Call Us Today: 608-226-0531

Blog

16 Aug
risk vs compliance
Compliance Risk Assessment

Compliance risk assessment helps to identify and assess risks related to applicable regulatory requirements. Internal and external events or conditions affecting the entity’s ability to achieve objectives must be identified, distinguishing between risks and opportunities. These risks are analyzed, considering the following:

  • Size of the risk – where, how big, how often/many?
  • Severity of the outcome – to what extent can it impact safety, environmental, operational, financial, customer relations, regulatory compliance?
  • Likelihood/probability of each risk – how likely is the occurrence of a negative outcome, considering the maturity of existing controls?

Based on this assessment, management can prioritize risks, select appropriate risk responses (avoiding, accepting, reducing, sharing), and develop a set of actions to align with the entity’s risk tolerance/appetite. An acceptable level of residual risk is considered after selected improvements and controls are applied. From there, policies and procedures can be established and implemented to help ensure the risk responses are effectively communicated so operating managers and individuals can carry out their responsibilities.

A deeper dive compliance program assessment may be performed for those risks that are identified as the company’s most significant.

Compliance Program Assessment

A compliance program assessment looks beyond “point-in-time” compliance to critically evaluate how the company manages compliance programs, processes, and activities, with compliance assurance as the ultimate goal. Capability, capacity, programs, and processes to comply are examined as part of this review. Conducting routine process and compliance audits are also key components of a compliance assurance program.

Compliance program assessment should follow a disciplined and consistent process, resulting in an effective program that guides alignment of activities to an integrated management system for sustained compliance and continuous improvement. An essential part of the assessment, audits capture regulatory compliance status, management system conformance, adequacy of internal controls, potential risks, and best practices.

Compliance program assessment enables a company to define and understand:

  • Compliance requirements and where regulated activities occur throughout the organization
  • Current company programs and processes used to manage those activities and the associated level of program/process maturity
  • Deficiencies in compliance program management and opportunities for improvement
  • How to feed review recommendations back into elements of the management system to create a roadmap for sustaining and continually improving compliance

There are six phases associated with a compliance program assessment:

Phase 1 – Regulations, Requirements, and Applicability Analysis: Phase 1 focuses on identifying, organizing, validating, and understanding all of the requirements (legal or other) with which the company must comply. It provides an applicability analysis of the requirements to company operations by functional area and evaluates the associated risks. This stage engages representatives across the company who are responsible for activities subject to the requirements.

Phase 2 – Activities Analysis: This phase involves developing an inventory/profile of all company activities that may trigger the requirements identified in Phase 1. It asks the question, “What activities does the company carry out that are covered by the requirements?”

Phase 3 – Desired Compliance Program Standard: Establishing the company’s expectations for compliance program processes and controls—the desired condition—is essential. This “to-be” standard integrates management system principles into compliance program management. Programs should examine relative risks and ensure that risk-based priorities are being set.

Phase 4 – Actual Compliance Program Condition: In contrast to the desired standard identified in Phase 3, Phase 4 is about describing the company’s current compliance program. It defines how the company performs the activities outlined in Phase 3 (along with who, when, and where)—the “as-is” condition. This is done in the same framework as the desired standard in order to compare them in the next phase.

Phase 5 – Gap Analysis: The gap analysis compares actual compliance program management against the desired standard. It evaluates compliance program management processes, controls, and maturity to determine if they are good as is, need improvement, or are missing. These gaps and opportunities provide the basis for the improvement actions developed in Phase 6.

Phase 6 – Improvement Actions: Phase 6 moves the process along to developing action plans and an approach for ongoing management review that will guide the compliance program development and improvement activities. Compliance program management review is established at the end of this last phase. If there is a management system in place, program review information and action plan tracking can be integrated into that management system.

