emmanuel mbata 2013
TRANSCRIPT
-
8/9/2019 Emmanuel Mbata 2013
1/100
TITLE
THE ROLE OF TECHNICAL AUTHORITY IN MANAGING
ASSET INTEGRITY
By
EMMANUEL MBATA
B.Tech. Physics/Electronics Technology
A dissertation submitted in partial fulfilment of the requirements of the
award of Master of Science in Safety and Reliability Engineering at the
University of Aberdeen
September, 2013
-
8/9/2019 Emmanuel Mbata 2013
2/100
i
DECLARATION
I EMMANUEL MBATA declare that the presented and submitted work is my original
work and has not been submitted for any other degree award to any University.
-
8/9/2019 Emmanuel Mbata 2013
3/100
ii
ACKNOWLEDGEMENT
I am most grateful to my supervisor Dr H. Tan for his kind words of encouragement,
constructive feedbacks and support throughout this research. Most especially I want to
thank you for your patience and understanding.
My sincere appreciation to OPITO for the great opportunity granted me through the
Piper Alpha Memorial Scholarship. My profound gratitude goes to Bruce Lawson for
taking out time from your busy work schedule to guide me through this project work.
I want to say a big thank you to Les Linklater (Team leader Step Change in Safety),
Emily Taylor and Dr Gillian Simpson for your support and all the help rendered. I am
sorry for all the inconveniences caused. The Asset Integrity Steering Group of Step
Change in Safety for helping me ensure that the questionnaires where answered. I
would also like to use this opportunity to thank Bob Taylor and Valerie Wilson for their
valuable contribution to this work.
To my Parents Mr & Mrs Robert Mbata, you are the best, thank you for going the extra
mile to ensure that I do my Master’s degree.
To my family, friends and loved ones, thank you so much for your help, understandingand encouragement through it all.
Most especially, I am grateful to God.
-
8/9/2019 Emmanuel Mbata 2013
4/100
iii
ABSTRACT
The offshore oil and gas industry on the UK Continental Shelf (UKCS) is a dynamic
and mature production area with an ageing infrastructure. Past and more recent
accidents have alerted the oil and gas industry of the need to manage their assets and
control the risks associated with production operations from design to abandonment.
Asset integrity is the fitness of an asset to be operated as intended in an effective and
efficient way with an acceptable risk of failure, and asset integrity management ensures
that the people, systems, processes and resources that deliver integrity are available,
functional and reliable over the whole life cycle of the asset.
Essential for the integrity of an asset are the safety critical elements. These are
components, systems (including computer programs) whose purpose is to control,
prevent or mitigate major accident hazards, and whose failure can lead to or contribute
substantially to a major accident.
Ensuring the functionality, availability, survivability and reliability of the safety critical
elements as offshore asset continually age is essential for an effective asset integrity
management. This responsibility lies with the Technical Authorities who acts as
backstop against continuous use of degraded safety critical elements.
The main objective of this research is to understand the current implementations of the
Technical Authority’s role within operating companies in the UKCS via a questionnaire
and the definition of key roles going forward.
The findings of the research highlighted the strengthening of the Technical Authority’s
role within operating companies and provide an insight into their functions, roles and
how they manage the integrity of assets.
The key roles identified in this research to be performed by Technical Authority’s going
forward includes definition of performance standards for safety critical elements,
ensuring the safety critical elements meets the defined performance standards, manage
maintenance deferral of safety critical elements, review deviations from the defined
performance standard, involve in accident/incident investigations and carry out reviews
and audit activities as required. This will ensure the continuous fitness for purpose of
the safety critical elements.
-
8/9/2019 Emmanuel Mbata 2013
5/100
iv
TABLE OF CONTENT
DECLARATION ........................................................................................................................ i
ACKNOWLEDGEMENT ......................................................................................................... ii
ABSTRACT ............................................................................................................................. iii
LIST OF FIGURES ................................................................................................................. vii
LIST OF ABREVIATIONS ................................................................................................... viii
1 INTRODUCTION .............................................................................................................. 1
1.1 Background ................................................................................................................ 1
1.2 Aims and Objectives .................................................................................................. 2
2 LITERATURE REVIEW ................................................................................................... 3
2.1 Introduction ............................................................................................................... 3
2.2 ASSET INTEGRITY MANAGEMENT (AIM) ....................................................... 3
2.3 Asset Life Cycle ........................................................................................................ 4
2.3.1 Plan/Design Phase ............................................................................................... 5
2.3.2 Construction Phase .............................................................................................. 6
2.3.3 Commissioning Phase ......................................................................................... 6
2.3.4 Operations Phase ................................................................................................. 6
2.3.5
Decommissioning Phase ...................................................................................... 7
2.4 Asset Integrity Elements ............................................................................................ 7
2.4.1 Mechanical Integrity ............................................................................................ 8
2.4.2 Operational Integrity............................................................................................ 8
2.4.3 Personnel Integrity ............................................................................................... 8
2.5 Description of the Elements and the Intended Purposes ........................................... 9
2.5.1 Management of Change ....................................................................................... 9
2.5.2 Assessment and Continuous Improvements ...................................................... 10
2.5.3 Ownership and Accountability .......................................................................... 10
2.5.4 Asset register ..................................................................................................... 11
2.5.5 Risk Management and Hazard Evaluation ........................................................ 11
2.5.6 Protective Systems ............................................................................................. 11
2.5.7 Facilities Design and Construction .................................................................... 12
2.5.8 Operation and Maintenance ............................................................................... 12
2.5.9 Incident/Accident Investigation and Prevention ............................................... 13
2.5.10 Leadership ......................................................................................................... 13
-
8/9/2019 Emmanuel Mbata 2013
6/100
v
2.5.11 Competency/Skills Assurance ........................................................................... 13
2.5.12 Emergency Management ................................................................................... 14
2.6 Risk based approach ................................................................................................ 15
2.6.1 Risk Base Inspection (RBI) ............................................................................... 15
2.6.2 Reliability Based Maintenance (RBM) ............................................................. 15
2.7 Safety Critical Element (SCE), Major Accident Hazard (MAH), Risk Based
Inspections (RBI) and Performance Standard (PS) ............................................................. 16
2.7.1 Safety Critical Element (SCE) ........................................................................... 16
2.7.2 Risk Based Inspections (RBI) ........................................................................... 19
2.7.2.1 RBI Process ................................................................................................ 20
2.7.2.2 Risk Assessment Process ........................................................................... 20
2.7.2.3 Hazard Identification .................................................................................. 21
2.7.2.4 Frequency Assessment ............................................................................... 21
2.7.2.5 Consequence Assessment ........................................................................... 21
2.7.2.6 Risk Evaluation .......................................................................................... 21
2.7.2.7 Action Forward .......................................................................................... 25
2.8 Major Accident Hazards (MAH) ............................................................................. 25
2.9 Performance Standard (PS) ..................................................................................... 26
2.9.1 Integrity Assurance ............................................................................................ 27
2.9.2 Verification ........................................................................................................ 27
2.10 RBI, MAH, SCE and PS Loop ................................................................................ 28
3 METHODOLOGY ........................................................................................................... 30
3.1 Population and Sampling ......................................................................................... 31
3.2 Data Collection Method .......................................................................................... 31
3.2.1 Pilot Interview ................................................................................................... 31
