hemp-leader engagement sopaf gm-1
TRANSCRIPT
04
/10
/23
File
Tit
leC
op
yri
gh
t: S
IPC
Implementing the Hazards and Effects Management Process (HEMP)
Downstream Leadership Engagement – GM/GM-1 Pack (SOPAF)
HSSE Risk Management
2
Safety Stuff FirstSafety / Emergency Map
E
E E
E E
E E
E
E
EEE
Koos Speenhoff
E=(Emergency) Exit
Begane grond (niveau Kurzaal)
1 2
Goldbeck1 2 3
Cor Ruys
Jacob PronkLou Bandy
Adama Zijlstra1 2
JacobPronk-foyer
Serre
Sea side
Jacob Maris 1
Jan Toorop
Spiegelzaal
Jacob Maris 2
Restaurant KandinskyKandinsky zaal
4 3
Kurzaal
Kurhausbar
Kurhauscafé
Kurhauscafé
FoyerNoord
AP=Assembly Point / Verzamelpunt AP
Reminder : R
eplace with
local map fo
r each
workshop locatio
n
Reminder : R
eplace with
local map fo
r each
workshop locatio
n
3
After this session you as a leader will:
• Understand the Case for Change (Journey from A to B)
• Understand your role and responsibility in the HEMP process
• Have clear understanding of how Hazards and Effects Management (HEMP) fits into the Shell HSSE Control Framework
• Understand the 7 Practical Steps for completing a HEMP review
• Understand the need for Leaders to be mindful of Business Risks including HSSE, as outlined in the new Shell HSSE Control Framework Manual “Management and Leadership”
• Have enough knowledge to discuss HEMP and ask the right questions
04
/10
/23
File
Tit
leC
op
yri
gh
t: S
IPC
From Point A to B
5
Understanding the Case for Change (Journey from A to B)
Major incidents continue to happen and not only on manufacturing sites
Point A: The case for change
BP Texas City Bitumen Depot OklahomaTank FireBuncefield Explosion Marine
TerminalTrain Derailment – Spill
DistributionCommercial Fuels
Retail
6
0
10
20
30
40
50
60
DS Independent MS Audits 2007 - High Findings By Element
Point A: The case for change
1. HEMP concepts not understood
2. Implementation of HEMP inconsistent or inadequate Inadequate management of
barriers (either not identified or inadequate critical activities and business processes to manage)
Insufficient demonstration that all risks have been identified and managed to ALARP
Hazard & Effects Register either incomplete or out of date
3. No formal HEMP training4. Focus on the process (check
box)5. Lack of consistency and
alignment in auditing programs
7
Point B – DS HEMP and Process
• Clear requirements that are understood
• Common and consistent approach across the businesses
• Network of experts with agreed competency in all businesses
• Risk identified and appropriately managed to control risks
• Common Tolerability and ALARP Process (ALARP = As Low As Reasonably Practicable)
8
Point B and beyond (from 2009)
What Will It Look Like after BTP 1.1?
• Improved HSSE Performance
• Improved HSSE audit results and findings with true continuous improvement in HSSE Risk Management
• Improved DS Process Safety Performance
• Recognized step-change improvement
9
HEMP is a tool to help leaders and managers comply with Group expectations
Group Policy and the Risk Control Framework requires managers to have risk controls in place and employees to apply the controls.
This applies to financial risks, legal risks, business risks and HSSE risks.
HEMP is the umbrella process, for managing H, S,S,E and PS risks in our business
Process SafetyHEMP
BowtieAnalysis
Security Environment
PersonalSafety
&Health
HRA
EIA
HazOp
Fitness to work
PSA
RHA
JHA
STA
HIA
Hazid
QRAFRED GAME
ERP
10
HEMP is an Integral Part of Shell’s Risk Control Framework
• The HEMP is at at the heart of our HSSE Management Systems. It’s where the planning turns into action.
• HSSE Risk Management relies primarily on HEMP and it’s associated tools.
• The specific requirements for application of the HEMP process in Shell are covered in the Shell HSSE Control Framework Manual, “Managing Risk”.
