Please Wait...


Questions of the Week

Primatech posts weekly questions relating to various aspects of safety, security and risk on the home page of our website together with answers to provide visitors with the opportunity to test and improve their knowledge of these subjects. This page contains questions and answers that have appeared in previous weeks.

How often should a revalidation PHA be conducted?

OSHA's PSM standard states: "At least every five (5) years after the completion of the initial PHA, the PHA shall be updated and revalidated by a team meeting the requirements in paragraph (e)(4) of this section, to assure that the PHA is consistent with the current process."

However, a periodic PHA revalidation may need to be performed more frequently for any of the following reasons:

  • Cumulative number of changes
  • Major changes
  • Significant incidents or an unfavorable trend
  • Knowledge of significant omissions and deficiencies
  • Concern about the quality of the previous PHA
  • High risk processes
  • Reconciliation of PHA approaches after mergers / acquisitions

How does a PHA Team consider conditional modifiers when conducting a Process Hazards Analysis (PHA) using risk ranking?

Risk ranking uses estimates of severity and likelihood to estimate the risk for hazard scenarios. Severity estimates assume that the plausible "worst-case" set of conditions is in effect, and that safeguards are disabled or ineffective. Likelihood estimates factor in the probability of failure of safeguards and conditional modifiers.

Conditional modifiers are adjustment factors that are applied to the scenario likelihood. Three common ones are:

  • Probability that a person will be present to be exposed to a hazard. This value may be very low for some process areas, such as a remote tank farm.
  • Probability that a flammable / explosive material will be ignited. Historically, many flammable releases have occurred without subsequent ignition.
  • Probability that harm will occur if an individual is exposed. An individual in the area of release may be able to evacuate the area safely.

The consideration of conditional modifiers may make the risk of a worst-case scenario tolerable. Correctly applied, these modifiers can produce more realistic risk estimates.

Should a Process Hazard Analysis (PHA) team address enablers as part of a PHA that will be used in support of a Layers of Protection Analysis (LOPA) study following the PHA?

PHA teams should take time to address enablers for several reasons including:

  • Enablers are often key parts of hazard scenarios.
  • Their inclusion produces more accurate risk estimates.
  • The effort required to include enablers is normally not substantial.
  • Conservative assumptions can be made to help avoid risk underestimation.

Can operator intervention be credited as an Independent Protection Layer (IPL) in a Layers of Protection Analysis (LOPA) study if a failure by the operator initiated the scenario?

By definition, IPLs must be independent of other elements of the scenario, such as the initiating event. If the initiating failure was attributable to the same operator who is to intervene, the IPL cannot be credited as it is not independent of the initiating event.

What guidelines can be used to help determine which multiple failures to address?

Some possible guidelines for considering multiple failure scenarios are:

  • Two concurrent human failures are credible.
  • A single equipment failure coupled with a single human failure is credible.
  • The simultaneous failure of two or more independent pieces of equipment may not be credible.
  • A single equipment or human failure with an external event may not be credible.
  • Simultaneous occurrence of two or more independent external events may not be credible.

Should a Process Hazard Analysis (PHA) team address only single causes of failure or is there also a need to also address multiple causes of failure?

The primary argument for addressing only single cause failures is that corrective actions taken to protect against them will also protect against multiple failures. While it is true that actions taken to prevent single failures that can contribute to multiple failures will help to prevent the multiple failures, there are several reasons to consider multiple failures as credible PHA scenarios including:

  • Multiple failures may occur as a result of dependency between the single failures, such as miscalibration of identical instruments on two different vessels resulting in simultaneous overfill of both vessels.
  • Multiple failure scenarios may have more severe consequences than scenarios involving any one of their contributors.
  • Protective actions against single failures may not have been necessary because of the lower level of consequence for the single failure versus the higher level of consequence for the multiple failure case.

When should a Process Hazard Analysis (PHA) be conducted on a procedure?

Consideration should be given to conducting a PHA on procedures when:

  • A procedure relates to a high risk process or activity, for example, startup or shut down for a complex manual valving operation in a reactive batch process.
  • A process experiences numerous incidents related to human failures.
  • A procedure is questionable, for example, when operators have complained about the difficulty of using it.
  • Developing new procedures to improve their quality.

How does Layers of Protection Analysis (LOPA) relate to Process Hazard Analysis (PHA)?

PHA is used to identify hazard scenarios and provide a qualitative estimate of their risk. LOPA provides a more quantitative estimate of the risk of a hazard scenario and is used to compare risk estimates with risk tolerance criteria. Criteria can be established for individual scenarios, a process, or a facility. Summations of LOPA risk estimates are used to evaluate process and facility risk. LOPA risk estimates are used to help make decisions on the implementation of recommendations to reduce risk and to determine safety integrity levels for safety instrumented functions.

Is Layers of Protection Analysis (LOPA) required by OSHA?

LOPA is not specifically required by OSHA. However, OSHA has endorsed the IEC 61511 / ISA 84 standard on safety instrumented systems as a recognized and generally accepted good engineering practice covered by the Process Safety Management (PSM) standard. LOPA is one of several techniques identified in the IEC 61511 / ISA 84 standard that can be used for the determination of safety integrity levels, although no specific techniques are endorsed or required.

What is the most important human factors issue for Process Hazard Analysis (PHA) team members?

PHA team members may have similar experience and backgrounds but they may have very different personalities which can have a marked impact on how well they work together as a team. Careful selection of team members is critical for a successful study.