14

Continuous Improvement for the Incident Investigation System

A key element in the process safety incident investigation management system is a mechanism for ensuring that the process is actually providing the value expected and that there are systems in place for continuous improvement. The objective, of course, is to conduct an investigation that finds the root causes of the incident and then to communicate those findings so that that an identical incident, similar incidents, and incidents with associated root causes never occur again. In addition, the investigation must be conducted so that it meets certain regulations, rules, and defined expectations of the sponsoring organization. This process and the process of continuous improvement are most effectively implemented as an element of the management system. Poorly managed investigation programs are usually limited at best to preventing a reoccurrence of an identical incident at the same location. These programs typically lack the infrastructure needed to assure compliance with regulations and expectations, and have little or no provisions for continuous improvement. On the other hand, a well-managed incident investigation program values the need to assure compliance and seeks out quality improvement opportunities. The difference in the two is exhibited in down stream performanceone allows a repeat of incidents and the other prevents similar incidents throughout the organization. Continuous improvement is a recommended component of safety management systems as addressed and included in API Recommended Practice 9100 A&B for Safety Management Systems,(3) in the proposed UK standard for HSE Management Systems OHSAS 18001,(4) and in the ISO Quality Standards 9000 and 14000 series.(5,6) Each incident and the ensuing investigation is unique and can be used as an opportunity to improve the investigative system. The investigation
323

324

Guidelines for Investigating Chemical Process Incidents

team members and others from management should conduct critiques like the examples in this chapter to assure that the current investigation is comprehensive, and to identify potential changes that would make the next investigation more successful. These critiques address regulatory compliance, investigation quality, recommendation quality and follow-up as well as potential optimization methods. They should evaluate each phase of the investigative process (for example, planning, team composition, approach, gathering, and preservation of evidence) and should recommend changes where appropriate as well as identify and capture the positive aspects of the investigation for future use. When or if changes to the investigative process are recommended, they should be evaluated using the facilitys management of change process to ensure a clear understanding of the benefits of the recommended change and the potential undesired consequences before implementation. Approved changes should be integrated into the incident investigation training system.

14.1. Regulatory Compliance Review

The US OSHA process safety management (PSM) regulation in 29CFR 1910.119 (m) clearly defines the requirements of investigations conducted in covered facilities. The US EPA RMP regulation in 40CFR Part 68.81 mirrors the US OSHA requirements. During reviews of the effectiveness of the investigation system, it may be helpful to confirm that the investigations address all necessary regulatory requirements. Section 68.42 of the US EPA risk management program (RMP) standard requires documentation of certain specific information that must be included in each incident that is included in the five year summary of incidents. Some of the required data includes: duration of the release, quantity of the release, notification of offsite responders, and changes to the process that resulted from the investigation.

Table 14-1 lists these requirements and provides a record of compliance for future analysis. Requiring completion of this record for each process incident investigated enhances the probability that all elements are covered. Auditing of incident reports against these requirements provides the forum for continuous improvement in meeting compliance requirements. This table may also be incorporated into the PSM program assessment/audit protocol and used during periodic PSM program evaluations.(1)

14

Continuous Improvement for the Incident Investigation System

325

TABLE 14-1 Requirement Compliance Checklist

Requirement Statement The Investigation Itself: 1. You must investigate each incident in a covered process that did or could reasonably have resulted in a catastrophic release of: a highly hazardous chemical per US OSHA PSM or, a regulated substance per US EPA RMP. 2. The investigation should start as soon as is reasonably possible, but MUST start within 48 hours following the incident. (This requires documentation of date and time at which the investigation began.) 3. The investigation team is to be composed of: at least one person knowledgeable in the process involved, a contract employee if the incident involved work of the contractor, any other person with appropriate knowledge and experience that is required to thoroughly investigate and analyze the incident. The Report and Findings: 1. A report is required at the conclusion of the investigation and the report must include: date of the incident date the investigation began a description of the incident the factors that contributed to the incident recommendations resulting from the investigation 2. The report must be reviewed with all affected personnel whose jobs are relevant to the investigation findings, including contract employees where applicable. 3. A system must be in place and utilized to promptly address the incident report findings and recommendations. 4. The investigation report must be retained for five years. Yes No Compliance? Yes No

14.2. Investigation Quality Assessment

A thorough investigation contains several key elements. Even though a variety of tools and techniques may be used throughout the investigative process, the result must discover the underlying issues that caused or allowed the incident to occur in the first place. When this is done, appropriate corrective recommendations can be made.