3.2.2 Questionnaire ..................................................................................................... 31
3.2.3 Unstructured Interview ...................................................................................... 32
3.3 Data Analysis Method ............................................................................................. 32
3.4 Research Ethics and Limitations ............................................................................. 33
3.4.1 Research Ethics.................................................................................................. 33
3.4.2 Limitations ......................................................................................................... 33
4 DATA ANALYSIS AND DISCUSSION ........................................................................ 35
4.1 The Questionnaire.................................................................................................... 35
4.1.1 The Organisations .............................................................................................. 36
-
8/9/2019 Emmanuel Mbata 2013
7/100
vi
4.1.2 TA Standard/Framework ................................................................................... 37
4.1.2.1 TA Disciplines............................................................................................ 39
4.1.3 TA Role Definition and Organisational Approach ............................................ 42
4.1.3.1 Review and Audit ....................................................................................... 44
4.1.3.2 Risk Assessments ....................................................................................... 45
4.1.3.3 Defines Regional Technical Standard ........................................................ 45
4.1.3.4 Endorse waiver to Technical Standard ....................................................... 45
4.1.3.5 Interpretation of Good Engineering Practice ............................................. 45
4.1.3.6 Endorse Deviation from PS ........................................................................ 46
4.1.3.7 Strategic Maintenance ................................................................................ 46
4.1.3.8 Approves Key Engineering Drawing ......................................................... 46
4.1.3.9 Ensure Conformity with Legislation and Standard .................................... 46
4.1.3.10 Guidance, Mentoring and Training ............................................................ 47
4.1.3.11 Investigations and Root Cause Analysis .................................................... 47
4.1.3.12 Review Suitability of SCE ......................................................................... 47
4.1.3.13 Defines PS .................................................................................................. 47
4.1.3.14 Maintenance Deferral of SCE .................................................................... 48
4.1.3.15 Review Changes and Modification ............................................................ 48
4.1.3.16 Independent View on Safety and Operational Risk ................................... 48
5 CONCLUSIONS .............................................................................................................. 50
6 RECOMMENDATIONS ................................................................................................. 51
APPENDICES ......................................................................................................................... 59
-
8/9/2019 Emmanuel Mbata 2013
8/100
vii
LIST OF FIGURES
FIGURE 2.1: IMPORTANT CONCEPT OF I NTEGRITY MANAGEMENT .............................................. 4
FIGURE 2.2: ASSET LIFE CYCLE .................................................................................................. 5
FIGURE 2.3: R ELATIONSHIP BETWEEN ASSET INTEGRITY ELEMENTS .......................................... 7
FIGURE 2.4: COMPETENCY VERIFICATION SCHEME ................................................................. 14
FIGURE 2.5: SCE GROUPS AND BOWTIE DIAGRAM ................................................................... 18
FIGURE 2.6: MAJOR COMPONENT OF THE R ISK EVALUATION PROCESS .................................... 22
FIGURE 2.7: TYPICAL 4X4 R ISK MATRIXES .............................................................................. 23
FIGURE 2.8: R ISK R ATINGS ....................................................................................................... 24
FIGURE 2.9: RBI, MAH, SCE AND PS LOOP ............................................................................ 28
FIGURE 3.1: OVERVIEW OF PROCESS ........................................................................................ 30
FIGURE 4.1: PERCENTAGE DISTRIBUTION OF OFFSHORE PLATFORM ACROSS R ESPONDENT ..... 36
FIGURE 4.2: FLOW DIAGRAM FOR TA REPORTING STRUCTURE INTO SENIOR
MANAGEMENT .................................................................................................................. 37
FIGURE 4.3: THE BASIS FOR WHICH TA'S ARE SELECTED......................................................... 38
FIGURE 4.4: TA SELECTION BASIS % IN AGREEMENT .............................................................. 38
FIGURE 4.5: TA DISCIPLINE WITHIN DUTY HOLDERS IN THE UKCS ........................................ 39
FIGURE 4.6: TA DISCIPLINE % OF R ESPONDENT IN AGREEMENT .............................................. 40FIGURE 4.7: TA R OLES/R ESPONSIBILITIES ............................................................................... 43
FIGURE 4.8: TA R OLES/R ESPONSIBILITIES % OF R ESPONDENTS IN AGREEMENT ...................... 44
FIGURE 4.9: PS DEVELOPMENT FLOW DIAGRAM ....................................................................... 47
LIST OF TABLES
TABLE 2.1: DEFINITIONS OF LIKELIHOOD FOR TYPICAL 4X4 R ISK MATRIX ............................. 24
TABLE 2.2: DEFINITIONS OF CONSEQUENCE FOR TYPICAL 4X4 R ISK MATRIX…... .................. 25
http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812911http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812911http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812911http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812911http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812911http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812911http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812911http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812911http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812911http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812914http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812914http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812914http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812914http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812914http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812914http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812914http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812914http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812914http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812923http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812923http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812923http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812923http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812923http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812923http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812923http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812923http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812923http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812914http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812913http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812911http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812906http://d/Main-Dissertation%2051.updated%20(1).doc%23_Toc365812905
-
8/9/2019 Emmanuel Mbata 2013
9/100
viii
LIST OF ABREVIATIONS
BP British Petroleum
UKCS United Kingdom Continental Shelf
HSE Health and Safety Executive
OSD Offshore Division
KP3 Key Programme 3
NUI Normally Unattended Installations
FP Floating Production
FPSO Floating Production Storage Offloading
MAH Major Accident Hazards
TA Technical Authority
SMS Safety Management System
LTI Lost Time Injury
HAZOP Hazard and Operability
QRA Quantitative Risk Assessment
FMECA Failure Mode Effect and Criticality Assessments
HIPPS High Integrity Pressure Protection System
MOC Management of ChangeESD Emergency Shutdown
PSV Pressure Safety Valve
PSD Pressure Safety Device
RAM Reliability, Availability and Maintainability
RBI Risk Based Inspections
RBM Risk Based Maintenance
UK United Kingdom
AISG Asset Integrity Steering Group
SIS Safety Instrumented System
PA Public Address
GA General Alarm
BS British Standard
PS Performance Standard
ISO International Standard Organisation
OPEX Operational Expenditure
-
8/9/2019 Emmanuel Mbata 2013
10/100
ix
ICP Independent Competent Person
EPC Engineering Procurement and Construction
P&ID Piping and Instrumentations Diagram
MMS Maintenance Management Systems
-
8/9/2019 Emmanuel Mbata 2013
11/100
1
1 INTRODUCTION
1.1 Background
Long dismissed by many as a potential source of oil or gas, the North Sea has, over the
last four decades, become the centre of one of the world most productive and dynamic
energy industries. Gas was first found in commercial quantity in the Groningen area of
The Netherlands in 1959. This was followed by the first British discovery of gas in the
West Sole field, off the coast of East Anglia, by the British Petroleum (BP) jack-up
drilling rig Sea Gem, late in 1965 [1].
The offshore oil and gas industry on the United Kingdom Continental Shelf (UKCS) ofthe North Sea is now a matured industry with about 107 oil platform and 181 gas
platforms and many subsea installations. It operates in an increasingly more challenging
business environment due to rising energy demands, declining oil and gas production
rates and ageing infrastructures. It is a known fact today that more than 50% of the
offshore oil and gas production facilities has exceeded their design life and this
proportion is steadily increasing with time.
About a decade ago, in response to the deteriorating nature of assets especially the
Safety Critical Elements (SCE), the UK Health Safety Executives (HSE) Offshore
Division (OSD) responded with the Key Programme 3 (KP3) which was directed more
widely on asset integrity, and schedule to run between 2004 and 2007 [2].
The KP3 inspections were done by OSD’s specialist and inspection management team
in about a 100 offshore installations representing about 40% of the total infrastructures
in the UKCS. These included all types of offshore installations Fixed, Manned and
Normally Unattended Installations (NUI), Floating Production (FP), Floating
Production Storage and Offloading (FPSO) vessels and Mobile drilling rigs [2].
