Process Safety Management
Process Safety Management (PSM) is a management system for controlling industrial processes that handle large quantities of hazardous and flammable chemicals.
PSM is not new; indeed it has always been an integral part of the process industries. Companies have always carried out activities such as the writing of procedures, planning for emergencies, training of operators and the investigation of incidents. But it was in the late 1980s and early 1990s that PSM programs became more formalized and regulated. In the United States the key regulation was 29 CFR 1910.119, Process Safety Management of Highly Hazardous Chemicals, from OSHA (the Occupational Safety & Health Administration), introduced in the year 1992. This regulation served as a model for PSM programs in many other nations and for internal programs developed by large energy and process companies.
The nature of PSM can best be understood by examining its component words.
The first word is Process. PSM is concerned with process issues such as fires and the release of toxic gases, as distinct from occupational safety issues, such as trips and falls. It is also focuses on large process and energy facilities such as chemical plants, refineries, offshore oil and gas platforms and pipelines. Many of the techniques can be applied successfully to related industries such as pharmaceuticals, food processing and power generation.
The second word is Safety. Although an effective PSM program improves all aspects of a facility?s operation, the driving force for most PSM programs is the need to maintain safe operations, with a focus on preventing catastrophic accidents such as explosions, fires and the release of toxic gases. More narrowly, a PSM program aims to meet regulatory requirements.
The third word is Management. At the heart of a PSM program is an understanding that it is about creating and implementing management systems that prevent and control major incidents. It is not fundamentally about meeting prescriptive rules or engineering standards. In this context a manager is taken to be anyone who has some degree of control over the process, including operators, engineers and maintenance workers.
The Center for Chemical Process Safety (CCPS 2007b) provides guidance as to what constitutes a PSM event.
- It must involve a chemical or have chemical process involvement;
- It must be above a minimum reporting threshold;
- It must occur at a process location; and
- The release must be acute, i.e., it must occur over a short period of time.
Elements of PSM
OSHA structured a process safety program around the fourteen elements shown below.
- Employee Participation
- Process Safety Information
- Process Hazards Analysis
- Operating Procedures
- Prestartup Safety Review
- Mechanical Integrity
- Hot Work
- Management of Change
- Incident Investigation
- Emergency Planning and Response
- Compliance Audits
- Trade Secrets
Other organizations, such as the American Petroleum Institute (API) and the American Chemistry Council, have developed their own lists. The one developed by the CCPS (Center for Chemical Process Safety) is shown below, and is the one we use in our Safety Moments.
- Process Safety Culture
- Workforce Involvement
- Stakeholder Outreach
- Knowledge Management
- Hazard Identification and Risk Management
- Operating Procedures
- Safe Work Practices
- Asset Integrity / Reliability
- Contractor Management
- Training / Performance
- Management of Change
- Operational Readiness
- Conduct of Operations
- Emergency Management
- Incident Investigation
- Measurement and Metrics
- Management Review
One means of analyzing incidents is to identify which elements of PSM were effective and which were ineffective. Examples of this approach are provided throughout this site. For example, the Safety Moment Vehicle Static involves the following elements:
10. Asset Integrity / Reliability
12. Training / Performance
16. Emergency Management
Some large energy and chemical companies develop their own management elements. The following is the one used by ExxonMobil (2016).
- Management leadership, commitment and accountability
- Risk assessment and management
- Facilities design and construction
- Information/ documentation
- Personnel and training
- Operations and maintenance
- Management of change
- Third-party services
- Incident investigation and analysis
- Community awareness and emergency preparedness
- Operations integrity assessment and improvement
Although the different programs may vary in detail they all tend to have a similar structure and aim to achieve similar goals, even though they may use different terminology. For example, OSHA uses the term "Prestartup Safety Review" whereas CCPS uses "Operational Readiness". Both terms strive for the same goal: ensure that a facility is safe to start following modifications.
Given the above background it is possible to develop definitions for the term Process Safety Management. The definition for Process Safety Management provided by the Center for Chemical Process Safety (CCPS 1992) is:
The application of management systems to the identification, understanding, and control of process hazards to prevent process-related injuries and incidents.
The following alternative definition is provided here.
Process Safety Management is an on-going process, involving all managers, employees and contract workers, that aims to minimize uncontrolled change from design and/or operating intent and to keep the process within its safe limits.
The above statement is developed in more detail in this section.
