Free Resources

Refinery at Night

Invaluable free resource documents regarding best practices in process safety management (PSM), process safety engineering (PSE), process hazard analysis (PHA), hazard and operability study (HAZOP), layer of protection analysis (LOPA), incident investigation (II), root cause analysis (RCA), safety instrument system (SIS), safety integrity level (SIL), and safety instrument function (SIF). With compliments from the process safety management experts at Process Improvement Institute!

(Simply select the category line of interest to see the document titles relative to that discipline along with a short description, and then select a document title to view the complete document.)

Process Safety Management and Process Safety Engineering

Process Safety Culture – Making This Real (PDF; 482 KB)  Process Safety Culture (PSC) has received considerable attention recently.  "Culture" is a very complex concept and can be very difficult to measure, influence, and manage. However, it is possible to identify, measure, analyze, and improve certain activities and characteristics that are recognized as key components of a positive PSC. This paper shows what Contra Costa County (one regulator) is doing to encourage establishment and measurement of process safety culture.  It also shows that tangible, real activities within a site are what make safety culture a reality.

Process Safety Competency (PDF; 1 MB)  Successful Process Safety requires the utilization, involvement, and full support of nearly ALL staff at a site. Success also demands that a substantial portion of staff be competent and capable of contributing to process safety programs. This paper describes the basics of building competencies in each aspect of process safety, including those tasks that require expert levels of competencies. It also describes different companies' safety competency progression plans and the typical requirements to reach each new level.

Human Factors Missing from PSM (PDF; 816 KB)  Management systems for optimizing Human Factors to control human error rates must be developed by an organization involved in implementing Process Safety Management (PSM). This paper presents an overview of Human Factor fundamentals, discusses why many PSM systems are weak on human factors, and outlines a comprehensive process safety element on Human Factors. It describes what belongs in each category within the Human Factors element and explains the intent, content, and benefit of each category.

The Cost & Benefits of Process Safety Management (PDF; 400 KB)  Since 1986, state and federal regulators have been mandating implementation of Process Safety Management (PSM) programs at workplaces that handle hazardous chemicals, including explosives, toxics, and flammables. This paper presents the actual costs that some companies have expended and provides estimates of future costs to comply with either self-imposed standards or government regulations related to PSM. Also discussed are the types of benefits and, where possible, the actual benefits that have been achieved by implementing PSM programs.

Risk Tutorial – Playing the Killer Slot Machine (Adobe PDF; 133KB)  This paper explores how the acceptability of risk changes under a variety of circumstances. It also explores how these same principles apply to hazard analysis teams that are judging the acceptability of engineered and administrative controls, and whether or not to generate recommendations.

Process Hazard Analysis (PHA), including HAZOP

Identify SIF and Specify Necessary SIL, and other IPLs, as part of PHA/HAZOP (PDF; 1.5 MB) NEW-2016  Identifying Safety Instrumented Functions (SIFs) and other Independent Protection Layers (IPLs) is important for any organization. These can be identified in a simplified risk assessment such as a Layer of Protection Analysis (LOPA). But, these also can be identified with relative ease in a purely qualitative setting of a Process Hazard Analysis (PHA) using hazard and operability analysis (HAZOP) or other PHA methods. This paper shows how to apply the qualitative definition of IPLs within the setting of a process hazard analysis (PHA) to get most of the gain from LOPA without doing a LOPA (i.e., without using numerical values).

Necessity of PHA of Non-Normal Modes of Operation (PDF; 1.2 MB) NEW-2016  Most Process Hazard Analyses (PHAs) do not thoroughly analyze the errors that can occur during startup, shutdown, and other non-routine (non-normal) modes of operations, despite the fact that about 70% of major accidents occur during non-routine operations. This paper explains the business case for doing PHAs of procedure steps for non-routine modes of operation, while also describing the growing regulatory pressure from US OSHA and others. The reader will be able to use the results of this paper to estimate the number of accident scenarios they may be missing and to estimate the time it would take to complete an efficient and thorough PHA of the non-routine modes of operation.

Implementation of Process Hazard Analysis as SSTPC (PDF; 691 KB)  This paper provides insights into the challenges faced while implementing process hazard analysis at SINOPEC – SABIC TIANJIN PETROCHEMICAL COMPANY (SS-TPC) and shares lessons learned on how to get best practices implemented in such joint ventures and across very diverse cultures.

