Comments: No Comments
Final Rule: Walking-Working Surfaces
OSHA has issued a final rule updating its general industry Walking-Working Surfaces standard to protect workers from slip, trip, and fall hazards. The rule also increases consistency in safety and health standards for people working in both general and construction industries.
The final rule’s most significant update is allowing employers to select the fall protection system that works best for them, choosing from a range of accepted options including personal fall protection systems.
OSHA estimates the final rule will prevent more than 5,800 injuries a year. The rule takes effect Jan. 17, 2017.
Read the full press release.
Comments: No Comments
FSMA Preventive Controls Guidance: Small Business
The U.S. Food and Drug Administration (FDA) has issued two Food Safety Modernization Act (FSMA) small entity compliance guidance documents to assist small and very small businesses with the implementation of the Preventive Controls for Human Food and Preventive Controls for Animal Food rules.
The guidance outlines who must comply with the rule, who is exempt from parts of the rules or subject to modified requirements, and outlines key information for qualified facilities (i.e., small businesses).
The guidance documents are two of dozens of guidance documents the FDA intends to release as it continues with the implementation of FSMA. The Agency released guidance for both the human and animal food rules in August 2016.
Comments: No Comments
Ten Actions to Support FSMA Compliance
In theory, compliance with the Food Safety Modernization Act (FSMA) is simple. In reality, however, the rules are complex—even convoluted, some may say—guidance is currently limited, and rule interpretations differ, sometimes vastly.
Regardless of those complications, there are a number of actions any company in a food-related industry can take to support FSMA compliance efforts. While this list doesn’t get to the granular level of detail needed to comply with all of the individual rules and requirements, it does provide a high-level overview to get companies started down the right path to compliance.
- Verify that employees know and understand your company’s food safety and FDA/FSMA requirements. Which rules are applicable? What is required to comply? What are the job requirements?
- Ensure that building, premises, and processes meet existing physical condition and defense requirements.
- Ensure that everything from food safety training to operational documentation is current, complete, and detailed. Everything must be documented and verified to demonstrate compliance.
- Assess your written Food Safety Plan(s) and look for “gaps” in areas, including food safety policies, preventive controls, allergen management, and cGMPs.
- Confirm your company’s policies are visible, understood, and being followed. It is one thing to have written policies; it is another thing to implement them into the organization.
- Ensure the adequacy of your supply chain and internal audit program to FSMA requirements. Confirm that you effectively track, monitor, and evaluate your suppliers. FSMA compliance stretches beyond your individual organization throughout the food supply chain.
- Test and confirm that you are prepared to provide documentation within 24 hours if requested by FDA. An effective document management system can help ensure that you are able to access the required information when you need it.
- Maintain insurance and ensure your indemnity agreements provide an acceptable level of protection, including letters of guarantee and supplier and recall insurance.
- Verify foreign suppliers for their compliance with FSMA regulations. Importers will be required to verify that food imported into the United States has been produced to FDA requirements
- Verify and maintain your mock recall program for any recall circumstance that might occur or be requested by FDA. All issues related to the processing and distribution of safe food will be enforceable by the FDA, including issuing recalls, ordering the detention of product, suspending business registrations, levying fines, and controlling the food supply chain.
Any company that works in a food-related industry needs to determine compliance requirements to implement the appropriate FSMA programs. Due to the Act’s complexity, this process should begin well in advance of final compliance dates. If programs are not currently in development, they must be short to avoid the potential of non-compliance to FDA, customers, and the supply chain.
Case Study: Efficient Compliance Management
Regulatory enforcement, customer and supply chain audits, and internal risk management initiatives are all driving requirements for managing regulatory obligations. Many companies—especially those that are not large enough for a dedicated team of full-time EHS&S staff—struggle with how to effectively resource their regulatory compliance needs.
The following case study talks about how The C.I. Thornburg Co., Inc. (C.I. Thornburg) is using a technology tool to efficiently meet National Association of Chemical Distributors (NACD) and a number of other regulatory requirements.
The Challenge of Compliance
C.I. Thornburg joined NACD in January 2015. As a condition of membership, the company started the process of developing and implementing Responsible Distribution in April 2015. Responsible Distribution showcases member companies’ commitment to continuous improvement in every business process of chemical distribution—and it requires rigorous management activities to develop and maintain.
