Handbook of Loss Prevention Engineering

The Editor

Joel M. Haight, Ph.D., P.E.

1365 Paxton Farm Road

Washington, PA 15301

USA

All books published by Wiley-VCH are carefully produced. Nevertheless, authors, editors, and publisher do not warrant the information contained in these books, including this book, to be free of errors. Readers are advised to keep in mind that statements, data, illustrations, procedural details or other items may inadvertently be inaccurate.

Library of Congress Card No.: applied for

British Library Cataloguing-in-Publication Data

A catalogue record for this book is available from the British Library.

Bibliographic information published by the Deutsche Nationalbibliothek

The Deutsche Nationalbibliothek lists this publication in the Deutsche Nationalbibliografie; detailed bibliographic data are available on the Internet at <http://dnb.d-nb.de>.

© 2013 Wiley-VCH Verlag GmbH & Co. KGaA, Boschstr. 12, 69469 Weinheim,\hb Germany

All rights reserved (including those of translation into other languages). No part of this book may be reproduced in any form — by photoprinting, microfilm, or any other means — nor transmitted or translated into a machine language without written permission from the publishers. Registered names, trademarks, etc. used in this book, even when not specifically marked as such, are not to be considered unprotected by law.

Print ISBN: 978-3-527-32995-3

ePDF ISBN: 978-3-527-65067-5

ePub ISBN: 978-3-527-65066-8

mobi ISBN: 978-3-527-65065-1

oBook ISBN: 978-3-527-65064-4

Contents to Volume 1

Preface

Loss Prevention Engineering involves the engineering required to help us prevent accidental, undesired loss-producing incidents. It is a diverse application of engineering that can call upon every engineering discipline and many other scientific and social science disciplines as well as just about every aspect of industrial life. It is generally assumed that, by definition, we do not want to experience this type of loss. In response to that, the authors of this book seek to inform the engineering community about what must be considered when designing, operating and maintaining systems and processes so that accidental and undesired failures or loss-producing incidents (including human injury) are less likely to occur or, if they do, that they result in lesser consequences.

However, because loss prevention engineering is such a diverse and broadly demanding application of engineering and scientific principles and even if we limit the subject to preventing accidental loss incidents (such as automobile crashes, sporting accidents, etc.), we would still never be able to cover all the relevant and important topics that would be needed in just one book. So, we have chosen to cover the topics relating to engineering industrial processes to prevent or reduce loss from accidental and undesired incidents. It is the expectation of our authors to present to you, our readers, a thorough collection and summary of what is known in industry about preventing work related injuries and other undesired, accidental loss incidents. Some of our readers will already be well-versed in such fields as safety engineering, process safety management, fire protection engineering, industrial hygiene, or environmental engineering, but it is expected that not many engineers are well-versed in all of these fields. Therefore, with the input of nearly 40 authors, and since many find themselves to be in need of information on any and all of these topic areas, the book encompasses parts of all of them. The book is grouped into major topic areas of similar subject matter to lend cohesiveness to the information. Our authors present a number of case studies and exercises that will help our readers to put the principles and theories of loss prevention engineering into proper day-to-day perspective. It is also the expectation of the authors that our readers will find this book to be a necessity any time each of you are tasked with solving an engineering problem that could lead to a loss-producing incident, any time you find yourself assigned to a job in which loss prevention engineering is part of the defined responsibilities or any time you want to learn about loss prevention engineering as an occupation or field of study. This book provides you the information you will need in any or all of these cases. It is an excellent and thorough reference handbook that we hope you find useful in the everyday dispatch of your industrial duties.

A diverse and detailed publication like this would not be possible without the input of many people of a multitude of experiences, languages, countries of origin, and industrial backgrounds. Our authors hail from nine different countries, represent nearly 20 different industry categories, and have an average of about 20 years of experience in their fields. This book would not have been possible without them and I thank all of them for their significant and valuable contributions. I would also like to thank the reviewers of our chapters as it is an important aspect of this book to ensure that you, our readers, get more than just the opinions of one author. You will find that the material is widely accepted and is not just a here's how we do things at our plant-type book. All engineers are charged with a responsibility to protect people, equipment, facilities and operations and therefore, it is our hope that in reading this book you will learn something new and that you will enhance your organization's efforts to protect their operations and their people from injuries and other loss-producing incidents.

Pittsburgh

Joel M. Haight

January 2013

List of Contributors

Remigio Agraz-Boeneker

Primatech Inc.

50 Northwoods Boulevard

Columbus, OH 43235

USA

Tareq Ahram

University of Central Florida

Institute for Advanced Systems Engineering

Department of Industrial Engineering and Management Systems

4000 Central Florida Boulevard

Orlando, FL 32816

USA

Marjory E. Anderson

Architect of the Capitol

Ford House Office Building

Washington, DC 20515

USA

Craig Arthur Brown

6500 W 96th Drive

Westminster, CO 80021

USA

Geoffrey S. Barnard

Praxair Inc.

39 Old Ridgebury Road

Danbury, CT 06810

USA

Paul Baybutt

Primatech Inc.

50 Northwoods Boulevard

Columbus, OH 43235

USA

Warren K. Brown

1855 Campus Drive

Fairborn, OH 45324

USA

Leo J. DeBobes

Stony Brook University

School of Health Technology & Management

Health Sciences Level 1

Room 143

Stony Brook, NY 11794-8019

USA

Marek Dudek

Institute of Mining Technology KOMAG

ul. Pszczynska 37

Gliwice 44-101

Poland

Michael Farris

Anadarko Petroleum Corporation

1201 Lake Robbins Drive

The Woodlands, TX 77380

USA

Patrick Fortune

Suncor Energy

Alberta Boiler Safety Association

Board of Canadian Registered Safety Professionals

(Canadian Registered Safety Professional (CRSP))

Lot 12, 712051 Range Road 54

County of Grande Prairie No. 1

T8X 4A7

Canada

Bogdan Gicala

Institute of Mining Technology KOMAG

ul. Pszczynska 37

Gliwice 44-101

Poland

Aaron Hade

1 Science Center Drive

Corning, NY 14831

USA

Jeffery S. Haight

1342 Clarion Road

Wilcox, PA 15870

USA

Joel M. Haight

1365 Paxton Farm Road

Washington, PA 15301

USA

Michael W. Hayslip

8951 Treeland Lane

Dayton, OH 45458

USA

Darryl C. Hill

ABB Inc.

