Press of Florida, 2009. 3.15 US Army, The Doctrine of Com pleted Staff Work, Army Information Digest, Alexandria, 1953. 3.16 CCPS, Guidelines for Recognizing and Responding to Nor malized Deviance, American Institute of Chemical Engineers, New York, 2018. 3.17
CCPS, RAST and CHEF Tools, AIChE, New York, 2017, https://www.aiche.org/ccps/resources/risk-analysis-screeningtool-rast-and-chemical-hazard-engineering-fundam entals-chef.
1SPDFTT4BGFUZ-FBEFSTIJQGSPNUIF#PBSESPPNUPUIF'SPOUMJOF By 5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST Copyright¥5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST
4 LEADERSHIP OF THE PROCESS SAFETY MAN AGEMEN T SYSTEM Process safety needs leadership for the same reason that every other business area needs leadership: leadership delivers results. The prim ary process safety result desired: excellent execution of the PSMS to steadily drive the num ber of incidents to zero. All incidents, whether m ajor or m inor, m ust be driven to zero, since the difference between near-m iss and catastrophe can be a m atter of luck. As discussed in Chapter 1, leaders also seek process safety results that contribute to efficiency, corporate flexibility, sustainable growth, and leadership excellence. To achieve these results, you m ust m anage a broad range of activities within your PSM S to: Identify your process hazards and assess their risk, Im plement barriers required to m eet your corporate risk criteria, Manage those barriers, Ensure process safety com petency at all levels and functions, B uild and strengthen culture; and Verify perform ance and continually improve.
93
94 | 4 Leadership of the Process Safety Management System
Your leadership accountabilities and responsibilities within each element of the PSMS depend on your level and function within the organization. This chapter sum marizes the PSMS elem ents and describes typical responsibilities for these elem ents by leadership level. Chapter 5 will sum marize these roles in more detail by role and function. Chapter 6 will describe a process that leaders m ay use to determine and deploy accountabilities and responsibilities to their organizations. Figure 4.1: Overview of PSMS Responsibilities Identify Hazards & Barriers Set risk criteria Perform hazard/risk analysis Identify required barriers
M anage Barriers Conduct of operations & operational discipline Standards Asset / m echanical Integrity Safe operating procedures & work practices M anagement of change Em ergency m anagem ent
M anage Com petency Competency Training Process knowledge m anagem ent / process safety inform ation Contractor m anagem ent
Verify Perform ance and Im prove Audits M etrics Incident investigation M anagement review
Build and Strengthen Culture Culture Workforce involvement Stakeholder outreach
4.1 Identify Required Barriers As discussed in Sec. 2.2, barriers are controls, instruments, equipment, and hum an interventions that prevent the hazards of the process from escalating out of
4.1 Identify Required Barriers | 95
control, breaching containment, and impacting people, assets, and the environment. Preventive barriers: prevent process upsets from leading to a release from prim ary containment. M itigative barriers: prevent releases from impacting people, assets, and the environm ent. Clearly, you need enough of the right kind of barriers. And, as will be discussed in Sec. 4.2, you will need to m anage these barriers to ensure they remain effective. B ut how do you determ ine where barriers are required, what barriers to use, and how m any are enough?
Overview Set risk criteria Perform hazard/risk analysis Identify required barriers
4.1.1 Start with Risk Criteria and a Risk Matrix As previously noted, process safety serves prim arily to protect the com pany from catastrophic fires, explosions, and toxic releases. The risk of process safety incidents is a function of potential consequences of a release and the frequency a release m ay be expected to occur: Risk=f(Consequence x Frequency) Since risk can never be completely eliminated, companies need risk criteria to guide decisions on how m uch risk should be reduced. In the UK (Ref. 4.1) and Netherlands (Ref. 4.2), societal risk criteria are established by regulation. Elsewhere, many com panies use a process such as described by CCPS (Ref. 4.3). Senior executives are fully accountable for establishing the corporate risk criteria. O ften this takes the form of a standing Risk Review Committee chaired by the senior
96 | 4 Leadership of the Process Safety Management System
operations executive along with executives in finance, com munication, and other roles as recomm ended by the CEO. Once risk criteria are established, the Risk Review Comm ittee then meets regularly to m onitor risk trends, take actions to ensure the effectiveness of PSMS, and m ake progress towards corporate goals and initiatives. (See Sec. 4.4.4). The Risk Review Committee generally delegates the work to develop risk criteria to m id-level operations leaders. These leaders work in collaboration with process safety and risk m anagem ent practice leaders. This team recomm ends risk targets and risk reduction and m anagement policies. However, the Risk Review Committee takes ultim ate responsibility for the risk criteria and overall process risk m anagem ent. Com panies increasingly use a risk m atrix approach to develop and com municate their risk criteria. Fig. 4.2 shows an exam ple risk matrix. Figure 4.2: Exam ple risk m atrix Frequency
Potential Consequence
Rare Catastrophic Severe High Medium Low
Occasional
Regular
Frequent
Unacceptable
Reduce risk as soon as possible, use interim Reduce risk at next opportunity Risk generally acceptable
Constant
risk
controls, and m onitor
and monitor closely
closely
This is only an exam ple. Most companies break potential consequences and probability down into 4 to 6 categories, where each category is approximately an order of m agnitude
4.1 Identify Required Barriers | 97
(10 times) more severe or likely than the proceeding category. For exam ple, probability categories could be: Unlikely to happen in the lifetime of the facility, Once in the lifetim e of a facility, Once per year, Once per month; or Several tim es per week. Potential consequence categories can be more difficult to define, since consequences can include effects on workers, offsite neighbors, property dam age, and environm ental dam age. Many com panies will define the 4 to 6 levels of potential consequences for each of these types of impacts. With the categories defined, you can then define risk criteria cell by cell. The result will look somewhat like Fig. 4.2, although the num ber of risk categories and their boundaries m ay be different. In Fig. 4.2, the risk of processes that are in the upper right corner are defined as unacceptable. A process found to have that risk would not be operated or would have to be shut down. The process would then rem ain shut down until the process was redesigned or sufficient perm anent or interim barriers and management oversight were implemented to reduce probability and/or consequences to the lower risk band. Then, define a band of risk considered generally acceptable, where probability and potential consequences are relatively lower. This is the lower left corner in the Fig. 4.2 matrix. In between unacceptable and generally acceptable, define one or more bands of risk along with specific actions required based on that level of risk. In fig. 4.2, risks in the dark gray band m ust be reduced by adding barriers as soon as possible, or by a specified date. This m ay require stopping the plant in the middle
98 | 4 Leadership of the Process Safety Management System
of a batch cam paign or ahead of the norm al turnaround schedule for continuous processes. The process would then not be started up until you have implemented permanent risk reduction measures or tem porary measures with high m anagem ent oversight. Risks in the light gray band also need to be reduced, but reductions could be deferred for a longer period, perhaps until the next turnaround.
Don’t forget to reduce consequences M any companies are quick to implement safety instrumented systems (SISs) and other frequencyreducing measures to lower risk. Remember, every barrier must be tested and maintained, and all barriers can be defeated by failure to do so. Reduction of potential consequences using inherently safer design (ISD) can be a more efficient and reliable way to reduce risk.
Some com panies base their risk criteria on risks the general public is exposed to, such as death due to m otor vehicle accident, drowning, lightning strike, and household accidents. Considering these data and overall corporate risk philosophy, the Risk Review Com mittee m ay decide, for exam ple, that the risk to its workers and neighbors from a facility should be 10 times less than the risk of driving. This becomes the generally acceptable risk criterion. The company then uses a form al risk analysis method to estim ate the risk of all processes with significant potential consequences. Risks higher than the generally acceptable criterion then m ust be reduced using independent barriers.
4.1.2 Analyze Hazards and Risks Hazard Identification and Risk Analysis (HIRA) is the action of determ ining the risks presented by processes,
4.1 Identify Required Barriers | 99
com paring these to the corporate risk criteria, and then identifying barriers to reduce risk to m eet the risk criteria. In HIRA, every step of every plant operation m ust be analyzed to understand: The hazards of the operation, Potential deviations that could escalate to incidents; and B arriers that prevent the escalation of deviations or reduce the severity of a release. Hazards are identified and analyzed via one of several com mon Process Hazard Analysis (PHA) methods, as summ arized in table 4.1. Table 4.1: Common PHA Techniques Technique Hazard and Operability Analysis (HAZOP) Failure Modes and Effects Analysis (FM EA) What if HAZID
What if/checklist
Checklist
Level of effort and thoroughness High
High
Medium M edium
M edium-High
Low
When best used Operations with higher risks and potential consequences To help understand failures of complicated processes O perations of medium risk In early design to identify process safety (and other HSE) issues to address in design Similar to what if. Equipment checklist helps increase thoroughness Simple, low risk processes and operations
100 | 4 Leadership of the Process Safety Management System
Mid-level operations leaders are generally accountable for PHAs. They delegate the perform ance of PHAs to qualified PHA leaders and diverse team s capable of analyzing the process hazards. PHA team requirements are discussed in depth by CCPS (Ref. 4.4). As the accountable operation leader, you should support each PHA team by m easures such as: Ensuring that the PHA team represents a sufficiently broad set of roles and experiences, Providing each team mem ber with adequate, uninterrupted tim e and resources to properly prepare for and com plete the PHA, Protecting the team from pressure to com plete the PHA in less time than necessary to do a professional job, Driving consistency and rigor in PHAs, as well as revalidating them regularly as a double-check on MOC, Supporting the team by kicking off the initial PHA m eeting, periodically visiting team meetings, or providing encouragement to team mem bers when they m eet in passing; and Reviewing the findings and recomm endations and ensuring that they are addressed and closed-out. Consider adm inistrative controls with caution M any companies are quick to rely on administrative controls – procedures, policies, sign-offs, supervision, and training – as barriers. Take care when considering administrative controls to ensure that the operators’ work environments allow them to detect deviations in time and respond sufficiently and correctly.
4.1 Identify Required Barriers | 101
4.1.3 Identify Required Barriers The ability of barriers to reduce probability and consequences should also be clearly defined. Generally, barriers m ust be independent from one another. In other words, a single failure should not disable 2 or more barriers. B arriers also m ust protect against the consequences. Risk analysts som etim es refer to barriers as Independent Protective Layers (IPLs). IPLs are generally confirmed via Layer of Protection Analysis (LO PA), or a similar sem i-quantitative risk analysis method. Specialists in IPL determ ination generally follow the IEC 61511 and/or ISA 84 standards.
Ensure IPLs are truly independent A large proportion of hazard-risk scenarios require more than one IPL to meet the corporate risk criteria Some risk managers dismiss potential consequences as impossible if two or more failures would be needed for them to occur. This is also known as “Double Jeopardy.” It is imperative that the assessment team verifies that two or more failures truly have independent initiating events.
A typical IPL such as an interlock has the potential to reduce probability or consequence by 1 order of m agnitude. In other words, most IPLs will shift risk 1 cell to the left in the m atrix of Fig. 4.2, or 1 cell downward. Relief devices are exam ples of IPLs that can reduce probability by 2 orders of m agnitude. There are some 3 order of magnitude IPLs, but they tend to be costlier and require more maintenance and assurance. A large proportion of hazard-risk scenarios will require m ore than one IPL to m eet the corporate risk criteria. For each IPL, an inspection, testing, and preventive m aintenance (ITPM schedule must be defined, m anaged, and audited. This will be discussed in more detail in Sec. 4.2.3.
102 | 4 Leadership of the Process Safety Management System
4.2 Manage Barriers The previous group of PSMS elements described how to establish risk criteria and perform the risk analysis necessary to design adequate IPLs (barriers) to m eet the risk criteria. Having identified the IPL requirements, IPLs m ust then be designed and maintained.
Overview COO/OD Standards Asset Integrity Safe operating procedures and work practices M OC Emergency management
As discussed in Sec. 4.1.3, each IPL provides a specific am ount of risk reduction. However, this assumes that the IPL is designed properly and managed adequately to continually provide that level of risk reduction. If designed or m aintained inadequately, or if process changes defeat the IPL or render it insufficient, the process will no longer meet the corporate risk criteria. Worse, a pattern of inadequate design, m aintenance, and M OC can defeat m ultiple IPLs, exposing the com pany to m uch greater risk.
4.2.1 Conduct of Operations and Operational Discipline As reiterated throughout this book, all barriers m ust be m aintained, and all process safety responsibilities must be carried out reliably and in an orderly way, with professionalism . This takes two forms: Conduct of Operations (COO) Conduct of Operations m eans leading and m anaging process safety with a strong sense of vulnerability, to: Ensure that those in your organization take great care to follow procedures and policies,
4.2 Manage Barriers | 103
Ensure efficacy of all barriers; and Prevent norm alization of deviance throughout the organization. CCPS defines Conduct Operations as follows (Ref. 4.5):
of
The embodiment of an organization’s values and principles in m anagement systems that are developed, implem ented, and m aintained to (1) structure operational tasks in a manner consistent with the organization’s risk criteria, (2) ensure that every task is performed deliberately and correctly, and (3) m inim ize variations in perform ance Operational Discipline (OD): Operational Discipline m eans carrying out your work with a strong sense of vulnerability, taking great care to follow procedures and policies, helping peers to do the sam e, and preventing normalization of deviance. CCPS defines Operational Discipline as: The perform ance of all tasks correctly every time (Ref. 4.5).
COO in short Ensuring disciplined management of process safety. Providing specific instructions for operation, maintenance, and engineering. Influencing individual behavior. Driving improvement. Embodying and visibly demonstrating commitment to process safety. OD in short Executing individuals’ day-today process safety tasks. Demonstrating personal commitment. Doing each task correctly every time. Getting help when needed. Shutting down when in danger or doubt.
104 | 4 Leadership of the Process Safety Management System
COO and OD is how you put your process safety leadership into practice and drive the culture (See Sec. 4.5.1). All employees – including leaders - should carry out their roles with OD. Leaders have the added duty to ensure COO for their organizations. The practice of COO and OD are necessary due to fundam ental hum an behavioral issues including: People are fallible. Even the best makes errors. Organizational processes and values influence individuals. People achieve high levels of performance based on expectations and feedback. Personnel who are comm itted to their jobs perform better. Error-likely situations are predictable, manageable, and preventable. Incidents can be avoided by understanding the reasons why hum an errors occur. (Reprinted with permission from Ref. 4.5) In other words, people will m ake errors, but lack of discipline and poor culture can increase errors. COO and OD serve to reduce the potential for errors, as well as ensure that system s to prevent errors and reduce their potential im pact function properly. Table 4.2 provides a simple diagnostic tool to help evaluate the state of CO O and OD in your organization. The expectation should be for 100% of leaders to operate in the upper right quadrant and for 100% of individual contributors to operate in the lower right quadrant. Leaders who operate in the lower right quadrant m ay have the right mindset but need
4.2 Manage Barriers | 105
coaching to manage process safety rigorously. Leaders who operate in the upper left quadrant m ay be saying the right things but need coaching to walk the talk. Leaders stuck in the lower left quadrant will, at best, have no impact on process safety. At worst, they can underm ine the process safety leadership of others. Their behavior must be corrected quickly. Table 4.2: Diagnosing Status of Conduct of Operations (CO O) and O perational Discipline (O D)
Leaders With COO
Leaders Without COO
Leaders Without OD Set clear process safety expectations and try to hold organization accountable but do not live by them personally.
Leaders With OD Set clear process safety expectations, prioritizes and works accordingly, and holds organization accountable.
Contradicts m essage! Say safety is important but do nothing to ensure that safety responsibilbities are executed.
Expected of all leaders! Do your own job safely and help peers do the same.
Ineffective lip service!
Expected of everyone!
You may find it easier in routine operations to establish and live by COO and OD than in non-routine situations. Start-up, abnorm al operations, and shut-down all can present situations where it m ay seem logical to deviate from established procedures. Anticipating this, having good COO means having procedures in place to evaluate the planned deviations (See Sec. 4.2.3 on emergency MOC). Emergency shut-down (ESD) situations can be a powerful test for the state of COO and OD. As discussed in Sec. 3.2.3, operators should feel em powered to shut-down the process
106 | 4 Leadership of the Process Safety Management System
when they believe that conditions warrant. Indeed, they should feel obliged to do so. Sim ilarly, anyone should feel em powered and expected to stop-work in unsafe situations. In such situations, you should thank the person who shut-down the process or stopped work. Ensure that the person never feels second-guessed. And never, ever, tell them explicitly that they m ade an error. If investigation turns out that the worker stopped-work based on insufficient knowledge, there m ay be need for additional com petence developm ent. However, take care to ensure that any resulting developm ent is not perceived as punishment. As part of their COO and OD responsibilities, senior executives need to conduct the corporate risk review process regularly and follow up to close gaps. Seek evidence from direct reports that they are executing the PSM S correctly and that risks under their control are being properly m anaged. Mid-level and frontline leaders need to oversee their PSMS responsibilities or functions and hold their personnel accountable. A few exam ples: Operations lead: for operating all processes with safe operating limits following the operating procedures and for executing ESD when operators feel that conditions warrant. Also, for following operating procedures and cardinal rules, and properly managing perm its-to-work. M aintenance lead: for com pleting all ITPM safely, correctly, and on time, and reporting any issues or improvement opportunities. Training lead: for helping line leadership ensure that all required training tasks on time in a way that ensures understanding, com petence and perform ance.
4.2 Manage Barriers | 107
HR lead: for helping line leadership ensure that new hires have the required competencies or are assigned to roles in which these com petencies can be developed. Engineering lead: for following applicable standards. All workers, whether leaders or individual contributors, need to execute their process safety responsibilities faithfully and professionally, m aintain their com petence, and stop work when not confident of safety. Table 4.3 presents a simple list of indicators to help in recognizing good CO O/OD practices. All leaders should becom e very fam iliar with these indicators. Table 4.3: Simple Indicators of Good Conduct of Operations (COO) and Operational Discipline (OD) Indicator Accurate operating procedures and safe work practices that are properly executed. Effective shift turnovers. Consistent and effective safe work permits. Effective, consistent use of interlocks, bypassed only with proper evaluation and approval. Consistent use of grounding and bonding. Excellent labeling and housekeeping. Few overdue action items. No ad hoc trials or modifications.
