Can a risk assessment reliably predict if you will have an accident today?

Statistics is one of those areas which can look very impressive in mathematical circles.  In a nutshell,  given sufficient samples and assuming all the factors are considered,  past trends can be a reasonable indicator of future events.  However, as weather forecasters know all to well,  the field of statistics can only result in a probability.  It may be predicted that the chances of rain today are 80%.  But there is always a chance of 20% that it will not rain.  Reliance on probabilities to precisely forecast individual specific events is therefore  flawed because a probability is by definition based on an uncertain set of factors and the probability is only valid given sufficient samples.

In the natural world risk is a reality.  Throughout history, humans have endeavoured to mitigate against risks to their safety,  from avoiding sabre toothed lions to carefully depressurising a vessel before drilling into it for maintenance.  Those risks that cannot be adequately mitigated need to be avoided or simply accepted (i.e move far away from sabre toothed lions or don’t ever drill into a pressure vessel).

In hazardous industries , risk assessments are a fundamental part of the management of safety.  Risk assessments endeavour to identify those serious risks that demand attention.    A common approach used in industry to quantify risk is to consider the probability of an incident on a scale of 1 to 5,  and at the same time the consequences should the incident occur,  also on a scale of 1 to 5.  The product of the two numbers is the overall risk figure.  The risk can be plotted on a graph or so called “heat map” where the top right quadrant shows risks with a high probability and a serious consequence,  and the bottom left quadrant shows low probability and low consequence.

In general,  because with finite resources companies cannot concentrate on all risks they tend to look at the “top 10” or some other ranking.  These top 10 risks are typically found in the “hot” zone of the heat map (top right quadrant).

This approach is simple, practical and quite useful.  It is however flawed in three main respects:

(1) The probability of a risk occurring is based on judgement, is a statistical metric and is therefore imprecise in predicting specific future events.

(2) The risks with very low probabilities and very high consequences are sometimes not in the “Top 10”.  (For example a nuclear accident,  high consequences, low probability).

(3)  The risk can change over time for any number of reasons such as plant modifications, operational changes or new factors.  The time between the risk assessment and the actual work in hazardous environments can be the difference between an accident taking place or apparent “safe work”.

Leading indicators of safety are sometimes used to statistically predict the underlying probability of an incident.  Whether or not this is a reliable tool is a whole debate in its own right,  but companies often use these because they are practical and useful.  For example the number of accidents per manhour worked,  or the number of near misses etc are both leading indicators that can predict an increase in the underlying probability of an accident.  Furthermore, a near miss usually results in some actions taken to avoid the incident in future,  thereby over time reducing risk.  When these indicators increase, further action needs to be taken (so the theory says) to address those factors that are resulting in unsafe conditions.  Again this approach can be flawed if it not realised that leading indicators are also statistically derived and therefore imprecise.  Also, management are often totally unaware of what action is actually required to contain rising indicators,  especially if the causes are behavioural or cultural in nature.

Software systems that address safety holistically need to consider several factors.  They need to recognise the value of leading indicators and have a good incident and near miss management capability and handle behavioural based safety observations and measurements.  They need to recognise the importance of assessing safety related risks at multiple levels – in the engineering and design process (e.g. HAZOP outputs), as well as in the actual operations (e.g. permit to work).  They need to recognise the dynamic nature of operational environments and have good change management processes to measure the impact of modifications on operational risk.  Finally, they need to have the capability to relate patterns and links in the data to warn people of risks that are the combined result of multiple simultaneous factors.  For example,  maintenance work on equipment + recent modification to equipment + previous incidents related to equipment + standing work procedure in use = overall risk.   This overall risk is something for example that is not evident to people who inspect the work sites,  but is the result of advanced system analytics that can correlate data intelligently to derive new insights.   Few EHS systems achieve this level of vital insight  which is likely to be successfully developed only by those vendors who focus on operational safety systems.