Outcomes

As a whole, this process will help companies evaluate the degree to which:

  • Compliance goals and objectives are set and communicated by management.
  • Hazards and risks are identified, sized, and assessed, including an inventory of activities subject to the compliance requirements and the relative risks.
  • Existing controls are adequate and effective, recognizing, and addressing changed conditions.
  • Plans are in place to address risks not adequately covered by existing controls.
  • Plans and controls are resourced and implemented.
  • Controls are documented and operationalized across functions and work units.
  • Personnel know and understand the controls and expectations, and are engaged in their design and improvement.
  • Controls are being monitored with appropriate metrics and compliance auditing and assurance.
  • Information system is sufficient to support management system-required functions (e.g., document management and control, action tracking, notifications, training tracking, task calendaring, metrics reporting). Information dashboards can be used for reports to management.
  • Deficiencies are being addressed by corrective/preventive action and are being tracked to completion.
  • Processes, controls, and performance are being reviewed by management for ongoing improvement, including the maintenance and continual improvement of the integrated management system.

09 May
Refinery
Join Kestrel: AFPM Safety Conference

It’s time to “Discover the Possible” at the AFPM National Occupational & Process Safety Conference. Beyond the program of interesting industry presentations and learning opportunities, Kestrel Management is looking forward to connecting with many of you in San Antonio.


AFPM National Occupational & Process Safety Conference
May 15-16, 2018
Grand Hyatt San Antonio


We welcome the opportunity to learn more about your needs and discuss how Kestrel helps our clients improve occupational and process safety performance; manage EHS and quality risks; and achieve regulatory compliance assurance. See you in San Antonio!Register Now

15 Aug
Applying Predictive Analytics in Safety

In recent years, companies have been generating vast and ever-increasing amounts of data associated with business operations. This trend has led to renewed interest in predictive analytics, a field which focuses on analyzing large data sets to identify patterns and predict outcomes to help guide decision-making. While many leading companies use predictive analytics to identify marketing and sales opportunities, similar data analysis strategies are less common in occupational and process safety. Although the use of predictive analytics is less common in the field of safety, the potential benefits of analyzing safety data are considerable.

Just as companies are currently using customer data to predict customer behavior, safety and incident data can be used to predict when and where incidents are likely to occur. Appropriate data analysis strategies can also identify the key factors that contribute to incident risk, thereby allowing companies to proactively address those factors to avoid future incidents.

Predictive Analytics: In Theory

Let’s take a step back and look at what predictive analytics is and what it does. Predictive analytics is a broad field encompassing aspects of various disciplines, including machine learning, artificial intelligence, statistics, and data mining. Predictive analytics uncovers patterns and trends in large data sets for the purpose of predicting outcomes before they occur. One branch of predictive analytics, classification algorithms, could be particularly beneficial to industry, especially when it comes to avoiding incidents.

Classification algorithms can be categorized as supervised machine learning. With supervised learning, the user has a set of data that includes predictive variable measurements that can be tied to known outcomes. The algorithms identify the relationships between various factors and those outcomes to create predictive rules (i.e., a model). Once created, the model can be given a dataset with predictive variable measurements and unknown outcomes, and will then predict the outcome based on the model rules.

Predictive Analytics: In Practice

Like many in the transportation industry, this railroad had experienced a number of derailments caused by broken rails. Broken rail derailments can have particularly severe consequences, since they typically occur on mainline tracks, at full speed, and with no warning of the impending broken rail. Kestrel was asked to create a predictive model of track-caused derailments on a mile-by-mile basis to identify areas of high broken rail risk so the railroad could target those areas for maintenance, increased inspections, and capital improvement projects.

Penalized Likelihood Logistic Regression

As described above, classification models learn predictive rules in an original data set that includes known outcomes, then apply the learned rules to a new data set to predict outcomes and probabilities. In this case study, Kestrel used a logistic regression modified by Firth’s penalized likelihood method to:

  • Fit the model
  • Identify eleven significant predictive variables (based largely on past incidents)
  • Calculate broken rail probabilities for each mile of mainline track based on track characteristics

Final Model

The final model calculates a predicted probability of a broken rail occurring on each mile of track over a two-year period. The results suggest that the final model effectively predicted broken rail risk, with 33% of broken rails occurring on the riskiest 5% of track miles and 70% occurring in the riskiest 20%. Further, the model shows that the greatest risk reduction for the investment may be obtained by focusing on the 2.5% of track miles with the highest probability of a broken rail. This ability to predict where broken rails are likely to occur will allow the company to more effectively manage broken rail derailment risk through targeted track inspections, maintenance, and capital improvement programs.

