Guidelines for Investigating Process Safety Incidents

The Center for Chemical Process Safety (CCPS) was founded in 1985 to develop technology and management practices that mitigate or eliminate process safety incidents in the chemical and petrochemical industries. Since that time, CCPS has published more than 100 books and held dozens of international conferences, each representing the most advanced thinking in process safety. CCPS is supported by the contributions and voluntary participation of more than 200 companies globally. CCPS is also the world's largest provider of undergraduate engineering curriculum materials through its SAChE program, with more than 160 universities participating from around the world.

• Preface xxvAcknowledgments xxviiAcronyms and Abbreviations xxix1 Introduction 11.1 Building on the Past 11.2 Investigation Basics 21.2.1 The First Step 21.2.2 The Second Step 41.2.3 The Third Step 41.2.4 The Fourth step 41.2.5 The Fifth Step 51.2.6 The Sixth Step 51.3 Who Should Read This Book? 51.4 The Guideline’s Objectives 61.5 The Guideline’s Content and Organization 61.6 The Continuing Evolution of Incident Investigation 112 Overview of Chemical Process Incident Causation 132.1 Stages of a Process-Related Incident 142.1.1 Three Phase Model of Process-Related Incidents 142.1.2 Event Tree 142.1.3 Swiss Cheese Model 162.1.4 Importance of Latent Failures 172.2 Key Causation Concepts 182.2.1 Loss of Containment or Energy 182.2.2 Management System Failure 202.2.3 Human Factors 212.2.4 Multiple Causation 222.2.5 Events vs Root Causes 222.2.6 Controlling Risk 232.3 Summary 243 An Overview of Investigation Methodologies 263.1 History of Investigation Methodologies and Tools 293.1.1 One-on-One Interview 293.1.2 Brainstorming 293.1.3 What If Analysis 303.1.4 5-Whys 303.1.5 Process of Elimination 313.1.6 Timelines 313.1.7 Sequence Diagrams 313.1.8 Predefined Trees 333.2 Tools for Use in Preparation for Root Cause Analysis 343.2.1 Timelines 343.2.2 Sequence Diagrams 353.2.3 Scientific Method 353.2.4 Causal Factor Identification 363.3 Structured Root Cause Analysis Methodologies 373.3.1 Checklists 373.3.2 Predefined Trees 383.3.3 Team-Developed Logic Trees 393.4 Selecting an Appropriate Methodology 433.4.1 Methodologies Used by CCPS Members 464 Designing An Incident Investigation Management System 474.1 System Considerations 494.1.1 An Organization’s Responsibilities 494.1.2 Workforce Responsibilities 514.1.3 Role of the Management System Developers 534.1.4 Integration with Other Functions and Teams 544.1.5 Involvement by Regulatory Agencies 554.2 Typical Management System Topics 584.2.1 Classifying Incidents 584.2.2 Specifying and Managing Documentation 594.2.3 Legal Considerations 604.2.4 Describing Team Organization and Functions 634.2.5 Electronic Process Data and Control Systems 644.2.6 Defining Training Requirements 654.2.7 Emphasizing Root Causes 694.2.8 Fostering a Blame-Free Policy 704.2.9 Developing Recommendations 704.2.10 Recommendation Responsibilities 714.2.11 Implementing the Recommendations and Follow-up Activities 724.2.12 Providing a Template for Formal Reports 734.2.13 Management System Review and Approval 734.2.14 Planning for Continuous Improvement 734.3 Management System 744.3.1 Initial Implementation— Training 754.3.2 Developing a Specific Investigation Plan 755 Initial Notification, Classification and Investigation of Process Safety Incidents 795.1 Internal Reporting 795.2 Incident Classification 815.2.1 Severity Classification 825.2.2 Local Jurisdiction 895.2.3 Other Options for Establishing Classification Criteria 895.3 Incident Notification 905.3.1 Corporate Notification 