Upload
gersonvc25
View
214
Download
0
Embed Size (px)
Citation preview
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
1/57
Facilities Integrity
Management ProgramRecommended Practice,1st EditionMay 2013
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
2/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 2 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Notice of CopyrightCopyright 2013 Canadian Energy Pipeline Association (CEPA). All rights reserved. Canadian
Energy Pipeline Association and the CEPA logo are trademarks and/or registered trademarks ofCanadian Energy Pipeline Association. The trademarks or service marks of all other products or
services mentioned in this document are identified respectively.
Disclaimer of LiabilityThe Canadian Energy Pipeline Association (CEPA) is a voluntary, non-profit industry
association representing major Canadian transmission pipeline companies. The Facilities
Integrity Management Program Recommended Practices (hereafter referred to as the Practices)were prepared and made public in effort to improve industry performance and communication of
expectations to stakeholders.
Use of these Practices described herein is wholly voluntary. The Practices described are not to beconsidered industry standards and no representation as such is made. It is the responsibility of
each pipeline company, or other user of these Practices, to implement practices to ensure the safe
operation of assets.
While reasonable efforts have been made by CEPA to assure the accuracy and reliability of the
information contained in these Practices, CEPA makes no warranty, representation or guarantee,
express or implied, in conjunction with the publication of these Practices as to the accuracy orreliability of these Practices. CEPA expressly disclaims any liability or responsibility, whether in
contract, tort or otherwise and whether based on negligence or otherwise, for loss or damage of
any kind, whether direct or consequential, resulting from the use of these Practices. ThesePractices are set out for informational purposes only.
References to trade names or specific commercial products, commodities, services or equipment
constitutes neither an endorsement nor censure by CEPA of any specific product, commodity,service or equipment.
The CEPA Facilities Integrity Management Program Recommended Practices are intended to beconsidered as a whole, and users are cautioned to avoid the use of individual chapters without
regard for the entire Practices.
Suite 200, 505-3rdSt. SWCalgary, Alberta T2P 3E6
Tel:403.221.8777Fax: 403.221.8760
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
3/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 3 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Table of ContentsTable of Contents ....................................................................................................... 3
List of Tables ............................................................................................................. 5
List of Figures ............................................................................................................ 6
1. Definition of Terms .............................................................................................. 7
2. Introduction ........................................................................................................ 9
2.1. Importance of Terminology ............................................................................. 9
2.2. Revisions to this Recommended Practice ........................................................... 9
2.3. Background and Philosophy ........................................................................... 10
2.4. Framework .................................................................................................. 11
3. Scope .............................................................................................................. 13
3.1. Scope of Facilities and Equipment .................................................................. 13
3.2. Scope of Processes and Mechanisms .............................................................. 14
3.3. Prioritization of Equipment Types and Processes .............................................. 16
4. Corporate Policies, Goals, Objectives and Organization ........................................... 16
4.1. Policies, Goals and Objectives ........................................................................ 16
4.2. Organization ................................................................................................ 19
4.3. Performance Indicators and Targets ............................................................... 19
5. Description of Facilities ....................................................................................... 21
6. Records ............................................................................................................ 22
6.1. Facility Information ...................................................................................... 22
6.2. FIMP Information ......................................................................................... 23
7. Change Management ......................................................................................... 23
7.1. General ...................................................................................................... 23
7.2. Change Management Process Features ........................................................... 24
8. Competency and Training ................................................................................... 25
8.1. Establish Role Requirements.......................................................................... 25
8.2. Conduct Gap Analysis ................................................................................... 26
8.3. Execute Training Plan ................................................................................... 27
8.4. Undertake Follow-Up Discussion .................................................................... 27
9. Hazard Identification and Control......................................................................... 27
9.1. Choose Hazard Identification Method .............................................................. 28
9.2. Hazard Identification Exercise ........................................................................ 29
9.3. Review Potential Consequences ..................................................................... 29
9.4. Estimate Likelihood of Consequences .............................................................. 30
9.5. Conduct an Initial Assessment of Significance .................................................. 30
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
4/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 4 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
9.6. Determine Risk Assessment Needs ................................................................. 30
10. Risk Assessment ............................................................................................. 31
10.1. Risk Analysis ............................................................................................ 31
10.2. Data Availability ........................................................................................ 32
10.3. Organizational Maturity .............................................................................. 33
10.4. Goal of the Analysis .................................................................................. 33
10.5. Magnitude of the Decision .......................................................................... 33
10.6. Risk Evaluation ......................................................................................... 33
10.7. Risk Refinement ........................................................................................ 34
10.8. Risk Reduction Evaluation .......................................................................... 34
11. Options for Reducing Uncertainty, Frequency or Consequences of Incidents ........... 34
11.1. Monitoring and Inspection .......................................................................... 35
11.2. Mitigation ................................................................................................. 36
12. Planning and Executing .................................................................................... 3712.1. Plan and Execute Activities ......................................................................... 37
12.2. Evaluate .................................................................................................. 40
13. Repair ........................................................................................................... 41
13.1. Repair Identification .................................................................................. 41
13.2. Repair Execution ....................................................................................... 41
14. Continual Improvement ................................................................................... 41
14.1. Process Characteristics .............................................................................. 41
14.2. Specific Considerations .............................................................................. 42
15. Incident Investigations .................................................................................... 42A1. Illustrative Example of Equipment Classification Method....................................... 44
A2. Sample Performance Indicators ........................................................................ 50
A3. Guidance Regarding FIMP Documentation .......................................................... 52
A4. List of Hazards for Consideration ....................................................................... 54
A5. Monitoring and Inspection ................................................................................ 55
A6. Reference Documents ...................................................................................... 56
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
5/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 5 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
List of TablesTable 1: Comparison of Facility and Pipe IM Programs ................................................. 10
Table 2: Potential Basis for Initial Prioritization of FIMP Scope ....................................... 16
Table 3: Key FIMP Roles and Responsibilities for Consideration ..................................... 19Table 4: Two Types of Performance Indicators ............................................................ 20
Table 5: Considerations in Establishing Performance Targets ........................................ 21Table 6: Descriptive Parameters for FIMP Pipeline Systems .......................................... 22
Table 7: Recommendations for Data Capture for FIMP Assets ....................................... 23Table 8: Potential Triggers for Change Management Process ......................................... 24
Table 9: Minimum Features of Change Management Process ......................................... 24
Table 10: Considerations in Establishing Competency Requirements .............................. 26Table 11: Resources for Determining Training Needs ................................................... 26Table 12: Categorization of Qualification Gaps ............................................................ 26
Table 13: Mechanisms for Mitigating Qualification Gaps................................................ 27
Table 14: Objectives of Follow-Up Employee Discussion ............................................... 27Table 15: Additional Guidance for Establishing Significance of Risk ................................ 33
Table 16: Parameters for Risk Refinement .................................................................. 34
Table 17: Approaches for Managing Risk .................................................................... 35Table 18: Considerations for Selecting Monitoring & Inspection Activities ....................... 35
Table 19: Mitigation Activity Types ............................................................................ 36Table 20: Considerations for Determining Acceptable Mitigation .................................... 37
Table 21: Considerations for the Review of Current Assumptions ................................... 39Table 22: Considerations for Program Execution ......................................................... 39
Table 23: Considerations for Program Review ............................................................. 40Table 24: Considerations for Addressing Identified Anomalies ....................................... 40
Table 25: Considerations for Executing Corrective Actions ............................................ 41
Table 26: Elements of Continual Improvement Process ................................................ 41Table 27: FIMP Documentation and Reference Guideline ............................................... 52
Table 28: Sample List of Equipment Specific Considerations ......................................... 54
Table 29: Sample List of Monitoring and Inspection Goals ............................................ 55
Table 30: Industry Published Guidance Documents ...................................................... 56Table 31: Additional Guidance from Other References .................................................. 57
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
6/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 6 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
List of FiguresFigure 1: Relationship of FIMP to Existing Corporate Systems ........................................ 11
Figure 2: Facility Integrity Management Program Process .............................................. 12
Figure 3: Sample Equipment Classification High Level ................................................ 14Figure 4: Scope of Processes and Mechanisms for Consideration in FIMP ......................... 15
Figure 5: Translation of Corporate Priorities to Appropriate Integrity Activities ................. 17Figure 6: Consequence Categories for Consideration ..................................................... 18
Figure 7: Competency and Training Process ................................................................. 25Figure 8: Hazard Identification and Control Process ...................................................... 28
Figure 9: Critical Factors in Selecting a Risk Assessment Approach ................................. 32
Figure 10: Process for Planning and Executing ............................................................. 38Figure 11: Sample Equipment Classification Pipeline Breakdown .................................. 45Figure 12: Sample Equipment Classification Meter Breakdown .................................... 46
Figure 13: Sample Equipment Classification Station Breakdown .................................. 47
Figure 14: Sample Equipment Classification Storage Breakdown ................................. 48Figure 15: Sample Equipment Classification Common Systems & Facilities Breakdown ... 49
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
7/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 7 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
