Questions of the Week
Primatech posts weekly questions relating to various aspects of safety, security and risk on the home page of our website together with answers to provide visitors with the opportunity to test and improve their knowledge of these subjects. This page contains questions and answers that have appeared in previous weeks.
What PHA method should I choose for my PHA?
Simpler methods, such as What-If analysis, may be appropriate for processes that have extensive operating experience with little or no innovation or change, and for simple processes.
More sophisticated methods, such as HAZOP and MHA, should be considered for high risk processes, new processes, processes that have experienced many changes, and processes that have installed new, innovative features.
Can causes or initiating events be combined in PHA when generating hazard scenarios in order to reduce the amount of repetition that occurs?
Although there are no specific regulatory requirements for listing causes individually, the best practice is to keep causes separate if there is any doubt that the scenario consequences or safeguards could be different and result in different risk rankings and/or recommendations for each scenario.
Combining similar causes may be sensible in some cases, such as when any of the manual valves in the discharge of a pump may be misaligned. However, the PHA team must be sure that there are no considerations that would invalidate grouping of all the valves, such as the presence of a recirculation line back to the tank or a takeoff line between two of the valves.
Does the PHA team always have to address the worst-case consequence scenario for each initiating event?
OSHA's process safety management standard requires that PHA studies address "consequences of failure of engineering and administrative controls". Usually, this requirement is interpreted to mean that the consequence severity for a hazard scenario be evaluated assuming the failure of safeguards, that is, existing engineered or administrative controls.
Some companies make exceptions for certain passive safeguards. For example, a large spill of flammable material from a vessel within a diked area can be addressed assuming the dike fails and releases flammable material to the surrounding area or the dike can be assumed to maintain its integrity resulting in a contained flash or pool fire. The first case produces a larger pool fire area than the second case with higher potential for personnel injury. In the first case, the severity is higher than in the second case, but the likelihood is lower because the probability of containment failure is factored in.
What are the dangers of misapplying LOPA?
LOPA is a form of risk analysis. It is subject to over-conservative and non-conservative risk calculation. The former results in unnecessary IPLs that cause additional life-cycle costs and spurious trips. The latter results in under-protected processes and unacceptable risks.
How can I convince management of the value of LOPA?
One way it to analyze some previous incidents using LOPA. The results may be surprising. Often, the risk will be higher than was perceived and the recommendations that were developed may not reduce risk as much as believed. This may result in a managerial epiphany.
Why should I perform LOPA?
There are multiple reasons including:
- Meet regulatory requirements or expectations
- Comply with industry standards
- Apply good industry practices
- Avoid competitive disadvantages
- Focus resources on the most important safeguards
- Help manage liabilities from process risks
What information do I need to perform a LOPA study?
Four key pieces of information are needed:
- Descriptions of hazard scenarios
- Failure rate data for initiating event frequencies, IPL PFDs, and enabler multipliers
- Estimates of severities of scenario consequences
- Risk tolerance criteria for receptors of concern
Can operability be excluded from the scope of HAZOP studies?
Not easily. Often, operability scenarios cannot be recognized until much of the work of scenario identification has been completed.
Does a PHA scribe need to have a technical background?
Not necessarily, although it is advantageous. Scribes must be proficient with the means of recording studies, typically a software tool, and understand the technical terms used in PHA and to describe the process.
Does the geographical location of a facility affect the risk of the facility?
Yes, weather events that vary by location, such as flooding, tornadoes, hurricanes, and lightning, can cause process safety incidents.