326

Guidelines for Investigating Chemical Process Incidents

Because organizations are dynamic and ever changing, a conscientious effort must be made to assure that investigations continue to hit this target. To do this it is necessary to periodically review and update the entire process and management system, the individual components, and relevance of findings. Although you cannot inspect quality into a product, you can gather enough data to make adjustments and corrections so that future products meet the needs more closely. For incident investigations and resultant reports, this can easily be done by simply listing the critical elements that should be addressed in an investigation and critiquing actual performance against those criteria. Table 14-2 is an example critique sheet.

14.3. Recommendations Review

To effectively use the findings of an investigation, appropriate recommendations must be drafted and eventually acted upon. Recommendations should accurately translate the investigation findings into realistic actions that when implemented resolve the issue that prompted them. (They should solve the problem!) They must clearly define what is to be done so that the implementer understands not only what to do, but why. A well-written recommendation will also identify the consequences that are being avoided or abated, and/or the likelihood of a reduction of consequences or risks. Periodic checks or audits of recommendations coming from incident investigations provide managers a better understanding of the location and nature of problems. Table 14-3 is an example of a recommendation review checklist.

14.4. Potential Optimization Options

14.4.1. Follow Up Table 14-4 offers ways for optimizing the effectiveness of incident investigation follow-up. Not all options are appropriate for all investigation management systems or every investigation. The reader should determine which ones should be used and where. 14.4.2. Causal Category Analysis Each companys management style and safety systems have strengths and weaknesses. These strengths and weakness tend to influence the types and severity of incidents that might occur. An analysis of incident investigation findings in terms of causal factors, immediate causes, contributing causes,

14

Continuous Improvement for the Incident Investigation System

327

TABLE 14-2 Investigation Key Element Critique Checklist

Investigation Key Element Query 1. Are there written procedures or protocols for reporting and investigating process safety incidents? 2. Has the investigation team leader been trained (qualified) to lead investigations and to use appropriate investigative tools? 3. Does the investigation team leader have independence from the issue to be investigated to the point that there is no question as to that persons objectivity? 4. Were the necessary skills available either on the investigation team or readily available to the team when needed? 5. Have pertinent causes and discovery processes, including data gathered, been recorded and documented? 6. Were the proper investigative techniques applied correctly? 7. Did the investigation go beyond the immediate or obvious causes and discover contributing causes? 8. Was evidence gathered and preserved properly, including a documented chain-of-custody? 9. Did the investigation address all facets of all causes? 10. Were the underlying root causes identified? 11. Were the management system failure(s) identified? 12. What other resources, techniques and/or tools could be used to make the next investigation better? Discuss below. 13. Were critique forms completed for each investigation? 14. Were there any legal issues from this latest investigation that were related to incident investigation reports or documentation that need to be resolved before the next major incident investigation? 15. Do we need to change any internal communication practices? 16. Do we need to change any team training or team procedures? 17. Would we do anything differently to change the litigation exposure or litigation discovery phase items? Discussion: Yes No

328

Guidelines for Investigating Chemical Process Incidents

TABLE 14-3 Recommendations Review Checklist

Adequate? Recommendations Review 1. Do the recommendations address the underlying or root causes? (a) Is there a recommendation that addresses each root cause? 2. If there are contributing or enabling causes identified, are there corresponding recommendations if warranted? 3. Do the recommendations clearly identify what is to be done and why? 4. Is each recommendation feasible? 5. Will the recommendation(s) actually reduce the risk by lowering either the probability of occurrence or lessening the consequences? 6. Is a system in place for tracking each recommendation, including: (a) Assignment of an individual responsible for completion of each recommendation? (b) Target-for-completion dates for each recommendation? (c) Periodic status checks and reports? (d) Documentation of final resolution of each recommendation? 7. Is a formal documented system in place that assures each recommendation is evaluated through the management of change program before being implemented? 8. Is there a system in place that assures communication of pertinent facts regarding the incident, the recommendations, and status to affected employees and contractors? 9. Have the details of the incident and the recommendations been communicated to other facilities in the organization that may have a need to know? 10. Is a system in place that evaluates the usefulness and advisability of sharing this information with other companies in a similar business, per Responsible Care Process Safety Code of Management Practices 4.3 and 5? Yes No