1. Definition of TermsThe following definitions apply in this document.
Asset: A generic reference to an arbitrary grouping ofcomponents, equipment or facilities where
groupings are usually defined based on rulesspecific to each Operating Company.
Cathodic Protection: A technique to prevent the corrosion of a metal
surface by making that surface the cathode of
an electrochemical cell.
Consequence: Describes the result of an accidental event. The
consequence is normally evaluated for human
safety, environmental impact and economicloss.
Engineering Assessment: A detailed technical analysis, as may berequired from time to time, to assess or
analyze whether a piece of equipment, orgrouping of equipment, is suitable for service in
its intended purpose or application.
Equipment:
Facilities Integrity
Management Program:
A grouping of individual components designedand assembled to serve and engineering
purpose (e.g., air compressor).
A documented program, specific to the facilities
portion of a pipeline system, that identifies the
practices used by the Operating Company to
ensure safe, environmentally responsible, andreliable service.
Facility: A grouping of individual pieces of equipmentdesigned and constructed to facilitate a larger
(engineering) process (e.g., compressor
station).
Hazard: A condition or practice with the potential to
cause an event that could result in harm to
people, the environment, the companysreputation, business or operation / integrity of
its facilities.
Integrity: Used in the context of managing pipelinesystems, a general understanding or definition
of integrity has to do with quality; that amechanical component meets or exceeds
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
8/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 8 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
design specifications for an intended purpose or
application1.
Integrity Management
Program
A documented program that specifies the
practices used by the Operating Company toensure the safe, environmentally responsible,
and reliable service of a pipeline system.2
Mitigation Activities to manage the risk exposure of aparticular pipeline system or its individual
components. Mitigation activities are broad
ranging and are specific to the context (i.e., thetype of equipment, its current state, and
operating conditions)3. Mitigation may be inthe form of threat mitigation or consequence
mitigation as discussed in Section11.
Operating Company: The individual, partnership, corporation, or
other entity that operates the pipeline system
or an individual facility.
Pipeline: Those items through which oil or gas industryfluids are conveyed, including pipe,components, and any appurtenances attached
thereto, up to and including the isolating valves
used at stations and other facilities4.
Pipeline Integrity
Management Program
A documented program, specific to pipelines,
that specifies the practices used by theOperating Company to ensure the safe,environmentally responsible, and reliable
service of a pipeline system.5
Pipeline System: Pipelines, stations, and other facilities requiredfor the measurement, processing, storage,
gathering, transportation, and distribution of oilor gas industry fluids.6
Risk: Strictly defined as the probability of an event or
occurrence multiplied by the consequence ofthat event as per Equation (1). A detaileddiscussion appears in Section10.
1Baker, H.F., Mechanical Reliability through Mechanical Integrity, Proceedings of 2011 API Inspection Summitand Expo, Galveston Texas, January 2011.2CSA Z662 Oil & Gas Pipeline Systems (CSA Z662-11)3Desjardins, G. & Sahney, R., Encyclopedic Dictionary of Pipeline Integrity, Clarion Technical Publishers, Houston,
Texas, February 2012.4CSA Z662 Oil & Gas Pipeline Systems (CSA Z662-11)5CSA Z662 Oil & Gas Pipeline Systems (CSA Z662-11)6CSA Z662 Oil & Gas Pipeline Systems (CSA Z662-11)
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
9/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 9 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Risk Assessment: The detailed study undertaken to establish the
risk associated with a specific piece of
equipment, facility or pipeline system. Adetailed discussion appears in Section10.
Service Fluid: The fluid contained, for the purpose of
transportation, in an in-service pipelinesystem7.
Station: A facility used primarily to alter the pressure in
a pipeline system, including
a) piping;b) auxiliary devices such as pumps /
compressors, driver units, controlinstruments, enclosures, ventilating
equipment, and utilities; andc) any associated buildings other than
residences.
2. Introduction
2.1. Importance of TerminologyPart of the objective of this Recommended Practice is to provideclarity and consistency regarding terminology. As such, the reader isencouraged to review Section1 of this document with particular
attention to the following terms and their usage: Facilities Integrity Management Program;
Integrity;
Integrity Management Program; Mitigation;
Pipeline Integrity Management Program;
Pipeline; and
Pipeline System.
These particular terms are important to understanding the scope and
intent of the discussions throughout this recommended practice.
2.2. Revisions to this RecommendedPractice
This Recommended Practice has been developed by CEPAs PipelineIntegrity Working Group (PIWG). It will continue to evolve as newadvances and opportunities for improvement are recognized duringits use by CEPA member companies and from periodic reviews as
deemed necessary by CEPA and/or the PIWG.
7CSA Z662 Oil & Gas Pipeline Systems (CSA Z662 latest edition)
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
10/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 10 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
2.3. Background and PhilosophyThis recommended practice provides guidelines for developing,
documenting, and implementing a Facilities Integrity ManagementProgram (FIMP) for transmission pipeline related facilities. Specificguidance is provided regarding the development of goals and
objectives, as well as supporting programs and processes, toeffectively maintain facilities integrity. This document puts forth therecommendations to be included in an Operating Companys FIMPbased on leading industry practice and building on guidelines
established in CSA Z662 Annex N.
The objective of a FIMP is to provide Operating Companies with aformalized mechanism to maintain the integrity of the managed
assets that demonstrates a commitment to protect the health andsafety of the general public, employees and the environment.
Further, the guidelines are intended to allow flexibility in thedevelopment of a FIMP and to remain relevant to the Operating
Companys context while identifying leading practices in the area. The
FIMP is not intended to duplicate any systems, processes orinformation that may already exist. Thus, this recommended practice
is structured to allow Operating Companies the ability to acknowledgeany pre-existing body of work that have been incorporated into theirrespective processes or programs.
It should be noted that an integrity management program forfacilities is, by definition, quite different from an integrity
management program (IMP) for a pipeline. These differences are
driven by the nature of the assets to be managed (scope) and theresulting objectives (program purpose) for those assets as well as
vastly differing life cycles. These key differences are identified and
summarized inTable 1.Table 1: Comparison of Facility and Pipe IM Programs
Parameter IMP FIMP
Scope Assets relatively uniform (i.e., pipeline(s)of varying grades, wall thicknesses anddiameters).
Disparate asset types.
Program Goal The safe, environmentally responsible,and reliable service of pipeline(s) byworking towards minimizing loss ofservice fluid containment.