The main focus of the KP3 was on the maintenance management of SCEs i.e. the
management systems and processes which should ensure the reliability and availability
of the SCEs. The SCEs are essential for the integrity of any installation, these are the
parts of an installation or component (e.g. hardware, software, procedure etc.) which are
designed to prevent, control or mitigate Major Accident Hazards (MAH) and the failure
of which could cause or contribute substantially to a major accident [2].
-
8/9/2019 Emmanuel Mbata 2013
12/100
2
In November 2007 a report was published by HSE detailing the findings of the KP3.
One of the main finding was that “…Technical Authorities (TAs) roles needs be
strengthened in many companies…” [2].
Although referred to frequently in HSE documents, and adopted widely in operating
companies within UKCS after the KP3, the role of the TA is not universally defined or
implemented.
This thesis will seek to assess and documents the implementation of TAs in duty holder
organisations via an industrial questionnaire, to understand the role TA plays in
managing asset integrity.
1.2 Aims and Objectives
As the currently operating oil and gas installations in UKCS are ageing, it is very
important to ensure that they are still capable of performing their intended functions in
the safest possible manner to avoid any harm to personnel or the environment. It is
therefore important that the role of the TA be universally defined and implemented
because it acts as a backstop against degraded SCEs and safety related equipment and
structures.
My main aim in this work is to understand the current implementation of the TA ’s role
with operating companies and definition of the key roles to be delivered by TA going
forward.
In an attempt to fully achieve the aim of this work, the objectives would be as follows;
To review various asset integrity management techniques
To understand the current implementation of the TA’s role within operating
companies in the UKCS
To draw conclusions and make recommendations based on my findings
-
8/9/2019 Emmanuel Mbata 2013
13/100
3
2 LITERATURE REVIEW
This chapter seek to review different techniques employed in Asset Integrity
Management.
2.1 Introduction
Safe and reliable production is the cornerstone to efficient and profitable oil and gas
production operations. As majority of the offshore oil and gas installations in the UK
sector of the North Sea are operating beyond their design life, management and
prevention of unwanted incident especially those involving hydrocarbons, is essential to
achieving this desired safety and reliability. This sort of events can lead to multiple
fatalities with respect to people, contamination of the environment, economic loss andreputational damage for example, the Texas City refinery disaster in 2005 and The Gulf
of Mexico Oil Spill in 2010 [3].
The effective Asset Integrity Management (AIM) is critical to the control of MAH,
preventing major accidents, improve availability, business and operational efficiency
and increase reliability in oil and gas production operations. To achieve this, it is
necessary that an aware workforce deploy quality practices to sound facilities [4].
2.2 ASSET INTEGRITY MANAGEMENT (AIM)
Management of asset integrity in modern oil and gas industry is a complex and a cross-
functional activity made up of many components covering many disciplines, and it is a
birth to death journey for an asset.
The UK HSE defined Asset Integrity as “the ability of an asset to perform its required
function effectively and efficiently whilst protecting health, safety and the environment
and AIM as the means of ensuring that the people, systems, processes and resources that
deliver integrity are in place, in use and will perform when required over the whole
lifecycle of the asset” [2].
According to Sutton [5], AIM should be a core element in companies' total management
systems, strategies and activities. It seeks to ensure that all equipment, piping,
instrumentation, electrical systems, and other physical items in a unit are designed,
constructed, operated, inspected, and maintained to the appropriate standards. AIM is
-
8/9/2019 Emmanuel Mbata 2013
14/100
4
built on the philosophy that prevention of major accident is reliant on the following
principles that;
The Plant or equipment are designed and continually assessed to ensure it is
fitness for purpose (i.e. Mechanical integrity).
The Process (including programme and procedures) are in place, in use, up to
date and adhere to (i.e. Operational integrity).
The People are trained and competent with regards to their safety critical duties
(i.e. Personnel integrity).
Figure 2.1: Important Concept of Integrity Management [6]
For an effective integrity management of an asset, the people, plant and process needs to
remain fit for purpose over the life cycle of the asset.
2.3 Asset Life Cycle
The life cycle of an asset simply means the different phases/stages an asset goes through
before it is no longer fit for service. Over the life of an asset, the design intentions or
operational conditions may change. These changes can introduce risk or impose added
-
8/9/2019 Emmanuel Mbata 2013
15/100
5
burden on the assets both in terms of operating practices as well as the asset reliability
and integrity [7].
To ensure the life cycle integrity of the asset is managed and maintain, it is required that
such changes are recognised and appropriate steps taking to mitigate the effect. This is
dependent on good leadership, senior management commitment, effective maintenance
and risk management conducted by a competent workforce for each phase of the asset
life [8].
The main phases of an asset life are summarized in the figure 2.2;
Each of these phases has an impact on the integrity of the asset and is of itself a
significant event with the potential to change the risk profile of the asset [9].
These phases are discussed below;
2.3.1 Plan/Design Phase
The plan/design phase is crucial and the most important phase of any asset. Integrity in
design yields high reliability, availability, reduces downtime and cost of maintenance
[10]. Dreher et al [11] explain that, the most effective manner in which to reduce the
overall risk exposure for an asset is to reduce the risk during the planning and design
phases. Implementing the inherently safe design concept will minimise the hazards to
personnel during their operating phase and subsequent decommissioning.
A variety of studies may be undertaken during this phase to identify risk in order to take
appropriate step to mitigate the risk. These studies consider risk in a variety of areas,
including project, safety, and operational risk.
Asset Life
Cycle
Plan
Design
ConstructionCommissioning
Operations
Decommissioning
Figure 2.2: Asset Life Cycle
-
8/9/2019 Emmanuel Mbata 2013
16/100
6
These steps include, but not limited to the following;
Project risk assessment
Safety risk assessment e.g. Hazard Identification (HAZID), Hazard Analysis
(HAZAN), Hazard and Operability Studies (HAZOP), Quantified Risk
Assessments (QRA) etc.
Operational risk assessments e.g. Failure Mode Effect (and Criticality) Analysis
(FMEA/FMECA), Reliability and Availability Studies.
2.3.2 Construction Phase
In this phase of an asset, a variety of risks can also be introduced. These ranges from
occupational health and safety risks associated with injuries to major financial risks that
may have the potential to change the objectives of the project. In addition to managing
the lower level risks, it is essential to identify and address risks that have the potential to
seriously impact the viability of the project [11]. According to Butler [9], the cause of
the risk during the construction phase could be as a result of panic driven last minute
changes, or the root of the problem coming from the engineering design. Steps should
be taking during this stage to ensure that assets are constructed according to the design
specifications.
2.3.3 Commissioning Phase
De wardt et al [12] defines commissioning as “the process by which a plant, facility,
equipment (which is installed, or is complete, or near completion) is tested to verify if
its functions according to its design objectives or specifications”. During this phase of
an asset life cycle, reviews are essential to ensure that the equipment and system has
been manufactured (according to design specifications), connected and installed in a
safe and reliable way. Integrity testing of mechanical equipment, Loop testing of control
and Safety Instrumented Systems (SIS), etc. should be conducted to ensure that the
installed design of the facility meets the specified performance parameter [13].
2.3.4 Operations Phase
When a plant has been commissioned and is in operations, the design and construction
safety has to be maintained by structural inspection and maintenance regime [11].
Particular emphasis should be placed on control of changes to the facilities for example,
changes in reservoir chemistry, or production parameters. Plant change control is
essential to ensure that any modifications are considered at the correct technical level to
-
8/9/2019 Emmanuel Mbata 2013
17/100
7
ensure that all potential risks are evaluated, if necessary by repeating the whole design
control measures as in the earlier phases.
