Using a Risk Registry to Properly Manage Operational Risk

March 6, 2019

Process Safety Management (PSM) provides a framework for effectively managing operational risk. The framework includes the obvious catastrophic events that can result catastrophic consequences which threaten the financial viability of an enterprise. But what about the lesser threats that together can cause significant harm by a thousand cuts? In other words, what about the things that can and do happen to companies on a routine basis? Have you ever experienced one of these common scenarios?

  1. A PHA identifies unacceptable risk and makes the correct recommendations at one facility, but at another plant, the PHA fails to identify and correct the hazards for a nearly identical process – and there is an incident.
  2. A near miss report with the potential for severe consequences across an enterprise is circulated throughout an organization… but there is no additional follow-up.
  3. A pump single seal was replaced with a dual mechanical seal design (outer seal vented to flare). But the inner seal is still failing routinely and the outer seal leaked significantly during the last event.
  4. Compressor reliability is resulting in bottlenecks and downtime at multiple facilities.
  5. A smaller company is acquired in haste without all of the input needed for complete due diligence. Later major environmental regulatory liabilities are discovered.

Process safety does theoretically address the above issues in some manner. But the application of process safety systems is often nothing more than a vertical program at a single facility or a single plant. Further, horizontal integration is often difficult or non-existent even at the plant level – and that makes enterprise level interconnection incomplete at best. Lack of integrated systems and an overall view of risk can significantly increase the incidence of variable outcomes – an often-unidentified risk to continued operations.

Another example is the risk of losing key personnel. Even twenty-five years after the OSHA PSM regulation became law, there are still programs falling apart because the PSM Coordinator changes jobs.

So what is the answer? Rather than dive into a comprehensive solution, why not start at the top and improve existing processes?

Standardize and drive consistency by utilizing a corporate-wide risk-ranking matrix. Assure sufficient detail so that assigning severity for safety / environmental / production consequences will result in most of the people selecting the same value for the same exposure most of the time.

Figure 1 – Generic Risk Registry

Utilize existing PHAs and Incident Reports across the enterprise to develop a rudimentary risk registry for both broad and specific risks that can be applied to a wide range of risk assessment activities.

Figure 2 – Specific Risk Registry