The safe limits for each process variable must be defined quantitatively. For example, the safe temperature range for a certain reaction may be 125-150?C. If the actual temperature deviates outside of that range, then that reaction is - by definition - out of control and potentially unsafe; action must be taken to bring the temperature back into the correct range. The fact that the process has deviated outside the safe range does not mean that an emergency situation exists ? management and the operators may have plenty of time to react. But they must do something because the facility must always be operated within its safe limits. The option of doing nothing is not an option.
The Table below illustrates the concept of safe limit values.
(A detailed discussion of safe limit Tables such as this and other values such as chemical mixing is provided in Process Risk and Reliability Management.)
Once the safe range has been defined management must determine how to operate their facility so that it stays within that range. In the case of the reaction temperature example, instrument set points must be adjusted and operators trained so as to achieve the 125 150?C range. All the people involved in running or maintaining the unit must know how to identify an out-of-control situation, what its consequences might be, and how they should respond to it. If it is management?s intention to operate outside the prescribed range then the Management of Change program should be implemented in order to ensure that the new conditions are safe, that new limits have been set, or that new safeguards have been installed.
When a facility is new, the safe limits are defined by its designers. As operating experience is accumulated new safe limit values will be implemented ? often through use of the hazards analysis and management of change processes.
Operating, Safe and Emergency Limits
The concept of safe limits can be extended to include operating and emergency limits, as illustrated in the sketch below, which shows values for a process variable such as pressure, temperature, level or flow rate.
Once more, a detailed description of this chart and how it helps define a PSM program is provided in PRRM.
Managing a PSM Program
The following issues need to be considered when developing and managing a PSM program.
"What gets measured gets done". No management program can be effective unless progress against defined goals is measured. PSM is no different. The catch is that it can be difficult to measure progress in this area because there are relatively few catastrophic events. This difficult, yet important, topic is discussed in PRRM.
A Safety Management System is not something that is created and then handed down by management to their employees and contract workers; it is a program that involves everyone: designers, operators, maintenance technicians, managers and senior executives. The key word is involvement - which is much more than just communication. All managers, employees and contract workers are responsible for the successful implementation of the program. Management, who must provide determined and committed leadership, must organize and lead the initial effort, but the employees must be fully involved in its implementation and improvement because they are the people who know the most about how a process really operates, and they are the ones who have to implement recommendations and changes. Specialist groups, such as staff organizations and consultants can provide help in specific areas, but process safety is fundamentally a line responsibility.
The implementation of a PSM program also requires thoroughness. For example, a company may have a good training program, but one person may have missed part of it because he or she was on vacation. Management will have to make sure that this person is trained and that his or her personnel files are updated appropriately.
The elements of process safety have strong interaction with one another ? it is not possible to meet the requirements of one of the elements without considering its effect on the others.
The inter-connectedness of the elements can be illustrated by considering the development of an Emergency Response Plan, in which the following sequence of actions - involving seven of the CCPS elements listed above - may occur.
- The writing of the Emergency Response Plan (element 16) requires a knowledge of which hazards have to be addressed.
- Consequently, a Hazards Analysis (element 7) is required to identify the hazards.
- In order to be able to carry out the hazards analysis, information from sources such as P&IDs and MSDS is needed. Much of this information is Included in the Knowledge Management program (element 6).
- Once the Emergency Response Plan has been developed, it will be necessary to Train everyone in its use (element 12).
- The Emergency Response Plan has to be Audited on a regular basis (element 19).
- During the training process, those being trained will come up with ideas that will improve the quality of the emergency response plan. This is Workforce Involvement (element 4).
- After going through the Management of Change step (element 13), these ideas can be used to upgrade the emergency manual.
When considered in isolation, many of the elements appear to be the "most important". For example, Workforce Involvement is the "most important" because, if the employees do not participate, the process safety program will not function properly. But Management of Change could be considered the ?most important? because the root cause of all incidents is uncontrolled change. On the other hand, all of the elements require a solid base of up-to-date, comprehensive information. Therefore Knowledge Management is the "most important". But then it could be argued that Incident Investigation and Root Cause Analysis is what really matters because incidents reveal what is really going on in the organization. The real point, of course, is that they are all important and necessary, and that they all rely on one another to be effective.
Please check the blog Process Risk and Reliability Management for the latest information to do with Process Safety Management.
Additional material to do with process safety management can be found in the book Process Risk and Reliability Management.