PROCESS HAZARDS ANALYSIS LEADERSHIP TRAINING

NPC TRAINING PROGRAM

STUDENT HANDOUT

Presented by Marcel Leal-Valias

Calgary Tel 1-403-221-8077 Fax 1-403-221-8072 E-mail: info@seal.ab.ca Website: www.seal.ab.ca

Table of Contents
COURSE OBJECTIVES.................................................................................................. 1 COURSE OBJECTIVES ....................................................................................................... 1 OVERVIEW OF PHA ......................................................................................................... 2 PHA IN A NUTSHELL........................................................................................................ 3 HISTORY OF PHA............................................................................................................. 4 QUANTITATIVE & QUALITATIVE HAZARD ANALYSIS.................................... 5 QUANTITATIVE AND QUALITATIVE HAZARD ANALYSIS OVERVIEW ................................ 5 PHA AND RISK ANALYSIS COMPARED ............................................................................ 6 OVERVIEW OF HEALTH, SAFETY & ENVIRONMENT HAZARD MANAGEMENT .............................................................................................................. 7 SAFETY MANAGEMENT SYSTEMS REVISITED BY HAZARDS ANALYSIS ........................... 9 ELEMENTS OF FACILITY RISK .............................................................................. 13 PROCESS ACCIDENTS ..................................................................................................... 14 PROCESS RISK REDUCTION STRATEGIES ........................................................................ 15 HUMAN FACTORS IN FACILITY RISK .............................................................................. 15 Factors Influencing Human Performance ................................................................ 17 Human Error In Accident Causation........................................................................ 18 Human Error Risk Reduction Checklist at Different Levels of Interaction .............. 21 SITING ISSUES IN FACILITY RISK .................................................................................... 22 ENVIRONMENTAL ISSUES IN FACILITY RISK................................................................... 23 PHA TEAMS................................................................................................................... 25 SIZE OF PHA TEAM ....................................................................................................... 25 WHY A TEAM APPROACH?............................................................................................. 25 RESPONSIBILITY OF GROUP PARTICIPANTS IN PHAS ..................................................... 27 THINKING SKILLS REQUIRED OF PARTICIPANTS IN PHAS .............................................. 27 PHA METHODOLOGIES ............................................................................................ 30 VIDEO PROCESS HAZARDS ANALYSIS ......................................................................... 30 GENERAL PHA PROCEDURE FLOW CHART .................................................................... 31 OBJECTIVES OF A GOOD PHA STUDY ............................................................................ 32 PROCESS SAFETY INFORMATION FOR HAZARDS ANALYSIS............................................ 32 VIDEO PROCESS SAFETY INFORMATION ...................................................................... 32 METHODOLOGIES OVERVIEW ........................................................................................ 35 HAZard and OPerability Analysis (HAZOP) ........................................................... 35 Preliminary Hazards Analysis .................................................................................. 44 Checklist Analysis ..................................................................................................... 47 What-If Analysis........................................................................................................ 49 What-If/Checklist Analysis........................................................................................ 51 Failure Modes and Effects Analysis (FMEA) ........................................................... 53
PROCESS HAZARD ANALYSIS S.E.A.L. International I

Other PHA Methodologies Reserved for Specific Safety Concerns.......................... 57 ADVANTAGES AND DISADVANTAGES OF PHA METHODOLOGIES .................................. 58 LIMITATIONS OF PHA .................................................................................................... 59 METHODOLOGY SELECTION CRITERIA ............................................................ 60 FACTORS TO CONSIDER WHEN SELECTING THE APPROPRIATE PHA METHODOLOGY .. 60 Purpose of Study ....................................................................................................... 60 Type of Results Required .......................................................................................... 61 Type of Information Available .................................................................................. 61 Time Frame for Completion of Study........................................................................ 61 Development Phase of the Facility ........................................................................... 62 Relative Risks Associated with Chemicals, Process and/or Facility Location......... 64 PHA Team Experience Level .................................................................................... 65 Operating History (Past Incidents)........................................................................... 65 Resource Availability and Management/Leader Preference .................................... 65 METHODOLOGY SELECTION FLOW CHART .................................................................... 66 COST BENEFIT CONSIDERATIONS ................................................................................... 67 DOCUMENTATION ISSUES....................................................................................... 68 DOCUMENTATION FOR DECISION MAKING .................................................................... 68 DOCUMENTATION FOR FUTURE REFERENCE .................................................................. 68 WORKSHEET REPORT ..................................................................................................... 69 COMPLETED REPORTS .................................................................................................... 70 Usual Format for PHA Report.................................................................................. 71 LEGAL ISSUES (DUE DILIGENCE)................................................................................ 72 PHA LEADERSHIP ....................................................................................................... 73 PHA FACILITATION SKILLS ........................................................................................... 73 TEAM LEADER QUALIFICATIONS ................................................................................... 73 PHA LEADERSHIP RESPONSIBILITIES ............................................................................. 74 Causes and Solutions for PHA Quality Problems .................................................... 77 PHA GROUP DYNAMICS ................................................................................................ 78 GETTING THE BEST FROM YOUR TEAM ......................................................................... 80 PHA WORKSHOP (HAZOP & WHAT-IF)................................................................ 84 DEFINING SCOPE AND OBJECTIVE OF PHAS................................................................... 84 ESTIMATING TIME FOR PHAS AND PLANNING SCHEDULE ............................................. 87 QUALITATIVE RISK RANKING MATRIX FOR PHAS......................................................... 89 FIRST MEETING .............................................................................................................. 93 DOCUMENTING THE PHA WORKSHEET ......................................................................... 94 CREDIBILITY OF CAUSES ................................................................................................ 95 ACCIDENT CAUSES CATEGORIES TO BE CONSIDERED BY PHA TEAM .......................... 97 PHA FOLLOW-UP .......................................................................................................... 98 PHA WORKSHOP DRAWING RESOURCES .......................................................... 99 APPENDIX.................................................................................................................... 101 GLOSSARY OF PHA TERMS .......................................................................................... 101
PROCESS HAZARD ANALYSIS S.E.A.L. International II

COMMON HAZOP TERMINOLOGY ............................................................................... 108 SIMPLIFIED CHECKLIST FOR HAZARD ANALYSIS ......................................................... 110 SAMPLE HAZARD CHECKLIST ...................................................................................... 114 SAMPLE MATERIAL INCOMPATIBILITY INDEX .............................................................. 118 LIST OF HIGHLY HAZARDOUS CHEMICALS, TOXINS AND REACTIVES .......................... 119 METHODOLOGY SELECTION AND/OR PRIORITY ORDERING WORKSHEET FOR CONDUCTING PHAS .................................................................................................... 124 ARTICLE....................................................................................................................... 131 Extend HAZOP to Computer Systems ................................................................ 131 ARTICLE....................................................................................................................... 132 Culture................................................................................................................ 132 STANDARDS ................................................................................................................. 133 Management of Process Hazards....................................................................... 133 STANDARDS ................................................................................................................. 134 OSHA 29 CFR PART 1910................................................................................. 134 READING ENGINEERING DRAWINGS ................................................................ 135 TYPES OF ENGINEERING DRAWINGS USED IN PHA STUDIES ....................................... 135 OVERVIEW OF READING P&IDS .................................................................................. 136 Valve Markings ....................................................................................................... 136 Examples of P&ID Abbreviations........................................................................... 137 ENGINEERING DRAWING INFORMATION....................................................................... 139 Function Blocks ...................................................................................................... 140 Reference Symbol Sheets......................................................................................... 142 General Symbols ..................................................................................................... 143 Instrument/Process Line Symbols ........................................................................... 147 Valve Body Symbols................................................................................................ 148 Self Actuated Valves................................................................................................ 150 Flow Rate Symbols.................................................................................................. 152 Actuator Symbols .................................................................................................... 154 Typical Letter Combinations................................................................................... 155 GENERAL REFERENCES......................................................................................... 156

PROCESS HAZARD ANALYSIS S.E.A.L. International

III

COURSE OBJECTIVES
Course Objectives
The objectives for this course are: To build an understanding of the concepts of Process Hazards Analysis (PHA) and its role in Health, Safety and Environment management. To provide a basic understanding of all the major hazard identification techniques and when each should be used. To provide an understanding of the responsibilities involved in PHA leadership. To provide basic skills and practice in the use of the What-If and HAZOP techniques. To provide training in the use of software as a tool in the facilitation of PHA.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

Overview of PHA
A PHA is a systematic multidisciplinary team study. It focuses on identifying and analysing the significance of potential process hazards and on making initial recommendations for eliminating and/or reducing the consequences of potential incident/accidents. A PHA is the foundation of any Process Safety Management Program. A PHA is interested in the potential causes, likelihood and consequences of process incidents. A PHA works by combining the experience, knowledge and intuitive imaginations of expert team members with a selected analytical methodology. A PHA provides companies with the information necessary to make operating decisions, to help improve safety, and to manage the risk of operations. Various hazard identification methodologies provide flexibility according to time scope and objectives of study. A PHA should be conducted several times during a facilitys design, construction and operating life cycle. Some methodologies not only identify hazards, but also operability problems. A PHA assigns qualitative likelihood and severity ratings from which a relative risk ranking can be estimated. A PHA identifies high level hazards for possible further quantitative risk analysis.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

PHA in a Nutshell

PROCESS HAZARDS ANALYSIS

What can go wrong?

How likely is it?

What are the consequences?

FOUNDATION FOR PROCESS HAZARDS ANALYSIS

Historical Experience

PHA Methodology

Knowledge and Intuition

PROCESS HAZARDS ANALYSIS S.E.A.L. International

History of PHA
HAZOP, the first formal PHA, was developed in the UK at ICI over 30 years ago. Other methodologies have followed as requirements for less comprehensive and time consuming reviews have emerged. The occurrence of major industrial accidents and the subsequent forceful safety and environmental legislation throughout the world has led to Process Safety Management (PSM) or Process Hazards Management becoming an industry standard. Companies have become increasingly aware that operating a safer facility leads to a more profitable business and that, in the long run, safety is in the best financial interest. Development of sophisticated software to aid in the sometimes tedious task of PHA has lead to its adoption throughout the process chemical industry. PHA was legislated (1992) in the USA as part of OSHA CFR 29, Part 1910. PHA is part of American Petroleum Institute (API) Recommended Practice 750, 1990, which stands as the recommended standard for Canadian process industries. OSHA 29 CFR, British Standards 8800 and Norwegian regulations have become the world standards.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

QUANTITATIVE & QUALITATIVE HAZARD ANALYSIS

Quantitative and Qualitative Hazard Analysis Overview
Safety is Good Business Both qualitative and quantitative hazard analyses are important in identifying and analysing risk. It is a given that money properly spent on safety increases profitability through fewer injuries and reduced lost time, and through reduced property and production losses. However, too much money can be spent on safety and the benefits can be outweighed by the cost. For instance, if the predicted expenditure to remove an identified hazard is very high, it will be necessary to statistically quantify its probability and the scope of its consequence to decide how it can be best minimized. PHA is the initial predictive identification of potential hazards. RISK ANALYSIS provides a statistically based quantitative assessment of the probability and consequence of major hazards identified in a PHA.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

PHA and Risk Analysis Compared PHA

Initial predictive identification of all potential hazards - estimates likelihood and severity, suggests improvements USE ON EVERY PROJECT - at every stage from concept through decommissioning

RISK ANALYSIS
Subsequent assessment of major hazards only statistically based probability / consequence hazard assessment SELECTIVE - if the potential exists for a catastrophic accident or if no easy and obvious solution to identified hazard is evident QUANTITATIVE - requires extensive statistical data and specialized expertise very costly ONE OR TWO SPECIALLY TRAINED PEOPLE Also called: Hazan Risk Assessment Probabilistic Risk Assessment (PRA) Quantitative Risk Assessment (QRA)

QUALITATIVE - based on the experience, knowledge and creative thinking of workers involved in the process MULTIDISCIPLINARY TEAM Several methodologies available What-if What-if/Checklist HAZOP FMEA Preliminary Hazards Analysis

PROCESS HAZARDS ANALYSIS S.E.A.L. International

OVERVIEW OF HEALTH, SAFETY & ENVIRONMENT HAZARD MANAGEMENT

Management Commitment Process Review

Hazard Assessment

Off-The-Job Safety

Hazard Control

Preventative Maintenance

Contractor Management

Health, Safety & Environment

HSE Steering Committee

Cost Savings Quality Production Customer Satisfaction

Training

Accident / Incidents

Communication

Emergency Preparedness & Response Hiring & Health Monitoring Hazardous Materials

Inspections

PROCESS HAZARDS ANALYSIS S.E.A.L. International

Safety Management Systems Revisited By Hazards Analysis

Hazard identification and assessment has to be the starting point for successful HSE management. The information gained from a PHA about potential hazards, is essential to any HSE Management Program. Human, process, equipment, environmental and production hazards can be identified and the information used to develop and fine-tune all the component systems of a Safety Management Program. Let us revisit the HSE Management System introduced in the introductory session, this time reflecting on the pivotal role that PHA plays in each component. Management Commitment provides the essential information for risk management decision making can pinpoint gaps in management and administrative controls demonstrates management commitment to the safety of personnel boosting employee morale Hazards Identification and Assessment identifies a wide range of hazards to people, process, structures, equipment, and the environment, e.g. chemical, biological, ergonomic, radiation, etc. identifies actual and hidden potential hazards allows hazards to be prioritised according to risk ranking making management decision making easier identifies high risk hazards requiring further quantitative analysis can provide recommendations for mitigating consequences of accidents highlights opportunities for improving operability

Hazard Controls Rules & Procedures design layout information can identify design errors and highlight opportunities for debottlenecking and improving operability. identifies a need for formal operating, maintenance and emergency procedures
9

PROCESS HAZARDS ANALYSIS S.E.A.L. International

highlights weaknesses in existing procedures can be adapted to perform Job Hazard Assessments and Critical Task Analyses identifies the need for a refresher training schedule

Management of Change identifies design or material errors of the proposed change follows the effect of the proposed change on the rest of the process and facility identifies where procedures are missing and need to be improved identifies where additional training may be required identifies the health, safety and environmental considerations of proposed changes can provide initial recommendations for mitigating consequences of accidents

Contractor Management identifies requirement for procedures and training identifies potentially hazardous interaction with the operation

Training - Management & Employees trains management and PHA participants in the hidden hazards of their workplace highlights gaps and deficiencies in training

Communication (Record Keeping) highlights gaps and deficiencies in communication provides reported and stored information about hazards and gaps in Safety Management Systems provides recorded system for resolution of HAZOP recommendations identifies the hazard potential of proposed changes provides the opportunity to prove due diligence

Inspections provides a paper trail for resolution of recommendations for hazard reduction highlights gaps and deficiencies in HSE Management

PROCESS HAZARDS ANALYSIS S.E.A.L. International

10

Hazardous Materials identifies potential immediate and long term health concerns identifies potential chemical interaction hazards identifies gaps in existing precautionary procedures can provide recommendations for mitigating consequences of accidents

Hiring & Health Monitoring identifies areas where additional health monitoring may be required

Emergency Preparedness & Response identifies potential types of emergencies and harm identifies gaps and deficiencies in the Emergency Response Plan

Accident/Incident Investigation provides a paper trail for accident/incident investigation provides valuable past incident information for a PHA - highlights potential hazards HSE Steering Committee identifies workplace hazards identifies need for additional controls

Preventive Maintenance identifies areas and equipment requiring regular preventive maintenance trains maintenance personnel in the process and its potential hazards

Off The Job Safety assists participants with general safety awareness

Process Review/Audit provides the basis for an audit broadly identifies the actual or potential gaps in the overall Safety Management System provides paper trail
11

PROCESS HAZARDS ANALYSIS S.E.A.L. International

Conclusion Proactively taking care of the safety of people, production, equipment and the environment makes good economic sense. The way to start to take care of safety is by identifying and assessing the actual and potential hazards in the facility and by putting a well-planned system in place to manage them. If you do not know what can go wrong, or how often it is likely to go wrong and what the consequences may be, it is impossible to plan or operate a safety system effectively. Often, time and money can be spent reacting to accidents and near misses without really getting very far in reducing the existing and potential hazards and their associated visible and hidden costs.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

12

ELEMENTS OF FACILITY RISK

Hazard potential arises from any combination of risk elements, such as process, material, siting, environment and human interaction, and exists at all levels throughout a facility lifecycle. To identify ways to eliminate or reduce the frequency and consequences of process accidents, it is essential to understand the breadth of hazard potential in a facility. Process hazards are always a combination of hazardous materials and the conditions under which they are handled. However, it usually takes a sequence of events to create an accident outcome. The important thing to remember as a PHA facilitator or participant is that each event in the sequence presents an opportunity to avert the accident or to mitigate the severity of its outcome. PHAs can play an important educational role in helping workers participating in them to understand potential accident sequences in their facility and see the significance of failure of defenses at any level. Process accidents are rarely the result of isolated events; they are usually the result of a sequence of failures or errors. Initiating events are the first events in an accident sequence, the event or action that sets off a chain reaction. Sometimes the initiating event may be the only event if there is no built in protection against it or the event is so severe that existing protection is overwhelmed by the event. Propagating events are the secondary events that link an initiating event to an accident outcome. These events are the responses that engineered safety features and administrative controls make when the initiating event occurs. Usually these events can be correlated to equipment failure, human error, inadequate safety defences, inadequate administrative controls or unusual external conditions.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

13

Process Accidents
HAZARDOUS MATERIALS + PROCESS CONDITIONS

INITIATING EVENTS Design Errors Management System Failures Human Errors External Events

PROPAGATING EVENTS Equipment Failures Safety System Failures Ignition Sources Management System Failures Human Errors External Contributions (e.g. the weather)

ACCIDENT OUTCOMES Emissions Fires Explosions Projectiles

ACCIDENT EFFECTS Toxic (acute & chronic) Thermal Overpressure Radiation Contamination

DAMAGE ASSESSMENTS Employees Surrounding Community Environment Production Company Assets Company Reputation Company Liability

PROCESS HAZARDS ANALYSIS S.E.A.L. International

14

Process Risk Reduction Strategies

Risk reduction strategies are built-in defenses and appropriate responses to initiating events that avert an incident or mitigate the severity of outcome.