1- Leadership and Commitment
2 - Policy and Strategic Objectives
8 - Management Review
Corrective Action 7 - Audit
3 - Organisation, ResponsibilitiesResources and
Standards
Corrective Action
5 - Planning & Procedures
4 - Risk Management(Hazards & Effects Mgt)
6 – Implementation,
Monitoring
6 - Corrective Action
CHECK
PLAN
DOFEEDBACK
HEMP
Shell’s Risk Control Framework
11
5 – Hazard Analysis -Identification of Barriers (Control and Recovery Measures)
7 -Determination and Documentationof ALARP
1 - Identification of Hazards2 - Identification of Threats and Top Event3 - Identification of ConsequencesConsequences (Effects) and Assessment of Risks4 - Identification of Red and Yellow Risks
6 - Maintaining the Integrity of Barriers (Controls & Recovery Measures)
Bowtie or Hazard Control SheetLists of Critical Equipment, Critical Activities, and Critical Processes
Downstream HEMP 7 Step Procedure
Output Documents
Business or Site Remedial Action Plan with actions and resources to fix missing or broken barriers
Hazard and Effects RegisterHandshake 1
Handshake 3
Handshake 2
12
Moving Heavy Equipment Working at Height
Flammable Hydrocarbons
Raised Objects
HAZARD - An agent that has the potential to cause harm to People, damage to Assets, business loss and Impact on the Environment or Reputation (PAER)
Hazards are systematically identified using a standard hazard checklist
Rotating MachineryMoving Vehicles
Chemicals
Step1Hazard Identification
13
Poor Visibility Loss of Control
Failure of CableLoss of Control
CorrosionLoss of Containment
Failure of CraneLoss of Control
THREAT - the occurrence which releases a hazard to cause an effect, e.g. corrosion, operator error, etc.
TOP EVENT - First event to release the hazard, e.g., loss of containment, loss of control, exposure to health hazard, etc.
Moving machinery Loss of Control
Slippery RoadLoss of Control
Chemical ReleaseExposure to Health Hazard
Step 2Identification Of Threats & Top Event
14
CONSEQUENCES (Effects) - the impacts on People, Assets, Environment and Reputation if a Hazard is Released
Fire
Death
Lost Time Injury Legal Action
Fall in Share PriceExplosionDischarges and Emissions
Complaints
Toxic Gas Cloud
Step 3 -
Step 3Identification Of Consequences And Assessment Of Risks
15
• Risk is the likelihood that a specific consequence will occur within a specified period
Risk is therefore a function of the severity of a consequence and the likelihood of the consequence
In using the Shell RAM, we consider the worst credible consequence to People, Assets, Environment and Reputation (PAER) separately
Likelihood is HISTORICAL (has it happened before in The location? The organisation? The industry?)
• Risk rating (ranking) is the resulting position on the RAM
RISK = Consequences X Likelihood
Increasing Consequence
Severity
Increasing Likelihood
of Top Event
Increasing Risk
Step 3Identification Of Consequences And Assessment Of Risks
16
Steps 1 through 4Identification Of Hazards, Threats,Top Event, Consequences And Assessment Of Risks to Determine Red and Yellow Risks
17
• BLUE AREAS of the RAM - Risks are assumed to be at ALARP, if the facility or business has a properly functioning HSSE MS
• YELLOW AREA of the RAM - Site discretion allowing for more qualitative analysis.
– Shell Engineering Standards or Practice, Industry or Government successful Practices (covering Threats to Consequence controls);
– Hazard Control Sheets, Model Bowties etc.
• RED AREA of the RAM – red risks must be analyzed by Bowtie analysis or equivalent (i.e. QRA)
See DS HSSE HEMP Application Procedure
Increasing Risk
Steps 1 through 4Identification Of Hazards, Threats,Top Event, Consequences And Assessment Of Risks to Determine Red and Yellow Risks
18
Step 4Documentation of Hazards and Risks
Output document: Hazard and Effects Register
RISK POTENTIAL Hazard No
Hazard
Location Threats Top Event Consequences P A E R
Control ReferenceALARP Doc.
Comments
1 Ethylene OTU4 OL6
External Corrosion
Internal Corrosion
Impact by traffic
Failure of flanged connections
Failure of seals
Loss of containment
Gas cloud Fire Vapour Cloud
Explosion
3B
4B
4B
4B 5B 5B
3B 3B 3B
3B 3B 3B
HSSE-MS – ER Procedure
, see Bowtie Below Bow Tie
Bow Tie
Include information on past incidents in this column that support risk assessment.