2.3.5 Decommissioning Phase
Applying appropriate risk management during planning and design phases of an asset
will anticipate potential problems and take them into consideration in the initial design
of the facility. This can in the long run eliminate or reduce the issues associated with the
decommissioning of the facility at the end of their useful life [11].
2.4 Asset Integrity Elements
The asset integrity major elements are;
Mechanical Integrity
Operational Integrity
Personnel Integrity
[14]
The figure above shows the relation between asset integrity and its major elements, as
well as the interrelation between the elements. The way each of the elements performs
has effect on the others. The range for mechanical integrity is defined by the operations
and both of these elements depend on the personnel involved in dealing with them. This
enforces the requirement of personnel integrity to define asset integrity
Figure 2.3: Relationship between Asset integrity Elements
Mechanical
Integrity
Asset
Integrity
Operationalintegrity
PersonnelIntegrity
-
8/9/2019 Emmanuel Mbata 2013
18/100
8
comprehensively. Mechanical integrity is an important contributor to asset integrity, it
ensures that equipment are designed, constructed, installed and maintained to minimise
risk. The other two elements also have a potential influence on the integrity of an asset
[14].
These elements are discussed below;
2.4.1 Mechanical Integrity
Mechanical integrity is the ability of the asset to withstand the design load (i.e. design
pressure/stress, design temperature, etc.). It is primarily concerned with the structural
integrity, pressure containment and leak tightness, and focuses on pressurized
equipment, piping systems and major structure [15].
According to Smallwood [16], to achieve optimum mechanical integrity for process
fixed equipment, the following tasks must be used as applicable:
Effective management of plant’s operation, engineering and maintenance to
achieve mechanical integrity
Design mechanical integrity into a process plant during the design stage
Know and understand equipment's type/condition e.g. degradation or failure
mechanism
Operate equipment within acceptable operating envelope
Use secondary containment or other methods to diminish the effects of loss of
containment.
2.4.2 Operational Integrity
Operational integrity is the ability of the asset to perform its required functions
effectively and safely. It is primarily concerns with the reliability of SCE such as
Emergency Shutdown systems (ESD), critical process control systems, and hazard
mitigation system (e.g. Fire/gas detection system, High Integrity Pressure Protection
System (HIPPS), Safety valves etc.) [6]. Operational Integrity is about making sure the
operating basis are in place, understood, supported and adhere to.
2.4.3 Personnel Integrity
Personnel integrity is the ability of the asset personnel to operate the asset safely and
effectively. It is primarily concerned with human factors issues such as operators
-
8/9/2019 Emmanuel Mbata 2013
19/100
9
training, competency management systems, reporting systems, anomaly management,
etc. [17].
The AIM program is intended to be applicable at all stages/phases of an asset life from
design and construction to operation and decommissioning. It is a cradle-to-grave
program that covers the full life cycle of an operational facility and is based on a
continuous process of identification of potential hazards associated with such facility
and the risk management and mitigation programs developed to control the hazard [18].
For a facility to perform its required function effectively and efficiently whilst
protecting health, safety and the environment, the Mechanical, Operational and
Personnel Integrity should be maintained throughout the life cycle of the operational
facility.
Listed below are the selected AIM elements to ensure that the Mechanical, Operational
and Personnel Integrity are maintained over the life cycle of the asset [7].
Management of Change (MOC)
Assessment and Continuous Improvements.
Ownership and Accountability
Asset register
Risk Management and Hazard Evaluations
Protective System
Facility Design and Construction
Operations and Maintenance
Incidence Investigation and Preventions
Emergency Management
Competence/Skills Assurance
Leadership
2.5 Description of the Elements and the Intended Purposes
2.5.1 Management of Change
In AIM and major accident prevention, Management of Change (MOC) is one of the
most important elements which are employed throughout the life cycle of the asset. It is
simply about understanding changes and trying to control them.
-
8/9/2019 Emmanuel Mbata 2013
20/100
10
One of the major threats to MOC is that a change might not be recognised in the first
place, and this can be followed by the failure to identify the impacts of the change and
implement appropriate actions that allow transition to the change [19].
This is evident from a number of globally reported major incidents, where it was
revealed that failure to manage change was the root cause or a significant contributor.
For example,
Failure to manage temporary change led to the loss of containment, explosion,
fire and fatalities at the Nypro plant at flixborough in 1974 [20].
In most cases, MOC is applied well to permanent visible physical changes to an asset.
However, temporary or insidious changes are sometimes overlooked or not noticed. In
addition, issues such as operations outside of acceptable operating envelops, chemical
addition modifications, change in physical properties etc. are often missed. According
to Ciaraldi [6], understanding what constitute a change and how different types of
change are governed is important for an asset operator to establish an effective MOC
process. To further improve the effectiveness of MOC, an audit procedure which feeds
back into process modifications and clarifications should be employed [6].
2.5.2
Assessment and Continuous Improvements
Another important element in AIM is the assessment or evaluation of the changing
condition of an asset and the continuous assurance and verification of its integrity. This
can be achieved if performance measures are in place to monitor progress and determine
if effective systems and procedures are in place [7].
The preservation of safety critical function of SCE to achieve the required level of asset
integrity is achieved by a programme of planned inspection, testing and maintenance
activities. This is supported by timely/focussed repairs, replacements and restoration of
asset condition so that the asset remains fit for its operational purposes. Without this,
asset will deteriorate, leading to degradation of performance, ageing and unreliability of
its SCE.
2.5.3 Ownership and Accountability
If the accountability is not defined, the ownership of any task or initiatives is diluted
and progress will not be recorded. As such, for any integrity management plan orinitiative to succeed, the responsibility for identifying the loop holes in the integrity of
-
8/9/2019 Emmanuel Mbata 2013
21/100
11
the asset, the necessary actions required to close these identified gaps, monitoring of
progress made in the corrective actions and maintaining of the desired level of
performance must be defined [7].
2.5.4
Asset register
Palmer [21] explained that, data availability, accuracy and continued update are
necessary for the implementation of AIM initiatives and measure of progress towards
meeting the preset objectives.
Without integrity management data, it will be difficult for asset management to monitor
or to assert with any level of confidence that the plant or asset is in a safe condition or to
complete meaningful predictive work that will ensure the long term reliability of the
facilities. All supporting inspection, testing, investigative findings, modifications and
maintenance database should be aligned with the asset register. Therefore, periodic
reviews are required to ensure the asset register and supporting databases are maintained
and always up to date [22].
2.5.5 Risk Management and Hazard Evaluation
The core of AIM is risk and hazards evaluation. These involves the process of planning,
identifying, estimating, evaluating, selecting and implementing actions to prevent,
minimize, control or eliminate harm to personnel, environment and assets [23].
This emphasizes the need for continuous process that establishes and progressively
updates the understanding of the hazards and their management through the life cycle of
each asset.
The hazard analysis should produce a hazard register and SCE list (for prevention,
control and mitigation of the hazards) that includes the level of criticality based on the
likelihood and consequences of their failure in service [7].
2.5.6 Protective Systems
This are safety critical systems which contribute to preventing, detecting, controlling or
mitigate a major accident and ensuring the survival of people and protection of assets.
To ensure AIM, these systems should always be reliable, available and operational and
their operational functions continually verified to ensure they meet the performance
criteria. These systems include,
-
8/9/2019 Emmanuel Mbata 2013
22/100
12
ESD
Pressure Safety Valves (PSV)
Gas detectors and fire alarms
HIPPS Process Safety Devices (PSD) etc.
2.5.7 Facilities Design and Construction
This means ensuring integrity of the assets during design in order to operate within
acceptable safety margins and to ensure optimized economy throughout operational life.