Status
108 | 4 Leadership of the Process Safety Management System
CCPS has published numerous more com prehensive COO/OD evaluation tools (Ref. 4.5). Given the im portance to leaders of COO/OD, leaders should use the CCPS tools or similar to periodically evaluate COO/OD in their organizations. Several tables from this reference have been provided with the electronic files accom panying this book, which can be downloaded from : www.aiche.org/ccps/publications/leadership: Table 1.5 Exam ples of COO System Characteristics Table 1.6 Exam ples of OD System Characteristics Table 5.1 Summ ary of COO Attributes Table 7.2 Stages in the Evolution of a COO /OD System Table 4.4, below, reproduced with perm ission from Ref. 4.5, Table 1.4, is a more detailed checklist developed by CCPS for evaluating the effectiveness of COO and OD in your facilities. Leaders should review their organizations against this checklist periodically and address any gaps or potential problem s. Table 4.4: Indicators of Effective Conduct of Operations (COO) and O perational Discipline (O D) Equipment is properly designed and constructed: Operational, maintenance, safety, and environmental considerations are all addressed in the initial design of equipment. Proactive risk analysis results and industry standar ds are used as inputs to the design process. End users of the equipment (generally operations and maintenance personnel) are involved in the design process. The design process occurs in a controlled manner. The construction occurs in a controlled manner.
4.2 Manage Barriers | 109
Table 4.4 (Continued): Indicators of Effective Conduct of Operations (COO ) and Operational Discipline (OD) Equipment is properly operated: The proper method for operating equipment has been developed through proactive analysis of the risks and documented in written procedures. Operators are involved in the development of the procedures. Personnel have been trained in normal and abnorm al operations, as well as the basis for the procedures and operating limits. Equipment is configured and operated in accordance with procedures. Equipment is returned to service using a controlled process. Changes to operational requirements are appropriately assessed. Equipment is properly maintained: Equipment is maintained in accordance with predetermined maintenance strategies developed through a structured assessment process. Personnel are trained to troubleshoot, repair, and maintain equipment. Changes to operational conditions are assessed to determine their impact on maintenance requirements. Equipment status is controlled through safe work practices. Equipment failures are analyzed to prevent similar failures.
110 | 4 Leadership of the Process Safety Management System
Table 4.4 (Continued): Indicators of Effective Conduct of Operations (COO ) and Operational Discipline (OD) M anagement systems are properly executed: M anagement systems are developed based on the results of proactive analyses and industry best practices. M anagement systems are clearly documented. M anagement systems are executed as written. Organizational changes are assessed to determine impacts on existing m anagement systems. Errors and deviations are consistently addressed: The personnel in the system are always seeking to improve their perform ance. As a result, there is extensive use of self-checking, peer-checking, audits, incident investigations, m anagement reviews, and metrics to identify and eliminate deviations. Personnel are actively seeking discrepancies and resolving issues when identified. Personnel take ownership of issues and seek to solve the problem themselves. They involve outside resources to assist them in solving the problems but retain ownership of the issue. Personnel embrace feedback from personnel outside their group as opportunities to improve their systems and processes. (Reproduced with permission from Ref. 4.5, Table 1.4)
4.2.2 Standards Engineering, operating, and m anagem ent standards provide a framework for correct design, proper installation, and effective inspection, testing and m aintenance. Standards m ay be
4.2 Manage Barriers | 111
developed through consensus of the industry as well as specifically by and for your com pany. Most com panies use a com bination of industry and internal standards. Som e internal standards may provide implementation details for external standards, with the two are used in concert. As such, corporate standards are an excellent way for a com pany or for the industry to retain lessons learned from internal and industry incidents and near-m isses. Standards also provide consistency in design, implementation, and operation to help ensure barrier performance. Standards also help avoid reinventing the wheel. For similar reasons, many regulations establish certain standards as requirements. European regulations refer to such standards as Sound Engineering Practices (SEP). The USA PSM regulation uses the term Recognized and Generally Accepted Good Engineering Practices (RAGAGEP). O ther countries that base their regulations on standards use sim ilar term s. These regulations are a good place to start. B ear in mind that the regulations address only the design and m aintenance of equipment. Furthermore, they often allow for older equipment designed based on the version of the standard current at the time to be in com pliance (som etimes known as “Grandfathering”), even if the older version of the standard failed to control risk as effectively. Regulations also do not consider management standards such as API-RP754 (Process Safety Metrics) or operational standards such as API-RP755 (Fatigue Management), or their international equivalents. Therefore, you should not rely solely on com pliance. If grandfathering is considered in your internal
112 | 4 Leadership of the Process Safety Management System
Consider Grandfathering Carefully M any standards consider older equipment built according to the version existing at the tim e to be “Grandfathered.” In other words, older equipment may be in compliance even though they do not meet current requirements. Remember, compliance is not sufficient. The standards were changed based on new lessonslearned. Therefore, you m ust evaluate grandfathered equipment to make sure that they still meet your risk criteria. If not, additional barriers or redesign will be needed.
standards, you should at least require grandfathered processes to meet your corporate risk criteria. This is sometimes referred to as a “B rownfield Standard” requirem ent. B ecause standards exist in a broad range of disciplines, the responsibility for managing categories of standards typically is spread across several executive and m idlevel leadership roles. A senior executive therefore is accountable for m anaging the standards used by the com pany. Table 4.5 sum marizes the typical distribution of responsibilities for standards. Table 4.5 Exam ple responsibility distribution for standards Responsible leader
Exam ple standards accountable for
Senior executive
Risk criteria, the PSM S
Engineering (M id-level)
Design (e.g., vessels, relief devices, and spacing)
1
Operations and
ITPM, Standard Operating Procedures,
M aintenance (M id-level)
Safe Work Practices and Cardinal Rules 1
Hum an resources
Fatigue management
Individual contributors
Use and follow standards faithfully
HR manages cardinal rules in som e com panies
4.2 Manage Barriers | 113
Individuals responsible for standards must ensure that the com pany is using up-to-date external standards. It can be useful for the leaders or experts on their teams to join or delegate experts to participate in consensus comm ittees for relevant standards. This allows the com pany to have input into new standard development and be aware of im pending changes. For internal standards, leaders need to monitor incident and nearm iss lessons-learned and incorporate these in updates. External standards m ay be global, such as those published by the International Standards Organization (ISO) and the International Electrotechnical Comm ission (IEC). As noted in other sections of this book, com pliance is m andatory, but not sufficient. Therefore, the com pany m ust determ ine if external standards are sufficient to control risk to m eet the corporate risk criteria. If not, additional internal standards m ay be needed.
4.2.3 Asset Integrity and Mechanical Integrity As a leader, you rely on asset integrity to ensure that: B arriers, including interlocks, relief systems, and safety instrumented systems, are available and can perform their function when called on, Instrumentation required; and
and
control
elem ents
function
as
Piping, vessels, and other equipment safely contain the process. CCPS uses the term Asset Integrity to more com pletely describe the process safety elem ent com monly called Mechanical Integrity (MI). MI as defined in regulations com monly applies only to inspection, testing, and preventive m aintenance (ITPM) activities related to specific equipment specified by regulation. Asset Integrity addresses all equipment
114 | 4 Leadership of the Process Safety Management System
used in hazardous processes. Asset integrity also involves design activities including material of construction choices and the design of the process and layout for m aintainability (Refs. 4.6 and 4.7). As a leader at any level, your focus m ust therefore be m ore broadly on asset integrity, not only MI, to ensure that your barriers and every other aspect of your operations have the required reliability to m eet your risk criteria.
Asset Integrity Scope Optimize capital vs. maintenance cost and design for maintainability. Provide resources and train. Schedule and perform ITPM . Analyze any deferrals professionally. Track. Verify perform ance.
Senior executives need to ensure that corporate and facility asset integrity program s operate effectively. This includes monitoring corporate and facility asset integrity m etrics and taking action to address gaps they reveal. Look for signs that equipment failures are increasing or facilities are falling behind on ITPM tasks. Also, challenge regularly whether m etrics are measuring the right things. Mid-level operations leaders need to ensure that: Equipment ITPM requirements are adequately defined and that equipment is designed to be maintainable, Sufficient, trained personnel are available to identify, perform , and validate all ITPM tasks, ITPM tasks are completed as scheduled, avoiding overdue tasks and the normalization of deviance from standard procedures; and When necessary to defer ITPM, professional analysis is used to justify deferral decisions.
4.2 Manage Barriers | 115
Frontline leaders should ensure that ITPM is perform ed correctly. Frontline leaders should also elevate any problems and lessons learned so that they can be addressed prom ptly (e.g., com ponents that regularly fail before their design lifetim e).
Is your ITPM past due? When ITPM on process equipment and barriers are not up to date, you do not know if they will function as intended when called on. And if you do not know, how can you take risk reduction credit for it? If you have overdue ITPM, you are not meeting your corporate risk criteria.
Pay careful attention and use professional evaluation when considering replacem ents-inkind (RIK) during m aintenance activities. RIK allows replacement of a com ponent with one that m eets the same specifications without performing Managem ent of Change (M OC, See Sec. 4.2.3). In som e cases, specifications may be incom plete, failing to define a critical property of the component that the replacement m ight not m eet. Individual contributors should carry out their ITPM with professionalism . Operators and mechanics should perform ITPM on the specified schedules and notify their leadership of any potential delays. Engineers should design processes and equipment to make ITPM activities as easy as possible to conduct. Engineers should also optim ize service life of equipment. Consider capital cost vs. maintenance cost carefully. For exam ple, you may feel pressure to select a less corrosion resistant alloy for a piece of equipment to reduce capital cost. B ut that alloy may require more frequent inspection, which also has a cost. Perhaps more importantly, if designers perceive cost pressure, their m aintenance leader colleagues m ay feel sim ilar
116 | 4 Leadership of the Process Safety Management System
pressure to reduce inspection frequency. The com bination m ay m ake it hard for the process to m eet the risk criteria reliably. Therefore, take into account both capital cost and long-term ITPM cost and resources, as well as your ability to resist excessive pressure to reduce m aintenance costs.
4.2.4. Operating Procedures and Safe Work Practices Operating procedures (O Ps) and safe work practices (SWPs) specify the steps for a given task and describe how these steps should be performed. O perating procedures apply to processes and are used by operators. Safe work practices apply generally to ITPM and non-routine work, and apply to mechanics, operators, and any other individuals who do work in the field. B oth O Ps and SWPs are a critical part of COO/OD in that they describe clear expectations about how work m ust be conducted safely. Therefore, they m ust be followed faithfully. Good OPs describe the process, identify process hazards, and specify the m easures required to safeguard against those hazards. They describe safe operating lim its and the consequences of deviating outside those limits. They also provide a troubleshooting guide and specify emergency actions. SWPs similarly describe the actions to take, the potential hazards and the personal protective equipm ent (PPE) and other protective measures including control of hazardous energy (i.e., lock-out/tag-out) and fall protection. Special SWPs usually exist for hot work, line-breaking and vessel opening, confined space entry, and electrical safety. Some facilities manage safe work practices within their occupational safety management system. This is acceptable, providing all the considerations needed to m eet the corporate risk criteria are addressed.
4.2 Manage Barriers | 117
Although senior executives are generally far removed from day-to-day use of O Ps and SWPs, they are responsible for establishing and enforcing cardinal rules (See Sec. 3.4.2), which apply to use of both O Ps and SWPs. Executives are also responsible for following SWPs and OPs in their work life. While most of the SWPs that executives follow are occupational safety-related (e.g., use of seatbelts, holding railing when using stairs, etc.), people in the company do notice and it makes a difference. Mid-level and frontline leaders need to drive full adherence to O Ps and SWPs. An important part of this is ensuring that OPs and SWPs reflect the activities that m ust be perform ed. Inaccurate procedures can cause incidents, either directly or via im provised processes that ultim ately lead to norm alization of deviance. M id-level and frontline leaders m ust also control revisions to procedures, update them in the process knowledge management system, and ensure that only the most up-to-date procedures are used in the field. Frontline leaders also m ust periodically verify that procedures are up-to-date and followed. Individual contributors generally know how to operate the process and perform non-process work better than their leaders. For this reason, m any com panies em ploy the good practice of having operators and mechanics write procedures. Engineers and frontline leaders provide technical guidance and ensure accuracy. Experience has shown that procedures written by operators and m echanics are also easier for them to follow reliably. Individual contributors also
Write for Com prehension M ake sure procedures are written as close to reading level 8 as possible. This will increase how well your procedures are understood.
118 | 4 Leadership of the Process Safety Management System
m ust initiate updates to O Ps and SWPs when they are incorrect, insufficient, or unclear, and should suggest updates when they see a better way. All leaders should be alert for warning signs of impending problem s related to procedures such as: Operators and mechanics who have m emorized procedures. How do you know the version they m emorized is the current one? Check-the-box thinking, where checklists are com pleted but some steps were skipped. Work perm its authorized by the person doing the work. Work perm its issued and/or closed out in the office. The perm it-issuer can’t properly see potential hazards at the work site if they are not there to look. Large backloads of work perm its, which could lead to shortcuts. Work begun before perm its issued, and processes restarted before permits closed out. Locks that have been cut-off, or regular requisitions for new locks, indicating poor control of hazardous energy. Taunting of co-workers who follow procedures.
4.2.5 Managem ent of Change Management of Change (M OC) is a process that helps ensure that changes to equipm ent, processes, and m aterials do not introduce new hazards and that the process continues to meet the corporate risk criteria. MOC for process safety may be integrated with M OC required for other business areas, (e.g., quality, environmental perm itting, and food and drug approvals).
4.2 Manage Barriers | 119
MOC is required for all changes except for replacements-inkind (RIK), sometimes also called “like-for-like”. An RIK exists only when a com ponent or m aterial is replaced by another that m eets the same specification. Even changes that are intended to reduce a risk should be subject to MOC, because some new risk m ay be created by the change. As mentioned in the previous section, RIK should be considered carefully, as specifications m ay be incom plete. For exam ple: The alloy of a casting m ay be specified, but the casting m ethod not. The replacement casting m ay not be properly casted, causing it to fail prem aturely. The m ean particle size of a powder m ay be specified but the percentage of fines m ay not. The fines m ay cause processing problem s or collect as a flammable dust hazard. Purchasing leaders therefore play a critical role in helping engineers and MOC coordinators understand how the properties of equipment and m aterials provided by new vendors im pact the “unwritten specifications.” They are not just buyers – they m ust team with engineers and operations personnel so both understand the implications of specifications. Senior executives m ust deploy a robust MOC program that clearly defines how changes will be proposed, prioritized evaluated, approved, and im plemented. Evaluation generally requires some form of PHA (See Sec. 4.1.2). Some MOC programs specify the type of PHA based on the process risk without barriers. Sim ilarly, levels of approval should be defined, with senior leaders themselves responsible to approve changes for the highest-risk processes.
120 | 4 Leadership of the Process Safety Management System
Senior executives must also ensure that the MO C process is followed. This is generally done through auditing (See Sec. 4.4.1) and m anagement review (See Sec. 4.4.4) Mid-level leaders m ust assign MOC responsibilities and ensure that facilities faithfully follow the corporate M OC procedure. In m any facilities, the MOC evaluators will report to m idlevel leaders to m aintain this direct relationship. M id-level leaders will also serve as approvers for many of the facility’s MOCs. This does not necessarily mean that these leaders will review all documentation, calculations, tests, and evaluations. B ut they m ust be able to ascertain that the work has been done with sufficient rigor and professionalism .
Watch for post-MOCs Facing real or perceived pressure to implement changes quickly, production personnel may be tempted to make the change and restart-the process first, and then complete the M OC evaluations and paperwork. This checkthe-box attitude might satisfy regulatory requirements but can easily overlook critical problems. Leaders should look for signs of post-MOCs and act firmly to correct this behavior when it occurs.
MOC program s should be designed to avoid conflictsof-interest. Generally, individuals with a vested interest in the change should not serve as MOC evaluators for that change. Both senior executives and m id-level leaders should monitor the program for signs of conflict-of-interest and address any such conflict prom ptly. Frontline leaders generally initiate MOCs. They m ust clearly define the requested change and any new barriers that may be needed and set a reasonable priority for the change. You may be tem pted to consider all
4.2 Manage Barriers | 121
changes as high priority. However, doing so can put undue pressure on the M OC evaluators, which can be an incentive to cut corners. Individual contributors m ay support frontline or m id-level leaders in initiating M OCs or in carrying out MOC evaluations. As an individual contributor, you are responsible to conduct this work with professionalism , to seek help when dealing with unfamiliar situations, and to raise concerns prom ptly. In recent years, many facilities Avoid MOC Approval have sought to create MOC Gaps efficiencies. Electronic M OC As the use of e-MOC systems (e-M OC) have becom e spreads, new types of com mon. These can help address gaps are appearing. Take the docum ent routing and care to avoid gaps in document m anagement needs and responsibility where each can help expedite the procedure approver thinks someone through workflow management. A else will be looking at an issue, and no one does. potential downside of e-M OC is that it can seduce participants into acting on their own rather than discussing the M OC holistically with all stakeholders. Therefore, all leaders should make a special effort to encourage comm unication in the MOC process. Some com panies utilize MOC committees to ensure changes are reviewed and discussed by a cross-functional group and interdependencies are properly addressed. Such comm ittees typically include m id-level site leaders who review com pleted MOCs prior to approving them. This provides an additional platform for leaders to demonstrate their personal com mitment to process safety as well as role m odel the
122 | 4 Leadership of the Process Safety Management System
importance of technical / functional reviews of all changes to a facility. Emergency M OCs may be required from time to time to keep the facility running when a key com ponent fails. Em ergency MOCs should be rare. If not, there m ay be gaps in Asset Integrity. Nonetheless, a clear process should be in place in case emergency MOC is needed. Keep in m ind that MOC reviewers and approvers are likely to be in the plant only on the day shift during the week. Therefore, a procedure for addressing emergency MOCs remotely via phone should be preestablished. This procedure should at minim um specify the type of inform ation required and the on-site roles to be consulted before requesting the em ergency MOC. All emergency changes should be restored to normal operating status as soon as possible and be well-documented. Tem porary MOCs m ay also be required from tim e to time for product or process trials or repairs. Temporary M OCs should be planned and scheduled and should not be conducted on an emergency basis. The tem porary M OC for a trial should have an expiration date, after which the process must be returned to its norm al state. If a trial must be extended, a new temporary MOC m ust be com pleted. Tem porary changes should not becom e perm anent Leaders should monitor for signs that temporary changes have been made permanent without appropriate M OC review and approval. If a trialed change is to be made permanent, a second MOC for the permanent change is required. This is because the barriers for a trial are likely different than barriers for a permanent process.
4.2 Manage Barriers | 123
Mid-level and frontline leaders should be alert to the potential impact of “Creeping Changes.” These can happen after m aking several small changes that all fit inside the process window determ ined by the safe operating limits, and therefore are not evaluated by the MOC process. Most simply, if a change moves operating conditions to the edge of the window, the process m ay be more likely to have an excursion outside that window. B ut it can be more com plicated than that. As a m atter of practice, operating windows tend to be established by setting high and low limits on several single process variables such as tem perature, pressure, and level. However, as one process variable moves away from the m iddle of its ranges, the safe ranges for other variables may become smaller. Generally, this information should be available in the database of process knowledge, but it m ay take m ore than cursory analysis to discover. The bottom line is that processes that have had m ultiple sm all changes or that change more than one process condition m ay need more detailed analysis before deciding that MOC is not needed. In addition to process changes, organizational change m ust also be managed. Some companies include Organizational Managem ent of Change (O MOC) as part of their M OC elem ent. O thers address OMOC as part of m aintaining competency. Due to the close linkage to com petency, this book discusses OMOC within the Competency elem ent in Sec. 4.3.1.