Operator Control Systems Alarms/early warning Control system response Manual and automatic ESD Fire/gas detection system

Operating Safety Systems Relief valves Depressurization systems Isolation systems High reliability trips Back-up systems Specially designed structures Emergency Plans Sirens/warnings Emergency procedures Personnel safety equipment Safe shelters Escape and evacuation Training Systems Operations Contractors Procedures

Mitigation Systems Dikes and drainage Flares Fire protection systems Explosion vents Toxic gas absorption Ventilation systems Management Commitment to Safety Management
Process Safety Information available and up to date.

Source: Adapted from Table 1.3, Guidelines for Hazard Evaluation Procedures, AIChE, New York, 1992.

Human Factors in Facility Risk

Human error is seen as the incompatibility of task demands and human emotional, mental and physical capabilities. Human error has been the major cause of almost all catastrophic accidents in the chemical process industry and has an ultimate impact on profitability through losses and lower quality product. Human error can be reduced if the workplace culture and the tasks within it are designed with consideration for the needs and capabilities of those who will interact with it.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

15

The PHA objective, in considering human factors in facility risk, is to look at all aspects of potential human interaction with a process to predict what could possibly happen. When human causes are taken into account, hazards that appear unlikely on a hardware level may significantly increase in likelihood.

SCOPE OF HUMAN ERROR

HUMAN FAILURE

ERRORS

VIOLATIONS

SLIPS

MISTAKES

Deliberate actions Different from those prescribed Carries known associated risks Ignores operational procedures

Violation errors occur because of a perception of lack of relevance, time pressure or laziness.

Competency exists Intentions are correct

Slips occur while carrying out habitual, routine, skill based activity automatic pilot syndrome

Incorrect intention Inadequate knowledge Incorrect information processing Inadequate training

PROCESS HAZARDS ANALYSIS S.E.A.L. International

Mistakes occur because of poor attitude, incorrect assumptions or incorrect tunnel vision application of 16 rules.

Source: Adapted from Fig. 2.6, Guidelines for Preventing Human Error in Process Safety, AIChE, New York, 1992

Factors Influencing Human Performance

As humans interface with processes and systems, they can be considered a liability or a safeguard. Factors that influence performance and create liability need to be considered when attempting to identify potential human error hazards. The following factors must be considered when attempting to identify the potential for human error. Economic and Political Environment

regulatory climate legislation general economic conditions

Corporate Policy and Management Systems

safety culture and policies resource allocation

Process Environment

materials handled complexity of process frequency of human interaction perceived danger by workers protective clothing and equipment

Physical Work Environment

noise lighting temperature environmental conditions

PROCESS HAZARDS ANALYSIS S.E.A.L. International

17

Work Control Systems

supervision standard, emergency, maintenance and contractor procedures level, clarity and frequency of training/instruction quality of checks and warnings frequency of use

Working Conditions

work hours shift rotations distribution of work contractor interaction

Operator Attributes

training skill and experience physical/intellectual capability morale and motivation

Human Error In Accident Causation

Human error is either an active or a latent (waiting to happen) error. Active Human Error Active human error has an immediate and direct effect on the cause of a hazardous situation or is the direct initiator of a chain of events, which leads to an accident. Latent Human Error Latent human error is different in that the consequences of the error may only become dynamic after a period of time when the condition caused by the original error combines with other errors or system failures to bring about unsafe conditions. Latent human error is of the most concern for PHA teams. Most latent human errors occur at the engineering design or at management policy level. It is at the engineering
PROCESS HAZARDS ANALYSIS S.E.A.L. International 18

design level that PHA study teams must be most vigilant. For instance, inappropriate design for valve placement or inadequate space allowed for worker movement in attending to routine inspections and maintenance will increase the probability of active errors. The Flixborough disaster discussed in the video in the introductory session is an example of latent human error. Engineering staff should have realized that the constant pressure fluctuations within and between the reactors would have an adverse effect on the temporary bypass pipe if it were not adequately supported. An error of this kind would have been picked up in a well-conducted PHA of the modification. The value of having knowledgeable and diversely experienced PHA team members becomes particularly evident when dealing with the potential for human error during a PHA. WINDOW OF INCIDENT OPPORTUNITY

PROCESS HAZARDS ANALYSIS S.E.A.L. International

19

Inappropriate policies at the corporate level, or incorrect or deficient implementation of policies by management at the line level can create an error inducing environment at the operational level. This environment at the process and physical work level leaves the door for actions or decisions that are unsafe. If engineering and human defenses against foreseeable hazards at any level prove inadequate, an incident will occur. The individual who performs the action leading to an incident is usually the last straw that breaks the system already made vulnerable by the latent errors of poor management.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

20

Human Error Risk Reduction Checklist at Different Levels of Interaction

MANAGEMENT Tangible management commitment to facility safety and training is shown. Process safety information is kept complete and current. Safety policies are clearly communicated to employees. Appropriate employee participation is part of safety management. PROCEDURES A task analysis has been performed. Critical tasks have been identified. Critical task deviations have been analyzed for potential hazards. Tasks are designed for the humans who will perform them. Routine/non-routine and emergency procedures are current, appropriate, clear, concise and consistent. Procedures provide quality checks and warnings. Procedures are used.

DESIGN AND CONSTRUCTION Equipment is accessible, clearly labeled.

WORKING CONDITIONS Noise, lighting and temperature are at appropriate levels. Adequate protective clothing and equipment is provided. Hours worked are appropriate for complexity of continuous task performance. Shift rotation allows for optimal performance.

Materials used comply with appropriate codes and standards. Adequate safety measures are built into design. Adequate containment of hazardous chemicals is built into design. Buildings are designed and sited to comply with existing guidelines and standards for worker and equipment protection. Buildings are appropriately located in relation to hazardous materials or processes.

TRAINING Quality training is provided for all new employees. Performance is evaluated and training is refreshed regularly.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

21

Siting Issues in Facility Risk

Siting issues should be addressed in every PHA, or for a large complex facility, siting can be the subject of its own specialised PHA. Siting includes the physical site of the facility, the location and layout of equipment, and the location of hazardous materials, processing and storage. Siting issues are considered in relation to the people who occupy the site for any length of time and the geographic and environmental implications. During a PHA, the following are some of the issues that need to be considered. Site Selection Considerations: (Usually considered at conceptual stage of facility lifecycle.)

adjacent facilities nearby communities transport availability availability of utilities (e.g. power and water) topography and average weather conditions environmental sensitivity

Layout Considerations:

industry and insurance guidelines and statutory regulations process materials being handled or stored (inherent properties) extremity of physical process conditions location and spacing of process plant buildings and equipment to provide access for routine operation and emergency services location and spacing of process plant buildings and equipment to ensure safe distances from process and storage of hazardous chemicals buffer zones between hazardous material storage and extreme processes to reduce potential for domino effects building design and construction standards to withstand the intrusion of fire, explosion and toxic effects occupancy level of areas in proximity to process units and material storage

PROCESS HAZARDS ANALYSIS S.E.A.L. International

22

Protective Mechanisms and Equipment:

containment drainage fire proofing ventilation explosion barriers crash barriers fire water supply

NOTE: PHA-Pro provides a comprehensive Siting Checklist in the OSHA templates

Environmental Issues in Facility Risk

PHAs are not only interested in the safety of life and production, but international regulations and human responsibility insist that they are also interested in the safety of the environment.

The following are some of the issues that should be considered during a PHA. On and off-site contamination:

ground water contamination contaminated surface water run-off soil contamination plant life food chain air quality and ozone depletion

Human impacts: Chronic and acute exposure to toxic materials through contaminated drinking water, agricultural products and air.

allergies eye irritation lung damage

PROCESS HAZARDS ANALYSIS S.E.A.L. International

23

genetic mutations poisoning

Wildlife impacts:

migratory routes critical habitats for endangered species genetic mutations

Domestic animal impacts:

contamination of feed and water genetic mutations poisoning impact on agriculture and food supply

Micro/Macro biological impacts:

ecosystems food chain surface and ground water air quality eradication of habitat or species

PROCESS HAZARDS ANALYSIS S.E.A.L. International

24

PHA TEAMS
A PHA is performed by a multidisciplinary team experienced in engineering, operations and maintenance. Other relevant experts should be included as required. At least one member of the team should have knowledge specific to the process being evaluated and at least one member should be knowledgeable in the PHA methodology being used and impartial in the evaluation.

Size of PHA Team

As few as two or three and as many as seven or eight depending on the methodology chosen and the size and complexity of the facility. Too many participants reduce the efficiency of any PHA.

Why a Team Approach?

Advantages of team approach: Range of expertise and experience creates a wide information pool base for decision-making. Representatives from different cultural groups in a facility can bring multiple perspectives to problems and the implications of proposed actions. (See article Culture in Appendix.) Multidisciplinary teams provide an inclusive safety culture in which to learn about, and understand other operating cultures. Groups can make higher quality decisions because they have a greater combined capacity to comprehend a problems complexities and its alternative solutions. Groups can fill in each others blind spots and jolt each other out of rigid thinking. Groups can help each other see the big picture more clearly. Groups stimulate creativity by piggy backing on each others ideas to sometimes create an unusual solution to a routine problem. Groups can enhance commitment of participants to carry out the groups decision.
25

PROCESS HAZARDS ANALYSIS S.E.A.L. International

Disadvantages of team approach: Time Pressure Groups can feel the pressure of time and rush through a discussion so it is necessary to avoid using arbitrary deadlines; assess the demands of the task realistically before estimating the deadline. Social Pressure Groups can feel pressure to conform to group norms (e.g. participants will frequently accept the first feasible solution that seems acceptable to the majority of members while other, perhaps superior, solutions go unexamined). Groups can succumb to groupthink and minimise critical testing of ideas because of a fear that conflict will create disharmony (often happens in close knit groups such as facility co-workers). Ego Pressures Group pressure sometimes can lead to ego defensive strategies that are counterproductive to group efficiency. Domination of discussion by one individual can inhibit challenges to the ideas of the talker and the presentation of alternative points of view. Apprehension by participants perceiving themselves as having lower status than others in the group can lead to acquiescence to the ideas of members seen as having higher status. A competitive environment destroys group effectiveness when members allow individual goals of winning the argument to take priority over the shared goal of solving the problem. Egocentric communication within a group does not listen to the ideas of others so decisions are often made according to whoever pushes their own point of view the hardest.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

26

It is the responsibility of both participants in PHAs and the leaders of PHA teams to recognize the negative potential within the group and work towards creating group cohesion and efficiency.

Responsibility of Group Participants in PHAs

Be on time - commit to schedule and study goals. Remain focused. Respect the ideas of others. Actively participate. Critically evaluate ideas not the person who presented the idea. Contribute all relevant information and ideas. Be prepared for some degree of conflict. Think in the long term as well as the here and now. Be prepared to find out if you do not know. Think laterally, keep an open mind. Think, out of the box.

Note: PHA leadership responsibilities will be addressed in detail in a later section.

Thinking Skills Required of Participants in PHAs

Creative Thinking Skills Creative thinking requires that you deviate from the routine or common ways of doing things to find unique solutions to problems. Creative thinking listens to intuition and hunches and explores them for their potential. Creative thinking is able to adapt to different thinking modes and combine the thinking outcomes

PROCESS HAZARDS ANALYSIS S.E.A.L. International

27

 Thinking Modes Teams work best when a number of different personality/information processing styles make up the group and a conscious effort is made by team members to adopt different thinking modes. objective thinking just the facts (interested in concrete details) intuitive thinking (listen to your gut feeling) worst case thinking (What is the worst thing that could happen?) best possible scenario of what is practical and beneficial forward thinking of alternatives, solutions and linking of old and new Big picture thinking that organises and controls the detailed thinking process Critical Thinking Skills Effective decision-making requires critical testing of assumptions, ideas and arguments. Critical thinking explores as many bases as possible for acceptance or rejection of an idea by asking questions that test the relevance of assumptions and inferences and finds holes in the logic of arguments. E.g. It is assumed and inferred by the P&ID being studied that product will normally flow from point A to B safely and without interruption to operation. To test this assumption it is questioned: Could there be no flow? How could it occur? What would be the consequences of no flow? Would the consequences be hazardous or would it prevent efficient operation? What are the solutions? Warning: To protect the egos of those who offer ideas, the group should consider an idea a separate entity that belongs to no one once it enters the group discussion.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

28

Exercise: To test your creative and out of the box critical thinking skills, mount the jockey on the horse. After completing exercise, think how the kind of thinking you applied to the task could also be adapted to identifying hazards and finding solutions to hazardous situations.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

29

PHA METHODOLOGIES
Video Process Hazards Analysis
In this video, you will see an overview of PHA and the most often used techniques. Use the remainder of the space to make any notes. NOTES:

PROCESS HAZARDS ANALYSIS S.E.A.L. International

30

General PHA Procedure Flow Chart

Define Node or System Hazard Identification - Various Methodologies

Possible Hazard Consequences

Identify Existing Safeguards

Accident Likelihood Estimation

Accident Severity Estimation

Risk Ranking

Recommendation

Accept risk

Modify system

Operate System

PROCESS HAZARDS ANALYSIS S.E.A.L. International

31

Objectives of a Good PHA Study

To identify hazards, not to necessarily provide solutions to hazards. To provide the greatest possible confidence that all of the potential hazards are identified while taking up the minimum resources needed to get the job done. To provide a qualitative estimate of the likelihood and the severity of potential accidents. To qualitatively evaluate the consequences of failed engineering and administrative controls. To provide management with a concrete and easy to use basis for making risk management decisions. To identify ways in which operability might be improved. To provide information which can be useful in improving future designs. To provide objective documented evidence of a thorough well conducted study for audit and insurance purposes.

PHAs are only as effective as the action taken to implement the recommendations made during the study.

Process Safety Information for Hazards Analysis

The quality of any PHA depends directly on the quality and quantity of information available to the study team. Differing amounts of information will be available at different facility lifecycle stages and will, therefore, affect the PHA methodology chosen. For a satisfactory PHA, easily accessible information is required, at the least, about the hazards and characteristics of the chemicals used, about the process technology and how it works, and about the equipment used in the process.