This is achieved by adopting inherent safe design, developing a safe layout integrating
ergonomics (human factor) requirements right from design stage, selection of an
appropriate material for sustained operations and carrying out Reliability, Availability
and Maintainability (RAM) studies [10].
Laskar [15] explained that, the mechanical integrity of the asset is assured by
construction and fabrication to a suitable design using appropriate materials, good
workmanship and quality assurance in accordance with;
Recognised codes and standards
Good industry practises
Regulatory requirements
2.5.8 Operation and Maintenance
This element addresses the need to operate assets within the safe operating envelope and
define the limits beyond which system integrity may be jeopardized. Mechanical
integrity can be maintained by adhering to operating procedures and processes [7].
Asset integrity can be maintained when assets are;
Operated within the original design parameters or through parameters defined
through a MOC process that evolves as the facility moves through different
phases of its life cycle.
Inspected, maintained and repaired to a condition which is consistent with the
original design or fitness for service criteria.
-
8/9/2019 Emmanuel Mbata 2013
23/100
-
8/9/2019 Emmanuel Mbata 2013
24/100
14
competency is not about training, intelligence or education level, but it is about the
specific skills required to properly do a particular job and the individual’s level of
expertise.
Managing people’s competence is a critical part of managing overall safety and integrity
of an asset. Wherever people interface with complex work systems, skilled knowledge
and skilled performance are vital to operational integrity [29].
A proper competency assurance program defines the skills required for each job and the
minimum level of competency necessary to carry out the job. Additionally, there must
be a means in place to continually assess the individual skills of a worker so that
deficiencies may be identified and corrected with targeted training and testing [30]. See
figure 2.4
Figure 2.4: Competency Verification Scheme [6]
2.5.12 Emergency Management
Tveiten et al [27] defines emergency management “as the total activities (both
administrative routines and informal processes) conducted in a more or less coordinated
way to control emergencies before, during and after an event. This includes analysis,
planning, training, handling, learning, anticipation and monitoring”.
This is the last line of defence in an AIM plan, the ability to reduce the effect or
mitigate the consequences of an accident. It is essential that assets are reliable and
-
8/9/2019 Emmanuel Mbata 2013
25/100
15
available and can respond quickly to mitigate the effect of an undesired event by having
robust emergency management plan. In addition to having the plans in place, they
should be regularly reviewed to be able to adapt to changes in the identified hazards, be
fully understood by all those likely to be impacted and regularly exercised and tested
through drills [28].
2.6 Risk based approach
Risk based approach provides a detailed evaluation of failure modes and the assessment
of their corresponding likelihood and consequences if the failure eventually occurs.
Leading and lagging indicators are then developed to monitor the performance of the
asset to prevent potential incidents [31]. Two types of risk based approach are discussed
below.
2.6.1 Risk Base Inspection (RBI)
Risk Based Inspection (RBI) methodologies are becoming standard industrial practice
for the management and planning of in-service inspection activities. According to
Horrocks et al [32], these methodologies seek to define and manage the risk associated
with individual equipment, such that items that constitute the highest risk receive the
greatest attention from a planned inspection program.
RBI provides detailed evaluations of the mode of failure, the barriers to prevent, control
or mitigate these failures, and results in an inspection programme to effectively identify
potential failure before they occur at reduced cost [33]. RBI is discussed later in details.
2.6.2 Reliability Based Maintenance (RBM)
The oil and gas process plants and facilities require essential targeted continuous
maintenance to ensure high levels of reliability and safety. A Risk Based Maintenance
(RBM) strategy is a useful tool to plan and design a cost effective maintenance schedule
[34]. The unexpected failures, the down time associated with such failures, the loss of
production and, the higher maintenance costs are major problems in any process plant.
RBM approach helps in designing an alternative strategy to minimize the risk resulting
from breakdowns or failures [35].
The RBM methodology is comprised of four modules;
Identification of the scope of maintenance Risk assessment
-
8/9/2019 Emmanuel Mbata 2013
26/100
16
Risk evaluation
Maintenance planning.
Krishnasamy et al [36] explained that, using this methodology, one is able to estimate
risk caused by the unexpected failure as a function of its probability and consequence.
Critical equipment can be identified based on the level of risk and a pre-selected
acceptable level of risk. Maintenance of equipment is prioritized based on the risk,
which helps in reducing the overall risk of an asset.
2.7 Safety Critical Element (SCE), Major Accident Hazard (MAH), Risk Based
Inspections (RBI) and Performance Standard (PS)
2.7.1
Safety Critical Element (SCE)
SCEs as defined earlier are those systems and components (including computer
programmes, hardware, procedures etc.) designed for the purpose of preventing,
controlling or to mitigate major accident hazards (MAHs) and the failure of which could
cause or contribute substantially to a major accident. These include SIS, structures, fire
and gas detection, and ESD, blow down, temporary refuge etc. According to HSE [2],
the term “contribute substantially to a major accident” is intended to include within the
category of SCE those parts whose failure would not directly initiate a major accident but would make a significant contribution to the chain of events which would result in a
major accident.
As assets age, it is very important to ensure that the SCEs are still capable of performing
their intended functions efficiently and effectively whilst protecting health, safety and
the environment.
Marty et al [37] explained that in AIM, duty holders must ensure that the SCE lifecycle
management should involve identification of the MAH, selection of the SCEs by
identifying structures and plant which can cause, contribute to, prevent or mitigate a
major accident event and develop Performance Standards (PS) for the identified SCEs.
This management plan should involve alignment of planned targeted maintenance,
inspection and testing etc. required to ensure the SCE meet it’s required PS.
Unnikrishnan [38] added that managing deviations or changes and impacts on MOC is
also a critical part of the lifecycle management of SCEs. The continual monitoring of
the status of the hardware barriers and performance assurance task (using a feedback
-
8/9/2019 Emmanuel Mbata 2013
27/100
17
loop) enable management and operators to analyse the ongoing conformance of the
SCEs with their PS. This provides opportunity for improvement and possibilities for
further risk reduction.
A comprehensive risk assessment is the best practice approach for the identification of
the SCE and the eventual definition of the required PS. This involves the detailed
identification of all hazards associated with different phases of the asset life [39]. This is
achieved by performing a number of HAZID exercises and representing the information
from the HAZID workshops using Bowtie diagram. Bowties are graphical
representations providing information related to hazard with threats which could release
the hazard’s potentials on the left hand side of the graph and the consequences on the
right hand side [40].
On each threat branch of the bowtie, there are shown barriers which are control
measures provided to prevent the threat from arising. Similarly, on each consequence
branch, there are mitigation barriers and recovery control measures which are
considered to provide risk reduction from the consequences [41].
The Figure 2.5 shows the barriers (SCE) on both sides of the top event (Hazard)
-
8/9/2019 Emmanuel Mbata 2013
28/100
18
Figure 2.5: SCE groups and Bowtie diagram [40]
The Swiss cheese model at the top of the bowtie diagram in figure 2.5 shows the
realisation of the hazardous event if all control safety barriers fails and the escalation of
the consequences if all mitigating safety barriers fails
For an effective life cycle management of SCE, the following point should be noted
[41];
The PS for the SCE should be defined based on the MAH (more on PS in the
next sub-heading).
The PS which describes the equipment operating parameters at which the safety
system fulfils its safety functions, should be defined for the SCE based on
recognised industry standards e.g. The British Standard (BS), International
Standard Organisation (ISO) etc.
To ensure the continuous integrity of the asset, it is important that correct
maintenance verification and test frequency is assigned to each SCE.
-
8/9/2019 Emmanuel Mbata 2013
29/100
19
SCE’s should be graded based on the risks associated, this assists in prioritizing
maintenance. It is important also to monitor the maintenance of non SCE’s
because their failure can increase the workload of the SCE eventually resulting
in major accident.