The safe, environmentallyresponsible, and reliable service of allpipeline system facilities, exclusive ofpipelines, by striving to ensure controland containment of service fluids and
Equipment meets or exceeds designlife given its intended purpose and
actual operating conditions.
Asset Life Cycle Long lifecycle. Life cycles vary significantly and
Assets with long life cycles oftencontain numerous components withshort lifecycles.
Each Operating Company will select processes appropriate for its
situation, associated with a FIMP, and separate these from its Pipeline
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
11/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 11 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Integrity Management programs. Where relevant, existing reliability
programs and prescribed equipment management programs can be
referenced by the FIMP and may continue to exist with theappropriate linkages to FIMP processes.
More specifically, and as illustrated inFigure 1,the FIMP is intended
to encompass all of an Operating Companys facilities with theexception of the pipeline (which would be covered by a Pipeline
Integrity Management Program). However, it is fully expected thatOperating Companies would then refer to any existing programs,
processes and databases, where appropriate, within the FIMP
document. In effect, the FIMP is an umbrella document referring topre-existing material for the vast majority of facilities that may
already be managed through existing systems leaving only a limitedscope of facilities and / or equipment (if any) to be formally managed
through the FIMP process itself.
Figure 1: Relationship of FIMP to Existing Corporate Systems
2.4. FrameworkThis document builds on the framework outlined in CSA Z662
Annex N as a basis for providing guidance on developing a FIMP.Specifically, the following major elements detailed in Figure N1
(reproduced here asFigure 2)of CSA Z662 Annex N (2011 Edition)are described and discussed in the context of FIMP development:
a) Section3:FIMP Scope;
b) Section4:Corporate Policies, Objectives and Organization;c) Section5:Description of Facilities;
d) Section6:Program Records;e) Section7:Change Management;
f) Section8:Competency and Training;
g) Section9:Hazard Identification and Control;h) Section10:Risk Assessment;i) Section11:Options for Reducing Uncertainty, Frequencies and
Consequences;
j) Section12:FIMP Planning and Execution;k) Section13:Repair;
l) Section14:Continual Improvement; and
m) Section15:Incident Investigations.
FacilitiesIntegrity
ManagementProgram(
FIMP)
Incorporates existingprograms by reference
Incorporates existingprocesses by reference
Incorporates existing data /documentation by reference
Assets directly managedthrough FIMP document
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
12/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 12 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Figure 2: Facility Integrity Management Program Process8
8Adapted from CSA Z662 Oil & Gas Pipeline Systems (CSA Z662-11) Figure N1
Section 3: Integrity management program
scope
Section 4: Corporate policies, objectives,
and organization
Section 5: Description of pipeline systems
Section 6 to 8: Integrity management program records,
change management, competency and training
Identify potential hazards
Risk assessment
Section 15: Incident
Investigations
Can the hazard lead to
significant consequences?
Perform risk
assessment?
Choose to
refine risk
analysis?
Is risk
significant?
Select control
measure(s) for riskreduction
Select control
measure(s) for risk
reduction
Establish, plan, and
schedule activities
Review and evaluate
program control
methods and risk
management cycle
Implement activities Changes?
No
No
No
No
No
Yes
Yes
Yes
Yes
Yes
Section 9: Hazard
Identification and
Control
Section 11:
Options for
Reducing
Uncertainty,
Frequency or
Consequences of
Incidents
Section 10: Risk
Assessment
Section 12 & 13:
Planning, Executing &
Repair
Section 14: Continual
Improvement
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
13/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 13 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
3. ScopeFIMP documentation must clearly define the scope of facilities and equipment
(and associated processes) managed directly by the FIMP document versus the
assets managed through other systems and documents (as perFigure 1).Where equipment is managed through other systems and documents, the FIMP
should clearly refer to the relevant documentation. Additional guidanceappears in the remainder of this Section.
3.1. Scope of Facilities and EquipmentThis document uses a definition of Facilities and Equipment derived
from usage of the terms: Pipeline Systemand Pipelinein CSA Z662
(2011 Edition). That is, a Facilities Integrity Management Program(FIMP) is intended to address all components of a Pipeline System,
with the exclusion of the Pipeline itself (to be covered by a Pipeline
Integrity Management Program). Any asset types covered by new orexisting programs, that are supportive of the objectives and goals ofthe FIMP, may be incorporated into the FIMP by reference.
Further, given the nature of the FIMP and the need to address a widevariety of asset and equipment types, the Operating Company should
use a systematic and consistent classification method as a
mechanism for addressing all asset classes. The classification methodmay be based on a number of approaches one of the most commonexamples is the use of an equipment hierarchy. Such structures are
typically used in the corporate Computerized MaintenanceManagement System (CMMS). In the absence of a pre-existingclassification methodology, the systems (or function-based) approach
shown inFigure 3 could be adapted.
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
14/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 14 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Figure 3: Sample Equipment Classification High Level
Additional levels of detail for such an Equipment ClassificationHierarchy, while not exhaustive, are illustrated in AppendixA1.
Further details can be developed based on the hierarchy as needed
and appropriate for the facility.
3.2. Scope of Processes and MechanismsA FIMP shall be documented and consider the methods for collecting,integrating, and analyzing information related to the processes and
mechanisms identified inFigure 4,as appropriate for the type of
facility and the operating companys operations. The approach shouldbe consistent withFigure 2 and as holistic as possible that is,
incorporate the entire lifecycle to the extent possible. Thus, the
process is fundamentally a variant of the Plan-Do-Check-Act cycledeveloped by Deming9.
One of the key implications of adopting a life cycle approach is toensure that hazard management (as per Section9)is an inherentpart of each major stage of the pipeline system project (e.g., design,
construction, operations etc.,).
9Ronald D. Moen, R. & Norman, C.,Circling Back Clearing up myths about the Deming cycle and seeing how itkeeps evolving, Quality Progress, Published by American Society for Quality, Nov 2010.Accessed Dec 2012.
Pipeline System
Stations Meter Station
Pipeline (significantelements managed
through parallel IMP)Storage
Common Systemsand Equipment
http://asq.org/quality-progress/2010/11/basic-quality/circling-back.htmlhttp://asq.org/quality-progress/2010/11/basic-quality/circling-back.htmlhttp://asq.org/quality-progress/2010/11/basic-quality/circling-back.htmlhttp://asq.org/quality-progress/2010/11/basic-quality/circling-back.htmlhttp://asq.org/quality-progress/2010/11/basic-quality/circling-back.htmlhttp://asq.org/quality-progress/2010/11/basic-quality/circling-back.htmlhttp://asq.org/quality-progress/2010/11/basic-quality/circling-back.htmlhttp://asq.org/quality-progress/2010/11/basic-quality/circling-back.html8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
15/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 15 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Figure 4: Scope of Processes and Mechanisms for Consideration in FIMP
Plan
Optimize life cycle
cost
New technology
Integration of newfacilities intoexisting pipelinesystems
Design
Expected damage
and deteriorationmechanisms
Expected
inspectiontechniques
Materialspecification(s)
Optimize life cyclecost
MaterialPurchase
Manufacturing
imperfections(manufacturinginspections)
Material testreports
Safehandling/shippingprocedures
Receipt inspections
Storage methods
Construct
Construction /
installation defects(constructioninspection)
Commissioning
Turn-over
Operate
Expected damage
and deteriorationmechanisms
Damage incidents
Failure incidents
Conditionmonitoring
Maintenance,repair andreplacement
Operational /Asset Changes
Change operating
conditions
Change of servicefluid
Addition of newfacilities/facilitytypes
Deactivate /Reactivate
Deterioration
mechanisms
ConditionMonitoring
Decommission/ Abandon
In-situ
abandonment
Removal /reclamation
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
16/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 16 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
3.3. Prioritization of Equipment Types and
ProcessesWhile attempting to formulate the initial version of a FIMP, theOperating Company may need to prioritize certain equipment types
and processes. This initial prioritizationTable 2,can be based on anumber of approaches (or combination thereof) based on what is
most relevant for the Operating Company. Table 3 provides asuggested approach.