Video Process Safety Information

In this video, you will learn about some of process information required for a PHA and how to gather it in a time effective manner. Use the remainder of the space to make any notes.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

32

NOTES:

PROCESS HAZARDS ANALYSIS S.E.A.L. International

33

The video pointed out the need for hazardous material information and for information about the technology of the process under review. The following gives a comprehensive list of necessary and ideal process safety information for a PHA. As a minimum the following information should be available for any PHA: Material Safety Data Sheets (MSDS) for all hazardous, toxic or explosive chemicals process flowsheets and material balance information with a range of operating pressures temperatures, flows, levels and compositions safe upper and lower limits for pressures, temperatures and flows overview of the process and a process description Mechanical Flow Diagrams (MFD) shutdown key or emergency shutdown system logic diagrams operating and maintenance procedures list of safety critical components Emergency Response Plans (ERPs)

If possible also try to access the following information:

plot plans and equipment layouts Piping and Instrument Diagrams (P&IDs) electrical single line diagrams and area classification drawings flare, vent and relief system design basis relief valve specification sheets and design capacities building ventilation design basis flare and gas detection design basis equipment failure history logs and failure analysis fire system design basis, i.e., extinguishers, firewater, dikes, protective coatings and firewalls process equipment specification sheets or fabrication drawings and applicable piping, electrical or foundation design specifications

PROCESS HAZARDS ANALYSIS S.E.A.L. International

34

Methodologies Overview
HAZard and OPerability Analysis (HAZOP)
HAZOP is the most comprehensive PHA at all stages of facility life, from detailed design through construction and routine operation. It identifies operability problems as well as hazards to personnel, the public, company property and the environment. In a HAZOP study, the process under review is first broken down into nodes, which are logical and manageable segments that have a definable design intent. Each node is studied in detail by applying each of the relevant guidewords to design parameters to identify potential cause and consequence of hazards and operability problems. Equipment failure, human error, engineering and administrative controls, and external events are all considered as potential causes of hazards. Using a Risk Ranking Matrix, severity and likelihood rankings are estimated and a numerical risk ranking is assigned to each identified hazard.

Requires considerable amounts of process and safety information. Uses systematic, structured examination augmented by creative team thinking. Encourages interaction of team members with diverse backgrounds and knowledge. Looks at equipment, instrumentation, utilities, human action (routine and nonroutine), building and equipment siting, procedures, and external factors to reveal hazardous situations.

Ranks identified risks for severity and likelihood (for sample Risk Ranking Matrix see page 91). Can be made applicable to almost any industry, process or system. Can be used effectively to perform job task analyses and procedures. Makes note of existing safeguards and evaluates them for sufficiency. Ensures each recommendation is thoroughly explored because of the diverse team member agendas. Can be limited by the assumption the process will be operated as it was designed to operate.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

35

People Requirements:

leader experienced in the technique. up to eight (maximum) team members with specific knowledge about some aspect of the process being reviewed (too many can slow study and reduce quality).

example team members: chemical, electrical, mechanical engineering specialists safety specialist environmental specialist toxicologist vendor representative maintenance personnel and operators

Objectives of HAZOP Analysis:

to determine if process deviation can lead to undesirable consequences. to identify operability problems as well as hazards to personnel, the public, company property and the environment. to identify where more research into cause and consequence need to be conducted. to recommend changes or improvements to design or operation.

Approximate Time Required for HAZOP: Depending on the size and complexity of process or modification preparation can take from 1 - 4 days (leader) analysis, from 1 day to several weeks documentation, 2 days.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

36

Select Drawings for Review Explain Process Involved Select Node for Review Explain Intent of Node Select a Parameter Apply Guidewords/Develop Deviations Identify Causes Assign Cause Categories (if desired) Identify Possible Consequences Estimate Severity and Likelihood (Risk Ranking) Identify Existing Safeguards Make Initial Recommendations Are Other Guidewords Applicable? Are Other Parameters Applicable? No Any Other Nodes? No Drawing Complete
PROCESS HAZARDS ANALYSIS S.E.A.L. International 37

STEPS IN HAZOP ANALYSIS

Yes Yes

Yes

Sample Guideword Meanings GUIDEWORDS

NO/NONE

MEANINGS The negation of design intentions/Intention is not achieved Quantitative increase (above design intent) or more components in the system than design intent Usually in reference to measurable physical properties such as flow, and temperature or extra phase, impurities, etc. Quantitative decrease (below design intent) or fewer components in the system than design intent Usually in reference to measurable physical properties such as flow and temperature Qualitative increase Something in addition to design intent is achieved Composition of system different from what it should be Only part of design intent is achieved - something is missing Logical opposite of design intent Usually in reference to actions such as flow or chemical reaction Alternative mode (What else can happen) Substitution of something other than design intention

MORE/HIGHER

LESS/LOW

AS WELL AS

PART OF

REVERSE/MISDIRECTED

OTHER THAN including SOONER/LATER

PROCESS HAZARDS ANALYSIS S.E.A.L. International

38

Sample Guidewords and Parameters for Creating Deviations from Design Intent for HAZOP Studies DEVIATION. GUIDEWORD. PARAMETER As well as.......................................................As well as Less ................................................................Less More...............................................................More No...................................................................No Other than.......................................................Other than Reverse...........................................................Reverse Sooner/Later...................................................Sooner/Later High Agitation/Recirculation.........................High........................................Agitation Low Agitation/Recirculation .........................Low ........................................Agitation No/Less Component Separation ....................Less.Component Separation Contaminants Enter Compressor ...................As well as...............................Composition Contaminants .................................................As well as...............................Composition Contamination................................................As well as...............................Composition High Concentration of Impurities ..................As well as...............................Composition High Contaminants ........................................As well as...............................Composition No/Less Cooling ............................................Less ........................................Cool More/Excess Cooling.....................................More.......................................Cool Casing Rupture...............................................Other than...............................Flow High Flow ......................................................High........................................Flow Leak................................................................As well as...............................Flow Leakage ..........................................................As well as...............................Flow Low Flow .......................................................Low ........................................Flow Low/No Flow .................................................Low/No ..................................Flow More/High Flow.............................................More.......................................Flow No/Low Flow .................................................Low/No ..................................Flow Reactor Rupture .............................................Other than...............................Flow Reverse/Misdirected Flow .............................Reverse/Misdirected ..............Flow Rupture...........................................................Other than...............................Flow Shell Leak ......................................................As well as...............................Flow Shell Rupture .................................................Other than...............................Flow Tube Rupture .................................................Other than...............................Flow Tube Leak ......................................................As well as...............................Flow

PROCESS HAZARDS ANALYSIS S.E.A.L. International

39

More/Excess Heating .....................................More.......................................Heat More Fire/Explosion Risk..............................More.......................................Heat No/Less Heating.............................................Less ........................................Heat Loss of Instrumentation/Control ....................No.Instrumentation/Control High Interface Level ......................................High.Interface Level High/Excess Interface Level ..........................High.Interface Level Low Interface Level.......................................Low ........................................Interface Low/Reduced Interface Level........................Low ........................................Interface High/Excess Level .........................................High........................................Level High Bottoms Level.......................................High........................................Level High Level .....................................................High........................................Level Less/Reduced Level .......................................Less ........................................Level Low Bottoms Level........................................Low ........................................Level Low Level ......................................................Low ........................................Level Low Tray Level..............................................Low ........................................Level More Load on Structures ...............................MoreLoad on Structures More Load on Flare System...........................More.......................................Load to Flare Maintenance Hazards.....................................Other than...............................Maintenance Cavitation.......................................................As well as...............................Performance Column Flooding ...........................................Part of.....................................Performance Loss of Performance ......................................Other than...............................Performance High Pressure .................................................High........................................Pressure High Discharge Pressure................................High........................................Pressure High Suction Pressure....................................High........................................Pressure Less/Low Pressure .........................................Low ........................................Pressure Low Suction Pressure ....................................Low ........................................Pressure Low Pressure..................................................Low ........................................Pressure Low Pressure..................................................Low ........................................Pressure More/High Pressure .......................................More.......................................Pressure High Reaction Rate ........................................More.......................................Reaction Low Reaction Rate.........................................Less ........................................Reaction Start-up/Shutdown Hazards ...........................Other than...Start-up/Shutdown High Temperature ..........................................High........................................Temperature High Discharge Temperature.........................High........................................Temperature

PROCESS HAZARDS ANALYSIS S.E.A.L. International

40

Less/Low Temperature ..................................Low ........................................Temperature Low Temperature...........................................Low ........................................Temperature More/High Temperature ................................High........................................Temperature

PROCESS HAZARDS ANALYSIS S.E.A.L. International

41

PROCESS HAZARDS ANALYSIS S.E.A.L. International

42

PROCESS HAZARDS ANALYSIS S.E.A.L. International

43

Preliminary Hazards Analysis

Preliminary Hazards Analysis identifies potential hazards at the conceptual stage of a design when they can be corrected with minimal cost and disruption.

General focus is on the hazardous materials to be handled, the layout, operating environment, and major process areas of the facility. Hazards can be identified while it is still possible to make cost effective changes. For each definable area of the process, potential hazards are identified, possible causes and worst case consequences are listed and suggestions are made to correct the problem.

Not considered a comprehensive study because little information on design details or procedures is available. Usually followed later by a more comprehensive analysis.

People Requirements:

Can be performed by as few as two people with process safety backgrounds. Because analysts are required to use their own judgment, experienced leaders and participants are preferable to ensure an exhaustive and detailed analysis.

Objectives of Preliminary Hazards Analysis:

to provide information required to make fundamental decisions about facility siting, unit operations and special design considerations. to identify areas where more research is required to ensure a safe, effective process and design. to provide an opportunity to incorporate recommendations into design. to prioritise hazards in existing facilities when more extensive techniques are not available.

Approximate Time Required for Preliminary Hazards Analysis: Depending on the size and complexity of process, preparation can take from .5 3 days (leader only) analysis, from 1 - 6 days documentation, from 1 - 4 days.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

44

Recommended Process Safety Information:

plant design criteria plant equipment specifications material specifications proposed facility layout if available

Steps in Preliminary Hazards Analysis: 1. Leader reviews all available material prior to first meeting to develop list of possible hazards and checklist questions about location, environment and weather, process materials, emergency equipment, etc. 2. Meeting: Leader suggests a potential hazard (e.g. toxic release) and follows the process from beginning of flow to end, prompting with questions and encouraging the team to question and think creatively about all possibilities. 3. 4. 5. 6. 7. Causes for the hazard are identified and documented. Consequences are estimated and documented. Severity and likelihood factors are estimated and risk ranking assigned. Suggestions are made for improvements and documented. Leader suggests next hazard and the process repeats itself.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

45

PROCESS HAZARDS ANALYSIS S.E.A.L. International

46

Checklist Analysis
A detailed list of questions, written from knowledge and experience is used to assess the acceptability or status of the process, system or operation compared to standard design and operating practices.

Checklist Analysis is an experience-based methodology and its value is dependent on the quality of the checklist. Operating systems are defined and lists of questions are generated about standard design and operating practices for each system. Checklist questions need to be developed by a multidisciplinary team with experience in the process being studied. Checklists are best tailored specifically for an individual company or plant and built upon over time. Questions usually require Yes, No or Requires more information answers. Can be used at any time in the facility lifecycle to evaluate materials, equipment and procedures, but is especially effective combined with a pre-start-up safety review if a previous hazards analysis has been conducted at the detailed design stage.

Can be as detailed as required for the purpose. Can be combined with What-If Analysis for comprehensive evaluation of hazards. Can be used as an investigative tool to identify hazards and an audit tool to verify designs and installations. Is not an aid to identification of unknown hazards. Does not identify operability problems well.

People Requirements:

Requires a leader who is knowledgeable in the process and experienced in start-up and construction. Requires people experienced in the system/process as it is being studied. Does not require same team members at all times. Experts come and go as required.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

47

Objectives of Checklist Analysis:

to verify compliance with design, codes and regulations at startup. to help control management of change. to aid in a comparative review of process not yet built. to act as an aid in training people inexperienced in a process.

Approximate Time Required for Checklist Analysis: Depending on the size and complexity of process, preparation can take from .5 3 days (experienced engineers and maintenance/operations personnel to generate checklist questions) analysis, from .5 - 5 days documentation, from .5 - 4 days. Checklists Checklists generated from experience, standards and codes and industry guidelines and any other authoritative references such as engineering and construction drawings, equipment specifications and previous hazards analysis study findings. Checklists can be developed by a number of people with experience in specific parts of the process or plant. (Sample Checklist can be found in Appendix.) Steps in Checklist Analysis: 1. 2. Acquire or develop appropriate checklists. Expert team members tour the subject process with leader and compare equipment and operation to checklist items. 3. Deficiencies are noted.

The Checklist process can be performed on a not yet built facility in a meeting room with the team members reviewing the process drawings, completing the Checklist and documenting their discussion of the deficiencies.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

48

What-If Analysis
What-If Analysis uses a creative team brainstorming what if questioning approach to the examination of a process or operation to identify potential hazards and their consequences. Users should be experienced and creative thinkers. Questions that begin with what-if are formulated by engineering personnel experienced in the process or operation and subdivided into specific categories of interest. For example: What if the raw material being introduced is the wrong concentration? What if the operator forgot to manually close the valve? Questions can also focus on specific consequences such as process safety, operating procedures, human error or environmental safety. Does not easily generate operability information. Questions are applied to existing P&IDs and process descriptions. Questions are usually added as the analysis progresses. Hazards are identified, existing safeguards noted and qualitative severity and likelihood ratings are assigned to aid in risk management decision-making. Loose structure necessitates experienced team. Can only provide high level of assurance with very knowledgeable, experienced and creative team. Often used at design concept stage and to analyse proposed changes to a facility.

People Requirements: Leader experienced in the What-If Technique and five or six participants knowledgeable and experienced in the subject process. Objectives:

to aid in identification of possible deviations from design, construction, modification or operating intent. to identify hazards and suggest risk reduction methods.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

49

Approximate Time Required for What-If Analysis: Depending on the stage of project development and the size and complexity of process or modification, preparation can take from .5 - 3 days (leader) analysis, from .5 - 6 days documentation, from .5 - 3 days Steps in a What-If Analysis: 1. Provide relevant information to selected team members in sufficient time before the study for their input in developing What if questions. 2. 3. 4. 5. Leader divides process into logical systems and subsystems. Scope and objectives of study are explained. Existing safety precautions and equipment are described. Team reviews information to generate more questions related to the systems of the process. 6. 7. List of questions is made. Systems and subsystems are analysed from the beginning of the process to the end by applying the relevant what if questions. 8. 9. Potential hazards are identified and consequences estimated and documented. Severity and likelihood factors are given and a risk ranking assigned and documented. 10. Recommendations for improvement are made and documented. In some cases, responsibility for follow-up on the recommendations is assigned to individual parties or departments and documented.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

50

What-If/Checklist Analysis
What-if/Checklist Analysis combines the creative brainstorming features of the What-If Analysis with the systematic features of the Checklist Analysis to provide a comprehensive method of identifying hazards.

Creative questioning augments the systematic experienced based checklist to provide a more complete study. Checklists are generally structured to focus on general sources of hazards and accidents. Study can begin with a checklist to which what-if questions are applied to round out gaps in the list. Alternatively, study can begin with a brainstormed identification of hazards followed by the structure of a checklist. Can be used successfully at any stage in facility lifecycle. Requires a team experienced in the process under review. Usually provides a less detailed review than the more structured analyses such as HAZOP. Can be structured to provide detailed analysis but this can be time consuming unless checklists and questions can be used from previous studies.

Objectives of What-If/Checklist Analysis:

to identify and evaluate the most common hazards in a process. to provide a qualitative evaluation of the consequences of accident outcomes. to evaluate the adequacy of existing safeguards.

Approximate Time Required for What-If/Checklist Analysis: Depending on the stage of project development and the size and complexity of process or modification, preparation can take from .5 - 3 days (leader) analysis, from .5 - 6 days documentation, from .5 - 3 days.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

51

PROCESS HAZARDS ANALYSIS S.E.A.L. International

52

Failure Modes and Effects Analysis (FMEA)

FMEA is not strictly speaking a hazard identification technique, but it provides an important source of hazard information because it documents and describes all the ways in which individual pieces of equipment can fail and the effects of such failure on a facility.

Can be used at all stages of a facilitys life and can be easily updated for plant modifications. Requires knowledge of equipment function and failure modes as well as facility function and its potential response to equipment failure. Requires consistent format and procedure to help ensure efficient study. Can be conducted at component or system level. Each equipment item within a defined system is evaluated for its failure modes. Identifies and describes all possible ways in which equipment fails (failure modes) e.g. On/off, open/closed, etc. Identifies only single failure modes that cause or contribute to an accident (e.g. individual failure is considered an independent occurrence). Not effective in identifying the combinations of equipment failures that result in an accident. Investigates and documents each failure modes effect on facility safety. System level hazards can be analysed by focusing on the individual pieces of equipment that make up the system while keeping in mind the overall effect on the subject system.