With an EHS&S department of one, managing all of those activities was a challenge for C.I. Thornburg. The company was looking for a way to streamline the process and more effectively manage Responsible Distribution requirements and regulatory compliance obligations.
Code & Compliance Elite™
C.I. Thornburg brought on Kestrel to initially help the company achieve Responsible Distribution verification. Kestrel worked with C.I. Thornburg to customize and implement Code & Compliance Elite (CCE™), an easy-to-use technology tool designed to effectively manage management system and verification requirements. Kestrel tailored the CCE™ application specifically for C.I. Thornburg to provide:
- Document management – storage, access, and version control
- Mobile device access
- Regulatory compliance management and compliance obligation calendaring
- Internal audit capabilities
- Corrective and preventive action (CAPA/CPAR) tracking and management
- Task and action management
CCE™ played a large role toward the end of C.I. Thornburg’s Responsible Distribution implementation, particularly with document control and organization, and in the verification audit. During verification, documents could be quickly referenced because of how they are organized in CCE™, making the process very efficient. According to C.I. Thornburg Director of Regulatory Compliance and EHS&S Richard Parks, “The verifier was blown away by how well we were organized and how the tool linked many documents from different regulatory policies.” The company achieved verification in May 2016.
Broadening to Other Regulatory Requirements
CCE™ is still being used to manage Responsible Distribution requirements, but C.I. Thornburg is now working with Kestrel to expand it to all regulatory branches that govern the business. Regulatory requirements function similarly—for example, Responsible Distribution has 13 codes, Department of Homeland Security (DHS) has 18 performance standards (RBPS), and OSHA PSM has 14 elements. All require internal audits and corrective action tracking—things that can be easily and effectively managed through CCE™ to create a one-stop shop for regulatory compliance. Kestrel is currently developing the DHS and PSM modules in CCE™ for C.I. Thornburg.
Valuable Management Tool
CCE™ is providing C.I. Thornburg with a valuable management tool that automates the regulatory landscape. According to Parks, as a small organization that depends on using efficient tools to manage compliance rather than adding more manpower, CCE™ has provided huge cost savings and tremendous value for the organization, including the following:
- CCE™ has become the ultimate tool inefficiency. Tasks that used to take hours to complete are now easily done in just minutes.
- The internal audit function of CCE™ makes audits seamless and tracking and follow-up easy.
- The CAPA tool ensures that the company is managing corrective actions and completing follow-up activities and tasks.
- The functionality of CCE™ allows for managing multiple regulatory dashboards, providing a one-stop shop for managing regulatory compliance obligations.
- CCE™ creates an organized document structure that enables easy access to information and quick response to auditors.
- During Senior Management Review, senior managers see the benefit of being able to reference the history of corrective actions and audits through CCE™.
“A lot of NACD member companies are small organizations that have limited resources to effectively manage all EHS&S needs,” said Parks. “CCE™ really creates the department and is a huge value to small businesses. With the CCE™ technology and a company’s clearly defined goal, Kestrel can provide an efficient solution to most any need.”
Comments: No Comments
Applying Predictive Analytics to Leading Indicators
Leading indicators can be defined as safety-related variables that proactively measure organizational characteristics with the intention of predicting and, subsequently, avoiding process safety incidents. Leading indicators become especially powerful when combined with advanced statistical methods, including predictive analytics.
Case Study
Kestrel developed a major incident predictive analytical model for the transportation industry that is also applicable to the process industries. Using regularly updated inspection data, the model was created to provide major incident probabilities for each transportation segment over a six-month period.
Additionally, the model identifies the variables that are significantly contributing to major incidents, thereby showing the company which factors to address to prevent future incidents. Model validation revealed that it could successfully predict the location and time frame of 75% of major incidents.
Broader Applicability
Companies in the process industries are generating and recording unprecedented amounts of data associated with operations. Companies that strive to be best-in-class need to use that data intelligently to guide future business decision-making.
The versatility of predictive analytics, including the method described in this case study, can be applied to help companies analyze a wide variety of problems. In this way, companies can:
- Explore and investigate past performance
- Gain the insights needed to turn vast amounts of data into relevant and actionable information
- Create statistically valid models to facilitate data-driven decisions
Join Kestrel at the 2016 International Symposium
Kestrel’s William Brokaw will be presenting the case study discussed above on Tuesday, October 25 at 1:15 p.m. at the Mary Kay O’Connor Process Safety Center 2016 International Symposium: Applying Predictive Analytics to Process Safety Leading Indicators.
