Guidelines for PHA: Standards & Best Practices

• PURPOSE
  A Process Hazard Analysis (PHA) is the heart of any well developed Process Safety Management (PSM) program. The objective of a PHA is to develop a thorough, orderly, systematic approach for identifying, evaluating, and controlling potential hazards within a process involving potentially hazardous chemicals.
  
  The minimum requirements for a PHA program include:
  1. Setting a priority order and conducting analyses according to the required schedule.
  2. Using an appropriate methodology to determine and evaluate the process hazards.
  3. Addressing process hazards, previous incidents with catastrophic potential, engineering and administrative controls applicable to the hazards, consequences of failure of controls, facility siting, human factors, and a qualitative evaluation of possible safety and health effects of a failure of the controls on the employees.
  4. Performing a PHA by a team with expertise in engineering and process operations, the process being evaluated, and the PHA methodology used.
  5. Establishing a system to promptly address findings and recommendations, assure recommendations are resolved and documented, document action taken, develop a written schedule for completing actions, and communicate actions to operating, maintenance and other employees who work in the process or might be affected by actions.
  6. Updating and revalidating PHAs at least every 5 years.
  7. Retaining PHA records and updates for the life of the process.

• SCOPE
  These PHA guidelines are intended to apply to all equipment and procedures involving the covered process. The objective of the PHA will usually be to identify possible deviations from process design, maintenance, inspection, or operating practices which could lead to personnel injury, equipment damage, or environmental impact, especially those involving accidental releases.

  These guidelines are not intended to be a comprehensive manual on all aspects of conducting PHA studies. Rather they are intended to describe in general terms the activities and personnel responsibilities necessary to prepare for, conduct, and document a PHA study for a typical ammonia refrigeration facility.

• PROCEDURES
  1. DEVELOP A SCHEDULE FOR CONDUCTING THE PHA CONTAINING:
     
     • Recommendations:
       A column in the generic What-If/Checklist Log Sheet that serves to record any proposed risk-reduction measures that result from site-specific customization of the generic PHA. When a potential need for improvement, in either the physical facilities or the operating procedures is noted during a PHA, a recommendation is made. Additionally, entries are made on follow-up items and to clarify issues that may arise during a study.
       
       
     • Safeguards:
       A safeguard is an engineering or administrative (E/A) control either in the design or operation of the facility which may prevent a scenario from occurring or mitigate the consequences should it occur.
       
       
     • Scenario:
       A column in the generic What-If/Checklist Log Sheet that serves to record a description of typical events, associated with a given What-If question, which can result in a hazardous consequence; as a general rule during the generic PHA, the scenario resulted in a chemical release
       
       
     • System and subsystem:
       Convenient ways to divide a process into manageable parts or segments. Each covered process is typically divided into multiple subsystems. The level of resolution depends on how detailed a study is required. The analysis is usually conducted on the subsystem level.
       
       
     • What-If/Checklist Log Sheets:
       Tabular forms in which PHA results for the What-If/Checklist technique are systematically recorded (see FORM PHA-1).
       
       
     • What-If question:
       A What-If question indicates some way that the system can malfunction, be misoperated or deviate from its design intent. The intent is to ask pointed questions that are considered relevant by the hazard analysis team. The questions address potential causes of accidents.
       
       
  2. CHOOSE AN APPROPRIATE METHODOLOGY

     According to the PSM regulation, an employer must use one or more of the following methodologies to determine and evaluate the hazards of the covered process:

     • What-If
     • Checklist
     • What-If/Checklist
     • Hazard & Operability Study [HAZOP]
     • Failure Mode and Effects Analysis [FMEA]
     • Fault Tree Analysis [FTA]
     • An appropriate equivalent methodology
     
     

     Note that each methodology offers advantages and disadvantages. These advantages and disadvantages are discussed in detail in the references provided. Some of the factors which affect the choice of methodology include:

     • Complexity of the system
     • Level of risk in the system
     • Specific type of operations in the system
     • Information available to conduct the study
     • Expertise of the team leader
     
     

     A common methodology used for ammonia refrigeration systems is the What-If/Checklist technique. This technique is both efficient and effective in identifying potential hazards in the system and is one of the methods acceptable in the PSM regulation. The primary advantages of the What-If/Checklist technique are that it is relatively easy to use and very flexible. A potential disadvantage of the What-If/Checklist technique is that the results of a What-If/Checklist analysis will very dependent on the experience and the thoroughness of the team leader and the team.
     