People Requirements:

requires leader experienced in the technique. can be conducted with as few as two or three team members with knowledge of equipment function and potential failure modes as well as facility function and its potential response to equipment failure.

Objectives of FMEA:

to provide a list of equipment and their potential failure modes. to describe how equipment fails.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

53

to evaluate the effects of equipment failure on other parts of the process or system in a facility. to make recommendations for improving equipment reliability.

Approximate Time Required for FMEA: Depending on the number of equipment items and the complexity of process or modification, preparation can take from .5 - 3 days (leader), analysis, from 1 day - several weeks documentation, from 2 - 8 days Steps in an FMEA: 1. 2. 3. Establish the physical and operating boundaries of the study. Identify and describe each equipment component. Beginning at the beginning of a system boundary, evaluate the equipment items in the order that they appear on the process flow diagram. 4. List and evaluate all failure modes for each component before proceeding to the next. 5. For each failure mode, describe the immediate and surrounding effects and the anticipated effects on other equipment and overall system using a worst-case scenario assuming safeguards do not work. Document findings. 6. Estimate a qualitative rating of likelihood and severity, and by combining these ratings, provide a qualitative risk ranking. Document findings. 7. Describe the existing safeguards or procedures that can mitigate the consequences of equipment failure. Document findings. 8. List recommendations for corrective actions for further evaluation. Document findings.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

54

PROCESS HAZARDS ANALYSIS S.E.A.L. International

55

PROCESS HAZARDS ANALYSIS S.E.A.L. International

56

Other PHA Methodologies Reserved for Specific Safety Concerns

The following PHAs are hazard evaluation techniques rather than hazard identification techniques and are generally quantitative in nature, time consuming and require special expertise and statistical data. Fault and Event Tree Analyses and Cause/Consequence Analysis Both provide graphical representations of accident root causes and sets of failures that could result in an accident. Quantitative Risk Analysis (QRA) (Hazan) (Risk Assessment) See page 5.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

57

Advantages and Disadvantages of PHA Methodologies

ADVANTAGES PRELIMINARY HAZARDS ANALYSIS
Identifies the potential for major hazards at a very early stage of project development. Provides basis for design and siting decisions. Helps to ensure plant to plant and plant to environment compatibility. Facilitates a later full hazard analysis. Easy to use, relatively quick. Quick way to verify compliance with codes and regulations. Limited by authors experience and knowledge. Does not identify new or unknown hazards. Does not directly address operability problems. Quality dependent on knowledge, thoroughness and experience of team. Loose structure can let hazards slip through. Does not directly address operability problems. Quality dependent on knowledge, thoroughness and experience of team. Does not directly address operability problems. Not efficient for identifying combinations of equipment failure. Does not directly address siting issues, general safety and environmental issues. Does not directly address operability problems. Can be time consuming. Can be time consuming and costly. Can be tedious if not well facilitated.

DISADVANTAGES
Is not comprehensive and must be followed by a full HAZOP before construction begins.

CHECKLIST

WHAT-IF

Team of relevant experts extend knowledge and creativity pool. Easy to use. Ability to focus on specific element (e.g. human error or environmental issues). Combines creative brainstorming with structured checklist. Flexible level of detail. Systematic, component by component analysis aids thoroughness. Beneficial at all stages of a facilitys life. Can easily be updated for plant modifications.

WHAT-IF/ CHECKLIST FMEA

HAZOP

Most systematic and comprehensive of methodologies. Can be used in conjunction with Human Error analysis. Only PHA to address both safety and environmental hazards and operability problems. Provides greatest safety assurance.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

58

Limitations of PHA
Like any analysis, PHAs are subject to limitations. Users must understand and respect these limitations when participating in or leading PHAs or when using the results of a study to reduce risk.

Can never guarantee that all hazards, causes and consequences have been identified. Are only effective if it can safely be assumed that the facility is operated in the manner intended by the designers and in accordance with good practice. Are only relevant to the time conducted. Even minor changes may significantly impact facility safety. Are subjective and only as good as the collective knowledge, creativity and experience of the team. Can only be effective and comprehensive if the information available is complete, accurate and up to date. May overlook hazards related to material quality and workmanship. Are only effective if action is taken to implement the recommendations made during the study.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

59

METHODOLOGY SELECTION CRITERIA

The range of PHA methodologies affords flexibility of study objective. There is not always any one best methodology for a specific process or operation. Regardless of methodology, the effectiveness of any study is greatly enhanced if the team is knowledgeable and experienced and is lead by a person also knowledgeable and experienced in the technique being used. The following criteria for methodology selection will provide a basis for making initial decisions, but only experience will provide the knowledge and confidence to make the right choice for the defined purpose. NOTE: A danger exists that a less appropriate methodology may be chosen to save time or because of inadequate financial or people resources. Under funded, understaffed or rushed studies are not destined for success.

Factors to Consider When Selecting THE Appropriate PHA Methodology

Purpose of Study
The purpose of the study is the most important factor in selecting an appropriate methodology. The reason for the study must be clearly defined by management. For Example: Is the study part of policy for all new facilities? Are the study results to be used for risk reduction planning in an existing facility? Is the study required for regulatory compliance or insurance purposes?

PROCESS HAZARDS ANALYSIS S.E.A.L. International

60

Type of Results Required

Knowing how the results will be utilised or could be utilised will help determine which methodology to use. For Example: simple list of identified hazards or accident scenarios for emergency planning purposes

prioritized estimations of likelihood and severity for future quantitative risk analysis purposes recommendations to reduce hazards and minimize operability problems for risk reduction planning legal and regulatory compliance

Type of Information Available

Information needs to be of good quality and current. Using unsuitable or out of date information is a waste of time and can, in fact add to the hazardous situation at a facility by providing a false sense of security or incorrect risk management information. More information becomes available in the evolution of a facility, from concept to normal operation. Therefore, studies performed at the early stages of a design, of necessity, must be more simple than those performed at more advanced stages of design and operation.

Time Frame for Completion of Study

Time available for a PHA is often limited for any number of reasons. In this instance, Management must make the decision to either postpone a more thorough study or proceed with a quicker but less comprehensive review of the facility or the subject area. (Care needs to be taken that time limitations do not ultimately jeopardise the safety of the facility.)

PROCESS HAZARDS ANALYSIS S.E.A.L. International

61

Development Phase of the Facility

Hazard identification and evaluation should be performed throughout the life of a facility. Using a lifecycle approach to hazard identification allows management to make the most time and cost effective use of resources to ensure a safe and productive facility. No one methodology is the best hazard identification approach in every situation. The purpose, scope and objectives of the study as well as the size and complexity of the process under review will have bearing on the methodology chosen. Although most techniques can be adapted to use at any stage of facility evolution some are naturally better suited than others to the range of study objectives and the results required by management.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

62

Development Phase Research and Development Preliminary Hazards Analysis Checklist Analysis What-If Conceptual Design Preliminary Hazards Analysis Pilot Plant Operation Preliminary Hazards Analysis HAZOP Detailed Engineering What-If/Checklist HAZOP FMEA Construction/Start-Up What-If/Checklist HAZOP Routine Operation What-If/Checklist HAZOP Plant Expansion/Modification What-If HAZOP Decommissioning What-If/Checklist HAZOP

Purpose for the Study Check safety feasibility Support preliminary process and material selection Provide input to site selection and preliminary process layout Satisfy potential safety concerns involving pilot plant operation. Provide input to initial safety systems design for the world-scale process Finalize safe design before procuring equipment

Verify process was constructed according to design intent and all previous HE study action items have been resolved Perform periodic hazard review required by company PSM program Evaluate the potential safety impacts of a series of process changes that may have occurred since start-up Evaluate the safety aspects of proposed installation of a major expansion involving several items of new equipment and tie-ins to the existing facility. Identify any safety problems dealing with the dismantling of the facility

PROCESS HAZARDS ANALYSIS S.E.A.L. International

63

Relative Risks Associated with Chemicals, Process and/or Facility Location

Usually the more complex the process and/or the more hazardous the chemicals involved in the process, the more sophisticated and detailed the analysis. If a facility has previously been the subject of a detailed study, a more simple technique may be appropriate. A facility located near residential or ecologically sensitive areas will require the highest level of hazard identification found in the more sophisticated techniques such as HAZOP. Type of Process Most techniques described in this course can be successfully used for almost any process or process combination. However, some techniques are better suited for some purposes than others. For example, FMEA is particularly well suited to electronic and computer systems analysis and What-If to human processes. A form of HAZOP, called CHAZOP is used specifically to analyze complex life or death control systems for potential hazards. An article printed in the October 1994 issue of Chemical Engineering Progress is included in the appendix. Type of Operation Most techniques described in this course can be successfully used for almost any type of operation. However, permanent, continuous and batch operations lend themselves to more detailed and documented studies because the results can be used as part of an ongoing PSM program. Size and Complexity of Process A process with a large number of steps and/or equipment items will take considerably longer to study. Such a process is better subdivided into as many smaller pieces as required for analysis. Different techniques can be used to analyse each part of the process according to the characteristics of the process and equipment.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

64

PHA Team Experience Level

The best methodology is the one in which the leader and team have the most experience. Inexperienced teams should choose more structured techniques in order not to miss potential hidden hazards.

Operating History (Past Incidents)

Long experience with the process either increases or reduces perceived risk according to the nature of the experience. Any history of incidents (numerous or significant) increases the perceived risk to a facility. The greater the perceived risk the more important it is to use the more systematic approaches to avoid missing important accident situations.

Resource Availability and Management/Leader Preference

The project manager and the PHA leader usually choose the methodology. The decision will be made based on the purpose of the study, the type of results needed, the information available, and the experience and preference of the leader.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

65

Methodology Selection Flow Chart

DEFINE PURPOSE OF STUDY New Review Recurrent Review Special Requirement

DETERMINE RESULTS REQUIRED List of Hazards Prioritization of results List of problems/accident scenarios Identification of operability problems Recommendations Compliance documentation

PROCESS INFORMATION AVAILABLE Material/chemical data Basic process chemistry Material inventories Experience with similar process Current PFDs Current P&IDs Existing equipment specs Operating procedures Operating experience

EXAMINE CHARACTERISTICS OF THE PROBLEM Complexity/Size simple/small complex/large Type of Operation permanent facility continuous transportation temporary batch Type of Process chemical electrical physical electronic mechanical computer biological human Experience with Process length: long short accident: current many changes: many few none few/none none

CONSIDER RESOURCES AND PREFERENCES Availability of skilled and knowledgeable personnel Availability of experienced leader Time requirements Financial requirements Analyst/management preference

Select technique based on complexity, history, resources and preference as well as the purpose and objective of study.

PROCESS HAZARDS ANALYSIS S.E.A.L. International

66

Cost Benefit Considerations

Like any good business decision, the immediate cost of a PHA program has to be weighed against the long-term savings through improved safety and operability. COSTS Methodology chosen will influence study duration and comprehensiveness of results Data resources must be up to date (e.g. P&IDs) Personnel must be dedicated for adequate time periods Time will be required for problem solution meetings Quantification of some major identified hazards may be required Commitment must be made to follow through on study results Recommendation management system must be planned with clear accountability assigned for implementation and to monitor completion BENEFITS at design/engineering stage Shortens project schedules Minimises cost Provides high degree of safety and operability assurance Maximises opportunities for improving/increasing production Minimises environmental implications of process Ensures compliance with safety codes and regulations

BENEFITS for existing facilities Identifies and documents hazards Identifies and documents existing safety measures Reveals opportunities to improve safety measures that will reduce lost time incidents Assists in prioritising risk reduction projects Reveals opportunities for capacity increases

PROCESS HAZARDS ANALYSIS S.E.A.L. International

67

DOCUMENTATION ISSUES
Documentation for Decision Making

Preparation of the PHA report is the team leader responsibility. Without adequate documentation, PHA objectives will be more difficult for management to achieve and legal liability becomes a risk.

A question that needs to be resolved with management before the study begins is how much to document. One school of thought is to minimize documentation and save some time by only recording something if a hazard exists. This minimizes time to some extent, but it also minimizes the long-term usability of the results. Complete documentation will provide information for later reference about what was considered, and thus avoid double guessing by later reviewers.

When deciding how much to document, it is better to document more than less. Computer programs greatly enhance the opportunity to produce a detailed, high quality report in minimal time.

At a minimum, the report should contain sufficient information to illustrate the quality of the study and document participation. Worksheets with Causes, Consequences and Risk Rankings consistent throughout should be kept. Safeguards need to be documented and Recommendations carefully considered and documented for follow up.

Remember Regardless of the methodology chosen and the quality of the documentation, PHAs are only as effective as the action taken to implement the recommendations made during the study.

Documentation for Future Reference

Documentation is used by management to make risk reduction and operating decisions.

PROCESS HAZARD ANALYSIS S.E.A.L. International

68

Information contained in PHA reports is a valuable reference for future PHA studies or in the design of future similar processes. PHA reports should be maintained at the facility for the life of the process for reference and audit purposes. PHA reports are confidential and should be maintained as such.

Worksheet Report

Worksheets need to be concise, but complete in detail. For example, the location, line, equipment and valve numbering for each recommendation must be documented.

Worksheets and Action Sheets are business documents that can be used in a court of law.

The language used in documenting the study needs to be carefully chosen. Do not use expressions that are personal opinions or legal opinions or conclusions. Do not make judgments about quality of work or conduct. Do not use words with negative connotations such as, catastrophic or fatal. Do not use words that constrain management to only one action (there may be more suitable alternatives).

PROCESS HAZARD ANALYSIS S.E.A.L. International

69

Completed Reports
Reporting should document the following: Rationale for methodology chosen and description of the technique chosen

any non-standard use of the method (s) should be described any checklists, lists of What-If questions, Risk Ranking Matrices used or other tables used to assist the team in the analysis

Process description and materials list

description of the facility and important process conditions analyzed procedural steps used if a batch operation materials used in the process analyzed equipment used in the process analyzed

Scope and objective of study

description of the primary objectives of the analysis specific process areas, systems and equipment covered in the study (Describe areas, systems and equipment not covered in the analysis.)

Date and location of study

where, when and how long PHA team met

Names, companies and titles of attendees

Include areas of expertise

Name and qualifications of leader/facilitator All study findings and recommendations

detailed worksheets documenting the proceedings of the meetings

PROCESS HAZARD ANALYSIS S.E.A.L. International

70

recommendations for risk reduction made to management minutes of any meetings called including summaries of what was discussed and attendance lists

Drawings on which study was based

include node selection include dates and revision numbers

Regulatory references if applicable

Usual Format for PHA Report

Any logical report structure that contains the required information in an easy to use format is satisfactory. Sample Table of Contents Executive Summary of Proceedings Introduction Process Description Study Scope and Objectives Hazard Analysis Technique Risk Matrix Node or System/Subsystem List Worksheets Prioritized Recommendations Drawings and other references used in the study

PROCESS HAZARD ANALYSIS S.E.A.L. International

71

Legal Issues (Due Diligence)

The PHA report is a business record and a legal document. Written word holds more legal weight than verbal commentary so care should be taken with documentation.

Team members are not usually held legally liable for accidents occurring because of missed hazards in a hazard analysis.

Management is held legally liable for decisions made as a result of a hazard analysis.

An efficient well documented study and documented follow up is proof of due diligence and can be a mitigating factor in legal judgments resulting from an incident.

Each PHA report should be kept on file for the life of the process.

PROCESS HAZARD ANALYSIS S.E.A.L. International

72

PHA LEADERSHIP
PHA Facilitation Skills
Without someone in control, a PHA team flounders about without direction. Probably the most important job a PHA facilitator has is to effectively manage the group of people who will or, sometimes, will not contribute to a complete and time effective analysis. To be a good facilitator requires a certain type of person. He or she must be quick thinking, gently assertive, patient, diplomatic and have a good understanding of personality and human nature. While the best leaders have these attributes naturally, they can be learned with practice. Ultimately, the quality of a study rests with the leader because of the limited time available for team development. Sometimes there will be things that will be beyond his or her control such as the availability of adequate data, but as far as preparing for the study and motivating the group is concerned, the buck literally stops with the leader. A study that is ill-prepared and allowed to meander along yields poor results and costs more than necessary and often leads to the poor rating participating in a PHA gets on the interesting scale. A well-conducted PHA, on the other hand, is cost efficient, well paced and engages the interest of all participants.

