Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Document Title:
Health, Safety, and Environment Code of Practice
Document ID CP-122
Security Unrestricted
Discipline MSE
Document Owner MD
Version 5.0
Copyright: This document is the property of Petroleum Development Oman, LLC. Neither the whole
nor any part of this document may be disclosed to others or reproduced, stored in a retrieval system,
and/or transmitted in any form by any means (electronic, mechanical, reprographic recording, and/or
otherwise) without prior written consent of the owner.
HEALTH, SAFETY AND ENVIRONMENT
CODE OF PRACTICE (CP-122)
PDO HSE Management System Manual
Document Authorisation
Revision History
The following is a brief summary of the four most recent revisions to this document. Details of all revisions
prior to these are held on file by the Document Custodian.
User Notes:
1. The requirements of this document are mandatory. Non-compliance shall only be authorised by a
designated authority through STEP-OUT approval as described in this document.
2. A controlled copy of the current version of this document is on PDO's live link. Before making
reference to this document, it is the user's responsibility to ensure that any hard copy, or
electronic copy, is current. For assistance, contact the Document Custodian.
3. Users are encouraged to participate in the ongoing improvement of this document by providing
constructive feedback.
Parent Document(s)
Doc. No. Document Title
PL-04 Health, Safety, and Environment Policy
The related CMF Documents can be retrieved from the Corporate Business Control Documentation
Register CMF.
Table of Contents
Document Authorisation 1
Revision History 1
0. INTRODUCTION 4
0.1 OVERVIEW 4
0.1.1 The Structure of PDO’s HSE Management System 5
0.1.2 The Background and Basis of PDO’s HSE Management System 7
0.1.3 Using this Code of Practice 7
0.2 PURPOSE AND OBJECTIVES 9
0.2.1 Purpose of PDO’s HSE Management System 9
0.2.2 Objectives of the HSE Management System Manual – Code of Practice CP-122 9
0.3 TARGET AUDIENCE AND DISTRIBUTION 10
0.4 REFERENCE DOCUMENTS 10
0.4.1 Other useful reference documents: 10
0.4.2 Feedback 11
8. REVIEW 65
9. GLOSSARY 68
0. INTRODUCTION
0.1 OVERVIEW
PDO‟s Health, Safety, and Environment Management System (HSE MS) is a structured approach to achieving our HSE goals,
objectives, and targets, and managing the HSE risks associated with our business. PDO‟s Statement of General Business
Principles (SGBP) and the PDO Code of Conduct describe how we conduct our business in terms of the fundamental
expectations and standards which we set for ourselves. Central to the SGBP is the following statement regarding HSE at PDO:
“The Company will endeavor to conduct its business in such a way as to protect
the health and safety of its employees, its contractor employees, and other
persons affected by its activities, as well as to protect the environment, minimise
pollution, and seek improvement in the efficient use of natural resources.”
Therefore, to be properly aligned, PDO‟s Health, Safety, and Environmental Protection Policy (PL 04) requires that a systematic
approach shall be applied to HSE management in order to achieve this endeavor.
PDO‟s HSE Management System provides this systematic and structured process for continual improvement in our HSE
performance. It concentrates, using eight (8) management system processes, on those areas and activities with the potential to
have the greatest impact on harm to people and the environment, to cause damage or loss to assets, to defer oil production, to
cause financial loss, and/or to adversely impact the Company‟s reputation. Continual improvement within the management
system is symbolized by the cyclical arrows and is an ongoing process within the entire HSE MS.
PDO’s HSE Management System Logo - An Ancient Form is Renewed and Improved!
From ancient times, the spiral-shelled ammonite has been one of nature‟s perfect forms and symbols. Over the years, it has also
been adopted and has proven itself to be the trusted symbol of PDO‟s HSE Management System, or “HSE MS.”
The ammonite shell has particular significance. Its shape is based on the naturally occurring Fibonacci number sequence,
continually spiraling outwards with systematic precision and accuracy.
Also, as a logo for the Company, the stylized ammonite is individual, easily recognized, and is distinctly PDO‟s. The remains of
life on earth from ancient times helped form the varied hydrocarbon resources upon which PDO depends, with ammonites and
other fossils leading geologists back to ancient rock deposits in their search for oil and gas.
The logo of PDO‟s HSE Management System is also distinctly PDO. Its colors represent each process of the Management
System. The spiraling outward of the ammonite form evokes PDO‟s quest for continual and systematic improvement in HSE
performance.
No company can operate effectively without a management system and controls in some form. A management system and its
associated controls are the structured means used to obtain reasonable assurance of achieving the Company‟s goals,
objectives, and targets (including its HSE goals, objectives, and targets). These controls should be well thought out and
designed, clear, and systematic, so as to be appropriate to the business. Without an appropriate management and business
control framework, the Company and all involved stakeholders with it may be subject to an unacceptable level of risk.
Internationally accepted standards and current
good practices have five basic processes of
business control, typically expressed in a
“Continual Improvement Model” or loop, as follows:
1. Policy
2. Planning
3. Implementation and Operation
4. Checking
5. Review.
PDO has adopted these five processes of business
control and has developed an overall business
control framework.
PDO‟s HSE Management System is an important part of PDO‟s overall business control framework, and this can be seen in
detail in CP-107, the Corporate Management Framework. Table One on the next page gives an overview of the structure,
associated documentation hierarchy, and documentation definitions of PDO‟s HSE Management System.
Table One: PDO’s Documentation Hierarchy, Definitions, and HSE Management System
HSE Asset Level Business Control
DOCUMENTATION “Key” HSE Management System
Management Documents and Records (i.e.,
HIERACHY AND DEFINITIONS Documentation (i.e., high-level hyper-
System Manual examples of key documents and
linked documents in this manual)
(CP-122) associated records)
POLICY Self Assessment Questionnaires (SAQ) inputs
A document broadly defining PDO‟s expectations PL-04 – Health, Safety, and Environmental Protection Statements of Fitness
←
and requirements. Leadership and CP-107 – Corporate Management Framework HSE Plans
Commitment Statement of General Business Principles (SGBP) Evidence of Leadership Tours, inspections,
communication activities, etc.
↕ ←
PL-04 – Health, Safety, and Environmental Protection
Policy and PL-10 – Security Policy & Emergency Response Policy HSE Legislation
Strategic CP-100 – Policy Approval HSE licenses / approvals / permits
Objectives CP-107 – Corporate Management Framework Etc.
Statement of General Business Principles (SGBP)
CODE OF PRACTICE PL-03 – Risk and Internal Control Policy
A high level document that specifies the overall PL-04 – HSE Policy
approach and procedure for performing a business PL-05 – Governance Policy
process / activity, and which states the minimum Job descriptions
PL-08 – Commercial Policy
requirements expected from employees, Organisation, PL-09 – Human Resources Policy
Minutes of committee and other meetings
contractors, and/or other relevant stakeholders. Responsibilities, Training plans
←
CP-100 – Policy Approval
Contract documents
Resources, CP-102 – Corporate Document Management
Monthly HSE reports
Standards, and CP-107 – Corporate Management Framework
↕
Competency / training records
CP-111 – Relationship With Stakeholders
Documents CP-123 – Emergency Procedures, Part I
Reports to external stakeholders
Etc.
CP-129 – Contracting and Procurement
CP-141 – Use of Concession Land by Third Parties
CP-162 – Internal Communication
PROCEDURE
A document that specifies the way a work process / Hazards and Hazards & Effects Registers
←
activity / task is to be performed, describing why Effects PL-03 – Risk and Internal Control HSE Cases
(purpose), what (scope), who (responsibility), when PL-04 – Health, Safety, and Environmental Protection Environmental Impact Assessments
Management CP-131 – Risk and Opportunity Management Integrated Impact Assessments
(frequency), how (tasks involved), and how many /
how much (specifications). (HEMP) Etc.
←
Specific Contingency Plans
The specific requirements that are mandatory – with Planning and CP-107 – Corporate Management Framework
Asset Level HSE Plans
respect to performance, implementation, CP-114 – Maintenance & Integrity Management
monitoring, and reporting. A specification can
Procedures CP-115 – Operation of Surface Product Flow Assets
Work Permit Procedure
Operational Control documents / procedures
apply to materials, products, activities, and/or CP-117 – Project Engineering
/ work instructions
services. CP-118 – Well Lifecycle Integrity
Etc.
CP-123 – Emergency Response Documents Part I
CP-126 – Personnel and Asset Security
CP-136 – Planning in PDO
→
CP-114 – Maintenance and Integrity Management procedures
Implementation CP-115 – Operate Surface Product Flow Assets Work Permit Procedure
GUIDELINES and Operation CP-117 – Project Engineering Management of Change Procedure(s)
A non-mandatory document providing CP-118 – Well Lifecycle Integrity Etc.
supplementary information about acceptable CP 123 – Emergency Response Documents, Part I
methods for implementing requirements found in CP-136 – Planning in PDO
policies, business processes, procedures, work
instructions, etc.
Audit reports
Audit follow-up Action Plans
→
PL-03 – Risk and Internal Control
Assurance: Monitoring data
PL-04 – Health, Safety, and Environmental Protection
Non-compliance report forms
Monitoring and PL-06 – Information Management and Internal
↕ Audit Communication
Corrective action plans
Incident reports
Follow-up Action Plans
RECORDS Etc.
A document containing information with respect to
→
results achieved and/or providing evidence of PL-03 – Risk and Internal Control
activities performed. (A record is an “output” PL-04 – Health, Safety, and Environmental Protection
Minutes of management review meetings
document and it typically cannot be revised or Review CP-100 – Policy Approval
Etc.
altered. Records are typically created from forms CP-107 – Corporate Management Framework
and templates). CP-123 – Emergency Response Documents Part I
This revision to the HSE Management System further advances PDO‟s continual improvement in HSE and its overall Corporate
Management Framework (CMF), a structure and Code of Practice document developed to provide clarity and direction on the
principles by which PDO manages its business. PDO‟s HSE Management System fits within the CMF. As such, the HSE
Management System is aligned and meets stakeholder aspirations and expectations in that it delivers compliance with the
following:
Omani Law: While there is no specific legal requirement for PDO to have an HSE Management System in place, Omani
Law essentially requires that many of the key processes of a Management System are in place.