4.2.6 Em ergency Managem ent – Preparation and Response Emergency preparation and response practices and plans are m itigative barriers (See Sec. 4.1). They are needed to reduce the
124 | 4 Leadership of the Process Safety Management System
consequences of incidents when releases from prim ary containm ent have occurred. In almost every consequence scenario, emergency preparation and response measures are counted as a barrier providing some risk reduction credit. Therefore, like every other barrier, the reliability of emergency services must be managed to ensure proper function when called on. Unlike m any other barriers, the emergency m anagement elem ent applies to nearly every process. Therefore, if emergency readiness or the ability to respond lapses, risk m ay increase sitewide. Emergency response equipment and personnel are generally distributed throughout the facility. With releases from primary containm ent happening only rarely, it can be tempting to cut the emergency response footprint. B ut you m ust resist. Experience has shown through many incidents that lapses in emergency response capability can add significantly to onsite and offsite casualties. Emergency response needs vary widely and depend heavily on plant size, hazards m anaged on site, and proximity to external resources. Leaders m ust identify the types of emergency responses that the site m ay need and then put in place the equipment and trained personnel required to perform those responses. Com panies that transport their products, for exam ple by truck, rail, barge, and ship, must also identify emergency response measures for these m aterials in transit. Emergency response personnel and equipment m ay be staged, m aintained, and trained in several ways, as described in table 4.6. Some facilities, and m ost multi-site com panies, use a com bination of these methods.
4.2 Manage Barriers | 125
Table 4.6 Emergency Response Organization Options Option Site-based personnel and equipment. Mutual aid with distributed personnel and equipment. Industrial park-based personnel and equipment. Local (paid and volunteer) responders. None. B ack off and let fire burn out or toxic disperse.
Useful for Large integrated sites and sites far from outside resources. Clusters of sites, often with different owners, which agree to deploy their personnel and equipment to assist other sites when needed. Sites in an industrial park where the park provides emergency response services to the sites in the park. Sm all and medium-size single sites near m unicipalities having emergency response capabilities. Sm aller, remote sites if this can be done safely.
Senior executives need to ensure adequate emergency preparedness and m anagement across the com pany. Where necessary, executives m ay need to negotiate m utual service agreements with other m anufacturers. Sim ilarly, national / global service agreements should be pre-arranged with com panies that provide specialty em ergency response services for incidents such as on-road spills and fires and oil well blowouts. Mid-level leaders need to ensure that their facilities have adequate emergency plans and sufficient, welltrained emergency response resources. Similarly, all site personnel should be knowledgeable and well-practiced in emergency procedures. All personnel should know exactly what
126 | 4 Leadership of the Process Safety Management System
to do when they observe an incident, and where to go if an evacuation alarm sounds. Drills based on the m ost significant consequence scenarios should be frequent and robust. Exam ples include but are not limited to em ergency equipm ent operation, safe shutdown procedures, use of escape m asks, and evacuation from marine or offshore structures. Frontline leaders should validate that their teams understand and follow emergency response procedures. They also have the specific responsibility of informing the contractors who work with them of emergency procedures and ensure that the contractors follow them . Individual contributors need to be fully aware of emergency procedures and follow them , whether for drills or actual events. They m ust also watch out for their coworkers and m ake sure that they follow emergency procedures. Put Your M ask on This subject cannot be discussed without addressing the specific case of “Persondown.” All too often, workers who see a co-worker who has collapsed will rush to their colleague’s side, only to be overcome by the same asphyxiant or toxic m aterial (Refs. 4.8 – 4.11). All workers should understand explicitly that any rescue of a downed colleague m ust be m ade by an appropriately trained emergency responder with supplied breathing air. This requires regular drills and
First Before Assisting During every pre-flight safety briefing the crew reminds flyers that in case cabin atm osphere becom es unsafe, they should put on their masks before assisting other passengers. This message is repeated before every flight to condition passengers over time to the proper behavior.
4.3 Manage Competency (Organizational Capability) | 127
training, to overcome the natural hum an inclination to rush to give aid. Person-down drills cannot be practiced too often. Sim ilarly, workers need to be conditioned to avoid heroic m easures, such as racing into the toxic or com bustible gas cloud from a spill to close the valve that could stop the release. In this case as well as the asphyxiation case described above, frequent training and rem inders are needed to combat the normal hum an motivation to save the day without first donning the proper PPE. Workers need support from their leaders that evacuation is the appropriate response, and reminders from their colleagues to do the right thing in these situations. Emergency Management can readily becom e subject to norm alization of deviance. Since process safety incidents are infrequent, it can be easy to forget to plan, evaluate emergency procedures, and conduct drills. Ironically, the tem ptation to deviate from emergency preparedness could increase as culture and PSMS perform ance improves and incidents becom e even less frequent. However, emergency m anagem ent is an integral part of risk management, and must be m aintained, just as process equipment m ust be maintained.
4.3 Manage Com petency (Organizational Capability) Overview
Leaders at all levels m ust ensure that their organizations have the right num ber of employees and contractors with all the knowledge and skills needed to operate safely. For process safety, leaders must identify the needed knowledge and skills for all roles, provide training as
Specify competency needs. Provide training to ensure competence. M aintain process knowledge. M anage competence of contractors.
128 | 4 Leadership of the Process Safety Management System
necessary to build proficiency, and m aintain the knowledge base.
4.3.1 Com petency All workers have som e process safety responsibilities, even those who work in offices far from operations. Everyone must be com petent in carrying out their roles, or else the com petency of the organization will suffer. Organizational com petency also depends on having sufficient personnel with the needed skills in the right places. Sim ply stated, a company should maintain sufficient com petency to safely identify and m anage the hazards of its processes. In the Com petency elem ent, leaders: Identify the skills and resources required to lead, m anage, and operate safely, Provide those skills and resources; and Manage the im pact of organizational change on com petency. Chapter 5 provides a high-level summary of process safety leadership competencies for typical roles. However, each com pany’s inventory of needed skills will be different, according to its processes and risks. CCPS (Ref. 4.12) provides a useful reference for developing such com petency profiles for a wide range of positions. All leaders in the organization are accountable for ensuring that all needed com petencies are in place in their organizations. Form al com petency analysis (Ref. 4.12) should be done periodically to identify com petency needs that have changed and to identify gaps that may have arisen. Com petency gaps are m ost likely to appear during:
4.3 Manage Competency (Organizational Capability) | 129
The first few months of an employee’s new role, Organizational changes, downsizing, and expansion, The initial stages of outsourcing and when changing contractors, B efore and after site divestiture; and In the time leading up to a site closure. When an employee replaces another with no change in responsibilities, the OMOC is fairly straightforward. As their leader, you need to ensure ahead of time that the em ployee is com petent to perform each process safety task in their com petency profile. Depending on the process safety-criticality of the role, approaches such as the following may be considered: Extrem e criticality: Competency m ust be proven before the person takes the role, and critical decisions are reviewed by a knowledgeable person for a reasonable time period. High criticality: Competency m ust be proven before the person takes the role. M edium criticality: Knowledge must be proven before the person takes the role and specific training (classroom or on-the-job) m ust be provided in a specified timeframe. Low criticality: B asic knowledge m ust be delivered and com petency dem onstrated. Given the im portance of MOC, roles that approve MOCs are frequently considered highly or extremely critical. A com mon best practice for such roles requires proof of com petence in all process safety aspects of their new role before they can sign-off on MO Cs.
130 | 4 Leadership of the Process Safety Management System
More com plex scenarios generally require m ultiple personnel moves, and often redesign of com petency profiles. To conduct a com plete OMOC analysis for these scenarios: Take inventory of all process safety competencies required in the current operation. Identify which com petencies need to be added or subtracted, including outsourced roles. Identify if resource needs for certain com petencies need to be added or subtracted. For exam ple, if a unit is being shut down, the resources for ITPM for that unit m ay no longer be needed. B ased on the adjusted com petency inventory, ensure that personnel are assigned to perform each com petency and task. Ensure that assigned personnel have the sufficient capability and tim e to perform their responsibilities.
4.3.2 Effective Training When people learn to drive, they spend considerable classroom and study tim e learning the rules of the road and the mechanics of driving. They then take tests to verify that they have the required knowledge. However, even with this knowledge they do not know how to drive. That does not happen until they have gained experience behind the wheel in progressively more challenging situations. They do not becom e licensed to drive on their own until they have satisfied experience requirem ents and passed a proficiency test. Even then, they m ay not be allowed to drive in higher risk situations (e.g., late at night) until they have gained additional experience. This analogy applies directly to each process safety role. Since em ployees typically move between roles and
4.3 Manage Competency (Organizational Capability) | 131
advance through the organization, they need to receive training for their new roles throughout their careers. Table 4.7 com pares different methods of training and provides some exam ples. Training for a given com petency may involve m ore than one m ethod. In general, the more process safety-critical the role, the m ore personal and hands-on the training should be. Table 4.7 Types of Training Type of Training
Situations Used
One-on-one
Coaching
Non-technical leader entering operations role
RIK – job transition
Employees being promoted to replace their supervisors
Multiple persons
Training in specific hazards
In-depth topics
Training in specialties
When experience and direct feedback needed
PHA leader, MOC approver
Simple topics and high volume
B asic site safety rules and general principles
Classroom Hands-on
E-learning
Exam ples
Operating specific equipment
All training should involve som e form of a test at the end of each session to prove that the material taught has been learned. Considering that training and resulting com petence is critical for m eeting the corporate risk criteria, the passing score for the session should be 100%. As criticality of the role increases, additional tests should be given in the m onths following the training to prove that the m aterial was retained and the tasks are being performed properly as trained.
132 | 4 Leadership of the Process Safety Management System
As part of ensuring overall corporate com petency, senior executives need to monitor overall training metrics and provide sufficient training resources for the com pany. Any senior executives who were not previously exposed to process safety hazards and management concepts need to receive training in these topics. This training should be reinforced with case histories, such as videos and presentations. Discuss case histories that illustrate the destructive power of process safety incidents and the way they can harm people, property, shareholder value, and the environm ent. Some com panies conduct live, small-scale demonstrations of dust explosions, vapor cloud explosions, or runaway reactions, as applicable to the com pany, to help elevate their leaders’ and workers’ sense of vulnerability to these hazards. Mid-level leaders need to provide the needed training to their organizations. O perations leaders com ing from non-process backgrounds should receive training specific to their process safety roles, as well as the general process training noted above for executives. Frontline leaders in operations will generally com e to their positions with skills in som e process safety areas, but gaps in others. Training will be required to fill those gaps. Frontline leaders m ay also be providing training to their team s directly. If so, they m ay need to be trained as trainers. Individual contributors need training as appropriate to their roles. In addition to any skill- and procedure-based training, all individual contributors should be trained on the hazards they m ay encounter as they perform their jobs, and what they must do to control those hazards. Many regulations require refresher training on hazards and controls. Whether required or not, refresher training helps m aintain the sense of
4.3 Manage Competency (Organizational Capability) | 133
vulnerability. Table 4.8 provides a partial list of typical training needs for various individual contributor roles. Table 4.8 Exam ple Training Needs for Individual Contributors Role Operator M echanic Design Engineer
Plant Accountant Receptionist
Typical Training N eeded Hazards of the process Operating procedures Hazards of the process M aintenance procedures Hazards of the process PHA methods Relief valve design Hazards of plant processes (high level) Emergency evacuation procedures Emergency evacuation procedures
4.3.3 Process Knowledge M anagem ent Process knowledge includes all inform ation describing facility design, construction, operation, and m aintenance. M any PSM Ss and the USA PSM regulation use the related term Process safety information (PSI) to describe this material. However, as a leader, you should capture not only the inform ation, but also the knowledge and understanding of how to operate the process safely, what can go wrong, and how the process’ barriers work. In other words, process knowledge is an integral part of corporate com petence. Process knowledge serves as the basis for other PSM S elem ents, most notably HIRA/PHA, operating procedures, MOC, and asset integrity. Therefore, whenever changes are m ade (i.e., via the MOC element), the process knowledge must be kept updated. Without this, the stage becomes set for norm alization of deviance problem s and errors such as:
134 | 4 Leadership of the Process Safety Management System
Missed consequence scenarios and incorrect risk reduction evaluation in process hazard analyses, MOC errors, Operating procedure errors, Incorrect relief system design, Incom plete isolation and lockout/tagout,
Treat process knowledge as a valued asset that you need to invest in, maintain, and protect.
Failure to inspect, test, or maintain critical equipment, Failure to detect a problem during an audit; and Increased difficulty in determ ining incident root causes. Senior executives use process knowledge to understand the risk of facilities and processes com pared to risk criteria. For this reason, senior executives need to provide the corporation with a robust document m anagem ent system for storing process safety knowledge and keeping it up to date. Mid-level leaders and frontline leaders use process knowledge to m anage all aspects of their operations, especially asset integrity and M OC. Mid-level leaders need to ensure that process knowledge is kept up-to-date as the facility evolves. Individual contributors also use process knowledge for troubleshooting, process improvem ent, PHA, and m ore. Engineers and process safety specialists typically update process knowledge following changes. This should be autom atic and never delayed. Process knowledge m ust be available to anyone with a valid need. Som e com panies m ake the honest error of limiting direct access to the process safety organization.
4.3 Manage Competency (Organizational Capability) | 135
They reason that this allows better control of the documentation and prevents invalid inform ation from being cataloged. In this scenario, people who need process knowledge m ust access it through the process safety organization. Experience has shown that this structure can cause people who need the information to re-invent the wheel or obtain data from unofficial sources that m ay not be accurate, up-to-date, or applicable to their operations. Therefore, it is better to use the process safety organization to check the process knowledge in the database instead of serving as the database gatekeepers.
4.3.4 Contractor m anagem ent Com panies use contractors in lieu of employees for reasons including: Supplementing staff during periods of high activity such as turnarounds and trials, Providing professional services or specialized skills needed only occasionally; and Perform ing work that is not a core com petency of the com pany. Contractor assignments m ay range from short assignments of hours or days to quite long-term. When contractors perform roles considered to not be a corporate core com petency, they m ay be onsite all the tim e. Contractors may be exposed to the same process safety risks as em ployees, and in some cases the risks may be greater. Therefore, all process safety risk m anagem ent activities should control the contractors’ risks to meet the same risk criteria applied to em ployees. Preparing the contractors to work safely and within the framework of the facility’s PSM S m ay be complicated.
136 | 4 Leadership of the Process Safety Management System
Often, the terms of the contract specify that the facility cannot m anage or train contractors directly, to avoid co-employm ent issues. In such cases, the facility m ust instruct the m anagement of the contractors’ com pany about hazards and protection m easures, and then the contractors’ m anagement must instruct them . Similarly, providing corrective feedback m ay also have to go to the contractor through their m anagement. Finally, contractors som etimes use sub-contractors, only adding m ore com plexity to this challenge. Avoiding co-employment issues, Validate contractor however, does not m ean that the competency, even if com pany should not ensure contractor the contract says the contracting com petency. For many tasks, contractor company must com petency assurance is critical to provide training. It’s m eeting corporate risk criteria. These your facility that’s at tasks include welding on pressure stake. equipment, testing of safety instrumented system s, and the design, operation, or m aintenance of any critical barrier. Additionally, contractor com pliance with cardinal rules should be enforced as diligently as with em ployees. As challenging as m anaging contractors within the facility’s PSMS can be, aligning contractors with the facility’s culture can be m uch harder. Contractors arrive influenced by their own com panies’ culture and the cultures of other facilities at which they’ve worked. For exam ple: Contractors who have worked in facilities with little COO/OD may not work with the diligence you expect; and Contractors who have worked in facilities that frequently take shortcuts m ay do so in your facility.
4.3 Manage Competency (Organizational Capability) | 137
Contractors m ay have also worked at facilities with a more m ature process safety culture. This is a great opportunity for site leaders to learn and improve from the contractors’ experiences. Contractors are usually m otivated by business com mitments to provide services on a com petitive schedule and price. They likely fear that if they fail to m eet the schedule or exceed the agreed-upon price, future business could be jeopardized. This fear can lead to taking shortcuts and other norm alizations of deviance, even in contractors with a good track record. You need to be pay attention to situations in which contractors fall behind schedule or budget and consider carefully how you discuss such situations with the contractors. Pounding the table and demanding that contractors get back on schedule will likely drive them to take shortcuts. You will get better results discussing how the contractors can get the job done safely, and, if necessary, revisiting the schedule or budget. Additionally, you should m onitor the contractors’ work more closely to make sure that their work remains com pliant with your com petency standards. Contractors also wish to please you as their leader. You therefore have the responsibility to ensure that what you are asking them to do is safe. The contractor m ay do the task to please you whether it is safe or not, so it is up to you to be sure. You also should be careful what you say when you think no one is listening. If a contractor overhears you saying som ething like, “I wish we didn’t have to do lock-out tag-out,” even in jest, they m ight grant your wish. Senior executives generally handle larger contracts, including capital projects and m ajor service agreements.
138 | 4 Leadership of the Process Safety Management System
They have primary responsibility for ensuring that these contracts are executed so as to meet corporate risk criteria. Senior executives should validate that their organizations m anage more localized contractor arrangements to the risk criteria. Senior executives with legal and HR responsibilities m ust develop an appropriate strategy to prevent coemployment issues while rem oving obstacles to providing contractors with essential hazard inform ation and training. Mid-level and frontline leaders m ust manage the com bined employee-contractor workforce and integrate contractors into the com pany process safety culture and PSMS. They m ust ensure contractors are properly trained, follow procedures, com m unicate problem s, and generally have the sam e operational discipline as employees. Individual contributors serve as the culture role model for contractors. They m ust demonstrate proper operational discipline and guide the contractors to do likewise. When issues arise, individual contributors should elevate these to leadership prom ptly. Contractor leadership has the same process safety responsibilities as the com pany’s leaders. They should ensure that em ployees are adequately trained and competent and that the com pany has provided all inform ation needed for their employees to perform their contract work safely. They need to m onitor the working conditions of their employees. When their employees’ safety is at risk, they must push back on the host com pany’s leaders to take action. They must also alert the host com pany if the quality of their work could lead to unsafe operations at the facility, as em barrassing as that may be.
