To minimize the likelihood and consequence of accidents, safety barriers are put in place as a layer of protection. In process plants, it is often necessary to isolate, bypass, or remove components of this critical protection to allow for maintenance and other activities to be conducted. These components are often called, "Safety Critical Equipment" and the process to bypass them is called, "Critical Defeats." While defeating safety critical equipment is necessary it needs to be done in a controlled and safe manner.
Examples of safety critical equipment include:
Safety instrumented systems
DCS or PLC shutdowns and interlocks
Emergency shutdown valves
Fire and Gas detection systems
and so on
Critical defeats are most often temporary and short in duration measured in shifts and do not typically extend beyond 7 days. Longer duration and non-routine defeats are usually handled through the facility or asset Management of Change (MOC) process.
To maintain safety a clear and robust approach is needed to cover the approval and execution of critical defeats. At a minimum the documentation for authorizing a critical defeat should include:
What is being defeated
The reason the defeat is being applied
What risks are created or exposed by the defeat
What alternate protection is available
What precautions are required to mitigate the risks
How long the defeat is to be applied
What level it needed to authorize the defeat
As with Management of Change, a process approach helps to reduce risk by ensuring that all steps involved including approvals are executed and done in the correct sequence. An example process for Critical Defeats is shown below:
After the defeat is approved, it should be communicated to operators and all other people who work on the equipment or process. It is common practice to include this information in shift logs or on display boards and discussed during handovers.
In addition, the following activities are helpful to further manage risk:
Clearly define roles and properly train personnel to the appropriate level of competency
Ensure that there is an alternate layer of protection in place
Limit the number of active defeats allowed at any given time
Limit the duration for how long a defeat can remain active
Tag by-passed devices
Monitor active defeats on a daily basis
Conduct weekly audits to ensure the proper reinstatement of the defeated devices or systems.
Establishing a robust process to manage the defeat of critical protection is essential to maintaining safety. If you have an existing process, now is a good time to look at how it is performing to identify areas that can be improved. An important first step is to map the actual process and compare that to written procedures. Look at gaps in the process and where waste exists such as waiting for approvals, incomplete information, over processing, and so on.
The critical defeat process should be viewed as a resource to keep everyone safe and not as an obstacle to getting work done. Short cuts done here expose workers and the organization to unnecessary and avoidable risk.
What gaps exists between your current critical defeats procedure and how defeats are actually approved and implemented?
What safety critical equipment is missing from the procedure?
Who should be and is currently not being notified when critical defeats are approved and become active?
What steps are being taken to ensure the reinstatement of defeated equipment?
What steps can be taken to improve how risks are identified, mitigated and managed?
How can you help to improve the way critical defeats are handled?