Many organizations are required to have a Management of Change (MOC) procedure to manage risks introduced by planned changes to assets, processes, facilities and to the organization as a whole.
However, for many, these procedures are based on previous paper based approaches. While these may meet the letter of the law and pass audits they often do not benefit from exploiting technology and best practices. Even when software is procured or developed they often result in "paving the cow path" instead of improving the process first.
Dr. Eliyahu M. Goldratt, creator of the theory of constraints, in one of his lectures makes the following statement:
"Technology can bring benefits if, and only if, it diminishes a limitation."
Technology here is defined as the application of knowledge and does not need to be hardware or software.
Dr. Goldratt's statement takes time to fully appreciate but is profound in its simplicity to describe why many technology projects fail. However, as importantly, it provides a way to understand how technology can be used, but rarely is, to provide significant benefits.
Let's look at how this statement can be applied to deploying technology to support the MOC process. Dr. Goldratt suggests asking 4 questions:
1. What is the power of the technology?
The power provided by an MOC application comes from its ability to connect related data and using it to drive risk activity:
Provide the relevant data and tools to the change process
Provide the steps that need to be followed based on related data
Automatically track and record activity and work done
2. What limitation does the technology diminish?
Using a paper based approach has several limitations with these as the primary ones:
Not having relevant data readily available to make safe decisions
Not knowing what work had been done or will be done as part of the change process.
3. What rules enabled us to manage this limitation?
Rules to work around these limitations include:
One process for all types of changes (i.e. only have one change form)
Adding several gatekeeper roles (reviews and approvals) to verify work
Using standard (and fixed) checklists to drive activity
Redoing assessments and verifying drawings
Audit afterwards to confirm compliance
4. What new rules will we need?
With the removal of the limitations the workarounds can and should also be removed and new rules put in place to exploit the power of the new technology. These would include:
Self evidencing process - eliminate QC / gatekeeper activities
Replace local optimal rules with holistic optimal rules: dynamic check lists based on data instead of standard fixed checklists for functional sub-processes
Use a risk based approach - tailor the level of rigor to the level of risk
Consider the entire risk context - all planned changes, data stored in risk registers, HAZOPs, bow-tie assessments, and so on
The power provided by using MOC technology is its ability to manage related data and using this information to drive processes based on the entire risk profile. This allows companies to move beyond just verifying that steps are completed to actively managing risk throughout the change process. This is something that paper-based approaches could never do and what is necessary to achieve safety objectives.