Implications for Other Industries

The same general approach described in the above case study can also be applied to other industries—using KPIs to determine predictive variables and incidents as the outcome. The process is as follows:

  • Measurements for defined variables would be taken regularly at each facility or unit. Precision increases as the measurements become more frequent and the observed area (facility/unit) becomes smaller.
  • Once a sufficient number of measurements has been taken, they would then be combined with incident data to provide both the predictive variable measurements and the outcome data needed for training a model. This dataset would be fed into a logistic regression or other classification algorithms to create a model.
  • Once the model has been created, it can be applied to new measurements to predict the probability of an incident occurring at that location during the applicable timeframe.

Once predicted incident probabilities have been found, management would be able to focus improvement resources on those locations that have the highest probabilities of experiencing an incident. The classification algorithms also identify which factors have predictive validity, so management will know how improving those factors will affect the predicted probability of incidents occurring. In other words, they will know which factors have the strongest relationship with incidents and can focus on improving those first.

Data-Driven Decisions

Industrial companies are generating and recording unprecedented amounts of data associated with operations. Those that strive to be best-in-class need to use that data intelligently to guide future business decision-making.

The versatility of predictive analytics, including the method described in this case study, can be applied to help companies analyze a wide variety of problems. In this way, companies can:

  • Explore and investigate past performance
  • Gain the insights needed to turn vast amounts of data into relevant and actionable information
  • Create statistically valid models to facilitate data-driven decisions
18 Apr
Technology Tip: Software and Audits Top 10

All types of business and operational processes demand a variety of audits and inspections to evaluate compliance with standards—ranging from government regulations to industry codes, to system standards (i.e., ISO), to internal corporate requirements.

Audits provide an essential tool for improving and verifying compliance performance. Audits may be used to capture regulatory compliance status, management system conformance, adequacy of internal controls, potential risks, and best practices.

By combining effective auditing program design, standardized procedures, trained/knowledgeable auditors, and computerized systems and tools, companies are better able to capture and analyze audit data, and then use that information to improve business performance. Having auditing software of some sort can greatly streamline productivity and enhance quality, especially in industries with many compliance obligations.

The following tips can help ensure that companies are getting the most out of their auditing process:

  1. Have a computerized system. Any system is better than nothing; functional is more important than perfect. The key is to commit to a choice and move forward with it. Companies are beginning to recognize the pitfalls of “smart people” audits (i.e., an audit conducted by an expert + notebook with no protocols or systems). While expertise is valuable, this approach makes it difficult to compare facilities and results, is not replicable, and provides no assurance that everything has been reviewed. A defined system and protocol helps to avoid these pitfalls.
  1. Invest time before the audit. The most important time in the audit process is before the audit begins. Do not wait until the day before to prepare. There is value in knowing the scope of the audit, understanding expectations, and developing question sets/protocol. This is also the time to ensure that the system collects the data desired to produce the final report.
  1. Capture data. Data is tangible. You can count, sort, compare and organize data so it can be used on the back end. Data allows the company to produce reports, analytics, and standard metrics/key performance indicators.
  1. Don’t forget about information. Information is important, too. The information provides descriptions, directions, photos, etc. to support the data and paint a complete picture.
  1. Be timely. Reports must be timely to correct findings and demonstrate a sense of urgency. Reports serve as a permanent record and begin the process of remediation. The sooner they are produced, the sooner corrective actions begin.
  1. Note immediate fixes. During the audit, there may be small things uncovered that can be fixed immediately. These items need to be recorded even if they are fixed during the audit. Unrecorded items “never happened”. Correspondingly, it is important to build a culture where individuals are not punished for findings, as this can result in underreporting.
  1. Understand the audience. Who will be reading the final report? What do they need to know? What is their level of understanding? Not all data presentation is useful. In fact, poorly presented data can be confusing and cause inaction. It is important to identify key data, reports desired, and the ways in which outputs can be automated to generate meaningful information.
  1. Compare to previous audits. The only way to get an accurate comparison is if audits have a common scope and a common checklist/protocol. Using a computerized system can ensure that these factors remain consistent. Comparisons reinforce and support a company’s efforts to maintain and improve compliance over time.
  1. Manage regulatory updates. It is important to maintain a connection to past audits and the associated compliance requirements at the time of the audit. Regulations might change and that needs to be tracked. Checklists, however, may remain the same. Companies should have a process for tracking regulatory updates and making sure that the system is updated appropriately.
  1. Maintain data frequency. For data, the frequency is key. Consider what smaller scope, higher frequency audits look like. These can allow the company to gather more data, involve more people, and improve the overall quality and reliability of reports.