PDO Business Policies: PDO‟s Business Policies communicate our intentions and expectations for achieving stated
Business Objectives. PDO‟s HSE Policy requires that a systematic approach to HSE management shall be applied.
The ISO 14001 standard for environmental management systems.
The OHSAS 18001 specification for occupational health and safety management systems.
The Center for Chemical Process Safety (CCPS - 20 Elements for Process Safety).
Shell HSSE & SP Control Framework, Version 2, 2009, Shell Group Standards for Health, Security, Safety, the Environment
& Social Performance.
PDO‟s Management System hierarchy of documents (The Corporate Management Framework [CMF], Policies, Codes of
Practice, Procedures, Specifications, Guidelines, and Records).
The ongoing and future vision for PDO‟s HSE Management System is the systematic review, with revisions as necessary,
leading to the continual improvement of measures taken to protect the health, safety, and environment of those that may be
affected by the activities of PDO. This vision is also part of PDO‟s management commitment so as to ensure the suitability,
adequacy, and effectiveness of the HSE Management System. See Table Two – ALIGNMENT OF PDO‟S HSE MANAGEMENT
SYSTEM PROCESSES WITH 1SO 14001, OHSAS 18001, CCPS PSM, and the SHELL HSSE & SP CONTROL FRAMEWORK
on the next page for details.
Language
In this document the recommendations for a course of action are made with varying degrees of emphasis and mandate. As a
rule:
'shall' / „must‟ indicates a required course of action at all times, with mandatory status within PDO, and a good practice.
'should' indicates a preferred course of action, and a best practice.
'may' / „can‟ indicates a possible, optional, and/or supplementary course of action.
In this document the collective expressions of PDO are sometimes used for convenience in contexts where reference is made to
the specific asset and/or for contractors in general. These expressions are used where no useful purpose is served by identifying
the particular asset and/or contractor(s).
Application
In general this Code of Practice is applicable to all PDO operations, assets, and facilities, employees, contractors, and other
relevant stakeholders. Should any significant deviations be made from the recommendations in this document, then users are
required to inform PDO of the nature and justification for these if it is intended that the deviations are to be permanent.
Feedback
The content of the HSE MS is not static, but a growing and improving collection of HSE expertise. Consequently, users are
invited to comment on the content to PDO and to suggest changes and additional material which they consider would be useful
for inclusion in future revisions. Please refer such comments to MSE52 using the Feedback Form on Page 11.
Table Two: ALIGNMENT OF PDO’S HSE MANAGEMENT SYSTEM PROCESSES WITH 1SO 14001,
OHSAS 18001, CCPS PSM, and the SHELL HSSE & SP CONTROL FRAMEWORK
HSE Management Shell HSSE & SP Control
System Manual / ISO 14001 : 2004 OHSAS 18001 : 2007 CCPS PSM Framework,
CP-122 Version 2, 2009
6. Process Knowledge
4.3.1 Hazard Identification, Risk
Process / Chapter 4 Management 4. Risk Management
4.3.1 Environmental Aspects Assessment, and
7. Hazards Identification and Risk (including Managing Risk
Hazards and Effects 4.4.7 Emergency Preparedness Determining Controls
Analysis and Risk Assessment Matrix
Management and Response 4.4.7 Emergency Preparedness
14. Operational Readiness [RAM])
and Response
16. Emergency Management
8. Operating Procedures
4.3.3 Objectives, Targets, and 9. Safe Work Practices 5. Planning and Procedures
Process / Chapter 5 4.3.3 Objectives and Programme(s)
Programme(s) 10. Asset Integrity and Reliability (including Emergency
4.4.6 Operational Control
Planning and 4.4.6 Operational Control
4.4.7 Emergency Preparedness
11. Contractor Management Response, Management of
Procedures 4.4.7 Emergency Preparedness 13. Management of Change Change, Permit to Work,
and Response
and Response 15. Conduct of Operations Planning and Procedures)
16. Emergency Management
6. Process Knowledge
Management
Process / Chapter 6 8. Operating Procedures
6. Implementation Monitoring and
4.4.6 Operational Control 4.4.6 Operational Control 9. Safe Work Practices
Implementation and 4.5.4 Control of Records 4.5.4 Control of Records 10. Asset Integrity and Reliability
Reporting (specifically –
Operation Implement)
11. Contractor Management
13. Management of Change
15. Conduct of Operations
1. OVERVIEW: This explains the “WHY” or purpose of the Process in the overall HSE MS.
2. REQUIREMENTS: This explains “WHAT” is required to be implemented in the HSE MS Process.
3. PROCEDURES: This explains “HOW” the HSE MS Process / activity is to be implemented or conducted.
4. REFERENCES: This explains to the reader “WHERE” to look for further implementation information in other PDO
documentation.
The HSE Management System also sets performance standards for managing health, safety, and environment, which will be
assessed and continually improved by a systematic approach to performance monitoring, audits, assessments, and reviews.
0.2.2 Objectives of the HSE Management System Manual – Code of Practice CP-122
The objectives of this HSE Management System Manual or CoP 122 are:
To inform, by providing all employees, contractors, and other relevant stakeholders with a concise, comprehensive, and
structured description of all aspects of PDO‟s HSE Management System. As such, the Manual / CoP describes the
„processes‟ for managing HSE at the corporate level, and within any Asset Team. It also acts as the main reference
framework for the various documents that make up the HSE Management System.
To illustrate the linkages between the HSE Management System and the Business Control Framework used to manage
PDO‟s Asset Teams.
To provide a high level document which systematically addresses achievement of, and alignment to PDO‟s Three HSE
Golden Rules: 1) Comply with the law, standards, and procedures; 2) Intervene in unsafe or non-compliant actions; and 3)
Respect our neighbours.
To provide a high level document which systematically addresses achievement of, and alignment to PDO‟s Life Saving Rules.
To inform and communicate PDO‟s HSE Management System to employees, contractors, and other relevant stakeholders in
a way that is interesting and easy to understand. It does this through color coding each chapter to represent each process
of the HSE Management System and matches the colors on the HSE Management System logo, as well as formatting each
chapter in a standardized way as defined above.
Contractors, suppliers, and other relevant stakeholders may also be considered as a „target audience‟ in that they may wish to
use this Manual / CoP as guidance in developing their own HSE Management Systems to meet PDO requirements.
Distribution of this document is controlled by the Document Owner, the Corporate HSE Manager. PDO‟s Electronic Document
Management System (EDMS) is used for document control.
This document shall be reviewed annually by the Document Owner. The objective of this document review is to determine the
ongoing suitability, adequacy, and effectiveness of CP-122, and to identify any needs for change, updating, and/or continual
improvement. This can be included in or as part of the PDO HSE-MS Management Review process as described in Process 8.
Shell HSSE & SP Control Framework, Version 2, (Shell Group Standards for
Shell Group Documents December 2009
Health, Security, Safety, the Environment & Social Performance)
Please refer to the individual HSE MS Process for further reference documents and their hyper-links, and/or the Glossary for
a complete listing.
0.4.2 Feedback
FEEDBACK FORM: In the spirit of continual improvement, CP-122 will be periodically reviewed and updated as necessary to
incorporate corrections and improvements identified by users. PDO would very much welcome your comments and suggestions
to assist this process.
If you would like to make any suggestions for improvement please can you send your comments on an email to MSE52,
organizing the information in a format similar to that shown below.
CP-122 Reference / Section Suggestions for Improvement
The leadership in PDO is responsible to promote, discuss, provide, and set proper HSE examples and behaviours. PDO
leaders demonstrate their commitment through various walk-the-talk activities.
Leaders / Leadership
A leader is a person who motivates a group of people towards achieving a common goal. In PDO, there are leaders at all levels
from the Managing Director to the Supervisor. Leadership is the collective function of all leaders.
HSE Culture
HSE culture is the combination of HSE systems, peoples‟ behaviours, and attitudes.
1.2 REQUIREMENTS
Leaders at all levels in PDO shall provide strong
and visible leadership by setting a personal
example to promote a culture in which all
employees and company contractors share a
commitment to HSE.
1.2.1 Visibility
Participating in HSE activities (e.g., training,
behaviour observation, commendation and
coaching schemes, industry and contractor
workshops, forums, and conferences, and
audits / assessments).
Putting HSE issues high on the agenda of the meetings they are chairing.
Participating in the review of performance against all HSE plans, goals, objectives, and/or targets.
Providing immediate and visible response and involvement in the case of an incident or any other disruption to normal
business.
Seeking internal and external views on HSE, and using and managing this knowledge in a meaningful manner.
Recognizing individual and group HSE achievements, using positive behaviour reinforcement techniques, and coaching
for correcting behaviour as necessary.
Achieving and maintaining external certification of the HSE Management System to international standards
Communicating its HSE expectations to employees and contractors via various channels and best-practice activities.
Developing annually HSE Plan(s) and by including HSE issues in strategic planning and business risk assessments.
1.3 PROCEDURES
The procedures specified in Section 1.3 for Leadership and Commitment at all levels shall be met as part of the job
accountabilities and responsibilities defined for each individual within the Corporate Management Framework, Job Descriptions,
etc.
1.4 REFERENCES
The following documents provide further / related information on Leadership and Commitment:
PDO has a set of 15 business policies including the HSE Policy (PL-04). The HSE policy is the highest level document in PDO‟s
HSE MS and is aimed at achieving the ultimate goal of zero harm to people and the environment.
It is endorsed by the MDC and approved by the Managing Director. Its content is consistent with the requirements of the PDO
Corporate Management Framework, ISO 14001 (for environmental management), OHSAS 18001 (for occupational health and
safety management), and the Center for Chemical Process Safety / CCPS (for Process Safety). It also commits PDO to comply
with all applicable Omani laws and regulations and continually strive to achieve improvement in HSE performance.
PDO‟s overall business strategy is to integrate and balance economic, health, safety (occupational and process),
environmental, and social requirements in all that we do, using risk-based approaches.