Clearly the whole subject of risk in a safety context is vast and cannot be covered in a short article of this nature.  My only advice is to be extremely sceptical of inappropriate statistics and oversimplified risk management processes.  Be extremely thorough in approach and have multiple strategies to manage safety.  Finally seek systems that have a holistic view on safety and at the same time are practical and easy to use.  Once the system is in place, look to continuously improving the quality of risk information by adding modules such as incident management, permit to work, engineering change management and advanced analytics that generate new safety related insights.

Achieving a balanced view on sustainability

Over the past few years we have witnessed the growing realisation by thought leaders that our way of life in the 21^st century is unsustainable. It is accepted that in the end all resources on the planet will come to an end (some will be certainly be depleted sooner than others) but before then our total consumption as society will be reduced as limiting resources such as energy, minerals, food and so on fail to keep up with demand. Yet, over centuries, humans have shown an amazing tenacity to survive, and an ability to adapt to a changing environment, so should we be at all concerned to maintain the status quo or simply accept environmental and social change as inevitable and rather focus on our ability to adapt?

Today in business we are now witnessing an increased awareness around sustainability, in part driven by governance requirements whereby companies have to provide integrated reports for their stakeholders. Yet frequently I find that some of this discussion is somewhat abstract and even surreal as companies seemingly alternate their focus from factual issues on operations (such as the finite amount of ore in a mine) to what seems to be far less defined and imprecise future factors such as rising sea levels or the impact of greenhouse gases on climate change. This confusion and lack of understanding of what is important allows companies to “bolt on” sustainability statements in their annual reports that are more marketing and positioning statements than any substance, and which ultimately mislead stakeholders as to the real issues. Clearly some balance and perspective on the whole subject of sustainability is necessary, and this requires analysis of hard scientific, economic and social facts.

One of the problems is that of terminology and loose interpretation. In business terms, a company will usually have an expected lifetime – very few companies are expected to continue for centuries. Some companies such as a trading company or those set up to capitalise on a major sporting event such as the World Cup may expect a very short lifetime of one or two years. A mine may expect to survive for 10 or 20 years, a chemicals producer may plan for a 30 year lifetime. For each of these companies “sustainability” means something different, it could be in the context of months, years or decades. Furthermore, the relentless quarterly profit reporting of the investor markets dominate management’s attention with a short term perspective to measure performance. Volatility in financial performance can therefore result in priority short term tactical decision making that is at complete odds with longer term sustainability initiatives. But the glossy annual reports do not reveal this and therein lies the reason for integrated sustainability reporting.

A balanced approach required that businesses integrate their sustainability initiatives into their business strategy, risk and governance processes. In other words the sustainability initiatives must be developed together with the business strategy to achieve outcomes that are relevant, measurable and enduring (sustainable). This will ensure that the risk (for example) of economic or political change is considered with the correct risk and timeframe against (for example) rising sea levels or climate change. It will also ensure that businesses don’t “tack on” a glossy brochure to the annual report with pictures of forests in an attempt to convince shareholders that they are “green”.

Systems that support this integrated approach are required to manage the complexity of information and to ensure consistence and continuity of reporting. This must mean that pure financial, HR and resources (ERP) systems are not enough, they need to be complimented with systems that measure and report on longer term sustainability metrics. In the mining, manufacturing and energy sectors for example, such systems need to be able to measure and report on energy usage, emissions, safety and environmental impact; as well as production efficiencies and throughput. No longer is “Cost of Production” the only metric of a production manager, he or she needs to be measured on the impact of decisions on long term sustainability. Such information systems need to take core operational processes such as maintenance, safety, plant operations and measure and in addition report on sustainability metrics such as energy efficiency, waste, downtime etc. These metrics need to align to the business risks and aggregate in a way that allows management to control and take corrective actions as necessary at both a strategic and tactical level.