A well-designed and well-executed auditing program—with analysis of audit data—provides an essential tool for improving and verifying business performance. Audits capture regulatory compliance status, management system conformance, adequacy of internal controls, potential risks, and best practices. And using a technology tool or system to manage the audit makes that information even more useful.

18 Apr
Process Safety Competence Assurance

Organizations in the chemical manufacturing and energy industry face the daily challenge to safely manage the processing, storage, and transportation of hazardous materials. To enable this, a great deal of focus and effort is put into compliance, strong management systems, well-maintained equipment, and organizational capability.

A key component of organizational capability is the competence of employees. This is critical to an organization’s success—and very relevant to process safety. In fact, process safety competence is both a regulatory requirement and a business improvement driver. But what does competence mean when it comes to the management of process safety?

Defining Competence

Process safety competence is an area that is sometimes misunderstood as simply providing training to employees. However, it is much more. Organizations need to understand the definition of competence and ensure employees have the basic competence required to fulfill their job function successfully.

Competence is often defined as “an individual having the right level of training and experience to enable the successful execution of defined job responsibilities”. By this definition, competence is a step beyond basic job training—one that necessitates understanding and the ability to successfully apply what is learned.

To fulfill this intent, especially for those working on the management of process safety, it is critical that employers have a structured and sustainable approach to ensure process safety competence. This may include a clear process safety competence assurance program. Not only will this assist with regulatory compliance, it is a critical element in the prevention of a process safety incident.

Steps to Ensure Competence

To successfully create an organizational culture that values and emphasizes process safety competence assurance, there are some basic steps that need to be followed, including those outlined below:

  • Understand and define positions within the organization that impact or influence process safety.
  • Define desired competence levels and requirements for each of these positions.
  • Develop an organizational competence matrix for process safety that documents the positions and requirements.
  • Assess position holders’ (i.e., employees’) process safety competence against the requirements outlined on the organizational matrix.
  • Identify gaps in competence for each individual and develop individual closure plans.
  • Work with employees to address identified competency gaps and verify that they have been closed.

When filling a position that has process safety requirements, the identified candidate(s) should undergo an assessment against the defined process safety requirements for the position to ensure they are competent. It is important to ensure the new employee has the required competence before they are appointed or hired. Successful candidates may have some minor gaps that can quickly be rectified, but putting candidates into jobs that impact or influence process safety as “development” or a “learning opportunity” is a large risk to the organization and unfair to the individual. It is also a practice organizations should stop if they are truly committed to process safety.

Maintaining the Commitment to Competence

To further enhance the ongoing process safety competence of an organization, each position that impacts or influences process safety must maintain the required process safety competencies identified on the competence matrix. The commitment must be sustained to be successful; it should not be a one-time effort.

Organizations can do this by:

  • Reviewing competence requirements and adjusting the matrix as new requirements are identified;
  • Conducting regular assessments to verify employee competence; and
  • Providing opportunities for training and experiential learning that ensure process safety competence remains a top priority.
04 Apr
OSHA Releases Three New PSM Publications

OSHA has released three new guidance documents to help employers comply with the agency’s Process Safety Management (PSM) standard. PSM is critically important to facilities that store highly hazardous chemicals. Implementing the required safety programs helps prevent fires, explosions, large chemical spills, toxic gas releases, runaway chemical reactions, and other major incidents. The new documents focus on PSM compliance for Small BusinessesStorage Facilities and Explosives and Pyrotechnics Manufacturing.