The reliability and availability target for the SCE should be specified. The best
approach to achieve this is to use the risk based approach by performing Safety
Integrity Level (SIL) calculations.
In order to avoid ambiguity, the PS should have a clear pass/fail criterion. This
would assist the verification operator to document the results clearly which
could be used for further analysis of the performance of the SCE.
2.7.2
Risk Based Inspections (RBI)
The scope of an inspection and frequencies has traditionally been time based and driven
by statutory regulation or insurance requirements and industry practices. Major
shutdowns were planned to take place at particular fixed intervals, and it was normal
practise to open, clean and inspect all equipment irrespective of its condition or
necessity. The inspections when completed were often unfocused and indiscriminate,
resulting in large amounts of data which are in most cases irrelevant. These practices,
although inflexible, have to an extent, provided adequate safety and reliability. They just have not been cost effective or efficient [42].
The Risk Based Inspection (RBI) approach is an effective inspection planning tool
supporting the engineers in their quest to focus the inspection and maintenance efforts
into the high risk operating assets, while assigning an appropriate effort to the lower risk
equipment. The end deliverable of RBI is a comprehensive inspection plan developed
through a risk management process that aims at ensuring the integrity of an asset in the
most cost effective manner [43].
RBI is an integrated methodology that factors risk into inspection and maintenance
decision making. It is a systematic and structured approach for developing inspection
plans using risk management techniques that identify the probability/likelihood of
failure and the consequences of such failure from the human, environmental, assets and
reputational viewpoints [44].
Overall, since a relatively large percentage of risk is associated with a small percentage
of equipment, the RBI methods improve the management of risk through closely
-
8/9/2019 Emmanuel Mbata 2013
30/100
20
focussing on the critical areas of the asset, and reducing efforts on the non-critical areas
i.e. inspection effort is proportional to the criticality of the operating asset [45].
The RBI methodology provides a logical, documented and repeatable system for
making informed decisions on inspection frequencies, details of inspection, inspection
scope etc.
2.7.2.1 RBI Process
According to Peterson et al [42] The RBI process consists of;
Carrying out a Risk assessment on the asset
Using the results of the assessment to determine the inspection frequencies and
scopes.
Before performing a criticality risk assessment, three basic questions should be asked,
this are;
What can go wrong or what are the potential failures?
What are the probabilities or likelihood of the failure events occurring?
What are the possible consequences of these failures?
2.7.2.2 Risk Assessment Process
Risk assessments are fundamental tools in the safety community. They help make and
implement decisions regarding safety, which in effect prevent accidents, improve safety
performance, and reduce Operational Expenditure OPEX by systematically identifying
and evaluating hazards concerning the design and potential failures [46].
To conduct a risk assessment, the following process has been developed;
Identify the hazards
Frequency assessment Consequence assessment
Risk evaluation
Action forward
-
8/9/2019 Emmanuel Mbata 2013
31/100
21
2.7.2.3 Hazard Identification
The first and most important step in any risk management program is to identify any
possible hazards associated with your activities. Unless hazards are identified,
consequence and likelihood reduction cannot be implemented.
Hazards identification is the act of recognising the failure conditions or threats, which
could lead to undesirable events.
The main item to determine the hazards is the amount of information which is known
about the equipment or conversely the identification of where there is a lack of
information. Even when information appears to be known, the risk based approach
requires the quality and accuracy of the information be tested and validated. Risk
increases when there is a lack of, or uncertainty in the information required to assess the
equipment integrity [42].
Information about the asset can be gathered from the design specifications, fabrication
records, operational experience, maintenance records, inspection records, the knowledge
of material degradation methods and the rates at which material degradation will, or has
occurred.
2.7.2.4
Frequency Assessment
This is the likelihood of the undesired event occurring and the rate at which these
specified events would be expected to occur in a specified period of time.
2.7.2.5 Consequence Assessment
This can involve the use of analytical models to predict the effects of different scenarios
or consequence of a failure event. Information exists describing the effects of hazardous
materials on humans, fire and blast effects on buildings and structures, dispersion and
environmental effects, etc.
2.7.2.6 isk Evaluation
Risk evaluation is used to determine the significance of a risk to the organization and
whether each specific risk should be accepted. The value indicating a risk and its
associated implications are arguably subjective but are nonetheless important for
assessing the risk status [47].
-
8/9/2019 Emmanuel Mbata 2013
32/100
22
For a given risk event (e.g. accidental hydrocarbon release), each of the release criteria
is evaluated based on the likelihood and consequence. Likelihood is the probability of
occurrence and Consequence is the severity of impact. In quantitative risk assessment,
the risk is the product of the numerical consequence and the probability of occurrence
[48]. (See figure 2.6).
According to Clare et al [48], Consequence and likelihood can each be assessed using
various methods of varying complexity, ranging from qualitative to quantitative.
Figure 2.6: Major Component of the Risk Evaluation Process [48]
-
8/9/2019 Emmanuel Mbata 2013
33/100
23
The simplest form of reporting risk is by simply grading the possible consequences and
likelihood of the failure events as high, medium or low. The preferred approach is to use
a Risk matrix to assign risk.
An example of a typical Risk Matrix is shown in Figure 2.7 below.
Each asset will fall within a cell in the matrix corresponding to the likelihood and
consequences of failure.
Risk = Likelihood×Consequences
C o n s e q u e n c e
V e r y s e r i o u s
4
8 12 16
S e r i o u s
3 6 9 12
M a r g i n a l
2 4 6 8
M i n o r
1 2 3 4
Low
(A)
Medium
(B)
High
(C)
Very High
(D)
Likelihood
Figure 2.7: Typical 4x4 Risk Matrixes
-
8/9/2019 Emmanuel Mbata 2013
34/100
24
Unacceptable Urgent Attention
Undesirable Action
Acceptable Monitor
Desirable No action
Table 2.1 and Table 2.2 show sample definitions for Likelihood and Consequence for
4X4 Risk Matrix
Table 2.1: Definitions of Likelihood for Typical 4X4 Risk Matrix
Likelihood Ranking Likelihood Category Definitions
A Low Not likely
B Medium May occur
C High Probable Occurrence
D Very high Occurred/Occurring
Figure 2.8: Risk Ratings
-
8/9/2019 Emmanuel Mbata 2013
35/100
25
Table 2.2: Definitions of Consequence for Typical 4X4 Risk Matrix [42]
Consequence Ranking Consequence Category Impact
1 Minor First aid, little/no response,
minor equipment cost
2 Marginal Medical aid, limited
response, equipment
repairs, minor losses.
3 Serious Serious injury(s), major
response, major downtime,
expenses.
4 Very serious Fatality(s), long term
environmental, permanent
shutdown
2.7.2.7 Action Forward
The underlying implicit assumption is that in a competent organisation, findings from
the RBI will be followed by proper actions that will actually reduce equipment risk and
ensures the integrity of the asset [42]. The action plan may include one or a combination
of the following activities [42];
Follow up inspection
Asset monitoring
Asset replacement
Operational procedure changes
Use of upgraded materials
Instrumentation upgrade
2.8 Major Accident Hazards (MAH)
Major Accident can be thought of as an occurrence such as major emissions, spill, fire
or explosion resulting from uncontrolled developments in the course of operations and
can lead to multiple fatalities or serious danger to the environment. MAH are hazard
that has the potential of resulting to a major accident e.g. hydrocarbon releases [49].