2 Personnelat
Heights
Site wide Not following Work
Procedures
Loss of Control(fall)
Fatality
4D 1C - 2C Bow Tie and Standard ALARP
3 Asbestos Adm. Building
PU3 Unit
Material not identified
Lack of Work
Procedures
Overexposure Illness – lung cancer
4C - - 2C Health Risk Assessment
; ALARP
1 2 2 3 3
4
A Responsible Manager is assigned for each of the Red or Yellow Hazards in the Hazard Register
19
Design Standards Emergency Response Plans
Blast Resistant ModulesAccess Control Antilock Braking System
Load Plan
Community Relations Planning
Step 5 Identification of Barriers Examples of Controls, Recovery Measures
• CONTROLS prevent the threat from releasing the hazard to cause the Top Event.
• RECOVERY MEASURES mitigate the Top Event or the worst credible consequences.
20
Step 5Identification of Barriers (the Control and Recovery Measures)
• CONTROLS prevent the threat from releasing the hazard to cause the Top Event.
• RECOVERY MEASURES mitigate the Top Event or the worst credible consequences.
THREAT
HAZARD
TOP EVENTTOP EVENT
CONSEQUENCE
RECOVERY
CONTROLS
21
Exercise1. Imagine you are the owner of the Nairobi Zoo, and you have the
opportunity to acquire a lion for your zoo.
2. Up until now you have only had sheep and rabbits in your zoo.
3. Identify the Hazard, Top event and Consequence, RAM your Consequence
4. What can go wrong and how can you prevent this from happening?
5. What happens if the Lion Gets out? What do you do?
22
Hazard Threat BarriersTop
EventRecoveryMeasures Consequences
Lion HumanError;
Improper design
etc.
Loss ofControl;
Lion Gets out
Zoo Emergency Response
Plan
Accident, Injuries,Fatalities
Lion at the Zoo
Materials
of Const.;
Zoo Keeper Rounds etc.
23
Documentation of Red Risks in a BOWTIE
Threat1
Threat2
Threat3
HAZARD
Consequence1
Consequence2
Consequence3
TopEvent
ControlsRecovery Measures
Step 5Identification of Barriers (the Control and Recovery Measures)
24
Documentation of Yellow Risks in a Hazard Control SheetHazard Sheet No. 4 Working at Height
HAZARD SHEET No : 4 Hazard Group: Fall fro m height Hazard Description : Personal injury as a
consequence of a fall from height Location : During work by staff or contractor or at customer location Assessment of hazard : Fall from height while working on asset or fall from height while delivering t o customer tank Threats:
Working on height for cleaning, painting or maintenance and delivery to customer tanks
Unsecured ladder
Control: Safety HSE Critical Activity/ Responsible Position
1.1 Control in design
Not to use ladders for work at height > 1.5 metres
Use of approv ed ladders Vehicles fitted with suitable ladders for delivery
needs Bottom loading at depots
Reseller manager and Contracts management
Resellers Resellers
Distribution Engineering
1.2 Control in operation Signs to be placed during work at height with
scaffolding Driver training Loading / delivery procedures Drivers instructed in safe use of ladders
Contracts Management Resellers Resellers Resellers
1.3 Control in Maintenance Use of approved contractors Use of inspected ladders Vehicle planned maintanance programme
Contracts Management Resellers Resellers
Recovery: Emergency response plans and training
Staff and contractor to use incident case
management Vehicles fitted with first aid kits
Bulk Fuels manager/CRT STL/Resellers
Resellers Resellers
ADDITIONAL RISK REDUCTION MEASURE FOR CONSIDERATION
IS THE MEASURE CREDIBLE /
PRACTICABLE? (Yes / No)
ARE DISPROPORTIONATE
RESOURCES REQUIRED TO IMPLEMENT?
(Yes / No) 1. All working at heights > 1.5 metres scaffolds or platforms to be used
Yes No
2. Review of contracts for HSSE content Yes No 3. Introduce Ladder checks Yes No 4. Proactively encourage customers to provide safe access to storage tanks
Yes No
5. Ban the use of portable ladders in the organisation
No Yes
Is the Risk ALARP? – Y/N
No
Comments: Based on the examples of addition control measures above items 1-4 are achievable and would represent ALARP once implemented. Item 5 is currently not practicable due to the widespread use of portable ladders during maintenance / delivery.