I am an engineer and as such am familiar with the terms megawatt, ton, cubic meters etc. And all too often I see industrial waste reported in these units. That is why I am puzzled when a major company (say a bank) puts solar panels on their office to power the TV set which uses less than 1KW in the canteen, and then devotes several paragraphs to this initiative in their sustainability report. What would be more effective is if the bank could report how investor funds have been used to achieve a 5% efficiency improvement in a power station, which correlates to thousands of TV’s consumption. Such reporting will require transparency and information systems that are designed with this goal in mind.

I have no problem with the initiative been taken by thousands of consumers to unplug their cell phone chargers when not in use. My concern is with balance and perspective – as long as you recognise where the really big waste and energy numbers are in the system then your decisions are at least informed and we have a real chance as society to tackle sustainability issues meaningfully.

What if your production meetings were productive?

 Daily throughout the world meetings are held quite often for the sake of meeting and nothing else. Agendas are often distributed ahead of time but few people prepare and even less participate, meaningfully during these sessions. Inevitably minutes are kept, actions are allocated but few are followed up and seldom are people held accountable.

With major changes in business especially around accountability e.g. King III, allocation of performance based indicators in all industries and departments from production to HR it is impossible for meetings to have all the required information to be meaningful and productive. A simple example would be the morning production meeting in a plant environment which covers production for the past 24 hours or week. An agenda should have been sent out before the time covering the following:-

 • Welcome

 • Outstanding issues from previous meeting

 • Production output

• Production logs

• Outstanding permits to work

 • Incidents

 • HR : attendance registers/leave/shifts etc

 • Close

Many of these would be printed in hard copy and taken into the meeting. Once circulated any changes would require a new copy and little input back from invitees can be included and re-distributed. On commencement of the meeting outstanding issues from previous meetings are discussed and steps taken usually all performed manually, production outputs are presented in a hardcopy form from whatever process control system that is available. Separate output KPI’s are then checked to see if and why there were variations and what the root cause of these was. Production logs are then examined to shed light on these variations usually from a log book with suspect hand writing and accuracy. Should there have been a negative variance and something similar had happened in the past which was resolved where would this information be? This would usually be an action for the plant manager or operator to follow up on. However if this information was online and available to the meeting a fix could immediately be implemented.

Being able to access all the different systems that support various parts of the organisation is virtually impossible and hard copies are made and distributed to all, or is it?

With modern technology, why can’t all the information from these system be readily available during the meeting?

This would ensure that all information is current and available, ensuring decisions can be taken using the correct information, as well as allocating various actions to individuals or teams with reminders being sent electronically which serves as a reminder after the meeting. The multitude of different systems e.g. permit to work, incident reporting, production etc. complicates running meetings effectively. Seldom if ever are outstanding issues prioritised and followed up. With an electronic meeting system these can be represented in the form of a dash board highlighting critical areas while none critical can be lower down the agenda. An incident raised on a particular system is often seen in isolation while the need for understanding the total process is critical for the organisation. E.g. an incident reported in the SHEQ department should have an impact on risk assessments, permits, process management etc. and this can be managed effectively using the electronic meeting system with the status of the progress shown within all these areas. 

 Much is discussed but little achieved, not because of lack of ability but due to information being resident in disparate systems and not available when required. Due to this shortfall, numerous issues cannot be resolved during the meetings and much is added onto the “to do” list or held over until the next meeting. This results in the next meeting spending time on unresolved issues from previous meetings and the cycle continues with little improvement.

In complex environments the need for an electronic meeting system cannot be underestimated in ensuring that production managers are in total control of the operations.

Delays in feedback on production and other related areas can no longer be tolerated as this affects the net worth of any organisation that is output driven and who strives for high levels of safety and staff satisfaction. Meetings need to be productive with priority issues dealt with first ensuring that the levels of production remain high and resources utilised effectively.

Another important aspect is that this concept is not limited to mining and production but can be extended to all industries who have complex environments and require meetings to manage daily operations eg. Hospitals, financial institutions, parastatals etc.

In short management are accountable and need to be effective in managing all the diverse areas of the organisation and should consider an electronic meeting system to help them meet this requirement by being productive .