  3. ESTABLISH THE PURPOSE, OBJECTIVES, AND SCOPE
     The purpose, objectives, and scope of a process hazard analysis study should be clearly defined before the study is conducted. Typically, the purpose of the study will be to conduct a process hazard analysis aimed at meeting the requirements of the PSM regulation (29 CFR 1910.119) and the Environmental Protection Agency's (EPA's) proposed Chemical Accident Prevention Program (40 CFR Part 68). The objective of the PHA study will usually be to identify possible deviations from process design, maintenance, inspection or operating practices which could lead to personnel injury, equipment damage or environmental impact, especially those involving accidental releases. The analysis may also address significant operability issues such as scenarios which could lead to a unit shutdown or the loss of key process safeguards.

     The scope of the process hazard analyses should clarify the equipment, procedures, and modes of operations that are to be considered during the study. Typically, the analysis will focus on normal (steady-state), start-up, and shutdown operating procedures. Utility systems and equipment, such as cooling water or instrument air systems, are usually handled implicitly during the study, i.e., they are considered only as they affect the causes, consequences or safeguards of any What-If scenarios reviewed. Any need for a more detailed review of a particular utility system is noted in the study recommendations as a possible separate study.
     

  4. SELECT THE STUDY TEAM
     A PHA team typically consists of 3-7 individuals. One team member should be a person trained and knowledgeable in the PHA technique used to conduct the study. This training often involves a combination of classroom training on the specific PHA technique and participation in a study as a PHA team member. It is often preferred that the team leader not be too closely associated with the design and/or the day-to-day operation of the system being studied. A team leader who is too closely associated with the system may not help the team to use their imagination in visualizing deviations, causes, and consequences during a PHA study.
     
     A team may also include a separate scribe or technical secretary to record the results of the study. Alternatively this responsibility can be assumed by the team leader. The other members are usually selected for their knowledge of the process operation and/or technical contribution to the team. There is no one perfect combination of team members. However, since the team members need to be knowledgeable of the process design and/or operation, at least some of the team should come from the operating facility. A typical team may consist of the following members:
     
     
     1. Team Leader
     2. Environmental Manager
     3. Safety/Risk Manager
     4. Maintenance Supervisor
     5. Process/Utilities Engineer
     6. Utilities Supervisor/Manager
     7. Utilities Operator
     8. Mechanical Engineer
        
        
  5. COLLECT REFERENCE INFORMATION
     Prior to the scheduled start of the PHA sessions, the team leader should ensure the necessary drawings and other reference information is available and up-to-date. Information that is typically needed to conduct process hazard analyses includes a block flow diagram, Piping and Instrument Diagrams (P&ID'S), plot/site plans, process descriptions, and information on the instrumentation and control systems. In addition, operating procedures, emergency procedures, equipment and instrument specifications, and Material Safety Data Sheets (MSDS) should also be readily available during the study.
     
     
  6. DEVELOP WHAT-IF SUBSYSTEMS AND QUESTIONS

     Typically, the team leader divides a system into subsystems and develops What-If questions prior to any team meetings. Subsystems are convenient ways to divide a covered process into manageable parts or segments. Each system is typically divided into multiple subsystems. The level of resolution depends on how detailed a study is required. Typical subsystems are compressors, evaporative condensers, receivers, air units, chillers, etc.

     The What-If/Checklist method involves experienced personnel posing a series of What-If questions for each part of the facility. The What-If questions evaluate the effects of equipment failures, human errors, or external events on the operation of the system. What-If questions are often taken from previous studies or structured checklists to ensure consistency, but will not be limited in any way and will be open to cover any process safety concerns.