4.4 Verify Performance and Improve | 139
4.4 Verify Perform ance and Im prove 4.4.1 Audits
Overview
Like audits of any other business practice, Audits M etrics PSMS audits serve critical roles in Incident governance and risk management. Investigation Process safety audits are independent M anagement reviews to determ ine if PSMSs are Review functioning as intended and com ply with regulations and corporate standards. Com panies and facilities with strong process safety cultures will also use audits to identify opportunities to improve the PSMS and culture. Form al audits are typically conducted every 3 years. However, facilities considered by the com pany to be higher-risk (See Sec. 4.1.1) may be audited m ore frequently. Many com panies also conduct frequent inform al audits, som etim es focusing on targeted improvement areas. Audit findings describe the non-conformances with the applicable management system elements, standards, and regulations. Many com panies ask auditors to recommend m eans to close conform ance gaps. Others prefer auditors to only describe the finding and leave it to the responsible leader to determ ine how to close the gap. The choice of approach depends partly on the corporate legal philosophy and partly on the strength of the culture. In general, if the company has a strong process safety culture, either approach can be successful. However, if the culture is not yet strong, auditors should not offer recomm endations. This often leads to cosmetic solutions that m ay reduce the num ber of findings, but do not fully close gaps.
140 | 4 Leadership of the Process Safety Management System
Facilities with strong process culture welcome audits and encourage their personnel to cooperate fully with auditors. Sim ilarly, auditors should perform their role in a constructive way, showing the facility personnel that the audit is a constructive activity, not punitive. Since audit findings represent weaknesses that could lead to incidents, facilities with strong process safety cultures strive to correct the findings as quickly as possible. A finding that repeats from a previous audit indicates a cultural weakness.
Signs of a weak culture revealed by auditing Fear of audits. Leaders absent from opening and closing meetings. Difficulty scheduling interviews with leaders and other key people. Cleaning up behind the audit team , hoping to remove findings before audit is finished. Evidence of “Checking the box.” Poor housekeeping. Disorganized filing. Attempts to distract auditors. Negotiating findings based on cost. Challenging every finding.
Senior executives are responsible for process safety auditing, as part of its overall auditing and risk review program . The audit function m ay be organized as an independent oversight function, within the corporate organization, or within corporate legal, as well as other organizational options. The key to success is avoiding conflict of interest between the audit function and the line organization. Mid-level operational managers typically are the recipients of the audit. They are prim arily responsible for providing unhindered access of the auditor to records, employees, and the facility. During audits, they m ay guide
4.4 Verify Performance and Improve | 141
auditors to inform ation the auditors could not find that could negate a finding. Otherwise, mid-level leaders should support the auditors and thank them for uncovering gaps so that they can be closed. After the audit, the gaps should be closed as soon as feasible. Frontline leaders and individual contributors typically are interviewed formally or informally by auditors, and direct them to files, site locations, and additional interviewees. Their prim ary responsibility is to speak honestly and openly about how they carry out their roles. Like mid-level leaders, they should support the auditors and thank them when they find gaps.
4.4.2 Metrics Metrics, som etimes referred to as key perform ance indicators (KPIs), are com mon management tools to m onitor conditions and drive improvement. As such, leaders need m etrics to help m onitor both the PSMS and the culture. You should establish an appropriate num ber of metrics, tracking both PSMS element perform ance and the culture.
What m etrics should I use? Start with API RP-754 (Ref. 4.14), which reflects considerable industry experience with metrics. CCPS provides additional useful references (Refs. 4.15 and 4.16)
You should take care in selecting and using m etrics to m ake sure they measure what you intend and drive correct behaviors. For example, if you wish to have a m etric that measures com pletion of tasks, make sure that you address every place that tasks are tracked. Sim ilarly, include appropriate verification of completion so that “Check-the-box” behavior is avoided.
142 | 4 Leadership of the Process Safety Management System
You will get the most value from m etrics when they are used to monitor performance of the PSMS and culture, rather than individual performance. In the latter case, you m ay drive your leaders and employees to hide disappointing results. For this reason, avoid performance incentives based on process safety m etrics unless they prom ote and measure positive behaviors. Once process safety metrics have been established for the com pany, each leader is responsible for collecting and analyzing the data within their span of control. All leaders are expected to understand the reason for the metrics results and trends, including when the m etrics are consistently good. Indeed, metrics that remain consistently good m ay be a warning sign of trouble. While good metrics m ay indeed result from excellent performance, they could also be caused by: Checking-the-box, Problem in the data collection system or process, Regular deferrals within time limits, Problematic system s excluded from metrics, Measuring the wrong things; or Rigging the data. Therefore, leaders should challenge consistent m etrics – especially consistently good metrics to make sure they are real, and then take appropriate action. Finally, consistently good metrics that truly bear out excellent perform ance may present an opportunity to shift attention to a different part of the PSMS. Look for opportunities to im prove and develop new metrics to support im provement in that area.
4.4 Verify Performance and Improve | 143
4.4.3 Incident Investigation and Resulting Actions Incidents, including actual losses of containment and, especially, near-m isses, provide the best opportunity for com panies to learn and improve their PSMS, culture, and process knowledge. Of course, good leaders seek to learn and improve at all times. B ut incidents help drive improvement for 2 key reasons: A near-m iss or loss of containment clearly shows that a gap exists; and Whether or not anyone is hurt, when an incident occurs, everyone experiences a heightened sense of vulnerability. This helps motivate action and follow-up. Therefore, when an incident or significant near-m iss occurs, all leaders need to fully support the incident investigation process. An investigation team should be form ed and m eet at the location as soon as it is safe to enter. The team should then conduct an unbiased investigation using an appropriate investigation method (Ref. 4.17) until the root causes – fundamental flaws in the PSMS or process knowledge – are found. Specifically, the investigation team m ust: Identify the barrier(s) and/or process com ponent(s) that failed, Identify the PSM S elem ents and sub-elements that enabled or failed to stop the failures; and Recom mend specific actions to system atically prevent these failures from happening again in the process, facility, and company. As previously discussed, by definition, when an incident happens, all preventive barriers have failed. The investigators must find the direct causes for every failed
144 | 4 Leadership of the Process Safety Management System
barrier, the root causes of the barrier’s management system failure, and, of course, identify corrective actions for all. Senior executives have overall responsibility for the PSMS and process knowledge. For this reason, senior executives are accountable for incident investigation. Incident investigation produces the most lasting value when the responsible senior executive charges the investigation team to, “Tell m e where I fell short in the design or execution of the PSM S, so that I can improve them.” When they find the answer, they thank the audit team and then ensure that gaps are closed.
Tell m e where I fell short, so I can Im prove What a powerful message to the investigation team and everyone in the company! It establishes you as a process safety leader who people want to follow.
A good practice is to assign a mid-level leader with independence from the site to investigate a m ajor incident. The leader needs to assem ble a cross-functional team with understanding of the diverse topics including the technology, the design, and the maintenance and operations, along with investigation specialists. The leader then facilitates the team ’s efforts and handles com munications as necessary across the com pany. The m id-level and frontline leaders responsible for the site, technology, and operations will generally not lead the investigation team . B ut they will be responsible for helping the team with logistics, inform ation, and introductions to relevant site personnel. Similar to senior executives, these leaders should welcome feedback on where they m ade an error in executing the PSM S, so they can correct that error and prevent sim ilar incidents.
4.4 Verify Performance and Improve | 145
Incident investigation should never end with worker error as the root cause. Workers, like any other humans m ake errors. If a worker errs m ore frequently than norm al, this may be caused by having: A gap in knowledge or ability, Abnorm al fatigue or stress; or Excessive distraction. Any of these m ay be caused by fundam ental root cause failures in one or m ore PSM S elements or the culture that needs to be corrected. Gaps in worker knowledge or ability m ay reflect weaknesses in Training or m ay mean that hum an action was not a reliable-enough barrier. Fatigue may reflect insufficient personnel or m anagers who do not interact closely enough with their workers to notice. Distraction can have m any sources that also can be addressed. With root causes known, action items should be developed. These typically include, for exam ple:
Rem em ber! Incidents are caused by failures in one or more PSM S elements. Leaders are responsible for correcting the PSM S gaps. While operators can, and do, err, you took this into account during process design and risk assessment. So, when an incident occurs, one or more other things have also failed.
Im provem ents to internal standards (and potentially to external standards), Im provem ents to functional operations, Changes in one or more elements of the PSM S, Changes in process, chem istry, materials of construction, or technology; and Personal improvement actions to be taken by leaders.
146 | 4 Leadership of the Process Safety Management System
4.4.4 Managem ent Review and Continual Im provem ent CCPS (Ref. 4.18) defines Management Review as …the routine evaluation of whether management systems are perform ing as intended and are producing the intended results as efficiently as possible… (and) …the on-going ‘due-diligence’ review by management that fills the gap between day-to-day work activities and formal periodic audits. The intent of Management Reviews is to evaluate the: Effectiveness of PSMS implementation, Progress towards corporate goals and initiatives, Roadblocks hindering progress and how to remove them , Lessons-learned from incidents and high potential nearm isses; and Risk perform ance compared to corporate risk criteria and to initiate actions for correction or im provement. As a leader of any level, from the Board to the frontline, you need to include process safety in your M anagement Reviews, to ensure that you understand the efficacy of the PSMS elements within your span of control. When the PSMS is well-established, it is efficient to include process safety in your general m anagement reviews. This also sends the proper m essage that process safety is integral to the business. When implementing significant PSM S im provements or when you wish to place special em phasis on process safety,
4.4 Verify Performance and Improve | 147
standalone PSM S reviews may be beneficial. While both options are acceptable, the key is to structure the Management Review consistent with the risk of the facility and to ensure they happen. Com prehensive Management Reviews are typically conducted annually. However, you should review the status and progress of one or more critical PSM S elem ents or key programs at each of your m onthly management meetings throughout the year. What you review each m onth should be determ ined based on your goals, key risk drivers, KPIs, history of incidents, and audit results.
Driving Culture Conducting routine Managem ent Reviews and taking follow-up action is the ultim ate confirm ation to the entire organization that corporate and site leadership is serious in their commitment to process safety, to learning and improving the process safety culture, and all the culture core principles in between.
As a leader at any level, the first step in a m anagem ent review is to review with your group and group mem bers your individual and collective progress on process safety objectives, goals and plans as they align with corporate goals and initiatives. The second step is for you to define actions to correct or improve, then review the results of both steps with your superiors and form alize your strategy moving forward. Management Review should address topics such as: Perform ance metrics including leading and lagging indicators (as discussed in Chapter 2) for incidents and PSMS efficacy, Audit findings and PSM S action item s,
148 | 4 Leadership of the Process Safety Management System
Progress towards closing gaps on corporate risk criteria or initiatives, Roadblocks to effective implem entation of PSM S, to reaching goals or closing gaps, Im provem ent opportunities, Resources and personal development needed; and Recom mended actions. The review team should answer 5 questions: 1. What is the quality of our program ? 2. How does this com pare with the results we want? 3. In what ways are we deviating from our stated priorities or distracted from our goals? 4. What actions should be taken to correct or improve the PSMS and to m eet corporate risk criteria or initiatives? 5. How can we achieve results m ore efficiently? Senior executives are responsible for process safety m anagem ent reviews, as part of the overall PSM S and risk review program. While formal Managem ent Reviews are typically conducted annually, executives may have m any reviews throughout the year depending on the size of the com pany, the num ber of business units or different types of technology em ployed. Ongoing Management Reviews are conducted for: A sm all site or units within a large integrated site. A business unit or a large integrated site. The corporation, which is typically a rollup of all business m anufacturing m anagem ent reviews and progress towards corporate goals and initiatives.
4.4 Verify Performance and Improve | 149
One-off or m ore frequent Management Reviews m ay happen for a m anufacturing unit or business having perform ance issues such as: A m ajor incident, A high process safety incident rate, or PSM S KPIs statistically out of line with the rest of the com pany, A significant change in risk, e.g., a new public or private development (i.e., building, park, etc.) near the fence line of a facility containing volatile toxic m aterials; or Learnings from another com pany’s significant or catastrophic incident, especially if using the sam e or similar technology or managem ent systems.
Go Deeper Than the N um bers It’s certainly true that what gets measured gets done. However, it’s important to understand the “what and why” behind the metrics. That helps elevate the importance of what the metrics represent. It also helps avoid misleading metrics and results.
Mid-level leaders review similar data/input for their areas of responsibility. Their focus will of course be on their span of control and their questions will probe further into details. Frontline leaders and individual contributors frequently help their leaders analyze metrics and prepare for Management Review m eetings. Key frontline leaders and individual contributors generally participate in the reviews conducted by their m id-level leader. All leaders should consider the value of involving frontline leaders and individual contributors in M anagement Review m eetings. This goes beyond their role in providing valuable
150 | 4 Leadership of the Process Safety Management System
information and interpretation. Equally important, recognizing these individuals in front of the leadership team helps boost their personal commitment to process safety and elevates their importance to the overall operation. Table 4.9 provides a simple high-level structure for a Management Review meeting. Table 4.9 Typical Management Review M eeting Structure Review Topic: Effectiveness of PSMS implementation. Progress towards meeting corporate goals and initiatives: Incident rate. Corporate risk criteria. Initiatives, (e.g., upgrading asset integrity program ). Roadblocks hindering progress and how to rem ove them How Lessons-learned from incidents and significant nearm isses have been integrated into improvement of PSM S and whether upgrades at a com pany level are needed Additional key item 1 ____________________ Additional key item 2 ____________________
N otes and Actions
4.5 Build and Strengthen Culture | 151
4.5 Build and Strengthen Culture 4.5.1. Introduction to Culture
Overview
Investigations of many process safety incidents have shown that cultural failures rival m anagem ent system failures as leading causes. Similarly, when longterm successes have been achieved, strong cultures of process safety excellence have been an integral factor.
Drive culture Involve the workforce Outreach to stakeholders
Just as leaders establish the overall corporate culture, they equally establish process safety culture. The culture of the organization shows in how people act when they are not being directly monitored. M uch of that depends on how you exercise CO O/O D (See Sec. 4.2.1). CCPS (Ref. 4.13) provides a detailed reference for evaluating process safety culture, identifying gaps, and then addressing these gaps to im prove culture. The core principles outlined in this book (see Chapter 3.) are: Establish an Imperative for Process Safety Provide Strong Leadership Foster M utual Trust Ensure Open and Frank Comm unications Maintain a Sense of Vulnerability Understand and Act Upon Hazards/Risks Empower Individuals to Successfully Fulfill their Process Safety Responsibilities Defer to Expertise Com bat the Norm alization of Deviance Learn to Assess and Advance the Culture
152 | 4 Leadership of the Process Safety Management System
Each culture core principle builds upon the previous ones. When seeking to strengthen culture, it can be useful to design the effort following the order of these principles. Senior executives have an absolutely critical role in setting the culture. Culture stands on four legs that senior executives must m aintain: The expectations they set, The way they drive COO and follow O D personally, Their passion for process safety; and The way they monitor and reward perform ance. If even one of these legs weakens, process safety culture can wobble and fall. Mid-level leaders m ust translate the culture set by senior executives into action in facilities. They need to advocate for the culture to their teams and peers, and when necessary push back on executives if they perceive inconsistent com mitment to process safety. Like executives, they m ust drive COO and follow OD personally. Frontline leaders and individual contributors m ust live the culture, serving as role models. They demonstrate COO/OD to execute the PSM S elem ents, build teamwork around the desired culture, and drive direct buy-in from em ployees and contractors.
4.5.2. Workforce Involvem ent “That’s all well and good, but let me tell you what really happens Sunday at 3:00 AM…” Workers who interact closest with the process have a view of how the process and m anagement system s work
4.5 Build and Strengthen Culture | 153
that may be closer to reality than the leaders who designed and m anage it. Leaders, therefore, benefit greatly from routinely and system atically engaging with workers on the frontline. In such interactions, leaders can learn about the effectiveness of operational discipline and the understanding of hazards and risk, while hearing about potential warning signs and improvement opportunities. Senior executives should regularly visit facilities. Executives will not have time to interact broadly with the frontline, and indeed, doing so m ay disem power the mid-level and frontline leaders in the eyes of their employees. Instead, senior executives should ensure that their leaders engage with their em ployees regarding process safety.
Don’t just talk about “safety” Some leaders find it easier to talk only about occupational safety. B ut if you do this, you m ay unintentionally send the signal that occupational safety is more important than process safety,
Senior executives also need to m ake sure everyone understands their personal commitment to process safety. In large companies, it is highly unlikely that executives will be able to visit all sites. It is therefore useful for executives to use video- and web-conferencing to connect m ore broadly with the organization about process safety. Such interactions are sometim es referred to as “Town hall m eetings.” Mid-level leaders, on the other hand, should visit all their facilities periodically, setting aside time in their schedules to ensure this happens. In the daily press of business, it can be difficult to get out of the office. B ut doing so is essential. Depending on the scope of their roles, they may not be able to interact with every em ployee, but employees should know they can reach out with concerns and ideas. When they do interact
154 | 4 Leadership of the Process Safety Management System
with workers, they should put them at ease, and encourage them to speak freely about process safety as well as other topics. They should also ensure that their frontline leaders are actively engaging in workforce involvem ent. Frontline leaders must interact directly and frequently with their employees and contractors and should be visiting all parts of their units regularly. They, too, m ust put workers at ease about sharing concerns and ideas. Workforce involvement activities may also be done in form al m eetings, whether as part of regular safety meetings or general team m eetings. Individual contributors m ust freely share their ideas and concerns. While initially they might meet their leaders’ call for sharing with skepticism, they should share nonetheless. Best results m ay often be obtained by expressing concerns as a request or as an opportunity, rather than a complaint. This helps avoid putting m anagement on the defensive. All leaders must take the concerns and ideas they hear seriously and thank anyone who shares for doing so. Certainly, any concerns or ideas that have potential to im pact whether the process meets the risk criteria should be addressed. There may be som e concerns and ideas that are not possible to address or implement. However, all concerns and ideas deserve to be acknowledged and responded to. Note that workforce involvem ent interactions need not focus exclusively on process safety. They can, for exam ple, help identify warning signs and im provement opportunities related to quality, productivity, occupational safety, etc. Workforce involvement also has the potential to improve labor relations, easing future negotiations.
4.5 Build and Strengthen Culture | 155
In many parts of the world, workforce involvem ent can be m ore difficult, particularly in hierarchical cultures where com munication flows prim arily from the top-down. Each such culture is unique and no single solution fits all situations. Four potential approaches include: Creating a specific new culture of that rewards two-way interaction about process safety, Tying the need for workforce involvement to som e other culturally acceptable convention, Anonymous reporting of concerns and ideas; and Approaching concerns from the perspective of curiosity. For exam ple, instead of stating directly that polymer is blocking a relief valve, a worker m ight ask “What does it m ean when polymer builds up around the relief valve?”