MKOPSC 2016 International Symposium
October 25-27, 2016
Hilton Conference Center
College Station, Texas
Kestrel’s experts will also be on hand throughout the Symposium to talk with you. Stop by and see us at our booth. We welcome the opportunity to learn more about your needs and to discuss how we help our chemical and oil & gas clients manage environmental, safety, and quality risks; improve safety performance, and achieve regulatory compliance assurance.
Comments: No Comments
Frank R. Lautenberg Chemical Safety Act
Last year, we came to you with breaking news about Toxic Substances Control Act (TSCA) reform taking hold, as the U.S. House of Representatives passed the TSCA Modernization Act of 2015 (H.R. 2576) on June 23, 2015.
Almost one year later—and approximately 40 years since the Act’s inception—President Obama signed the Frank R. Lautenberg Chemical Safety Act (FRL-21) into law on June 22, 2016, amending the nation’s primary chemical management law. A historic bipartisan achievement, this Act gives the USEPA immediate authority to begin evaluating the risk of any chemical it designates as “high priority”.
Background
TSCA was developed to ensure that products are safe for intended use by providing the USEPA authority to review and regulate chemicals in commerce. Despite its intention, TSCA has proven to be rather ineffective in providing adequate protection and in facilitating U.S. chemical manufacturing and use. More than 80,000 chemicals available in the U.S. have never been fully tested for their toxic effects on health and the environment. In fact, under TSCA, the USEPA has only banned five chemicals since 1976.
According to a blog by USEPA Administrator Gina McCarthy, “While the intent of the original TSCA law was spot-on, it fell far short of giving EPA the authority we needed to get the job done.”
And that is where FRL-21 takes over, strengthening the foundation built by TSCA to ensure that chemical safety remains paramount.
Key Changes
FRL-21 remains consistent with the 2009 Principles for TSCA Reform. The USEPA outlines the following key regulatory changes in its Q&A briefing on the Act.
Evaluates the safety of existing chemicals in commerce, starting with those most likely to cause risks. This is the first time that all chemicals in commerce will undergo risk-based review by the USEPA. The Agency is charged with creating a risk-based process to determine which chemicals should be prioritized for assessment. High-priority chemicals may present an unreasonable risk to health or the environment due to potential hazard and route of exposure. A high-priority designation, in turn, triggers a risk evaluation to determine the chemical’s safety. This prioritization ensures that those chemicals that present the greatest risk will be reviewed first.
Evaluates new and existing chemicals against a new risk-based safety standard. Under the law, the USEPA will evaluate chemicals based purely on the health and environmental risks they pose. The evaluation must also include considerations for vulnerable populations (e.g., children, elderly, immune-compromised). FRL-21 further repeals the requirement that the Agency apply the least burdensome means of adequately protecting against unreasonable risk from chemicals. Costs and benefits will not be factored into the evaluation.
Empowers USEPA to require the development of chemical information necessary to support these evaluations. In short, the Agency has expanded authority to demand additional health and safety or testing information from manufacturers and/or to conduct risk evaluations on a chemical. USEPA may also expedite the process through new order and consent agreement authorities.
Enforces clear and enforceable deadlines that ensure timely review of prioritized chemicals and timely action on identified risks. Strict deadlines are designed to keep the USEPA’s work on track and to ensure compliance by manufacturers. For example, the Agency must have 10 ongoing risk evaluations within the first 180 days and 20 ongoing risk evaluations within 3.5 years. When unreasonable risks are identified, USEPA must then take final risk management action within two years. Action, which may include labeling, bans, and phase-outs, must begin no later than five years after the final regulation.
Increases public transparency of chemical information by limiting unwarranted claims of confidentiality. The USEPA must review and make determinations on all new confidentiality claims for chemical identity, as well as review past confidentiality claims to determine if they are still warranted. This will allow companies to preserve their intellectual property and competitive advantage, while still providing transparency to the public.
Provides a source of funding for the USEPA to carry out these changes. The USEPA can collect up to $25 million annually in user fees from chemical manufacturers and processors when they:
- Submit test data for USEPA review
- Submit a pre-manufacture notice for a new chemical
- Manufacture or process a chemical that is the subject of a risk evaluation
- Request that the USEPA conduct a chemical risk evaluation
Impacts
For companies, the most immediate impacts of FRL-21 will be on the new chemicals review process, as the USEPA has to approve any new chemical or significant new use of an existing chemical before manufacturing can commence and chemicals can enter the marketplace. This process will help provide regulatory certainty throughout the supply chain—from raw material produces to retailers. And, in the end, the risk evaluations will help ensure that manufacturers are able to bring new chemicals to the market in a safe and efficient way.