     The success of a What-If/Checklist study is highly dependent upon the thoroughness of the list of What-If questions posed. Typically, the team leader will prepare an initial list of What-If questions prior to any team meetings. Existing checklists can be used to obtain some pertinent questions to get the study started. Alternatively lists of questions from previous studies may be used, or the team can brainstorm questions at the outset of the study. The What-If/Checklist process is dynamic; as one question is asked other questions will occur to the team. These questions should be documented as they occur for later consideration.

     Use these Process Hazard Review Library to help identify potential hazards. Answer each question fully, not with a simple “Yes” or “No.” Some questions may not be applicable to the review of a particular process; other questions should be interpreted broadly to include similar materials or equipment in your facility. Consider the questions in terms of all operating modes (e.g., steady state, startup, shutdown, maintenance, and upsets).

  7. ARRANGE THE TEAM MEETINGS

     During the first PHA team session, the team leader should review the purpose, scope and objectives of the study with the team. In addition, the team leader should conduct a brief review session on the technique being used and should conduct a site survey of the ammonia refrigeration system.

     The What-If/Checklist technique is a means of systematically reviewing a process to identify potentially hazardous events or operability problems which could occur. It is conducted by posing a series of What-If questions, each representing a potential deviation from process design, maintenance/ inspection or operating practices. The technique is based on the premise that a hazard does not occur if the process does not deviate from the design intent.

     The PHA should consider three major types of causes of potential deviations:

     1. Equipment failures
     2. Human errors
     3. External events/siting issues
     
     

     Equipment failures include deviations in the operation or performance of equipment from its design intent. This includes items such as vessel or line failures, leaks, pump failures, or instrumentation failures. Human error may include the failure of an operator to perform a required specific function or performing it incorrectly. Human error may also include incorrect maintenance practices, or for example, incorrect set points entered into a computer control system. External events includes items such as loss of electricity, a fire in the processing area, or issues related to facility siting. Analysis of these deviations will include:

     • An analysis of the potential hazards in the systems.
     • A review of any previous incident which resulted in or had a likely potential for catastrophic consequences in the work place.
     • An assessment of the existing engineering and administrative (E/A) controls (safeguards), including release prevention and detection methods, and the consequences of a failure of these controls.
     • A qualitative consequence analysis of a range of the possible safety and health effects of failure of controls on employees in the work place.
     • An identification of preliminary recommendations, either equipment or procedural, designed to mitigate or minimize the consequences or probability of potentially hazardous scenarios.
     
     
  8. CONDUCT A PHA STUDY
     A PHA study for a typical system may take a number of days to complete. The team will therefore hold a number of meetings, or working sessions. Since the technique is tiring, the sessions are usually scheduled for the morning, when the team members are most fresh. The sessions are normally scheduled to last for periods of 4-6 hours. Longer sessions or afternoon sessions tend to be tiring, reducing the efficiency of the technique.

     Once the anticipated number of team sessions has been determined, a tentative schedule for the sessions should be prepared. The schedule should be circulated to the proposed team members. This will allow the team members to schedule their time appropriately or to alert the team leader of any known scheduling conflicts.
     

  9. WRITE A PHA COMPLIANCE REPORT

     Once the PHA study is completed, a written compliance report should be completed. The report will:

     • Identify the potential hazards and their causes.
     • Identify the engineering and administrative (E/A) controls applicable to the hazards at the facility.
     • Describe the consequences of the failure of any engineering and administrative (E/A) controls.
     • Document any recommendations designed to improve the operations of the facility.
       
       
  10. ADDRESS THE FINDINGS FROM THE PHA STUDY
      A management system must be developed to address, resolve, and document recommendations resulting from the PHA study. This management system should include provisions to:
      
      • Assure that the recommendations are resolved in a timely manner.
      • Document the actions that are to be taken.
      • Complete the actions as soon as possible.
      • Develop a written schedule of when actions are to be completed.
      • Communicate the actions to operating, maintenance, and other employees whose work assignments are in the process and who may be affected by the recommendations or actions.
        
        
• DOCUMENT MANAGEMENT
  The employer must retain the process hazard analysis study report and any updates or revalidation for the system, as well as the documented resolution of recommendations, in the Process Safety Management files for the life of the system. In addition, employers must provide their employees and their representatives access to the PHAs.
  