TEAM MEMBERS METHOD USED
Expertise Name x Experience/Judgment HSE: Cost-Benefit Engineering: Quant. Assessment Operations: Other Other:
Similar elements as documented in the bowtie… a paper bowtie!!
Step 5Identification of Barriers (the Control and Recovery Measures)
25
EXAMPLE: Follow the step by step approach of BowTie Analysis for “Falling From Height”
Output document: Bowtie or Hazard Control Sheet
BowTie Analysis for “Falling From Height”
• Maintenance and repair of instrumentation of an above ground vessel in a process area from a scaffold.
• While carrying out a similar activity last year, another company location experienced an incident where a scaffold partially collapsed causing the contractor to fall resulting in fatal injuries.
The Hazard Release Scenario
27
BowTie DEVELOPMENT –STEP BY STEP
Identify ThreatsHuman errorWindObstaclesSlippery surfaces Poor job design Etc.
Identify ConsequencesFatality RAM: P4C
Identify Top EventLoss of Control (Fall)
Identify HazardsPersonnel at height
Identify• Hazards
• Top Events
• Consequences
• Threats
• Controls
• Recovery Measures
• HSE Critical Activities
Evaluate and document
• The Validity and effectiveness of the
Barriers for each threat and consequence
(ALARP).
• List all actions in a Remedial Action Plan
that are required to achieve ALARP.
28
BowTie DEVELOPMENT –STEP BY STEP
Identify Controls in place
Design of Non-slip surfaces, railings and guards
Operation: Follow procedures for working at heights (e.g. non-slip boots, wearing fall protection, etc.)
Identify Recovery Measures in place
Design: Platforms at approved intervals and/or fall arrest
Operation: First Aid
System: Implement Emergency Response
Identify• Hazards
• Top Events
• Consequences
• Threats
• Controls
• Recovery Measures
• HSE Critical Activities
Evaluate and document
• The Validity and effectiveness of the
Barriers for each threat and consequence
(ALARP).
• List all actions in a Remedial Action Plan
that are required to achieve ALARP.
29
BowTie DEVELOPMENT –STEP BY STEP
Evaluate and document
Assess quality of controls and recovery measures
Assess overall level of Barriers - #, type, quality, confidence
Identify shortfalls of Barriers, assign teams to develop more barriers
Document and integrate Barriers and HSE Critical Activities to HSE mgmt system and business processes (I.e. MOC, Integrity management, HTA etc.)
Identify• Hazards
• Top Events
• Consequences
• Threats
• Controls
• Recovery Measures
• HSE Critical Activities
Evaluate and document
• The Validity and effectiveness of the
Barriers for each threat and consequence
(ALARP).
• List all actions in a Remedial Action Plan
that are required to achieve ALARP.
30
Personnel InjuryFatality
P4D
HeightPersonnel at
Height
Bad WeatherWind
Bad WeatherWind
Slippery Work
Surfaces
Slippery Work
Surfaces
Poor Work Platform
Poor Work Platform
Proper work Surfaces
Follow Permit requirements (tie -off, stop work in bad
weather)
Warning signs
Inspection
Design; Scaffolds
Work Planning process
Non -Slip Surfaces
Non -Slip Boots Design -
Platforms; Fall Arrest
equipFirst aid;
ERP
Work Planning process
Loss of
Control(Fall)
Example “Falling From Height”
Follow Permit
(tie -off, stop work in bad
weather)
requirements
31
Output document: Lists of HSSE Critical Equipment, Critical Activities, and Critical Processes in the BowTie
HSSE Critical Activities
HSSE Critical Equipment
HSSE Critical Processes
Threat1
Threat2
Threat3
HAZARD
Consequence1
Consequence2
Consequence3
TopEvent
ControlsRecovery Measures
Step 6Maintaining The Integrity Of Controls And Recovery Measures
Each Barrier (i.e. Control or Recovery Measure) must have at least one HSSE Critical Activity
32
Step 6Maintaining The Integrity Of Controls And Recovery Measures
Output document: Lists of Critical Equipment, Critical Activities, and Critical
Processes
HSSE Critical Activities ensure that Controls and Recovery Measures function properly to prevent the Top Event and the Consequences.
HSSE Critical Equipment must be maintained to ensure proper function.
