Professional Documents
Culture Documents
Module IV
❖ The inspection process seeks to identify potential causes of incidents or accidents, which is the first step in their
prevention.
❖ Unsafe acts that are observed should be addressed, as should unsafe conditions.
❖ Accidents are a disruption to daily operations, and this in turn reduces operational efficiency.
WHAT TO INSPECT?
• Workplace means all buildings/structures must be inspected.
• When looking at inside operations,
• don’t forget to check work areas, areas accessible to the public, storage and maintenance areas, and equipment
rooms.
• Open locked doors and look.
• When inspecting external areas,
• remember to address security in parking areas, walking-working surfaces (for trip hazards), storage and
maintenance buildings, equipment buildings and vacant buildings.
• Emergency exits—signage in place and functional, blocked/chained, and/or blocked open
Checklist Categories
▪ Identify potential hazards so they are corrected before an The person conducting the inspection:
injury occurs
• Must have the requisite PPE to safely perform the job
▪ Implement or improve safety programs • They must be knowledgeable on how to locate safety and
health hazards
▪ Increase safety awareness
• They should have the authority, given by management, to
▪ Display concern for workers’ safety
act and make recommendations.
▪ Communicate safety standards of performance ❖ If unsafe conditions are revealed, this person should also
The person conducting the hazard inspections should have the authority to shutdown an operation and notify
▪ Knowledgeable of relevant regulations, codes & company ❖ Consider giving this authority to all personnel, re:
❑ All findings, along with corrective action recommended (including training), should be fully documented.
❑ When items recorded on the Hazard Control Log or Inspection Checklists have been corrected.
❑ The type of documentation that is used is not as important as ensuring it is done in a timely and thorough manner.
SAFETY AUDITING
• Process that identifies unsafe conditions and unsafe acts in the plant and recommends safety improvement.
• Walk through safety audit
• Intermediate safety audit
• Comprehensive safety audit Team
• Safety manager
• Walk through safety audit • Safety consultant
❑ Least expensive, • Insurance Inspector
• Electrical Inspector
❑ Noting conditions via naked eyes during walk through • Manager-Civil/E/C/O&M
❑ Recommendations discussed with line managers and supervisors
• Intermediate Audit
❑ Leads to the improvement in plant design, renovation, Ops, Staffing ❑ Reviews unsafe conditions
❑ Classification of risk in facilities
• Envelope Audit
❑ High
❑ Civil works ❑ Medium
❑ Switch yards and electrical plant aux ❑ Low
❑ Stores ❑ Recommendations
❑ Offices and Canteens and security arrangements
❑ Ventilation sys and lightening
Job Safety Analysis (JSA)
Term job hazard analysis, or JHA for short. But you may have also heard this type of hazard analysis referred to as Job
Safety Analysis (JSA) or Activity Hazard Analysis (AHA).
• It is a method of identifying the risks and hazards associated with each process we perform.
• If we don’t identify all of them, we can’t take corrective action to prevent accidents and injuries.
• So JHA is essential to your safety and health on the job.
• JHA also helps us break a process down into simple individual steps, allowing us to pinpoint all the risks and
hazards associated with each step.
• If you look at an operation, you might see five or six risks or hazards.
• But when you break the operation down into simple discrete steps, you might realize that there are five
or six risks or hazards associated with each step in the operation.
• As you can already see, JHAs provide a system for easily understanding process hazards or risks.
Why Perform JHAs?
▪ JHAs not only help us identify existing hazards or risks associated with each step in a process,
▪ It also helps us identify potential hazards or risks.
▪ Some are not as evident until you break the process down into simple discrete steps and examine each individual
step in the operation.
▪ JHA also helps us prioritize corrective actions.
▪ Not that all hazards and risks aren’t important.
▪ But we need an organized, prioritized way of going about dealing with workplace hazards.
▪ When a JHA is properly conducted, we are able to reduce, control, or eliminate workplace hazards or risks.
▪ Because if we reduce or eliminate hazards, we reduce or eliminate the risk of accidents, injuries, and process-
related illness.
What Are the Benefits of JHAs?
▪ The main benefit of course is that JHAs reduce accidents, injuries, and illness, thereby improving safety performance.
▪ Because JHA reduces injuries and illness, it also reduces absences.
▪ This means we have more fully qualified people on the job every day, which means you don’t have to do extra work to
cover for sick or injured co-workers.
▪ And it also means that each one of us is safer on the job.
▪ When we’re fully staffed, people aren’t stressed or overburdened, which means they can take their time and work
safely.
▪ More people at work every day means increased productivity as well.
▪ It means we’re able to meet production schedules and keep our organization operating at peak performance.
▪ JHAs also help improve workplace morale.
▪ When people feel safe in the workplace, they’re happier and more satisfied with their job.