905.3.2 Agency Notification 915.3.3 Other Stakeholder Notification 915.3.4 Other Notifications 925.4 Type of Investigation 925.4.1 Which Investigation System to Use? 925.4.2 Investigation Approach 935.5 Summary 946 Building and Leading An Incident Investigation Team 966.1 Team Approach 966.2 Advantages of the Team Approach 976.3 Leading a Process Safety Incident Investigation Team 986.4 Potential Team Composition 1006.5 Building a Team for a Specific Incident 1046.5.1 Composition and Size of Investigation Team 1046.6 Team Activities 1066.7 Summary 1087 Witness Management 1107.1 Overview 1107.1.1 Witness Issues Following a Major Occurrence 1117.1.2 Investigation Team Priorities for Managing Witnesses 1127.2 Identifying Witnesses 1137.3 Witness Interviews 1157.3.1 Human Factors Related to Interviews 1157.3.2 Collecting Information from Witnesses 1187.3.3 Initial Witness Statements 1207.3.4 Conducting the Interview 1217.4 Conducting Follow-up Activities 1347.5 Conducting Follow-up Interviews 1357.6 Reliability of Witness Statements 1357.7 Summary 1358 Evidence Identification, Collection and Management 1378.1 Overview 1378.1.1 Developing a Specific Plan 1388.1.2 Investigation Environment Following a Major Occurrence 1398.1.3 Priorities for Managing an Incident Investigation Team 1418.2 Sources of Evidence 1448.2.1 Types of Sources 1448.2.2 Physical Evidence and Data 1478.2.3 Paper Evidence and Data 1498.2.4 Electronic Evidence and Data 1528.2.5 Position Evidence and Data 1538.3 Evidence Gathering 1568.3.1 Initial Site Visit 1578.3.2 Identifying and Documenting Evidence 1598.3.3 Tools and Supplies 1628.3.4 Photography and Video 1648.4 Timelines and Sequence Diagrams 1688.4.1 Constructing a Timeline 1688.4.2 Constructing a Sequence Diagram 1748.5 Summary 1769 Evidence Analysis and Causal Factor Determination 1789.1 Scientific Method 1789.2 Confirmation Bias 1819.3 Evidence Analysis 1819.3.1 Data Organization - Timelines 1829.3.2 Use of Protocols 1829.3.3 Mechanical Failure Analysis 1849.3.4 Advanced Data Systems 1879.4 Hypothesis Formulation 1879.4.1 Fact/Hypothesis Matrix 1889.5 Hypothesis Testing 1909.5.1 Engineering Analysis 1909.5.2 Computational Modeling 1919.5.3 Reconstruction 1919.5.4 Test the Items under Simulated Conditions 1929.5.5 Testing of Human Input/Performance 1929.6 Select the Final Hypothesis 1939.6.1 Causal Factor Identification 1939.6.2 Causal Factor Charting 1989.6.3 Developing a Causal Factor Chart 2009.7 Summary 20210 Determining Root Causes—Structured Approaches 20310.1 Concept of Root Cause Analysis 20310.2 Case Histories 20610.3 Methodologies for Root Cause Analysis 20810.3.1 5 Whys Technique 20810.3.2 Structured Root Cause Determination 21210.4 Root Cause Determination Using Logic Trees 21410.4.1 Gather Evidence and List Facts 21510.4.2 Timeline Development 21510.4.3 Logic Tree Development 21510.5 Building a Logic Tree 21910.5.1 Choosing the Top Event 22010.5.2 Logic Tree Basics 22010.5.3 Example—Chemical Spray Injury 22810.5.4 What to Do if the Process Stalls 23210.5.5 Guidelines for Stopping Tree Development 23210.6 Example Applications 23510.6.1 Fire and Explosion Incident—Fault Tree 23510.6.2 Data-Driven Cause Analysis 23910.6.3 Logic Tree Summary 24110.7 Root Cause Determination Using Predefined Trees 24210.7.1 Scenario Determination 24410.7.2 Causal Factors 24410.7.3 Predefined Tree 24510.8 Using Predefined Trees 24610.8.1 Predefined Tree Methodology 24710.8.2 Example—Environmental Incident 24810.8.2 Quality Assurance 25510.8.3 Predefined Tree Summary 25510.9 Checklists 25610.9.1 Use of Checklists 25710.9.2 Checklist Summary 25810.10 Human Factors Applications 