HSSE Critical Activities are assigned to a responsible position!
33
HSSE CRITICAL PROCESSES Contain Critical Activities or Maintain Critical Equipment that are frequently identified during the Hazards Analysis process
A small number of HSSE Critical Processes effectively maintain a large number of HSSE Critical Activities and HSSE Critical Equipment
• HSSE Compliance Management
• GAME (EI, ME, ESP), DGAME, LGAME
• Management of Change (MOC)
• Permit to Work
• Emergency Management System
• PPE Management
• Contractor HSSE Management
• Security Management
• Document Management
• Competency Management
Step 6Maintaining The Integrity Of Controls And Recovery Measures
34
Step 7Determination of ALARP
Reducing risks to ALARP
• Reducing risks to a level at which the cost and effort (time and trouble) of further risk reduction are grossly disproportionate to the risk reduction achieved.
Testing tolerability
• Step 1 to 6 of the process are completed i.e barriers must be identified and assessed, with actions to address failed or missing barriers
• Meeting laws and regulations, company standards, and the HSE premises for new projects or modifications.
••
••
Risk CostALARP?
Risk Tolerability Criterion
Not tolerable ALARP Disproportionate
35
Step 7Demonstrating ALARP involves answering the following questions
1. Is there more that can be done to further reduce the risk?
2. Is what can be done to further reduce the risk, reasonably practical?
••
••
Risk CostALARP?
Risk Tolerability Criterion
Not tolerable ALARP Disproportionate
36
ALARP
Determination
And
Documentation
2) Apply current Shell Engineering (e.g. DEP, EGGS), Industry Standards and Regulatory Codes
YES
YES
NO
1) Eliminate or reduce the Hazard
a) Hazard Control Sheetsb) Hazard Bowties (model or specific)c) Residual Risk
(LOPA or QRA)
3) Apply Risk-Based
Approach
-
Can the Hazard be eliminated or reduced?
Is there an acceptable Standard?
NO
Step 7Demonstrating ALARP for DS – Decision Flow
37
Step 7Achieving ALARP: ‘When is enough, enough?’ • Eliminate or reduce the hazard
• Apply an existing standard or an industry work practice
• Risk based approach using an existing Model Bow Tie or Hazard Control Sheet
• Risk based approach creating a new Bow Tie
• Risk based approach creating a new Bow Tie with layers of Protection Analysis (LOPA) or an other analysis tool
• Document the ALARP determination
38
Step 7Achieving ALARP for Downstream RAM Ranking
Type of Assessment
Assessment Options ALARP Demonstration
Blues Qualitative Hierarchy of control HSSE MS
Yellow Qualitative Shell, Gov and Ind. StdsHierarchy of control
with Hazard Control Sheets
withMini BowTies if required
Apply Recognized Practice+
Consider further risk reduction measures
Document ALARP
Red Qualitative / Quantitative
Hierarchy of control with
Model Bow Ties or Process/activity specific
Bowtieswith LOPA/QRA with
Cost Benefit Analysis if required
Apply Recognized Practice+
Consider further risk reduction measures
Document ALARP
RAM Ranking
Type of Assessment
Assessment Options ALARP Demonstration
Blues Qualitative Hierarchy of control HSSE MS
Yellow Qualitative Shell, Gov and Ind. StdsHierarchy of control
with Hazard Control Sheets
withMini BowTies if required
Apply Recognized Practice+
Consider further risk reduction measures
Document ALARP
Red Qualitative / Quantitative
Hierarchy of control with
Model Bow Ties or Process/activity specific
Bowtieswith LOPA/QRA with
Cost Benefit Analysis if required
Apply Recognized Practice+
Consider further risk reduction measures
Document ALARP
RAM Ranking
RAM Ranking
RAM Ranking
Type of Assessment
Type of Assessment
Type of Assessment
Assessment OptionsAssessment OptionsAssessment Options ALARP DemonstrationALARP DemonstrationALARP Demonstration
BluesBluesBlues QualitativeQualitative Hierarchy of controlHierarchy of control HSSE MSHSSE MS
YellowYellowYellow QualitativeQualitative Shell, Gov and Ind. StdsHierarchy of control