Process Safety Competency (PDF; 1 MB)  Successful Process Safety requires the utilization, involvement, and full support of nearly ALL staff at a site. Success also demands that a substantial portion of staff be competent and capable of contributing to process safety programs. This paper describes the basics of building competencies in each aspect of process safety, including those tasks that require expert levels of competencies. It also describes different companies' safety competency progression plans and the typical requirements to reach each new level.

PHA of non-Continuous Operating Modes (PDF; 816 KB)  Most Process Hazard Analyses (PHAs) do not thoroughly analyze the errors that can occur during startup, shutdown, and other non-routine (non-normal) modes of operations, despite the fact that about 70% of major accidents occur during non-routine operations. This paper shows practical ways to efficiently and thoroughly analyze the step- by-step procedures that are used to control non-routine operating modes, as well as those for batch and between batch operations. The reader will be able to use the results of this paper to estimate the number of accident scenarios they may be missing and to estimate the time it would take to complete an efficient and thorough PHA of the non-routine modes of operation.

Optimizing PHAs/HAZOPs while Maximizing Brainstorming (PDF; 190 KB)  Process Hazard Analysis (PHA) optimization is executing the PHA analysis with practices that are thorough and efficient. Success is dependent on: 1) strong PHA Team Leadership, 2) complete and thorough PHA management practices, and 3) the strength of other process safety management (PSM) practices. This paper presents PHA team leadership techniques and rules, discusses content of PHA management practice, policy, and procedures, and explains the relationship of PHAs with some other PSM elements where if those elements are weak, can impact the quality of the PHA and increase the PHA meeting or documentation time. This paper shares secrets that will speed up your hazard evaluations without sacrificing thoroughness or brainstorming.

Controlling Risk During Major Capital Projects (PDF; 443 KB)  This paper describes the best practices for scheduling and performing Process Hazard Analyses (PHAs) during various key phases of major projects. The paper outlines the scope and content of each project phase hazard review and what the outcomes should be. The reader will first be given the basics, and then provided best practices and examples from various companies. An outline is provided of how information related to process safety should be developed during, and then delivered from, a major project.

Addressing Human Factors During PHAs (PDF; 125 KB)  Recent accidents and new regulations underscore the need for companies to identify potential human errors and to reduce the frequency and consequences of such errors as part of an overall Process Safety Management (PSM) program. This paper describes an approach for integrating human factors considerations into Process Hazard Analyses (PHAs) of process designs, operating procedures, and management systems. Critical issues related to human factors can be identified and addressed in different phases of a hazard evaluation. Case studies illustrating the effectiveness of this strategy are provided.

Selection of Hazard Evaluation Techniques (PDF; 265 KB)  A successful hazard evaluation can be defined as one in which (1) the need for risk information has been met, (2) the results are of high quality and are easy for decision makers to use, and (3) the study has been performed with the minimum resources needed to get the job done. Obviously, the technique selected has a great bearing on each hazard evaluation’s success. A variety of flexible hazard evaluation techniques is presented in this paper, and each of them has been applied in the chemical process industry and is appropriate for use in a wide variety of situations.

Incident Investigation & Root Cause Analysis, including for Near Misses (Close Calls)

Process Safety Competency (PDF; 1 MB)  Successful Process Safety requires the utilization, involvement, and full support of nearly ALL staff at a site. Success also demands that a substantial portion of staff be competent and capable of contributing to process safety programs, including Incident Investigation and Root Cause Analysis. This paper describes the basics of building competencies in each aspect of process safety, including those tasks that require expert levels of competencies. It also describes different companies' safety competency progression plans and the typical requirements to reach each new level.

Proven Approach to Investigating Near Misses (PDF; 939 KB)  Near miss reporting is one tool that process industries use to improve process safety performance. However, getting near misses reported is a major hurdle for most companies because workers and management fear the investigation system (and themselves) may potentially become overload. This paper explains approaches to manage efficiency and effectiveness in near miss investigations that have been successful in handling near miss reporting within both large and small companies.  In addition, these approaches help to ensure high value from the investment of reporting and analysis. (This paper builds on the updated paper presented in 2012 at GCPS on "Gains from Getting Near Misses Reported.”)