29309 Prestwick

Southfield, MI 48076

USA

Mary Hoerster

Risk Control Manager

Supervalu Supply Chain Services

New Stanton, PA 15672

USA

Mohammed Nasir Mohammed Ismail

Johns Hopkins Bloomberg School of Public Health

615 North Wolfe Street

Baltimore, MD 21205

USA

David Janney

System Improvements Inc.

238 South Peters Road

Knoxville, TN 37923

USA

Myung-Chul Jung

Ajou University

Department of Industrial Engineering

Ergo Dynamics Laboratory

San 5, Woncheon-dong

Yeongtong-gu Suwon

Gyeonggi-do 443-749

South Korea

Waldemar Karwowski

University of Central Florida

Institute for Advanced Systems Engineering

Department of Industrial Engineering and Management Systems

4000 Central Florida Boulevard

Orlando, FL 32816

USA

Jeffery M. Kramer

Florida Power and Light

Nuclear Division

6501 S. Ocean Drive

Jensen Beach, FL 34957

USA

Kyung-Sun Lee

Ajou University

Department of Industrial Engineering

Ergo Dynamics Laboratory

San 5, Woncheon-dong

Yeongtong-gu Suwon

Gyeonggi-do 443-749

South Korea

David G. Lilley

Lilley & Associates

7221 Idlewild Acres

Stillwater, OK 74074

USA

Michele Lindsay

Performance Potential Inc.

47 Quaker Village Drive

Uxbridge, ON L9P 1A2

Canada

Kevin McManus

Great Systems

70460 Walker Road

Rainier, OR 97048

USA

Dariusz Michalak

Institute of Mining Technology KOMAG

ul. Pszczynska 37

Gliwice 44-101

Poland

John W. Mroszczyk

Northeast Consulting Engineers Inc.

74 Holten Street

Danvers, MA 01923

USA

Tyler Nguyen

County of Santa Clara

2310 N. 1st Street

San Jose, CA 95131

USA

Samuel A. Oyewole

The Pennsylvania State University

224 Hosler Building

University Park, PA 16802

USA

Thaddeus M. Pajak

Risk Services Consultant

Fireman's Fund Insurance Company

777 San Marin Drive

Novato, CA 94945

USA

Jeffery Robinson

Robinson Risk Consulting

LLC, 31 Russelwood Court

Aiken, SC 29803

USA

Ling Rothrock

Pennsylvania State University

The Harold and Inge Marcus Department of Industrial and Manufacturing Engineering

310 Leonhard Building

University Park, PA 16802

USA

Magdalena Rozmus

Institute of Mining Technology KOMAG

ul. Pszczynska 37

Gliwice 44-101

Poland

Shakirudeen Shakioye

Chevron Corporation

1400 Smith Street

Houston, TX 77002

USA

Christopher M. Stroz

Chevron North America Exploration and Production Company

9525 Camino Media

Bakersfield, CA 93311

USA

Anand Tharanathan

Honeywell ACS Laboratories

MN10, Station 182B

1985 Douglas Drive

Golden Valley, MN 55422

USA

Brian A. Tink

Watershape Safety Analysis Inc.

1092 Church Lane

Algonquin Highlands

ON K0M 1J1

Canada

Brian W. Tink

Watershape Safety Analysis Inc.

1092 Church Lane

Algonquin Highlands

ON K0M 1J1

Canada

Jaroslaw Tokarczyk

Institute of Mining Technology KOMAG

ul. Pszczynska 37

Gliwice 44-101

Poland

Christopher C. Venn

Aberdeen

UK

John C. Wincek

229 Weeping Court

Bellefonte, PA 16823

USA

Teodor Winkler

Institute of Mining Technology KOMAG

ul. Pszczynska 37

Gliwice 44-101

Poland

Tracey Zarn

Leading Edge Safety Inc.

General Delivery

Cromer, MB R0M 0J0

Canada

Part I

Engineering Management for Loss Prevention Engineering

Chapter 1

Management Systems – Loss Prevention Engineering Programs and Policy

Shakirudeen Shakioye

1.1 Introduction – Understanding the Need for Management Systems

Several industries around the world apply a multifaceted health, environmental, and safety (HES) program approach in reducing occupational HES incidents. Arguably, it is conventional wisdom within most industries that not a single safety or environmental or health process or tool has been proven to act independently to reduce or eliminate workplace incidents directly. To ensure that workplace incident prevention is achieved and sustained, an optimal mix of HES tools and processes needs to be implemented and managed (Shakioye and Haight, 2010). Regulatory requirements, company policies/procedures, and the sheer size of activities that support the operations across industries in the modern world introduce a degree of complexity. Such complexity requires a systemic management of implemented HES programs to ensure that the programs are sustained and continuous improvements in the form of learnings are captured and incorporated into existing practices.

Taking a look at the oil and gas industry for illustration purposes, statistics within the industry across the globe clearly show a consistent decline of total recordable incident rate (TRIR) from 2002 to 2009. Figure 1.1 represents the data across 102 countries where member companies have operations (OGP, 2010).

Figure 1.1 TRIR 5 year rolling average, per million hours worked. (Adapted from the OGP Safety Performance Indicator Report (OGP, 2010).)

The data in Figure 1.1 represent what can be termed people/personal safety incidents – incidents that have as a primary consequence impact(s) on workforce personnel resulting in injury. While the industry can say that there has been a reduction in people/safety-type incidents over time, the process industry at large is still learning to achieve similar success in keeping the plant safe to avoid failures that result in catastrophic events.