Team Leader Qualifications

Formal PHA leadership training or documented experience as a team leader Leadership and conflict resolution training if possible Experience as a team member Strong ability to interpret engineering drawings No day to day responsibility for the process being studied Extensive engineering and safety experience

PROCESS HAZARD ANALYSIS S.E.A.L. International

73

PHA Leadership Responsibilities

1. Prepare Prepare the meeting schedule early considering other commitments of team members. Communicate the proposed schedule to management and team members in time for individual schedule planning. Estimate the time for the study. Ensure that appropriate team members have been selected. Ensure that the proper hazard identification method is selected and correctly applied. Ensure the scope and objectives of the study are clearly defined. Organize and prepare resources Gather all relevant reference information Check that information is up to date Organize an appropriate space for the study where interruptions will be minimized (consider space, lighting comfort and refreshments). Organize a team site visit if possible.

2. Motivate Inspire the group to achieve a common goal at the outset by emphasizing the purpose of the study and the usefulness of study results. Work with a wide range of personalities including highly defensive and argumentative individuals, quick and direct individuals, and rambling and talkative individuals. Appreciate different points of view and empathize with team members. Remain impartial and maintain the respect of the team. Fulfill team members' psychological needs without letting any one ego, including the leader's, dominate the team.

PROCESS HAZARD ANALYSIS S.E.A.L. International

74

3. Manage ( 3a ) Explaining For those new to PHA, explain the process briefly so as not to waste time. Check for understanding periodically. Explain expectations and commitment required for a successful study. Describe conflict resolution guidelines. Review P&IDs for those not familiar with their interpretation. Brief team on study scope and objectives and risk ranking scheme to be used. Interpret engineering drawings and understand process operations.

( 3b ) Encourage and engage team members Encourage, direct and focus group discussions. Ask questions and probe for further explanations without making team members defensive. Maintain objectivity, honesty, and ethical conduct, reporting all significant findings regardless of the potential discomfort to the team or management. Be aware of the potential for team members to try to influence outcomes according to hidden agendas. (Be aware of what hidden agendas may exist.). Sense team fatigue, boredom, unsuitability, etc., and implement corrective action when necessary. ( 3c ) Attempt to maintain schedule Manage teams desire to reengineer the design during study. Flag the problem and move on if time is an issue. Use your judgment; sometimes valuable ideas need to be allowed to flow. Summarize issues, negotiate a compromise, and forge a consensus. Manage the pace of team discussions and tactfully maintain the meeting schedule. Suspend a discussion of issues that cannot be resolved by the team. Judge the relative importance of issues and help the team drop those not worth pursuing. Suggest that these issues be resolved at another time or assign someone to gather more information.
PROCESS HAZARD ANALYSIS S.E.A.L. International 75

4. Document Consider the purpose and objectives of the study (e.g., who will be using and reading the report information?). Consider the possible long-term usefulness and implications of study findings (e.g. future engineering design consultation, legal paper trail, audit purposes etc.). Consider the way results of the study are communicated through its documentation as a factor in how the teams performance is evaluated by management. 5. Maintain Quality Control Maintaining quality control of PHA studies is one of the main functions of the team leader. Inattention to quality can jeopardize the usability of information and therefore the safety of the facility. Be aware that poor quality studies can jeopardize the future of the hazard analysis program in the facility. One of the major causes of quality problems arises from an inadequately prepared group. Eliminate the problem before it arises. Create a strong group situation, one that is highly task oriented and in which expectations for behavior and courtesy are made clear. When a group follows a prescriptive procedure such as a facilitated PHA, negative behaviors tend to be more controlled than in less prescribed situations. To create the best possible opportunity for an effective and thorough PHA, it is necessary for the facilitator to define, at the very beginning of the first meeting, the objectives, the scope and the procedures of the PHA and tactfully outline effective communication rules. Reminders may be necessary. Because the leader has a major responsibility for the quality of any PHA study, he or she must remain tactfully in charge.

PROCESS HAZARD ANALYSIS S.E.A.L. International

76

Causes and Solutions for PHA Quality Problems

CAUSES Inappropriate management expectations Inadequate time allotted for study SOLUTIONS Provide information about the technique being used and an explanation of the type of results to be expected. Obtain management agreement. Provide time estimate that includes room for the unexpected. Gain management approval to exceed estimate if justified. Advise participants early so schedule can be arranged around the time required for the study. Scope should be clearly defined to all team members. Questions concerning the study scope should be addressed before study begins.

Poor scope definition

Inaccurate or incomplete Ensure well before study that all drawings and associated data documentation is verified for accuracy and the latest issue. If not, postpone study until up to date information is available. Inadequate documentation Follow guidelines for documentation. Document the whole proceedings, not just the recommendations requiring action. Include all relevant information used in the study. Remember that the study report can be used to support or detract from due diligence claims. Know the technique being used. Explain procedure and expectations. Be assertive in ensuring that all areas are questioned and discussed. Chose meeting room away from the plant and general distractions. Keep pace of study moving. Be sure to involve all members. Provide regular breaks and factor in brain breaks. Be as flexible as possible regarding team member time conflicts. Ensure adequate lighting, seating ventilation and enough space to use reference materials. Provide adequate supplies of refreshments. Change venue if possible. Prioritize recommendations within a system that assigns responsibility and completion date. Provide a system that allows printouts of individual responsibility lists.

Inadequate team guidance Distractions and poor team motivation

Uncomfortable and inadequate meeting facility Lack of follow up on study results

PROCESS HAZARD ANALYSIS S.E.A.L. International

77

PHA Group Dynamics

Each group is made up of individuals with their own special characteristics and talents. An effective PHA leader needs to understand personalities and group dynamics to facilitate maximum contribution and quality from the group in the minimum amount of time. Because the members of a PHA team may change during the course of the study, the group does not have the luxury of developing team spirit over time. Because of this, it becomes even more important for the team leader to be perceptive, empathetic and quick thinking in the management and motivation of the PHA team. Sometimes conflict or disruption cannot be resolved in the limited time available. In order for the team to make progress it may be necessary to ask management to replace one or more of the team members. Usually, the remaining team members will be relieved and pleased to get on with the job at hand. Potential reasons for conflict in a PHA team? personal and political agendas client contractor differences personality differences philosophical differences

Potentially Problematic Group Personalities Apart from the generally cooperative and motivated PHA participants, leaders will invariably encounter others who have the potential to disrupt and slow the study or limit the quality of information shared and the creativity of the team. Shrinking Violet: Is afraid to speak-up so does not contribute valuable knowledge. He is very easily intimidated by more forceful members of the team. Blocker:
PROCESS HAZARD ANALYSIS S.E.A.L. International 78

Is often stubborn and contrary and prolongs decision-making by foot-dragging and nit-picking about procedure.

Recognition Seeker: Needs to be the center of attention and tries to gain the groups attention by boasting about his accomplishments. Special Interest Pleader: Brings a hidden agenda to meeting and or tries to maneuver outcomes to favour a particular bias. Aggressor: Puts others on the defensive by criticizing or taking credit for their ideas, inhibits quieter members of the group and instigates conflict with more assertive members. Dominator: Tries to control flow of ideas and content of discussion, and manipulates others into submission. Speed Freak: Tries to hurry things up by discounting importance of study procedure tends to skip things that may later prove to be important. Mr. Re-Engineer It: Tries to enlist others in the group to help redesign the project on the spot easily distracted by the excitement of design challenges. Joker: Uses sometimes inappropriate humour to divert group from its task and focus attention on himself. Ho-Hum Person:
PROCESS HAZARD ANALYSIS S.E.A.L. International 79

Displays general lack of interest in the group and its task behaves in cynical and carefree manner.

Getting the Best From Your Team

Making an effort to understand the possible reasons for behavior, and considering cultural contributors can make managing the group both easier and more exhausting. When a leader understands the needs of those who disrupt a team he can best provide avenues within or without the study to satisfy those needs and, thus, bring out the valuable contributions to be made by all team members without allowing disruptions to schedule. Exercise: Use your knowledge of yourself and your experience with others to come up with ideas for ways to channel negative behavior into positive group contributions for each of the described types. In groups, discuss and write down one or two ideas in the spaces provided. A. Why might this person be behaving in this manner? B. How could I change or channel this behavior into productive contribution without disrupting the group or bruising egos? Report back to class and discuss Aggressor Puts others on the defensive by criticizing or taking credit for their ideas, inhibits quieter members of the group and instigates conflict with more assertive members.
(A) _________________________________________________________________________________ _____________________________________________________________________________________ (B) _________________________________________________________________________________ _____________________________________________________________________________________

Shrinking Violet

PROCESS HAZARD ANALYSIS S.E.A.L. International

80

 Easily intimidated by dominant team members and is afraid to speak up so fails to contribute valuable knowledge. Often agrees with others in order not to be noticed.
(A) _________________________________________________________________________________ _____________________________________________________________________________________ (B) _________________________________________________________________________________

Dominator Tries to control flow of ideas and content of discussion and manipulate others into submission.
(A) _________________________________________________________________________________ _____________________________________________________________________________________ (B) _________________________________________________________________________________ _____________________________________________________________________________________

Blocker Often is stubborn and contrary, prolongs decision making by foot-dragging and nitpicking about procedures.
(A) _________________________________________________________________________________ _____________________________________________________________________________________ (B) _________________________________________________________________________________ _____________________________________________________________________________________

Recognition Seeker Tries to gain the groups attention by boasting about his accomplishments - need to be the centre of attention.
(A) _________________________________________________________________________________ _____________________________________________________________________________________ (B) _________________________________________________________________________________ _____________________________________________________________________________________

PROCESS HAZARD ANALYSIS S.E.A.L. International

81

Special Interest Pleader Tries to manoeuvre outcomes to favour a particular bias - brings a hidden agenda to meeting
(A) _________________________________________________________________________________ _____________________________________________________________________________________ (B) _________________________________________________________________________________ _____________________________________________________________________________________

Speed Freak Tries to hurry things up by discounting importance of procedure - tends to skip things that may later prove to be important
(A) _________________________________________________________________________________ _____________________________________________________________________________________ (B) _________________________________________________________________________________ _____________________________________________________________________________________

MR. Re-Engineer It Looks upon the study as a place for a design review. Tries to enlist others in group to help redesign the project on the spot - easily distracted by design challenges
(A) _________________________________________________________________________________ _____________________________________________________________________________________ (B) _________________________________________________________________________________ _____________________________________________________________________________________

Joker Uses sometimes inappropriate humour to divert group from its task
(A) _________________________________________________________________________________ _____________________________________________________________________________________ (B) _________________________________________________________________________________ _____________________________________________________________________________________

PROCESS HAZARD ANALYSIS S.E.A.L. International

82

Ho Hum Person Displays general lack of interest in the group and its task - behaves in cynical and carefree manner, often arrives late.
(A) _________________________________________________________________________________ _____________________________________________________________________________________ (B) _________________________________________________________________________________ _____________________________________________________________________________________

PROCESS HAZARD ANALYSIS S.E.A.L. International

83

PHA WORKSHOP (HAZOP & WHAT-IF)

Defining Scope and Objective of PHAs
The first step in preparing for a PHA is to define the main objective of the study and the scope of the process to be reviewed. Sometimes the objective will be to provide a global investigation of potential hazards within a defined scope of the process and other times the objective will be more specific. For instance, the study might be limited to investigating how a reportable spill might occur or identify safety-critical equipment that must be regularly tested, inspected or maintained. Depending on the development stage of a facility, management may have different motivations and purposes for requesting a PHA, and similarly, different objectives to be achieved with each PHA performed. Objectives and the scope of study must be clearly defined to the team to avoid wasting time studying parts of the process that are not within the defined objectives and study scope. However, the team leader should be allowed enough flexibility to allow deviation from the defined objective when necessary and to permit the participants to be innovative in their investigations. Hazards outside the defined scope and objective can be documented and flagged for further review.

PROCESS HAZARD ANALYSIS S.E.A.L. International

84

Typical PHA Objectives at Different Stages of a Process Lifetime Process Phase Research and Development

Example Objectives
Identify chemical interactions that could cause runaway reactions, fires, explosions, or toxic gas releases. Identify process safety data needs.

Conceptual Design

Identify opportunities for inherent safety. Compare the hazards of potential sites.

Pilot Plant

Identify ways for toxic gas to be released to the environment. Identify ways to deactivate the catalyst. Identify potentially hazardous operator interfaces. Identify ways to minimize hazardous wastes.

Detailed Engineering

Identify ways for a flammable mixture to form inside process equipment. Identify how a reportable spill might occur. Identify which process control malfunctions will cause runaway reactions. Identify ways to reduce hazardous material inventories. Identify safety-critical equipment that must be regularly tested, inspected or maintained. Global review of whole design.

PROCESS HAZARD ANALYSIS S.E.A.L. International

85

Construction and Start-Up

Identify error-likely situations in the startup and operating procedures. Verify that all issues from previous hazard evaluations were resolved satisfactorily and that no new issues were introduced. Identify hazards that adjacent units may create for construction and maintenance workers. Identify hazards associated with the vesselcleaning procedure. Identify any discrepancies between the asbuilt equipment and the design drawings.

Routine Operation

Identify employee hazards associated with the operating procedures. Identify ways an overpressure transient might occur. Identify hazards associated with out-ofservice equipment.

Process Modification or Plant Expansion

Identify whether changing the feedstock composition will create any new hazards or worsen any existing ones. Identify hazards associated with new equipment.

Decommissioning

Identify how demolition work might affect adjacent units. Identify any fire, explosion, or toxic hazards associated with the residues left in the unit after shutdown.

Copyright 1994 by the American Institute of Chemical Engineers, reproduced by permission of Center for Chemical Process Safety of AIChE.

PROCESS HAZARD ANALYSIS S.E.A.L. International

86

Estimating Time for PHAs and Planning Schedule

For the beginning HAZOP leader, the first step in estimating the study time is to establish the major vessels to be considered in the study. Then, their associated piping and equipment are grouped to make up a node. Having established a preliminary list of nodes, an estimate is made of the time required to study each group. The time allowed is typically 2 - 4 hours per node. However, the time estimated for each node may depend on a number of factors including the complexity of the equipment within the node and the experience of the team leader. Experience and practice provides the best method of all for accurate estimating. Past HAZOP leadership experience makes it possible to estimate, node by node, or system by system and judge the time based on the complexity of the process and equipment involved. Apart from the time estimation required for study meetings, there will also be time required for pre-meeting preparation, post study report documentation and follow up on various items that might arise as a result of the study. Because this extra time is highly dependent on factors outside the actual study they cannot be part of the study time estimation. Factors which may influence the estimate towards the higher 4 hour per node end of estimate: vessel with many inlet and outlet lines vessel with a number of other pieces of equipment assigned with it a new unique design several operating modes to be considered speed and experience of the team leader

If a node appears to be highly complex, a time estimate of 5 - 6 hours may be appropriate, especially if it will be encountered early in the study.

PROCESS HAZARD ANALYSIS S.E.A.L. International

87

 Factors which may influence the estimate towards the lower 2 hour per node end of estimate: simple vessel or system standardised design, typical of others speed and experience of team leader

Preparing the Study Schedule Once the study session hours are estimated, the schedule for the working sessions can be established. The schedule should not be rigid, but rather a planning guide. Changes are bound to occur as the study progresses. Plan the schedule to minimise conflicts with other commitments the team members may have. Sessions are best kept to between 4 and 6 hours of actual working time. Time for the kick off meeting and regular breaks need to be added in to total hourly requirements. Provide a time cushion within each session for unseen events or problems. A tight deadline may dictate longer hours, but long hours over several days may jeopardise the quality of the study because of fatigue. Sessions can be scheduled for 3 to 5 days per week or whatever suits the general facility work schedule. Sessions are best commenced in the morning when the team is fresh and at its peak. To estimate the number of sessions, divide the total number of working hours by the number of hours decided upon per session. A preliminary schedule is important for the following reasons: It assists team members to plan their personal schedules around the estimated time demands of the study. It keeps management aware of the commitment required for the study.

PROCESS HAZARD ANALYSIS S.E.A.L. International

88

During and after the study, the estimated and actual times can be compared to the original estimate to alert the leader to potential schedule problems and aid in future estimation efforts.