4.5.3 Stakeholder Outreach Stakeholders generally mean members of the com m unity near the facility, including residents and businesses, as well as public safety, security, and health organizations. However, there m ay be many more stakeholders that facilities and com panies m ay consider interacting with. These include trade, technical, and civic associations, suppliers, and customers. Com munity stakeholders m ay be affected if a catastrophic incident occurs, and therefore your facility should help them prepare to act appropriately. Neighbors should know whether to shelter-in-place or evacuate, and how to do both. Em ergency responders should be prepared to address the consequences of the incident, from first response to intervention to m edical treatment. In many cases, fire and medical equipment m ay have to be provided to the comm unity to ensure their readiness.
156 | 4 Leadership of the Process Safety Management System
B eyond the com m unity, outreach to suppliers can help ensure that no new hazards are introduced to the facility through changes to incom ing materials. Outreach to customers can help them m anage the hazards of the products provided, helping them continue as customers. Customer outreach can also provide the com pany with valuable feedback about newly discovered product hazards. Interaction in industry groups is also im portant to help all m em bers of the group learn process safety lessons from each other, providing the opportunity to address sim ilar potential problems in your own company. The types of cultural interactions with stakeholder groups m irror closely those used in workforce involvem ent: build trust, establish open and frank communication, and then understand and act on hazards/risks. And just as with workforce involvement, these interactions must continue over tim e, or the trust and com m unication will fade. The short-term effects of failure to conduct stakeholder outreach m ay not be noticeable. However, continued neglect can lead to serious problem s. For exam ple, neighbors and emergency responders m ay forget what to do in case of an offsite release. B ut even beyond process safety, failing to build trust and open comm unication with the com m unity can eventually lead to resistance to the facility, m aking it much harder to expand and grow. With pipeline and m aritim e operations, stakeholders can have a direct impact on process safety (e.g., striking a line or colliding with an offshore structure). In these cases, proactive and ongoing com munication with the community m ay be a barrier helping prevent a process safety incident. Senior executives are accustomed to stakeholder outreach with the investment community and trade
4.5 Build and Strengthen Culture | 157
associations. The latter is a useful opportunity for executives to prom ote best practice standards and industry codes of conduct such as Responsible Care , and to benchm ark with fellow executives on how they lead process safety. They are also responsible to ensure that their organizations practice stakeholder outreach with their local communities.
®
Mid-level leaders and frontline leaders generally have responsibility for stakeholder outreach with the local com munity. For exam ple, the facility leader will typically interact with community leaders and be visible at com munity m eetings. Mid-level leaders m ust also ensure that all of the elem ents of comm unity outreach and coordination are functioning well.
Encourage em ployees to be active in their com m unities Not all outreach needs to be formal. When employees get involved in local civic and charitable organizations, the outreach value can be significant.
First-line leaders typically implement elements of outreach. Em ergency response coordinators ensure that offsite resources are trained and ready and the community is prepared for evacuation or shelter-in-place. Comm unication leaders run com munity meetings and handle ongoing communications and relations with the community. Individual contributors have a key role in the comm unity simply by living in and interacting with it. O ften, workers live in the comm unity, and therefore can experience firsthand both the outreach from the facility and the reaction of their neighbors. They can serve as am bassadors of the facility and bring comm unity feedback to their leaders that m ight not otherwise be comm unicated.
158 | 4 Leadership of the Process Safety Management System
4.6 Sum m ary As a leader at any level in your com pany, you must also be a process safety leader. This starts by embracing the im perative for process safety, by understanding the business case, by developing a sense of vulnerability, and by promoting process safety in the way you com m unicate and how you act.
As a leader at any level in your company, you must also be a process safety leader.
However, unless you also fulfill your role in the PSMS with professionalism and drive your leaders, peers, and reporting structure to do the same, you will not achieve results. Driving the PSM S includes: Developing and understanding corporate risk criteria, Understanding your hazards and im plementing a fully functioning set of barriers required to meet your com pany risk criteria, Executing the elem ents of the PSMS with rigor and professionalism to measure barrier perform ance and ensure barriers rem ain effective, Ensuring that your organization has the required com petencies in the right places; and Verifying perform ance and driving continual improvement. Only then will you be able to create the disciplined process safety culture you need to achieve the desired results – zero process safety incidents.
4.7 References | 159
4.7 References 4.1
Parliament of the United Kingdom, Health and Safety at Work Act, London, 1974, and related references.
4.2
NEN , NTA 8620: 2016en, Specification of a Safety Management System for the Risks of Major Accidents, Delft, 2016.
4.3
CCPS, Guidelines for Developing Quantitative Safety Risk Criteria, American Institute of Chemical Engineers, New York, 2009.
4.4
CCPS, Guidelines for Hazard Evaluation Procedures, 3 rd ed., American Institute of Chemical Engineers, New York, 2008.
4.5
CCPS, Conduct of Operations and Operational Discipline: For Improving Process Safety in Industry, American Institute of Chemical Engineers, New York, 2011.
4.6
CCPS, Guidelines for Asset Integrity, American Institute of Chemical Engineers, New York, 2016.
4.7
CCPS, Guidelines for Mechanical Integrity Systems, Am erican Institute of Chemical Engineers, New York, 2006.
4.8
CSB , Valero Asphyxiation Incident, Washington, DC, 2006.
4.9
CSB , Union Carbide Corp, Nitrogen Asphyxiation Incident, Washington, DC, 1999.
4.10 CSB , DuPont LaPorte, Texas Chemical Facility Toxic Chemical Release, Interim Recom mendations, Washington, DC, 2015. 4.11 CSB , Safety Bulletin, Hazar ds of Nitrogen Asphyxiation, Washington, DC, 2003. 4.12 CCPS, Guidelines for Defining Process Safety Competency Requirements, American Institute of Chemical Engineers, New York, 2015. 4.13 CCPS, Essential Practices for Developing, Strengthening, and Implementing Process Safety Culture, American Institute of Chemical Engineers, New York, 2018. 4.14 Keim, K., editor, Recommended Practice 754, Process Safety Performance Indicators for the Refining and Petrochemical Industries, 2 nd ed., American Petroleum Institute, 2016.
160 | 4 Leadership of the Process Safety Management System
4.15 CCPS, Process Safety Leading and Lagging Metrics, Am erican Institute of Chemical Engineers, New York, 2011. 4.16 CCPS, Guidelines for Process Safety Metrics, American Institute of Chemical Engineers, New York, 2009. 4.17 CCPS, Guidelines for Investigating Chemical Process Incidents, 2nd Edition, American Institute of Chemical Engineers, New York, 2003. 4.18 CCPS, Guidelines for Risk Based Process Safety, American Institute of Chemical Engineers, New York, 2007.
1SPDFTT4BGFUZ-FBEFSTIJQGSPNUIF#PBSESPPNUPUIF'SPOUMJOF By 5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST Copyright¥5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST
5 LEADERSHIP ROLES AN D ACCOUN TABILITIES Chapter 4 discussed the common elements of process safety m anagem ent system s (PSMS). This helps you develop the leadership skills you will need as you advance through the organization and ensure the intended results are achieved by the PSMS. To achieve these results, you must m anage a broad range of activities within your PSMS. These systems enable your com pany to: Hire, train and deploy personnel capable of carrying out the necessary activities within the PSMS, Design, procure and install equipment m eeting good engineering practices appropriate for the specific hazardous m aterial service, Identify barriers required to meet your corporate risk criteria, Manage those barriers, Manage com petency for process safety at all levels and functions, Lead with Integrity to build and strengthen culture; and Verify perform ance and drive continual improvement.
161
162 | 5 Leadership Roles and Accountabilities
This chapter provides exam ples of generic role tem plates outlining attributes, responsibilities, and accountabilities on PSMS, including Conduct of operations and operating discipline. These role tem plates are available on the accom panying resources as one-pagers and can be custom ized for your organization. Figure 5.1 – Listing of Role Templates 1. Executive Leadership 2. Operations Leadership (Multiple facilities within a site or across a geography) 3. Engineering Roles - Engineering Leadership 4. EH& S Leadership 5. R& D Leadership 6. Support Function - Purchasing Leadership 7. Support Function - Human Resources Leadership 8. Operation/Asset Team Leadership - Plant Superintendents 9. Operation/Asset Team Leadership Maintenance Leaders 10. Operations Roles - Production Engineers 11. Operations Roles - Plant Operators 12. Operations Roles - Maintenance Technicians 13. Engineering Roles - Process Safety Specialists
®
The templates, in Excel form at, m ay be downloaded from www.aiche.org/ccps/publications/leadership.
Listing of Role Templates | 163
Where there are other roles in your com pany with process safety responsibilities, sim ilar role tem plates can be developed.
164 | 5 Leadership Roles and Accountabilities
Table 5.1 Executive Leadership Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Understands m ajor potential consequences and key progr am s needed to prevent m ajor consequences. 2. Endorses and supports key programs to safeguard against major potential consequences.
Corporate vision and goals
1. Corporate vision for process safety is defined and com municated. 2. Establish goals for process safety event (PSE) Tier 1 and 2 elimination, and risk reduction consistent with cor porate risk criteria.
Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
1. Ensures PSM S and COO policies, requirem ents, systems and KPIs are developed and implemented, focusing on building a healthy process safety culture.
Risk criteria
Ensures risk criteria are developed and im plemented.
2. Ensures good or sound engineering practices and industry best practices or initiatives are followed.
1. Single scenario risk criteria are defined/implemented for semiquantitative risk analysis and specification of safety instrumented system s across the corporation. 2. Cumulative risk criteria may be defined and implemented for quantitative risk analysis and single scenario risk criteria validation.
Table 5.1: Executive Leadership Role | 165
Table 5.1 (Continued) Executive Leadership Role Phase
Focus Area
Accountability
Operate within constraints
PSMS, COO , OD and culture
Understands and fulfills their roles in PSMS with COO/OD, including: 1. Allocation of resources, both financial and human to execute the PSM S. 2. Prioritization and funding of risk reduction initiatives to meet corporate incident and risk goals and criteria.
M aintain
Significant incidents and near-misses
Reviews significant incidents (internal or external) and near-miss PSM S failures. 1. Ensures appropriate PSM S corrective and preventive actions. 2. Appropriately leverages within or outside the com pany.
Visibility, reinforcement
1. Spends time in facilities , reinforces PSMS. 2. Com mem orates significant incidents and importance of implementing, operating within the constraints and m aintaining barriers. 3. Conducts process safety com munications; e.g., goal progress, significant achievements, incident issues.
Verify
M anagem ent system reviews
Ensures management system reviews are conducted, and improvement plans and goals are established and updated using m etrics, including: 1. Audit results, KPIs for PSM S and COO. 2. Progress against corporate process safety goals, such as; Tier 1 and Tier 2 PSE, risk reduction initiatives. 3. Holds subordinates accountable for corrective/preventive action com pletion.
166 | 5 Leadership Roles and Accountabilities
Table 5.2 Operations Leadership Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Acquires strong knowledge of process, specific major scenarios and barriers. 2. Implem ents systems and tools to understand barriers are implemented, operated within their constraints and m aintained consistent with corporate risk criteria.
Corporate vision and goals
1. Sets the tone for following vision and m eeting goals. 2. Articulates vision and goals in term s of business drivers and com municates in terms meaningful to workers.
Operate within constraints
Process Safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and Culture
1. Ensures implementation of risk reduction measures from incidents, assessm ents or reduction initiatives/goals. 2. Helps develop the PSM S andCOO policies, requirements, systems and KPIs.
PSMS, COO , OD and culture
Understands and fulfills their roles in PSMS with COO/OD:
3. Ensures good or sound engineering practices and industry best practices or initiatives are followed.
1. Executes PSM S and COO including hazard assessm ents, risk reviews, M O C, PSSR, etc. 2. Identify and advocates for resources to m eet PSM S, COO, corporate incident and risk reduction goals. 3. Ensures barriers are operated within their constraints.
Table 5.2: Operations Leadership Role | 167
Table 5.2 (Continued) O perations Leadership Role Phase
Focus Area
M aintain
Accountability 1. Hires personnel, trains/educates, provides resources, ensures com petency, holds accountable, and provides logical incentives. 2. Pre-qualifies, hires, and m anages contractors. 3. Maintains sense of vulnerability, m aintains com mitm ent, and keeps corporate mem ory alive. 4. Ensures barriers are m aintained: inspected, tested, calibrated, etc., and are m aintained to be fit for service.
Incidents and near-misses
Investigates incidents and near-miss PSMS failures. 1. Ensures appropriate PSM S corrective and preventive actions. 2. Escalates significant and high potential near-misses. 3. Recom mends appropriate leveraging to the right level within or outside the com pany.
Verify
Visibility, reinforcement
1. Spends time in field, has ability to recognize hazards in the field. 2. Ensures barriers are being operated within their constraints and m aintained. 3. Ensures actions from incidents, assessm ents, etc., are implemented.
M anagement system reviews
Ensures PSMS reviews are conducted and improvement plans and goals are established/updated using metrics. Includes: 1. Audit, self-assessment results of PSMS, COO. 2. Progress against corporate PS Goals, such as; Tier 1 and Tier 2 PSE, risk reduction initiatives. 3. Holds subordinates accountable for corrective/preventive action completion.
168 | 5 Leadership Roles and Accountabilities
Table 5.3 Engineering Leadership Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Acquires knowledge of m ajor potential consequences and how they can happen. 2. Endorses, supports or owns key programs to barrier against major potential consequences, e.g., equipment design and maintenance good engineering practices, asset integrity, risk criteria and evaluation process.
Corporate vision and goals
Ensures corporate vision for process safety is defined and com municated as it relates to engineering services.
Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
1. Ensures PSM S and COO (Engineering policies, requirements and systems) are developed and implemented, focusing on building a healthy process safety culture.
Risk criteria
Helps establish and implement risk criteria.
2. Ensures good or sound engineering practices and industry best practices or initiatives are followed.
1. Single scenario risk criteria are defined/implemented for semiquantitative risk analysis and specification of safety instrumented systems across the enterprise. 2. Potential cumulative risk criteria may be defined and implemented for quantitative risk analysis and single scenario risk criteria validation.
Table 5.3: Engineering Leadership Role | 169
Table 5.3 (Continued) Engineering Leadership Role Phase
Focus Area
Accountability
Operate within constraints
PSMS. COO, OD and culture
Understands and fulfills their roles in PSMS and COO: 1. Executes PSM S with COO including equipm ent design, transfer of knowledge to plants to operate within constraints, and m aintaining barriers. 2. Com pletes hazard and/or risk reviews, ISD reviews and incorporates RAGAGEP and industry best practices into design. 3. Identifies and advocates for resources to meet PSM S, COO , corporate incident and risk reduction goals
M aintain
PSM S, COO , OD and culture
1. Hires personnel, trains/educates, provides resources, ensures com petency, holds accountable, and provides logical incentives. 2. Pre-qualifies, hires, and m anages contractors. 3. Helps with development of repair procedures.
Significant incidents and near-misses
Reviews significant incidents (internal or external) and near-miss PSM S failures. 1. Ensures appropriate PSM S corrective/preventive actions. 2. Appropriately leverages learnings within or outside the com pany.
Verify
Visibility, reinforcement
1. Participates in hazard/risk reviews, reinforcing good or sound engineering practices. 2. Participates in incident investigations.
M anagement system reviews
1. Ensures PSM S reviews are conducted and improvement plans and goals are established/updated using metrics. 2. Holds subordinates accountable for corrective/preventive action com pletion.
170 | 5 Leadership Roles and Accountabilities
Table 5.4 EH& S Leadership Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Acquires knowledge of m ajor potential consequences and how they can happen. 2. Endorses, supports or owns key programs to safeguard against major potential consequences, e.g., procedures, hot-work perm itting, emergency preparation and response.
Corporate vision and goals
Articulates corporate vision and goals in terms of business drivers and com municates in terms meaningful to workers.
Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
Participates in the development and im plementation of PSMS, CO O, EH& S policies, and requirem ents focusing on building a healthy process safety culture.
Risk Criteria
Helps establish / implement risk criteria. 1. Single scenario risk criteria including determination for safety instrumented systems. 2. Potential cumulative risk criteria.
Operate within constraints
PSMS, COO , OD and culture
Understands and fulfills their roles in PSMS with COO/OD, including: 1. Conducting assessm ents of the efficacy of procedures, hot-work perm itting, emergency preparation and response. 2. Participates in audits 3. Training of personnel on procedures, hot-work perm itting, emergency preparation and response.
Table 5.4: EH& S Leadership Role | 171
Table 5.4 (Continued) EH& S Leadership Role Phase
Focus Area
Accountability
M aintain
PSMS, COO , OD and culture
Stays current on PSM S, COO, OD, good or sound engineering practices, Industry best practices and keeps PSM S, CO O, and OD up to date.
Significant incidents and near-misses
Reviews significant incidents (internal or external) and near-miss PSM S failures. 1. Ensures appropriate PSM S corrective/preventive actions. 2. Appropriately leverages learnings within or outside the com pany.
Visibility, reinforcement
1. Spends time in facilities , reinforces PSMS. 2. Com mem orates significant incidents to reinforce the importance of maintaining barriers. 3. Com municates process safety issues, e.g., goal progress, significant achievements, incident issues.
Verify
M anagement system reviews
Ensures PSM S reviews are conducted and im provement plans and goals are established/updated using metrics. Includes: 1. Audit results of PSM S and COO. 2. Progress against corporate process safety goals, e.g., tier 1 and tier 2 PSE, risk reduction initiatives. 3. Holds subordinates accountable for corrective/preventive action com pletion.
172 | 5 Leadership Roles and Accountabilities
Table 5.5 Research and Developm ent (R& D) Leadership Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Acquires knowledge of m ajor potential consequences and how they can happen. 2. Owns and leads lab scale-up and inherently safer design process to reduce hazards prior to risk reduction analysis. 3. Owns or provides portion of process safety inform ation package content: toxic, physical, reactive and corrosivity data and hazards of the materials involved in the process and the hazards of inadvertent m ixing. 4. Provides or provides access to testing needed for data, e.g., com bustible dust testing, reactivity hazard testing.
Operate within constraints
Corporate vision and goals
Ensures corporate vision for process safety is defined and com municated as it relates to research and development.
Note:
Where R& D Leaders are responsible for laboratories or pilot plant operations they need to follow the responsibilities outlined in the operations leader role tem plate.
Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
Understands and fulfills their roles in PSMS with COO/OD: 1. Com pleting process safety information data, scale-up process, inherently safer design analysis for processes.
Table 5.5: R&D Leadership Role | 173
Table 5.5 (Continued) R& D Leadership Role Phase
Focus Area
Accountability
M aintain
PSMS, COO , OD and culture
1. Hires personnel, trains/educates, provides resources, ensures com petency, holds accountable, and provides logical incentives. 2. Pre-qualifies, hire, and m anage contractors. 3. Helps with the definition of material hazards for hazard and risk analysis
Significant incidents and near-misses
Reviews significant incidents (internal or external) and near-miss PSM S failures. 1. Ensures appropriate PSM S corrective/preventive actions. 2. Leverages learnings in area of responsibility.