To help focus our efforts at the strategy level, PDO has developed a Statement of General Business Principles (SGBP); also,
various strategic objectives for HSE are also established, and these are reviewed and revised as required on an annual basis.
2.2 REQUIREMENTS
Senior Leadership at PDO shall define and document its
HSE policy and strategic objectives and ensure that
they:
PDO‟s HSE policy shall be produced in an easy to read format in both Arabic and English, and be approved and dated by PDO‟s
Managing Director. To be effective, all employees and company contractors should be made aware of the HSE policy‟s
existence. Its content, requirements, and intent should be formally distributed, communicated, and explained by all relevant PDO
Leadership.
Annual HSE plans and programs shall be implemented through People & Organisation, Business Processes, and Managing
Assets. The business results of these shall be analyzed and reviewed against goals, objectives, and targets, and these results
and feedback used to set future goals, objectives, and targets.
2.3 PROCEDURES
Maintain a “legal register” of all current Royal Decrees (RDs), Ministerial Decisions (MDs), and supporting Ministerial
documents relating to HSE management.
Maintain a “register of other requirements” document relating to HSE management including ISO 14001, OHSAS 18001,
CCPS, etc.
Obtain and retain on file a current official Arabic transcript of each document.
Obtain and retain on file an English translation of each document.
Identify and review proposed and actual changes in legal and other requirements, and update the Corporate HSE Manager
of these changes in legal and other requirements.
Review legal and other requirements, and incorporate these legal and other requirements into the development and
subsequent review of PDO‟s HSE MS.
Review all applications for HSE licenses, approvals, and/or permits. Where necessary, coordinate negotiating the terms
and conditions with any relevant party(ies).
Submit license, approvals, and/or permit applications to the Ministry of Environment and Climate Affairs (MECA).
Coordinate PDO‟s participation and input to Omani regulatory authorities in drafting new HSE laws and changes to existing
laws.
Develop asset level business controls that incorporate PDO‟s HSE legal and other requirements.
Develop appropriate business controls to (a) obtain all necessary HSE licenses, approvals, and/or permits. Ensure they are
cross referenced to the appropriate legal requirement, and referred to in the „Legal Register,‟ if applicable; (b) meet the
implementation and technical conditions of HSE licenses, approvals, and/or permits; and (c) ensure proactive and timely
review and renewal of HSE licenses, approvals, and/or permits.
Review and update business controls to incorporate changes in PDO‟s HSE legal and other requirements.
Retain on file a current copy of all HSE licenses, approvals, and/or permits.
The MDC endorsed corporate goals, objectives, and targets shall be communicated to the various Directorates. Each
Directorate shall then develop their own goals, objectives, and targets in line with the corporate goals, objectives, and targets,
and based on their own risk profiles. During this process, all Asset Directors / discipline level leaders, and HSE Advisors shall be
actively engaged. HSE strategic objectives as well as the corporate / directorate goals, objectives, and targets shall be reviewed
and revised, where necessary, on an annual basis.
The annual HSE goals, objectives, and targets are captured in the Annual Business Plans. The HSE strategic objectives and the
corporate goals, objectives, and targets shall be distributed, communicated, and explained to all contractors. They shall also be
distributed, communicated, and explained to other key external stakeholders.
l
2.4 REFERENCES
The following documents provide further / related information on Policy and Strategic Objectives:
3.2 REQUIREMENTS
PDO‟s organisational structures at the corporate level and at the directorate levels are available on PDO‟s intranet.
A standard represents agreement on best practice for the technology or process concerned. For example, ISO
STANDARD 14001 is an international standard that represents worldwide agreement on best practices for environmental
management. This is NOT a (technical) performance standard.
A performance standard typically imposes quantifiable limits and targets, such as "how much gas can be
PERFORMANCE
STANDARD
released into the air." Many of the Royal Decrees and Ministerial Decisions in Oman are Performance
Standards. These are often referred to as technical standards.
A management system performance standard is a statement detailing WHO, does WHAT, WHEN and/or HOW
MANAGEMENT SYSTEM
PERFORMANCE STANDARD
OFTEN. These standards define performance expectations or requirements of PDO leadership, employees,
and/or suppliers, contractors, and sub-contractors.
In addition to the above standard, PDO‟s HSE Management System also addresses other external requirements. Therefore,
PDO‟s HSE Management System:
Is aligned to and incorporates where relevant the requirements of OHSAS 18001, since this is also closely related to the
requirements of ISO 14001.
Is aligned to and incorporates where relevant the requirements of The Center for Chemical Process Safety (20 CCPS
Elements for Process Safety).
Adopts the general structure of the Shell HSSE & SP Control Framework (December 2009).
The role of PDO‟s CFDHs includes responsibilities to screen technical innovation and promote technical HSE and business
standards. The Functional Disciplines, therefore, shall be responsible for monitoring the development of industry and other
standards, and incorporating them as applicable into PDO‟s business and HSE controls, and associated documentation.
MANAGING DIRECTOR
The Managing Director shall have the ultimate accountability for the HSE function in PDO. He/She along with the other
members of the MDC shall be accountable for the HSE policy, strategy, planning, providing the necessary resources, and
management review of the HSE MS.
DIRECTORS
All directors shall be primarily responsible for reviewing and endorsing the HSE policy, strategy, planning, resource allocation,
monitoring HSE MS performance, and conducting HSE MS management reviews. In addition, Functional Directors as the line
leaders of their assets / disciplines shall be accountable for the implementation of the HSE MS in their areas of control.
3.3 PROCEDURES
HUMAN RESOURCES
TIME RESOURCES
Employees, contractors, sub-contractors, suppliers, and other
Allocating sufficient time to perform a task or activity in the “right
relevant stakeholders. Effective HSE management relies on the
way” – the healthy way, the safe way, the environmentally friendly
competence (relevant education, training, and/or experience) of
way, the quality way, and the productive way.
these people, and ultimately proactive workforce involvement.
PHYSICAL RESOURCES
FINANCIAL RESOURCES
PDO‟s assets (e.g., buildings, equipment, materials, vehicles, tools,
Allocation of necessary budget(s) for people, equipment, materials,
technology, etc.). Allocating physical resources requires
and the environment, by balancing financial cost against the
consideration of the HSE risks that arise in all of PDO‟s activities,
expected residual risk. This also relates to the „ALARP‟ concept
including the supply chain (i.e., purchasing and procurement
described in Process 4: Hazards and Effects Management (HEMP).
activities).
Sufficient resource allocation shall also be considered in managing change (MOC) and during assessments of risk controls as
part of HEMP (see Process 4 of this Manual "Hazards and Effects Management").
3.3.2 Competence
PDO shall maintain processes for ensuring that personnel performing specific HSE Critical Roles are competent on the basis of
education, training, and/or experience. The HSE competencies of all personnel holding positions with HSE Critical Roles shall
be regularly reviewed and assessed, and their personal development and training requirements shall be identified and
established. In short, PDO shall manage the fitness to work of their employees, taking into account the physical, mental, and
psychological requirements of their occupation or function.
HSE competence assurance is a process designed to provide adequate confidence to PDO‟s management and other
stakeholders that PDO employees and contractors have the competence (knowledge and skills) to carry out HSE critical tasks of
their jobs to the standards expected. PDO‟s HSE competence assurance process and procedure PR-1029 is largely based on
Shell Group Competence Assurance Standards and Guidelines. All staff holding Senior Leadership Positions, HSE Professional
Positions, HSE Critical Positions (Level 1 & Level 2), Contract Holders (CHs), and Company Site Representatives (CSRs) of high
/ medium HSE risk contracts are required to complete the HSE competence assurance process. Contractors are required to
implement and maintain a competence assurance procedure for their staff that is consistent with PDO‟s competence assurance
requirements.
PDO‟s competence assurance process is also linked with the Personal Development Plans and Performance Contracts of
Individuals through the SAPpHiRe system. For HSE Professional Positions and Level 2 HSE Critical Positions, the HSE
competence requirements are defined in their Job Competence Profiles (JCPs) in SAPpHiRe. All the Level 2 HSE Critical
Positions are flagged out in the SAPpHiRe system. For CHs and CSRs of high / medium HSE risk contracts, there are specific
HSE competence requirements in addition to the common requirements as defined in their JCPs. There are no specific JCPs for
Level 1 HSE Critical Positions. These knowledge and skill requirements depend on the type of HSE critical tasks being carried
out (e.g. driving, gas testing, welding, etc.), and are assured via other schemes and methods such as testing, discipline specific
training, and licensing as appropriate. The “on line” HSE competence assurance process through the SAPpHiRe system is
illustrated in the following diagram:
Responsibilities of the Individual: Confirm Job Requirements with Supervisor Complete Self Assessment Discuss with
Supervisor Agree Competence Gaps Agree Actions to Address Gaps.
Responsibilities of the Supervisor: Ensure Staff Complete the Process Confirm Job Requirements of Staff Review Staff
Self Assessment Conduct Open, Objective Discussion Determine Competence Level and Define Competence Gaps
Determine Actions needed to Address Gaps. (Engage an assessor if assistance needed to make objective judgment on
competence or to verify their skills.).
Responsibilities of the Assessor (where used): Provide specific assessment and judgment support, on request, to the
Supervisor.
The extent and nature of training should ensure achievement of PDO‟s HSE Policy and objectives and should meet or exceed
standards required by legislation, regulations, and/or other requirements. Appropriate records of training should be maintained
with refresher training scheduled, implemented, and recorded as required, to a defined frequency.
PDO‟s requirements for HSE training courses are defined in SP-1157 Specification for HSE Training. Training requirements for
contractors are specified in PR-1171 Contract HSE Management Procedure. Individual responsibilities with regard to HSE
training are shown in these documents.
3.3.4 Contracting
In carrying out its business activities, PDO provides a set of core services, concentrating on “what it does best,” while securing
goods (procurement) and services (contracting and sub-contracting) from the market in “what the market does best.” PDO
therefore depends on suppliers, contractors, and sub-contractors to carry out a wide variety of activities. On the downside, many
of these activities pose HSE threats and risks. On the upside, use of suppliers, contractors, and sub-contractors also provides
PDO with HSE benefits and opportunities.