15 Feb
Improving Process Safety Leadership and Culture

Over the past 30 years, there have been numerous events both nationally and internationally that have led organizations to bring a more concerted focus to process safety. Such a focus has many such organizations building process safety elements into their management systems. The goal is to not only comply with regulations, such as OSHA 1910.119, but to also ensure sustainable programs that prevent process safety incidents from ever happening.

A large part of this effort involves integrating process safety leadership into existing programs. Improving an organization’s process safety leadership and culture can have significant and lasting impacts on a company’s process safety performance. Three steps that organizations can undertake to advance this effort include the following:

  • Amending metrics to include more leading indicators that are designed to prevent process safety incidents
  • Cultivating communications geared toward process safety
  • Ensuring incentive schemes include measures related to process safety

Traditional Management Systems

Traditional management systems include personal safety, environmental management, and industrial hygiene as the core elements. Management systems, metrics, and communications have historically been focused on personal safety and environmental management. These areas have clear industry compliance drivers and easy-to-understand metrics for organizational leaders. The prevention of personal injury or actions to protect the environment are relatable concepts for most.

The addition of process safety to the management system structure has been a smooth transition for many organizations, as the majority of the elements that cover process safety are already part of a typical management system. However, process safety—and the incidents that can occur if not managed well—can be complex in nature to explain. The challenging part of integrating process safety into an organization becomes getting leaders both comfortable and equipped to address it.

Leading Metrics

Due to the generally low frequency of process safety incidents, the development and measurement of process safety indicators is often not a priority for organizations. Many companies rely heavily on lagging personal safety and environmental metrics (Days Away from Work Rate, Total Recordable Incident Rate, Spill Rate). Injuries are easy for leaders to understand and explain. Leaders demonstrate empathy towards their staff and contractors, again making it easier for them to relate to personal safety. Minor spills are also easily understood and easier to discuss.

While these lagging metrics are still important and can be used and communicated, organizations need to include different metrics to bring more focus on leading indicators that are designed to prevent process safety incidents. Some examples of leading metrics that can be developed, implemented, and tracked include the following:

  • Identifying systems/equipment that are critical to prevent or mitigate a process safety event, and tracking their effectiveness and operability
  • Tracking the completion of Management of Change (MOC)
  • Tracking the effective closeout of Process Hazard Analysis (PHA) and PSM audit actions
  • Assessing organizational capability around process safety and tracking identified gap closure plans
  • Tracking the number of Pressure Relief Valve (PRV) activations
  • Tracking anomalies from complete permit-to-work reviews

Communication

Once an organization has developed a set of leading process metrics applicable to the business, the metrics should be made visible to all staff and included in communications on business performance. Leaders also need to focus more of their strategic communications and site visits on process safety. This can include talking about leading process safety metrics and undertaking the following activities when at a facility:

  • Ask members of the facility staff about the major identified hazards from the PHA
  • Determine if staff are involved in reviewing and updating operating procedures
  • Ask staff about the last emergency drill and actions taken
  • Ask operations staff about the number of alarms they deal with on a typical shift to determine if alarm management/rationalization is required or if low criticality alarms are not burdening staff
  • Hold discussion groups focused on process safety during leadership onsite visits

Incentive Schemes

Another outcome of tracking lagging metrics involves translating them into part of the organization’s incentive bonus criteria for leaders. Organizations should work to transition leadership bonus/incentive schemes away from just traditional personal safety and environmental lagging metrics, namely injury and spill rates. Again, it would not be necessary to immediately drop existing lagging metrics. Start with adding the new metrics and gradually change the percentage weightings so leading process safety indicators become the dominant factor. This will serve to reinforce the importance of process safety and incident prevention in overall business performance.

To truly have an organization that demonstrates process safety leadership and has a strong process safety culture, there need to be some changes and effective actions taken. The steps outlined in this article—amending metrics, cultivating communications toward process safety, and integrating process safety into incentive schemes—can help organizations take a few of the initial necessary steps to build process safety culture and leadership and, ultimately, prevent process safety incidents from occurring.