Verify
Visibility, reinforcement
1. Participates in hazard/risk reviews, reinforcing good or sound engineering practices. 2. Participates in incident investigations.
M anagement system reviews
Ensures PSM S reviews are conducted and im provement plans and goals are established and updated using metrics.
174 | 5 Leadership Roles and Accountabilities
Table 5.6 Purchasing Leadership Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
Acquire knowledge of major potential consequences and how they can happen.
Corporate vision and goals
Ensures corporate vision for process safety is defined and com municated as it relates to purchasing.
Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
Ensures PSM S purchasing policies, requirem ents and systems are developed and implemented for: 1. Purchase, fabrication and inspection of equipm ent and materials in accordance with good or sound engineering practices and design/repair specifications. 2. Purchase of equipment from prequalified, approved suppliers. 3. Purchase of services with prequalification for com petency of acceptable PSMS, COO, and OD or to perform within constraints of hiring com pany’s PSM S, CO O, and OD.
Operate within constraints
PSMS, COO , OD and culture
Understands and fulfills their roles in PSMS and COO/OD: Execution of PSM S with COO and OD for purchasing.
Table 5.6: Purchasing Leadership Role | 175
Table 5.6 (Continued) Purchasing Leadership Role Phase
Focus Area
Accountability
M aintain
PSMS, COO , OD and Culture
1. Hires personnel, trains/educates, provides resources, ensure competency, holds accountable, and provides logical incentives. 2. Pre-qualifies, hires, and m anages contractors/services. 3. Updates Purchasing PSM S, COO and OD with incident learnings. 4. Holds subordinates accountable for corrective/preventive action com pletion.
Significant incidents and near-misses
Reviews significant incidents (internal or external) and near-miss PSM S failures. 1. Ensures appropriate PSM S corrective/preventive actions. 2. Leverages learnings in area of responsibility.
Verify
Visibility, reinforcement
1. Conducts reviews with purchasing agents to ensure PSM S is appropriately being perform ed with COO and OD. 2. Participates in incident investigations where purchasing PSM S failures occurred.
M anagement system reviews
1. Ensures PSM S reviews are conducted and improvement plans and goals are established and updated using metrics. 2. Holds subordinates accountable for corrective/preventive action com pletion.
176 | 5 Leadership Roles and Accountabilities
Table 5.7 Hum an Resources Leadership Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
Acquires knowledge of major potential incident consequences and how they can happen.
Corporate vision and goals
Ensures corporate vision for process safety is defined and com municated as it relates to Human Resources (HR).
Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
Ensures PSM S, CO O, and OD HR policies, requirem ents and systems are developed and implemented for all roles in this chapter: 1. Com petency profiles for roles handling hazardous m aterials or responsible for control of risks. 2. Hiring and on-boarding processes for Operations, Engineering, EH& S and Research and Development roles. 3. Performance evaluation processes for operations and roles with PSM S andCOO responsibilities. 4. Fatigue and substance abuse policies and program s. 5. Training programs for operations and support roles fully address PSMS training requirem ents and control of risks.
Operate w/in constraints
PSMS, COO , OD and culture
Understands and fulfills their roles in PSMS with COO and OD: Execution of PSM S for HR with CO O and OD.
Table 5.7: Human Resources Leadership Role | 177
Table 5.7 (Continued) Human Resources Leadership Role Phase
Focus Area
Accountability
M aintain
PSMS, COO , OD and culture
1. Hires, trains/educates, provides resources, ensures com petency, holds accountable, provides logical incentives, pre-qualifies, hires, and manages contractors/services. 2. Updates HR portions of the PSM S with incident learnings.
Significant incidents and near-misses
Reviews significant incidents (internal or external) and near-miss PSM S failures. 1. Ensures appropriate PSM S corrective/preventive actions. 2. Leverages learnings in area of responsibility.
Verify
Visibility, reinforcement
1. Conducts reviews with HR personnel to ensure PSM S is appropriately being perform ed with CO O and OD. 2. Participates in incident investigations where HRMS failures occurred.
M anagement system reviews
1. Ensures PSM S reviews are conducted and improvement plans and goals are established/updated using metrics. 2. Holds subordinates accountable for corrective/preventive action com pletion.
178 | 5 Leadership Roles and Accountabilities
Table 5.8 Plant Superintendent Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Acquires in-depth knowledge of process, specific scenarios and barriers. 2. Implem ents systems and m onitors to ensure barriers implemented, operated within their constraints and m aintained.
Corporate vision and goals
1. Sets the exam ple in following vision and m eeting goals. 2. Articulates vision and goals in term s of business drivers and com municates in terms meaningful to workers.
Operate within constraints
Process safety m anagem ent system (PSMS), conduct of ops (COO), operating discipline (OD) and culture
1. Defines and Implements plant-specific PSMS, COO and OD.
PSMS, COO , OD and culture
Understands, fulfills their roles in PSMS, COO and OD:
2. Ensures implementation of risk reduction measures from incidents, assessm ents or reduction initiatives/goals.
1. Manages/leads frontline resources (operators, maintenance) in use of OD within PSM S. 2. Ensures barriers are operated within their constraints (OD). 3. Ensures OD is kept up to date, e.g., procedures. 4. Participates in PSM S, COO and OD including hazard assessm ents, risk reviews, MOC, PSSR, etc. 5. Maintains process safety information. 6. Advocates for resources to meet PSMS, COO and OD.
Table 5.8: Plant Superintendent Role | 179
Table 5.8 (Continued) Plant Superintendent Role Phase
Focus Area
Accountability
M aintains
PSMS, COO , OD and culture
1. Hires, trains and educates resources, ensures com petency in OD, holds accountable. 2. Maintains sense of vulnerability and m aintains com mitm ent, keeps corporate m emory alive. 3. Ensures barriers are m aintained (OD): inspected, tested, calibrated, etc., and they are m aintained to be fit for s ervice. 4. Ensures COO and utilization of OD. 5. Resolves and/or escalates issues, including stopping work.
Incidents and near-misses
Reports incidents and participates in Investigations of incidents and nearm isses. 1. Ensures appropriate PSM S corrective and preventive actions. 2. Escalates significant and high potential near-misses
Verify
Visibility, reinforcement
1. Spends time in field, with ability to recognize hazards in the field. 2. Ensures barriers are being operated within their constraints and m aintained. 3. Ensures actions from incidents, assessm ents, etc., are implemented.
PSMS efficacy evaluations
1. Participates in and prepares for audits , m anagem ent system reviews. 2. Provide data for metrics, PSM S efficacy tracking, corporate improvement planning and goals. 3. Holds subordinates accountable for corrective/preventive action com pletion.
180 | 5 Leadership Roles and Accountabilities
Table 5.9 Maintenance Leadership Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Acquires knowledge of process, specific m ajor scenarios and barriers. 2. Acquires in-depth knowledge of equipm ent m aintenance good or sound engineering practices to prevent incidents.
Corporate vision and goals
1. Sets the exam ple in following vision and m eeting goals. 2. Articulates in terms of business drivers and com municates in terms m eaningful to workers.
Operate within constraints
Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
1. Defines and Implements technology specific PSM S, COO and OD, including acceptance criteria for inspection, testing, calibration and repair of safety system s.
PSMS, COO , OD and culture
Understands, fulfills their roles in PSMS, COO and OD:
2. Implem ents applicable risk reduction m easures from incidents, assessm ents or reduction initiatives/goals.
1. Manages/leads frontline resources (m aintenance/crafts) in use of OD within PSMS. 2. Ensures barriers are inspected, tested, calibrated, etc. 3. Keeps asset integrity OD up to date, e.g., procedures. 4. Participates in PSM S, COO , andOD including hazard assessm ents, risk reviews, MOC, PSSR etc. 5. Advocates for resources to meet PSMS, COO , and OD.
Table 5.9: Maintenance Leadership Role | 181
Table 5.9 (Continued) Maintenance Leadership Role Phase
Focus Area
Accountability
M aintain
PSMS, COO , OD and culture
1. Hires, trains/educates resources, ensures com petency in OD, holds accountable. 2. Maintains sense of vulnerability and m aintains com mitm ent, keeps corporate m emory alive. 3. Ensures barriers are m aintained consistent with good or sound engineering practices. 4. Ensures COO and utilization of OD. 5. Resolves and/or escalates issues, including stopping work.
Incidents and near-misses
Reports and participates in Investigation of maintenance related incidents and near-misses. 1. Ensures appropriate PSM S corrective/preventive actions. 2. Escalates significant and high potential near-misses.
Verify
Visibility, reinforcement
1. Spends time in field, has ability to recognize hazards in the field. 2. Ensures barriers are being operated within their constraints and m aintained. 3. Ensures actions from incidents, assessm ents, etc., are implemented.
PSMS efficacy evaluations
1. Participates in and prepares for audits , m anagem ent system reviews. 2. Provides data for metrics, PSM S efficacy tracking, corporate improvement planning and goals. 3. Holds subordinates accountable for corrective/preventive action com pletion.
182 | 5 Leadership Roles and Accountabilities
Table 5.10 Plant Engineer Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Acquires in-depth knowledge of process, specific scenarios and barriers. 2. Understands processes and tools for ensuring barriers are implemented, operated within their constraints and m aintained.
Operate within constraints
M aintain
Corporate vision and goals
Analyzes, defines and implem ents specific projects or initiatives to meet goals.
PSMS, COO and Culture
Im plements risk reduction m easures from incidents, assessm ents or reduction initiatives/goals.
Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
Understands, fulfills their roles in PSMS, COO and OD:
PSM S, COO , OD and culture
1. Ensures barriers are m aintained (OD): inspected, tested, calibrated, etc., and are m aintained to be fit for service.
1. Ensures barriers are operated with their constraints (OD). 2. Keeps OD up to date, e.g., procedures. 3. Participates in PSM S, COO , and OD including hazard assessm ents, risk reviews, MOC, PSSR, training, etc. 4. Maintains process safety information packages.
2. Ensures COO and utilization of OD. 3. Resolves and/or escalates issues, including stopping work.
Table 5.10: Plant Engineer Role | 183
Table 5.10 (Continued) Plant Engineer Role Phase
Focus Area
Accountability
M aintain (Continued)
Incidents and near-misses
Reports and participates in Investigation of incidents and near-misses. 1. Ensures appropriate PSM S corrective/preventive actions. 2. Escalate significant and high potential near-misses.
Verify
Visibility, reinforcement
1. Spends time in field, has ability to recognize hazards in the field. 2. Ensures barriers are being operated within their constraints and m aintained. 3. Ensures actions from incidents, assessm ents, etc., are implemented.
PSMS efficacy evaluations
1. Participates in and prepares for audits , m anagem ent system reviews. 2. Provides data for metrics, PSM S efficacy tracking, corporate im provement planning and goals.
184 | 5 Leadership Roles and Accountabilities
Table 5.11 Plant O perator Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Acquires in-depth knowledge of process, specific scenarios and barriers. 2. Understands processes and tools for ensuring barriers are implemented, operated within their constraints and m aintained.
Corporate vision and goals
1. Understands corporate vision and goals as they relate to the plant. 2. Participates in project teams and initiatives to im prove perform ance and m eet goals.
Operate within constraints
PSMS, COO/OD, Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
Participates in the development and/or review of plant specific PSM S, COO, and OD.
PSMS, COO , OD and culture
Understands, fulfills their roles in PSMS with COO and OD: 1. B arriers are operated with their constraints (OD). 2. Follows COO and plant operation OD faithfully or stops work to perform assessm ent and define appropriate path forward. 3. Performs job safety analysis in preparation for tasks.
Table 5.11: Plant Operator Role | 185
Table 5.11 (Continued) Plant O perator Role Phase
Focus Area
Accountability
Operate within constraints (Continued)
PSMS, COO , OD and culture (Continued)
4. Issues perm its to work with full understanding of process hazards, ensures hazards are properly addressed and ensures maintenance personnel understand hazards and follow appropriate control protocols. 5. Participates in PSM S, COO , and OD including hazard assessm ents, risk reviews, MOC, PSSR, training, etc. 6. Com municates between shifts for the deficiency of safety-critical equipment, tem p M OC, override, etc.
Operate w/ Constraints
Visibility, reinforcement
Spends time in field: rounds, readings, equipm ent inspections, escalates issues found, e.g., incipient stage corrosion needing m itigation.
M aintain
PSM S, COO , OD and culture
1. Ensures barriers are m aintained (OD): inspected, tested, calibrated, etc., and are m aintained to be fit for service, e.g., operators m ay have certain inspections needing to be completed prior to a startup. 2. Identifies/resolves and/or escalates issues/barriers needed to operate within constraints. 3. Suggests changes to OD to address unrecognized hazards or optim ization opportunities, e.g., procedures. 4. Ensures procedures are updated when needed.
186 | 5 Leadership Roles and Accountabilities
Table 5.11 (Continued) Plant O perator Role Phase
Focus Area
Accountability
M aintain (Continued)
Incidents and near-misses
Reports and participates in Investigation of incidents and near-misses. 1. Ensures appropriate PSM S corrective/preventive actions. 2. Escalates significant and high potential near-misses
Verify
PSM S efficacy evaluations
1. Provides data for metrics, PSM S efficacy tracking, corporate im provement planning and goals.
Table 5.12: Maintenance Technician Role | 187
Table 5.12 Maintenance Technician Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Acquires knowledge of process, specific scenarios and barriers in the plants they support. 2. Acquires in-depth knowledge of m aintenance procedures and specifications related to prevent the release of m aterial or energy.
Corporate vision and goals
1. Understands corporate vision and goals as they relate to the plants they support. 2. Participates in project teams and initiatives to im prove perform ance and m eet goals.
Operate within constraints
Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
Participates in the development and/or review of technology specific m aintenance PSMS, COO , and OD including acceptance criteria for inspection, testing, calibration and repair of safety system s
PSMS, COO , OD and culture
Understands, fulfills their roles in PSMS with COO and OD: 1. Follows COO and OD faithfully or stops work to define an appropriate path forward. OD is kept up to date, e.g., m aintenance procedures such as proper assembly and integrity check of pressure equipm ent after intrusive work, proper calibration and return to service of safety instrumented system.
188 | 5 Leadership Roles and Accountabilities
Table 5.12 (Continued) Maintenance Technician Role Phase
Focus Area
Accountability
Operate within constraints (Continued)
PSMS, COO , OD and culture (Continued)
2. Follows safe work perm it controls faithfully or stops work to define an appropriate path forward.
M aintain
PSMS, COO , OD and culture
3. Participates in PSM S, COO , and OD including hazard assessm ents, risk reviews, MOC, PSSR, training, etc. 1. Ensures barriers are m aintained (OD): inspected, tested, calibrated, etc., and are m aintained to be fit for service. 2. Identifies/resolves and/or escalates issues/barriers needed to operate within constraints (e.g., fitness-for-service evaluations). 3. Ensures equipment is repaired according to good or s ound engineering practices. Visibility, reinforcement
Spends time in field: equipment inspections, escalates issues found, e.g., incipient stage corrosion needing m itigation.
Incidents and near-misses
Reports and participates in Investigation of incidents and near-misses. 1. Ensures appropriate PSM S corrective/preventive actions. 2. Escalates significant and high potential near-misses.
Verify
PSMS efficacy evaluations
1. Provides data for metrics, PSM S efficacy tracking, corporate improvement planning and goals.
5BCMF1SPDFTT4BGFUZ4QFDJBMJTU3PMF | 189
Table 5.13 Process Safety Specialist Role Phase
Focus Area
Accountability
Deploy
Hazards and risks
1. Acquires in-depth knowledge of hazard/risk evaluation and m itigation, appropriate good or sound engineering practices and industry best practices. 2. Endorses, supports or owns key programs to safeguard against major potential consequences (e.g., hazard/ risk evaluation processes).
Corporate vision and goals
1. Assists with the establishment of corporate goals and risk reduction initiatives and plans to m eet them. 2. Articulates corporate vision and goals in term s of business drivers and com municates in terms meaningful to workers.
Process safety m anagem ent system (PSMS), conduct of operations (COO), operating discipline (OD) and culture
Participates in the development and im plementation of PSMS, CO O engineering policies, requirements focusing on building a healthy process safety culture.
Risk Criteria
Helps with development of risk criteria. 1. Defines/implements single scenario risk criteria for sem i-quantitative risk analysis and specification of safety instrumented systems across the enterprise. 2. May define and im plement cum ulative risk criteria for quantitative risk analysis and validate single scenario risk criteria
190 | 5 Leadership Roles and Accountabilities
Table 5.13 (Continued) Process Safety Specialist Role Phase
Focus Area
Accountability
Operate within constraints
PSMS, COO , OD and culture
Understands and fulfills their roles in PSMS with COO and OD, including: 1. Conducting hazard/ risk assessm ents. 2. Participates in audits. 3. Trains personnel on process safety risk assessm ent and management.
M aintain
PSM S, COO , OD and culture
Stays current on PSM S, COO and OD, good or sound engineering practices, Industry best practices and keeps PSM S, COO , and OD up to date.
Significant Incidents and near-misses
Reviews significant incidents (internal or external) and near-miss PSM S failures. 1. Ensures appropriate PSM S corrective and preventive actions. 2. Appropriately leverages learnings within or outside the com pany.
Visibility, reinforcement
1. Spends time in facilities , reinforces PSMS. 2. Com mem orates significant incidents and importance of m aintaining barriers. 3. Com municates process safety issues (e.g., goal progress, significant achievements, incident issues).
Verify
M anagem ent system reviews
Ensures PSM S reviews are conducted and im provement plans and goals are established/updated using metrics. Includes verifying: 1. Audit results of PSM S, COO, and OD. 2. Progress against corporate process safety goals such as: tier 1 and tier 2 PSE, risk reduction Initiatives.
1SPDFTT4BGFUZ-FBEFSTIJQGSPNUIF#PBSESPPNUPUIF'SPOUMJOF By 5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST Copyright¥5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST
6 DEPLOYIN G PROCESS SAFETY LEADERSHIP ACCOUN TABILITY AN D RESPON SIBILITY An important starting point in the development, implementation and on-going execution of the PSMS with COO and OD is to ensure that knowledgeable people are available, accountable and responsible for carrying out all required tasks. Without clearly defined responsibilities assigned to personnel, you can only assume or hope that the proper com ponents of the PSMS are actually being carried out with COO and O D. A RACI matrix is one way that a team can clearly lay out roles and responsibilities for any activity or group of activities. The acronym RACI stands for: R=Responsible: Those who do the work to achieve the task. A=Accountable: The one ultimately answerable for the correct and thorough com pletion of the deliverable or task, and the one who delegates the work to those responsible.