As for the general public, FRL-21 creates a new standard of safety to protect the public and the environment from unreasonable risks associated with chemical exposure. For the first time in 40 years, it provides assurance and greater confidence that chemicals are being used safely.
Comments: No Comments
Top 10 Food Safety Building/Equipment Solutions
Every food supply company has an obligation to its customers to provide safe and quality food. In addition, a growing number of retailers and wholesalers require their producers and suppliers to implement compliance and certification programs. Food Safety Modernization Act (FSMA) compliance presents an even greater benefit to food-safe building and equipment programs, as it complements and aligns with GFSI-certified standard requirements (e.g., SQF, IFS, BRC, FSSC 22000) and demonstrates that a company is working actively to manage its food safety risks.
In today’s food safety-focused and competitive climate, it is challenging for companies to devote the resources required to maintain compliance activities at a sustained and satisfactory level—but it is essential.
The following solutions can help keep companies who work with food-related materials on track when it comes to managing food safety and certification requirements and achieving compliance with FSMA’s Preventive Control requirements.
- What are the issues that food and food industry sites must address to meet general plant control requirements for legal compliance and/or industry certification?
To comply with both regulatory requirements under FDA/FSMA and GFSI industry requirements, food companies must establish control of food safe premises, plants, and food risk zones. With recent changes, compliance is not limited to just companies that manufacture and distribute food product, but also to those that provide food chemicals, packaging, and logistics. The requirements apply to all companies distributing food or food ingredients to the U.S. market.
Food Plant Zoning
- Signage
- Locks and access controls
- Pipe and utility marking
- Floor and area marking and coding
- Labels
- PPI and PPE stations
- Waste and water control
- Color coding/tools/utensils/maps
- How do the regulatory and certification requirements for food safety impact controls for facilities and equipment?
The regulatory and certification requirements include elements to ensure all aspects of food safety. This includes “Food Safety and Security,” which requires the protection of food against the potential for deliberate or accidental contamination. This is in addition to the site and general security.
Equipment and Facility Controls
- Locks
- Lockout/Tagout systems
- Seals and tags
- Labels
- Security gates/fences/areas
- Closures/caps
- Storage/containment
- Emergency and response kits
- What are the food safety requirements for controlling food, non-food, and food contact materials?
A key focus for compliance includes the control of food and contact materials. This includes direct control, evidence of communication, and direction of employees to avoid the misuse or contamination/cross-contamination of the food product. Control of utensils and tools used in the food processing areas represents a major area of inspection as part of the audit process.
Material Controls/Non-Food/Chemical
- Locked and rated cabinets
- Floor markings
- Message boards
- HMIS/NFPA programs
- HazMat labels, inventory tags, and forms
- How is foodplant building maintenance addressed in food safety compliance?
The first requirement of a food industry plant is to ensure the proper building elements of construction and design. Once commissioned for food products or distribution, the facility must be maintained to its original level commissioned as fit for use.
Building Maintenance
- Access and premise food maintenance
- Exterior building envelope
- Internal building envelope
- Doors and locks
- Process areas and critical maintenance (lubrication, PM, etc.)
- Sanitary, employee areas, break rooms
- Water drains, and waste control
- What security requirements do food industry sites need to consider to meet regulations or GFSI industry certifications?
Food plants are included under the Department of Homeland Security (DHS) as requiring developed and implemented security programs. The registration of food plants under the FDA certification required by DHS is a key aspect of being approved and registered to operate for food sites.
Security (Food Safety and Security)
- Premises security fences, gates, locks
- Passkey and key control systems
- Badges and badge readers
- Video security and alarms
- Building and equipment locks and access controls
- Equipment and storage seals and programs
- Security cabinets and storage
- Tamper-evident seals
- Signage – warning and informational
- How are hazard warnings dealt with in a food operation both to communicate with employees and visitors and to show evidence of compliance?
Compliance with food safety requirements provides that companies communicate with employees and visitors on the conditions for access to the food operation. To do so, it is expected that communication is established through various means to ensure notification of all related parties, including employees, visitors, truck drivers, service providers, contract employees, and contractors.