Recently, the emphasis on managing supplier and contractor HSE performance has shifted from monitoring of HSE performance
after contract award, to early contract phases of tender evaluation and mobilization. However, monitoring workplace activity
during execution of the work remains a crucial part of supplier and contractor HSE management. In addition, a final check or
assessment of the contractor and work needs to be done to close out the contract appropriately. Overall, supplier, contractor,
and sub-contractor management in PDO must nowadays take this holistic “cradle-to-cradle” lifecycle approach.
PDO shall maintain procedures to ensure that its suppliers, contractors, and sub-contractors operate a management system that
is consistent with the requirements and provisions of PDO‟s own HSE MS. These procedures provide an interface between
supplier, contractor, and sub-contractor activities and with those of PDO. This is achieved by implementation of these three main
documents:
Significant aspects related to HSE in PR-1233 Commercial Procedures and Guidelines and PR-1171 Contract HSE Management
Procedure include:
Requirements for conducting an assessment of the HSE risks associated with the contract.
Procedures for selection of suppliers, contractors, and sub-contractors (including specific assessment of their HSE policy,
practices, performance, and the adequacy of their HSE Management System) in line with the risks associated with the
services to be provided.
Effective communication of the key elements of PDO‟s HSE Management System and of the standards of worker and
environmental protection expected from the supplier, contractor, and sub-contractor, including agreed HSE objectives and
performance criteria.
Sharing, by PDO and its suppliers, contractors, and sub-contractors, of relevant information which may impact on the HSE
performance of either party.
The requirement that each supplier, contractor, and sub-contractor have an effective and relevant training program, which
includes records and procedures for assessing the need for further training.
Definition of methods for monitoring and assessing supplier, contractor, and sub-contractor performance against agreed
HSE objectives and other performance criteria.
Additionally, PR-1171:
Requires the PDO Contract Holder to prepare requirements that define what the supplier, contractor, and sub-contractor
must do to minimize HSE risks. These requirements are included in standard contract documentation as Document C-9
HSE Requirements (GU-140).
Stipulates that supplier, contractor, and sub-contractor requirements for HSE management of activities conducted under a
Minor Contract are described in SP-1151 General Conditions for Minor Works and Services Contracts.
3.3.5 Procurement
The activities of PDO‟s suppliers pose certain HSE risks. Where possible, PDO seeks to influence improvement in HSE
performance in its supply chain through the application of these documents:
3.3.6 Documents
To implement and maintain an effective HSE MS, these documents shall be developed and managed throughout their lifecycle
according to the flowchart shown here.
Document management and the documents themselves should incorporate the concept of traceability, i.e., be legible, dated
(with dates of the most current revision), readily identifiable, numbered (with a version number), maintained in an orderly manner,
and retained for a specified period. Procedures should be established for document creation, maintenance, and modification,
and for their availability to employees, contractors, and other relevant parties.
INTERNAL
PDO Employees, Contractor Employees, Sub-contractor Employees, and Suppliers.
STAKEHOLDERS
Shareholders, Regulatory Authorities, The public (including Community Groups), The Media,
EXTERNAL
Industry Associations, Customers, Suppliers, Non Government Organisations (NGOs),
STAKEHOLDERS
Educational Establishments, Bankers, Financiers, Insurers, etc.
PDO maintains procedures for communicating HSE information, consistent with its HSE Policy, applicable legislation and
regulations, and other requirements. PDO, whilst protecting confidential information, makes its HSE experience available to all
employees, suppliers, contractors, sub-contractors, and any other interested stakeholders. PDO also maintains procedures for
receiving and responding to communications from employees, suppliers, contractors, sub-contractors, and/or other external
stakeholder concerning its HSE performance and management. Community awareness and consultation programs are also
maintained where appropriate, and their effectiveness monitored and improved. CP-111 Relationship with Stakeholders
describes PDO‟s overall strategy and practice on stakeholder engagement.
Importance of compliance with PDO‟s HSE Policy and objectives and their individual roles, responsibilities, and
accountabilities in achieving it.
HSE risks and hazards of their work activities and the preventive, corrective, and mitigation measures, and the emergency
response procedures that have been established.
Potential consequences of departure from agreed operating procedures and mechanisms for suggesting to management
improvements in the procedures which they and others use.
CP-162 Internal Communication describes the requirements and the procedure for communication with internal stakeholders.
Maintaining means of external communication in times of an emergency is especially important and special contingency
arrangements should be in place. Refer to Process 5 of this Manual "Planning and Procedures" for more details about
communication in the event of an emergency.
Communication with external stakeholders shall always be through or with the knowledge / consent of the External Affairs &
Communication Manager. PR-1957 Issue Identification and Management Process identifies the external stakeholder groups and
describes the scope and the method of communicating with them. This procedure is supplemented by PR-1707 Disclosure
Procedure which specifies the restrictions on public disclosure of information that could potentially affect PDO‟s reputation.
3.4 REFERENCES
The following documents provide further / related information on Organisation, Responsibilities, Resources, Standards, and
Documents.
PDO activities have the potential to harm people and the environment, to cause damage or loss to assets, to defer oil production,
to cause financial loss, and to adversely impact the Company‟s reputation. A Hazards and Effects Management Process
(HEMP) provides a structured approach to managing the hazards and potential effects of PDO‟s activities. There are numerous
techniques to carry out HEMP, and the technique chosen should be aligned to the scope of work, risk scenarios in that work, etc.
Once this is known, an appropriate technique can be chosen, such as Hazard Identification (HAZID), Hazards Analysis (HAZAN),
Hazards & Operability (HAZOP), Task Risk Assessment (TRA), Quantitative Risk Assessment (QRA), Job Safety Plan (JSP),
etc.
Effective application of HEMP involves four steps: identify, assess, control, and recover, and all steps will generate records.
These steps cover identification of the major hazards to people and the environment, assessment of the related risks, as well as
implementing measures to control these risks, and to recover in case these measures fail.
Although these steps are often described sequentially, in practice they overlap and are not always distinct. HEMP is an iterative
process, i.e., a repetitive process wherein the HEMP cycle is ongoing and dynamic because the risk picture in PDO is always
subject to change as well. HEMP is also a spoken process, ideally conducted using a team approach where everybody on the
team is encouraged to provide their input and knowledge of the threats, hazards, and risks involved, as well as the resulting
event that could occur.
This chapter:
Introduces PDO‟s Hazards and Effects Management Process (HEMP) and describes its role within PDO‟s HSE
Management System.
Describes each stage of HEMP.
Describes some commonly used HEMP tools and techniques to assist in developing and implementing each step.
Describes the general scope of each step and also provides detailed procedures for carrying out and reporting each step.
Provides additional information sources for implementing HEMP.
4.2 REQUIREMENTS
HEMP shall be conducted for new assets, facilities, and/or activities as well as regularly for existing facilities or operations
whenever major changes take place. HEMP shall cover the lifecycle of asset / facility as illustrated below:
Identification and assessment of threats, hazards, and effects that may be avoided,
Reviewing existing assets, facilities, and/or operations
reduced, and/or eliminated.
- Development and implementation of effective controls for HEMP.
Operational and maintenance stages for all assets,
- Development and implementation of effective recovery preparedness measures.
facilities, and/or operations
- Identification of new hazards particularly in non-routine operations.
The first stage in HEMP is to systematically identify the potential health, safety, and environmental threats, hazards, and effects
of your activities and operations. Threats, hazards, and effects identification is conducted at an early stage in the design and
development of new facilities, equipment, and/or processes. This permits sound HSE practices, systems, and equipment to be
'designed-in,' and allows for a wider choice of hazard prevention, risk reduction, mitigation, and recovery measures to be
employed than with existing facilities. Continual hazard identification and risk reduction is required at existing facilities to
maintain and improve HSE performance. Threats, hazards, and their consequences can be identified and assessed in a number
of ways, ranging from the simple to the complex, as shown in the order below:
This first stage in HEMP also begins the formal process of documenting and recording the HEMP process. This is an important
activity in that it creates a “risk history” for the organisation, and provides traceability when managing risk overall. This stage is
also where risk(s) can begin to be „registered,‟ whereby a Company, Asset, or local risk register is established and populated
with results of HAZID activities, for example.
All activities, products, and/or services controlled by PDO, and those influenced by PDO, such as supplier, contractor, and
sub-contractor activities.
All activities, products, and/or services carried out by all personnel having access to the workplace and facilities at the
workplace including suppliers, contractors, and sub-contractors.
Routine (frequently performed), non-routine (infrequently performed), and/or emergency operating conditions and activities.
Sometimes the categories of normal and abnormal operating conditions are also considered.
The lifecycle of an asset or activity, from the planning stage, through operation to decommissioning, and disposal and
restoration.
Checklists are a useful way of ensuring that known threats and hazards have all been
identified and assessed. However, use of checklists shouldn‟t limit the scope of the review
because checklists should be customized to the area in which they are applied, perhaps
entailing adding several categories to them. Hazard and Effects Registers are particularly
useful as well, as they capture the knowledge derived from using the checklist(s).
Knowledge and the judgment of experienced staff is invaluable for threat and hazard identification,
assessment, and control, particularly direct feedback from incidents, accidents, near misses, and Job
Safety Plans.
The second stage in HEMP is to assess the health, safety, and environmental risks of all activities, and then to rank these risks.
Once the hazards and effects have been identified, their consequences and likelihood can be assessed, evaluated, and the risk
level determined. It is important to contrast quantitative risk assessment (QRA) with qualitative risk assessment. Neither is a
“better” means of evaluating risk than the other, and either or both can be a valid means of evaluation of a particular risk.
Both methods use the same basic steps of hazard identification, consequence assessment, and exposure assessment in order
to characterize risk. The primary differences in the methods are the level of complexity in these steps, as well as the level of
experience and expertise of the personnel carrying out the assessment and a commensurate increase in the resources required
to complete the exercise. Typically, qualitative risk assessment is used 1), to determine if a quantitative assessment is required,
and 2), as a screening tool prior to the completion of a quantitative assessment.