191
192 | 6 Deploying PS Leadership Accountability and Responsibility
C=Consulted: Those whose opinions need to be sought, typically subject m atter experts. Consulting implies twoway communication before the task or decision can be com pleted. I=Inform ed: Those who are kept up-to-date on progress. This m ay often be only on initiating and/or com pleting the task or deliverable. Generally, this is just one-way com munication. For certain roles, the person accountable for a task or deliverable may also be responsible for com pleting all or part of it. For exam ple, a senior executive who articulates the vision to their leadership team would clearly also be responsible alongside their team for deploying it through the organization. In that exam ple, each mem ber of the leadership team , including the accountable senior leader, would have specific responsibilities. Outside of this exception, it is generally recomm ended that each role in the project or each task in the process is designated with only one of the participation types. Table 6.1 shows an exam ple RACI Matrix for a corporate process safety leadership team . Table 6.2 shows an exam ple RACI Matrix for an operations leadership team of an organization with multiple facilities. Team m embers m ay be part of the core team or part of an extended team when their facility or area of operation is involved. B oth tables may be downloaded from www.aiche.org/ccps/publications/leadership. These are only examples. Your team , and every leadership team throughout the organization, is ultim ately responsible for designating the PSMS r esponsibilities appropriate to them!
Table 6.1: Corporate Process Safety Leadership Team RACI Matrix | 193
Table 6.1: Corporate Process Safety Leadership Team RACI M atrix
Senior Executive
Operations L eader
Plant Superintendent
M aintenance L eader
Engineering L eader
Process Safety Specialist
R& D Leader
Purchasing L eader
Human Resources L eader
Process Safety M anagement System Leadership RACI M atrix
A
R
I
I
C
C
C
C
C
I
A, R
C
C
R
C
R
R
R
A
R
I
I
R
C
C
I
I
A
R
I
I
C
C
C
C
C
A
R
R
R
R
C
R
R
R
I
A
C
C
R
C
R
R
R
I
A
R
R
R
R
R
R
R
Role
Activity Establish corporate. vision and goals for process safety. Articulate vision and goals in terms of business drivers and com municate in terms m eaningful to workers. Establish corporate risk criteria. Develop PSMS and COO policies, system s, requirem ents, and KPIs. Understand major potential consequences and how they can happen. Endorse and support key programs to safeguard against m ajor potential consequences. Im plement PSM S and COO policies, systems, requirem ents, and KPIs.
194 | 6 Deploying PS Leadership Accountability and Responsibility
Table 6.1 (Continued): Corporate Process Safety Leadership Team RACI Matrix
Executive Leader
Operations Leader
Plant Superintendent
Engineering Leader
Process Safety Specialist
R& D Leader
Purchasing Leader
Human Resources Leader
Process Safety M anagement System Leadership RACI M atrix
I
A, R
C
C
R
R
R
R
R
I
A
R
R
R
R
R
R
R
A
R
C
C
R
C
R
R
R
Activity Define and implement systems and tools to verify that required barriers are in place, operated within their constraints, and m aintained. Execute PSMS with COO/OD including hazard assessm ents, risk reviews, M OC, PSSR, training, procedures, inspections, etc. Ensure PSM S reviews are conducted. Conduct PSM S reviews. Establish and update im provement plans and goals using m etrics.
M aintenance Leader
Role
Table 6.1: Corporate Process Safety Leadership Team RACI Matrix | 195
Table 6.1 (Continued): Corporate Process Safety Leadership Team RACI Matrix
Executive Leader
Operations Leader
Plant Superintendent
Engineering Leader
Process Safety Specialist
R& D Leader
Purchasing Leader
Human Resources Leader
Process Safety M anagement System Leadership RACI M atrix
I
A
R
R
R
C
R
R
R
AR
R
R
R
R
R
R
R
R
A
R
C
C
R
C
R
R
R
I
A
R
R
R
C
R
I
I
I
A
R
R
R
C
R
I
I
Activity Participate in and prepare for audits and PSMS reviews. Provide data for metrics, PSM S efficacy tracking, corporate im provement planning and goals. Spend time in facilities for area of responsibility, reinforce PSM S. Allocate financial and human resources to execute the PSM S with COO/OD. Identify and advocate for resources to meet PSMS, corporate incident, and risk reduction goals. Hire, train/educate human resources, ensure com petency in OD, hold accountable.
M aintenance Leader
Role
196 | 6 Deploying PS Leadership Accountability and Responsibility
Table 6.1 (Continued): Corporate Process Safety Leadership Team RACI Matrix
Report and participate in Investigation of incidents and nearm isses. Investigate incidents and near-miss PSM S failures. 1. Ensure appropriate PSMS corrective / preventive actions. 2. Escalate significant and high potential near-misses. 3. Recom mend appropriate leveraging within/outside the com pany. Review significant incidents (internal or external) and nearm iss PSM S failures. Prioritize and fund risk reduction initiatives to m eet corporate incident and risk goals and criteria.
Process Safety Specialist
Engineering Leader
Plant Engineer
Reliability Engineer
Human Resources Leader
M aintenance Leader
Activity
Operations Leader
Role
Plant Superintendent (s)
Process Safety M anagement System Leadership RACI M atrix
I
I
A
A
A
C
A
R
R
I
A
R
R
R
R
R
R
R
A
R
R
R
R
R
R
R
R
A
R
R
C
I
C
R
I
I
Table 6.2: Operations Leadership Team RACI Matrix | 197
Table 6.2: Operations Leadership Team RACI Matrix
Plant Superintendent (s)
M aintenance Leader
Human Resources Leader
Reliability Engineer
Plant Engineer
Engineering Leader
A, R
C
C
C
I
I
I
C
A
R
R
C
C
C
I
C
A
R
R
R
R
R
I
R
A
R
R
R
I
I
C
C
A
R
R
R
I
I
C
C
Role
Activity
Articulate corporate vision and goals in terms of business drivers and com municate in terms m eaningful to workers. Develop PSMS, COO policies, requirements, systems and KPIs. Understand major potential consequences and how they can happen. Endorse and support key programs to safeguard against m ajor potential consequences. Im plement PSM S, COO policies, requirements, systems and KPIs.
Process Safety Specialist
Operations Leader
Process Safety M anagement System Leadership RACI M atrix
198 | 6 Deploying PS Leadership Accountability and Responsibility
Table 6.2 (Continued): Operations Leadership Team RACI Matrix
Plant Superintendent (s)
M aintenance Leader
Human Resources Leader
Reliability Engineer
Plant Engineer
Engineering Leader
A, R
R
R
R
C
C
C
C
A
R
R
R
R
R
C
C
A
R
R
C
C
C
C
R
Role
Activity
Define and implement systems and tools to verify that required barriers are in place, operated within their constraints and m aintained. Execute PSMS with COO/OD, including hazard assessm ents, risk reviews, M OC, PSSR, training, procedures, inspections, etc. Ensure PSM S reviews are conducted, conduct PSM S reviews, establish/updates im provement plans and goals using m etrics.
Process Safety Specialist
Operations Leader
Process Safety M anagement System Leadership RACI M atrix
Table 6.2: Operations Leadership Team RACI Matrix | 199
Table 6.2 (Continued): Operations Leadership Team RACI Matrix
Plant Superintendent (s)
M aintenance Leader
Human Resources Leader
Reliability Engineer
Plant Engineer
Engineering Leader
A, R
R
R
R
C
C
C
C
AR
R
R
R
R
R
R
R
A
R
R
C
C
C
I
C
I
A
R
R
C
C
I
C
A
R
R
R
C
C
I
C
Role
Activity
Participate in and prepare for audits, m anagem ent system reviews. Provide data for metrics, PSM S efficacy tracking, corporate im provement planning and goals. Spend time in facilities for area of responsibility, reinforce PSM S. Allocate financial and human resources to execute the PSM S with COO/OD. Identify and advocate for resources to execute the PSM S with COO/OD and meet corporate incident and risk reduction goals. Hire, train/educate human resources, ensure com petency in OD, hold accountable.
Process Safety Specialist
Operations Leader
Process Safety M anagement System Leadership RACI M atrix
200 | 6 Deploying PS Leadership Accountability and Responsibility
Table 6.2 (Continued): Operations Leadership Team RACI Matrix
Plant Superintendent (s)
M aintenance Leader
Human Resources Leader
Reliability Engineer
Plant Engineer
Engineering Leader
I
A
R
I
R
R
I
C
A
R
R
I
C
C
I
C
A
R
R
R
R
R
R
R
A
R
R
I
C
C
C
C
Role
Activity
Report and participate in investigation of incidents and nearm isses. Investigate incidents and near-miss PSM S failures. 1. Ensure appropriate PSMS corrective / preventive actions. 2. Escalate significant and high potential near-misses. 3. Recom mend appropriate leveraging to the right level within/outside the com pany. Review significant incidents (internal or external) and nearm iss PSM S failures. Prioritize and fund risk reduction initiatives to m eet corporate incident and risk goals and criteria.
Process Safety Specialist
Operations Leader
Process Safety M anagement System Leadership RACI M atrix
1SPDFTT4BGFUZ-FBEFSTIJQGSPNUIF#PBSESPPNUPUIF'SPOUMJOF By 5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST Copyright¥5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST
7 MAKE IT HAPPEN Harold Fisher, a pioneer in the industry-wide initiative to implement the discipline of process safety in the 1980s said m ore than once, “Process safety isn’t rocket science. It’s considerably harder” (Ref. 7.1). Certainly, chem ical plants, refineries, and other hazardous material processes do not intentionally lift off the ground and travel at m ore than 17,000 m iles per hour, and no m anufacturing com pany will accept m ore than a tiny fraction of the risk of space flight. Regardless of which is harder, the leadership and technical challenges of astronautics closely parallel the challenges of process safety in that both require diligence to keep hazards away from people. What m akes process safety particularly hard is not the technical difficulty. It is the leadership necessary for it to succeed. That is where you come in, regardless of your role in the organization. As you start on your process safety leadership journey, it may help to walk in the footsteps of two great safety leaders. Put one of your feet in USA President John F. Kennedy’s shoe. In M ay 1961, Kennedy declared the goal of “…landing a man on the Moon and returning him safely to Earth. (Em phasis added).” (Ref. 7.2). Kennedy did not have to add the second half of that sentence in com m unicating this national goal. B ut by
201
202 | 7 Make it Happen
doing so, he placed safety on the same level as the goal of reaching the Moon and laid the groundwork for a safety culture within NASA. Put your other foot in Admiral Hyman G. Rickover’s shoe. Rickover founded and, for many years, led the US Navy nuclear propulsion program. Rickover recognized that the significant potential consequences inherent to nuclear power required both a strong culture and disciplined operations. The sense of vulnerability and discipline established by Rickover continues to pass to succeeding generations of naval leaders. To this day, the US Navy has not experienced a single non-com bat loss of containm ent incident. The often-quoted Rickover’s Rules 3 closely m atch the principles of process safety leadership (Ref. 7.3): Rule 1: You m ust have a rising standard of quality over time, and well beyond what is required by any m inim um standard. Rule 2: People running complex system s should be highly capable. Rule 3: Supervisors have to face bad news when it com es and take problem s to a level high enough to fix those problems. Rule 4: You must have a healthy respect for the dangers and risks of your particular job. Rule 5: Training m ust be constant and rigorous.
3
Adm. Rickover stated his leadership rules on many occasions, albeit with slight variations in phrasing and number of rules. This version of Rickover’s Rules was excerpted from a reference oriented to process safety.
7 Make it Happen | 203
Rule 6: All the functions of repair, quality control, and technical support must fit together. Rule 7: The organization and m embers thereof m ust have the ability and willingness to learn from m istakes of the past. Remem ber that a process safety incident is one of the few things that can completely stop your ability to produce. Therefore, in your leadership role, you m ust put process safety at the sam e level as, and even above, your other business goals in everything you think, act, and speak. Having done so, you m ust then execute your role com petently and diligently and ensure that those around you do the same. Fig. 7.1 summ arizes the process safety leadership m odel leaders should follow. Figure 7.1 The Process Safety Leadership M odel Hazards Risk Criteria
Knowledge
PSMS
Conduct of Operations Consequences Culture
Sense of Vulnerability
204 | 7 Make it Happen
In the center of Fig. 7.1 is the familiar swiss cheese model, showing the barriers which prevent hazards from escalating into process safety incidents with adverse consequences. The upper right em phasizes the leadership role in implementing the barriers, which is enabled by the risk criteria that have been set. The lower left em phasizes the leadership role in maintaining barriers. Leaders m ust take their knowledge of hazards and technology and their sense of vulnerability to potential consequences and use them to drive the PSMS with strong conduct of operations (COO ) and operational discipline (O D). Doing all of this will lead to a strong process safety culture. Each com pany and each facility have different organizational structures and process hazards. So only your leader, your B oard, your peers, and you and your team can determ ine your specific responsibilities and accountabilities. Whatever your process safety leadership role, you need to: Recognize process safety hazards and m aintain your sense of vulnerability, Understand and im plem ent the barriers needed to control these hazards to the corporate risk criteria, Drive disciplined adherence to the PSMS to ensure that processes under your control operate within their constraints and that barriers are m aintained, Learn from incidents, near-m isses, and employee involvement, and correct defects as they are identified, M onitor KPIs and verify perform ance, Focus on the details; and Drive a culture of continual im provement.
7 Make it Happen | 205
As a senior executive, you m ust serve faithfully as the “Chief Process Safety Officer.” You must: Establish the process safety systems, policies, and m etrics,
vision,
managem ent
Establish and implem ent corporate risk criteria and lead the risk review process, Drive COO and O D through all corporate businesses and facilities and hold your leadership accountable for the same, Ensure that appropriate and sufficient capital, leadership, m anagement, and technical resources needed for process safety are available; and Remain engaged through management review, site visits and corporate communications. As a m id-level leader, you m ust act professionally as the process safety leader of the operations under your control or influence. You m ust: Echo and reinforce the corporate vision, and lead implementation of process safety goals and the PSMS in your facilities, Collect, report, and act on metrics, Drive and verify COO and O D within your facilities, Ensure that appropriate and sufficient capital, leadership, m anagement, and technical resources needed for process safety are available, and advocate for retaining adequate resources in times of financial stress; and Engage continually through m anagement review, site/unit visits, and communications.
206 | 7 Make it Happen
As a frontline leader, you must live the corporate process safety culture, goals, and policies. Employees look to you to see if senior leadership is serious about process safety. You therefore have a make-or-break role for process safety. You must: Drive COO and OD in everything your team and you do, Maintain the sense of vulnerability of your team and actively com bat the normalization of deviance, Remain alert and aware for incident warning signs, Execute the PSMS faithfully and professionally; and Alert m anagement prom ptly of any gaps in capital, leadership, m anagement, and technical resources needed for process safety. As an individual contributor, you ultimately m ake the difference every day to ensure that the PSMS is executed correctly and reliably. You m ust: Execute your duties with professionalism, ensuring that you complete all your PSM S requirements, Alert your m anagement of resource constraints and any emerging problem s, Use your stop-work authority to shut down whenever the process appears to be trending in an unsafe direction, and trust your gut and shut down when you think there m ay be a problem but you’re not sure, Lead your peers, and call out and correct unsafe behaviors whenever you observe them; and Hold your leadership accountable for responding to feedback given as part of workforce involvem ent activities.
7.1 References | 207
Regardless of your level, process safety leadership does not just happen. As discussed throughout this book, you m ust go beyond stating strong support for “safety.” You m ust implement your process safety responsibilities with rigor and professionalism . That requires commitment, planning, diligence, and consistency. The downloadable electronic files provided with this book at www.aiche.org/ccps/publications/leadership provide tools you m ay use to plan your personal development, your personal goals, your team ’s goals, and your leadership actions. You will find it useful to refer back to Table 4.4, Indicators of Effective COO/OD Systems. Process safety is a moral imperative, and that m akes it a leadership imperative as well. However, this imperative com es with benefits: to the top line, the bottom line, shareholder value, long-term sustainability of the com pany, and leadership excellence. Leaders at m any com panies have for a long time said, “Nothing is more important than safety.” Certainly, safety is paramount. However, here’s the takeaway for com panies that handle and process hazardous m aterials: N o leadership is m ore im portant than process safety leadership.
7.1 References 7.1
Fisher, H.G., Personal com munication.
7.2
Kennedy, J.F., Speech to Congress (of the USA), May 26, 1961.
7.3
Paradies, M., Has Process Safety Management Missed the Boat? AIChE, Process Safety Progress, Vol. 30, No. 4, 2011.