Hazard Warnings
- Signage (building, equipment) – warning, hazard, directional, stop
- GMPs
- Labels and marking equipment and utilities
- Floor markings
- Conformities and allergens
- Inspection and approval directions
- Information boards
- Location control
- How are warnings provided within a food plant for activities and people?
Compliance with food safety requirements provides that higher risk direction is maintained to ensure the protection of food operations. This includes both documented and posted warnings to achieve communication at this level.
Directional Warnings
- Premise directional signs
- Food safety signage (GMPs, receipt, processing, release, shipping)
- High-risk equipment labeling, process warning signs and directions
- PPE
- Emergency response
- Food safety mapping and locations
- Employee sanitation
- Employee rules
- Employee hazard communication
- What requirements do food operations need to maintain to ensure the understanding of food safety throughout the organization?
Food safety requirements provide that management must ensure that food safety compliance is established throughout the organization and related parties. This can be accomplished through various means, including postings, signage, marking, mapping to enhance traditional methods of training, and meetings.
Organization
- Visual workplace
- Charting
- Information boards
- Employee communication
- Hazard communication
- Food plant zoning
- Mapping
- Directional location information
- Preventive controls
- Process requirements
- What are specific controls necessary for safe food operation based on the identification of key infrastructure elements of a food operation?
Food operations are expected to maintain up-to-date engineering information, drawings and schematics, and related identification. This requirement is to ensure that all aspects of commissioning for food operation are maintained, with the assurance that physical identification and inspection of all related areas and fixtures is also demonstrated and maintained. Specific marking, labeling, identification, storage locations, tagging, and seals provide a means of meeting these requirements.
Tagging/Labeling
- Truck and transport container tagging and sealing
- Pipe and utility marking (engineering and plumbing drawings)
- Shadow boards/tool and parts storage
- Identification and warning labels
- Process equipment identification
- Key program tagging (pest control, waste, etc.)
- Service ID tagging (inspections)
- PM tagging for food compliance (critical equipment)
- What provisions are there for asset management within a food operation?
Food safety regulations and standards require that all assets determined to be critical or to be maintained to achieve food safety be managed and maintained. To accomplish this program, means of achieving control over these assets must be developed, implemented, maintained, and evident.
Asset Management
- Critical equipment management
- Building maintenance management
- Project equipment and building materials management
- Asset inventory and verification management
- Active versus inactive assets (in-service, out-of-service management)
- Asset disposal management
- Inventory status management – available, on-hold, disposition
- Storage location management
Comments: No Comments
Process Safety and Human Performance Reliability
On August 6, 2012, the release of flammable vapor led to a fire at the Chevron Refinery in Richmond, California. That event generated significant public concern about refinery safety and emergency response in California. It also eventually prompted California’s Department of Industrial Relations (DIR) to develop a draft regulatory proposal for a new Cal/OSHA Process Safety Management (PSM) standard that strengthens regulatory oversight, policy, and enforcement. The PSM for petroleum refineries notice hit the California Register on Friday, July 15, 2016.
But California refineries are not alone. Federal changes are on the way, as well, as OSHA considers revisions to its PSM standard.
Proposed Cal/OSHA Process Safety Management (PSM) Standard Changes
As a recap, the proposed Cal/OSHA PSM changes modify existing PSM language and introduce a number of new management system elements and other requirements. These amendments require California refineries to commit to the following:
- Use the Hierarchy of Hazard Controls to choose safer, more enduring technologies that address safety concerns and help to eliminate or minimize hazards in refinery processes.
- Perform damage mechanism reviews to assess physical degradation, such as corrosion and mechanical wear, and to determine recommended corrective actions.
- Conduct safeguard protection analysis to ensure that safeguards will help prevent initiating events from turning into major catastrophes.
- Implement corrective actions with clear and enforceable deadlines and consequences for inaction to ensure that safety program improvements are carried out.
- Implement appropriate Management of Change (MOC) activities so safety is factored into changes to operations, maintenance procedures, personnel, etc., all of which can undermine plant safety.
- Perform periodic safety culture assessments to evaluate management’s and employees’ attitudes, perceptions, and values as they pertain to safety.
- Account for human factors (e.g., training and competency levels, fatigue, experience, communication, physical challenges), which can greatly influence accidents and incidents in the workplace.