Gains From Getting Near Misses Reported (PDF; 437 KB)  Data indicates that there are probably about 100 Near Misses for every accident. Understandably, learning from near misses is much, much cheaper than learning from accidents. Yet many companies get less than one near miss reported for each accident. This paper describes in detail barriers to getting near misses reported and solutions for each of these barriers.  It also shares how companies have increased the reporting ratio (number of near misses reported to accidents reported) to as high as 105:1 (whereas typical reporting ratios are 0-20:1).

Exxon’s Worldwide Incident Investigation Training (PDF; 172 KB)  Exxon Company, International (ECI) identified the need to have a common methodology and structured tools for incident investigations (including root cause analysis) across all of it's affiliates. Exxon Production Research (EPR), on behalf of ECI, conducted a survey of various available incident investigation techniques and training programs. The techniques chosen were causal factors charting and the Root Cause MapTM (similar to the current version of the Root Cause ChartTM, which is from PII) from JBF Associates (JBFA). A two-day Exxon training program was developed that addressed the entire process of incident investigation. This paper discusses the background for developing the training, the content of the training and the results of the training.

Layer of Protection Analysis (LOPA)

Identify SIF and Specify Necessary SIL, and other IPLs, as part of PHA/HAZOP (PDF; 1.5 MB) NEW-2016  Identifying Safety Instrumented Functions (SIFs) and other Independent Protection Layers (IPLs) is important for any organization. These can be identified in a simplified risk assessment such as a Layer of Protection Analysis (LOPA). But, these also can be identified with relative ease in a purely qualitative setting of a Process Hazard Analysis (PHA) using hazard and operability analysis (HAZOP) or other PHA methods. This paper shows how to apply the qualitative definition of IPLs within the setting of a process hazard analysis (PHA) to get most of the gain from LOPA without doing a LOPA (i.e., without using numerical values).

More Issues with LOPA – From the Originators (PDF; 826 KB)  Layer of protection analysis (LOPA) has now been around for more 20 years (and in general use for 15 years), with the initial textbook being officially published in 2001. This paper shares observations and lessons learned from two originators of LOPA and provides further guidance on how to and how Not to use LOPA. The paper provides specific examples of best practices, some of which are not covered well enough in or are omitted from the textbooks on the topic.

Lesson from Applying LOPA throughout the Process LifeCycle (PDF; 840 KB)  Layer of protection analysis (LOPA) has been implemented throughout major capital projects, on existing facility PHAs, and in PHA revalidations and management of change risk reviews. This paper discusses lessons learned for implementing LOPA in each phase of a process lifecycle and outlines some of the ways to optimize the use of LOPA. The paper describes how implementation of standards for IPLs and initiating event maintenance is necessary in each company. The paper also covers consolidation of SIL evaluation into the related PHA and LOPA at each life cycle phase. Special emphasis is given to optimizing the application of LOPA and SIL evaluation through the various phases of a major capital project.

Impact of Human Error on LOPA (PDF; 1.9 MB)  Identifying and sustaining independent protection layers (IPLs) is the heart of LOPA. And all initiating events (IEs) and independent protection layers (IPLs) are inherently tied to Human Error. This paper explains the relationship between human factors and the resultant IE frequency and Probability of Failure on Demand (PFD), and provides an overview of how to validate these risk reduction values at a site. The paper also covers the more involved topic of dependent human errors in IPLs, such as high integrity SIS and other high reliability IPLs such as relief systems. Actual examples are provided to illustrate key learnings.

LOPA and Human Reliability – Human Errors and Human IPLs (Updated) (PDF; 943 KB)  Estimating the likelihood of human error and measuring the human error rate at a site are troublesome tasks within the framework of a Layer of Protection Analysis (LOPA). For this reason, some companies do not give credit for a human Independent Protection Layer (IPL). This paper (based on a similar paper from 2010) discusses the data needed for adequately counting the human in a LOPA (and other risk assessments), and includes discussion of the theory of human factors. Actual plant data and tests are included in the paper to provide the reader with some examples of how a simple data collection and validation method can be set up within their companies. This paper also provides an overview of an alternative method for estimating the Probability of Failure on Demand (PFD) of a Human IPL, based on plant and scenario specific factors (such as stress factors, complexity, and communication factors).

LOPA and Human Factors 1 (PDF; 280 KB)  Estimating the likelihood of human error and measuring the human error rate at a site are troublesome tasks within the framework of a Layer of Protection Analysis (LOPA). For this reason, some companies do not give credit for a human Independent Protection Layer (IPL). This paper discusses the data needed for adequately counting the human in a LOPA (and other risk assessments), and includes discussion of the theory of human factors. Actual plant data and tests are included in the paper to provide the reader with some examples of how a simple data collection and validation method can be set up within their companies.