with Hazard Control Sheets
withMini BowTies if required
Shell, Gov and Ind. StdsHierarchy of control
with Hazard Control Sheets
withMini BowTies if required
Apply Recognized Practice+
Consider further risk reduction measures
Document ALARP
Apply Recognized Practice+
Consider further risk reduction measures
Document ALARP
RedRedRed Qualitative / QuantitativeQualitative / Quantitative
Hierarchy of control with
Model Bow Ties or Process/activity specific
Bowtieswith LOPA/QRA with
Cost Benefit Analysis if required
Hierarchy of control with
Model Bow Ties or Process/activity specific
Bowtieswith LOPA/QRA with
Cost Benefit Analysis if required
39
Bowtie or Hazard Control SheetLists of Critical Equipment, Critical Activities, and Critical Processes
Output Documents
Business or Site Remedial Action Plan with actions and resources to fix missing or broken barriers
Hazard and Effects Register
Handshake 1
Handshake 3
Handshake 2
Downstream HEMP ProcedureManagement Handshakes
Step 1 to 4 Hazard identification & risk assessment
Step 5 – Hazard Analysis
Step 6 & 7 Critical Activities, ALARP and Remedial Actions
Approve & Accept Hazards & Risk Rank
Approve & Accept Barriers to Manage Risk to ALARP
Approve & Accept Responsibility for Installing Missing or Failed Barriers
• HEMP Updates• Initial study
(creation)• New Hazard• 5 year review
40
BTP 1.1 Implementation Expectations for Your CoB HSSE Staff
• Engage and Train CoB leaders and Staff
• Assess and close gaps to New DS HEMP procedure and Guidance
• Engage and work with DS HEMP Expertise Center (HEC) to develop tools and solutions to close CoB specific HEMP gaps
• Support HEMP Practitioners
• Support other BTP 1.1 project initiatives, e.g. model bow tie, common hazard list
• Complete 2008-09 Milestones for BTP 1.1
HSE
Man
ager
CoB
HEM
P Fo
cal P
oint
CoB
HEM
P pr
actit
ione
rs
41
• CoB Leaders Engagement Training Q3 2008 to Q1 2009
• HEMP Skills Training for key CoB HSSE Staff Q2 2008 to Q2 2009
• CoB Specific Implementation Plan Developed Q4 2008
• CoB Specific Gap Assessment to DS HEMP Procedure and HSE Control Framework Risk Documents Q1 2009 to Q2 2009
• Closing the Gaps to the HSSE Control Framework “Managing Risk” manual and the DS HEMP Procedure Q2 2009 to Q4 2012
BTP 1.1 Implementation Milestones and Timetable
42
Next Steps… Implementation!!West Africa Implementation
• HEMP Practitioners accredited for each OU (Training completed early August)
• Appoint Focal-Point per Region (Moustapha Seye for West Africa)
• Run training workshops for HEMP Team. Timing: Sept/Oct.
• In liaison with Team, revise and update OU Hazard Register (and obtain S&O Mgr approval): Handshake #1. Timing: Oct/Nov.
• Identify Yellow/Red Hazards and allocate to specific Mgrs. Timing:Oct/Nov.
• In conjunction with Team above, carry out further analysis of Yellow/Red Hazards and demonstrate ALARP: Handshake #2 for CoBs Timing: Dec – Feb09
• Using same Team, identify CEB, CHB, Critical Activities, link to competency, develop RAP and obtain approval of responsible line mgr: Handshake #3 Timing:Jan - Apr
• As part of above, implement Depot HSE Case. Timing: Oct08 – Jun09.
• Roll-out Depot HSE Case and its demonstration. Timing:Mar – Aug 2009.
43
Ending this session you as a leader should:
• Understand the Case for Change (Journey from A to B)
• Understand your role and responsibility in the HSSE Risk Management process
• Have clear understanding of how Hazards and Effects Management (HEMP) fits into the Shell HSSE Control Framework
• Understand the 7 Practical Steps for completing a HEMP review
• Understand the need for Leaders to be mindful of Business Risks including HSSE, as outlined in the new Shell HSSE Control Framework Manual “Management and Leadership”
• Have enough knowledge to discuss HEMP and ask the right questions
44
A final question
• What will be your first practical step in the journey from A to B?