- Conduct root cause analysis to identify underlying causes of the incident and recommended corrective actions to help prevent recurrence.
- Engage employees at all levels in all elements of the PSM program, including working to prevent accidents and incidents through the means described above.
The Human Element of PSM
Employee and contractor performance is a significant source of risk within any organization. The majority of accidents and other unintended events are—at least in part—the result of human error. It is not surprising that Cal/OSHA’s proposed PSM regulations and potential Federal PSM changes recognize the importance of the “human element” in a number of the changes—from performing safety culture assessments to account for human factors, to engaging employees.
Many companies struggle with the following challenges as they work to establish and/or improve elements of their PSM programs:
- How do we identify factors contributing to incidents?
- What are appropriate recommendations that will drive improvements?
- How should we include human factors in Process Hazard Analyses (PHAs)?
- How can we improve our safety culture?
Often, these elements are treated independently, but this overlooks the important relationship between them. For example, any unintended event (e.g., an LOPS, process upset, safety incident) is the result of multiple contributing factors, not a single event. Focusing on these contributing factors enables companies to develop a deeper understanding of why incidents are occurring. Linking contributing factors to specific barriers further allow companies to identify weaknesses in their processes and procedures and to develop appropriate recommendations to drive improvements. Conducting contributing factor analyses also enables the company to identify specific human factors to be used in their PHAs.
Human Performance Reliability (HPR) Approach
Kestrel’s Human Performance Reliability (HPR) approach provides an integrated solution for addressing new PSM requirements. Unlike a typical root cause analysis, which addresses factors leading to a specific incident, HPR is based on a sophisticated statistical analysis of human factor data obtained from multiple incidents. This allows companies to identify and access broader—and potentially systemic—issues that are affecting the safety performance of the organization.
HPR consists of three elements:
- Incident Investigation and Analysis (IIA) – IIA adopts the framework provided by the Human Factors Analysis and Classification System (HFACS) to classify human error and other contributing factors—but with the additional step of associating the control(s) that failed to prevent the incident from occurring. Statistical analyses help to identify patterns in the data to pinpoint the human errors and controls that are appearing most frequently.
- Procedure Improvements – Although the IIA process will identify where improvements are needed (i.e., which controls are associated with incidents), it will not result in improved safety performance—not without completing associated improvement projects. Only by scoping and implementing those improvement projects will companies realize improved safety performance.
- Safety Culture Assessment – Learning organizations actively seek the underlying causes of incidents and use data to make performance improvements. These organizations typically have robust systems to ensure that the traits that represent a strong safety culture are in place, mature, and fully integrated into standard practices
While the individual elements can be very helpful to a company, deploying them in tandem provides the richest and most comprehensive benefit to overall safety performance. That is because the three components are inherently complementary; each improves the effectiveness of the others.
Systemic Improvements
This process provides immediate value when applied to the investigation of an individual event by identifying additional factors that may have been missed following a traditional root cause analysis approach. It is most powerful, however, when data from multiple events are aggregated. The results of multiple investigations yield a pattern of human factor indicators that can be used to uncover system opportunities for PSM and operational enhancements and overall improved reliability.
Comments: No Comments
California PSM Standards: Targeting Refinery Safety
On August 6, 2012, a release of flammable vapor led to a fire at the Chevron Refinery in Richmond, California. That event generated significant public concern about refinery safety and emergency response in California. It also prompted the California Governor’s report, “Improving Public and Worker Safety at Oil Refineries,” the formation of the Interagency Refinery Task Force (IRTF), and, eventually, the proposed regulatory changes to specifically target refinery safety.
Proposed Cal/OSHA Process Safety Management (PSM) Standard Changes
As most California refineries are aware, California’s Department of Industrial Relations (DIR) developed a draft regulatory proposal for a new Cal/OSHA Process Safety Management (PSM) standard to strengthen regulatory oversight, policy, and enforcement. The PSM for petroleum refineries notice hit the California Register on Friday, July 15, 2016—and Federal changes are on the way, as well, as OSHA considers revisions to its PSM standard.
As a recap, the proposed Cal/OSHA PSM changes modify existing PSM language and introduce a number of new management system elements and other requirements. These amendments require California refineries to commit to the following:
- Use the Hierarchy of Hazard Controls to choose safer, more enduring technologies that address safety concerns and help to eliminate or minimize hazards in refinery processes.