To have an appreciation of loss prevention engineering management systems, a look at some relevant historical events that have helped shape the approach of industries to loss prevention is necessary. The 1984 Union Carbide Bhopal gas leak disaster (at a pesticide plant in India) remains one of the major industrial catastrophes that have played a role in looking beyond loss prevention from a mere occupational health and safety perspective. A process failure in this incident resulted in a leak of methyl isocyanate gas and other chemicals from the plant, causing undue exposure of thousands of people (Jackson Browning Report; Browning, 1993). Another major process-related incident was the March 2005 British Petroleum Texas City Refinery explosion, which was caused by the ignition of a hydrocarbon vapor cloud. The vapor cloud was created from a series of system malfunctions that eventually led to liquid hydrocarbon overfilling the blowdown drum and stack, then spilling over to the ground, creating the flammable vapor (The Baker Panel, 2007). This explosion resulted in 15 employee fatalities and 170 other injuries. More recently, the April 2010 British Petroleum Deepwater blowout incident (Macondo well incident) was largely due to a succession of interrelated well design, construction, and temporary abandonment decisions that compromised the integrity of the well and compounded the risk of its failure (Transocean, 2010). This incident resulted in an explosion with 11 fatalities and an environmental disaster off the Gulf Coast of the United States. From several investigation reviews, and if history is anything to go by, the common theme of the root causes in the majority of these incidents was management system-related deficiencies, particularly in the area of process safety.

Process safety incident occurrences go far beyond all of the above-mentioned incidents and other similar high-profile process safety incidents well known to the public. It is important to remember that process safety incidents include the release of hazardous materials from leaks within systems, spills, equipment malfunctions that result from exceeding design temperatures and pressures, system integrity issues that include corrosion, metal fatigue, and other similar conditions. In essence, several less severe process safety incidents occur every day across the industry with less media attention.

Reacting to process safety incidents, the US government put in place laws that led to the creation of the Risk Management Program (RMP) in 1999, being managed by the United States Environmental Protection Agency (EPA). This program required process industries to log their facility information and incident history, incident consequences, and preventive programs that have been introduced as a result of the incidents. The RMP database held all these very useful historical data that could be analyzed. A decision was made by the government to restrict access to the data for national security reasons, the main reason being that the RMP database contains details of potential consequences of hypothetical worst-case scenarios of accidental releases. With the agreement of the EPA, the Wharton School (University of Pennsylvania) conducted a preliminary analysis of historical process-related incident data from the RMP (non-security sensitive data). The Whartson School analyzed 10 years of process safety data, and identified only small improvements which may have been due to changes in the reporting attitude of companies rather than actual performance (Kleindorfer et al., 2007).

Similarly to the above, the European Union also maintains a database for all process-related incidents – the Major Accident Reporting System (MARS) database (Nivolianitou, Konstandinidou, and Michalis, 2006). A report prepared by Pitblado in 2004 indicated that the outcome of the DNV Energy examination of the data in the MARS database showed no trends; however, the data set showed a steady average level of incident severity. Based on Lord Cullens recommendation, a leak database was created in the United Kingdom to record the count of leaks of process fluids (Pitblado, 2011). Figure 1.2 shows a plot of the analysis of the leak database, which shows a slight decline in major leaks whereas trends for other minor leaks do not clearly show a decline.

Figure 1.2 UK sector major leak frequency – Health and Safety Executive data. (Adapted from Pitblado, 2011.)

Considering past incident occurrences and the outcome of the analysis of historical data indifferent studies, there is still a great need for industries to continue to work at initiatives that will guarantee the success achieved in the occupational safety, health, and environment field. Engineering processes and controls to keep the plants inherently safe will be an area for continuous improvement and focus to steer industry along this path.

Similarly to conventional HES focus areas, there are several established process safety processes/procedures in support of regulatory requirements and lessons learned that were derived from outcomes of investigations from past process safety incidents by several bodies, including European Union law (Seveso II Directive), US Chemical Safety Board, the US Occupational Safety and Health Administration (OSHA), and the Baker Panel Report (The Baker Panel, 2007), among an extensive list. Process safety programs specifically focus on the design and engineering of facilities, hazard assessments, management of change, inspection, testing, and maintenance of equipment, effective alarms, effective process control, procedures, training of personnel, and human factors. Having said this; we need to understand that to reach an incident and injury-free state, personal safety, process safety, and environmental issues need to be well understood. Management systems that support processes, based on facts and not just mere intuition, need to be put in place.

1.2 Management Systems – Definitions

Based on the author's experience, the term management systems in a broader sense implies a methodical and historically tested approach to managing the interactions/implementation of policies, processes, practices, and applicable regulations, all aimed at delivering an outcome that supports established vision and set objectives. This becomes more critical to the success of enterprises that have large/integrated operations. Management systems ensure that leadership has the needed framework to cascade their vision across the enterprise and it also establishes a platform for accountability at different strata of the organizational hierarchy. Having said this, a management system is incomplete without having the robustness to allow for continuous improvement of the organization's policies, procedures, and processes.

The generic definition of a basic management system "refers to what the organization does to manage its processes, or activities, so that its products or services meet the objectives it has set itself, such as:

satisfying the customer's quality requirements,

complying with regulations, or

meeting environmental objectives" (ISO, 2011).

A schematic of the basic management system standards of the International Organization for Standardization (ISO) is shown in Figure 1.3. ISO's definitions of each quadrant of the Plan–Do–Check–Act scheme are as follows:

Plan – Establish objectives and make plans (analyze your organization's situation, establish your overall objectives, and set your interim targets, and develop plans to achieve them).

Do – Implement your plans (do what you planned to).

Check – Measure your results (measure/monitor how far your actual achievements meet your planned objectives).

Act – Correct and improve your plans and how you put them into practice (correct and learn from your mistakes to improve your plans in order to achieve better results next time).

Figure 1.3 ISO management system. (Adapted from ISO, 2011.)

Within any establishment, the HES function with support of the executive leadership will need to define and establish a fit-for-purpose management system that is based on the basic model discussed above.

1.3 Loss Prevention Engineering – Considerations

Engineering in loose terms will be the utilization of mathematical, socioeconomic, practicability, and scientific expertise to design and build functional structures that allow for the enhancement of quality of life. With this in mind, it becomes counterproductive if the design process/construction/operation fail to consider the immediate and long-term impacts of possible exposure of life to hazards. To ensure inherently safe design, construction, and operation, consideration of an engineering approach certainly offers the most logical course of action.