Qualitative Risk Ranking Matrix for PHAs

A Risk Ranking Matrix provides a tool to assign hazard levels and priorities to recommendations based on the qualitatively estimated likelihood and severity of the identified hazard. Assigning priority to recommended actions provides management with a concrete basis upon which to base management follow up of the results of a study. Likelihood is the estimated frequency of an incident occurring. The likelihood is estimated by applying experience and knowledge of past incidents or similar incidents. Severity is estimated by applying experience and knowledge of past incidents and knowledge of potential consequences of identified hazards. Risk Ranking is arrived at by intersecting the severity and likelihood ratings on the Risk Ranking Matrix. The matrix can take many forms from simple to extremely complex. The matrix can be of site or company specific design. This course will only discuss a simple but useful matrix that is used by many companies. The matrix is based on a four point scale which can be either ascending or descending in hazard level and priority. Monetary values can also be assigned to each hazard level if desired. See following pages for examples.

PROCESS HAZARD ANALYSIS S.E.A.L. International

89

PHA Study by:

S.E.A.L. International
Calgary, Alberta, Canada

Four Point Risk Ranking Scheme and Ranking Matrix

SEVERITY: 1 Negligible 2 Marginal 3 Critical 4 Catastrophic 1 Unlikely 2 - Remote 3 Occasional 4 - Frequent

LIKELIHOOD:

Risk Ranking Matrix on Need for Action

Severity

Likelihood

4
RANK 1 AND 2: RANK 3 TO 6: RANK 7 TO 9:

Lower priority. May require further study and/or action, as resource are available. Medium priority. Should be considered serious and appropriate action should be taken. Very high priority. Immediate action should be taken to reduce risks to a level as low as practicable.

Note: Potential Severity and Likelihood categories need to be assessed for different site and business situations.
PROCESS HAZARD ANALYSIS S.E.A.L. International

90

PHA Study by:

S.E.A.L. International
Calgary, Alberta, Canada

Four-Point Risk Ranking Scheme - SEVERITY Definition

SEVERITY
Negligible ( 1 )

DEFINITION
Safety/Loss: Minor injury, no threat to public. Minor damage (<$20K). No Downtime Contained within facility or location; no adverse environmental impact. Released volume is below reportable levels/volumes. Medical treatment or restricted duty. Minor damage (<$200K). Downtime <1 day Contained within facility or location; minimal impact which poses no long term threat to the environment. Regulatory reporting is required. Lost time, threat to public sector. Major damage (<$2M). Downtime >1 day Off-site releases, repeated non-compliance issues or one time incidents with potential for significant adverse impact. Regulatory reporting is required. Fatality, or harm to public sector. Extensive damage (>$2M). Extended downtime (>10 days). Major environmental impact to neighboring receptors (public, streams, vegetation, air, groundwater, etc.). Regulatory reporting is required.

Environmental:

Marginal ( 2 )

Safety/Loss:

Environmental:

Critical ( 3 )

Safety/Loss:

Environmental:

Catastrophic ( 4 )

Safety/Loss:

Environmental:

Note: Potential Severity and Likelihood categories need to be assessed for different site and business situations.
PROCESS HAZARD ANALYSIS S.E.A.L. International

91

PHA Study by:

S.E.A.L. International
Calgary, Alberta, Canada

Four-Point Risk Ranking Scheme - LIKELIHOOD Definition

LIKELIHOOD
Unlikely ( 1 )

DEFINITION
Safety/Loss: Possible but very rare (for example, once in life of the facility). Not likely to occur. Possible but very rare (for example, once in life of the facility). Has happened within industry but not often (for example, once every 20 years). Possibility of occurring sometime. Has happened within industry but not often (for example, once every 20 years). One occurrence every three (3) years. Possibility of isolated incidents. One occurrence every three (3) years. One or more occurrences per year. Possibility of repeated incidents. One or more occurrences per year.

Environmental:

Remote ( 2 )

Safety/Loss:

Environmental:

Occasional ( 3 )

Safety/Loss: Environmental:

Frequent ( 4 )

Safety/Loss: Environmental:

Note: Potential Severity and Likelihood categories need to be assessed for different site and business situations.
PROCESS HAZARD ANALYSIS S.E.A.L. International

92

First Meeting
At the beginning of the PHA study, a general orientation session is suggested to facilitate a smooth entry to the study and ease the team members into the process. The first meeting is a good time to have management participation. Reinforces management commitment to the process to the team. Provides a forum in which to review the study objectives, scope and tentative schedule. First meeting procedure 1. Review PHA procedure with team. For those new to the technique, explain what results to expect and what the technique can and cannot do. 2. Review the objectives and scope of study and explain why management has made this decision. 3. Review schedule previously received by team members. Be flexible in trying to resolve any schedule conflicts. If a team member cannot be present for different sessions, continue with session to avoid letting the study drag on too long. 4. If the team is new to PHAs and there is time, working a short example may be a good idea. It can be used to demonstrate the proper process and the expectations of team members for the study. 5. Review with team members the basic rules of conflict resolution and the responsibility of participants in PHAs as follows: be on time - commit to schedule and study goals remain focused respect ideas of others actively participate

critically evaluate ideas not the person who presented the idea contribute all relevant information and ideas.
PROCESS HAZARD ANALYSIS S.E.A.L. International 93

be prepared for some degree of conflict think in the long term as well as the here and now be prepared to find out if you dont know think laterally, keep an open mind

Documenting the PHA Worksheet

Document the Node number and the drawing reference. Document the Deviations from design intent which are generated by applying guidewords to process parameters at defined parts of the design. e.g. the guidewords no/none, when applied to parameter flow, generate the deviation, no flow. The possible causes and consequences of the deviation are identified, existing safeguards, if any, are evaluated and documented and qualitative likelihood and severity ratings are assigned. For the identified deviation questions are asked and the resulting answers documented in the following order: 1. Cause: How could it come about? Brainstorm all the causes of a deviation first. 2. Cause Category: (Optional Step) For each cause, assess the nature of the cause and assign a category, e.g. equipment failure or human error. (Examples of hazard causes categories following.) 3. Consequence: Before identifying consequences consider all causes to avoid blocking the flow of ideas. Then for each cause identify all the consequences. Do not forget to consider multiple or domino consequences. 4. Existing Safeguards: Identify and document. 5. Severity Ranking: Are the consequences hazardous, how severe? Assign a severity ranking without considering existing safeguards (worst case scenario). 6. Likelihood Ranking: How likely is it that this consequence will occur with the safeguard in place? Assign a ranking after considering existing safeguards.

PROCESS HAZARD ANALYSIS S.E.A.L. International

94

7. Risk Ranking: Provided automatically by the Risk Ranking Matrix. 8. Recommendation: Evaluate need for action and document recommendation. Some recommendations are for more information. Such recommendations should be acted upon immediately during the study and the results documented. Changes to the study findings, as a result of the new information, should be documented. Recommendations should be worded in sufficient detail to stand on their own and still be understood by those performing the follow-up. If a recommendation is not necessary, a comment should be to the effect that the scenario is satisfactory with safeguards in place. 9. Responsibility: Assign individual or department to follow-up on action. 10. Post Action Severity Ranking: Using worst case thinking, the severity rating is usually the same as before the recommended action has been made. 11. Post Action Likelihood Ranking: Assign Likelihood after considering that the recommended action has been completed. 12. Recommendation Category: Allocate appropriate category for engineering purposes. Suggested Recommendation Categories E Environmental O Operability S Safety

Credibility of Causes
Many hazard deviations and causes may be brainstormed in a study session; however some may be deemed to have such a low probability of occurring that they are not considered credible. A deviation is considered realistic if the team feels there are enough credible causes to believe the deviation can occur.

PROCESS HAZARD ANALYSIS S.E.A.L. International

95

Deviations for which safeguards exist should be included even if the probability of occurrence is low because of the need to document all safeguards. Causes are considered credible if: past experience of team or previous studies have noted the same or similar cause. designers have considered the cause credible enough to include multiple safeguards. Each cause consequence combination represents a separate hazard and a complete list of credible causes should be documented since each cause may have different consequences, severity/likelihood/risk, and or recommendations. The cause of each consequence needs to be specified in enough detail to ensure identification of equipment, controls, etc. for later follow-up. Leader needs to prompt team to consider multiple consequences to avoid the tendency to only look at consequences as isolated.

PROCESS HAZARD ANALYSIS S.E.A.L. International

96

Accident Causes Categories To Be Considered By PHA Team

EE External Events: Items outside the facility/unit being reviewed that can affect the operations of the unit. External events include weather, exposures from other operations or facilities, seismic activity, and loss of various utilities. EF Equipment Failure: Mechanical, structural or operating failure of a piece of equipment. EHF Equipment Failure and Human Factor: on the same cause. HF Human Factor: Acts of omission or commission by an operator, designer, constructor, or other person. (It has been estimated that human error is the cause of nearly 90% of all process accidents.) HEE Human Factor and/or External Events: HF or EE on the same cause. IN Past Incidents: Recording of any past incident related to a particular section of the facility.

ST

Siting: (Physical location) Actual location of buildings occupied by personnel in relation to potential hazard source.

PROCESS HAZARD ANALYSIS S.E.A.L. International

97

PHA Follow-Up
Important reminder: PHAs are only as effective as the action taken to implement the recommendations made during the study. Due diligence can only be shown if every effort has been made to ensure the safety of the process. The follow-up activity of the PHA study should be the responsibility of the projects facility management. They must ensure that the team members are informed of resolutions, decisions made that effects the recommendations and alternative solutions selected by management. In many cases it is a good idea to schedule one final PHA session for included changes and for finalizing the report. Things to remember when following up on a PHA study: Responsibility must be assigned and a schedule developed for recommendation resolution. Use a system for managing changes that allows flexibility and leaves a paper trail for future reference and/or audit. This system must be filed on site for the life of the process. Ensure the resolution of each recommendation is accurately documented, including dates for implementation of action and verification of the resolution. The owner/operator of the facility may, with adequate and well-documented justification, opt not to adopt the recommendations made by the team. Acceptance, rejection, substitution, or modification of any recommendations should be documented and included with the file along with the original report. Rejection of a recommendation should be communicated to the study team.

PROCESS HAZARD ANALYSIS S.E.A.L. International

98

PHA Workshop Drawing Resources

PROCESS HAZARD ANALYSIS S.E.A.L. International

99

APPENDIX
Glossary of PHA Terms
Accident, accident scenario, or accident sequence: An unplanned event or sequence of events that results in undesirable consequences. An incident with specific safety consequences or impacts. Acute hazard: The potential for injury or damage to occur as a result of an instantaneous or short duration exposure to the effects of an accident. Administrative control: A procedural requirement for directing and/or checking engineered systems or human performance associated with plant operations. Aggregate Risk: A measure of the total risk. Audit (process safety audit): An inspection of a plant or process unit, drawings, procedures, emergency plans, and/or management systems, etc., usually by an independent, impartial team. (See "Safety Review" for contrast.) Auto ignition temperature: The lowest temperature at which a fuel/oxidant mixture will spontaneously ignite under specified conditions. Basic event: An event in a fault tree that represents the lowest level of resolution in the model such that no further development is necessary (e.g., equipment item failure, human failure, or external event). Branch point: A node with two paths in an event tree or cause-consequence diagram. One path represents success of a safety function and the other path represents failure of the function. Cause-Consequence Analysis: A method for illustrating the possible outcomes arising from the logical combination of selected input events or states. A combination of Fault Tree and Event Tree models. Checklist (traditional): A detailed list of desired system attributes or steps for a system or operator to perform. Usually written from experience and used to assess the acceptability or status of the system or operation compared to established norms.
PROCESS HAZARD ANALYSIS S.E.A.L. International 101

Chronic hazard: The potential for injury or damage to occur as a result of prolonged exposure to an undesirable condition. Common cause failure: The occurrence of two or more failures that result from a single event or circumstance. Consequence: The direct, undesirable result of an accident sequence usually involving a fire, explosion, or release of toxic material. Consequence descriptions may be qualitative or quantitative estimates of the effects of an accident in terms of factors such as health impacts, economic loss, and environmental damage. Consequence analysis: The analysis of the effects of incident outcome cases independent of frequency or probability. CPQRA: The abbreviation for Chemical Process Quantitative Risk Analysis. The process of hazard identification, followed by numerical evaluation of incident consequences and frequencies, and their combination into an overall measure of risk when applied to the chemical process industry. Ordinarily applied to episodic events. Is related to Probabilistic Risk Assessment (PRA) used in the nuclear industry. Dow fire and explosion index (F&EI): A method (developed by Dow Chemical Company) for ranking the relative fire and explosion risk associated with a process. Analysts calculate various hazard and exposure indexes using material characteristics and process data. Emergency response planning guidelines (ERPG): A system of guidelines for airborne concentrations of toxic materials prepared by the AIHA. For example, ERPG-2 is the maximum airborne concentration below which, it is believed, nearly all individuals could be exposed for up to one hour without experiencing or developing serious health effects that could impair an individual's ability to take protective action. Engineered control: A specific hardware or software system designed to maintain a process within safe operating limits, to safely shut it down in the event of a process upset, or to reduce human exposure to the effects of an upset. Episodic event: An unplanned event of limited duration, usually associated with an accident. Episodic release: A release of limited duration, usually associated with an accident.
PROCESS HAZARD ANALYSIS S.E.A.L. International 102

Error-likely situation: A work situation in which the performance shaping factors are not compatible with the capabilities, limitations, or needs of the worker. In such situations, workers are much more likely to make mistakes, particularly under stressful conditions. Event: An occurrence related to equipment performance or human action, or an occurrence external to the system that causes system upset. In this document, an event is either the cause of or a contributor to an incident or accident, or is a response to an accident's initiating event. Event sequence: A specific, unplanned series of events composed of an initiating event and intermediate events that may lead to an incident. Event tree: A logic model that graphically portrays the combinations of events and circumstances in an accident sequence. External event: Event external to the system/plant caused by (1) a natural hazard earthquake, flood, tornado, extreme temperature, lightning, etc., or (2) a human-induced event - aircraft crash, missile, nearby industrial activity, fire, sabotage, etc. Failure mode: A symptom, condition, or fashion in which hardware fails. A failure mode might be identified as loss of function; premature function (function without demand); an out-of-tolerance condition; or a simple physical characteristic such as a leak observed during inspection. Failure Modes and Effects Analysis (FMEA): A systematic, tabular method for evaluating and documenting the causes and effects of known types of component failures. Failure Modes, Effects, and Criticality Analysis (FMECA): A variation of FMEA that includes a quantitative estimate of the significance of the consequence of a failure mode. Fault event: A failure event in a fault tree that requires further development. Fault tree: A logic model that graphically portrays the combinations of failures that can lead to a specific main failure or accident of interest (Top event). Frequency: The number of occurrences per unit time at which observed events occur or are predicted to occur.
PROCESS HAZARD ANALYSIS S.E.A.L. International 103

Hazard: An inherent physical or chemical characteristic that has the potential for causing harm to people, property or the environment. In this document, it is the combination of a hazardous material, an operating environment, and certain unplanned events that could result in an accident. Hazard analysis: See hazard evaluation. Hazard and Operability (HAZOP) Analysis: A systematic method in which process hazards and potential operating problems are identified using a series of guidewords to investigate process deviations. Hazard checklist: An experience-based list of hazards, potential accident situations, or other process safety concerns used to stimulate the identification of hazardous situations for a process or operation. Hazard evaluation (HE): The analysis of the significance of hazardous situations associated with a process or activity. Uses qualitative techniques to pinpoint weaknesses in the design and operation of facilities that could lead to accidents. Hazard identification: The pinpointing of material, system, process, and plant characteristics that can produce undesirable consequences through the occurrence of an accident. Hazard review: See hazard evaluation. Human error: Any human action (or lack thereof) that exceeds some limit of acceptability (i.e., an out-of-tolerance action) where the limits of human performance are defined by the system. Includes actions by designers, operators, or managers that may contribute to or result in accidents. Human factors: A discipline concerned with designing machines, operations, and work environments to match human capabilities, limitations, and needs. Among human factors specialists, this general term includes any technical work (engineering, procedure writing, worker training, worker selection, etc.) related to the person in operator-machine systems. Human Factors Engineering: A method used to analyze the human machine interface and its impact on system operation.

