"That'll never happen." Famous last words. Things can and will go wrong. The job of the business owner and engineers is to anticipate, evaluate, and mitigate possible risks in the operation. Especially if those risks include the potential of loss of life, facilities, and equipment. Risk management and risk assessment are tools to assist companies in understanding and mitigating potential problems.
Anticipate the Risks:
This involves identifying the risks to the operation. The best way to start is to construct what-if scenarios. What if there was a major lightning strike on the north tower? What if a blowout preventer failed? What if our computer controllers are hacked? Identify key safety processes and discuss what would happen if each failed. Include a review of injury, maintenance, and incident reports, the near misses as well as the losses.
The best brainstorming sessions include staff from all parts of the operation, including the front line workers. They often know the dangers better than management because they've been on the receiving end of the close calls.
Evaluate the Risks:
Separate the risks into groups (some may fall into more than one category.) As an example, headings might include loss of life/injury, loss of the facility, loss of equipment, loss of data, loss of income, environmental damage, etc. Go through each category and rank the risks from highest damage potential to lowest. The same incident may rank differently in different categories.
This can lead to some sobering realizations such as if there was a fire at the south entrance, everyone in the maintenance bay would be trapped.
The next step requires expertise and analysis. Each risk needs to be considered by its probability of happening. For example, a natural disaster causing major property and environmental damage is going to have a higher probability in areas prone to hurricanes, tornadoes, and earthquakes. Conversely, equipment that is new, well-maintained, and has little or no record of operating problems is going to have a lower probability of failure.
The goal is to create a risk matrix. At a glance, a company can sort out high damage, but low probability occurrences from the more immediate risks faced by the company. In short, the risk matrix identifies the likelihood of a failure and the damages if it happens.
This can be a difficult procedure. Software experts have gathered data about everything from weather or injury reports and the programs can assist you in assigning probabilities of different types of failures. Creation of a risk matrix may start out as yellow pads and whiteboards, but in modern business, it will end up as a computerized summary identifying the company's key vulnerabilities.
Mitigate the Risks:
This isn't just good business, its good stewardship. Once the risk matrix identifies areas of improvement, the company can target resources to lessening or eliminating the problems. Rather than trying to hurricane-proof the entire facility, it could be as simple as clearing out trees and bushes around key valves and equipment. If there is a history of injuries, a job process can be reworked or additional safety equipment installed. Computers can be upgraded and expanded to include easily accessible cloud storage. Comprehensive risk management reviews can also weed out inefficient tottering equipment that is costing the company more in dollars and danger than it is worth.
Performing a risk evaluation is a major project. Depending on the size and complexity of the operation, it is a significant commitment of manpower and resources. But the payoff is increased efficiency, lower accident rates, and real savings by avoiding unnecessary downtime and repairs. Bonuses include a better relationship with safety and environmental regulatory agencies and potentially lower insurance rates. Contact us to discuss solutions to help streamline and improve your risk management system.
Visitors to public buildings pose a substantial security risk. This affects the oil & gas industry as much as any federal facility. A smart company can reduce that risk, however, by managing its visitors.
Some visitor management systems are "low-tech"; that is, the person signs her name, the time she enters the building, what office/employee she will visit, and signs out when leaving the building - all done using pen and paper.
The most successful visitor management relies on computerized systems to confirm visitor identity, conduct background checks, confirm security clearances and otherwise obtain information with regard to the person that may affect his or her ability to visit or that impacts the company.
To be successful, a visitor management system should combine security checks with access control. The low-tech method used keys, key cards, and badges to limit access to sensitive areas. Comprehensive visitor management systems now use smart software technology and web-based programs able to document a visitor's whereabouts in the building and track building usage by specific visitors. Some include registration through a portal before the visit. This technique helps the business check the identity and security clearance to fast-track the visitor when he arrives. The visitor management process begins several days before the actual visit and isn't completed until after the visit is over and all information analyzed.
For more information on how Accupoint’s solutions can help you manage your visitor management process, visit www.accupointsoftware.com or call us at (800) 563-6250. We always appreciate the opportunity to share information on systems that can help your business become more efficient and positioned to meet global business standards.
03/02/2006, 07/26/2010, and 05/19/2015. To the average person, these dates mean birthdays, anniversaries, birth and deaths. But to the petroleum industry, these are considered some of the costliest failures of quality management in recent petroleum history.
Prudhoe Bay, Alaska (March 2, 2006): Because of lack of maintenance, cracks in a pipeline spilled 843,000 gallons of petroleum, devastated pristine landscapes, killed wildlife and made people sick.
Final cost: $500 million.
Kalamazoo River, Michigan (July 26, 2010): Lack of maintenance caused a pipeline rupture that spilled 267,000 gallons of petroleum spilled into the Kalamazoo River.
Final cost: $800 million
Refugio, California (May 19, 2015): The decision not to install a simple shutoff valve caused the decimation of local wildlife, contaminated beaches and will continue to affect ocean life for many years to come.
Final cost: Yet to be determined
As you know, there are many other incidents within the industry where the question of adequate detection and mitigation could have reduced the impact of the incident. In fact, at a very basic level and according to the API Spec Q2 standard, your risk assessment and management should “control risk throughout the execution of a service.” In order to maintain compliance, your procedure should:
In short, managing risk requires proactive and preventive measures to protect your organization’s and customer’s interests. Detection and mitigation of risk potential should be at the core of your total risk assessment strategy.
For more information on how Accupoint’s solutions can help you manage your risk assessment process, visit www.accupointsoftware.com or call us at 800.563.6250.