45
The End
46
Additional Background Information for use as required
47
Exercise : Exercise : The Angry BullThe Angry Bull
Exercise : Exercise : The Angry BullThe Angry Bull
x
x
xx
x xxx
x
x
x
x
x
xx
x
xx
xx
x
x
x
x
xx
x
49
Glossary of HEMP Terms
• Hazard
• Threat
• Top Event
• Consequence
• Likelihood
• Risk
• Tolerable
• ALARP
• Hazard and Effects Register
• Bowtie
• Hazard or Activity Control Sheet
• Business or Site Remedial Action Plan
Know the terms to ask the right questions!
• Barrier
• Control
• Recovery Measure
• Escalation Factor
• Escalation Factor Control
• HSSE Critical Equipment
• HSSE Critical Activity
• HSSE Critical Process
50
Glossary of HEMP Terms (1)
• Hazard - The potential to cause harm, including ill health and injury, damage to property, products, production losses or increased liabilities, the environment or reputation.
• Threat - Threats are the ways in which a hazard can be released to cause an incident, e.g. corrosion, operator error, exposure to health hazards, etc.
• Top Event – The way in which a hazard can be ‘released’ to do harm is via a ‘top event’.
• Consequence – Consequences are the final results of hazards being released, but not being controlled.
• Likelihood - Estimated on the basis of experience and or evidence that a certain outcome has previously occurred
• Risk - A term, which combines the chance that a specified undesired event will occur and the severity of the consequences of the event
51
Glossary of HEMP Terms (2)
• Tolerable - Expresses the level of risk deemed tolerable for a given period or phase of activities. May be expressed qualitatively or represented quantitatively..
• ALARP - Once tolerability criteria is met, to reduce a risk to a level that is as low as reasonably practicable involves balancing reduction in risk against the time, trouble, difficulty and cost of achieving it. Reducing Risks to ALARP means reducing them to a level at which the cost and effort (time and trouble) of further risk reduction are grossly disproportionate to the risk reduction achieved.
• Business or Site Remedial Action Plan – Prioritised plan to close the gaps (e.g., missing barriers) to achieve ALARP.
52
Glossary of HEMP Terms (3)
• Barrier - Barriers can be either hardware barriers that are implemented via design, or administrative (procedural and/or human system) barriers that are part of the HSSE-MS of the unit or the site. All barriers have the role of risk reduction. The name “barrier” is used as a common name for control and/or recovery measure and/or escalation factor control.
• Control – All barriers in the main line of the bowtie on the left hand side, i.e. from the Threats to the Top Event, to reduce the risk that the threat will release the hazard.
• Recovery Measures - All barriers in the main line of the bowtie on the right hand side, i.e. from the Top Event to the Consequences, to reduce the risk that the release leads to the consequences, or in other words – to mitigate the consequences.
53
Glossary of HEMP Terms (4)• Escalation Factors - Escalation Factors may render
a Control or Recovery Measure useless
• Escalation Factor Controls - Escalation Factor Controls reduce the risk that the escalation factors affect the effectiveness of the Controls or Recovery Measures.
• Critical Equipment is equipment that is necessary for the effectiveness of a barrier (i.e. trip systems, relief valves etc.)
• Critical Activities - Critical Activities maintain the validity of a Barrier (sometimes referred to as “HSSE” Critical Activities or Tasks). It is important that the activities be documented at a level where accountability for the activity can be realistically placed with a single individual.
• Critical Activities may belongs to one of the HSSE Critical Processes. (e.g. MOC, Competency, ERP, Technical Integrity)
54
Glossary of HEMP Terms (5)• Hazard and Effects Register - A Hazard management
communication document that demonstrates that Hazards have been identified, risks assessed, are being properly controlled and that recovery measures are in place in the event control is ever lost.
• Bowtie – Pictorial representation of how a Hazard can be hypothetically released and further developed into a number of consequences. The left hand side of the diagram is constructed from the threats associated with the Hazard, the controls associated with each threat and any factors that escalate likelihood. The right hand side of the diagram is constructed from the consequence analysis and involves escalation factors and recovery measures.
• Hazard Control Sheet - A sheet used to document the outputs of a specific hazard controls and recovery analysis resulting in the detailed list of control and recovery barriers that need to be in place to manage the risk of release of the hazard to ALARP.
55
Process Safety and HEMP: Indicators
• From Lagging to Leading indicators
– All Threat and consequence barriers failed:
• RAM3/4+ ( and spills, non compliances/ complaints etc.)