  
• PERSONNEL
  The following describes the various persons who may be involved in a PHA study, and summarizes their responsibilities.
  
  
  • PHA COORDINATOR
    Has the overall responsibility for the PHA study. Should be knowledgeable in the PHA process and the planning of these studies. Ensures that the PHA study is performed per the scope, purpose and objectives. Ensures that all recommendations produced during the PHA study are addressed.
    
    
  • TEAM LEADER
    Plans, controls, and directs the PHA team sessions. Decides, with advice from the PHA Coordinator, the scope, purpose and objective of each session. Ensures completeness and consistency of the PHA study. Directs completion of the PHA log sheet by the Scribe. Provides the PHA Coordinator with daily reports, PHA log sheets, and action items
    
    
  • PROCESS/UTILITIES ENGINEER
    Provides stimulation of discussion via free thinking based upon his knowledge of this and similar systems. Should be generally knowledgeable on the design and operation of the covered process
    
    
  • OPERATIONS/MECHANICAL REPRESENTATIVE
    Provides advice on actual practice in operating and maintaining the system, and knowledge of typical problems, and emergency situations.
    
    
  • SCRIBE
    Monitors and records progress of the PHA study under the direction of the Team Leader. Prepares a PHA Compliance Report for approval by the Team Leader, and releases the approved report to the PHA Coordinator. Note that this responsibility is often assumed by the team leader.
    
    
• DEFINITIONS
  The following is an alphabetical listing of terms and abbreviations used throughout these guidelines:

  C

  Catastrophic release:
  A major uncontrolled emission, fire, or explosion, involving one or more highly hazardous chemicals that presents serious danger to employees in the workplace.

  Consequences:
  A column in the generic What-If/Checklist Log Sheet that serves to record a description of the impact a particular scenario can have on equipment and/or employees. The consequences indicate the possible effects on the process, the operating personnel, or the environment that might possibly occur assuming the hazardous scenario were to occur.

  Critical equipment:
  Refers to vessels, machinery, piping, alarms, interlocks and controls determined by management to be vital to preventing the occurrence of a catastrophic release.

  E

  E/A Controls:
  Abbreviation for "Engineering/Administrative Controls" and a column in the generic What-If/Checklist Log Sheet that serves to record the existing controls that can prevent and/or mitigate a scenario or its consequences.

  Emergency Situation:

  An occurrence with a system that requires immediate response from operations personnel (e.g., a large leak might be considered an emergency situation requiring isolation and pump-out of equipment).

  Equipment/Activity:
  A column in the generic What-If/Checklist Log Sheet that serves to record a description of the equipment, activity, or issue to which a given question and scenario apply.

  "F":
  A column in the generic What-If/Checklist Log Sheet that serves to record the frequency ranking that results from a qualitative consequence analysis.

  G

  Generic:
  Indicates wide applicability to facilities, systems, and equipment, irrespective of specific variations (e.g., scenarios identified for a generic compressor apply to various types, such as a rotary screw, rotary vane, and reciprocating).

  H

  Hazard:
  A potential for an accident with undesirable consequences, usually involving a loss of containment of flammable, combustible, highly hazardous or reactive materials.

  Hazard analysis techniques:
  Analytical techniques which aid in identifying and evaluating process hazards. Typical hazard analysis techniques which may be used include the "What-If/Checklist" technique and the "Hazard & Operability" (HAZOP) technique. Other techniques which may be used for specific circumstances are discussed in the Guidelines for Hazard Evaluation Procedures published by the Center for Chemical Process Safety of the American Institute of Chemical Engineers.

  I

  Incident:
  A release, a fire, or an explosion; or any event that could have resulted in a release, fire, or explosion; also referred to as "accidents," though not to be confused with occupational safety accidents, such as the laceration of a finger.

  Item:
  A column in the generic What-If/Checklist Log Sheet that serves as a unique identifier for a particular row in the log sheets.

  P

  Process:
  Any activity involving ammonia including any use, storage, manufacturing, handling, or the on-site movement of ammonia, or any combination of these activities. For the purposes of this definition, any group of vessels which are interconnected and separate vessels which are located such that ammonia could be involved in a potential release shall be considered a single process.