PROCESS HAZARD ANALYSIS S.E.A.L. International

104

Human Reliability Analysis (HRA): A method used to evaluate whether necessary human actions, tasks, or jobs will be completed successfully within a required time period. In the Guidelines, HRA is used strictly in a qualitative context. Also used to determine the probability that no extraneous human actions detrimental to the system will be performed. HRA event tree: A graphical model of sequential events in which the tree limbs designate human actions and other events as well as different conditions or influences upon these events. Initiating event: The first event in an event sequence. Can result in an accident unless engineered protection systems or human actions intervene to prevent or mitigate the accident. Intermediate event: An event that propagates or mitigates the initiating event during an accident sequence. Likelihood: A measure of the expected probability or frequency of an event's occurrence. Minimal cut set: A combination of failures necessary and sufficient to cause the occurrence of the Top event in a fault tree. Mitigation system: Equipment and/or procedures designed to interfere with incident propagation and/or reduce incident consequences. Mond Index: An extension of the Dow F&EI, developed by ICI, which also addresses chemical toxicity hazards. Operator: An individual responsible for monitoring, controlling, and performing tasks as necessary to accomplish the productive activities of a system. Often used in a generic sense to include people who perform all kinds of tasks (e.g., reading, calibration, and maintenance). Performance Shaping Factor (PSF): Any factor that influences human performance. PSFs include factors intrinsic to an individual (personality, skill, etc.) and factors in the work situation (task demands, plant policies, hardware design, training, etc.).

PROCESS HAZARD ANALYSIS S.E.A.L. International

105

Process Safety Management (PSM): A program or activity involving the application of management principles and analytical techniques to ensure the safety of process facilities. Sometimes called process hazard management. Protective system: Systems including, for example, pressure relief valves that prevent the occurrence of or mitigate the effects of an accident. Quantitative risk analysis: The systematic development of numerical estimates of the expected frequency and/or consequence of potential accidents associated with a facility or operation based on engineering evaluation and mathematical techniques. Rare event: An event or accident whose expected frequency is very small. The event is not statistically expected to occur during the normal life of a facility of operation. Recovery factors: Feedback factors that limit or prevent the undesirable consequences of a human error. Risk: The combination of the expected frequency (events/year) and consequence (effects/event) of a single accident or group of accidents. Risk assessment: The process by which the results of a risk analysis (i.e., risk estimates) are used to make decisions, either through relative ranking of risk reduction strategies or through comparison with risk targets. Risk management: The systematic application of management policies, procedures, and practices to the tasks of analyzing, assessing, and controlling risk in order to protect employees, the general public, the environment, and company assets. Risk measures: Ways of combining and expressing information on likelihood with the magnitude of loss or injury (e.g., risk indexes, individual risk measures, and societal risk measures). Safety Review (process safety review): An inspection of a plant or process unit, drawings, procedures, emergency plans, and/or management systems, etc., usually by a team and usually problem-solving in nature. (See "Audit" for contrast.) Safety system: Equipment and/or procedures designed to limit or terminate an accident sequence, thus mitigating the accident and its consequences.

PROCESS HAZARD ANALYSIS S.E.A.L. International

106

Scribe/recorder: A hazard evaluation team member who is responsible for capturing the significant results of discussions that occur during an HE team meeting. Task analysis: A human error analysis method that requires breaking down a procedure or overall task into unit tasks and combining this information in the form of event trees. It involves determining the detailed performance required of people and equipment and determining the effects of environmental conditions, malfunctions, and other unexpected events on both. Top event: The undesired event or incident at the "top" of a fault tree that is traced downward to more basic failures using Boolean logic gates to determine the event's possible causes. Undeveloped event: An event in a fault tree that is not developed because it is of no significance or because more detailed information is unavailable. Worst case: A conservative (high) estimate of the consequences of the more severe accident identified. Worst credible case: The most severe accident considered plausible or reasonably believable. Copyright 1994 by the American Institute of Chemical Engineers, reproduced by permission of Center for Chemical Process Safety of AIChE.

PROCESS HAZARD ANALYSIS S.E.A.L. International

107

Common HAZOP Terminology Term

Process Sections (or Study Nodes)

Definition
Sections of equipment with definite boundaries (e.g., a line between two vessels) within which process parameters are investigated for deviations. The locations on P&IDs at which the process parameters are investigated for deviations (e.g., reactor) Discrete actions in a batch process or a procedure analyzed by a HAZOP analysis team. May be manual, automatic, or softwareimplemented actions. The deviations applied to each step are somewhat different than the ones used for a continuous process. Definition of how the plant is expected to operate in the absence of deviations. Takes a number of forms and can be either descriptive or diagrammatic (e.g., process description, flowsheets, line diagrams, P&IDs) Simple words that are used to qualify or quantify the design intention and to guide and stimulate the brainstorming process for identifying process hazards. Physical or chemical property associated with the process. Includes general items such as reaction, mixing, concentration, pH, and specific items such as temperature, pressure, phase, and flow. Departures from the design intention that are discovered by systematically applying the guidewords to process parameters (flow, pressure, etc.) resulting in a list for the team to review (no flow, high pressure, etc.) for each process section. Teams often supplement their list of deviations with ad hoc items. Reasons why deviations might occur. Once a deviation has been shown to have a credible cause, it can be treated as a meaningful deviation. These causes can be hardware failures, human errors, unanticipated process states (e.g., change of composition), external disruptions (e.g., loss of power), etc.

Operating Steps

Intention

Guidewords

Process Parameter

Deviations

Causes

PROCESS HAZARD ANALYSIS S.E.A.L. International

108

Safeguards

Engineered systems or administrative controls designed to prevent the causes or mitigate the consequences of deviations (e.g., process alarms, interlocks, procedures) Suggestions for design changes, procedural changes, or areas for further study (e.g., adding a redundant pressure alarm or reversing the sequence of two operating steps).

Actions (or Recommendations)

Copyright 1994 by the American Institute of Chemical Engineers, reproduced by permission of Center for Chemical Process Safety of AIChE.

PROCESS HAZARD ANALYSIS S.E.A.L. International

109

Simplified Checklist for Hazard Analysis

Storage of Raw Materials, Products and Intermediates Storage Tanks Dikes Emergency Valves Inspections Procedures Specifications Limitations Design, Separation, Inerting, Materials of Construction Capacity, Drainage Remote Control - Hazardous Materials Flash Arresters, Relief Devices Contamination Prevention, Analysis Chemical, Physical, Quality, Stability Temperature, Time, Quantity

Materials Handling Pumps Relief, Reverse Rotation, Identification, Materials of Construction Explosion Relief, Fire Protection, Support Stop Devices, Coasting, Guards Spills, Leaks, Decontamination Ratings, Codes, Cross-Connections, Materials of Construction

Ducts Conveyors, Mills Procedures Piping

Process Equipment, Facilities and Procedures Procedures Conformance Loss of Utilities Start-Up, Normal, Shutdown, Emergency Job Audits, Shortcuts, Suggestions Electrical, Heating, Coolant, Air, Inerts, Agitation

PROCESS HAZARD ANALYSIS S.E.A.L. International

110

Vessels

Design, Materials, Codes, Access, Materials of Construction Vessels, Piping, Switches, Valves Reactors, Exchangers, Glassware Plant, Company, Industry Vessels, Relief Devices, Corrosion Runaways, Releases, Explosions Area Classification, Conformance, Purging Description, Test Authorizations Temperature, Pressure, Flows, Ratios, Concentrations, Densities, Levels, Time, Sequence Peroxides, Acetylides, Friction, Fouling, Compressors, Static Electricity, Valves, Heaters Heating Media, Lubricants, Flushes, Packing Cooling, Contamination

Identification Relief Devices Review of Incidents Inspections, Tests Hazards Electrical Process Operating Ranges

Ignition Sources

Compatibility Safety Margins

Personal Protection Protection Ventilation Exposures Utilities Hazards Manual Barricades, Personal, Shower, Escape Aids General, Local, Air Intakes, Rate Other Processes, Public, Environment Isolation: Air, Water, Inerts, Steam Toxicity, Flammability, Reactivity, Corrosion, Symptoms, First Aid Sampling, Vapours, Dusts, Noise, Radiation

Environment

PROCESS HAZARD ANALYSIS S.E.A.L. International

111

Sampling Facilities Sampling Points Procedures Samples Analysis Accessibility, Ventilation, Valving Pluggage, Purging Containers, Storage, Disposal Procedures, Records, Feedback

Maintenance Decontamination Vessel Openings Procedures Solutions, Equipment, Procedures Size, Obstructions, Access Vessel Entry, Welding, Lockout

Fire Protection Fixed Protection Fire Areas, Water Demands, Distribution System, Sprinklers, Deluge, Monitors, Inspection, Testing, Procedures, Adequacy Type, Location, Training Adequacy, Condition, Doors, Ducts Slope, Drain Rate Fire Brigades, Staffing, Training, Equipment

Extinguishers Fire Walls Drainage Emergency Response

PROCESS HAZARD ANALYSIS S.E.A.L. International

112

Controls and Emergency Devices Controls Calibration, Inspection Alarms Interlocks Relief Devices Emergencies Process Isolation Instruments Ranges, Redundancy, Fail-Safe Frequency, Adequacy Adequacy, Limits, Fire, Fume Tests, Bypass Procedures Adequacy, Vent Size, Discharge, Drain, Support Dump, Drown, Inhibit, Dilute Block Valves, Fire-Safe Valves, Purging Air Quality, Time Lag, Reset Windup, Materials of Construction

Waste Disposal Ditches Vents Characteristics Flame Traps, Reactions, Exposures, Solids Discharge, Dispersion, Mists Sludges, Residues, Fouling Materials

Copyright 1994 by the American Institute of Chemical Engineers, reproduced by permission of Center for Chemical Process Safety of AIChE.

PROCESS HAZARD ANALYSIS S.E.A.L. International

113

Sample Hazard Checklist

Acceleration (uncontrolled - too much, too little) Inadvertent motion Sloshing of liquids Translation of loose objects

Deceleration (uncontrolled - too much, too little) Impacts (sudden stops) Failures of brakes, wheels, tires, etc. Falling objects Fragments or missiles

Chemical Reaction (non-fire reaction can be subtle over time) Disassociation, product reverts to separate components Combination, new product formed from mixture Corrosion, rust, etc.

Electrical Shock Overheating Ignition of combustibles Inadvertent activation Explosion, electrical

Explosives Commercial explosive present Explosive gas Explosive liquid Explosive dust

PROCESS HAZARD ANALYSIS S.E.A.L. International

114

Flammability and Fires Presence of fuel - solid, liquid, gas Presence of strong oxidizer - oxygen, peroxide, etc. Presence of strong ignition force - welding torch, heaters

Heat and Temperature Source of heat, non-electrical Hot surface burns Very cold surface burns Increased gas pressure caused by heat Increased flammability caused by heat Increased volatility caused by heat Increased activity caused by heat Mechanical Sharp edges or points Rotating equipment Reciprocating equipment Pinch points Weights to be lifted Stability/toppling tendency Ejected parts or fragments

Pressure Compressed gas Compressed air tool Pressure system exhaust Accidental release Objects propelled by pressure Water hammer

PROCESS HAZARD ANALYSIS S.E.A.L. International

115

 Static

Flex hose whipping

Container rupture Overpressurization Negative pressure effects

Leak of Material Flammable Toxic Corrosive Slippery

Radiation Ionizing radiation Ultraviolet light High intensity visible light Infrared radiation Electromagnetic radiation Laser radiation

Toxicity Gas or liquid Asphyxiant Irritant Systemic poison Carcinogen Mutagen Combination product Combustion product

PROCESS HAZARD ANALYSIS S.E.A.L. International

116

Vibration Vibrating tools High noise source level Mental fatigue Flow or jet vibration Supersonics

Miscellaneous Contamination Lubricity (One of the most neglected area in maintenance control)

PROCESS HAZARD ANALYSIS S.E.A.L. International

117

Sample Material Incompatibility Index

NON-OXIDIZING MINERAL ACIDS SULFURIC ACID NITRIC ACID ORGANIC ACID CAUSTICS AMMONIA ALIPHATIC ACIDS ALKANOLAMINES AROMATIC AMINES AMIDES ORGANIC ANHYDRIDES ISOCYANATES VINYL ACETATE ACRYLATES SUBSTITUTED ALKYLS ALKYLENE OXIDES EPICHLOROHYDRIN KETONES ALDEHYDES ALCOHOLS, GLYCOLS PHENOLS, CRESOLS CAPROLACTAM SOLUTION 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22.
X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X

GUIDE TO COMPATIBILITY OF CHEMICALS*

CHEMICAL GROUP
1. 2. 3. 4. 5. 6. 7. 8. 9. 10 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. NON-OXIDIZING MINERAL ACIDS SULFURIC ACID NITRIC ACID ORGANIC ACIDS CAUSTICS AMMONIA ALIPHATIC AMINES ALKANOLAMINES AROMATIC AMINES AMIDES ORGANIC ANHYDRIDES ISOCYANATES VINYL ACETATE ACRYLATES SUBSTITUTED ALLYLS ALKYLENE OXIDES EPICHLOROHYDRIN KETONES ALDEHYDES ALCOHOLS, GLYCOLS PHENOLS, CRESOLS CAPROLACTAM SOLUTION OLEFINS PARAFFINS AROMATIC HYDROCARBONS MISCELLANEOUS HYDROCARBON MIXTURES ESTERS VINYL HALIDES HALOGENATED HYDROCARBONS NITRILES CARBON DISULFIDE SULFOLANE GLYCOL ETHERS ETHERS NITROCOMPOUNDS MISCELLANEOUS WATER SOLUTIONS *X INDICATES INCOMPATIBILITY

REACTIVITY GROUP

PROCESS HAZARD ANALYSIS S.E.A.L. International

118

List of Highly Hazardous Chemicals, Toxins and Reactives

CHEMICAL name Acetaldehyde Acrolein (2-Propenal) Acrytyl Chloride Allyl Chloride Allylamine Alkylaluminums Ammonia, Anhydrous Ammonia solutions (>44% ammonia by weight) Ammonium Perchlorate Ammonium Permanganate Arsine (also called Arsenic Hydride) Bis (Chloromethyl) Ether Boron Trichloride Boron Triflouride Bromine Bromine Chloride Bromine Pentafluoride Bromine Trifluoride 3-Bromopropyne (also called Propargyl Bromide) Butyl Hydroperoxide (Tertiary) Butyl Perbenzoate (Tertiary) Carbonyl Chloride (see Phosgene) Carbonyl Fluoride Cellulose Nitrate (concentration > 12.6% nitrogen) Chlorine Chlorine Dioxide Chlorine Pentrafluoride Chemical Abstract Service Number 75-07-0 107-02-8 814-68-6 107-05-1 107-11-9 Varies 7664-41-7 7664-41-7 7790-98-9 7787-36-2 7784-42-1 542-88-1 10294-34-5 7637-07-2 7726-95-6 13863-41-7 7789-30-2 7787-71-5 106-96-7 75-91-2 614-45-9 75-44-5 353-50-4 9004-70-0 7782-50-5 10049-04-4 13637-63-3 Threshhold Quantity in Pounds * 2500 150 250 1000 1000 5000 10000 15000 7500 7500 100 100 2500 250 1500 1500 2500 15000 100 5000 7500 100 2500 2500 1500 1000 1000 138 -20 113 Flash Point (deg F) -36 -15 Boiling Point (deg F) 69 127

<80 or above >190

(9) (4)

Gas Gas

-29 50

PROCESS HAZARD ANALYSIS S.E.A.L. International

119

CHEMICAL name Chlorine Trifluoride Chlorodiethylaluminum (also called Diethylaluminum Chloride) 1-Chloro-2, 4-Dinitrobenzene Chloromethyl Methyl Ether Chloropicrin Chloropicrin and Methyl Bromide mixture Chloropicrin and Methyl Chloride mixture Cumene Hydroperoxide Cyanogen Cyanogen Chloride Cyanuric Fluoride Diacetyl Peroxide (concentration > 70%) Diazomethane Dibenzoyl Peroxide Diborane Dibutyl Peroxide (Tertiary) Dichloro Acetylene Dichlorosilane Diethylzinc Diisopropyl Peroxydicarbonate Dilaluroyl Peroxide Dimethyldichlorosilane Dimethylhydrazine, 1,1 Dimethylamine, Anhydrous 2,4-Dinitroaniline Ethyl Methyl Ketone Peroxide (also Methyl Ethyl Ketone Peroxide; concentration > 60%) Ethyl Nitrite Ethylamine

Chemical Abstract Service Number 7790-91-2 96-10-6 97-00-7 107-30-2 76-06-2 None None 80-15-9 460-19-5 506-77-4 675-14-9 110-22-5 334-88-3 94-36-0 19287-45-7 110-05-4 7572-29-4 4109-96-0 557-20-0 105-64-6 105-74-8 75-78-5 57-14-7 124-40-3 97-02-9 1338-23-4 109-95-5 75-04-7