25810.11 Summary 25911 The Impact of Human Factors 26111.1 Human Factors Concepts 26211.2 Incorporating Human Factors into the Incident Investigation Process 26711.2.1 Human Factors Before and During the Incident 26811.2.2 Human Factors during the Causal Analysis 26911.2.3 Human Factors in Developing Recommendations 27511.2.4 After the Investigation 27511.3 Other References 27611.4 Summary 27612 Developing Effective Recommendations 27812.1 Key Concepts 27812.2 Developing Effective Recommendations 28012.2.1 Team Responsibilities 28012.2.2 Attributes of Good Recommendations 28012.3 Types of Recommendations 28312.3.1 Inherently Safer Design 28412.3.2 Layers of Protection 28512.3.3 Commendation/Disciplinary Action 28912.3.4 The “Further Action Required” Recommendation 28912.4 The Recommendation Process 29012.4.1 Select Each Cause 29012.4.2 Perform a Completeness Test 29012.4.3 Assessing the Effectiveness 29112.4.4 Prepare to Present Recommendations 29112.4.5 Review Recommendations with Management 29312.4.6 Tracking and Closure of Recommendations 29312.5 Summary 29413 Preparing the Final Report 29513.1 Report Scope 29513.2 Interim Reports 29613.3 Writing the Report 29713.4 Sample Report Format 29913.4.1 Executive Summary 30013.4.2 Introduction 30113.4.3 Background 30113.4.4 Sequence of Events and Description of the Incident 30213.4.5 Findings 30213.4.6 Causal Factors 30313.4.7 Root Causes 30413.4.8 Recommendations 30413.4.9 Noncontributory Factors 30613.4.10 Attachments or Appendices 30613.5 Report Review and Quality Assurance 30713.5.1 Reviewing the Report 30713.5.2 Avoiding Common Mistakes 30813.6 Investigation Document and Evidence Retention 31013.7 Summary 31114 Implementing Recommendations 31414.1 Activities Related to Recommendation Implementation 31514.2 Validation of Effectiveness – Case Studies 31714.2.1 Nuclear Plant Incident 31714.2.2 Aircraft Incident 31814.2.3 Petrochemical Plant Incident 31814.2.4 Challenger Space Shuttle Incident 31814.2.5 Typical Plant Incidents 31914.3 Practical Suggestions for Successful Recommendation Implementation 31914.3.1 Assigning a Responsible Individual 32014.3.2 Due Dates and Priorities to Implement Recommendations 32014.3.3 Challenges to Resolving Recommendations 32114.3.4 Tracking Action Items 32314.3.5 Follow-up Verification 32315 Continuous Improvement for the Incident Investigation System 32615.1 Regulatory Compliance Review 32715.2 Investigation Quality Assessment 32915.3 Causal Category Analysis 33115.4 Review of Near-Miss Events 33415.5 Recommendations Review 33415.6 Investigation Follow-up Review 33615.7 Key Performance Indicators 33715.8 Summary 33816 Lessons Learned 34016.1 Various Sources of Learning from Incidents 34116.1.1 Internal Sources 34116.1.2 External Sources 34116.1.3 Cross-Industry 34316.2 Identifying Learning Opportunities 34316.3 Sharing and Institutionalizing Lessons Learned 34516.4 Senior Management – Incident Sharing and Commitment 34716.5 Examples of Sharing Lessons Learned 34816.5.1 Creating a Process Safety Alert from a Case Study 34816.5.2 Safety Newsletter 35016.5.3 Videos of Incidents 35516.5.4 Detailed Incident Reports and Databases 35516.6 Summary 355Appendix A. Photography Guidelines for Maximum Results 357Appendix B. Example Protocol – Checking Position of a Chain Valve 362Appendix C. Process Safety Events Leveling Criteria 366Appendix D. Example Case Study 368Appendix E. Quick Checklist for Investigators 398Appendix F. Evidence Preservation Checklist – Prior to Arrival of the Investigation Team 404Appendix G. Guidance On Classifying Potential Severity of a Loss of Primary Containment 406Glossary 416References 427Index 437