Operating Procedures: Don't Ask Too Much
We are writing a series of posts to do with operating and maintenance procedures. The first post in the series was Operating Procedures: The Basics. In that post we noted that operating procedures should not be used to ensure safety in inherently risk situations. Operating or maintenance technicians are prone to making mistakes or slips, particularly if they are under pressure or have too many tasks to carry out at one time. The system itself should prevent such mistakes or slips leading to a serious safety incident.
The Two Tanks
An example of how this type of situation was properly handled occurred at an operating facility in the State of California.
The process used both sodium hydroxide solution and sulfuric acid. The inadvertent mixing of these two liquids can create a violent and dangerous chemical reaction. The chemicals were stored in tanks as shown in the sketch. The tanks were filled by trucks that used hoses connected to fill nozzles. (There were many other pipes in the area, so the situation was actually considerably more complex than what is shown in the sketch.)
A set of procedures was written to guide the operators and truck drivers through the connection, filling and disconnection steps. In addition, warning signs were posted to make sure that the correct tank was filled. However it was obvious that the situation shown was fundamentally too risky. Sooner or later someone was going to connect a hose to the valve immediately in front of the tank that was to be filled, and an accident would occur.
In such a situation, too much reliance was placed on the procedures. What was needed was an engineering solution. In response, the company made the following two changes:
The tanks were separated; one of them was placed at another location in the facility.
Different types of connections were used for the two chemicals.
Check for Errors
If there is absolutely no choice but to rely on procedures in high-risk situations such as the above then the following actions can help reduce the risk.
Have two operators involved in the loading process, so that they can cross-check one another.
Color code valves and ensure that the procedures call out which color is the right one for this situation.
Develop detailed checklists that require the operator to confirm his or her actions.
Human Factors
Not only is it unreasonable to expect procedures to address poorly engineered systems, operators and maintenance technicians are less likely to execute procedures properly if one or more of the following conditions exist:
Poor communication with supervision or with other technicians;
Sloppy housekeeping;
Too many mental tasks to perform;
Too many physical tasks to perform;
Inadequate tools;
Extended, uneventful vigilance; and
Inadequate breaks and rests.
Posted Danger Signs
There are various levels of warning signs that we will discuss in future posts. The most serious sign in ‘Danger’. It has the following meaning.
Incorrect action could lead to serious injury or death, a major environmental problem or massive equipment damage.
If a Danger sign is needed, the hazard should be eliminated or controlled with multiple safeguards. It is unacceptable to have a situation where failure to follow a procedure could lead to a fatality or serious injury, and where procedures are intended to provide for safe operations.
Further Guidance
For further information to do with operating procedures, please check out our book Process Risk and Reliability Management.