Loss prevention engineering involves the employment of engineering tools to minimize to a reasonable extent or eliminate the probability of occurrence of incidents that may result in personal injury/illness, environmental degradation, property/equipment damage, loss of productivity, and financial losses due to other incidents such as litigation and brand perception by the public. Loss prevention focuses on being proactive rather than reactive. Once our loss prevention system fails, then it becomes a case of loss control which may be out of range however planned for during the design phase.

Considering the industry at large, there are huge upsides to having functional loss prevention management systems in place; this allows companies to understand their risks and proactively mitigate their exposures. The reward for having such systems backed up with data showing its success is passed back to the company in the form of cost savings from reduced incidents and by insurers offering lower premiums.

Regarding cost savings, as a case study for illustration purposes, we can refer to a publication by the US National Highway Traffic Safety Administration (NHTSA), an arm of the US Department of Transportation, on the topic The Economic Burden of Traffic Crashes on Employers (NHTSA, 2003). The report concludes that in 2000 alone, employers spent $7.7 billion on medical care resulting from motor vehicle accidents and $8.6 million on sick leave and life and disability claims for motor vehicle crash victims. Not included in these figures are the losses due to company property damage. The root causes of the crashes reported in the study were primarily driving under the influence of alcohol and unrestrained driving (primarily non-use of seatbelts).

The NHTSA estimated that the potential savings for employers could be up to $15 billion annually if these two root causes of crashes are eliminated. This could be achieved by implementing motor vehicle safety programs that include drug and alcohol policies forbidding operation of vehicles while under the influence, and a policy governing the proper use of seat belts by employees during commuting. Installation of vehicle monitoring systems on company-owned vehicles to manage drivers' attitude on the roads will add some value to motor vehicle safety in addition to helping with accountability. These solutions may sound simplistic; the challenge to the safety policies is the implementation, which can only be achieved by the managers leading by example and holding employees accountable.

We now change gear to focus on the insurance industry and their perception of a customer with adequate safety training being less of a liability, hence reducing insurance premiums. A study by Huang et al. (2008) at the University of Connecticut entitled Modeling motorcycle insurance rate reduction due to mandatory safety courses looked at the insurance rates in relation to safety courses for motorcycle drivers. Table 1.1 is a direct extract from the study, showing a market survey of some major insurance players in the United States.

Table 1.1 Current Motorcycle Insurance Discount Rates for Taking a Safety Coursea.

a From official web sites of insurance companies.

b NA means the specific value for the discount rate is not disclosed directly on the web site. Customers need to consult the agent case by case.

c Adapted from Huang et al. (2008).

As indicated by the sample size involved, all but one insurance company offers a discount of one form or another whether or not a specific percentage was stipulated. This is not an uncommon practice in the insurance industry beyond motorcycle or motor vehicle insurance. The general theory is that insurance premiums are significantly higher for clients who show operationally higher risks which may introduce some level of ambiguity to the probability of an event occurring than those with inherently safer operations (Kunreuther et al., 1995).

Regardless of the industry, it should be clear at this point that having a functional loss prevention engineering program could influence the bottom line of a company by minimizing financial losses.

1.4 Management Systems – Loss Prevention Engineering

Considering the range and complexity of loss prevention engineering processes and tools, it becomes an exceptional candidate for the implementation of management systems to deliver success. In line with industry practice, management systems for loss prevention will be made up of the overarching cycle of defined stages, hinged around leadership commitment as the most important factor.

A schematic diagram that shows the six basic stages of the loss prevention engineering management system cycle is presented in Figure 1.4. Note that the periodic audit is targeted at the four steps within the shaded arch.

Figure 1.4 Schematic diagram of a loss prevention management system (self-developed).

Figure 1.4 depicts a system with a scope that goes beyond traditional loss prevention engineering which focuses more on the technical part of HES. It will be implemented with equal consideration to building a safety culture within the enterprise that believes that all incidents are preventable. Personal safety needs to be given commensurate attention; understanding the human element is the most complex, difficult to predict, and critical part of any operation; hence engineering solutions cannot be solely relied upon. We rely on the human element for design, preventive maintenance, following standard operating procedures while incorporating safe work practices, reacting and responding to emergencies, and so on – the list can be endless. The schematic forms the basis for outlining HES strategies, developing/implementing plans, building schedules around the cycle, and putting in place the necessary controls to run the organization with HES interwoven into regular operations. It is crucial that for loss prevention planning to be managed successfully, outcomes from each stage (of the schematic) have to be integrated into the enterprise's business planning cycle; experienced owners and managers of closely held businesses know that business plans can also be an indispensable management tool (Ernst & Young LLP, 1997).

1.4.1 Leadership Commitment

Leadership commitment forms the core of the management system. Management systems have been known to fail for lack of leadership support and the absence of providing visibility to the system by leadership. Leaders must take full ownership and set the expectations by demonstrating commitment through providing the right level of support and resources adequate for its full implementation. Leaders must lead by example. For illustration, in a study conducted by Yang et al. (2009), who carried out mathematical research on leadership and safety culture in relation to performance in the health industry (sampling 195 questionnaires across industry), it was concluded that the analysis data results show that leadership behavior affects safety culture and safety performance in the healthcare industry, which could also be said for other industries.

It is imperative to understand the broadness of leadership within this context. While recognizing the different degrees of responsibility and influence of individuals who make up the strata of leadership within any enterprise, every leader ranging from executives to front-line supervisors have unique roles to play in running the management system. The idea is to orchestrate the interactions of people with people and also the interactions of people with machines and the environment, ensuring alignment with incident-free strategic visions and objectives set by the corporate executives. Vision must be communicated to the workforce using all avenues by leaders, including written statements and personal communications for the workforce to be convinced and hence buy in (Kouzes and Posner, 1987).

1.4.2 Vision and Objectives

Executives and top leadership managerial teams are responsible for setting precise HES visions that offer clarity. The HES vision should support the company's philosophy and be written such that every employee could be held accountable for its execution at every level. Public perception and confidence need to be considered in the HES vision statement considering the potential for the company's interaction with the public during the life of the operation.