All activities, products, and/or services controlled by PDO, and those influenced by PDO, such as supplier, contractor, and
sub-contractor activities.
All activities, products, and/or services carried out by all personnel having access to the workplace and facilities at the
workplace including suppliers, contractors, and sub-contractors.
Routine (frequently performed), non-routine (infrequently performed), and/or emergency operating conditions and activities.
Sometimes the categories of normal and abnormal operating conditions are also considered.
The lifecycle of an asset or activity, from the planning stage, through operation to decommissioning, and disposal and
restoration.
Qualitative methods are best used for risk assessments of simple facilities or operations, where the exposure of the workforce,
public, environment, and/or asset is low. Qualitative risk assessments are typically a combination of judgment, opinion, and
experience, and using structured review techniques with as much available risk information as possible.
Qualitative risk assessments should be carried out with input from those people directly involved with the risk, using a team
approach. The logic here is that those directly involved with the risk have the greatest self interest and “buy-in” to subsequently
control it.
Many structured review techniques have and use subjective or qualitative evaluation of
risk. Techniques such as simple risk assessment, task risk assessment, structured
brainstorming, and group risk assessments are useful here, and by their nature require
team approaches. Procedures or guidelines detailing how to do these techniques should
be available for risk assessment teams to refer to and use.
Risk assessments can be undertaken using experience and judgment. A team approach
is highly recommended because: 1) no one individual knows everything about the
situation being assessed; 2) the quality of risk decisions tends to be higher and more
accurate when done with a team; 3) the team approach gets involvement, especially when
involving employees and contractors who face the risk; 4) risk decisions by a team also
get higher levels of ownership, as the team also participates in determining and ultimately
implementing the risk controls they have determined as most effective.
The assessment of likelihood is shown on the horizontal axis with assessment of consequence shown on the vertical axis. Four
categories of consequence are considered at PDO: the impact on people, assets, environment, and/or reputation. Plotting
the intersection of both likelihood and consequence provides a qualitative assessment of the risk level.
When evaluating and comparing risk reduction options and where the relative effectiveness of these options is not obvious.
When the exposure of the workforce, public or strategic value of the asset is high, and risk reduction measures are to be
evaluated
When novel technology is involved resulting in a perceived high level of risk for which no historical data is available
When a demonstration that risks are being managed to a level which is as low as reasonably practicable (ALARP) is
required.
The application of QRA need not be limited to large, complex and expensive studies, however. It is a technique that can be
applied quickly and inexpensively to help structure the solution to problems for which the solution is not intuitively obvious.
Only staff with adequate training and experience should undertake QRA, although it is critical that personnel familiar with the
operation or facility are involved in the study. QRA often involves the use of specialized software.
QRA provides a structured approach to assessing risk, whether the risks are human, hardware /
software failure, environmental events, and/or combinations of failures and events.
QRA identifies high-risk areas, assists in efficient and effective risk management, and helps
demonstrate that risks are being managed to a level deemed ALARP. Refer to SP 1258 –
Quantitative Risk Assessment for further details on QRA.
All activities, products, and/or services controlled by PDO, and those influenced by PDO, such as supplier, contractor,
and sub-contractor activities.
The activities, products, and/or services carried out by all personnel having access to the workplace and facilities at the
workplace including suppliers, contractors, and/or sub-contractors.
Routine (frequently performed), non-routine (infrequently performed), and/or emergency operating conditions and
activities. Sometimes the categories of normal and abnormal operating conditions are also considered.
The lifecycle of an asset or activity, from the planning stage, through operation to decommissioning, and disposal and
restoration.
Risk controls should include prevention, mitigation, and recovery measures. The following table illustrates the difference among
these various types of controls:
Development of risk controls should consider the “PDO Hierarchy of Risk Controls” as described below.
Depending on what the threat and/or hazard is, the same control may be used to prevent, mitigate, and/or recover from a
threatening and/or hazardous event. For example, all measures ranging from the first steps in mitigation through to
reinstatement of the operation assist in preparing for recovery.
An important outcome of HEMP is identifying the HSE risks arising from PDO operations that are classified as “high,”
prioritizing these, and identifying the actions that must be taken to manage them. These actions are defined as HSE
Critical Activities and are a focus of PDO‟s HSE Management System.
For low risks, there is usually no formal need to demonstrate ALARP; the risks are already low.
For medium risks, sometimes there is a need to demonstrate ALARP by determining and incorporating risk reduction
measures. This can be a leadership decision as to what types of controls are required for the various HSE risks that are
faced.
High risks require some type of immediate risk reduction plan or measures so as to proceed with the work or activity. In
some cases if an immediate risk reduction solution cannot be found and applied, the task or activity may not be allowed to
proceed.
Management ultimately decides whether ALARP is achieved, on a case by case basis, for each particular risk.
For each particular risk, ALARP can only be determined by comparing a number of risk control options or strategies.
If risk is not controlled in a manner that meets applicable standards (e.g., Omani Law, industry codes of practice, PDO
Specifications, international standards, and/or other stakeholder concerns / expectations), ALARP has not been achieved.
ALARP has not been achieved if risk can be appreciably reduced further for only a small incremental cost or investment.
There are several quantitative and qualitative tools that may be used to assist in determining and demonstrating that risks
are managed to ALARP levels, e.g. the Risk Assessment Matrix, QRA, HAZID, HAZOP, Task Risk Analysis, Cost Benefit
Analysis (CBA), etc.
Part of the ALARP demonstration process will involve assessing and evaluating the magnitude of the risk reduction that can be
provided by a proposed option. Along with the benefit, the technical feasibility, cost and effort of the proposed risk reduction
option should also be assessed as part of CBA. For more information about ALARP, see GU-655 Demonstrating ALARP.
The quantified risk reduction considered within the scope of a QRA study, for example, should be limited to options that can be
reasonably evaluated by QRA. These are broadly inherent safety options, but may also include some engineered and
procedural controls. As many of the risk reduction options would involve changes to the process design, facility layout,
safeguarding, or operations philosophy, the brainstorming of QRA risk reduction options should involve a multi-disciplinary team.
Identified options should be ranked on quantitative risk reduction against cost and effort of implementing. The residual risk or the
benefits gained from risk reduction initiatives, once risk reduction initiatives are approved and implemented, should also be
determined by the team.
As a guide to deciding whether risk is managed to ALARP, the following statements can be made about the example above:
Option 1 is not ALARP as the risk is not yet controlled to applicable standards.
Options 2 and 3 may be ALARP. However, if for only a small incremental investment, the risk level could be further reduced
as in Option 4, Option 4 would then be ALARP.
Options 5 and 6 may not be ALARP as the reduction in risk may not be justified by the additional investments required for
control.
Where the residual risks remain at high levels, PDO senior leadership should consider if and what strategic activities are required
to further lower the risk levels during their management review processes. This is applying the concept of continual improvement
to the overall HEMP process and the organisation‟s overall Risk Profile.
The terms „risk acceptance‟ and „risk appetite‟ require consideration as well. Risk acceptance refers to a set of criteria defining
the limits above which risks cannot be tolerated. Risk appetite refers to the positive benefits of exploiting a business opportunity
associated with the risks. These two concepts together should be balanced against one another and against the cost of
managing the exposure. Some other key points regarding residual risk with respect to the managing risk process:
Residual risk, initially, is a prediction by the assessment team of the risk that will remain, assuming the recommended risk
control(s) are implemented. At this stage it is not yet tested or proven.
Risk controls, once their implementation has begun, must be verified in the field at the point of control as to whether the
targeted residual risk level has been achieved or not. At this stage, the key question becomes, “Have the implemented risk
controls brought the risk down to the predicted level?” This is a key part of risk monitoring.
Once determined, the original risk assessment documentation has to be reviewed and changed as necessary. For
example, if the original determination was that a high risk could be brought down to a low risk, but field verifications and the
evidence shows the risk level to be actually a medium residual risk, then the risk register and other associated risk
documentation must be changed and updated accordingly.
The fourth and final stage in HEMP is to ensure the necessary steps are planned to be able to recover from the release of a
hazard, should the controls that have been put in place fail to prevent its release. Recovery from the consequences of the
release of a hazard requires careful planning. Even with a comprehensive range of controls in place to prevent the release of
hazards and/or their effects, things can still go wrong.
Should the controls fail to prevent or avoid the release of a hazard then some kind of counter measures are required to limit
the number and severity of the consequences of the hazardous event or effect. These counter measures are aimed at
mitigating the consequences of the hazard and aid in reinstatement of the normal operation or activity.
Recovery measures can reduce the likelihood or probability that the first hazardous event will develop into further consequences
and provide life saving capabilities should the „top event‟ escalate further. To assist with recovery, it is important that all
personnel are fully briefed and drilled as to the response measures planned, including evacuation and restoration procedures.
For major incidents, this may include also crisis management and business continuity planning.
All activities, products, and/or services controlled by PDO, and those influenced by PDO, such as supplier, contractor, and
sub-contractor activities.
The activities, products, and/or services carried out by all personnel having access to the workplace and facilities at the
workplace including suppliers, contractors, and/or sub-contractors.
Routine (frequently performed), non-routine (infrequently performed), and/or emergency operating conditions and activities.
Sometimes the categories of normal and abnormal operating conditions are also considered.
The lifecycle of an asset or activity, from the planning stage, through operation to decommissioning, and disposal and
restoration.
In developing recovery measures, consider and include both active (e.g., emergency shutdown procedures, automatic blowdown
systems, alarms, fire protection) and passive emergency preparedness and response arrangements (e.g. emergency response
call out and duty rosters) for both operational and contingency planning (abnormal situations and potential emergencies). Refer
to Chapter 5 of this Manual “Planning and Procedures” for more details about emergency preparedness and response.
For effective recovery procedures it is important that each recovery measure be accompanied by formal documentation. For
instance, each action that should be taken in the event that a control fails shall be documented. In addition, the persons
responsible and/or accountable for establishing, maintaining, implementing, and reviewing each associated procedure shall be
defined and competent.