- Perform damage mechanism reviews to assess physical degradation, such as corrosion and mechanical wear, and to determine recommended corrective actions.
- Conduct safeguard protection analysis to ensure that safeguards will help prevent initiating events from turning into major catastrophes.
- Implement corrective actions with clear and enforceable deadlines and consequences for inaction to ensure that safety program improvements are carried out.
- Implement appropriate Management of Change (MOC) activities so safety is factored into changes to operations, maintenance procedures, personnel, etc., all of which can undermine plant safety.
- Perform periodic safety culture assessments to evaluate management’s and employees’ attitudes, perceptions, and values as they pertain to safety.
- Account for human factors (e.g., training and competency levels, fatigue, experience, communication, physical challenges), which can greatly influence accidents and incidents in the workplace.
- Conduct root cause analysis to identify underlying causes of the incident and recommended corrective actions to help prevent recurrence.
- Engage employees at all levels in all elements of the PSM program, including working to prevent accidents and incidents through the means described above.
The Human Element of PSM
Employee and contractor performance is a significant source of risk within any organization. The majority of accidents and other unintended events are—at least in part—the result of human error. It is not surprising that Cal/OSHA’s proposed PSM regulations recognize the importance of the “human element” in a number of the proposed changes—from performing safety culture assessments, to account for human factors, to engaging employees.
Kestrel works with many refining and petrochemical companies that are in the process of establishing and/or improving elements of their PSM programs. Over the years, we have seen many of our clients struggle with the following challenges:
- How do we identify factors contributing to incidents?
- What are appropriate recommendations that will drive improvements?
- How should we include human factors in Process Hazard Analyses (PHAs)?
- How can we improve our safety culture?
Often, these elements are treated independently, but we have found that this overlooks the important relationship between them. For example, any unintended event (e.g., an LOPS, process upset, safety incident) is the result of multiple contributing factors, not a single event. Focusing on these contributing factors enables companies to develop a deeper understanding of why incidents are occurring. Linking contributing factors to specific barriers further allow companies to identify weaknesses in their procedures and processes and to develop appropriate recommendations to drive improvements. Conducting contributing factor analyses also enables the company to identify specific human factors to be used in their PHAs.
Human Performance Reliability (HPR) Approach
Kestrel’s Human Performance Reliability (HPR) approach provides an integrated solution for addressing the new PSM requirements, as outlined above. Unlike a typical root cause analysis, which addresses factors leading to a specific incident, HPR is based on a sophisticated statistical analysis of human factor data obtained from multiple incidents. This allows companies to identify and access broader—and potentially systemic—issues that are affecting the safety performance of the organization.
HPR consists of three elements:
- Incident Investigation and Analysis (IIA) – IIA adopts the framework provided by the Human Factors Analysis and Classification System (HFACS) to classify human error and other contributing factors—but with the additional step of associating the control(s) that failed to prevent the incident from occurring. Statistical analyses help to identify patterns in the data to pinpoint the human errors and controls that are appearing most frequently.
- Procedure Improvements – Although the IIA process will identify where improvements are needed (i.e., which controls are associated with incidents), it will not result in performance improvements—not without completing associated improvement projects. As part of our HPR services, Kestrel works with clients to scope and implement those improvement projects that will lead to improved safety performance.
- Safety Culture Assessment – Learning organizations actively seek the underlying causes of incidents and use data to make performance improvements. These organizations typically have robust systems to ensure that the traits that represent a strong safety culture are in place, mature, and fully integrated into standard practices.
While the individual elements can be very helpful to a company, deploying them in tandem provides the richest and most comprehensive benefit to overall safety performance. That is because the three components are inherently complementary; each improves the effectiveness of the others.
Systemic Improvements
The HPR process provides immediate value when applied to the investigation of an individual event by identifying additional factors that may have been missed following a traditional root cause analysis approach. It is most powerful, however, when data from multiple events are aggregated. The results of multiple investigations yield a pattern of human factor indicators that can be used to uncover system opportunities for PSM and operational enhancements and overall improved reliability.
Experienced Professionals
Kestrel has experienced PSM and HPR professionals on our team, who have successfully developed programs, completed deployments, and conducted training in the refining and petrochemical industries. As California refineries prepare for significant PSM regulatory changes, we would welcome the opportunity to discuss how we can help you manage your PSM requirements and improve your overall safety performance.