Corporate HES objectives that support the set HES vision will also be established. This will be needed to break the vision further into more executable and measurable umbrella statements that summarizes all pillars that support the vision. To ensure adequate coverage, establish HES objectives that reflect on Health, Environment, People Safety, Process Safety, and Operational Performance. Below are sample objectives that may serve as starters:

Prevent injury and illness and pursue improvements in safety and health to achieve industry leadership.

Achieve zero non-conformance by complying with all relevant statutory requirements.

Attain industry leadership in environmental stewardship; operate with minimal environmental footprint.

The set HES vision and objectives will form the foundation for all other tools and processes. Depending on the industry of interest, a benchmarking exercise will be very beneficial in establishing existing industry approaches, checking the industry pulse, and projected future direction prior to setting a vision. In a book by Codling (1995), Xerox Corporation was identified as the pioneer of using benchmarking techniques for establishing management practices; Xerox was said to define this technique as the search for industry best practices which lead to superior performance. Understanding the industry and identifying specific performers and regulatory trends provide leverage in strategic HES planning. Corporate visions of many companies are publicly available for reference, especially on the Internet; this certainly provides an opportunity to understand what minimum goals you need to set.

Visions typically do not change over the long term as they are futuristic in nature; Kouzes and Posner (1987) defined vision as an ideal and unique image of the future. It is very important that once crafted, the vision and objectives are cascaded down through the entire enterprise. All leaders will always use the vision as a primer for discussions or workforce engagements to ensure that the workforce understands that these expressed values are important to their leadership. This enables management to tap into the energy of the conversional thought of what is important to the boss is important to me.

1.4.3 Resources / Policy / Processes / Procedure / Regulations

Set HES objectives are only as good as the available enabling tools, supporting processes, and competent workforce for implementation. Success relies on leadership demonstrating commitment by providing adequate resources to support the loss prevention management system. A summary of some HES processes is provided in Table 1.2 for reference.

Table 1.2 Loss Prevention Management System Support: Example Processes by Category

a Modeled around OSHA recommendations (OSHA, 2002).

1.4.3.1 Resources

Resourcing personnel with HES expertise within each identified functional area of HES (i.e., Health, Environment, People Safety, and Process Safety functions) will be brought onboard to support and identify relevant policies/processes (see Table 1.2 sample of process listings) for development based on priority/risk ranking. The questions to ask in order to test criticality of any HES process is What impact will the absence of the process have on meeting set HES objectives? Depending on the immediate need of the organization, processes should be ranked according to their criticality to the success of the business objectives; ranked high, medium, or low risk. Personnel support can then be appropriated accordingly depending on availability, with priority given to the high and medium risk processes.

The HES career path will have to be defined within the enterprise, up to a position that has a seat at the table at the topmost leadership level; see the sample organogram in Figure 1.5. The HES defined positions along with the support of Subject Matter Experts (SMEs) will support process implementation (Table 1.2) and manage HES human resources and workforce HES competency development down the chain.

Figure 1.5 Generic organogram showing HES positions. (Modeled on Bachy Soletanche Health and Safety Policy, http://www.bacsol.co.uk/index.php/policies/health_and_safety_policy/.)

The above organizational structure is generic enough and HES positions can go from simple to more complex, as shown in the schematic on the right in Figure 1.5, depending on the needs of the organization (which may even be much more complex if needed). As the operational needs become more complex, it becomes a driver to provide dedicated resources to the H – Health, E – Environment, and S – Safety functions within HES.

Even for much larger operations, resources and ownership are provided at the process level depending on criticality. For example, if a company is heavy on motor vehicle transportation as a major part of its business coupled with an assumed risk associated with transportation, there may be a need to have a resource dedicated to managing the company's motor vehicle safety process (resulting in many advisors under, e.g., safety function alone). Such an owner will have direct accountability for implementation of and sustaining such processes. Additional information is given in Section 1.4.3.4. Consideration also has to be given to some cross-functional team support. For illustration, Information Technology may work closely to support documentation (help implement real-time remote monitoring of a fleet to understand drivers' driving habits, information management for sensitive HES data), the Legal Department may need to provide support for regulations interpretation, Human Resources for interfacing with workforce fitness for duty, HES process, disability management, and the list of possible cross-functional support goes on depending on the size and complexity of an operation.

1.4.3.2 Policy

Company management will develop and endorse HES policies relevant to HES for publication within the company. The company workforce and companies providing third-party services (contractor companies or individual contractors) will abide and live by these established policies. A good cue could be taken form the US National School Boards Association (NSBA) Policy Development Steps, which include 12 steps to create and implement policies (http://www.nsba.org/sbot/toolkit/PolSteps.html). Below is a summarized list:

1) Define the opportunities or issues, for example, operations that include the use of heavy machinery or drug and alcohol exposure may be a potential issue that needs to be addressed; hence there may be a strong need to develop a policy that governs usage or non-usage of intoxicants depending on the safety sensitivity of each position. Other policies may include personal protective equipment policy, security policies that govern use or non-use of firearms in operations areas, preventive maintenance polices, and travel policies that stipulate journey management requirements from a safety perspective.

2) Gather relevant information on the opportunities (gathering information from similar operations elsewhere). Understand regulatory requirements by government agencies, for example, the OSHA in the United States, the Canadian Centre for Occupational Health and Safety (CCOHS) or the European Agency for Safety and Health at Work. Depending on the operations location, all relevant gathered information will influence writing policies.

3) Deliberate over the information at management level, ensuring that the right people who have the right subject matter expertise are involved.

4) Draft policy: the outcome of management decisions from the deliberations is put it writing, documented, endorsed by management, and publicized across the enterprise for implementation. Appendix 1.A is a generic draft of a drug and alcohol policy as a starter taken from the BCN – NSHE (Business Center North – Nevada System of Higher Education).

1.4.3.3 Regulatory Consideration

In developing policies, processes, and procedures, all regulations within the jurisdiction of operation will have to be considered. The convention will be that the company policies are at the minimum on a par with government requirements. There is a need to dedicate resources for tracking regulatory requirements and changes by law makers that may affect how the operation is being run. Having operations that span across countries or continents adds some complexity to incorporating regulatory requirements into policies and procedures. To ensure that operations keep up with the diverse regulatory regimes in different locations, an appropriate process implementation philosophy will have to be developed. The philosophy will clearly support the local regulations, superseding the company processes in cases where the local regulations are found to be more stringent.

