13MATRIX OF PERMITTED OPERATIONS (MOPO)
A matrix of permitted operations (MOPO) is an information tool to assist Supervisors and Line Managers during the planning and coordination of operations and activities by providing useful information on:
-
The operation or activity operating envelope and safe operating limits.
-
Actions(s) to take if/when certain situations arise that could compromise safe operations.
The MOPO is a set of matrices that maps operational activities against foreseeable situations that if or when they arise could compromise safe operating limits – these situations are identified from:
-
The Threats and Escalation Factors identified as part of the Bow-tie assessments for severity 5 and high risk hazards.
-
An assessment of other operations and activities that could contribute to the escalation of an incident, e.g. continuing with hot work when fire pumps (a safety critical element (SCE)) are unavailable.
Circumstances that could compromise safe operations are grouped into three categories:
-
Simultaneous operations (SIMOPs), where large work parties under different management structures carry out work which results in hazards that may impact the other. e.g. removal or overhaul of equipment and/or production and/or construction and/or drilling in the same area (MOPO entitled SIMOPs MOPO)
-
External influences, e.g. extreme weather, visibility, security issues (MOPO entitled Adverse Weather MOPO)
-
Inactive safeguards; i.e. SCE unavailability or impairment, e.g. ESD systems, firefighting systems (MOPO entitled SEC Impairment MOPO).
The MOPOs shall identify and differentiate between ‘stop’ (red) conditions, i.e. operation NOT permitted and what are ‘proceed with caution’ (amber) conditions, i.e. continue following appropriate risk assessment and provide additional controls where necessary. All other activities in the MOPO that do not require further assessment or controls are denoted ‘safe to proceed’ (green).
For developing a new MOPO or reviewing and updating an existing MOPO, refer to 30.
13.1Using the MOPO
Copies of the MOPO shall be readily available in a suitable format (poster size, laminated, etc) and displayed in the control room and other operational and job planning /coordination areas.
The MOPO shall be referred to during both routine work planning and coordination and in responding to unforeseen conditions.
In event of a situation arising where the preferred option is contrary to that given in the MOPO, this shall be assessed and approved by the Delivery Team Leader and relevant discipline authority as defined in DCAF. In the event of a SCE being impacted, relevant discipline authorities shall also be consulted using the FSR process.
14.1ALARP Definition
ALARP (As Low As Reasonably Practicable) allows a proportional level of effort to be put into risk reduction once the initial level of risk has been assessed for a particular operation or process. The ALARP principle is used to determine whether risks are broadly acceptable, tolerable or intolerable via comparison against company risk criteria.
The use of the ALARP principle requires judgement to determine whether or not risk levels are as low as reasonably practicable. ALARP can be demonstrated when the sacrifice (cost, time, effort) required to reduce the risk any further, would be disproportionate to the risk reduction potentially achieved (the benefit). The term ‘sacrifice’ relates to the time, effort and/or cost of the complete implementation and future maintenance and operation of the particular risk reduction measure in question. ‘Benefit’ relates to the level of risk reduction offered by a risk reduction measure. ‘Reasonably practicable’ is the balance between the sacrifice and benefit of implementing the risk reduction measure, or suite of measures.
ALARP justification also requires demonstration that all risk reduction measures assessed as reasonably practicable have been implemented. The use of ‘reasonably practicable’ uses a goal setting approach to risk reduction rather than a prescriptive one. This is a standard approach for all high risk industries including the oil and gas industry.
ALARP demonstration can be based on a comparison of the suite of barriers and control measures that are in place, versus those expected to be seen in equivalent assets or industries. This represents ‘good practice’ and can be identified as standards for controlling risk that have been judged and recognised as satisfying a particular set of laws or regulations. In the absence of a developed regulatory system, company standards, corporate global standards, best engineering practice and engineering judgement may be used as a basis for comparison.
For ALARP to be demonstrated, all hazards and risks must have been identified as far as practicable and assessed against the PDO Risk Assessment Matrix (RAM) (Figure 2 ) and as described in Section 9. This provides a prioritised listing of hazards. As a minimum, all Major Accident Hazards (High Risk and Severity 5 hazards) shall be subjected to Bow-Tie analysis as described in Section 10. This is a qualitative approach to demonstrating ALARP using the engineering, process, Process Safety and HSE knowledge and experience of the selected workshop group.
In addition to this approach, ALARP demonstration can employ a combination of qualitative and quantitative techniques dependent on the novelty, complexity and type of process or project under assessment. The HSE Cases are assessed in line with the Framework for risk related decision support in PDO as shown in Figure 2 and the level of risk assessment performed proportional to the level of risk associated with the process or project.
Refer also to GU-648 “Guide for Applying Process Safety in Projects” [Ref. 4] and CP-117 “Project Engineering Code of Practice” [Ref. 6] for further description of ALARP requirements.
Share with your friends: |