The Cart before the Horse : Paper based Permit systems exposing Plant /Mine management to possible liability.

It has mystified me over the years the amount of money, effort and resources that are invested into getting  paper based permit to work systems working properly.  Yet many organisations still argue that they need to get their paper based systems working before they consider “upgrading” to a computer based permit system.  There is evidently a misunderstanding as to the benefits of such an electronic system over the paper system.  These can be summarised at a high level as follows:-

-          Accurate permits with minimal time to produce

-          Policies and procedures are built into the rules in the system and are improved according to experience on an on-going basis

-          Authority levels are always adhered to

-          Required PPE and isolations are accurately specified provided in accordance with the hazards

-         The flexibility to make audited and controlled changes “on the fly” should working conditions change

-          Constant training by the system reminds the permit issuer of what is required

-          Management of contractors including induction and competencies, thereby ensuring only accredited contractors can accept permits and hence perform the work.

The need to get a paper based system into operation as a prerequisite to an electronic system introduces unnecessary risk.  Paper systems seldom can reliably manage the permit lifecycle process due to human error, lack of training and hence adherence to policies and procedures.  The time to implement paper systems, because of the inherent limitations takes considerable longer than implementing an electronic version.    The auditability of these paper systems is usually costly with the poor results. Maybe people are conservative and are comfortable with this process and are resisting change.  Reasons to do it in this way could include the following:-

-          We have always done it this way so why do it differently?

-          We need to first get our policies and procedures  in place,   and then once instilled we will consider an electronic version.

-          We don’t believe electronic signatures are valid, and having passwords will increase the administration of the IT department?

-          Who would own the system if it is electronic?

-          Wouldn’t an electronic system be too complex and we don’t have a computer literate work force?

-          Surely by going electronic ahead of a stable paper based system is putting the cart ahead of the horse?

The answer to many of these concerns is based on perceptions about IT systems in general, especially around complexity and the inflexibility attributed to them.   Historically the implementation of these systems (usually business systems) has far exceeded the planned implementation times and costs.  The resultant complexity and inflexibility of these IT based systems has resulted in only highly skilled individuals managing and running them.

Few companies have fully documented policies and procedures around permit to work operations and in many cases even less is understood or adhered to by employees who are constantly under work pressures to solve operational issues while the permit system is quite often viewed as an unnecessary evil, and are completed in the shortest time with little thought going into the process.  Considering errors on a permit can result in injury or even worse fatalities. Can companies afford this type of behaviour?

In modern day operations little if anything is cast in stone so changes to paper based systems can only occur once all involved have been trained on the new requirements, while with an electronic system this change immediately becomes effective once the system has been updated.

If a person can read then an electronic system should be practical.  Detailed “wizards” can drive the process and incorporate everything that needs to be considered when issuing a permit.  These include the following:-

-          Competencies of permit issuers and contractors

-          Selection of the type of permit eg. Cold work, hot work etc, without having to find the correct book or template

-          Identification of inherent risks and any others that may be present

-          Linking of associated permits and key Locks

-          Selection of appropriate PPE

-          Adherence to applicable isolations

-          Control of the process from permit preparation to completion of the work and the permit being handed back and accepted (This final step seldom if ever happens with a paper based system)

In any organisation external and internal factors drive change and any system should be flexible enough to adapt and evolve with these changes.  In my view not having everything ready up front should NOT be an excuse for trying to perfect a paper based system, on the contrary it should be the reason for implementing a flexible electronic permit system.

The acceptance of technological innovations have been accepted in numerous countries and across multiple industries eg banks , public sector etc.  Not long ago the UK HSE has acknowledged the value of computer based permit to work systems in their latest safe work guidelines.

Manual signatories on a permit can require a PhD in writing analysis to see who the person is or was after an incident!  Seldom, if ever can you identify who the original contractor was that accepted a permit.  What recourse would any organisation have should a fatality occur and you cannot identify the individual from the scrawl on the permit?  Who would be held responsible?