Effective recovery procedures also require testing and review. For instance, all procedures for recovery from high risk and
emergency scenarios shall be in place and subject to testing and defined review periods. In between the defined review periods,
recovery procedures should be reviewed, and possibly updated, for the following situation:
Performance against all recovery procedures should be recorded and formally reviewed periodically. Such performance may be
linked to Company, Asset, and/or local goals, objectives, and/or targets. Parties responsible and accountable for implementing
recovery procedures shall be competent to do so and clearly understand their roles, responsibilities, and accountabilities.
Experienced personnel can construct a bow tie diagram as part of a hazard analysis
(HAZAN) and use this to consider the chain of events resulting from a top event and the
recovery measures required to reduce the probability and effect of each consequence.
Knowledge of experienced personnel is invaluable for hazard identification and analysis /
assessment, particularly coming from direct feedback from incidents, accidents, near
misses, and/or hazards.
Procedures for recovery from high risk and emergency scenarios should be in place and
subject to drills, testing, and review. Creating simple checklists and/or Work Instructions,
based on procedures, clarify and expedite response in real emergency situations.
All control and recovery procedures should be established, included, and recorded in the HSE
Management System, an HSE Case, MOPO, and/or Job Safety Plans with recovery actions that should
be taken in the event a control fails being documented.
Once the Hazards and Effects Register is completed it is possible to complete a Manual of
Permitted Operations (MOPO) which defines:
The level and number of barriers put in place initially and the recovery measures to be put in place.
The limit of safe operation if the barriers and/or recovery measures are reduced, removed,
bypassed, and/or purposefully defeated.
The limit of safe operation permitted during periods of escalated risk in likelihood, consequences,
or both.
Which activities may or may not be carried out concurrently, often referred to „Simultaneous
Operations.‟
Hazards and effects information gained from the Hazards and Effects Register and a MOPO is now
incorporated into the HSE Case. The HSE Case must demonstrate that:
All threats, hazards, and effects have been identified.
The likelihood and consequences of a hazardous event have been assessed.
Controls to manage potential causes (threat barriers) are in place.
Recovery / emergency preparedness measures to mitigate potential consequences have been taken.
4.8 REFERENCES
The following documents provide further / related information on the Hazards and Effects Management Process (HEMP):
Shell HSSE & SP Control Framework, Version 2, (Shell Group Standards for
Shell Group Documents December 2009
Health, Security, Safety, the Environment & Social Performance)
Environmental Management Systems –Specification with Guidance for Use ISO 14001:2004
Other Documents Occupational Health and Safety Assessment Series OHSAS 18001:2007
The Center for Chemical Process Safety (CCPS - www.aiche.org/ccps) CCPS 2010
An important outcome of HEMP is identifying the key activities that must be controlled if PDO is to adequately manage HSE risks
and planning for them. Procedures and work instructions should be established to manage these activities. These procedures
should also address risk control requirements generated from the HEMP process. A Permit to Work system should be
implemented to control work in areas where the area and/or the work itself is deemed to be hazardous and the associated risk
level requires special precautions to be taken.
This Chapter covers PDO‟s use of plans and procedures to achieve our HSE goals, objectives, and targets including:
Background information on the HSE planning process (including Corporate and Asset Level HSE Plans, goals, objectives,
and targets).
General information regarding planning and procedures for controlling PDO‟s implementation and operations. More detailed
information is covered in Process 6, Implementation and Operation with respect to day-to-day implementation of plans and
procedures.
General information on emergency response and contingency planning, with links to the detailed documentation.
5.2 REQUIREMENTS
PDO‟s planning process is the process by which corporate goals, objectives, and targets are agreed and then converted into
plans and ultimately into budgeted activities, and is described in CP 136 Planning in PDO. This document also describes PDO‟s
Annual Planning Cycle. The purpose of PDO‟s Annual Planning Cycle is to provide a planning framework for the Company to
review, plan, and submit performance results, future strategies, and investment opportunities to the Company‟s shareholders and
other relevant stakeholders. The main components of this planning framework are to:
Analyze and report performance from the previous year (including HSE).
Inventory corporate hydrocarbon resources.
Define and confirm the Company‟s long term aspirations and outline and agree with the shareholders the Corporate
Strategies and Objectives to be set for the following year (including HSE).
Prepare a five year plan of activities comprising investment projects, technology projects, and business improvement
activities which will allow PDO to meet the Corporate Objectives (including HSE), maximizing the long term value of the
business and short term return to shareholders.
Obtain shareholder approval for the programmed activities along with the requisite budgets.
Cascade annual performance goals, objectives, and targets from the Corporate Plan to the teams within PDO (including
HSE and Technical Integrity), and other relevant stakeholders, such as shareholders.
CP-136 Planning in PDO also describes how annual plans cascade through business planning (including HSE planning) and
budget preparation, to integrated activity plans (i.e., 90 day and 14 day plans) and production forecasting.
“SMART” – Specific, Measureable, Attainable, Realistic, and Trackable / Time-bound, wherever practicable.
Clearly and unambiguously documented.
Communicated to all employees and contractors.
Reviewed regularly to ensure their continuing suitability, adequacy, and effectiveness.
A mechanism for motivating and delivering continual improvement in HSE performance.
The Corporate HSE Plan establishes Company-wide performance indicators and annual targets. It also includes a list of action
items to be completed. This Action Plan sets completion target dates and defines action parties.
Emergency response is an important part of PDO‟s HSE Management System. Although every effort is made to ensure that
incidents do not occur, the potential for hazardous events and emergency situations still exists. It is PDO‟s responsibility to
ensure that plans, procedures, and resources are in place to respond swiftly and efficiently to any emergency situation and to
minimize any consequential losses. Anybody who witnesses an emergency incident must immediately raise the PDO
emergency response organisation by calling 5555. Once called, further guidance will be given as necessary on how to manage
the emergency situation by the emergency management center.
Refer to CP 123 Emergency Response Part I and PR 1065 Emergency Response Documents Part II – Company Procedure for
more details about PDO‟s emergency response procedures.
CONTINGENCY PLANNING
A number of assets and activities have been identified as requiring individual emergency response Contingency Plans. These
contain descriptions of high-risk emergency scenarios and plans for how to manage them. Refer to Emergency Response
Documents Part III – Contingency Plans for more details about individual PDO Contingency Plans.
5.3 PROCEDURES
All HSE Critical Activities and their supporting tasks should have written procedures and/or work instructions in place. If these
are to be effective, they should be simple, unambiguous, understandable, relevant, and detailing clear roles and responsibilities.
More detail regarding their actual implementation is found in PDO HSE-MS Process 6 – Implementation and Operation.
In addition to controlling activities and tasks, it is important that procedures include measures aimed at improving HSE
performance or managing HSE risk. It is also important to consider how work instructions are communicated to the workforce
ahead of job execution (e.g., through Permit to Work Systems).
All written procedures should be stated simply, unambiguously, and understandably, and should indicate the persons responsible
and accountable (i.e., use of RASCI), the methods to be used and, where appropriate, performance standards, and other
relevant criteria to be satisfied.
Procedures are also required for procurement and contracted activities, to ensure that suppliers, contractors, and those acting on
the company's behalf comply with the company's policy requirements that relate to them.
It is important to ensure that those who will be responsible and/or accountable for putting procedures and written instructions into
effect are closely involved in their creation, implementation, monitoring, and review with the active engagement of affected
stakeholders. Clarity and simplicity of style and language are the characteristics to aim for in writing them, consistent with
accurate coverage of the activities which they address. For example, effective procedures and work instructions contain several
important features:
This is included to increase motivation and understanding, and thereby retention and
1. Start with a statement of conformance. In other words, explain why the worker should comply with the
purpose and task importance. standard practice. Relate it to the worker‟s own welfare. Build a bit of pride and safe
behaviour into the document.
Define “HOW” to proceed. It is best to embed and reinforce in the relevant steps the
2. Present the task in a step-by-
most important HSE-related rules. Keep these as short and simple as possible; give
step approach.
the reasons for the rules and focus on the critical few.
Rather than a long list of “don‟ts,” highlight the things that the person can do to ensure
3. Express what to do positively. efficient, safe, and productive results. Keep the “thou shalt nots” to a minimum.
Emphasize the positives.
They answer the question “why?” As such, they also point out the most probable
4. Explain the reasons for the
sources of problems for the specific task, the things to which special HSE attention
steps.
should be paid.
5. Print / publish in a simple and Since procedures are primarily teaching and learning tools, they must be clear,
functional format. concise, correct, and complete.
Determine periodical review frequencies for task procedures to ensure continual
6. Ensure review and feedback. improvement. Ensure feedback of both commendation and correction is
communicated to all relevant parties.
Sentence structure: Avoid compound and run-on sentences. Comprehension is usually hindered by long sentence
structure.
Use of words: Avoid using words and language that the average reader may not be familiar with. Don't try to impress
people with the use of unnecessary tri-syllable words. Try to avoid using words that make suggestions appear to be edicts.
Use words like “I, You, We, They,” as little as possible and seek to avoid repetitious use of words. The author should
always reread the entire document before having it issued to detect overused words as well as errors that may have been
unintentionally made.
Sequence of suggestions: The author should attempt to present and layout the document in a logical way which will
facilitate their implementation. Use of standard PDO templates facilitates this process, and these can be accessed in the
PDO CMF.
Providing instruction on the conduct of worksite tasks can take many forms, depending on the complexity of the task, the
competence of the people performing it, the inherent hazards and risks associated with it, and the effects that it might have on
other aspects of the operation or facility.
Thus, verbal instructions will need to be supported with, or replaced by, written procedures or work instructions wherever the
absence of written material could threaten proper HSE performance. Written work instructions will outline the work scope and
reference any particular direction that is to be followed; similar considerations to those for system procedures also apply to their
development. Monitoring and other HSE requirements, such as applicable rules and personal protective equipment, can be
specified in these documents as well.
For example, in a production facility where hydrocarbons are stored and/or produced, stringent controls are required and most
work is conducted under a 'Permit-to-Work' system. Within this, the work is defined, the precautions specified, other parties
whose activities may be affected are notified, and the permit signed off properly by all parties involved. However, supplementary
documentation is also often required in the form of job safety / hazard analyses, procedures, and/or work instructions for the
task(s) itself.