14

Continuous Improvement for the Incident Investigation System

329

TABLE 14-4 Example Follow-up Checklist

Addressed? Follow-up Issues 1. Are the incident investigation follow-up expectations clearly stated in the incident investigation policy statement? 2. Are the incident investigation follow-up expectations and requirements included in key performance indicators? 3. Does the incident investigation management system include: Strongly encouraging near miss reporting and investigation? Requirements for formal periodic status reports of recommendations? Requirements for documentation of a formal plan for sharing lessons learned? Provisions for providing appropriate report information to various levels as needed? Provisions for modifications of original recommendations? 4. Are appropriate levels of upper management aware of and involved in monitoring the implementation or resolution of recommendations and resultant action plans? 5. Have audit protocols been established that include examination of effective implementation of: Investigation follow-up measures? Recommendations? 6. Are incident investigation follow-up expectations included in training and competency systems? Yes No

enabling causes, and especially root causes, may identify broad areas or management systems that contribute to or play a part of more incidents than others may. The determination of these management system failures allows a more global approach to reduction of common cause weaknesses and prevention activities than addressing individual causes might. Table 14-5 is an example of one way to accumulate this data for analysis by using causal categories. This approach is used for statistical analysis only AFTER the investigation is complete and the causal factors, including the root causes, have been determined. This approach is NOT appropriate for use as an investigative tool in the sense of finding causes of the incident. Rather, it should be used to define the broad categories into which a larger portion of incident investigation findings has occurred for a holistic approach to prevention.

330

Guidelines for Investigating Chemical Process Incidents

TABLE 14-5 Example Categories for Incident Investigation Findings

Instructions: Review each classification statement to determine if it is TRUE or FALSE for the incident investigation finding in question. Any statement that is answered with FALSE presents a causal path and an associated management system improvement opportunity. Category Design Circle T/F Defining Statements The current design used the correct specifications and was built so that it was adequate for the intended service. (This includes design logic, hardware, installation accuracy, arrangement, and ergonomic factors.) The control system(s) for the equipment or activity in question performed in accordance with the design logic, programming, or other instructions. (This deals with the actual control operation or execution. It would not include control logic that is in the design category.) The administrative procedures were: available (you had them) adequate (they were usable) accurate (they were correct) approved and enforced (you really meant it) These are the procedures covering broad organizational needs such as management of change, design and installation expectations (including avoiding headknockers and providing logical labeling), procurement (including approving substitutions and vendor equivalents), implementation (including defining training requirements and administrative support systems), safety (including specifying appropriate protective gear), environmental compliance, housekeeping standards, and emergency response. The operational procedures were: available (you had them) adequate (they were usable) accurate (they were correct) approved and enforced (you really meant it) The maintenance procedures were: available (you had them) adequate (they were usable) accurate (they were correct) approved and enforced (you really meant it) (The focus of this category is the actual maintenance tools, techniques, and standards for work that go beyond the traditional scope of normal inspection and preventive maintenance activities.)

Process Controls

T/F

Administrative Procedures

T/F T/F T/F T/F

Operation Procedures

T/F T/F T/F T/F T/F T/F T/F T/F

Maintenance Procedures

14

Continuous Improvement for the Incident Investigation System Category Circle T/F T/F Defining Statements Training was: available, timely (initially and in reviews) adequate and verified to be effective to achieve functional and compliance requirements

331

Training

Inspection and Preventive Maintenance Equipment and Materials

T/F

Inspection and preventive maintenance were in accordance with applicable procedures, manufacturers or experience-based recommendations and governing standards, and were adequate for the service conditions. The equipment, parts, and materials as initially procured were as specified, were not defective, and met or exceeded the applicable specifications. (If you had received what you thought you were getting, the equipment or material involved would not be an issue.) Personnel were fit for duty. (Includes physical/mental/emotional states and addresses preexisting physical conditions, substance abuse, and other related concerns.) Personnel actions, activities, and decisions were in accordance with procedures, training, and expected workplace standards. External items including weather and external third party actions/events were not creating out-of-design conditions. The incident has been satisfactorily classified in one or more of the above categories

T/F

Personnel Fitness

T/F

Human Actions

T/F

External

T/F

Other

T/F

By gathering these data from each incident investigation, a database is established that will, over time, indicate the broad categories or management systems in which incident investigation findings tend to accumulate. The company can then devise and implement a more holistic approach to prevention than the one developed by addressing individual root causes.

Endnotes
1. US OSHA. Process Safety Management of Highly Hazardous Chemicals 29 CFR 1910.119. Washington, DC: Occupational Safety and Health Administration, 1992. 2. US EPA. Accidental Release Prevention Requirements: Risk Management Programs. Clean Air Act Section 112(r)(7). 40 CFR Part 68, Washington, DC: Environmental Protection Agency, 1996.

332

Guidelines for Investigating Chemical Process Incidents

3. American Petroleum Institute (API). Recommended Practice API 9100, Model Environmental, Health & Safety (EHS) Management System and Guidance Document 4. Health and Safety Executive (HSE), OHSAS 18001 (proposed), Management Systems Standard . 5. International Organization for Standardization (ISO), ISO 9000 series, Quality Management Systems. 6. International Organization for Standardization (ISO), ISO 14000, Environmental Management Systems.