• API
– All threat barriers failed
• LOPC (Loss of Primary Containment)
– Not all threat barriers failed
• Failed Barriers
– The integrity of certain barriers is reduced
• Overdues and non compliances with critical processes
• Near Miss reporting / Safety observations
in the field
API
RAM3/ 4
RAM5
LOPC
Failed barriers
Compliance w ith HSE Critical Processes
Chronic unease
Recommended Business or Site Specific Dashboard Items
Missing barriers
Maintainbarriers
Small Deviations
56
HEMP : HSSE Critical Business Processes Remaining Critical Processes:
• Document Mgt (Incl Procedures)
• Emergency Mgt
• HSSE Compliance Mgt
• Contractor HSE Mgt
• PPE Mgt
• Security Mgt
• Competency Mgt (HSSE Level 2)
HSSE Critical process are those processes that contain critical activities that are frequently identified during the Hazards Analysis process. Key Attributes:
• Have a Site Process Owner (* SPO for MOC and GAME modules - a member of the site leadership team
• Have focused audits/ reviews of one or more (existing) KPIs of the process - these are leading indicators for process safety
• Is described as a work process - normally a collection of procedures, work plans, data collection, tools, etc.
“Keep it in the Pipes” – Our AI/ PS Focus :
• MOC*
• Linkage to GAME-EI, RCM, IPF, ME*, DGAME, LGAME etc. (Mechanical integrity)
• Linkage to GAME-ESP*
• Competency Mgt (HSSE Level 1)
• Permit to work PTW (Process Isolation)
57
Activity 1a Understanding the Case for Change (slide 4)
Answer this question: ‘Why do major incidents continue to happen?’
• Discuss in pairs.
• Write down each reason (max 4) on a post-it .
• Match with the cases for change below by sticking post-its on a poster with the following points:
1. HEMP not understood2. HEMP not implemented sufficiently3. No formal HEMP training4. Focus on the process (check box)5. Lack of consistency and alignment in auditing programs6. Other
The goal of this activity is to enforce the idea that improving implementation of HEMP will make a change. Believing a better system would have made the difference.
58
Activity 1b Understanding the Case for Change (slide 10)
Continue activity 1: only do this activity if there were post-its in the ‘other’ category
Answer the question:
Are there any ‘other reasons’ which couldn’t be placed behind one of the ‘case for change’ bullets, that can be linked to one of the steps in the HEMP procedure?
– Was the hazard, threat, top event, consequence, barrier identified?
– Was the barrier maintained?
The goal of this activity is to connect more of the posted reasons (reasons that participants gave for the disasters) to things that can be identified in HEMP.
59
Activity 2Blue, yellow and red risks (slide 15)
Answer the question: ‘What would be a blue risk, a yellow risk and a red risk.’
• Each participant thinks of an example individually.
• The facilitator will asks the group for two or three examples within each ‘color’. He will write the examples (in the right cell) on the Risks poster.
• The facilitator will then discusses the implications (next slide).
The examples on the risk poster are used later when discussion ALARP
The goal of this activity is to link risks with the risks the participants encounter in the workplace.
60
Activity 3 Demonstration ALARP (slide 32)
• The facilitator will pick an example from the poster: ‘what three things can be done to further reduce the risk?’
• Discuss this questions in pairs.
• The facilitator will ask the group to give an example what would be reasonable and what won’t.
What risk would not be tolerable? What risk is? Point out in ‘Risk’ poster (with examples from participants).
61
Activity 4 Discussion (slide 39)
Time for questions and group discussion.
The goal of this activity is discuss or answer questions you or fellow participants have, focusing on the main learning goals of this course.
62
Activity 5 First step from A to B (slide 40)
Answer this question: What will be your first practical step in the journey from A to B?
• The practical step may be large or small.
• Think about this a minute.
• The session will end by letting each participant share their answer. By doing this, you should end the session with a whole list of actions that can be taken to achieve the goal.
The goal of this activity is to link what you have learned with the workplace. Translate what you have learned into something you can do ‘tomorrow’.
63
Cases for change poster
1. HEMP not understood
2. HEMP not implemented sufficiently
3. No formal HEMP training
4. Focus on the process (check box)
5. Lack of consistency and alignment in auditing programs
6. Other
64
Risks poster