10 Oct
Applying Predictive Analytics to Leading Indicators

Leading indicators can be defined as safety-related variables that proactively measure organizational characteristics with the intention of predicting and, subsequently, avoiding process safety incidents. Leading indicators become especially powerful when combined with advanced statistical methods, including predictive analytics.

Case Study

Kestrel developed a major incident predictive analytical model for the transportation industry that is also applicable to the process industries. Using regularly updated inspection data, the model was created to provide major incident probabilities for each transportation segment over a six-month period.

Additionally, the model identifies the variables that are significantly contributing to major incidents, thereby showing the company which factors to address to prevent future incidents. Model validation revealed that it could successfully predict the location and time frame of 75% of major incidents.

Broader Applicability

Companies in the process industries are generating and recording unprecedented amounts of data associated with operations. Companies that strive to be best-in-class need to use that data intelligently to guide future business decision-making.

The versatility of predictive analytics, including the method described in this case study, can be applied to help companies analyze a wide variety of problems. In this way, companies can:

  • Explore and investigate past performance
  • Gain the insights needed to turn vast amounts of data into relevant and actionable information
  • Create statistically valid models to facilitate data-driven decisions

Join Kestrel at the 2016 International Symposium

Kestrel’s William Brokaw will be presenting the case study discussed above on Tuesday, October 25 at 1:15 p.m. at the Mary Kay O’Connor Process Safety Center 2016 International Symposium: Applying Predictive Analytics to Process Safety Leading Indicators.

MKOPSC 2016 International Symposium
October 25-27, 2016
Hilton Conference Center
College Station, Texas

Kestrel’s experts will also be on hand throughout the Symposium to talk with you. Stop by and see us at our booth. We welcome the opportunity to learn more about your needs and to discuss how we help our chemical and oil & gas clients manage environmental, safety, and quality risks; improve safety performance, and achieve regulatory compliance assurance.

15 Aug
Process Safety and Human Performance Reliability

On August 6, 2012, the release of flammable vapor led to a fire at the Chevron Refinery in Richmond, California. That event generated significant public concern about refinery safety and emergency response in California. It also eventually prompted California’s Department of Industrial Relations (DIR) to develop a draft regulatory proposal for a new Cal/OSHA Process Safety Management (PSM) standard that strengthens regulatory oversight, policy, and enforcement. The PSM for petroleum refineries notice hit the California Register on Friday, July 15, 2016.

But California refineries are not alone. Federal changes are on the way, as well, as OSHA considers revisions to its PSM standard.

Proposed Cal/OSHA Process Safety Management (PSM) Standard Changes

As a recap, the proposed Cal/OSHA PSM changes modify existing PSM language and introduce a number of new management system elements and other requirements. These amendments require California refineries to commit to the following:

  • Use the Hierarchy of Hazard Controls to choose safer, more enduring technologies that address safety concerns and help to eliminate or minimize hazards in refinery processes.
  • Perform damage mechanism reviews to assess physical degradation, such as corrosion and mechanical wear, and to determine recommended corrective actions.
  • Conduct safeguard protection analysis to ensure that safeguards will help prevent initiating events from turning into major catastrophes.
  • Implement corrective actions with clear and enforceable deadlines and consequences for inaction to ensure that safety program improvements are carried out.
  • Implement appropriate Management of Change (MOC) activities so safety is factored into changes to operations, maintenance procedures, personnel, etc., all of which can undermine plant safety.
  • Perform periodic safety culture assessments to evaluate management’s and employees’ attitudes, perceptions, and values as they pertain to safety.
  • Account for human factors (e.g., training and competency levels, fatigue, experience, communication, physical challenges), which can greatly influence accidents and incidents in the workplace.
  • Conduct root cause analysis to identify underlying causes of the incident and recommended corrective actions to help prevent recurrence.
  • Engage employees at all levels in all elements of the PSM program, including working to prevent accidents and incidents through the means described above.

The Human Element of PSM

Employee and contractor performance is a significant source of risk within any organization.  The majority of accidents and other unintended events are—at least in part—the result of human error. It is not surprising that Cal/OSHA’s proposed PSM regulations and potential Federal PSM changes recognize the importance of the “human element” in a number of the changes—from performing safety culture assessments to account for human factors, to engaging employees.