Craddock [50] explains that, major accident occurs because of failure to identify or
recognise MAH and take adequate steps to manage the associated risks. Major accidents
-
8/9/2019 Emmanuel Mbata 2013
36/100
26
are low frequency very high consequence events requiring careful management. This
needs to be supported by a safety culture that has all levels of an asset organisation
engaged in the common goal of major accident prevention. This starts with committed
leadership. Leadership that is complacent about low frequency high consequence events
will be leading an organisation that is closer to triggering a major incident than a
leadership that is mindful about such events.
It is important to recognise that for this class of failures, the primary risk control
measures are built into the system at the planning selection, design, construction, and
installation phases (i.e. ensuring the integrity of the asset in all phases). Major incidents
are not driven by operational considerations i.e. they do not necessarily require
operational failures to be realise, and may occur even if a system is operated within its
design envelop [51].
2.9 Performance Standard (PS)
PS are statements which can be expressed in quantitative or qualitative terms, of the
performance required of a system, item or equipment, person or procedure, and which is
used as the basis of managing the hazard e.g. planning, measuring, control or audit
through the life cycle of the asset (SCE). Or, they are documents describing the criteria
for the assessment of the asset (SCE) for compliance with minimum requirement to
asset operations and characterizing its performance criteria [41, 40].
Marty et al [37] explains that, The PS standard defines the following criteria for each of
the SCE;
Functionality of the SCE i.e. response time of the SCE
Availability of the SCE i.e. the handiness of the SCE
Reliability i.e. the ability of the system to perform its required functions when
it’s needed.
Survivability i.e. the ability of the element to deliver its function if exposed to an
undesired event e.g. fire, blast, vibrations, etc.
Interdependency i.e. other systems necessary for the function of the SCE to
perform adequately e.g. emergency power supply for SIS [37].
-
8/9/2019 Emmanuel Mbata 2013
37/100
27
2.9.1 Integrity Assurance
These are assurance activities performed to confirm that the asset meets the required PS
during design and throughout the operational lifetime of the asset. At the design stage,
such assurance is undertaken through the use of appropriate design codes and standards,
best practise, risk based approach, design review etc. by suitable qualified, experience
and competent persons [37]. Assurance activities during operational stage include
inspection, test and maintenance.
The activities mentioned above are required in other to enable;
2.9.2 Verification
Verification tasks are carried out in order to verify that the previously defined PS for the
SCE is achieved. According to Dhar [41], this is system of independent and competent
scrutiny of the suitability of SCE throughout its life cycle. The process of identifying
SCEs, producing PS and performing Assurance is monitored and verified by an
Independent Competent Person (ICP). Verification is a sampling process and includes
document review, checks using calculation, physical examination, testing or witnessing
of tests, audit, and confirmation of records during the operational life of the asset.
-
8/9/2019 Emmanuel Mbata 2013
38/100
28
2.10 RBI, MAH, SCE and PS Loop
The flow chart above shows the relationship between RBI, MAH, SCE and PS. For an
effective AIM, a RBI is carried out on the asset in other to identify MAH associated
with the asset. Then the SCE are grouped into barriers for preventing, controlling or
mitigating the consequences from a major accident. The PS is specified for all the
identified SCE first to ensure the suitability of the SCE in the design and construction
Figure 2.9: RBI, MAH, SCE and PS Loop
An Asset
Major Accident
Hazard (MAH)
Safety Critical
Element (SCE) toPrevent Major
Accident
Major accident
Occurs
Safety Critical Element
(SCE) to mitigate the effect
of Major Accident
Definitions of Performance
Standards (PS) for the SCE
Risk based inspection (RBI) to
classify MAH
-
8/9/2019 Emmanuel Mbata 2013
39/100
29
phase and secondly the performance criteria that ensures the on-going suitability of the
SCE in the operational phase. The defined PS detail the goal of the SCE, functionality,
suitability, availability, reliability and interdependency and also the acceptance pass/fail
criterion for which the performance of the SCE will be measured and recorded.
-
8/9/2019 Emmanuel Mbata 2013
40/100
30
3 METHODOLOGY
This chapter includes a review of the research method and design appropriateness, a
discussion of the population and sample, methods used in the collection of data, theapproach used in the analysis of collated data, ethical consideration and limitations.
This research was carried out in three main parts. The first was aimed at identifying key
background issues/studies relating to AIM. The second concentrated on the collation
and assimilation of available data. Specifically, it examined information relating to the
KP3 reports, review and studies on integrity management together with the data from
the questionnaire and notes made from the unstructured interviews with some TAs and
asset integrity managers. The final phase involved the analysis of all of the available
data, draw conclusions and make recommendations based on the findings.
An overview of the process is shown below with colour codes representing the different
parts.
TASK 1
Literature Review
TASK 2
Pilot interview/Brainstorming
Section with AISG
TASK 4
Sort Data from Duty-
Holders/Unstructured
TASK 3
Source for Information from
Duty-Holders via
TASK 5
Analysis and Discussions
TASK 6
Conclusions &
Figure 3.1: Overview of Process
-
8/9/2019 Emmanuel Mbata 2013
41/100
31
3.1 Population and Sampling
The main focus of this research was on the UK oil and gas industry. This involves duty-
holders operating in the UKCS of the North Sea. A form of sampling was introduced.
As explained by Silvermann [52], the purpose of this sampling was to study a
representative subsection of a precisely defined population in order to make inferences
about the whole population. Within the duty holders, the participant includes Asset
Integrity managers and TAs.
The above participants were chosen because of their relevance and experience to answer
the research question. It was necessary to employ this form of sampling techniques
because of the time and resources available to the research.
3.2
Data Collection Method
3.2.1 Pilot Interview
A pilot interview was done prior to administering of the questionnaire to inform me on
the approach to take in the design of the questionnaire. As described by Punch [53] it is
a small-scale trial before the main investigation with the intention of assessing the
adequacy of the research design and of the instruments to be used for data collection.
The pilot interview studies was crucial to this research which was primarily based on
questionnaire to gather data, since there will not be an interviewer present to clear up
any confusion when the participant are trying to answer the questions.
3.2.2 Questionnaire
This phase of data collection involves generating of questions to design the
questionnaire based on the findings from the pilot interview, brainstorming section done
with the Asset Integrity Steering Group (AISG) of Step Change in Safety and findings
from the literature review. The designed questionnaire was forwarded via an e-mail to
the participating companies. This method of distribution was preferred because it was
easier to reach a larger population.
Though questionnaire was seen as the best method of gathering data for this research
considering the time available, it is not without its own pros and cons. The pros include,
it was cheap particularly for group administered, it is far quicker to conduct, absence of
interviewers effect, and at the convenient for respondent.
-
8/9/2019 Emmanuel Mbata 2013
42/100
32
Nevertheless, the cons also include, the response rate was low, the fear of given some
confidential documents out and there were no one present to help the respondents if
they are having difficulty answering questions. In other to mitigate some of the cons, a
good covering letter explaining the reasons for the research, why it is important and
why the recipient has been selected and a guarantee of confidentiality was attached to
the questionnaire (see Appendix A). Furthermore, a simple questionnaire with clear
instructions and an attractive layout was designed.
The questionnaire contains 22 questions in total including open and close -ended
questions. It is assumed that the likelihood of response to this format considering their
busy schedule is more compared to using all open-ended questions. In addition, the
weakness associated with either form of question is the strength of the other.
The administration of the questionnaire to the target participants and the persistent
contact of the respondent to ensure quick response to the questionnaire were made
possible through the AISG of Step Change in Safety.
3.2.3 Unstructured Interview
These involved informal interviews and discussions conducted to explore or get a wider
understanding on the topic being researched. There was no predetermined list of
questions to work through in this situation, just knowledge of the aspect I want to
explore. As mentioned earlier, the interview was purely informal. The interviewee is
given the opportunity to talk freely about events, behaviour and beliefs in relation to the
topic area [54].