Liberty to a certain extent will also have to be given to local divisions of the enterprise to modify company-wide processes to meet local specific needs; such modifications to company processes/procedures will have to follow a defined methodology. For illustration purposes, the International Marine Organization (IMO) has implemented the standard International Convention for the Prevention of Pollution from Ships (MARPOL) as the international governing regulation for maritime operations. There are 170 member states in the IMO implying a wide global reach of the regulation. There are particular situations where some member states have more stringent requirements; for example, in Canada. The Canadian Arctic Pollution Prevention regulation states a zero discharge of oily water into the Arctic whereas MARPOL allows 15 ppm to be discharged 12 nautical miles offshore. In this classic example, enterprise policies and procedures relating to marine waste management will have to allow for the more stringent regulations to prevail for operating locally in Canadian waters even though enterprise global practice may have been designed using MARPOL as a framework.

1.4.3.4 Processes

Whereas company policies are crafted with the expectation that company employees, contractor individuals, or other companies will comply, processes may have a different implementation strategy to them. Company HES processes will be put in place to address the entire scope of HES from contracting, facility design, and construction to operation and divestment. Specific to implementing HES processes, there are foreseeable challenges with companies that are dependent on third-party companies for a reasonable percentage of work or in the event of being involved in partnership(s). This is because such a company remains in a position of influence only and does not have direct control of the operating processes in such a scenario. A methodology within established processes will have to define clearly the applicability of each process to joint operations depending on the amount of influence available within such an operation. Also for contractor dependency management, HES processes will have to be written such that they are interwoven with the company's contracting philosophy. A good way to achieve this is by ensuring that the HES performance of prospective contractors forms part of the contractor selection criteria and this should also include reviews of core HES practices submitted during tender to test for alignment with company practices at a minimum. A list of processes to consider is given in Table 1.2 with generic titles.

1.4.3.5 HES Processes Approach and Structure

Understanding that although there are similarities in the approaches between the European Union and the United States to regulating and managing safety in the process industries, some fundamental differences exist. Historically, and based on reaction to industry incidents, the European regulations were for the most part based on risk assessment whereas the US regulations focused more on process safety management (Pitblado, 2011). More recently, there has been a shift towards the middle ground from lessons learned by both sides. Historical process-related major incidents that occurred in these regions have certainly influenced both regions for better integrated approaches in seeking solutions. Examples of generic processes are listed in Table 1.2; as part of building a corporate culture within an organization, a standard approach may be employed in building contents and structure for each of the processes. As an example, the State government of Arkansas in the United States, in an attempt to encourage public stakeholders (citizens) to use official documentation online, implemented a Common Look and Feel Standard (CLF) approach for presentation of information across all agency web sites under the State umbrella (http://portal.arkansas.gov/Pages/clf.aspx). The State government understands that it is important for citizens to be able to find efficiently from the web site sufficient needed information for them to want to return to the site in the future if necessary. The CLF standards help predictability on the government web sites regarding where certain information may be, regardless of what agency web site is being visited under the State of Arkansas, hence supporting standardization. The ability to attract the public to the State web sites as a medium for official information transfer will certainly assist in creating the desired culture of interfacing with State processes, procedures, policies, and so on, through the web sites.

Understanding that there may be several ways to standardize the structuring of processes to ensure the advantages of maintaining the same look and feel of all processes are captured, below is a sample structure to follow (four points) Figure 1.6:

A clearly defined scope should be the first section, stating the applicability of the specific process to different scenarios. It is important for each process to start with a clear definition of who the target stakeholders are and what is within and outside the scope for the specific process. Typically, the driver for what is inside the scope depends on the amount of influence the company has on the operation for implementing its processes or, more importantly, the decision to have control of the operation. Let us use Table 1.2 and take one of the processes, behavior-based safety process (BBS), for sake of discussion (see Appendix 1.B for a sample of BBS supporting field tools). The scope section of the process document will include information such as, the scope of this process includes office workers, field workers, company motor vehicle users (driving), and company marine owned fleet. BBS shall be implemented at all company owned and operated sites only; however, for non-operated partnerships, operating partner(s) will be influenced to align with company BBS process. The process is designed to identify and provide feedback safe behaviors and at-risk behaviors, then generate actions to close gaps or reinforce positive behavior as needed.

The procedure(s) that support the process could be embedded in the process or make reference within the process that links the procedure if stored differently. The procedure will have the line-by-line sequence of activities needed to complete the intended task that supports the process. The involvement of identified subject matter experts is critical in developing the technical details of the procedures. Equally important is the language employed to ensure clarity and practicability of use by the end users, who may be the personnel in the field. Following the use of the BBS as defined above for illustration, relevant supporting procedures detailed in the process may include specific employee and contractor BBS training procedures and requirements (including refresher requirements), procedures on supporting tools (electronic/paper) for capturing information, coaching, and communication procedures, that is, administrative BBS data collation and reporting for the entire enterprise. Another process from Table 1.2 that could be used to illustrate this point is the incident investigation process; relevant procedures for this process may include incident classification procedure, investigation procedure (loss causation model, why tree method, TapRooT® or five-why methods), notification procedure, and lessons sharing procedure.

Process ownership/accountability for every division of the enterprise needs to be identified and documented in the process. This entails spelling out roles and responsibilities of all stakeholders involved with the specific process, which may be cross-functional as needed. Capturing these roles in detail makes accountability possible. It may be beneficial to assign leadership personnel as patron roles for processes while the bulk of the actual ownership and implementation roles go to an assigned HES person for each process (an HES Director can be assigned as patron for high-risk processes – see Figure 1.5). Depending on workload, available resources, and size of operations, one HES professional can have the ownership of more than one process. It is important to have the right amount of workload to ensure adequate support for the processes. Having a patron role ensures that someone within the company's leadership is engaged (one for each process); this guarantees visibility for the process and ensures that adequate resources are provided for the successful implementation and sustenance of the process.