1SPDFTT4BGFUZ-FBEFSTIJQGSPNUIF#PBSESPPNUPUIF'SPOUMJOF By 5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST Copyright¥5IF"NFSJDBO*OTUJUVUFPG$IFNJDBM&OHJOFFST
Index Accountabilities, 73–76, 128 deploying, 191–200 in leadership, 30–34, 161–190 Active failures, 25–26 Administrative controls, 100 Analyses, 35, 36 of hazards and risks, 98–100 Asset integrity (AI), 113–114, 122 Audits, 51, 139–141 external, 44 B alance sheet, 3–4 B ands of risk, 97–98 B arriers, xix, 22–25 failed, 26, 143–145 identifying, 94–101 independent, 101 m aintaining, 204 m anaging, 102–127 preventive, 24, 26 status of, xxiii understanding and im plementing, 204 weakened, 26 B ehavioral issues, 104
209
210 | Index
B enefits. See also Organizational benefits financial, 8 loss prevention among. 5–6 of process safety, xxiv, 2 B iases generational, 90–91 sector, 87–89 B usiness case, for process safety, 1–12 B usiness flexibility, 4–5, 10 B usiness interruption loss, 6 Capital cost, 115–116 Capital efficiency, 8 Cardinal rules, 87 Case histories, 89, 132 Cash, draining, 5 Catastrophic incidents, 16, 22, 155 CCPS, 18, 19, 54, 65, 86, 103, 113, 128 Center for Chem ical Process Safety (CCPS), vi. See also CCPS Chief executive officer (CEO), 18, 50, 51 obligations of, 31 Co-em ployment issues, 136 Com mitment, projecting, 72 Com munication(s), vi, xv, 81, 82–83 with community, 156 with inspiration, 80–91 in the MOC process, 121–122
Index | 211
open and frank, 80–83 two-way, 59 Com munication skills, 83 Com munity, comm unication with, 156 Com munity stakeholders, 155 Com panies interacting with, 155 weakening, 5 Com petency of leaders, 60–71 m anaging, 127–138 sharing, 67 Com petency analysis, 128 Com petency gaps, 65, 128–129 Com petency requirements, 65 Com placency, fighting, 61–62 Com pleted staff work doctrine, 68–69 Com pliance, 39–43, 112. See also Thoughtful com pliance regulatory, 43–44 Com prehensive Management Reviews, 147 Conduct of operations (COO ), 102–110, 191 effective, 108–110 good practices of, 107 status of, 104–105 Connected operations, 80–83 Connections, m aintaining, 80–83 Consequence/frequency–risk function, 22, 25, 95
212 | Index
Consequences, reducing, 98 Consistency, 78–79 Consulting, 192 Continual improvement, 146–150, 204 Contractor com petency, 136 Contractor leadership, 138 Contractor management, 135–138 Contractors, 8 Conviction, 71–73 COO/OD evaluation tools, 108, 191. See also Conduct of operations (CO O); Operational discipline (O D) Core principles, 151–152 for process safety culture, 54–55 Corporate m emory, 29–30 Corporate Process Leadership Team RACI m atrix, 193–196 Corporate risk review process, 106 Corporate social responsibility, 2–4, 9–10 Corporate standards, 111 Cost(s) avoiding, 22 capital vs. m aintenance, 115–116 m aintenance, 8 production, 8 remediation, 6 via fines and litigation, 6 Cost-cutting, 34–35 Cost flow, 6–7 Courage, 71–73
Index | 213
“Creeping Changes,” 123 CSA Z767 standard, 43 Cultural interactions, 156 Culture assessing and advancing, 70–71 building and strengthening, 151–157 creating, 54–55 of deference, 78 driving, 147 hierarchical, 82 impact on, 76 m onitored, 141, 142 strong and weak, 139–140 strong process safety, 74 Culture core principles, 151–152 Customers helping, 8 outreach to, 156 Deference, culture of, 78 Deployment, of accountability and responsibility, 191–200 Developing others, 64–67 Deviance, norm alization of, 70, 79 Discipline, driving, 204 “Double jeopardy,” 101 Downtime, decreased, 8 Downturns, 34–38
214 | Index
Drills, 126–127 Driving culture, 147 Due-diligence review, 146 Econom ic downturns, 34–38 Econom ic recovery, 38 Effective training, 130–133 EH& S leadership role, 170–171 Electronic MO C (e-MO C) systems, 121. See also Management of Change (MOC) Emergency management, 123–127 Emergency MOCs, 122. See also Management of Change (MOC) Emergency preparedness, 125–127 Emergency responders, 126–127, 155 Emergency response, 124–126 Emergency response coordinators, 157 Emergency shut-down (ESD), 105–106 Employees. See also Personnel becom ing leaders, 90–91 being active, 157 com petency of, 129 empowerment of, 67–68 engaging with, 66 interacting with, 153–154 protecting, 31, 84 reporting concerns of, 76 training for roles, 130–133 Empowering others, 64, 67–69
Index | 215
Empowerm ent of employees, 67–68 for operators, 105–106 Energy, in equipment and piping systems, 13–14 Engineering lead, 107 Engineering leaders, responsibilities of, 33 Engineering leadership role, 168–169 Environmental protection, vi, 43 Equipment, hazardous m aterials and energy in, 13–15 Errors, reducing, 104 Ethical imperative, 48 Ethical standards, in process safety, 30, 71–72 Evaluations, additional, 73 Executive leadership role, 164–165 Executives. See Senior executives Expansions, 38–39 Expectations, establishing, 54 Experience learning from, 21, 70 of predecessors, 90 Experienced leaders, 50 Expertise, deference to, 78 External audits, 44 External standards, 113 Facilities, interacting with, 155 Facility com petency, 58–59
216 | Index
Failed barriers, 26 Failure(s) active and latent, 25–26 effects of, 156 root cause, 145 Failure rate, of barriers, 23 Feelings, appealing to, 86–87 Financial benefits, 8 Financial performance, 11 Fines, costs due to, 6 First-line leaders, stakeholder outreach and, 157 Fitness for Service evaluation, 71–72 Flexibility business, 10 in business, 4–5 Focus, maintaining, 204 Frank communications, 80–83 Frontline leaders, 49, 106–107, 115, 117, 120–121, 123 audits and, 141 emergency procedures for, 126 handling contracts, 138 interacting with employees, 154 as investigators, 144 living in the process safety culture, 206 process knowledge for, 134 reviews and, 149–150 role in culture, 152
Index | 217
stakeholder outreach and, 157 training for, 132 Gap analysis, 86 Gaps avoiding, 121 com petency, 65, 128–129 m anagem ent, 41–42 in perform ance, 42 risk increases and, 38, 39 in worker knowledge, 145 Generational biases, 90–91 “Golden Rules,” 29–30 Good metrics, 142 Good practices, 107 “Grandfathering,” 111–112 Groups, reviews with, 147–148 Growth, sustainable, 7–8, 10 Guideline publications, vi Guidelines, 8 Hands-on training, 131 Hazard analysis, 98–100 Hazard Identification and Risk Analysis (HIRA), 98–99 Hazard industries, 87 Hazard m anagement, 89 Hazardous m aterials, in equipment and piping systems, 13–15
218 | Index
Hazards acting on, 75–76 understanding, 20 unregulated, 39–40 Hierarchical culture, 82 High potential process safety near-miss (HP PSNM), 28–29 Human behavioral issues, 104 Human resources (HR) lead, 107 Human resources leadership role, 176–177 Im perative(s) leadership, 207 through the organization, 54–57 for process safety, 48–51 in words and actions, 51–53 Im provem ent(s), xxiii continual, 146–150, 204 incidents and, 143 verifying, 139–150 Im provem ent goals, 57 Incident investigation results, 29–30, 143–145 Incidents, 60–62. See also Injuries; M ajor incidents; Process safety incidents catastrophic, 16, 22, 155 impact of, 2–3 improvement and, 143 increased likelihood of, 24–25 investigation of, 51, 143–145
Index | 219
learning from, 25–30, 204 prevention and control of, 14 serious, 79 severity and frequency of, 16–17 Incom plete regulations, 41–42 Independent protection layers (IPLs), 23, 101, 102 Individual contributors, 49–50, 115, 117–118, 121 audits and, 141 duties executed by, 206 emergency procedures for, 126 handling contracts, 138 reviews and, 149–150 role in culture, 152 role in the community, 157 sharing ideas by, 154 training for, 132–133 Industry sector biases, 87–89 Industry standards, 111 Influencing and driving process safety culture, 83–91 Inform ing, 192 Inherently Safer Design (ISD), 22–23, 37–38 Injuries, 15. See also Incidents Inspection, testing, and preventive m aintenance (ITPM), 36, 37, 101, 113–115 Inspiration, communication with, 80–91 Internal standards, 111, 113 Investigation processes, 27, 28, 143–145 ISO 14001 standard, 43
220 | Index
ITPM intervals, 36. See also Inspection, testing, and preventive m aintenance (ITPM) Job requirem ents, 63 Key leadership attributes, xxii Key performance indicators (KPIs), 18, 71, 74, 141–142 m onitoring, 204 Knowledge, for leaders, 60–71 Lagging m etrics, 18–19 Latent failures, 26 Layer of Protection Analysis (LOPA), 23, 101 Leaders. See also Mid-level leaders com petent, 62–63 during downturns, 38 employees becom ing, 90–91 engaging with workers, 153 experienced, 50 knowledge and com petence for, 60–71 m etrics and, 142 pitfalls for, 52–53 responsibilities of, 17, 56–57 taking concerns and ideas, 154 Leadership com munication with, 80–91 of contractors, 138 consistency in, 78–79
Index | 221
in deploying tasks, 191–200 importance of, xvii process safety, 104–106 professional, 30–31 of PSM S, 93–94 seriousness of, 147 strong, 74–75 succeeding with, 201–202 Leadership accountability, 30–34, 73–76 Leadership attributes, xxii, 47–91 integrity and comm itment, 71–79 knowledge and com petence as, 60–71 shared vision, 48–59 summ ary chart of, 48 Leadership challenges, 34–39 Leadership excellence, 9, 10 Leadership im peratives, 207 Leadership responsibilities, xxii, xxv–xxvi, 47 Leadership roles, 161–190 Leadership support, xix–xx Leadership team, 84–85, 86 Leading, for process safety, 13–44 Leading indicators, 21 Leading metrics, 18, 19 Legal requirements, 23 Lessons-learned exam ples, 29–30 “Like-for-like” changes, 119
222 | Index
Litigation, costs due to, 6 Loss prevention, 5–7, 10 Maintenance cost(s), 8, 115–116 Maintenance lead, 106 Maintenance leadership role, 180–181 Maintenance technician role, 187–188 Maintenance technicians, responsibilities of, 33 Major incidents, 4–5 Management. See also Em ergency management; Process knowledge m anagement (PKM); Risk m anagem ent of com petency, 127–138 of contractors, 135–138 developing, 66 Management of Change (M OC), 35, 36, 39, 65, 118–123, 129. See also O rganizational Management of Change (O MO C) Management review(s), xxiii, 146–150 frequent, 149 Management review meetings, 150 Management standards, 43, 44, 111 Management system failures, 27–28, 76 Management systems, xvii, 14, 17–18, 19, 26, 27, 43–44, 55–56 Managers for process safety, 13–44 responsibility of, 26–27 Marketing departm ent, 86 Market share, 6 Materials, hazardous, 13–15
Index | 223
Mechanical integrity (M I), 113–116 Metrics, 141–142, 149 lagging and leading, 18–19 leaders and, 142 Mid-level leaders, 49, 106–107, 117, 120, 123 emergency preparedness for, 125–126 handling contracts, 138 as investigators, 144 process knowledge for, 134 professionalism of, 205 responsibilities of, 75 responsible for reviews, 149 role in culture, 152 role in M OC, 121 stakeholder outreach and, 157 training for, 132 visiting facilities, 153–154 Mid-level operational managers, audits and, 140–141 Mid-level operations leaders, 96, 100, 114 Mitigative barriers, 95 MOC See Management of Change Multiple barriers, 23, 24 Mutual trust, 77 Near-m iss reporting, 18–19, 28–29 Needs, defining, 83, 84–85 Norm alization of deviance, 70, 79
224 | Index
Occupational safety, 15, 16, 17, 43 OHSAS 18001 standard, 43 Ongoing m anagem ent reviews, 148 Open com munications, 80–83 Operating facilities, 57–59 Operating limits, 39 Operating procedures (OPs), 116–118 Operating system s, m anaging, 14 Operational discipline (O D), 25, 102, 103–110, 191, 204 effective, 108–110 good practices of, 107 status of, 104–105 Operation hazards, xxiii Operations, connected and visible, 80–83 Operations lead, 106 Operations leaders, responsibilities of, 32 Operations leadership role, 166–167 Operations Leadership Team, RACI m atrix for, 197–200 Operator, empowerment for, 105–106 Organization accountability, 128 Organizational benefits, 1. See also Benefits Organizational capability, 127–138 Organizational M anagem ent of Change (O MOC), 65, 123, 129. 130 Organizational silos, 81 Outreach, 155–157 “Paper” com pliance, 40–41, 44
Index | 225
Peers, developing, 66 Perform ance gaps in, 42 verifying, 139–150 Personal protective equipment (PPE), 116 Personnel. See also Em ployees adding, 39 during downturns, 38 educating, 30 sufficient, 128 Personnel cuts, 35 Piping systems, hazardous m aterials and energy in, 13–15 Planner tem plates, xxvi Plant engineer role, 182–183 Plant operator role, 184–186 Plant operators, responsibilities of, 33 Plant superintendent role, 178–179 Post-MO Cs, 120. See also Management of Change (M OC) Potential consequence categories, 96–97 Predecessors, experience of, 90 Preventive barriers, 24, 26, 95 Principles, for process safety culture, 54–55 Procedure problem s, warning signs of, 118 Procedures, up-to-date, 117 Process Hazard Analysis (PHA), 23, 36–37, 99–100, 119 Process knowledge, updating, 133–135 Process knowledge m anagem ent (PKM), 133–135
226 | Index
Process operator, 18 Process safety, vi, xviii, xx benefits of, xxiv, 2 business case for, xxi, 1–12 with business priorities, 73 com mitment to, 20 defining, 13–22 emotional commitment to, 86 getting there, 86 how it works, 22–25 imperative for, 48–51 implementing, 201–202 leading and managing for, 13–44 m anaging, 4 principles of, xxi prom oting, 8 requirements for, 7 selling and re-selling, 83–84 Process Safety Code, 44 Process safety com petency, 58, 65 Process safety culture, 34, 74,139–140 core principles, 54–55 frontline leaders in, 206 influencing and driving, 83–91 Process safety duties, transferring, 35 Process safety events, 19 Process safety goals, 203
Index | 227
Process safety hazards, recognizing, 204 Process safety incidents, xviii, xix, 3,12, 15, 16, 17, 19, 60–62 Process safety information (PSI), 133 Process safety leader(s), 47, 158 Process safety leadership, 104–106 Process safety leadership challenges, 34–39 Process safety leadership model, 203–204 Process Safety Leadership Team, RACI matrix for, 193–196 Process Safety M anagement System Leadership RACI m atrix, 192–196, 197–200 Process Safety M anagement System s (PSMSs), xv, 6, 13, 14, 17, 22, 44, 56, 70, 71, 86, 106, 161–162. See also PSM S entries driving, 158 establishing, 55–56 failures of, 25 leadership of, 93–94 m onitored, 141, 142 perform ance of, xx–xxi, 31 responsibilities of, 94 Process Safety M etrics Pyram id, 19 Process safety near-miss (PSNM), 28–29 Process safety performance, 15 Process safety responsibilities, 107 fulfilling, 67–69 implementing, 207 Process safety results, 93 Process safety risks, 87 Process safety specialist role, 189–190
228 | Index
Process safety specialists, responsibilities of, 33 Production m anagers, responsibilities of, 32 Production costs, 8 Productivity, 8 Professional leadership, 30–31 Projecting comm itm ent, 72 Property dam age loss, 6 PSM, xv See also Process Safety M anagement entries PSMS audits, 139. See also Process Safety Management Systems (PSMSs) PSMS gaps, 145 PSMS responsibilities, 82 PSMS reviews, 146–147 Purchasing leaders, 119 Purchasing leadership role, 174–175 Quantitative Risk Assessment (Q RA), 23 RACI (responsibility, accountability, consulted, informed) m atrix, 191–192 for Operations Leadership Team, 197–200 for Process Safety Leadership Team , 193–196 RC14001 standard, 43, 44 RCMS standard, 43, 44 Refresher training, 63, 70–71 Regulations, 5, 8, 17, 111 incom plete, 41–42 m anagem ent gap in, 41–42
Index | 229
Regulatory attention, 6 Regulatory com pliance, 39–43, 43–44 Regulatory coverage, 40 Regulatory inspections, 42–43 Remediation costs, 6 Replacements-in-kind (RIK), 115, 119 Reporting process, 29 Requirements, standards as, 111 Research and developm ent (R& D) leadership role, 172–173 Responsibility/responsibilities, 14. See also Role responsibilities corporate social, 2–4, 9–10 deploying, 191–200 implementing, 207 of leaders, 17, 56–57 of leadership, xxii, xxv–xxvi, 47 of m anagers, 26–27 of m id-level leaders, 75 process safety, 107 of PSM S, 94 of senior executives, 74–75 for standards, 112–113 for workers, 107 of workers, 128 Responsible—Accountable—Comm unicated-to-Informed (RACI) exercise, xxii. See also RACI (responsibility, accountability, consulted, informed) m atrix Responsiveness. 76–78 Reviews, 146–150
230 | Index
Review team, 148 Rickover’s Rules, 202–203 Risk(s), 87 acting on, 75–76 m anaging, 20 m aximized, 24–25 reducing and managing, 22–25 understanding, 20 Risk analysis, 37 Risk analysis methods, 98–100, 101 Risk bands, 97–98 Risk B ased Process Safety (RB PS) management system, 56 Risk criteria, 31, 51, 84–85, 95–98 Risk equation, 25 Risk function, 22, 25, 95 Risk increases, gaps and, 38, 39 Risk m anagement, 22–25 Risk m atrix, 95–98 Risk of processes, 97 Risk reduction, 22–25, 85 Risk reduction measures, 23. See also B arriers Risk Review Committee, 95–96, 98, 106 Role responsibilities, 32–33 Roles leadership, 161–190 as process safety–critical, 35 training for, 129–133
Index | 231
Role tem plates, 162–168 Root cause failures, 145 Root Cause Investigation (RCI), 27 Rules cardinal, 87 unbreakable, 87 Safeguards, 23 Safety cases, 41. See also Process safety entries Safety m anagement systems. See Management systems Safety risk review process, 50–51 Safety standards, vi. See also Occupational safety Safe work practices (SWPs), 116–118 Sector biases, 87–89 Senior executives, 49, 50, 95–96, 114, 117, 119–120 audits and, 140 emergency preparedness for, 125 faithful service of, 205 handling contracts, 137–138 as investigators, 144 process knowledge for, 134 responsibilities of, 32, 74–75 responsible for reviews, 148 role in culture, 152 stakeholder outreach and, 156–157 visiting facilities, 153 Serious incidents, 79
232 | Index
Shared vision, creating, 48–59 Shareholder value, 16 Shareholder confidence prem ium, 4 Share prices, 2–3 Shut-down situations, 105–106 Shut-down/stop-work authority, 68 Signals, weak, 63–64 Silos, organizational, 81 Social license to operate, 31, 57–59 Stakeholder outreach, 155–157 Standards, 8, 110–113. See also Ethical standards; Internal standards; M anagement standards; Technical standards as requirem ents, 111 responsibilities for, 112–113 Stop-work authority, 68 Stop-work situations, 105–105 Strong leadership, 74–75 Strong process safety culture, 74, 139–140 Subcomm ittee m em bers, v, xiii, xv, xviii Sufficient personnel, 128 Suppliers helping, 8 outreach to, 156 Support tools, xix–xx Sustainable growth, 7–8, 10 “Swiss Cheese Model,” 24, 204 Systemic breakdowns, 25–30
Index | 233
Team discussions, 50 Technical standards, in process safety, 30, 71–72 Tem porary MOCs, 122. See also Management of Change (MOC) Tests, for training, 131 Thoughtful compliance, 69–70 “Town hall m eetings,” 153 Training, 129–133. See also Effective training deferring, 36 refresher, 63, 70–71 tests for, 131 types of, 131 for young engineers, 90 Training classes, 66 Training lead, 106 Training m etrics, monitoring, 132 Trust earning, 80–91 m utual, 77 Two-way com m unication, 59 Unbreakable rules, 87 Understanding, of hazards and risks, 75–76 Unregulated hazards, 39–40 Up-to-date procedures, 117 Upturns, 38–39 Visible operations, 80–83 Vision, creating, 85–86
234 | Index
Vulnerability, sense of, 60–62 Warning signs, 63–64 of procedural problem s, 118 Weakened barriers, 26 Weak process safety culture, 140 Weak signals, 63–64 Worker knowledge, gaps in, 145 Workers errors by, 145 engaging with leaders, 153 interacting with process, 152–153 responsibilities of, 107, 128 Workforce involvem ent, 152–155, 156 Workforce involvem ent activities, 154 Working safely, for contractors, 135–138 Young engineers, training for, 90 Zero-tolerance policy, 79