The activities which can be described as 'HSE Critical' must have procedures and/or work instructions. An HSE Critical activity is
any activity that is undertaken to provide or maintain controls for RAM 3+ consequences. For more information on the PDO
RAM, see PR-1418.
In situations such as projects and/or major contracts where PDO is the overall accountable party, HSE Critical activities will also
be identified as such areas where documented procedures are particularly necessary (as opposed to an absence of documented
procedures) in order to cover interfaces between different groups or disciplines and where coordination is vital to achieve
successful HSE outcomes. This often requires the use of a „bridging document.‟
For example, one or more parties may be using their existing procedures, either from PDO or the Contractor‟s organisation to
carry out a work activity, yet these procedures do not completely cover the identified risks and contingencies in the work activity.
In such a case, another document is often required to „bridge‟ the gaps so as to cover what is needed to be done to completely
cover all risks and contingencies in the work activity. In addition to the points made above, procedures and/or work instructions
should be:
Subject to a regular and formalized system of review, update, approval, and re-issue.
Dated and traceable to the activity involved.
Identified with a custodian.
Accessible to all relevant personnel (not just physically evident but user-friendly and well indexed, either in soft- or
hardcopy).
Service Level Agreements (SLA) specify the nature, scope, roles, responsibilities, and accountabilities for the essential services
to be provided by and for each party under the SLA. These also define the boundaries of operational control for each party /
Asset Director.
Contract Holders are accountable for specifying the applicable procedures and work instructions for Contractor activities, and for
ensuring that they are complied with. Refer to PR 1171 Contract HSE Management for details about controlling and monitoring
Contractor activities.
Operational control documents (written procedures, work instructions, and/or specifications) within PDO are generally authored
along Functional lines. When authored, the various roles, responsibilities, and accountabilities should also be clearly stated in
the document, with use of the RASCI approach to ensure clarity. It is the accountability of individual Asset Directors to
implement these documents within their Directorate Teams.
5.3.4 DCAF
To further assist and improve planning processes, PDO also implements the Discipline Controls and Assurance Framework, or
„DCAF.” This framework helps to standardize Quality Control (QC) and Quality Assurance (QA) across all disciplines. Both
Controls and Assurance are covered in DCAF and its associated documentation. DCAF consists of three elements:
DCAF provides clarity; which decisions and deliverables must be quality controlled / assured and who is authorized to do so. It
recognizes both the „Line of Sight‟ and the „Matrix‟ as sign-off occurs in the line of the Business, while Disciplines are responsible
for providing standards and authorized and expert staff. In PDO, the Disciplines set the standards; DCAF does not. More
access to DCAF can be found in the following link: http://sww.shell.com/ep/dcaf
The purpose of Management of Change in PDO is to manage the HSE risks resulting from unforeseen consequences of
changes. This applies to all employees and contractors in PDO, but is led by Managers and Management of Change process
owners. In PDO, management of change applies to process changes (hardware, process control and process condition
changes), procedural changes, and organisational changes (both PDO and contractors).
The MOC Process Owner should be responsible for implementation of the following:
Ensure that all HSE Critical Roles / Positions know how to recognize changes covered by this manual.
Know how to initiate the management of change process, based on the type of change involved (procedural, engineering,
organisational, or combination thereof).
Establish and maintain documented Management Of Change Procedures to cover permanent changes, temporary changes,
and emergency changes, which:
Define Change Approval Authorities and communicate who they are.
Describe the stages in the Management Of Change process and approval steps:
In the MOC process, it is important to recognize that all changes have a “source.” These sources are many and can include:
Corporate requirement
Budgetary / financial needs
Engineering modification
Operational needs and expenditures
Accidents / incidents / emergencies
Competency gap
Hazard identification and risk assessments
Strategy / policy / objective change
Merger / Acquisition / Divestment
Legislation / regulations
Recognized need to improve
Capital expenditure project
External influence
Inspection / audit / assessment findings
Inadequate systems, procedures, processes, practices
Opportunity analysis
Problem solving results
Anything deemed as “new” and required by PDO.
The change source and the request to make the change, if approved, then requires careful planning. The major outcome of this
activity should be a documented, risk-based “Change Plan.”
At PDO, the relevant management of change procedure(s) used should include requirements for preparing change plans and
control the process up to this stage. These procedures should be suitable to address the HSE issues involved, according to the
nature of the changes and their potential consequences, and should deliver change information addressing:
In PDO HSE-MS Process 6, Implementation and Operation, general requirements for implementation of the change is presented.
PDO has chosen to align and measure its process safety management system and activities, including technical integrity, with
The Center for Chemical Process Safety (CCPS) and their 20 Elements for Process Safety. These elements include, 1) Process
Safety Culture; 2) Compliance with Standards; 3) Process Safety Competency; 4) Workforce Involvement; 5) Stakeholder
Outreach; 6) Process Knowledge Management; 7) Hazards Identification and Risk Analysis (Renamed by PDO as Hazards and
Effects Management Process - HEMP); 8) Operating Procedures (Renamed by PDO as Plant Operating Procedures); 9) Safe
Work Practices (Renamed by PDO as Permit to Work); 10) Asset Integrity and Reliability (Renamed by PDO as Technical
Integrity); 11) Contractor Management; 12) Training and Performance Assurance; 13) Management of Change; 14) Operational
Readiness; 15) Conduct of Operations; 16) Emergency Management; 17) Incident Investigations; 18) Measurement and Metrics;
19) Auditing; 20) Management Review and Continuous Improvement.
These Elements are embedded in the overall PDO HSE-MS and address Process Safety as and where relevant to PDO
operations, assets, and activities. PDO has developed various types of documentation (Codes of Practice, Procedures,
Specifications, Guidelines, etc.) to address Technical Integrity, and these are listed in the References section of this process
chapter and others as relevant.
The PDO Technical Integrity system addresses areas such as design integrity, start-up, operating integrity, structural integrity,
process containment, ignition control, and systems for protection, detection, shutdown, emergency response, and life saving.
This system ensures that HSE critical facilities and equipment which are designed, constructed, procured, supplied,
commissioned, operated, maintained, and/or inspected by PDO are suitable for their required purpose and comply with defined
criteria. Only designated personnel can permit deviation(s) from approved technical integrity design practices and standards,
and after a rigorous review and approval process, using the Management of Change process and relevant procedure(s). This is
shown in the barrier diagram below.
To achieve good HSE practices in the workplace, the Permit to Work System must ensure that everyone is aware of the hazards
involved in their work, and of the precautions that they must take to work the „right way,‟ – the health way, the safety way, the
environmental way, and the productive way. PDO‟s Permit to Work System is described in detail in PR 1172 - Permit to Work
System procedure.
5.4 REFERENCES
The following documents provide further / related information on Planning and Procedures:
Shell HSSE & SP Control Framework, Version 2, (Shell Group Standards for
Shell Group Documents December 2009
Health, Security, Safety, the Environment & Social Performance)
ISO 14001:2004
International Standard for Environmental Management Systems
OHSAS
Other Documents Occupational Health and Safety Assessment Series
18001:2007
The Center for Chemical Process Safety (CCPS - www.aiche.org/ccps)
CCPS 2010
Ensuring, that from the Hazard and Effects Management Process, the proper risk controls are defined and determined to be
suitable, adequate, and effective for implementation.
Ensuring, where required, that these controls are documented as PDO codes of practice, procedures, specifications, work
instructions, and/or guidelines.
Setting performance standards, both managerial and technical, to clearly describe how HSE risk management is achieved
and what the required deliverables are.
Ensuring the active involvement and understanding of contractors in the implementation process, since they conduct and/or
are involved in a majority of the work activities that are carried out at PDO.
Drawing on the other processes of the HSE MS and in the organisation to support and assure proper implementation and
operation, such as training and competence assurance processes, effective planning, PDO leadership, consultation and
communication, monitoring of implementation activities, application of DCAF, etc. At the end of the day, “DO” is the critical
word!
This process focuses on and describes how HSE Critical Activities are to be performed, and what the expected and required
deliverables are. It does so, taking into account the points listed above.
6.2 REQUIREMENTS
Full implementation and operation of the HSE Management System means that people are doing what the Management System
says they should be doing, at all levels of the organisation. Successful implementation and operation requires embedding HSE
into:
Company Culture,
Having Clear Responsibilities, and
Ensuring Line Ownership.
Responsibility and accountability for both supervising and conducting HSE Critical
Activities must be clearly communicated to the individuals involved. This includes
the complexity of the activity including multiple concurrent tasks, non-routine and
unexpected activities, and the competence of the individuals performing the
activity. Each accountable person should monitor and regularly report the
implementation performance of these critical HSE activities using set
performance indicators. In this process, use of RASCI Charts is an effective tool
to detail and communicate implementation requirements. Also, refer to Process 3
of this Manual "Organisation, Responsibilities, Resources, Standards, and
Documents" for more details about individual HSE responsibilities and
accountabilities.
People identified as responsible and accountable for HSE critical activities must
take ownership. To achieve this, it is essential for line personnel to be genuinely
involved in developing the HSE Management System and HSE Cases. Some
examples of areas where line personnel can be involved include: conducting
hazard identification, analyses, and reviews; implementing inspections and
observations in the field; implementing procedures according to their
requirements.
DCAF consists of preparing two lists: a list of business / critical deliverables (Controls) and a list of authorized competent people
who have the authority to sign off on these deliverables. This provides clarity; which decisions and deliverables must be formally
quality controlled / assured and who is authorized to do so. It recognizes both the Line of Sight and the 'Matrix', as sign-off
occurs in the line of the Business, while Disciplines are responsible for providing Standards and authorized staff.
Well Proposals
SFR Initiation Notes
HAZID Reports
Cost Estimates CAPEX (+25% / -15%)
Pore Pressure Prediction reports
Project Controls & Assurance Plans (PCAP)
Concept Selection Reports
Field Development Plans.
6.3 PROCEDURES
At the senior leadership level, the development of strategic goals and objectives and high-level planning activities should be
conducted with due consideration for the HSE policy and relevant implementation and operation requirements.