Issues with LOPA – Perspectives from one of the Originators of LOPA (PDF; 246 KB)  This paper focuses on problems observed with LOPA during the first 8-years of broad use. These problems include using LOPA without following the rules of LOPA; overuse of LOPA; overwork of LOPA when it is used; using LOPA in PHA team settings; and improper match of an IPL to a consequence (due to a weak definition of the consequence being avoided). This paper also summarizes the many benefits LOPA has produced for the industry.

LOPA Articles (PDF; 690KB)  The first article "Layer of Protection Analysis: A New PHA Tool After HAZOP, Before Fault Tree Analysis" introduces LOPA as a new Process Hazard Analysis (PHA) tool. LOPA uses the data developed in the HAZard and OPerability analysis (HAZOP) along with suggested screening values to account for the risk reduction of each safeguard. The mitigated risk for an impact event can then be compared with the corporation's criteria for unacceptable risk to determine whether additional safeguards or independent protection layers need to be added. The paper provides examples to illustrate the LOPA process.

The second article "Risk Acceptance Criteria and Risk Judgment Tools (now called Layer of Protection Analysis [LOPA]) Applied Worldwide within a Chemical Company" describes the process one chemical company used to provide a standard for evaluating risk of potential accident scenarios. This paper presents the evolution of the risk tolerance and risk judgment approach used by the company. Although other companies may follow a different path to achieve the same goals, there are valuable lessons to be learned from this company's particular experiences.

Safety Instrumented System (SIS), including Safety Instrument Function (SIF) and Safety Integrity Level (SIL)

Identify SIF and Specify Necessary SIL, and other IPLs, as part of PHA/HAZOP (PDF; 1.5 MB) NEW-2016  Identifying Safety Instrumented Functions (SIFs) and other Independent Protection Layers (IPLs) is important for any organization. These can be identified in a simplified risk assessment such as a Layer of Protection Analysis (LOPA). But, these also can be identified with relative ease in a purely qualitative setting of a Process Hazard Analysis (PHA) using hazard and operability analysis (HAZOP) or other PHA methods. This paper shows how to apply the qualitative definition of IPLs within the setting of a process hazard analysis (PHA) to get most of the gain from LOPA without doing a LOPA (i.e., without using numerical values).

Accounting for Human Error Probability in SIL Verification Calculations (PDF; 465 KB)  This paper shows that human error during testing, maintenance, and restoration of a Safety Instrumented Function (SIF) can potentially dominate it's Probability of Failure on Demand (PFD) value, calling into question whether the required risk reduction is indeed being met. Example methods for estimating the contribution of human error probability for SIL Verification calculations are provided, as well as some proven approaches for controlling human factors that affect the base error rate (for a given mode of operation). It also discusses ways to prevent or else detect and recover from errors made in redundant channels (such as used in 1oo2, 1oo3, or 2oo3 voting).

LOPA and Human Factors 1 (PDF; 280 KB)  Estimating the likelihood of human error and measuring the human error rate at a site are troublesome tasks within the framework of a Layer of Protection Analysis (LOPA). For this reason, some companies do not give credit for a human Independent Protection Layer (IPL). This paper discusses the data needed for adequately counting the human in a LOPA (and other risk assessments), and includes discussion of the theory of human factors. Actual plant data and tests are included in the paper to provide the reader with some examples of how a simple data collection and validation method can be set up within their companies.

Operating Procedures and Documentation

Best Practices for Writing Operating Procedures and Trouble-Shooting Guides (PDF; 1.3 MB) NEW-2016  Operating procedures (and Trouble-Shooting Guides) have always been crucial to the safety, quality, and productivity of process systems. And with the advent of new safety and quality standards (e.g., OSHA's PSM and PPE regulations,EPA's RMP regulation, and the ISO 9000 quality standard) many companies are facing the daunting task of developing or upgrading their procedures to satisfy varied and sometimes complex or conflicting requirements. This paper presents the proven, best approach for developing accurate operating procedures and for ensuring the format of the pages and steps are optimized to reduce human error rates.