I was able to have three different unstructured interviews, two of which were from TA
working in the UK and the third was with TA in the United State of America. The
information obtained from this interviews where used to explore and explain themes
that have emerged from the use of the questionnaire.
3.3 Data Analysis Method
Various methods of data collection produce different types of data that requires different
handling strategies. The main method of data collection for this research was the use of
the questionnaire and an unstructured interview to explore on findings.
-
8/9/2019 Emmanuel Mbata 2013
43/100
33
First step involves reproducing the collated data so that they provide a fair summary of
what has been studied and so that they can be analysed readily to answer the
researcher’s questions.
The questionnaire as stated earlier, contains both closed and open-ended question, the
first step was to code this data, i.e. transforming the data from the questionnaire into a
form in which we can analyse efficiently. For the unstructured interviews, the analysis
of the data was a bit challenging since there was no interview agenda. This was finally
overcome by constantly visiting the note made from the discussions and ideas that form
in my head. This process continued until I felt fairly confident that I had identified the
set of variables that I needed and could measure, and had also identified some of the
main categories of each variable. The data extracted was also coded. The themes arising
from the coded data will be linked to the research objective in analysis providing a
framework with which findings will be reported and discussed.
The data was analysed using EXCEL, a personal computer based analysis software.
This was chosen because it is particularly useful in basic statistical analysis.
3.4 Research Ethics and Limitations
3.4.1
Research Ethics
During the period of this research, careful steps were taken to ensure that the way the
research was design is both methodologically sound and morally defensible to all those
who are involved. A confidentiality agreement was signed with the participant and also
a cover letter detailing what the research is about, the aims and objective of the research
and statements on the use of the data assuring confidentiality and anonymity of the
respondents (see Appendix A).
3.4.2 Limitations
The major limitation of this work is the poor access to primary data and time. Due to the
busy schedules of the target respondent, it was difficult to get them to respond to the
questionnaire. Likewise, it was impossible getting approval for interview with
representatives from the respondents, HSE, asset integrity managers and TAs as
proposed to clarify some of my findings. This limited the number of data and the
amount of respondent. To help overcome this limitation, a meeting with the members of
-
8/9/2019 Emmanuel Mbata 2013
44/100
34
the AISG was organised to brainstorm on the available data and make relevant
contributions.
-
8/9/2019 Emmanuel Mbata 2013
45/100
35
4 DATA ANALYSIS AND DISCUSSION
In 2009, following the findings from KP3 as regards the declining nature of the
influence of the TAs; the OSD of HSE conducted a review of the industry’s progress.
The review concluded that there have been real changes to, and strengthening of, the TA
functions in a number of companies which are showing tangible benefits. The challenge
remaining for the industry according to OSD is to ensure that the enhancements to the
TAs’ role and resources are replicated uniformly and consistently across the industry
[56].
Based on the findings of the OSD of HSE, a questionnaire was developed to understand
the current implementation of the role of TAs across duty holders in the UKCS. This
chapter contain the data presentation, analysis and discussion of the findings.
4.1 The Questionnaire
The questionnaire is structured into 3 sections;
The organisation: To understand the organisational structure
TA Standard/Framework: To understand the TA’s discipline and the basis
within which TA’s are selected
The role definition and organisation approach: To understand the
implementation of the TAs within the organisation
This section details the findings from the questionnaire after coding of the data into the
different sections. (See Appendix B)
A total of 7 duty-holders responded to the questionnaire, with a combined total of 44
operating platforms within the UKCS. The platform includes FP, FPSO, Manned and
NUI platforms. The respondents are involved in explorations and productions,
consultancy, Engineering Procurement and Construction, project management. To
ensure anonymity, the respondent are hereafter referred to as Company A, B, C, D, E, F
and G. The pie chart below shows the percentage distribution of the offshore platforms
across the respondents.
-
8/9/2019 Emmanuel Mbata 2013
46/100
-
8/9/2019 Emmanuel Mbata 2013
47/100
37
The flow chart below summarises the responses.
Figure 4.2: Flow Diagram for TA reporting Structure into Senior Management
The flow diagram shown in figure 4.2 above summarises the organisational structure
within which the TAs seat in, and how they report into the senior management within
the respondent organisation. The responses show a strengthening of the TAs within the
organisational structure of the respondent.
4.1.2 TA Standard/Framework
The TA in a company as mentioned by HSE act as a backstop against continuing
operations with degraded SCE, their function is to provide expertise and judgement on
key operational engineering issues [2]. This is an important strategic role particularly in
decision making relating to the continuing operations with degraded SCE, equipment
integrity and MAH management. To get a clear understanding about TAs and the
required qualification for this strategic role, the duty holders were asked to state the
basis upon which they select their TA’s.
-
8/9/2019 Emmanuel Mbata 2013
48/100
38
The stacked bar chart below (figure 4.3) summarises the responses from the respondents
with the colour code matching each respondent, and the bar chart in figure 4.4 showing
the percentage of respondent in agreement.
Figure 4.3: The Basis for Which TA's are Selected
Figure 4.4: TA Selection Basis % in Agreement
From the bar chart above in figure 4.4, it can be inferred that the TAs are recognised
engineers in their various discipline appointed by the organisation within a specific
technical discipline to provide independent technical advice.
-
8/9/2019 Emmanuel Mbata 2013
49/100
39
4.1.2.1 TA Disciplines
The duty holders where ask to list the TA’s discipline within their organisation. This
question was asked to have an understanding on the critical discipline occupy by TAs
across the industry. The stacked bar chart below (figure 4.5) summarises the responses
from all respondent and the bar chart in figure 4.6 shows the percentage of respondent
in agreement.
Figure 4.5: TA Discipline within Duty Holders in the UKCS
-
8/9/2019 Emmanuel Mbata 2013
50/100
40
Figure 4.6: TA Discipline % of Respondent in Agreement
-
8/9/2019 Emmanuel Mbata 2013
51/100
41
As stated earlier, the duty holders are involved in various operational activities within
UKCS; this explains the weak percentage of agreement notice in most of the TA’s
discipline. Different organisations select their TA’s discipline based on their specific
MAH operational activities or the relevance of the discipline to the organisation.
Nevertheless, there were some TA’s disciplines that had strong agreement across all
respondents, disciplines such as the mechanical/pressure vessels TA, structural TA,
electrical, instrumentation and control TA, process/technical safety TA, materials and
corrosion TA. These are disciplines with high potential of resulting in major accident if
not properly managed and they are susceptible to degradation as asset age. An
explanation of the TA’s discipline is given below;
The Mechanical/Pressure vessel TA: This TA is accountable as the company’s
authority for providing technical expertise to other departments on piping,
valves and vessel engineering issues with special emphasis on pressure
containment and vibration issues. It is a known fact that the effective pressure
containment of vessels and pipe work is essential to minimising the risk of
hydrocarbon releases. Maintaining the mechanical integrity of a vessel is a
significant factor in ensuring contained fluids is not accidentally released.
Structural TA: According to the HSE, TA act as a backstop against degraded
SCE, safety related equipment’s and structures. In other to prevent MAH, the
structural TA should have a good understanding of the behaviour of the
structure, and the degradation and failure mechanisms of critical structural
elements. This is necessary to prevent structural failures leading to hydrocarbon
releases or other catastrophic consequences which can lead to multiple fatalities
[2]. Structural integrity management is the principal barrier to safeguard assets
and those working offshore from MAH. The integrity of this offshore structures
depend on the structural TA getting it right at the design and construction stage,
and keeping it right over the life cycle of the structure.
Electrical, Instr