  Process hazard analysis:
  The application of one or more hazard analysis techniques to aid in identifying and evaluating process hazards.

  Q

  Qualitative consequence analysis:
  A PHA requirement that can be addressed by using a risk matrix to evaluate the consequence and frequency of a PHA scenario.

  Question:
  A column in the generic What-If/Checklist Log Sheet that serves to record the What-If question on which the scenario and consequences are based.

  "R":
  A column in the generic What-If/Checklist Log Sheet that serves to record the risk ranking that results from a qualitative consequence analysis.

  R

  Recommendations:
  A column in the generic What-If/Checklist Log Sheet that serves to record any proposed risk-reduction measures that result from site-specific customization of the generic PHA. When a potential need for improvement, in either the physical facilities or the operating procedures is noted during a PHA, a recommendation is made. Additionally, entries are made on follow-up items and to clarify issues that may arise during a study.

  S

  Safeguards:
  A safeguard is an engineering or administrative (E/A) control either in the design or operation of the facility which may prevent a scenario from occurring or mitigate the consequences should it occur.

  Scenario:
  A column in the generic What-If/Checklist Log Sheet that serves to record a description of typical events, associated with a given What-If question, which can result in a hazardous consequence.

  System and subsystem:

  Convenient ways to divide a process into manageable parts or segments. Each covered process is typically divided into multiple subsystems. The level of resolution depends on how detailed a study is required. The analysis is usually conducted on the subsystem level.

  W

  What-If/Checklist Log Sheets:
  Tabular forms in which PHA results for the What-If/Checklist technique are systematically recorded (see FORM PHA-1).

  What-If question:
  A What-If question indicates some way that the system can malfunction, be misoperated or deviate from its design intent. The intent is to ask pointed questions that are considered relevant by the hazard analysis team. The questions address potential causes of accidents.

A hazard is an inherent physical or chemical characteristic that has the potential for causing harm. A hazard evaluation is an organized effort to identify and analyze the significance of hazardous situations associated with a process or an activity. Although there are multiple hazard evaluation techniques (Fault Tree, Hazard and Operability Analysis, Fault Tree Analysis, Failure Modes and Effects Analysis, etc., we chose to develop an interface to manage one of the most popular Process Hazards Analysis (PHA) techniques, What If Analysis. Our What If PHA provides an easy-to-use interface to efficiently organize a review of hazards for your process/system utilizing the What If Analysis technique.

Prior to embarking on a What If Analysis, particularly if this is the first study at your facility, we recommend that the designated PHA team leader in the study, as well as other members of the team, get an overview of the PHA process. This includes a full understanding of the importance of the study, guidance for assurance the team structure is comprised of the appropriate personnel, and common pitfalls to avoid when conducting the study. In addition, we provide the important foundational preparatory steps that should be followed prior to the start of the study.

What If PHA provides the framework to establish likelihood and consequence risk ranking for assets within your facility environment and allows an easy-to use interface for organizing real-life scenarios of situations that can occur or may have already occurred at your facility. The software makes the hazard evaluation process easier to achieve. However, that said, embarking on a hazard evaluation effort at your facility without the proper guidance can be daunting. The potential exists to overlook areas of risk within your facility.

WE CAN HELP. We have personnel that have decades of industry hazard evaluation experience utilizing the What If PHA technique. Their expertise includes experience within a multitude of industries that ideally suits them to provide the necessary guidance before you begin your study. We feel this guidance approach assures your study has the best opportunity for success. We perform this service world-wide (English language only at present) via the Microsoft Teams meeting interface. We include:

• Preparing for the study
• Organization of data to support the PHA
• Safe work practices
• Review of known hazards
• Review of applicable codes and standards
• Equipment codes, standards, and company requirements
• Equipment inspection and testing records
• Metallurgical testing records
• The importance of near-miss and previous incident/accident reports
• Process safety information – how much is enough
• Importance of training records
• Managing system boundaries
• Managing recommendations and the required follow-up

Our guidance will touch on each of the above topics as well any questions regarding the use of the software. Call or email for details.