Unfortunately for management,  in many cases the plant manager (In South Africa the Section 16.1 or 16.2 responsible person) are responsible and would be liable should any incident occur on the plant or mine.  Few are aware of the implications of the shortfalls of a paper based system, thinking that the SHEQ department have this under control. To be blunt there is little if any control with a paper based permit system.  I am not in any way saying there is no merit to a paper based system because it is definitely a step in right direction considering not having one at all.  In today’s business it is however “Old School” and may even be challenged as not having done everything “reasonably practical” to ensure safe work.

To conclude:

Can you risk the lives of your workers and contractors and personal potential liability by trying to perfect a paper based system?

Can you afford to spend time and financial resources on a system that is sub-standard and will be replaced in the future?

If you believe that a paper based system or perfecting it has major limitations then why don’t you put the “Cart in front of the Horse”?

Major organisations have seen the merit of an electronic permit to work system and have implemented these quick and effectively and adapt to changes in working conditions immediately.  They are constantly changing the way permits are being issued as well as the process.  Can you afford not to be running an electronic permit to work system?

Sustainability – more than just “Green”

The recent events on world markets have led to business leaders everywhere seriously questioning the sustainability of their operations.  While many factors are outside the direct control of management, such as raw material prices, demand for product and availability of capital, there are nevertheless many areas that are within managements control.  These areas, if addressed holistically will lead to more sustainable and profitable operations.

Business leaders in the process manufacturing industry have concluded that sustainability needs to be a combination of initiatives in three key areas:  financial, environmental and social.  When all three are addressed simultaneously, new value can be created.  This of course makes good business sense, companies that address these areas are likely to show greater returns to shareholders and other stakeholders.

A production manager can make a significant difference in the way plants are operated.  Previously it was sufficient for them to concern themselves mainly with production targets, such as production rate, conversion efficiency, cost of production (per ton), inventory and supply chain management.  However there are other significant KPI’s such as incident rates, emission management, health and wellbeing of employees and community development which need to be superimposed in order for a plant and business to operate responsibly and of course more sustainably.

The IT industry has recognised this and software vendors have started recognising that sustainability is a key driver in successful manufacturing operations.  The philosophy is that Health, Safety, Environment and Quality (HSEQ) needs to be embedded into all production processes and made intrinsic in the overall measurement and reporting of all activities.  No longer is production cost the only factor.   Unfortunately, it is unsatisfactory to try and “bolt on” SHEQ systems on top of business systems.  It is far better when designing and selecting software based systems that HSEQ is seen to be embedded in each and every step in the software and when selecting systems the practical integration of these with each other and the business systems needs to be evident.

A simple example of how a holistic systems approach can be achieved is through the integration of production, maintenance and SHE in a typical operating company.  It is often that these three areas report to a common production manager, but this is the only point where there is joint accountability.  Production, maintenance and SHE teams often operate in separate “islands of information”, citing every reason as to why they are different and need separate systems.  A typical production environment therefore has separate maintenance, SHEQ and operational software with absolutely no thought given to the process integration between these areas, and the consistency between these systems.  An fragmented approach definitely leads to wasted opportunities to drive improved sustainability through a common integrated approach. 

The overall production processes includes several activities including determining rules for safe work; enforcing these through the maintenance function when executing work orders, getting authorisation from operations through the permit  to work process, integrating this into the SHEQ management system through incident management and non conformance handling; while always retaining a strong focus on the process operations in the control room.  Additional areas include measurement of production efficiencies, energy efficiencies, emissions and environmental spills.

IT systems are evolving (some quicker than others) to embrace this holistic approach.  The business drivers are there; and several vendors have been adopting the holistic vision for many years.  It behoves business and plant management to take a new look at these IT systems and understand how they are evolving to a more comprehensive solution. These new generation systems can act as a vital tool for production managers who need to contribute to improved sustainability within their production environments.  This will improve the chances of weathering the Global economic storm and allow your business to emerge stronger to take advantage of the inevitable upturn in a world that will be much more aware of sustainability as a key business success factor.