▪ And that means we can all do our best and contribute to the success of the organization.
▪ Another very important aspect of JHAs is that it helps us comply with OSHA and similar workplace regulations.
▪ When we know about all the hazards, we can take the necessary steps to protect everyone as the regulations require.
What’s the Function of Area Hazard Checklists?
➢ To assist in inspections and to facilitate the identification of workplace hazards we use area hazard
checklists. These checklists help us evaluate:
➢ Equipment
➢ Procedures
➢ Personnel
➢ Are you familiar with the area hazard checklists we use in job hazard analysis?
Which Elements of a Process Are Analyzed?
▪ During JHA inspections the people conducting the inspection will be looking closely at all the discrete elements involved in
an operation or process from start to finish.
▪ Preparation prior to start-up;
• Start-up;
• Activities that take place during the operation or process;
• Shutdown; and
• Maintenance.
➢ All the elements must be analyzed because there may be—and usually are—hazards and risks associated with all of them.
Steps in the JHA Process
❖ Step One : Process hazard analysis is to break the process down into all the simple, discrete tasks that make up the
process.
❖ Step Two : Identify the hazards involved in each task that must be performed to complete the process.
❖ Some hazards and risks may be repeated in several or all the tasks that make up the process.
❖ Step Three : Evaluating each hazard so that you can determine what to do about it and how to prevent injuries or work-
related illness.
❖ Step Four: Determine safe procedures and protective measures to prevent accidents, injuries, and illness as a result of
each hazard or risk.
❖ Step Five : A JHA might also have to be revised if hazards are eliminated, reduced, or controlled thanks to the previous
hazard analysis.
Consequence Analysis or Semi Quantitative Risk Analysis
Assessment of possibilities
--- By use of various hazard identification techniques like
➢ Preliminary Hazard Analysis (PHA)
➢ Hazard & Operability Study
➢ Safety Audit
➢ Fault tree analysis
➢ Event tree analysis, etc.
POSSIBLE HAZARD LIKELIHOOD
Remote D Unlikely but possible to Unlikely but can reasonably be expected to occur
occur in life of an item
(A) Frequent 1A 2A 3A 4A
(B) Probable 1B 2B 3B 4B
(C) Occasional 1C 2C 3C 4C
(D) Remote 1D 2D 3D 4D
(E) improbable 1D 2E 3E 4E
Hazard Risk Index HRI
1A, 1B, 1C, 2A, 2B, 3A I ➢Unacceptable
1D, 2C, 2D, 3B, 3C II ➢Undesirable (Management decision required)
1E, 2E, 3E, 3E, 4A, 4B III ➢Acceptable with review by management
4C, 4D, 4E IV ➢Acceptable without review
Relationship of qualitative probability ranking to quantitative values
❖The probability of a dangerous event posed by a hazard, over a definite time period of exposure or
❖The frequency at which such events will occur and results in fatalities to certain number of people and
❖The consequence of such events in terms of expected number of fatalities per year.
Risk = (Probability) x (Consequences)
HAZOP
• Definition: A hazard and operability study (HAZOP) is a structured and systematic examination of a planned or existing
process or operation in order to identify and evaluate problems that may represent risks to personnel or equipment or
prevent efficient operation.
• A HAZOP is a qualitative technique based on guide-words and is carried out by a multi-disciplinary team (HAZOP team)
during a set of meetings.
HAZOP Process
• A process flow diagram is examined in small sections, such as individual items of equipment or pipes between them.
• For each of these a design Intention is specified.
• The Hazop team then determines what are the possible significant Deviations from each intention, feasible Causes and
likely Consequences.
• It can then be decided whether existing, designed safeguards are sufficient, or whether additional actions are
necessary to reduce risk to an acceptable level.
HAZOP STUDY - TEAM COMPOSITION Principles of HAZOP
A Team Leader, an expert in the HAZOP Technique Concept
Technical Members, for example •Systems work well when operating under design conditions.
New Design Existing Plant •Problems arise when deviations from design conditions occur.
Design or Project Engineer Plant
Superintendent Basis
Process Engineer Process Supervisor •a word model, a process flow sheet (PFD) or a piping and
(Foreman) instrumentation diagram (P&ID)
GUIDE WORDS*
NONE
MORE OF
LESS OF
PART OF
MORE THAN
OTHER
More pressure (6)Isolation valve closed in Transfer line subjected to full (j)Covered by (c) except
error or LCV closes, with pump delivery or surge pressure. when kickback blocked
J1 pump running. or isolated. Check line.
FQ and flange ratings
and reduce stroking
speed of LCV if
necessary. Install a PG
upstream of LCV and
an independent PG on
settling tank.
