Did you know that the operational controls element has been routinely identified as the most challenging to implement out of all 10 elements of API 1173? Maybe that is due to the sheer volume of controls that already exist or the fact that this volume underscores the likelihood that no one could know and understand all the procedures in detail. Or, perhaps it’s because the operational controls element forces us to be self-critical and admit that we can be better.
In the context of a safety management system (SMS), operational controls are those things that are in place to minimize the likelihood of a hazard leading to a risk event or safety incident and to minimize the consequence when an event or incident occurs.
When considering operational controls, most people think about those things that are obvious and easy to understand because they happen to them directly. This would include things such as wearing PPE, which is the most basic form of control when it comes to safety.
At the next level, we hand employees a procedures manual or send them through training. These administrative controls tell the worker how to do the job and prepare them to do it in a standard and consistent way.
The further you go up on the hierarchy of controls, the more complex and expensive the solution may be, but it is also much more effective at preventing an incident. For example, the advent of the excess flow valve has been an effective engineering control over the standard curb valve when damage to a service line occurs. Similarly, replacing asbestos pipe coating with a natural product such as wax tape is an effective substitution control that better protects the worker. Or, perhaps you redesign a regulator station to eliminate having to work from heights.
API 1173 focuses more on administrative controls, procedures, and training. The higher-level controls should be outcomes of integrity management programs and your engineering processes. All operational control types are necessary for an effective SMS and should be considered when minimizing risk.
Operational controls are either preventive or responsive. Preventative control is intended to keep risks and hazards from occurring. An example would be locating a service line to prevent excavation damage. A responsive control is intended to minimize the consequence if the risk does occur. Unfortunately, we know that service lines get cut every day. Having an excess flow valve or your emergency response procedures in place would be examples of responsive control should a service line be damaged.
One of the most important outcomes of conducting a risk assessment is visually seeing the relationship between the hazards, controls, risks, and outcomes. By leveraging tools such as a bow-tie analysis or process hazard analysis, you can see these relationships. Typically, these analyses are facilitated events where you engage a small team of process owners in the exercise of identifying and documenting an operational control and which hazard of consequence it is intended to prevent or minimize.
The gas business is rich with documented operational controls because of all the regulations. However, with all these procedures, it is challenging to understand how they are related and where there are gaps. Unfortunately, it’s often an incident that drives us to take a deeper look into operational controls to identify improvement opportunities.
An SMS is at its best when you facilitate intentional and routine risk assessments, including reviewing your operational controls, assessing their effectiveness, and improving them before an incident occurs.
Don’t assume that legislators and regulators have considered everything that needs to be in place to keep risk from occurring. We must think well beyond the compliance requirements when assessing our operational controls.
Controls should be specific, and evidence should be available to prove compliance and ensure that the control is working effectively. Often, participants in a risk assessment describe things that controls do but have no structure or procedure around them. This makes it difficult to assess if they are effective, and they certainly are not transferable or enforceable to others.
Documented controls are a foundation for compliance and the starting point for continuous improvement.
One of the more rewarding aspects of conducting risk assessments and mapping your controls is that individuals are often exposed to the effects that their work has on the processes of others. This is even more pronounced when mapping detailed processes during a continuous improvement event. This is one of the reasons that the management of change (MOC) requires an impact analysis.
Whether it be changes to controls, such as procedures and training, or changes that directly affect the pipeline system, such as changing a regulator set point or operating a mainline valve, there are decisions made every day that can affect the safety of a pipeline system and the stakeholders that operate it.
MOC requirements are straightforward and uncomplicated. The challenge, however, is that not all changes are created equal.
Changes come in many forms, so it’s essential to establish criteria as part of your MOC process. That allows you to differentiate the level of risk and impact on stakeholders so that you take the right action with the change. This might be as simple as informing the stakeholders of the change. Or perhaps the actions require something more rigorous, such as recording an acknowledgment verifying comprehension or requalification on the control. Your company’s response will be dependent on your risk tolerance.
Regardless, having a solid MOC process and good record keeping is vital so that you know that when a change occurred, it was fully implemented and properly documented. Suppose a procedural change is deemed a high priority. In that case, you need to be certain that the change has been communicated to all the affected stakeholders, validated that the change is understood, and, if necessary, the affected stakeholders have been requalified on the updated procedure.
Perhaps the reason that the operational controls element has been identified as the most challenging is not about what it states as a requirement but what it doesn’t explicitly state. Quality assurance and quality control processes are fundamental to understanding if your controls are effective and operating as designed.
It is important to leverage quality management principles as part of your SMS. Understanding quality assurance and quality control and how and when to apply these concepts are necessary to fully execute the requirements. The standard includes requirements for auditing, inspection, and effectiveness assessments, all of which are a part of the quality assurance process.
As it pertains to operational controls, it’s required that you maintain and follow procedures. This then requires you to measure whether they are being maintained and followed. The outcomes of the quality assurance and quality control processes are necessary to measure whether control is in control, validate that a change has been implemented as intended, and that risk has declined over time.
Due to the volume of work, you can’t check everything. Therefore, statistical analysis and sampling tools are essential to achieve a statistically valid result, which will provide you confidence in the results of your process control checks should you be audited. More importantly, that will be communicated to your stakeholders to ensure that you continue to receive support going forward.
EN Engineering has been helping our clients develop their SMS element procedures, including the operational controls element. This structure is vital to ensure consistent SMS execution and measure maturity and improvement over time. It will also help in response to an eventual compliance audit and connect the dots to all your other existing procedures and operational control documents.
We’ve also helped clients develop a comprehensive MOC process and have the capability to create models to consolidate and communicate MOC records. Our expert team has experience developing and implementing quality assurance and quality control processes, including conducting audits and inspections. This includes data analysis to identify issues created by process gaps or deficiencies.
Lastly, we work with our clients to develop systems, metrics, dashboards, and reports that allow them to see more quickly the effectiveness of their SMS, including the operational controls.
For more information about operational controls or implementing an SMS, please contact Jim Francis at email@example.com or 713-324-3950