A process performance and review metrics section will be built into each process to highlight all relevant performance metrics to be collected, that is, peculiar to the process in question. The process owner and SMEs will identify these leading metrics during the development of each process such that the metrics relate to the objectives of the process. Metrics should be unambiguous and measurable with the ability to indicate clearly process implementation status and performance out in the field. For illustration purposes, considering a process such as incident investigation from Table 1.2, a performance metric to have in place and track may be percentage of the number of investigations conducted through the year versus the number of incidents that occurred and required investigations as defined by the process, or percentage of action items generated from investigations that were closed off by set due dates (expressed as a percentage). Other metrics that may be collected to test for the health/performance of the incident investigation procedure include the number of significant incidents with similar root causes. A mechanism to collate and report metrics back into the organization must be established and a timeline for the associated activities for metrics collation must be defined. All process performance metrics will be stored for use during periodic reviews by process owners within the local management. An annual review of each process will be a reasonable timeline to evaluate implementation status. The key objective for the annual process review is to check process performance and implementation in the field in comparison with process objectives. For example, the objective of the incident investigation could well be to reduce incidents by learning from prior incidents. If the sample data from one of the sample metrics indicated above signify that incidents with similar root causes are recurrent in the organization, this may be an indicator that a gap may exist in implementing learnings learned from past investigations into the organization's operations. Written processes and corresponding procedures could be redesigned or implementation strategies could be changed to close identified gaps. This may range from awareness campaigns to having sectional heads/leaders accountable for cascading learnings, and so on. This concept of process review for continuous improvement is applicable to all processes in Table 1.2.

Figure 1.6 Generic loss prevention process structure (author's suggestion).

Overall, for HES processes to be successfully implemented, managers and frontline supervisors within other functions outside of HES will have to take ownership in identifying opportunities to fit the HES processes into their daily business by involving the HES function early in operations and project decisions. In practice, project teams typically are first in line to know about new projects (especially relatively smaller projects), hence the project teams will have to be relied upon to pull in HES expertise early enough as part of the team during project planning stages. The HES function will provide subject matter expertise rather than just assuming ownership for implementation of the processes in totality. This implies that the processes need to become integrated into the business and operational model of the enterprise and not as stand-alone efforts parallel to the day-to-day business. Table 1.2 details the baseline list of processes that need to be developed at the minimum to satisfy the three categories of processes depicted in Figure 1.6.

1.4.4 Business Planning (HES)

Depending on the size and complexity of the organizational structure, business planning could be an involved process. The loss prevention action plans generated from the management system, like any other functional departmental plans (Operations, Projects, Information Technology, Human Resources, etc.), will have to be rolled into the main business plan of the enterprise. The business plan structure in line with convention changes from year to year, hence it is a perfect fit for managing action plans that come out of the loss prevention annual process review/assessment for continuous improvement. Similarly to other functional inputs into the business plan, not all loss prevention process gap actions or new initiatives will make it into the business planning document. Only agreed upon high-impact items that require such a level of visibility to have significant financial implications or other tangible impacts on the business will be included; such items will be planned for by the enterprise for improved future operations. The business plan is a good tool also to establish accountability across the enterprise for the action plan once it is published. Business plans are recommended to be designed in two tiers: short-term (annual) and long-term plans, both to be updated annually. In the same fashion, the loss prevention section of the business plan will be developed such that it mirrors these two tiers with the long term being more strategic and the short term being more specific and focused for achievement in the following year. Below is a list of general loss prevention items that may get rolled into the enterprise business plan:

prioritized action plans

loss prevention information technology projects

loss prevention process resource needs

establishing/deployment of new metrics to conform to new regulations/industry

setting future targets for existing performance metrics.

Annual performance metrics target setting is an essential part of the loss prevention section of the business plan. For starters, without much history, benchmarking with similarly sized companies within the industry may help provide guidance as to what order of magnitude sounds reasonable for each metric. The performance metrics identified and published in the business plan are the overall performance metrics that support the company's loss prevention objectives, which should reflect the adequacy of the entire system and not be a long list of performance metrics identified from each of the processes. For example, targets could be set on the following:

lost work day cases (normalized based on hours)

motor vehicle crashes (normalized based on mileage)

percentage of equipment availability (efficiency measurement)

total property damage from fire

citations from regulatory bodies for non-conformance (the target for this should be zero).

The set targets should reflect continuous improvement on the previous year's performance and ensure it performs on a par with or beyond industry trends. Industry trends could be obtained by benchmarking using industry data from industry organizations such the Association of Oil and Gas Producers (OGP) within the oil and gas industry or the European Automobile Industry Association for the automobile industry as examples. Lastly, the review section of the processes has to be scheduled such that the outcome can be ready ahead of the timeline established in the main business planning cycle for collation of information across functional areas.

1.4.5 Implementation

Considering the loss prevention management system management cycle, once the planning stage is completed, well documented, and approved by management, the next action is to come up with an implementation strategy to activate the HES planned actions similarly to all other business plan activities. The cycle for implementation of the HES section of the enterprise plan has to align with the remainder of the functional areas and must be given the same if not more visibility by management to show commitment to loss prevention initiatives.

Between approving and implementing the plan, there has to be a clear understanding of what resources have been provided by management (personnel/funding for enabling tools) and the prioritization of the plan to ensure optimizing the implementation cycle. It is imperative at this point that even though we talk about prioritization of the plan, the expectation is that all business plan activities will be implemented as planned within the cycle, typically the calendar year for which the plan is approved.

The implementation plan/strategy document is built by the HES leadership or management team. The strategy document will be a high-level document that shows the roadmap to achieving the identified HES business plan initiatives. The document, similarly to a project plan, should show the timelines for achieving all plan items based on optimizing the available resources through the implementation cycle. The critical part of the shaping plan is to assign ownership and accountability for the planned items; at this level, such actions are assigned to relevant manager(s) of the working sub-departments or groups within the HES function. Further down the hierarchy; at the group level, the expectation will be for a more detailed action plan to be established and implemented. This translates into the day-to-day work load of individual team members, having in mind the interactions that occur within groups, external to other HES groups and cross-functional departments as needed for full implementation of the HES business plan.