Table 2: Potential Basis for Initial Prioritization of FIMP Scope
Description Approach
Industry Incidents and Failures Industry experience with similar facilitiesspecifically damage incidents,failures and associated consequences.
Company Incidents and Failures Corporate experience with similar facilitiesspecifically damageincidents, failures and associated consequences.
Corporate Policies and Objectives Could vary significantly but examples include:
o Facilities critical to ensuring business continuity ando Equipment nearing end of design life (but perhaps no damage or
failure incidents).
Obviously, once the FIMP has been established, priorities will be
established based upon the process itself (specifically, the
identification of areas of significant risk as per Section10.6).
4. Corporate Policies, Goals,
Objectives and Organization4.1. Policies, Goals and Objectives
A FIMP is a key mechanism for translating corporate priorities intoappropriate activities and tasks for execution as identified inFigure 5.
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
17/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 17 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Figure 5: Translation of Corporate Priorities to Appropriate IntegrityActivities
A FIMP is a key mechanism for translating corporate priorities intoappropriate activities and tasks for execution as identified inFigure 5.
The FIMP document should contain, or appropriately referencedocuments describing relevant guiding corporate policies, values,
objectives and performance measures. It would be expected thatbroadly these would commit to operating pipeline systems in a
manner that protects the safety of the public, Operating Company
employees and protection of the environment.
Any specific facility integrity related goals and objectives would bedescribed in detail in the FIMP and be aligned with the overarching
corporate policies and objectives. Since goals and objectives are
often defined in terms of potential outcomes, guidance should extendto the different types of consequences that are to be considered and
the relative significance of those consequences (see Section 10.6).Potential consequences categories, aligned with CEPAs Integrity
First Program, are provided in Figure 6.
Facilities Integrity Management Plan
Integrity relatedpolicies
Integrity related goalsIntegrity related
objectivesIntegrity related
performance measures
Corporate priorities
Policies Values Objectives
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
18/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 18 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Figure 6: Consequence Categories for Consideration10
10Adapted fromCEPA Integrity First(Accessed December 2012)
Consequence
Categories
Safety
Public Safety EmployeeSafety
EmergencyMgmt
Preparedness
Response
Repair &Reclamation
Environment& Land
Land
Ground
Distrubance
GroundContaminatio
n
Air
Total
Emissions
Ambient AirQuality
Water
Watershed
Disruption
WaterCrossings
Water Quality
Flora & Fauna
Habitat &
MigrationDisruption
Impact toSpecies
Noise
Impact of
Operations
Socio-Economic
Land Use
Landowner
Relations
AboriginalRelations
Land Use
Agreements
Heritage Sites
Workforce
Safety Culture
Business
SystemRelaiability
Service
Disruption
CustomerService
Financial
Revenue
OperatingBudgets
CapitalExpenditure
http://www.cepa.com/about-us/cepa-integrity-firsthttp://www.cepa.com/about-us/cepa-integrity-firsthttp://www.cepa.com/about-us/cepa-integrity-firsthttp://www.cepa.com/about-us/cepa-integrity-first8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
19/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 19 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
4.2. OrganizationA critical element of successfully implementing the processes andactivities associated with a FIMP will be a clear articulation of rolesand responsibilities of Operating Company personnel for each aspect
of the program. While organizational structures will vary across
Operating Companies, the following functions typically associatedwith a management systems approach should be identified andassigned to appropriate individuals, groups or departments.
Table 3: Key FIMP Roles and Responsibilities for Consideration
Category Description
FIMP Accountability The accountable individual(s), to whom the Operating Company delegates authority, should beclearly identified:
o These functions are responsible for ensuring that appropriate human and financial resourcesare assigned to establishing, implementing, and maintaining the facility integrity managementprogram.
ProgramDevelopment andImprovement
These functions are responsible for the development of the FIMP, identification of hazards and
associated risk assessments and identification of hazard control activities as well as oversight ofthe FIMP processes.
A critical element is the identification of key roles, outside of traditional integrity groups, thatsupport FIMP.
Specifically Sections:3to5,7to11 and14.2.
RecordsManagement
These functions are responsible for ensuring that adequate records are maintained in support ofFIMP development, implementation and associated activities.
Due to the potentially large breadth and depth of these activities, this function may be dispersedacross a number of departments and groups within the Operating Company.
Specifically Section6.
Program Planning,implementation andReporting
These functions are responsible for planning and executing integrity related work along withdocumentation and analysis of results.
Specifically Sections12 through to13.
Program Audits,Reviews andEvaluations
These functions work closely with the Program Development and Improvement functions toreview, audit and assess the effectiveness of the FIMP and supporting activities.
Specifically Section14.
Communications Communications are critical through all stages of FIMP development, execution and managementof change. As such, responsibil ities for communicating, and nature of such communications,shall be established and documented for each stage of the FIMP process.
4.3. Performance Indicators and TargetsAs identified inFigure 5,a key element of successfully translating
relevant corporate direction to a FIMP is to establish performanceindicators (and associated targets). Further, the definition and
monitoring of performance indicators provides a mechanism tomonitor whether the FIMP is functioning effectively.
4.3.1. Performance IndicatorsIn general, effective performance indicators should bereliable, repeatable, consistent, comparable, and
appropriate to the intended need.
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
20/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 20 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
There are two main types of performance indicators:
Leading and Lagging. These are described in further detail
inTable 4 with examples provided in AppendixA2. Ingeneral, a well-structured approach would be comprised of
both indicator types.
Table 4: Two Types of Performance IndicatorsCategory Description
Leading Indicators Leading indicators measure the performance of a management system element orprocess, operating or maintenance procedure, control, mitigation, or evaluation inpreventing incidents or loss of integrity events. These indicators look forward and arefocused on prevention.
Lagging Indicators Lagging indicators look at performance that can be measured in relation to the past.They evaluate events that have already occurred, such as leaks, ruptures, fires, andinjuries, and the data collected as a result of these events can be utilized to preventrecurrence of similar events in the future. Lagging indicators are typically within anoperators control to collect, are relatively easy to measure, and are typically comparableto industry data.
4.3.2. Performance TargetsTargets for performance must be established against whichthe chosen performance indicators can be measured. Fromthe comparison of results against targets, trends can be
identified that can be used to modify or enhance FIMPactivities (as warranted). In establishing realisticperformance targets, a number of factors need to be
considered. These are described in further detail inTable 5.
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
21/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 21 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Table 5: Considerations in Establishing Performance Targets
Category Description
Current State of Facilities The current state of facilities (or to the extent this can be inferred), is a critical inputparameter in establishing practical performance targets. For example, it is unlikely thatpoorly maintained equipment can be expected to perform to the same level as wellmaintained equipment.
Corporate Objectives Corporate objectives are a critical input to establishing relevant performance targets inthe FIMP. For example, it is likely unrealistic to expect significant gains in a specificarea of equipment performance if underlying funding is not available.
Benchmark Data In the absence of clear performance targets, or in the situation where an OperatingCompany wishes to gauge its performance relative to its peers, industry benchmarkingmay also be considered. While this approach can be expensive and time consuming(i.e,. use of specialists in this area is warranted), it does allow the Operator a broaderperspective with respect to Corporate Performance. Data sources may include (but arenot limited too):
o API Pipeline Performance Tracking System (PPTS)for liquid pipelines and APImembers only;
o The Health Safety Executive which regulates off-shore hydrocarbon systems in theUnited Kingdom has managed a hydrocarbon release database as of October 1,1992. Thedatabaseis intended as an industry information source to support the
management of hydrocarbon releases. Direct database access may be granted ona discreet basis potentially for a fee as described in the databaseFAQ;and
o CONCAWE11The organization is an industry supported research group with ascope that has expanded to track and asses oil pipeline performance in Europe.
5. Description of FacilitiesAfter articulating the scope of equipment and facilities encompassed by the
FIMP, Operating Companies should develop and maintain a detailed inventoryof the relevant facilities and equipment falling under the FIMP. The use of asystematic and consistent classification method will provide a mechanism for
addressing all equipment types (as per Section3.1). This inventory may existin a number of forms; however, it is most likely to exist as part of a corporateComputerized Maintenance Management System (CMMS) system or its
equivalent. Further, the inventory should include, or have clearly associated
with it, appropriate descriptive parameters. Table 6 provides a suggested list ofsuch information.
11TheOil Companies' European Association for Environment, Health and Safety in Refining and Distribution
http://www.hse.gov.uk/offshore/statistics/hsr2002/section3.htmhttp://www.hse.gov.uk/offshore/statistics/hsr2002/section3.htmhttp://www.hse.gov.uk/offshore/statistics/hsr2002/section3.htmhttps://www.hse.gov.uk/hcr3/help/help_public.asp#FAQhttps://www.hse.gov.uk/hcr3/help/help_public.asp#FAQhttps://www.hse.gov.uk/hcr3/help/help_public.asp#FAQhttp://www.concawe.be/Content/Default.asp?http://www.concawe.be/Content/Default.asp?http://www.concawe.be/Content/Default.asp?http://www.concawe.be/Content/Default.asp?https://www.hse.gov.uk/hcr3/help/help_public.asp#FAQhttp://www.hse.gov.uk/offshore/statistics/hsr2002/section3.htm8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
22/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 22 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Table 6: Descriptive Parameters for FIMP Pipeline Systems
Parameter Description
Equipment type The use of a standardized hierarchy, or equipment breakdown structure (such as thatused in corporate CMMS systems) should be used.
In the absence of an internal breakdown structure, while not exhaustive, the structureoutlined in Section3.1 and AppendixA1 could be adapted to suit corporate
requirements.Function Where it is not obvious, the purpose of the equipment should be identified; similar to
equipment type, descriptions should be standardized.
Location May or may not be geospatially referenced.
Should have unique asset tags / IDs.
Dimensions / materialcharacteristics
Key parameters, specific to the type of equipment, should be captured. Examples ofthese parameters include: coating type, pressure rating, temperature rating etc.
Operating conditions Key parameters, specific to the type of equipment, should be captured. Examples ofthese parameters include: service fluid, operating pressure, temperature range,operating limits etc.
Physical surroundings /boundaries
Both manmade (e.g., buildings) and natural (e.g., sensitive habitat) risk receptorsshould be identified and considered and
Both manmade (e.g., wildlife fencing) and natural (e.g., ridge) barriers should be
identified and considered.
6. Records
6.1. Facility InformationOperating Companies shall assemble and manage records related to
facility design, material selection, purchasing, construction, operation,
and maintenance that are needed for performing the activities
included in their facilities integrity management program for theequipment included in the FIMP as outlined in Section3. For newfacilities, the process of accumulating this information should be built
into and documented in an Operating Companies projects
development practices. It is much more efficient and accurate tocompile this information while such projects are active than toundertake it after the fact.
For existing facilities, the availability of records will vary from facilityto facility and within types of equipment; items to be considered for
inclusion should include as much of the information identified in
Table 7 as possible and as appropriate for the type of facility andequipment included. Where data gaps are identified due to legacy
issues, Operating Companies should take reasonable steps to gather,reproduce/revalidate the needed records or otherwise show that ithas sufficient information to make effective FIMP related decisions.The information described inTable 7 would be considered the
minimum data set necessary to adequately support a FIMP.
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
23/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 23 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Table 7: Recommendations for Data Capture for FIMP Assets
Parameter Description / Examples
Location With respect to third party line crossings, nearby land developments (includegeotechnical assessments and environmental assessments) and other environmentalreceptors;
Terrain, soil type, backfill material, and depth of cover for any buried facility piping;
Class Location as per CSA Z662; andActivities in the area surrounding the facility that may become consequence receptors or
increase the risk of external interference.
Construction Records Physical attributes and characteristics;
Age/date of installation;
Physical location of the equipment along with orientation and configuration;
Coating type and thickness for piping;
Material of construction; and
Construction quality control documents (e.g. material test reports, NDT reports,hydrotest records).
Operating Conditions Design limits on pressure, temperature, loading, and other operating conditions vs.,actual limits;
Product corrosivity (water and debris, bacteria, chlorides, etc.);
Product (wet or dry gas, oil, condensate, water, etc.); Operating history (where available, records regarding pressure, temperature, flow rates
immediately prior to failure as well as longer timelines); and
Anomalous weather conditions.
Maintenance / testrecords
CP Monitoring for buried facilities;
Repair history;
Maintenance and inspection records; and
Pressure test records for piping and equipment (e.g. hydrotest records, valve bodyfactory tests).
Incidents Incidents and near misses related to facility integrity.
6.2. FIMP InformationIn addition to the foundational equipment information identified inSection6.1,Operating Companies should assemble and managerecords related to FIMP activities and processes outlined in this
document. Additional guidance regarding recordkeeping, with regard
to the process outlined in this document, is provided in AppendixA3.
7. Change Management
7.1. GeneralOperating Companies shall develop and implement a changemanagement process for changes that have the potential to affect theintegrity of their facilities or their ability to manage known hazards.
The triggers for such changes can be grouped into two categories and
applied as appropriate for the type of facility:
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
24/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 24 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Table 8: Potential Triggers for Change Management Process
Nature of Trigger Examples / Description
Internal The ownership of a facility;
The organization and personnel of the Operating Company;
The organization and personnel who operate and maintain the facility;
Facility equipment and control systems;
Facility operating status, such as idling, facility shutdown, or decommissioning canintroduce temporary hazards not expectedduring normal operations;
Operating conditions;
Product characteristics;
Methods, practices, and procedures related to facility integrity management; and
Program execution findings (see Section14).
External Standards and regulations related to facilities integrity management;
Other installations (e.g., power lines) that cross piping and other equipment or facilities;
Environmental factors, such as flood, fire, ground movement, if changes to the facilitymust be made to account for these factors; and
Adjacent land use and development.
7.2. Change Management Process FeaturesThe change management process shall have procedures in place to
address and document the following, as appropriate, for the type offacility:
Table 9: Minimum Features of Change Management Process
Element Description
Definition of Change The change management process should define what constitutes a change. This maytake several forms:
o Based on a specific incident, trigger (new regulation comes into force);
o Could be based on a threshold (i.e., if failure frequency of a particular piece ofequipment exceeds a predetermined value); and
o Cost or financial impact that exceeds a predetermined value.
Monitoring for Change Method of monitoring for and identifying anticipated and actual changes that affectfacility integrity.
Establishing RACI Identification of responsibilities for identifying, approving, and implementing changes.
Reason for change Reasons for changes.
Analysis The analysis carried out to identify the implications and effects of the changes.Communication Method of communication of changes to affected parties.
Close out Close-out procedures as a means for reinforcing the changes required (includingdocumentation requirements).
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
25/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 25 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
8. Competency and TrainingCompetency and training is a critical element of the FIMP Framework. As such,
a standalone scalable process for managing competency and training of those
individuals responsible for administering and carrying out FIMP related activitiesis described herein. Given that corporate performance management systems
as well as learning and development philosophies vary greatly from oneOperating Company to another, it is acknowledged that this process represents
a leading practice approach for a standalone process and that individualoperators will need to execute elements of this recommendation within the
constraints of their existing processes, initiatives and systems or develop new
practices related to competency and training in support of their FIMP. Aprocess map appears inFigure 7;details regarding the process appear below inthe remainder of this Section.
Figure 7: Competency and Training Process
8.1. Establish Role RequirementsThe first step in establishing appropriate competency for individualsinvolved with FIMP related work is to establish a clear role description.
More specifically, FIMP related tasks should be clearly identified for
each role additional detail is provided below inTable 10.
Begin Section 8.0: Competency & Training
Process
Section 8.1: Establish Role Requirements
Section 8.2 Conduct Gap Analysis
Update on
Routine Basis
Section 8.3 Establish Training Plan
Section 8.4 Undertake Follow Up
Discussion
Section 8.5: Execute Training Plan
End Section 8.0 Competency & Training
Process
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
26/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 26 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Table 10: Considerations in Establishing Competency Requirements
Competency / TrainingRequirement
Description
Basic FIMP Awareness Existing job descriptions updated for any reorganization and personnel changes.
Task Specific Training For Design, Procurement , Construction, Operations, Maintenance and Inspectionpersonnel (both company employees and contractor personnel).
Ongoing Training andDevelopment
For those responsible and accountable for elements of the FIMP.
8.2. Conduct Gap AnalysisThe gap analysis entails a cross-referencing and documentation of the
employees qualifications relative to the requirements of the currentrole as well as the expected future needs of the role in light of FIMPrequirements. In undertaking this analysis, a number of sources can
be used the primary resources are listed in the table below.
Table 11: Resources for Determining Training Needs
Source Description
Job Description Existing job descriptions updated for any reorganization, responsibility and personnelchanges.
Employee Resume Should be current and include formal education/training, experience and listing of otherrelevant skills.
Employee TrainingRecords
Internal records.
Discussion with SeniorTechnical Staff
Senior technical staff may be in a position to provide a long term perspective on FIMPrelated skills requirements and how this may affect the nature and size of staff requiredgoing forward.
Annual goals andobjectives
Existing staff performance management related documentation.
Once gaps have been identified, the items need to be categorized and
prioritized. Categorization of gaps can be based on one of twoparameters:
Table 12: Categorization of Qualification Gaps
Category Description
Current A gap identified based on the current job description where no alternative is available forperforming the given function or task and
Gap to be addressed within 12 months or less.
Development A gap identified based on the longer term Employee career goals and/or FIMP medium to longterm projected needs and
Gap does not need to be addressed within 12 months.
While the prioritization will need to be specific to each case, typically
requirements for immediate / ongoing operations should beprioritized ahead of longer term requirements. Additional factors inestablishing a prioritization include: access to alternative resources,
feasibility as well as availability of training.
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
27/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 27 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
8.3. Execute Training PlanThe Training Plan is a clear articulation of how the gaps identified in
Section8.2 will be mitigated. A number of mechanisms to addressgaps appear in the table below.
Table 13: Mechanisms for Mitigating Qualification Gaps
Mitigation Type Description
Formal training /Education
Can be comprised for formal courses delivered either by academic institutions, industryfor-profit providers or in-house staff.
Length and nature of training varies significantly and can be accessed through existingofferings or custom training solutions.
On-the-job Training Training largely accomplished through work experience.
Requires that senior technical resources are available and accessible to facilitate learning,mentoring and oversight within the context of the project.
Formal Mentoring Employee may be formally assigned a mentor for some, or al l aspects, of their role .
Nature of mentoring (access, frequency, and scope) is to be agreed in advance.
Self-directed Learning Informal learning that can be facilitated a number of ways such as reading technical books,journals and articles.
Discussions with senior technical individuals or industry experts (not in formal mentoringrelationships), attendance of works shops and conferences would also fall into thiscategory.
8.4. Undertake Follow-Up DiscussionOnce a Training Plan has been articulated, further discussionsbetween the supervisor and employee are needed. The objectives of
this discussion are described in the table below.
Table 14: Objectives of Follow-Up Employee Discussion
Objective Description
Confirmation of understanding Confirm employee understands FIMP current and future (anticipated)
needs and Review gap analysis and identify and disconnects
Discussion / agreement of path forward Review and agree that Training Plan is relevant and practical
9. Hazard Identification and ControlThe Hazard Identification and Control aspect of FIMP is a combination of asignificant number of procedures and activities. As such, a standalone scalableprocess for managing this element of FIMP execution is described herein. It is
important to note that the process(es) developed must be suitable for use at all
stages of a facilities life-cycle as described inFigure 4. Hazard Identification
and Control is not a process that is only applied during the operating life of afacility.
Given that corporate tools, practices and philosophies vary greatly, it isacknowledged that this process represents a leading practice approach for a
standalone process and that individual operators will need to execute elementsof this recommendation within the constraints of their existing processes,initiatives and systems. Thus, Operating Companies should develop a formal
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
28/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 28 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
written process to identify and address hazards that have the potential to
impact the integrity of facilities and equipment. The adequacy of any hazard
controls implemented shall be periodically reviewed. A process map appears inFigure 8;details regarding the process appear below in the remainder of this
Section.
Figure 8: Hazard Identification and Control Process
9.1. Choose Hazard Identification MethodAppropriate tools or methods shall be used to identify hazards andthreats. The tools and techniques chosen shall be suited to the typesof risks that are expected to be identified, and shall achieve thedesired level of granularity and output.
There are a wide range of hazard identification techniques describedin the literature; however, with a few exceptions (e.g., HAZOPtechniques), there is a general lack of formal guidance to support
Begin Section 9.0: Hazard Identification
Section 9.1: Choose Hazard Identification
Method
Section 9.2 Conduct Hazard Identification
Activity
Perform risk
assessment?
No
Yes
Section 9.3 Review Potential
Consequences
Section 9.4 Estimate Likelihood of
Consequences
Section 9.5: Conduct Initial Assessment of
Significance
Section 9.6: Determine Risk Assessment
Needs
Proceed to Section 11: Options for
Reducing Uncertainty, Frequency or
Consequences of Incidents
Proceed to Section 10: Risk Assessment
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
29/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 29 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
these techniques. An extensive literature review, published by the UK
Health and Safety Executive12, can be used as a starting point for
selecting an appropriate Hazard Identification Method.
The document provides extensive discussion on the topic; however, ingeneral, the document provides a review of ~40 hazard identification
methods; these techniques have been divided into four categoriesdepending on the area in which they are predominantly applied:
a)Process hazards identification;b)Hardware hazards identification;
c)Control hazards identification; and
d)Human hazards identification.
Further guidance regarding hazard identification can be found inAPI 75013as well as CSA Z66214.
9.2. Hazard Identification Exercise
9.2.1. Gather ResourcesDepending on the Hazard Identification Method chosen,significant resources may need to be gathered. These
resources may in the form of data and/or subject matter
experts (SME) as well as additional support tools andresources.
9.2.2. Conduct Hazard Identification ExerciseConduct the hazard identification activity using the chosen
tool(s). Consider typical hazards and incident history, aswell as encouraging out-of-the-box thinking to identifyhazards that may not be obvious. When identifying hazards,
consideration should be given to failure causes andassociated events as those listed in AppendixA4. This isnot an exhaustive list; however, it provides a starting point
for consideration.
It should also be noted that in some cases, sufficient information maynot be available to identify all of the relevant hazards. In these
situations, an Operating Company may choose to conduct additional
monitoring and inspection, as per Section11.1,before returning tothis activity.
9.3. Review Potential ConsequencesWhether conducted as part of the Hazard Identification Exercise (asper Section9.2)or separately, Operating Companies should also
consider the range of potential consequences they could face in light
12Glossop,M.., Ioannides, A., and Gould, J., Review of Hazard Identification Techniques, Health and SafetyLaboratory, An agency of the Health and Safety Executive, United Kingdom, HSL/2005/58, 2000.13API RP 750: Management of Process Hazards14CSA Z662 Oil & Gas Pipeline Systems (CSA Z662 latest edition)
http://www.hse.gov.uk/research/hsl_pdf/2005/hsl0558.pdfhttp://www.hse.gov.uk/research/hsl_pdf/2005/hsl0558.pdfhttp://www.hse.gov.uk/research/hsl_pdf/2005/hsl0558.pdfhttp://www.hse.gov.uk/research/hsl_pdf/2005/hsl0558.pdfhttp://www.hse.gov.uk/research/hsl_pdf/2005/hsl0558.pdfhttp://www.hse.gov.uk/research/hsl_pdf/2005/hsl0558.pdfhttp://www.hse.gov.uk/research/hsl_pdf/2005/hsl0558.pdf8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
30/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 30 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
of the identified hazards in a systematic and consistent way. The
framework for assessing consequences is expected to be Operating
Company specific; however, material provided inFigure 6 may beused as the basis for this framework. . The magnitude and
significance (as per Section10.6) of these consequences should alsobe established.
Depending on the nature of the risk analysis method(s) anticipated
(as per Section10), there may be some need at this stage toestablish a common currency for estimating the magnitude of
consequences. Facilities under a FIMP will in all likelihood be situated
at different geographical locations. Therefore in order to makereasonable comparisons between the facilities a common risk
comparator will be required. The most common basis for establishingconsequence values is in monetary terms; however, based on the
nature of the risk analysis to be undertaken (e.g., use of qualitativeor points-based relative methods), monetary valuation of
consequences may not always be appropriate.
9.4. Estimate Likelihood of ConsequencesWhether conducted as part of the Hazard Identification Exercise (asper Section9.2)or separately, Operating Companies should also
estimate the likelihood of various consequences it could face in lightof those identified in Section9.3. This can be done using historical or
probabilistic approaches depending upon the nature of the availableinformation.
9.5. Conduct an Initial Assessment of
SignificanceOnce a basic understanding of potential consequences and theirfrequencies have been established, the Operating Company will be in
a position to determine if the consequence is considered to besignificant, and document the supporting rationale, using the definedrisk criteria. This may be done using a risk ranking, consequence
ranking, or description of what the Operating Company considers to
be significant (as per the application of Sections4.1 and10.6);however the Operating Company may choose to define criteria moreconservatively for this stage of evaluation based on the uncertainty of
the assessment (availability of data, quality of data, disagreementbetween Subject Matter Experts (SMEs), etc,).
9.6. Determine Risk Assessment NeedsIf the hazard(s) is determined to not have the potential to result in asignificant consequence, a full risk assessment may not be required;however, Operating Companies shall develop a formal written process
to monitor the controls that are currently in place, and confirm they
are adequately maintained to continue managing the hazard. If aconsequence is determined to be significant, Operating Companies
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
31/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 31 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
should assess the risks associated with the hazards as noted in
Section10 of this document.
10. Risk Assessment
10.1.Risk AnalysisAfter having identified the hazards that have the potential to affect
facilities, the likelihood that these hazards will lead to a failure or
damage incident should be determined by the Operating Companythrough a risk assessment process. There are numerous literaturesources and/or consultants that can provide detailed direction
regarding the overall risk analysis process including Annex B of CSA
Z662. In general, the risk analyses considered will fall into one ofthree categories:
Qualitative risk assessment;
Semi-quantitative risk assessment; and
Quantitative risk assessment.
For the purposes of this document, recall that risk is defined as:
( ) (1)
However, risk can still be determined either qualitatively orquantitatively through a broad range of methodologies. There is a
broad range of philosophies regarding the best approach to employ
when conducting a risk assessment. The variations betweenphilosophies and methodologies can lead to significantly different
data requirements, resource needs and skills required. The nature ofthe output from different approaches also varies significantly in terms
of level of detail, confidence level and robustness of the output. Inthe final analysis, the most appropriate risk assessment method is
highly dependent on the specific situation / context that the
Operating Company is working in, but the considerations in choosingthe optimal risk assessment are consistent.
Generally speaking, due to practical considerations, the coarsest level
of detail possible, that will still fulfill output requirements, shouldunderpin the initial risk assessment. The initial assessment can then
guide the Operating Company to areas where a more refined, ordetailed, risk assessment (as per Section10.7)is warranted. For
example, an Operating Company may choose to undertake riskassessments at a facility level prior to determining which pieces ofequipment (or types of equipment) require more detailed analysis.
There are a number of industry-published documents available on riskassessment methodologies and techniques. A partial list of thesedocuments appears in Appendix0. The applicability of each
methodology will depend on the facility type, the equipment under
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
32/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 32 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
consideration as well as company policies and objectives. However,
in general, four of the most critical factors in selecting a risk
assessment method are data, organizational maturity, the goal(s) andthe magnitude of the decision associated with the risk analysis. This
is described further inFigure 9 and the remainder of this section.
Figure 9: Critical Factors in Selecting a Risk Assessment Approach
10.2.Data AvailabilityIn general, a more complex method of risk assessment, particularlyquantitative approaches, has a corresponding need for more data andhigher data quality (i.e. increased data granularity as well as a
greater volume and quality of data). There can often be a significantcost associated with gathering, validating and managing data.Careful consideration of data requirements and availability is critical
in optimizing the choice of a risk assessment method as data is
Magnitudeof decision
Organi-
sationalMaturity
Dataavailability
Goal of
decision
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
33/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 33 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
typically the limiting factor in choosing a more complex analysis
approach.
10.3.Organizational MaturityOrganizational maturity can be considered in terms of three main
dimensions: people, processes and tools. In general, more complex
risk methods require a higher employee skill level (technical skills aswell as understanding of risk based concepts at the seniormanagement level), more mature processes (e.g., for data collection
as well as use and communication of results). Additionally, greaterresources are required to undertake the analysis depending on thecomplexity of the tools used ((e.g., customized software vs. internally
developed spreadsheets).
10.4.Goal of the AnalysisThe goal of the analysis is also an important consideration. For
example, if simple prioritization of activities is the goal a qualitative
approach may suffice. However, if the intent is to integrate resultswith financial and/or corporate risk assessments, a quantifiedapproach (normalized to some comparable parameter) may be
required.
10.5.Magnitude of the DecisionGenerally the business implication of the decision (including
consideration of safety, environment, cost, etc.,) factors into howmuch effort is expended in undertaking the risk assessment. Minor orless significant decisions do not require extensive analysis. It should
be noted that even if a decision is significant, analysis should be
limited to those factors that are material to the decision in order to
optimize resources (e.g. reduce data collection).
10.6.Risk EvaluationThe Operating Company should set acceptance criteria and risktolerance that is relevant and consistent with policies, goals and
objectives identified as per Section4 of this document. The criteria
should be established by evaluating what level of risk is acceptableconsidering the range of consequences that an Operating Company
faces in light of its identified hazards.
Table 15 lists a number of sources (and associated descriptions) thatprovide varying levels of guidance regarding the evaluation of risk.
Table 15: Additional Guidance for Establishing Significance of Risk
Document Description
CSA Z662 (2011 Edition) Detailed guidance is available in Clause B.5.3.
Chemistry Industry Association of Canada Responsible CareManagement System Approach.
UK Health & Safety Executive Concept of As Low as Reasonably Practicable(ALARP).
http://www.ccpa.ca/ResponsibleCareHome/ResponsibleCareBREthicPrinciplesBR.aspxhttp://www.ccpa.ca/ResponsibleCareHome/ResponsibleCareBREthicPrinciplesBR.aspxhttp://www.hse.gov.uk/risk/theory/alarpglance.htmhttp://www.hse.gov.uk/risk/theory/alarpglance.htmhttp://www.hse.gov.uk/risk/theory/alarpglance.htmhttp://www.hse.gov.uk/risk/theory/alarpglance.htmhttp://www.ccpa.ca/ResponsibleCareHome/ResponsibleCareBREthicPrinciplesBR.aspx8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
34/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 34 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
It should also be noted that in some cases, sufficient information may
not be available to confidently undertake a risk evaluation. In these
situations, an Operating Company may choose to conduct additionalmonitoring and inspection, as per Section11.1,before returning to
this activity.
10.7.Risk RefinementUpon completion of the Risk Evaluation (detailed in Section10.6), a
risk may still be considered to be significant and it may be necessaryto refine the risk assessment in order to clearly identify the driversfor use in formulating an appropriate management strategy.
Table 16: Parameters for Risk Refinement
Document Description
Additional data collection In some cases additional data collection will allow a more rigorous orcomprehensive analysis to be undertaken.
Alternative analysis methods In some cases alternative methodologies (typically more rigorous) can beused to refine risk calculations.
Use of more detailed data In some cases, detailed data may already exist but may not have been used(due to increased time / complexity of analysis).
10.8.Risk Reduction EvaluationThe final stage of the risk analysis is to identify the appropriate risk
management method (as per Section11.2)and to undertake analysisto confirm that the selected option manages risk in an optimal
manner.
11. Options for Reducing Uncertainty,
Frequency or Consequences of
IncidentsBased on the risk assessment process, an Operating Company may identify theneed to reduce risk levels. This may be undertaken in a number of ways.Recalling Equation 1 (see Section10.1)and recognizing that:
( ) (2)
Two main approaches for managing risk become apparent: monitoring and
mitigation. This categorization, described inTable 17,provides the framework for further guidance (in this document) onhow to manage risk.
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
35/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 35 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Table 17: Approaches for Managing Risk
Category Description
Monitoring / Inspection In some situations, insufficient information regarding the equipment, or its current state,limits the ability to conduct meaningful analysis regarding the nature of the risks
associated with it. In these situations, additional data gathering through monitoring andinspections is a critical part of managing risk and can be used to reduce uncertainty.
Where an Operating Company has made a baseline assumption regarding the risklevel, additional information may result in an increase (or decrease) in the assessed risklevel.
The goal of various monitoring/inspections programs varies by equipment type andexamples of these, while not exhaustive, appear in AppendixA5.
Mitigation Mitigation can act upon two parts of the risk equation:
1) Threat Mitigation: the reduction in the probability of an event occurring by influencingthe:
o The number of threats and
o The severity of a given threat.
2) Consequence Mitigation: the reduction in the potential consequences by influencingoutcomes should an event occur.
11.1.Monitoring and InspectionIn order to facilitate the selection of appropriate inspection methods,Operating Companies should identify the types of inspection actions
that are deemed appropriate for its facilities. The methods and
procedures used to conduct inspections, testing, patrols, andmonitoring should be executed according to industry standards
(where applicable) and documented.
When the timing or frequency of inspection, testing, patrols, or
monitoring is not specified through industry practice (e.g., regulations,recommended practice etc), the methods used to determine the
timing or frequency shall be documented. Consideration shall begiven to the guiding principles identified inTable 18 for choosing themethod and frequency of facility equipment inspection.
Table 18: Considerations for Selecting Monitoring & Inspection Activities
Type Description
New Hazards Operating Companies shall ensure mitigation and repair activities do not introduce new hazards.
Regulation Some monitoring and inspection activities may be established through regulation, code orindustry guidance documents.
Technology Where indirect methods of inspection are used, consideration to supplemental inspection using
direct methods should be considered.
CorporateConsiderations
Corporate risk tolerances (such as definitions of significant as per Section10.6)may drive anOperating Company to increase the frequency of inspections and / or implement multipleinspection methods.
Types of Hazards The type of inspection chosen should be matched to the types of conditions and/or imperfectionsthat are intended to be detected and
Experience related to the rate or timing of changes in the imperfections or conditions (and theeffect of such changes on the estimate risk of failure incidents).
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
36/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 36 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Type Description
Influence of OtherFIMP RelatedDecisions
The options selected to estimate the risk level (see Section10 and Section11)and
The options selected to mitigate hazards (see Section11.2).
11.2.MitigationIn order to facilitate appropriate mitigation and repair actions,Operating Companies should review mitigative actions that aredeemed acceptable on its facilities.
Within the context of mitigation, there are three main types ofactivities than can be used for risk management: engineeringsolutions, process solutions and administrative solutions. These are
described, in conjunction with the manner in which they reduce risk,
with examples, inTable 19 below.
Table 19: Mitigation Activity Types
Type Description Threat Mitigation Examples Consequence Mitigation
ExamplesEngineering Mitigation solutions that
primarily rely ontechnology or physicallyimpacting the propertyor equipment tomanage risk
Cathodic protection design and monitoring;
Use of increased pipe and vessel wallthickness;
Regular maintenance (e.g., valve lubrication);
Increase depth of cover;
Supplemental markers on pipeline ROW;
Installation of structures or materials (e.g.,concrete slabs, steel plates, or casingsassociated with pipe);
Site selection away from potential or existingthreats;
Process and facility equipment upgrades;
Adding site security & monitoring infrastructure
Site signage upgrades; and
Emergency design and methods for site accessand egress.
Use of higher toughnessmaterials for pipe and vessels;
Install protective housings andstructures;
Improved methods for recoveryand clean-up of liquid releases;and
Use of remotely operated valvesto limit product release.
Process Mitigation solutions thatrely on how theequipment is operated(or the conditions underwhich it is operated) asthe primary mechanismto manage risk
Use of corrosion inhibitors and
Modify operating parameters (e.g., reduction ofpressure, temperature to mitigate threat ofinternal corrosion).
Reduce operating pressure.
Administrative Mitigation solutions thatdo not physically impactthe equipment or
operating conditionsrather the solution isprimarily procedural oradministrative
Training and competency development;
Modify maintenance practices (e.g.,requirements for work permits, lockout / tag-out
procedures); Improved public awareness programs;
Enhancement of procedures for pipeline systemlocation and excavation;
Implementation of quality managementsystems;
Site security and monitoring practices; and
Facility patrols and frequency.
Limit presence of personnel inhigh risk locations;
Improved emergency response
procedures; and Purchase of insurance.
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
37/57
8/9/2019 CEPA-FIMP-RP-1stEdition-2013.pdf
38/57
CEPA Facilities Integrity Management Program Recommended Practice, 1st Edition, May 2013 Page 38 of 57 2013 Canadian Energy Pipeline Association aboutpipelines.com
Figure 10: Process for Planning and Executing
12.1.1. Confirm Current AssumptionsPrior to undertaking detailed planning, the data and
assumptions used for the risk assessment should beverified to identify any significant changes or
inaccuracies. This review could include a number of
parameters, identified inTable 21,as appropriate to thesituation.
Begin Section 12.1: Plan and Execute
Activities
Section 12.1.1:Confirm Assumptions
Section 12.1.2 Confirm Monitoring,
Inspection and Mitigation Methods
Section 12.1.3 Establish Execution Plan
Section 12.1.4 Execute
Secti