New IntelliPERMIT workflow rules

The set of rules supported by IntelliPERMIT continues to grow.   These rules allow the system to react more intelligently to permit scenarios and to guide users through the permit process.

 

• Rule #33 states that a permit acceptor may not suspend more than one permit at a time.  This rule is useful in scenarios where isolations are being removed for testing or commissioning of equipment that has been worked on.  The rule should be enabled in order to control this process and ensure that the responsible person deals only with a single commissioning activity at a time.  
• Rule #34 is designed to limit access to particular operations to the person who initiated/applied for the permit. For instance, this is a useful control to ensure that only the original applicant can edit a permit (even prior to it being issued.) 
• Rule #35 governs which permit types may not include isolations – by definition some permit types require work on equipment that is live.
• Rule #36 may be used to ensure that a permit includes a safety lock and key safe number prior to the permit being issued.  This rule only applies to those sites that make use of key safes.
• Rule #37 ensures that if other permits are cross referenced to a “master” permit, the master may not be edited unless the cross references from the “slave” permits are first removed, or they are signed off.
• Rule #38 simply alerts users when signing permits if their competencies are due to expire.  This is particularly useful in the cases where users may not have received emails warning them of the impending expiration of their competencies. 

 

These rules have been published for general release with version 5.  (Hotfixes for version 4.3 SP4 are available on demand for some of these new rules)

 

A more general enhancement also included in version 5 is the opening up of the permit editing process to allow for additional rules to be added without making changes to the core software.

 

Enhancements to IntelliPERMIT workflow and rules

Version 5.0 of IntelliPERMIT includes a number of subtle enhancements to the underlying workflow and rules engine of the system. These enhanced capabilities will not disrupt the functioning of existing systems, nor require any re-configuration unless the site specifically requires the new functionality. While the technical details of these changes may seem slightly obscure, the intention behind them is to allow the system to more efficiently guide users through the permit process and allow them to produce permits that more accurately reflect the requirements of a task. Here are four examples:

1. Precautions and Preparation questions may be configured to appear in the Permit Wizard even if not linked to a specific hazard. This is useful in a scenario where a question must be asked on all permits across site but is not necessarily associated with a hazard. Unless a hazard is linked to this question, no rule is applied to the given answer. However, the user is forced to supply an answer.

2. Authorisation questions may now be linked to specific hazards. If a question is linked to a hazard, then it only appears if the permit includes that associated hazard. A practical example of where this may be used is in gas testing where a question should only be displayed and the answer validated if a gas hazard is included on the permit.

3. The workflow actions may be optionally configured to only appear for specific permit types or if the permit includes specified hazards. If no hazard or permit type is specified in the configuration, then the action will be visible for all permit types and for all hazards. Again, this is useful to more closely tailor the workflow to the requirements of the specific permit and ensure that users are only presented with relevant actions to perform.

4. Question rules now support the “NOT” operator. This allows a rule to be set that allows any answer except a specific response. For example, a question may have 3 options in a dropdown: Yes, No and N/A; and a rule set to “NOT No”. This means that both “Yes” and “N/A” will be valid responses to this question.

Can safety be managed “by exception”?

“Management by exception” is a well known business philosophy adopted by managers who wish to empower their subordinates to take full ownership of operations within their responsible areas. The underlying assumption is that if there are no exceptions, all is well and senior management can focus on other areas. However, unless the frequency and severity of the exceptions are directly linked to the underlying health of the business, this assumption can be fundamentally flawed. When considering process safety, the severity of a safety incident can be such a rare event, yet occur with such seriousness, that by the time the “exceptions” have occurred and brought to the attention of management, the business is in trouble. As I write this, a leading South African mining company is forecasting a 29% drop in profit as a result of safety related stoppages. The “exception” in this situation was the unfortunate death of a miner.