Threshhold Quantity in Pounds * 1000 5000 5000 500 500 1500 1500 5000 2500 500 100 5000 500 7500 100 5000 250 2500 10000 7500 7500 1000 1000 2500 5000 5000 5000 7500

Flash Point (deg F)

Boiling Point (deg F)

234

175

(4)

50

190

PROCESS HAZARD ANALYSIS S.E.A.L. International

120

CHEMICAL name Ethylene Fluorohydrin Ethylene Oxide Ethyleneimine Fluorine Formaldehyde (Formalin) Furan Hexafluoroacetone Hydrochloric Acid, Anhydrous Hydrofluoric Acid, Anhydrous Hydrogen Bromide Hydrogen Chloride Hydrogen Cyanide, Anhydrous Hydrogen Fluoride Hydrogen Peroxide (52% by weight or greater) Hydrogen Selenide Hydrogen Sulfide Hydroxylamine Iron, Pentacarbonyl Isopropylamine Ketene Methacrylaldehyde Methacryloyl Chloride Methacryloyloxyethyl Isocyanate Methyl Acrylonitrite Methylamine, Anhydrous Methyl Bromide Methyl Chloride Methyl Chloroformate

Chemical Abstract Service Number 371-62-0 75-21-8 151-56-4 7782-41-4 50-00-0 110-00-9 684-16-2 7647-01-0 7664-39-3 10035-10-6 7647-01-0 74-90-8 7664-39-3 7722-84-1 7783-07-5 7783-06-4 7803-49-8 13463-40-6 75-31-0 463-51-4 78-85-3 920-46-7 30674-80-7 126-98-7 74-89-5 74-83-9 74-87-3 79-22-1

Threshhold Quantity in Pounds * 100 5000 1000 1000 1000 500 5000 5000 1000 5000 5000 1000 1000 7500 150 1500 2500 250 5000 100 1000 150 100 250 1000 2500 15000 500

Flash Point (deg F)

Boiling Point (deg F)

Gas

-307

<32

88

226-237 Gas (4) -76 158

PROCESS HAZARD ANALYSIS S.E.A.L. International

121

CHEMICAL name Methyl Ethyl Ketone Peroxide (concentration > 60%) Methyl Fluoroacetate Methyl Fluorosulfate Methyl Hydrazine Methyl Iodide Methyl Isocyanate Methyl Mercaptan Methyl Vinyl Ketone Methyltrichlorosilane Nickel Carbonly (Nickel Tetracarbonyl) Nitric Acid (94.5% by weight or greater) Nitric Oxide Nitroaniline (para Nitroaniline) Nitromethane Nitrogen Dioxide Nitrogen Oxides (NO; NO2; N204; N203) Nitrogen Tetroxide (also called Nitrogen Peroxide) Nitrogen Trifluoride Nitrogen Trioxide Oleum (65% to 80% by weight; also called Fuming Sulfuric Acid) Osmium Tetroxide Oxygen Difluoride (Fluorine Monoxide) Ozone Pentaborane Peracetic Acid (concentration > 60% Acetic Acid; also called Peroxyacetic Acid) Perchloric Acid (concentration > 60% by weight) Perchloromethy Mercaptan Perchloryl Fluoride

Chemical Abstract Service Number 1338-23-4 453-18-9 421-20-5 60-34-4 74-88-4 624-83-9 74-93-1 79-84-4 75-79-6 13463-39-3 7697-37-2 10102-43-9 100-01-6 75-52-5 10102-44-0 10102-44-0 10544-72-6 7783-54-2 10544-73-7 8014-94-7 20816-12-0 7783-41-7 10028-15-6 19624-22-7 79-21-0 7601-90-3 594-42-3 7616-94-6

Threshhold Quantity in Pounds * 5000 100 100 100 7500 250 5000 100 500 150 500 250 5000 2500 250 250 250 5000 250 1000 100 100 100 100 1000 5000 150 5000

Flash Point (deg F)

Boiling Point (deg F)

21

190

Gas 20

43 179

95

213

105

221 66(9)

PROCESS HAZARD ANALYSIS S.E.A.L. International

122

CHEMICAL name Peroxyacetic Acid (concentration > 60% Acetic Acid; also called Peracetic Acid) Phosgene (also called Carbonyl Chloride) Phosphine (Hydrogen Phosphide) Phosphorus Oxychloride (also called Phosphoryl Chloride) Phosphorus Trichloride Phosphoryl Chloride (also called Phosphorus Oxychloride) Propargyl Bromide Propyl Nitrate Sarin Selenium Hexafluoride Stibine (Antimony Hydride) Sulfur Dioxide (liquid) Sulfur Pentafluoride Sulfur Tetrafluoride Sulfur Trioxide (also called Sulfuric Anydride) Sulfuric Anhydride (also called Sulfur Trioxide) Tellurium Hexafluoride Tetrafluoroethylene Tetrafluorohydrazine Tetramethyl Lead Thionyl Chloride Trichloro (chloromethyl) Silane Trichloro (dichlorophenyl) Silane Trichloro (dichlorophenyl) Trifluorochloroethylene Trimethyoxysilane

Chemical Abstract Service Number 79-21-0 75-44-5 7803-51-2 10025-87-3 7719-12-2 10025-87-3 106-96-7 627-3-4 107-44-8 7783-79-1 7803-52-3 7446-09-5 5714-22-7 7783-60-0 7446-11-9 7446-11-9 7783-80-4 116-14-3 10036-47-2 75-74-1 7719-09-7 1558-25-4 27137-85-5 10025-78-2 79-38-9 2487-90-3

Threshhold Quantity in Pounds * 1000 100 100 1000 1000 1000 100 2500 100 1000 500 1000 250 250 1000 1000 250 5000 5000 1000 250 100 2500 5000 10000 1500

Flash Point (deg F)

Boiling Point (deg F)

50

192

Source: OSHA 29 CFR Part 1910 Dow's Fire & Explosion Index Hazard Identification Guide, Seventh Edition 1994.

PROCESS HAZARD ANALYSIS S.E.A.L. International

123

Methodology Selection and/or Priority Ordering Worksheet for Conducting PHAs

Rating 1 = lowest, 10 = highest Company: Location: Type of Unit: Unit Throughput per Annum: Products produced by Unit: Feedstocks used: FLAMMABLE LIQUIDS INVENTORY (lbs)
In Process

In Storage

Elsewhere (specify)

FLAMMABLE GASES INVENTORY (lbs)

In Process

In Storage

Elsewhere (specify)

PROCESS HAZARD ANALYSIS S.E.A.L. International

124

HIGHLY HAZARDOUS CHEMICALS INVENTORY (Toxics/Reactants)

Substance Chemical Name CAS No. Threshold Quantity (lbs) Facility Inventory (lbs)

TYPES OF POTENTIAL HAZARDS PRESENT

Comments Yes Flammable Combustible Unstable Shock Sensitive Highly Reactive Combustible Dusts Pyrophoric Materials Toxics Asphyxiants Corrosive Substances Radioactive Materials Other (specify) No Rating

PROCESS HAZARD ANALYSIS S.E.A.L. International

125

AGGRAVATING FACTORS (with potential to increase problems/incidents)

Comments Yes High Pressure Process High Temperature Process Highly Exothermic Process Large Process Inventory (Flammable, Toxics, etc.) Cryogenic Process Vacuum/Low Pressure Process Pressure Cycling Present Temperature Cycling Present Low Flashpoint Materials Wide Flammability Limits Range Highly Corrosive/Erosive Stress Corrosion Cracking Hydrogen Embrittlement Metal Dusting High Seal Leakage Tendency Tight Equipment Spacing High Velocities Multi-Phase Line Flows Vibration, Water Hammer, etc. Extreme Weather or Climatic (Tornadoes, Hurricanes, etc.) Vandalism, Sabotage Other (specify) No Rating

PROCESS HAZARD ANALYSIS S.E.A.L. International

126

POTENTIALLY HAZARDOUS PHENOMENA THAT COULD OCCUR

Comments Yes FIRES Fireballs Pool Fires Jet Fires Flash Fires Other (specify) EXPLOSIONS BLEVE (Boiling Liquid Expanding Vapour Explosion) Confined Explosion Unconfined Explosion Physical Explosion Dust Explosion Detonation Condensed Phase Explosion Missiles/Fragmentation Other (specify) TOXIC RELEASES Neutral/Buoyant Plumes Dense Gas Releases Reactive/Corrosive Releases Corrosive Burns Asphyxiant Concentrations Other (specify) No Rating

PROCESS HAZARD ANALYSIS S.E.A.L. International

127

OCCUPANCY
Core Working Hours From: For For Area Main Process Plant Storage Area Plant Utilities Control Room(s) Maintenance Shop(s) Instrument Shop(s) Plant Store(s) Warehouse(s) Administration Building(s) Canteen Facilities Living Quarters Workshop(s) Gatehouse Other Locations (In Plant Facility) Total at Facility Rating Number of Personnel To: Days/Week Weeks/Year

LOCATION OF FACILITY
Rating

PROCESS HAZARD ANALYSIS S.E.A.L. International

128

AGE OF PROCESSING FACILITY

Original Construction Date:

Revamp/Major Modification

Date of Mod.

PHA Type

Date of PHA

Rating

Units/Equipment/Packages Added

Date of Mod.

PHA Type

Date of PHA

Equipment Demolished

Date of Mod.

PHA Type

Date of PHA

Rating

Equipment Replaced/Updated

Date of Mod.

PHA Type

Date of PHA

Rating

Changes to Adjacent Properties

Date of Mod.

PHA Type

Date of PHA

Rating

PROCESS HAZARD ANALYSIS S.E.A.L. International

129

OPERATING HISTORY
Rating Original Plant Capacity (Tons/Annum): Current Plant Capacity (Tons/Annum): Process: Plant is Operational: Manned/Unmanned: Operating Period Between Shutdowns: Plant capacity upgrades:
(Continuous Batch, Combined Continuous Batch, Other): (24 hours a day / from-to)

Plant capacity downgrades:

PAST INCIDENTS
Incident Description Date Actions Rating

TOTAL

Source: Slightly modified, from PHA-Pro OSHA Template developed by Dyadem International Ltd.

PROCESS HAZARD ANALYSIS S.E.A.L. International

130

Article
Extend HAZOP to Computer Systems

Chemical Engineering Progress, Oct. 1994

PROCESS HAZARD ANALYSIS S.E.A.L. International

131

Article
Culture

Hydrocarbon Processing, Sep 1997

PROCESS HAZARD ANALYSIS S.E.A.L. International

132

Standards
Management of Process Hazards

API Recommended Practice 750 First Edition, January 1990

PROCESS HAZARD ANALYSIS S.E.A.L. International

133

Standards
OSHA 29 CFR PART 1910

Final Rule February 24,1992

PROCESS HAZARD ANALYSIS S.E.A.L. International

134

READING ENGINEERING DRAWINGS

Types of Engineering Drawings Used in PHA Studies
One of the responsibilities of the team leader is to assist in the interpretation of engineering drawings used in a study, to be able to identify and explain design intentions, deviations and potential hazards to those in the team who do not regularly use drawing references in their daily work. P&ID = Piping and Instrumentation Diagram A, not to scale, drawing that shows details of the process lines, equipment, control valves, instrumentation and alarms and relief devices. (P&IDs are some of the most important process information required for most PHAs) Plot Plan To scale layout of buildings, major pieces of equipment and storage areas. (Useful information for PHAs) PFD = Process Flow Diagram A not to scale drawing showing the process flow and conditions such as flow rate, temperature and pressure. (Important information for PHAs) shows major pieces of equipment and control devices

Isometric A not to scale drawing that indicates piping routing, the sample points, bends and drains. (Useful but not essential for PHA studies) Electrical Schematics A not to scale diagram of the feed arrangements and main components of the electrical power distribution system. (Useful for PHA studies)

PROCESS HAZARD ANALYSIS S.E.A.L. International

135

 Mechanical Drawings To scale detailed drawings of equipment indicating all its parts such as gauges fittings and nozzles. (Important for some PHA Techniques, particularly FMEA.)

Overview of Reading P&IDs

Drawing numbers serve as the drawing reference and are found in the drawing legend usually located in the bottom right hand corner of the drawing. The number should include a revision number, in its own box, if any changes from the original drawing have occurred. Process flow generally starts at the left hand side of the drawing and moves to the right. Continuation references for drawings with more than one part are usually provided at left and right of the drawing on each end of the piping line. Piping specs and sizes are generally given adjacent to lines. Equipment and components are represented by commonly used industry symbols. Sometimes companies develop their own specific symbol standard. Major equipment items are generally labeled next to or on the component with an abbreviation representing the equipment and a number to differentiate it from other similar equipment. Pressure and temperature specs are normally located immediately below or above the piece of equipment on the P&ID.

Valve Markings
NO NC FO normally open normally closed fails open FC FIP fails closed fails in place

PROCESS HAZARD ANALYSIS S.E.A.L. International

136

Examples of P&ID Abbreviations

ACFM AG ATM AUTO BHP CH OP CSC CSO CWR CWS ESD FC FF FI FIG FIP FL FO FOB FOT FP GO GPM HDR HP HPT HT ID LC LO LP LPT MW Actual Cubic Feet per Minute Above Ground Atmosphere Automatic Brake Horse Power Chain Operated Car Seal Closed Car Seal Open Cooling Water Return Cooling Water System Emergency Shutdown Fail Closed Flat Face Fail Indeterminate Figure Fail In Place Fail Locked (Last Position) Fail Open Flat on Bottom Flat on Top Full Port Gear Operated Gallons per Minute Header Horse Power or High Pressure High Point Heat Traced Inside Diameter Lock Closed Lock Open Low Pressure Low Point Manway
137

NC NNF NO NP PP RF SC SCFM SG ST T/T UG V VAC

Normally Closed Normally No Flow Normally Open No Pockets Insulation for Personal Protection Raised Face Sample Connection Standard Cubic Feet per Minute Specific Gravity Steam Trap Tangent to Tangent Underground Vent Vacuum

PROCESS HAZARD ANALYSIS S.E.A.L. International

Engineering Drawing Information

In the following pages, you will find technical drawing information required to understand and read engineering drawings successfully.

PROCESS HAZARD ANALYSIS S.E.A.L. International

139

Function Blocks

PROCESS HAZARD ANALYSIS S.E.A.L. International

140

PROCESS HAZARD ANALYSIS S.E.A.L. International

141

Reference Symbol Sheets

PROCESS HAZARD ANALYSIS S.E.A.L. International

142

General Symbols

PROCESS HAZARD ANALYSIS S.E.A.L. International

143

PROCESS HAZARD ANALYSIS S.E.A.L. International

144

PROCESS HAZARD ANALYSIS S.E.A.L. International

145

PROCESS HAZARD ANALYSIS S.E.A.L. International

146

Instrument/Process Line Symbols

PROCESS HAZARD ANALYSIS S.E.A.L. International

147

Valve Body Symbols

PROCESS HAZARD ANALYSIS S.E.A.L. International

148

PROCESS HAZARD ANALYSIS S.E.A.L. International

149

Self Actuated Valves

PROCESS HAZARD ANALYSIS S.E.A.L. International

150

PROCESS HAZARD ANALYSIS S.E.A.L. International

151

Flow Rate Symbols

PROCESS HAZARD ANALYSIS S.E.A.L. International

152

PROCESS HAZARD ANALYSIS S.E.A.L. International

153

Actuator Symbols

PROCESS HAZARD ANALYSIS S.E.A.L. International

154

Typical Letter Combinations

PROCESS HAZARD ANALYSIS S.E.A.L. International

155

GENERAL REFERENCES
The following are general sources of information on Management of Change and Process Safety Management used in the creation on this course. AIChE-CCPS. 1992. Guidelines for Hazard Evaluation Procedures, New York: Center for Chemical Process Safety. AIChE-CCPS. 1994. Guidelines for Preventing Human Error in Process Safety, New York: Center for Chemical Process Safety. AIChE-CCPS. 1993. Guidelines for Auditing Process Safety Management, New York: Center for Chemical Process Safety. AIChE-CCPS. 1996. Guidelines for Writing Effective Operating Procedures, New York: Center for Chemical Process Safety. American Petroleum Institute. 1990. API Recommended Best Practice 750, Washington, DC OSHA 29 CFR Part 1910. 1992. Process Safety Management of Highly Hazardous Chemicals, Explosives and Blasting Agents, Final Rule

PROCESS HAZARD ANALYSIS S.E.A.L. International

156