More (8)High intermediate storage Higher pressure in transfer line (l)Check whether there is
temperature temperature. and settling tank. adequate warning of
high temperature at
intermediate storage. If
not, install.
HAZOP PREPLANNING ISSUES HAZOP STUDY LOGISTICS
Preplanning issues addressed in a typical refinery unit HAZOP Logistical development of this refinery unit HAZOP
include the following: included the following:
• Verification of as-built conditions shown on the P&IDs • Preplanning issues were addressed the prior week.
• Line segment boundaries set; markup of P&IDs • The team include three core team members and four part-
• List of support documents compiled time members.
• P&IDs (base study document) • The study included 16 moderately busy P&IDs.
• Process flow diagrams (PFDs) • The study took three and one-half weeks.
• Process description • The team met 4 hours per day in morning review sessions
• Operating manuals/procedures and spent 2 hours per day on individual efforts for reviews,
• Processing materials information follow-ups, and field checks.
• Equipment and material specifications • Dedicated space was required for storing the large number
• Tentative schedules of time to be spent per P&IDs of documents.
sheet • The study resulted in 170 data sheets.
• Recording technique (computer program or data • The team recorder used a personal computer to record, sort,
sheet) determination and retrieve data.
• List of standard abbreviations and acronyms compiled • The plant operator was the key contribution plant member
• Criticality rankings devised of the team.
• HAZOP training given to all team members (one day) • Key operating procedures were reviewed relative to the
• Arrange for system or process briefings for team P&IDs and safe engineering practices.
before work begins.
Fault Tree Analysis
The Fault Tree Analysis includes all segments which may cause, contribute to or be affected by an incident.
The Fault Tree Analysis views potential event sequences which may result in an incident.
• Each branch lists sequence of events (failures) for different paths to the end event.
• Probabilities assigned to each event then used to determine the statistical probability to the end event which is posed.
Disadvantages
• Need to have identified the top event first.
• More difficult than other techniques to document.
• Complex and time consuming.
• Quantitative data needed to perform properly.
Fault Tree Analysis
The procedure for conducting a FTA is:
1) Prepare and organize the study.
2) Construct fault tree.
3) Analyze fault tree.
4) Quantify fault tree.
5) Evaluate results.
6) Identify any recommendations.
7) Document the results.
8) Resolve recommendations.
9) Follow up on recommendations.
Fault Tree Analysis
• The fault tree is a graphical representation of the basic causes interactions that may result in a hazardous or undesirable
event.
❖ Use of deductive logic.
❖ Logical diagram in the reverse sequence
❖ Failure frequency are available Fail To Get
To Work On
❖ Be estimated with the common sense Time
Collision: Collision:
Major Minor
Bike Flat Tire
Stolen Damage Damage
to Bike to Bike
• Identify the causes of a particular incident (called a top event) using deductive reasoning.
• Often, it is used when other PHA techniques indicate that a particular type of accident is of special concern and a
more thorough understanding of its causes is needed.
• Thus, it is a useful supplement to other PHA techniques.
• Sometimes FTA is used in the investigation of incidents to deconstruct what happened.
• FTA is also used to quantify the likelihood of the top event.
• It is best suited for the analysis of highly redundant systems.
❖ FTA identifies and graphically displays the combinations of equipment failures, human failures, and external
events that can result in an incident.
FMEA is a systematic list that includes the failure mode, the effects of each failure, the safeguards that exist, and the
additional actions that can be taken
FMEA is a hazard evaluation procedure in which failure modes of system components, typically process equipment, are
considered to determine whether existing safeguards are adequate.
The effects of each failure mode are the process responses or incident resulting from the component failures, that is,
hazard scenario consequences.
An FMEA becomes an FMECA (failure modes and effects and criticality analysis) when a criticality ranking is included for
each failure mode and effect.
Types of FMEAs
Design
Analyzes product design before release to production, with a focus on product function
Process
Used to analyze manufacturing and assembly processes after they are implemented
Definition Of Terms
• Failure Mode
❑ Severity: An assessment of how serious the Failure Effect (due to the Failure Mode) is to the customer
❑ Occurrence: An assessment of the likelihood that a particular Cause will happen and result in the Failure Mode
❑ Detection: An assessment of the likelihood that the current controls will detect the Cause of the Failure Mode or
the Failure Mode itself, should it occur, thus preventing the Failure Effect from reaching your customer.
