Even when good people apply adequate theory and standards, there’re always lessons to be learned. The Act phase involves the actions taken in response to trends in metrics and continuous improvement opportunities. If an owner/operator’s safety culture shines here, risk will be driven as low as reasonably practicable.
Continuous improvement is incorporated in PSM through a concept often called “grandfathering,” where the owner/operator determines and documents that the existing equipment is designed, maintained, inspected, tested and operated in a safe manner. An assessment of the existing safety system should demonstrate that the design and management practices meet or exceed the intent of current good engineering practices and process requirements. Don’t hide outdated or under-performing equipment under the cloak of grandfathering.
Address identified gaps by developing action plans for closing them, establishing compensating measures until the gaps are closed, and creating an implementation schedule. Periodically assess plans to see if there’s a need to accelerate the schedule or broaden the plan objectives. For example, a planned ISS upgrade may be accelerated when the manufacturer withdraws support for the installed equipment. To be successful, action plans should be communicated to affected personnel so they understand and commit to the plans.
The most important things are unknown and unknowable4. So, management must continually work on the system, measure what can be meaningfully measured and move forward with improvement activities. Continuous improvement counteracts the accumulation of latent conditions that present potential safety challenges and weaken protection layers. Improving long-term operational effectiveness often takes time. Operating plans should consider how residual risk will be managed during the transition. Review and update as necessary the ISS operating and mechanical integrity basis to ensure equipment, procedures and personnel training remain in sync with modifications.
An ongoing process
Deming believed that experience by itself teaches nothing and that data without context are meaningless. Information gained from experience must be interpreted against a framework of expected behavior, equipment design and operating performance. But experience isn’t always the best teacher. Without an understanding of the underlying root causes, raw data can be misinterpreted, creating a flawed view of reality. Only data understood within their proper context provide a solid foundation for safe operation. New information identifies the need for new metrics, which point to additional improvement opportunities.
Accidents are prevented when safety issues are approached from a quality perspective. The Plan, Do, Check and Act phases are essential for maintaining safe and reliable operation. Use a management system supported with metrics to establish targets and monitor performance against policies, practices and procedures. Conduct periodic gap analysis to verify that actual performance exceeds expectations established in the hazard analysis and design basis. Close performance gaps with action plans that reduce risk and prevent accidents.
Angela E. Summers, PhD, PE, is president of SIS-TECH Solutions, LP, Houston, Texas. William H. Hearn, PE, is a senior consultant at the firm. E-mail them at firstname.lastname@example.org and email@example.com.
1. Deming, W. E., “Out of crisis,” MIT Press, Cambridge, Mass. (1986).
2. “Guidelines for safe and reliable instrumented protective systems,” American Institute of Chemical Engineers, New York (2007).
3. “Functional safety: safety instrumented systems for the process industry sector,” ANSI/ISA 84.00.01-2004, Instrumentation, Systems, and Automation Society, Research Triangle Park, N.C. (2004).
4. Deming, W. E., “The new economics for industry, government, education,” 2nd ed., MIT Press, Cambridge, Mass. (2000).
5. “Guidelines for hazard evaluation procedures, second edition with worked examples,” American Institute of Chemical Engineers, New York (1992).
6. “Layer of protection analysis: a simplified risk assessment approach,” American Institute of Chemical Engineers, New York (2001).
7. “Safety instrumented functions (SIF) — safety integrity level (SIL) evaluation techniques,” ISA TR84.00.02, Instrumentation, Systems, and Automation Society, Research Triangle Park, N.C. (2002).
8. “Guidelines for the Implementation of ANSI/ISA 84.00.01-2004 (IEC 61511),” ISA TR84.00.04, Instrumentation, Systems, and Automation Society, Research Triangle Park, N.C. (2005).
9. “Process Safety Leading and Lagging Metrics,” proposed metrics for review published on www.aiche.org, Center for Chemical Process Safety, American Institute of Chemical Engineers, New York (Jan 2008).