Many companies struggle with the following challenges as they work to establish and/or improve elements of their PSM programs:

  • How do we identify factors contributing to incidents?
  • What are appropriate recommendations that will drive improvements?
  • How should we include human factors in Process Hazard Analyses (PHAs)?
  • How can we improve our safety culture?

Often, these elements are treated independently, but this overlooks the important relationship between them. For example, any unintended event (e.g., an LOPS, process upset, safety incident) is the result of multiple contributing factors, not a single event. Focusing on these contributing factors enables companies to develop a deeper understanding of why incidents are occurring. Linking contributing factors to specific barriers further allow companies to identify weaknesses in their processes and procedures and to develop appropriate recommendations to drive improvements. Conducting contributing factor analyses also enables the company to identify specific human factors to be used in their PHAs.

Human Performance Reliability (HPR) Approach

Kestrel’s Human Performance Reliability (HPR) approach provides an integrated solution for addressing new PSM requirements. Unlike a typical root cause analysis, which addresses factors leading to a specific incident, HPR is based on a sophisticated statistical analysis of human factor data obtained from multiple incidents. This allows companies to identify and access broader—and potentially systemic—issues that are affecting the safety performance of the organization.

HPR consists of three elements:

  • Incident Investigation and Analysis (IIA) – IIA adopts the framework provided by the Human Factors Analysis and Classification System (HFACS) to classify human error and other contributing factors—but with the additional step of associating the control(s) that failed to prevent the incident from occurring. Statistical analyses help to identify patterns in the data to pinpoint the human errors and controls that are appearing most frequently.
  • Procedure Improvements – Although the IIA process will identify where improvements are needed (i.e., which controls are associated with incidents), it will not result in improved safety performance—not without completing associated improvement projects. Only by scoping and implementing those improvement projects will companies realize improved safety performance.
  • Safety Culture Assessment – Learning organizations actively seek the underlying causes of incidents and use data to make performance improvements. These organizations typically have robust systems to ensure that the traits that represent a strong safety culture are in place, mature, and fully integrated into standard practices

While the individual elements can be very helpful to a company, deploying them in tandem provides the richest and most comprehensive benefit to overall safety performance. That is because the three components are inherently complementary; each improves the effectiveness of the others.

Systemic Improvements

This process provides immediate value when applied to the investigation of an individual event by identifying additional factors that may have been missed following a traditional root cause analysis approach. It is most powerful, however, when data from multiple events are aggregated. The results of multiple investigations yield a pattern of human factor indicators that can be used to uncover system opportunities for PSM and operational enhancements and overall improved reliability.

19 Jul
California PSM Standards: Targeting Refinery Safety

On August 6, 2012, a release of flammable vapor led to a fire at the Chevron Refinery in Richmond, California. That event generated significant public concern about refinery safety and emergency response in California. It also prompted the California Governor’s report, “Improving Public and Worker Safety at Oil Refineries,” the formation of the Interagency Refinery Task Force (IRTF), and, eventually, the proposed regulatory changes to specifically target refinery safety.

Proposed Cal/OSHA Process Safety Management (PSM) Standard Changes

As most California refineries are aware, California’s Department of Industrial Relations (DIR) developed a draft regulatory proposal for a new Cal/OSHA Process Safety Management (PSM) standard to strengthen regulatory oversight, policy, and enforcement. The PSM for petroleum refineries notice hit the California Register on Friday, July 15, 2016—and Federal changes are on the way, as well, as OSHA considers revisions to its PSM standard.

As a recap, the proposed Cal/OSHA PSM changes modify existing PSM language and introduce a number of new management system elements and other requirements. These amendments require California refineries to commit to the following:

