Neil Currie, Co-founder, eVision
When banks began to investigate the potential offered by the internet some twenty years ago, forward-looking experts saw how products and services could be tailored to individual customer wishes. By analyzing online behavior, they could provide advice and suggestions perfectly in line with individual clients’ needs. However, a significant number of people from the banking industry were certain this would never happen. People would be far too concerned about sharing personal information or conducting transactions online.
This assumption was soon proven wrong. What’s more, the vast uptake of social media has shown that most people don’t think twice about sharing their – often very personal – data. There is an ongoing debate about security, reliability and the measures being taken to guarantee this. The public, the press, government bodies, internet providers, financial institutions and security experts are engaged in a lively debate. Threats are publicized and measures taken are communicated and evaluated.
More than measures
How does this approach compare to industries that deal with hazardous substances? Here, stakeholders ranging from managers, employees, the press, the government, shareholders and the general population have a real need for current, reliable information on safety and the measures taken to enforce it. The government has a responsibility to protect its citizens. Companies have an obligation to protect their employees. Insurance firms and shareholders and the general public also have a keen interest in closely guarded safety measures. Consequently, you might think there would be as much debate on the topic of industrial safety as there is around online privacy, identity theft, cybercrime or hacking. Instead, the consensus seems to be that safety isn’t an issue, as long as there are sufficient protective measures in place. Most people seem to assume all is well when it comes to the safety of potentially hazardous industrial installations. But exactly which measures are in place? Just how secure are they really? How are they deployed and updated? Which technological tools and controls are used to check their effectiveness? How are the people using them trained?
Check and double check
Imagine a few dozen chemical companies and utilities placed close together, as is the case at countless industrial location worldwide. At each of these, thousands of safety-related actions are carried out every day.
Of course, in hazardous industries, safety is paramount. Procedures are in place, rules are scrupulously observed, ongoing education and dialogue are stimulated, reporting is transparent and every company actively strives towards a culture of safety. Best practices are shared and trade associations, executives and employees are aware of risks and correct procedures. However, there is often a real risk that information is not accurate and outdated documentation don’t reflect the current situation. What’s more, decisions that need to be made can be incredibly complex. One might have to weigh processes dependencies, current status of work, the consequences of delaying work and much more.
The only way to be absolutely certain nothing goes wrong is to carefully check and double-check each individual action. That’s why processes are continuously monitored, with alarms and sensors at every step. However, it is vital that we realize that although IT is closely monitored, the human intervention required to carry out maintenance is not. In a tightly regulated area such as industrial safety, even the slightest error can have far-reaching consequences. During shift handovers, somebody, at some point is guaranteed to forget to pass on important information. All too often, hazardous industries rely on informal processes and manual reporting.
In practice, a plant manager or operations manager, who is responsible for security processes, has to balance many different tasks and responsibilities around the clock. If you have to handle hundreds of work permits a day, you can’t cross-check each of them manually. Those responsible for safety have limited options in the area of software and tools that help them carry out their jobs properly. Of course, companies have huge volumes of processes documentation and guidelines. But this actually has an adverse effect. Because everything is written down, a false sense of security is created.
However strict the measures taken and the awareness of all those involved, industrial activities can never be completely free of risks. There is a huge difference between simply laying down guidelines and actively pursuing a culture of safety. The latter includes checking whether rules are followed and taking immediate action when this is not the case.
Risks need to be analyzed and mapped in the greatest possible detail and appropriate mitigation measures must be taken. However, safety management, monitoring and control shouldn’t be added as an afterthought. These elements are just as important as the measures themselves. Without the right tools and controls in place, precautions have very little practical value. Embedded software, for example, can make the difference between simply listing guidelines or actual constant monitoring and improvement.
Companies should dedicate substantial time and resources to constant evaluation and updating of safety processes as well as finding root causes and acting upon them immediately. Technology, such as Permit to Work and Control of Work software, is pivotal in supporting decision making by providing reliable access to the right information at the right time.
In addition, there must be an ongoing dialogue between all stakeholders. Not only should companies, investors and safety experts be open and transparent, the press, national and local government, special interest groups and the general public should voice their concerns and expect these to be addressed. As one hazardous industry employee put it: “Every day is another narrow escape.” In ten years, I believe we’ll look back and we wonder how this easy-going attitude to safety regulation was possible. Not unlike how the financial industry might look back at the initial concerns regarding online security.