❑ The customer in this case could be the next operation, subsequent operations, or the end user
❑ Current Controls: Systematized methods/devices in place to prevent or detect failure Modes or Causes (before causing
effects)
✓ Prevention-based controls may include Mistake Proofing, automated controls, setup verifications, Preventive
Maintenance, and
Control Charts
✓ Detection-based controls may include audits, checklists, inspection, laboratory testing, and Control Charts
Rating Definitions Typical Scales
Rating Severity
Severity Occurrence
Occurrence Detection
Detection
High 10 Hazardous without warning Very high and almost Cannot detect
inevitable
❖ For each Process Input, determine the ways in which the Process Step can go wrong (Failure Modes)
❖ For each Failure Mode associated with the inputs, determine Effects
❖ Identify potential Causes of each Failure Mode
❖ List the Current Controls for each Cause
❖ Assign Severity, Occurrence, and Detection ratings to each Cause
❖ Calculate RPN
❖ Determine Recommended Actions to reduce High RPNs
❖ Take appropriate actions and document
❖ Recalculate RPNs
FMEA: A Team Tool
A team approach is necessary.
Team should be led by the Process Owner who is the responsible manufacturing engineer or technical person, or other
members:
– Customers
REWORK
PREHEATING
CLEANLINESS ENVIRONMENT
(HUMIDITY)
ENVIRONMENT Process Map
(HUMIDITY)
RAW MATERIAL RAW MATERIAL
RAW MATERIAL
MIXER SPEED
MIXER SPEED
FMEA
The FMEA Form - The Analysis Section
Event Trees for Quantitative Risk Analysis
• Event tree analysis evaluates potential accident outcomes that might result following an equipment failure or
process upset known as an initiating event.
• It is a “forward-thinking” process
• potential accidents,
• accounting for both the successes and failures of the safety functions as the accident
• the analyst begins with an initiating event and develops the following sequences of events that
progresses.
❖ Event trees graphically display the progression of event sequences beginning with a starting event, proceeding to
control and safety system responses, and ending with the event sequence consequences.
❖ ETA helps analysts to determine where additional safety functions will be most effective in protecting against the
event sequences.
❖ Typically, ETA is used to analyze complex processes that have several layers of safety systems or emergency
procedures to respond to starting events.
❖ Event trees are used to follow the potential course of events as the event moves through the various safety
systems.
❖ The probability of success or failure of each safety intervention is used to determine the overall probability of each
final outcome.
An Event Tree is used to determine the frequency of occurrence of process shutdowns or runaway systems.
Inductive approach
❖ May have been identified during a HAZOP as a potential event that could result in adverse consequences.
❖ Usually involves a major piece of operating equipment or processing step, i.e., a HAZOP “Study Node”.
Procedure Identify safety functions
Success – upward
Compute frequency of failures
Failure – downward
Step 3: Construct the Event Tree Step 4: Describe the Accident Sequence
• Risk indices are single numbers or tabulation of numbers which are correlated to the magnitude of risk.
• Some risk indices are relative values with no specific units, which only have meaning within the context of the
risk index calculations.
• The main two risk sets are:
• Individual risk
• Societal risk
❖ Individual risk calculations are normally performed when considering a plant employee exposed to plant hazards.
❖ In contrast, with societal risk, a group of people is exposed to one or more hazards.
❖ Societal risk calculations are normally performed when considering the risks to a community surrounding a chemical
plant and exposed to multiple plant hazards.
Individual risk(IRx,y): Probability of death per year of exposure to an individual at a certain distance from the hazardous
source. It is usually expressed in the form of iso-risk contours.
Pfi is obtained using probit equation. AlChe/CCPS is used for converting probit equation to probability
Different probit functions used for calculation
The probit models are generally expressed as
Pr =k1+k2(ln V)
Probit equations are available for a variety of exposures, including exposure to toxic materials, heat, pressure and
radiation, impact and sound.
P=a+bln cnt
Esignberg also provides a probit function for fatalities due to direct effect of overpressure as follows
Pr=-77+6.91(ln P0)
Societal risk
▪ It is based on the principle that often fatalities are the best way to express the seriousness of an accident and provides
a simplified basis for risk evaluation.
▪ Societal risk is defined as the relationship between frequency and the number of fatalities in a given population from
an undesired event.
▪ Societal risk evaluation is concerned with estimation of the chances of more than one individual being harmed
simultaneously by a same accident.
Depending on the scope and objectives of the LOPA study, risk tolerance
criteria
may be needed for: • different hazardous events, for example:
• different types of receptors, for example: – fire
– people – explosion
– environment – toxic material release
– property – runaway reaction
• different classes of a receptor, for example: • different levels of harm, for example:
– employees versus the public – multiple versus single fatalities, fatalities versus injuries
– on-site property versus off-site property – environmental remediation versus cleanup
Societal risk
Societal risk is a measure of risk to a group of people. It is most often expressed in terms of the frequency distribution of
multiple casualty events. (FN curve).
• Number of people affected by all incident outcome cases can be estimated using the following equation
FN-curve is a type of risk curve that displays the probability of having N or more fatalities per year, as a function of N, on a
double logarithmic scale.
• Information about societal risks and to depict at least three different types of information