  • Use the Hierarchy of Hazard Controls to choose safer, more enduring technologies that address safety concerns and help to eliminate or minimize hazards in refinery processes.
  • Perform damage mechanism reviews to assess physical degradation, such as corrosion and mechanical wear, and to determine recommended corrective actions.
  • Conduct safeguard protection analysis to ensure that safeguards will help prevent initiating events from turning into major catastrophes.
  • Implement corrective actions with clear and enforceable deadlines and consequences for inaction to ensure that safety program improvements are carried out.
  • Implement appropriate Management of Change (MOC) activities so safety is factored into changes to operations, maintenance procedures, personnel, etc., all of which can undermine plant safety.
  • Perform periodic safety culture assessments to evaluate management’s and employees’ attitudes, perceptions, and values as they pertain to safety.
  • Account for human factors (e.g., training and competency levels, fatigue, experience, communication, physical challenges), which can greatly influence accidents and incidents in the workplace.
  • Conduct root cause analysis to identify underlying causes of the incident and recommended corrective actions to help prevent recurrence.
  • Engage employees at all levels in all elements of the PSM program, including working to prevent accidents and incidents through the means described above.

The Human Element of PSM

Employee and contractor performance is a significant source of risk within any organization.  The majority of accidents and other unintended events are—at least in part—the result of human error. It is not surprising that Cal/OSHA’s proposed PSM regulations recognize the importance of the “human element” in a number of the proposed changes—from performing safety culture assessments, to account for human factors, to engaging employees.

Kestrel works with many refining and petrochemical companies that are in the process of establishing and/or improving elements of their PSM programs. Over the years, we have seen many of our clients struggle with the following challenges:

  • How do we identify factors contributing to incidents?
  • What are appropriate recommendations that will drive improvements?
  • How should we include human factors in Process Hazard Analyses (PHAs)?
  • How can we improve our safety culture?

Often, these elements are treated independently, but we have found that this overlooks the important relationship between them. For example, any unintended event (e.g., an LOPS, process upset, safety incident) is the result of multiple contributing factors, not a single event. Focusing on these contributing factors enables companies to develop a deeper understanding of why incidents are occurring. Linking contributing factors to specific barriers further allow companies to identify weaknesses in their procedures and processes and to develop appropriate recommendations to drive improvements. Conducting contributing factor analyses also enables the company to identify specific human factors to be used in their PHAs.

Human Performance Reliability (HPR) Approach

Kestrel’s Human Performance Reliability (HPR) approach provides an integrated solution for addressing the new PSM requirements, as outlined above. Unlike a typical root cause analysis, which addresses factors leading to a specific incident, HPR is based on a sophisticated statistical analysis of human factor data obtained from multiple incidents. This allows companies to identify and access broader—and potentially systemic—issues that are affecting the safety performance of the organization.

HPR consists of three elements:

  • Incident Investigation and Analysis (IIA) – IIA adopts the framework provided by the Human Factors Analysis and Classification System (HFACS) to classify human error and other contributing factors—but with the additional step of associating the control(s) that failed to prevent the incident from occurring. Statistical analyses help to identify patterns in the data to pinpoint the human errors and controls that are appearing most frequently.
  • Procedure Improvements – Although the IIA process will identify where improvements are needed (i.e., which controls are associated with incidents), it will not result in performance improvements—not without completing associated improvement projects. As part of our HPR services, Kestrel works with clients to scope and implement those improvement projects that will lead to improved safety performance.
  • Safety Culture Assessment – Learning organizations actively seek the underlying causes of incidents and use data to make performance improvements. These organizations typically have robust systems to ensure that the traits that represent a strong safety culture are in place, mature, and fully integrated into standard practices.

While the individual elements can be very helpful to a company, deploying them in tandem provides the richest and most comprehensive benefit to overall safety performance. That is because the three components are inherently complementary; each improves the effectiveness of the others.

Systemic Improvements

The HPR process provides immediate value when applied to the investigation of an individual event by identifying additional factors that may have been missed following a traditional root cause analysis approach. It is most powerful, however, when data from multiple events are aggregated. The results of multiple investigations yield a pattern of human factor indicators that can be used to uncover system opportunities for PSM and operational enhancements and overall improved reliability.

Experienced Professionals

Kestrel has experienced PSM and HPR professionals on our team, who have successfully developed programs, completed deployments, and conducted training in the refining and petrochemical industries. As California refineries prepare for significant PSM regulatory changes, we would welcome the opportunity to discuss how we can help you manage your PSM requirements and improve your overall safety performance.

  • 1
  • 2
Sidebar: