Michel AUDIFFREN has more than 10 years of experience as a Chairman of reviews. He facilitated about tens of reviews, with duration varying from several days to many weeks, and covering a large variety of subjects and all projects phases (pre-project, FEED, EPC).Usually, AUMASEO uses specialized softwares such as HAZOP Manager, PHA-PRO for team discussions recording, but we also use our client’s specific tools as required.
AUMASEO can facilitate different types of reviews:
Check out ours References.
HAZID (HAZard IDentification) is a technique for early identification of HSE hazards. It should be applied at the very early stages of the development of a new facility. It is therefore likely the first formal HSE review for a new project. The major objectives are to early identify critical HSE hazards and thus provide essential inputs to further project development.
HAZID is the first opportunity for a project to take benefits from experienced HSE professional and other experts during a meeting. It is also a mean to compare competing designs and to modify the design when it is still easy to achieve.HAZID is also used to begin an Hazard Register.Finally, it brings recommendations for further detailed studies on critical HSE subjects, propose risk reduction barriers, etc..
HAZID is undertaken in the form of a design review of the facility by a team of multi-disciplinary experts leaded by a Chairman. The success of an HAZID mainly relies on the breadth and depth in experience of the members of the team as well as the experience and leadership of the Chairman.
The hazard identification is conducted with the support of a Check-List adapted to the facility and the study objectives.
• Prepare the review (plan, terms of reference, documents, check-list, sub-systems),
• Review the projected facility by the team (« brainstorming »),
• Prepare the report.
Discussions are recorded on a HAZID worksheet on an appropriate template and attached to the Chairman’s report.
The Hazard and Operability Study (HAZOP) was firstly developed by ICI in the 1970’s. The HAZOP is a structured and systematic technique for identifying potential hazards and operating problems in a process plant. It is performed by a multi-disciplinary team leaded by a Chairman which applies the HAZOP structured brainstorming technique. All possible deviations from normal operating conditions are examined in detail; their causes are identified and their consequences on human safety, assets and environment are assessed.
The HAZOP is used to review the current design of a new facility or an existing plant. It serves the operator as a proof that hazards for employees, third parties and the environment have been identified and assessed and that appropriate barriers are in place. The team may formulate recommendations in order to improve the safety and the operability of the facility.
HAZOP is undertaken in the form of a design review of the facility by a team of multi-disciplinary experts leaded by a Chairman. The success of an HAZOP mainly relies on the breadth and depth in experience of the members of the team as well as the experience and leadership of the Chairman. Ideally, the HAZOP team should not exceed 4 to 6 members, plus the Chairman and a Scribe.
A list of guide word is used to identify any possible deviation from normal operating conditions. To facilitate the exercise, the plant is divided into several sub-systems – also called “nodes” – to a level of detail adapted to the study objectives. Each guide word is successively associated to a process parameter to generate possible deviations. The HAZOP teams then brainstorms and identify credible deviations, their causes and potential consequences. Existing safeguards are also listed. If the safeguards are considered “unsafe”, the HAZOP team may recommend further actions to satisfy the safety and operation requirements. Risk ranking of the hazards may be performed for a better justification of the recommended actions.
Discussions are minuted on a HAZOP worksheet in an appropriate template adapted to the future use and the study objectives and attached to the Chairman’s report.
SIL assignment is an activity that occurs during the design of a Safety Instrumented System (SIS). The objective of the SIL Assignment workshop is to assign a target Safety Integrity Level (SIL) to each Safety Instrumented Function (SIF) of a process facility.
SIL can vary from SIL 0 (No safety requirements) to SIL 4. Nevertheless, SIL 4 being very difficult to achieve, if a SIL 4 is assigned to a SIF the design shall be reconsidered and new layers of protection shall be added.
The SIL assignment is required by standards such as ANSI/ISA S84.01 and IEC61508/61511.
The SIL assignment is performed by a multi-disciplinary team of designers – process, Instrumentation & Control, safety – and operators using one or several combined approved methodology, as defined in IEC61511, such as Calibrated Risk Graphs, Risk Matrix or Layer of Protection Analysis (LOPA). The team is leaded by an experienced Chairman. Basically, the methodology consists in reviewing each SIF and assessing the risk in terms of safety to people, environmental impact, and economical losses due to the failure on demand of the SIF when the hazardous event occurs and compares the risk to the Risk Tolerability Criterion. Then, a Risk Reduction factor is assigned to the SIF under study in order to meet the Risk Tolerability Criterion for each consequence category (safety, environmental, economical). Then, the target SIL corresponding to the required Risk Reduction Factor is assigned to the SIF.
Safety Integrity Level
Risk Reduction Factor
Probability of Failure on Demand(year-1)
|1||10 à 100||10-1à 10-2|
|2||100 à 1 000||10-2à 10-3|
|3||1000 à 1 0000||10-3à 10-4|
|4||10000 à 1 00000||10-4à 10-5|
The Layer of Protection Analysis (LOPA) is a simplified semi-quantitative risk assessment method for a process plant. The risk corresponding to each hazardous scenario is assessed and compared to a risk tolerability criterion in order to determine whether existing layer of protections are adequate or, if needed, new layer of protection should be added. LOPA is often used to assign an IL (Integrity Level) to a Safety Instrumented Function (SIF).
The LOPA will oblige to establish risk tolerability criteria before starting the analysis. Consequently, it will help in determining what safeguards are “just necessary” to meet the risk tolerability criteria. This will help avoid “overdesign” and addition of unrequired safeguards.
The LOPA is generally taking benefit from the results of a previous HAZOP.
The basic principles of a LOPA are the following:
• Select an hazardous event - from the HAZOP - , determine type of impacts (people safety, asset damage, environmental impact), and severity,
• Determine Target Mitigated Event Likelihood (TMEL) for each type of impact – based on Risk Tolerability Criterion-,
• List the initiating causes for the hazardous event,
• Estimate the frequency of each initiating cause,
• Identify the Independent Protection Layers (IPLs),
• Estimate the Probability of Failure on Demand (PFD) of each IPL,
• Calculate the mitigated event frequency for each cause-consequence pair,
• Sum the frequencies for each cause-consequence pair that will cause a demand on the Safety Instrumented Function (SIF) under consideration,
• Compare the total mitigated event frequency to the Target Mitigated Event Likelihood for each type of impact,
• Determine the required IL for the SIF based on the required risk reduction factor and/ or propose new IPL to meet the Risk Tolerability Criterion.
AUMASEO intervene during design and engineering studies or modifications of a facility in order to help its customers to identify, analyze and manage their process risks. In particular, we can advise on:
• Safety Concepts
• Qualitative and semi-quantitative risk analysis,
• Cause & Effect diagrams,
Check out ours References.