 While “management by exception” may have its place in some areas of the business; it would be extremely reckless to apply the same philosophy to the safety of complex, hazardous operations such as a petrochemical plant or a mining operation. Yet our corporate technique of measuring and reporting safety performance is based on the assumption that you can measure and report indicators that will accurately predict severe incidents. This metrics based approach is reinforced by self congratulatory comments in annual reports where the frequency of classified or disabling injuries is seen to be reduce year on year to target levels set by industry experts and peer companies.

It is clear that in our modern plants and on mines, severe accidents occur at a frequency that is too low to predict using most of the traditional statistical indicators such as disabling injury and fatality rates. Much more needs to be considered and a holistic view of safety should be adopted that covers the design and engineering of the plants throughout the life cycle of the plant, including human behavioural aspects.

A complete systems and life-cycle approach is therefore necessary. Plants and processes are extremely complex systems that have distinct stages from design, commissioning, operations and eventual closure. During the early design stages, risk assessment techniques may include hazard and operability studies (HAZOP), or defining design Safety Integrity Levels (SIL) based on the inherent process risks. In these scenarios a team of experts work through systematic methodology to determine risk, and to ensure that appropriate safety standards are applied in the design.

During commissioning, the design meets the real world. It is possible that with a high level of discipline engineering changes are managed during this time. This is because many of the design engineers are still available for commissioning; and the project disciplines are still enforced. So a process change that has a safety impact is very likely to be properly assessed and the necessary standards applied to the implementation.

As the plant moves out of the commissioning phase and is handed over to routine operations, risk assessment practices change fundamentally in nature. It is during this phase in the plant lifecycle that all the engineered systems are in place; and people take over. Behavioural aspects are now significant. Hence the focus during this phase is on safety culture, and behaviour. Safety management systems are now implemented. Management systems are however based on exception or deviation processes (incident management) to direct corrective and preventative actions. This phase is also characterised by auditing and change management disciplines.

During a plant lifecycle; both the techniques of risk assessment and management of safety undergo a fundamental change. HAZOP and SIL assessments are rigorously applied in the standards applied during the design of new plant; but to what extent are these practices enforced during routine operations? Is management satisfied, that just because there have no severe incidents to report (“500 000 injury free hours”) that all is well? This was certainly not the case for the unfortunate mining company.

A balanced and holistic approach is called for if companies are going to get out of the “management of safety by accident”. It is necessary to incorporate the original engineering and design disciplines in all change processes that take place on an operating plant. So when a maintenance team installs a new line to drain a vessel for example; the same engineering rigor must be applied to this change as was the case in the original design stage. It’s rather like retrofitting a non standard power steering system to a car; unless the new system integrates to the wheels properly and in accordance with the same “safety integrity level”, the safety integrity of the vehicle can be severely compromised.

Best practice is to implement several formal systems once the plant reaches routine operations. These systems include change control (for example modification proposals and minor projects), versioned documentation systems (for engineering documentation), operational systems (plant maintenance and safety permit to work), safety management systems (incident management, tasks and reporting). These systems need to support the underlying risk assessment methodologies: For example Hazop and Safety Integrity Level (SIL) design techniques, operational risk assessments during permit issue, etc. The same systems also need to be designed around people that design and operate plants; and fully consider behavioural aspects.

Accidents can be avoided and companies can remain profitable through a comprehensive and holistic approach to safety that incorporates design and operations of plants throughout their lifecycle. Senior management who manage safety by exception can avoid surprises by recognizing that this philosophy is not adequate when managing safety in complex environments. The frequency of serious incidents is often too low to be predicted by indicators such as disabling injury or fatality rates. And the consequences can be extremely severe. Business leaders must ensure that the same engineering standards that were implemented during the design stages are carried through into plant operations for the full lifecycle of the plant. Business leaders must recognize the human element in this complex system; and lead the culture and approach towards safety. This is not just about providing rubber gloves and respirators; it goes to the heart of the philosophy of safety integrity and the sustained profitability of our manufacturing and mining plants.