Writing Effective Operating Procedures (PDF; 3 MB)  Part I of this articles provides a summary of generally accepted procedure-writing guidelines, based on decades of experience in writing operating and maintenance procedures, and many years of human factors analysis. It also includes steps that a company/writer can take to safeguard against written procedures not being followed. Part II offers strategies for developing an operating manual that will comply with regulatory requirements (particularly OSHA's PSM requirements) for processes containing highly hazardous chemicals. This part also tells how to comply with other regulatory requirements, including developing procedures for all phases of operations, addressing safety and health considerations, and describing safety systems and their functions.

Human Factors

Human Factors and their Optimization (PDF; 797 KB)  Weak control of Human Factors leads directly to error. Not only do humans cause accidents (unintentionally) by making errors directly related to the process itself, but they also cause errors by creating deficiencies in the design and implementation of management systems. Human error is also the cause of failure of each layer of protection. This paper discusses each of the 10 primary human factors and describes what we know about their relative importance in accident causation. It also details proven ways to optimize these human factors so that the base human error rate at a site is as low as possible.

Human Factors Missing from PSM (PDF; 816 KB)  Management systems for optimizing Human Factors to control human error rates must be developed by an organization involved in implementing Process Safety Management (PSM). This paper presents an overview of Human Factor fundamentals, discusses why many PSM systems are weak on human factors, and outlines a comprehensive process safety element on Human Factors. It describes what belongs in each category within the Human Factors element and explains the intent, content, and benefit of each category.

LOPA and Human Factors 1 (PDF; 280 KB)  Estimating the likelihood of human error and measuring the human error rate at a site are troublesome tasks within the framework of a Layer of Protection Analysis (LOPA). For this reason, some companies do not give credit for a human Independent Protection Layer (IPL). This paper discusses the data needed for adequately counting the human in a LOPA (and other risk assessments), and includes discussion of the theory of human factors. Actual plant data and tests are included in the paper to provide the reader with some examples of how a simple data collection and validation method can be set up within their companies.

Addressing Human Factors During PHAs (PDF; 125 KB)  Recent accidents and new regulations underscore the need for companies to identify potential human errors and to reduce the frequency and consequences of such errors as part of an overall Process Safety Management (PSM) program. This paper describes an approach for integrating human factors considerations into Process Hazard Analyses (PHAs) of process designs, operating procedures, and management systems. Critical issues related to human factors can be identified and addressed in different phases of a hazard evaluation. Case studies illustrating the effectiveness of this strategy are provided.

Impact of Human Error on LOPA (PDF; 1.9 MB)  Identifying and sustaining independent protection layers (IPLs) is the heart of LOPA. And all initiating events (IEs) and independent protection layers (IPLs) are inherently tied to Human Error. This paper explains the relationship between human factors and the resultant IE frequency and Probability of Failure on Demand (PFD), and provides an overview of how to validate these risk reduction values at a site. The paper also covers the more involved topic of dependent human errors in IPLs, such as high integrity SIS and other high reliability IPLs such as relief systems. Actual examples are provided to illustrate key learnings.

LOPA and Human Reliability – Human Errors and Human IPLs (Updated) (PDF; 943 KB)

Estimating the likelihood of human error and measuring the human error rate at a site are troublesome tasks within the framework of a Layer of Protection Analysis (LOPA). For this reason, some companies do not give credit for a human Independent Protection Layer (IPL). This paper (based on a similar paper from 2010) discusses the data needed for adequately counting the human in a LOPA (and other risk assessments), and includes discussion of the theory of human factors. Actual plant data and tests are included in the paper to provide the reader with some examples of how a simple data collection and validation method can be set up within their companies. This paper also provides an overview of an alternative method for estimating the Probability of Failure on Demand (PFD) of a Human IPL, based on plant and scenario specific factors (such as stress factors, complexity, and communication factors).

Accounting for Human Error Probability in SIL Verification Calculations (PDF; 465 KB)  This paper shows that human error during testing, maintenance, and restoration of a Safety Instrumented Function (SIF) can potentially dominate it's Probability of Failure on Demand (PFD) value, calling into question whether the required risk reduction is indeed being met. Example methods for estimating the contribution of human error probability for SIL Verification calculations are provided, as well as some proven approaches for controlling human factors that affect the base error rate (for a given mode of operation). It also discusses ways to prevent or else detect and recover from errors made in redundant channels (such as used in 1oo2, 1oo3, or 2oo3 voting).