Data management has been growing along with the availability of new systems capable of providing information in real time and transferring an enormous load of data which can make it difficult to read consistent information for decision making. The proposed model aims to establish criteria to make the parameters more reliable and clearer, making it possible to establish action plans consistent with the reality of the organization.
The method used an analysis and problem-solving tool to assess the sufficiency of the indicators used in monitoring critical equipment. A design research model was built through a systematic review of the Scopus and Web of Science databases to identify the essential elements that make up the Risk Management System, mapping the best tools used in each step. To validate the model, there was an application on an oil platform.
To define and elaborate the model, an analysis was made of the methods and tools most used to meet the requirements considered as an essential element in the risk management process.
Tools for meeting the essentials are shown in Table 1.
| Essential Element | How to Answer | Justification |
| Mapping and impact analysis of critical HAZOP processes | HAZOP | The purpose of risk identification is to map situations that could affect the scope of the system or organization and the methods used may include inductive reasoning techniques such as HAZOP, an acronym for “HAZard and OPerability Study”(“ISO/EIC 31010:2012”, 2009). |
| Definition of impact | Risk analysis in HAZOP scenarios using risk matrix | A robust barrier reduces the probability of an unwanted event. In the risk matrix, the horizontal line represents the consequences, and the vertical one represents the probability. The performance of the barrier can be effective in the probability of the undesired event occurring or it is able to reduce the consequences of the scenario, avoiding loss of containment of a hazardous material or mitigating an undesired consequence (Behie, et. al.). |
| Definition of critical elements | List of critical equipment | The list must contain the elements that are considered critical when essential for prevention or mitigation or that, in case of failure, could cause an operational accident. |
| Management of barriers | Bowtie Method | Using the bowtie methodology, the way to prevent is by installing barriers that eliminate pre-existing conditions or present quick responses to modify the scenario, if the event has already occurred (Hollnagel). |
| Indicators | Table of indicators | Through reliability, which works together with availability and maintenance, indicators can be used to justify the trust placed in the object of study and, consequently, the security of the system to which it belongs (Ebrahimipour, et. al.). |
| Control | Risk Acceptance | Criteria Risk Appetite is the level of risk an organization is willing to accept while pursuing its objectives. ISO 73:2009 defines Risk Appetite as “the amount and type of risk an organization is willing to pursue, maintain or assume.” |
| Continuous Improvement | MASP Method | The Method of Analysis for Solving Problems (MASP) called QC Story by the Japanese, is based on the PDCA Cycle and is used to solve problems and/or opportunities for improvement in a fully structured, concise, and efficient way. The objectives are the same as other methods such as the DMAIC method used in Six Sigma projects and the A3 of Lean. |
After the definitions in the table were presented, a model was built to integrate continuous improvement into the risk management process, seeking to integrate the changes that can be observed through the application of an evaluation tool in the sub-processes, focusing on the risk-monitoring stage (Fig. 1).
The response planning step can be found in ISO 31000 as part of the risk-monitoring and analysis step, where it is referred to as risk-monitoring actions: planning, gathering and analyzing information, recording results, and providing feedback.
Management practice 6 of the Sistema de Gerenciamento da Segurança Operacional (SGSO) (Operational Safety Management System) proposes the implementation of monitoring and continuous improvement actions acting on the entire safety management system, emphasizing mechanisms for recording, monitoring, and corrective and preventive actions to address causes of insufficient performance of the management system.
Therefore, this work aims to apply the MASP method in the risk-monitoring stage (Fig. 2).
MASP Method
Problem identification. When monitoring the indicator on a weekly basis, it is satisfactory, reaching the maximum level of 100% at a frequency considered regular, but the fines related to audits by regulatory bodies identify that there are pending issues in critical equipment.
Observation. In the ERP (Enterprise Resource Planning) system, it was possible to extract the maintenance notes related to critical equipment, ignoring the priority, and then the descriptions of the problems found were observed, both characterized as defects receiving a lower priority than due.
Analysis. For analysis, a multidisciplinary team met, putting the operational point of view on equipment functions and choosing a list with all the safety functions of the equipment considered critical, in addition to reviewing the reports of maintenance notes and the descriptions contained therein.
With the team having experience in the maintenance sector, the causes were raised and the 5 Whys tool was applied. The 5 Whys technique consists of asking five times why a problem is happening, referring to the previous answer, and thus it will be possible to reach the root cause.
Action plan. After analyzing the fundamental causes of the failure, an action plan was elaborated using the 5W2H methodology. The purpose of this plan is to put in place the countermeasures to stop or minimize minor machine stops. This action plan was prepared with the participation of all those involved, defining the actions to be carried out, who will be responsible for the action, why it should be carried out, the deadline for the execution, how it should be carried out, and where and how it should be carried out. Then, the proposed action is carried out.
Action. The training was given based on the material elaborated through internal norms, procedures, and international norms that govern the sector. After meetings with a multidisciplinary team defining the types of failure, the acceptance criteria were listed, and their dissemination implemented through training. There was also the equalization of lists of critical equipment and their failure modes, aiming to identify equipment that became critical after an incident event on a platform and somehow the scope was not replicated. The contingencies used in the grades considered compliant by the indicator per process safety cell were evaluated.
Verification. The reports showed the evolution of the indicator based on steps implemented according to the action plan. The order used for the action plan was:
First, the evaluation of the defective notes, bringing about 31 open notes to a single platform, evaluating only the notes opened in the past 3 months. The definition of acceptance criteria was used to validate failure and defect cases.
Second, a comparison was made between the lists of critical elements in the current revision of the platform and the extraction of a report on equipment with a failure impact 6. Forty-five new installation sites were included. Scanning open notes for these new install locations returned 12 new crash notes with inappropriate priority for wrong crash impact.
Thirdly, the implementation of change management and risk analysis actions was verified, bringing from the total scores considered in compliance a reduction of 10 scores showing fragile actions not implemented in their contingencies.
Standardization. For the results to be monitored after the implementation of the action, the indicators were followed weekly by repeating the same actions:
- Verification of defect notes created weekly
- Critical diagnosis of contingencies made
- Inclusion of a defined date for maintenance through an urgency matrix
Conclusion. To ensure continuous improvement, the company's MASP project record was created. A schedule was also created for expansion to the risk monitoring stage on other platforms.
Obtained Results. The training action was multiplied to other platforms and the document generated made it possible to widely disseminate the acceptance criteria for critical equipment, as well as the importance of equipment in preventing or mitigating accidents.
Revisiting change management led to a critical analysis of the identified actions and identified the need for more basic actions, which could be implemented without causing project changes.
Scanning and comparing critical equipment lists has become a necessary action to be implemented on all platforms, as well as scanning open defect notes evaluating the already established acceptance criteria. The definition of established deadlines made it possible to attend to pending maintenance and reduced the number of open failure notes.
For Further Reading
Critical Mitigation Element Methodology: An Approach To Achieving Consistent Risk Evaluation Results by S. Behie, et. al. Journal of Loss Prevention in the Process Industries.
A Synergetic Approach for Assessing and Improving Equipment Performance in Offshore Industry Based on Dependability by V. Ebrahumipour, et. al. Reliability Engineering & System Safety.
Risk + Barriers = Safety? by E. Hollnagel. Safety Science.