During the implementation phase, a mechanism to ensure lessons learned and best practices acquired by the enterprise over periods of operation are incorporated into the implementation of the plan must be put in place. Part of this mechanism will also ensure that plan implementation is monitored at very frequent intervals and adjustments can be made as needed to meet set objectives. The implementation stage of the management system is also an opportunity to implement newly surfaced value-adding actions that may not have been part of the business plan. This is not encouraged, however, as the norm is sometimes needed in the course of the business year to react to changes within the company, industry, or regulatory requirements. For example, the have been more stringent requirements introduced in the Gulf of Mexico for obtaining drilling permits since the Macondo incident (Bureau of Ocean Energy Management, Regulation, and Enforcement (BOEMRE)).

1.4.6 Evaluation of Management System for Improvement

The last stage in the loss prevention engineering management system cycle may be an annual/periodic (frequency determined as appropriate) self-appraisal of the company loss prevention management system to review its performance. This is the opportunity to revisit the set goals and objectives and the business plan goals, using them as benchmarks to evaluate company's actual performance. As a part of the evaluation of the management system, process performance and review metrics identified for HES processes implemented in the organization should be assessed to test for process(s) performance as described in Section 1.4.3.5. All gaps identified may be prioritized and as deemed required and may be managed through the enterprise business plan or as part of the evaluation cycle.

This review checks for the effectiveness of the entire management system process and how much progress has been made using the current system, then seeking opportunities for continuous improvement by making adjustments as needed.

Revisiting Figure 1.4 (loss prevention management schematic), this stage is an integral part of and feeds off the periodic and continuous audits all through the cycle. Using audit as part of the evaluation process ensures feedback from within the organization and also external audits are captured and identified gaps are bridged to add value to the system.

1.4.7 Periodic Corporation Audit

Conventional knowledge dictates that periodically, an unbiased evaluation of an organization's conformance with internal and external requirements is needed for continuous improvement and survival of the management structure.

With reference to Figure 1.4, conducting audits is a continuous stage that is interwoven with the following stages of the loss prevention management system:

leadership commitment

resources/policies/regulations/processes

business planning (HES)

implementation.

1.4.8 Enterprise Audit Plan

There are many variables and sometimes unexpected drivers that drive the need for performing audits. However, as part of the management system there is a need to establish a recurring audit plan for auditing the different parts of the management system. A minimum recurring timeline for conducting audits for individual stages itemized above must be established and such expectation shared by management. As part of the plan, an audit protocol must be developed along with a guidance document and tools to ensure standardization across all audit teams.

Particularly for the resources/policies/regulations/processes stage of the cycle, there has to be an elaborate plan for which all processes (see Table 1.2) are prioritized in line with their importance/impact on performance. The most critical/high-risk processes must be audited more frequently, maybe annually. For medium or lower risk processes, depending on available resources, they can be spread out over several years. Ultimately, the audit plan of a sizable establishment should ensure that over a period of 5 years the formal internal audit of the entire system is completed.

1.4.9 Audits Levels and Continuous Improvement

Audits can be performed internally by independent audit groups within an establishment (corporate office group) or externally by licensed auditors. Understanding that there are different levels of audits, the key focus is to incorporate the feedback from such audits into the effort to improve the management system continuously. The honeycomb continuum analogy (Figure 1.7) in concept represents the feedback gathering idea regardless of the audit level or type as a source. Continuum in this case refers to a series of identical structures (feedbacks) that seamlessly bond through interfaces and interact to form the solid main structure (honeycomb). The interaction and feedback base should continue to grow gradually as the system becomes even more mature into a more robust continuous improvement mechanism. This cycle is continuous and tied to the life and existence of the company.

Figure 1.7 Audit plan/feedback honeycomb continuum analogy (self-developed).

The following are the general levels of audits that may be considered for implementation to check the pulse/health of the management system:

Level 1: simple audit – This is the more routine form of audit, basically the use of checklists for inspections. This is usually internal to an organization and conducted by an individual during walkthroughs (see Appendix 1.C for a sample inspection checklist). Typically, there are several checklists designed to cover different focus areas within the operation. The cumulative feedback from several checklists gives an indication of where to focus for systemic failures.

Level 2: independent internal audit – This form of audit is more formalized and conducted internally by a dedicated corporate audit group or in the form of internal self-assessments conducted by the HES department (involving cross functional expertise for balance to avoid bias) to check for the effectiveness of the loss prevention management system across the enterprise. Level 2 audits will examine processes and how they have been structured and check for implementation in the field and the effectiveness in achieving HES objectives. This type of audit generates a formal report and, again, the feedback is extracted and used to drive continuous improvement through the management system.

Level 3 – external audit – A level 3 audit is conducted by a third-party service provider clearly independent of the company. Level 3 audits could be conducted for insurance reasons to set a premium, they could be done for certification purposes (ISO) or for accreditation by an industry body or on request by the company itself, which may be in the form of a risk-based audit to understand their business better in specific priority high-risk areas. Similarly to levels 1 and 2 above, the gaps identified in the feedback are closed out.

Beyond gathering feedback from conducting the various audits as outlined, a critical next step is to ensure that the gaps identified in the feedback are managed appropriately. Depending on the risk prioritization of the gap, the appropriate visibility must be given to ensure that top management is aware of and understands the exposure as needed.

Assigning accountability and timeline to closing the gaps is essential to achieve the full benefit of audits. A recommendation is to have a dedicated system to track prioritized audit actions with owners assigned and an opportunity for a secondary layer of control to have a superior person validate the completeness of high-risk actions before they are closed out. This tracking system must be designed to function as an integral part of the loss prevention engineering management system.

Loss prevention engineering management systems should be viewed as frameworks that provide the needed foundation to manage and sustain HES performance within companies. For the management system to be successful, it cannot be over-emphasized that leadership commitment and ownership are critical. Once the desired loss prevention engineering culture is built and commitment of the workforce is apparent, the focus should shift to maintaining the momentum that guarantees continuous improvement of the system. Holding all employees accountable to Safety, Health, and Environment as an integral part of their daily operations regardless of core function (engineering supervisors, operations supervisors, human resource's supervisors, etc.) is important as HES interfaces in one way or another with all functions. Not holding every employee accountable to their individual roles could result in a phenomenon (according to psychology) called deferral of responsibility, which has been referred to as a behavior by which during emergencies people are likely to assume that, because others see what they see, somebody else