Environment / Quality / Safety
Comments: No Comments
Management System Internal Audit: What to Expect
Many companies face requirements to conduct management system internal audits. And many probably consider it to be one of those “necessary evils” of doing business. In reality, an internal audit can be a great opportunity to uncover issues and resolve them before an external audit begins. An internal audit can sometimes even enable more improvements than an external audit because it allows the company to review processes more often and more thoroughly. So what, exactly, goes into an internal audit?
What Is an Audit?
First, conducting a management system internal audit encompasses all of the efforts to gather, accumulate, arrange, and evaluate data so that there is sufficient information to arrive at an audit opinion. According to the ANSI/ASQC Standard Q1-1986 Generic Guidelines for Auditing Management Systems, an audit is:
a systematic examination of the acts and decisions by people with respect to Q/EHS issues, in order to independently verify or evaluate and report conformance to the operational requirements of the program or the specification or contract requirement of the product or service.
Internal audits should be carried out to look for areas for improvement and best practices. In an internal audit, the auditor is evaluating, verifying, and reporting conformance or non-conformance in terms of related documentation. The auditor assesses systems, processes, and products against the related documentation:
- Systems are compared against company directives and requirements.
- Processes are compared against procedures, process charts, and work instructions.
The auditor examines where and how “operational requirements of the management system” are described. This is done by reviewing each policy, procedure, work instruction, checklist, and form looking for each “actionable item” listed within.
The Interview
The auditor will go out into the workforce and ask the prepared questions to various employees. Based on the responses given, the auditor may need to ask follow-up questions to get a clear understanding of how an operation works. Questions asked by auditors are generally open-ended to give the auditee the opportunity to elaborate. The auditor’s goal is to give the employee the opportunity to think prior to answering and to follow the audit trail wherever it leads—within or outside of the department.
Tangible Evidence
In order for an internal audit to support improvement steps, the auditor will seek tangible evidence. For example, work instructions require that inspections are completed every day, but the checklist shows that no checks have been performed for the last week. Tangible evidence may include taking a photo copy of the checklist to document this issue.
Evaluating Internal Controls
During the audit, the auditor is looking for internal controls that regulate an operation. There are seven steps in evaluating internal controls:
- Observe the Operation: The auditor needs to understand what processes and systems to review, where they are located, and who is responsible for them.
- Identify Constraints: The auditor will identify constraints to the extent possible, such as:
- Scattered information
- Internal opposition
- Process not capable
- Process not in control
- Unavailable information
- Evaluate Risk: The auditor will assess the importance and risk of internal controls not detecting and preventing non-conformances. The auditor will ask personnel being audited and management if there is anything more that could be done to identify and control risk.
- Evaluate the Internal Control Structure: Usually extensive internal controls exist, operate properly, and maintain/improve the process; however, this may not be an accurate assumption. Controls may not exist, may be weak, or may control and measure unimportant variables. It is very important for the auditor to resist assuming that the way an existing system has been set up is the correct way to do something. Auditors should challenge how and why something is being done to encourage system improvements.
- Test the Effectiveness of the Internal Control Structure: Gathering evidence is the process of collecting data and information critical to support a decision or judgment rendered by the auditor.
- Evaluate Evidence: Once evidence has been gathered from interviews, observations, or records, the auditor must distill and summarize the data into useful information for the company. The evidence is then reviewed to determine whether systems and controls are working effectively.
- Issue an Opinion: When all is said and done, the auditor must issue an opinion of conformance or non-conformance. In a deficiency finding (non-conformance), the audit report will clearly state that there is a variance between what is and what should be. All evidence findings should be listed to support this conclusion.
Clarify Issues and Non-Conformances
Upon completion of an audit, there may be times when clarification of an issue or concern will be warranted. This is when the auditor may go back to the department head and review the current understanding of the audit results. The department head should have ample time to discuss and clarify any issues of concern.
Any outstanding issues that warrant a non-conformance report should be discussed to ensure that the company understands: 1.) why the issue is considered a non-conformance, and 2.) what may need to be done to rectify the situation. It is important to also discuss all positive findings from the audit to leverage best practices.
By using an internal audit to actually improve operations—and not just as another requirement to fulfill—companies can realize significant value through:
- Meeting regulatory/certification requirements prior to the external audit
- Improving operational controls and processes
- Enhancing overall management system effectiveness