At the middle and supervisory leadership level, written documentation regarding activities (which typically involve many
tasks and their work sequencing) will normally take the form of site plans and management procedures.
At the work-site level, written documentation regarding tasks will normally be in the form of operational procedures and work
instructions, issued in accordance with defined safe systems of work (e.g., permits to work, simultaneous operations
procedures, lock-out / tag-out procedures, manuals of permitted operations (MOPO), task-specific work instructions, etc.).
Previous sections have described the planning process, from the development of procedures covering broad areas of activity
down to the level of issuing work-site instructions for the conduct of specific tasks. The effective practical implementation and
operation of these planned arrangements requires that procedures and instructions are followed, at all levels. Therefore, PDO
employees, suppliers, and contractors should be familiar with relevant procedures and instructions before they start work.
Leadership should ensure, and be responsible and accountable for, the conduct and verification of activities and tasks according
to relevant procedures. This responsibility, accountability, and commitment of leadership to the implementation of policies and
plans includes, amongst other duties, ensuring that HSE goals, objectives, and targets are met and that performance criteria and
control limits are not breached. Leadership should ensure the continuing adequacy of company HSE performance through
assurance activities, discussed in Process 7, Assurance: Monitoring and Audit.
The PDO HSE Management System applies best practices and principles of quality management, and is part of the overall
system for managing the business. Only once hazards and effects management processes and controls have been fully
accepted as part of everyday responsibility, accountability, implementation, and operation can business integration truly be said
to be achieved. Thus each member of the workforce must know his role and how implementation and operation activities
contribute to the management of HSE risks and be able to recognize how this fits in with corporate HSE policy.
Individual task roles, responsibilities, and accountabilities for HSE management must be clearly defined, communicated, and
followed up for all occupations in the organisation if they are to be carried out as intended.
The RASCI chart is a useful tool for describing “who does what and when / how often.” The RASCI chart is a table which
describes management system activities down the left hand column and organisation functional roles along the top row. The
letter R, A, S, C, or I is entered under the job role to describe the level of responsibility that individual has for that particular
activity:
Responsible
Accountable
Support
Consulted
Informed
A simple and systematic tool for mapping and communicating HSE roles is available, used, and the approach is
consistent.
Individuals have a clear understanding of what is expected of them within the PDO HSE MS.
These become the managerial performance indicators, against which performance appraisals can be based.
A basis for monitoring and following up on the individual performance of HSE roles is automatically created.
RASCI charts can be used to help develop job descriptions and/or role and post profiles for each role in the organisation.
RASCI charts attach roles and requirements to the organisation, functions, and responsibilities rather than individuals.
If an individual leaves or transfers, his/her replacement can quickly see what their HSE performance standards are.
Where activities involve contractors and suppliers, the process of familiarization with PDO‟s plans is especially important.
Involvement of contractor and supplier key personnel jointly with PDO in the planning stage, whilst desirable, may not always be
feasible. The process of initiating familiarization of contractors and suppliers with the plan is then essential and is typically
carried out as part of a formal kick-off meeting. The initial period of a contract can be particularly vulnerable to HSE incidents.
For this purpose, PDO has established an entire list of documentation for the contractor and supplier management process.
Some of these critical documents are:
In Process 4, reference is given to the managing risk process using the HEMP approach. HEMP should also be applied to
managing risks related to MOC, i.e., the identification, evaluation, control, and monitoring of HSE risks related to the change. An
output of this process is a risk register for the change. These documents – HEMP risk assessments and risk registers form part
of the documentation for planning and implementing change as described in HSE MS Processes 5 and 6.
In Process 5, reference is given to initiating, assessing, and planning for „the change‟ and the preparation of formal Change
Plans. These plans are required to be implemented in Process 6, Implementation and Operation.
In this Process 6, the relevant management of change procedure(s) used should include requirements for implementing the
change, based on an agreed and documented Change Plan and implementation procedure addressing:
measures to identify HSE hazards and to assess and reduce risks and their effects,
communication, consultation, induction, and/or training requirements,
time limits, addressing as relevant both when and/or how often, if any,
monitoring and verification requirements,
acceptance criteria and action to be taken if change management activities are found to be noncompliant,
authority for approval to implement the proposed change, including any staged approvals required during the life of the
change.
Procedures should also describe how PDO will interpret and assess the implications of new, planned, and/or amended
legislation and how revised regulatory requirements are to be incorporated into the HSE-MS.
Separate change plans and their implementation should be established with respect to the HSE management of new operations
(relating, for example, to acquisitions, developments, divestments, products, services, and/or processes), or of modified
operations where the modification introduces significantly different HSE issues, to define:
Any changes in the personnel, equipment, processes, and/or procedures of the company have the potential for adverse effects
on health, occupational and process safety, the environment, assets, and/or company reputation. All changes, both hardware
and organisational, should be considered. These will include not only equipment changes but also organisational changes and
restructurings. Implementation relating to change plans needs to address the HSE aspects arising at all stages of the
development, to ensure that risks and adverse effects are minimized by effective planning and design. For this reason,
management of change is often directly related to the life-cycle of the asset. The diagram below illustrates this concept.
For the same reasons, implementation plans relating to new installations and/or modifications to processes and plant need to
cover all stages of the development, from feasibility studies, through planning and design, to construction, commissioning,
operation, maintenance, eventual decommissioning, abandonment, and ultimate disposal.
Changes which may be HSE-critical should be reviewed prior to implementation, as well as any necessary amendments made to
the HSE-MS to ensure that their introduction does not threaten current HSE implementation and/or sound HSE performance.
For projects or new developments, change control means the process by which proposals to change from an originally project
plan, agreed scope, and/or terms of reference are reviewed and approval sought.
In an operating plant, a change proposal may include a proposal to change hardware, operating procedures, and/or any aspect
of the operation including, for example, level of competence, and/or change in input, throughput, or output. A procedure to
ensure that such changes are reviewed must be clearly described and should involve the custodian of the appropriate HSE
Case. He/she should ensure that the HSE MS documentation is maintained, up-to-date, and that the necessary hazards and
effects assessment has been undertaken to confirm the continued validity of the HSE Case.
It is important that related documentation, such as procedures, standards, guidelines, etc., clearly differentiate between the
mandatory requirements and guidance to facilitate the change process.
Of particular concern in the MOC context are gradual or „creeping‟ changes such as discharge composition or production
creeping outside the design envelope. These need particular vigilance because they are often overlooked or seen as „out of
scope.‟ Similarly, a change in the type of chemicals used or the encroachment of local dwellings on land adjacent to a process
plant might all constitute a [creeping] change of circumstances requiring re-assessment.
HSE MS Process 6 requires the actual “doing” of Technical Integrity activities, based on good Technical Integrity planning in
Process 5, the results of accurate HEMP activities in Process 4, etc. How to implement Technical Integrity is described in
numerous Codes of Practice, Procedures, Guidelines, and Specifications. These are the documents which explain the
implementation and operation requirements and guidance to ensure that process safety and HSE critical facilities and equipment
which are designed, constructed, procured, supplied, commissioned, operated, maintained, and/or inspected by PDO are
suitable for their required purpose and comply with defined criteria.
A key, overall control for these activities is a Statement of Fitness for the Asset that must be issued. The Statement of Fitness is
issued for 1) starting or commissioning a new asset or a modification to an existing asset; 2) restarting an asset after an incident
involving uncontrolled shutdown, or an overhaul or a turnaround, or when the asset has been subjected to conditions outside the
operational limits or has experienced environmental conditions beyond the original design parameters during operation.
For this reason, PDO also subscribes to the requirements of the Center for Chemical Process Safety‟s (CCPS) 20 element
process safety management system as both a reference for guidance on how to implement process safety management at PDO,
and as an audit / assessment tool to measure process safety management activities at PDO sites and facilities. Links to these
key documents are provided at the end of this chapter.
Management of Change is also closely linked to Technical Integrity as well. Only designated personnel can permit deviation(s)
from approved design practices and standards, and after a rigorous review and approval process. If such deviations are
determined to be a „change,‟ as defined by PDO, then the relevant Management of Change procedure(s) shall be applied as a
front line of defense to ensure that the technical integrity related aspects of the change scope are being managed to ALARP
levels.
To comply with HSE requirements in the workplace, the Permit to Work System must ensure that everyone is aware of the
hazards involved in their work, and of the precautions that they must take to work the „right way,‟ – the health way, the safety
way, the environmental way, and the productive way. Detailed information on how to implement PDO‟s Permit to Work System
is described in detail in the Permit to Work System procedure, PR 1172, and linked for easy reference at the end of this chapter.
However, in terms of the overall concept, implementers (e.g., Permit Applicant, Responsible Supervisor, Area Authorities, Permit
Holders, Authorized Gas Testers, other affected Custodians, etc.) of the PDO Work Permit system should be aware of, and be
able to handle potential problems arising from:
The following issues may also contribute towards a major hazard or major incident, and therefore require special and continual
attention:
Failing of the site HSE management system to support the Work Permit system itself;
Failure to recognize or identify a hazard before and during maintenance, and/or any potential hazard(s) arising after
maintenance work done under a permit;
Failure to comply with the work permit system in hazardous environments;
Communication failure before, during, and/or even after the use of the work permit system; and
Failure to review risks of the work activity, changes in the work scope (work environment), and/or change of personnel.
To prevent these issues from arising and/or to mitigate these issues, the PDO Permit to Work system requires:
Training: To ensure everyone understands the PTW System and how to use it.
Licensing: People signing Permits must be tested to ensure they understand the System and have sufficient knowledge of
hazards and controls to manage safe working.
Planning: To ensure that work is well planned, with the workforce and equipment prepared for the job.
Work Definition: To ensure that everyone understands the work content, and how and where it shall be done.
Hazard Management: To ensure that the hazards involved in the work are identified, and the precautions and personal
protection required for a task are correctly defined.
Co-ordination: To prevent conflicting activities from being authorized.
Communication: To ensure that all personnel understand the work content and the Job HSE Plan.
Authorization: Formal approval to do the work.
Supervision: Providing a person in charge of each work site, who is responsible for ensuring that work party complies with
the requirements of the Permit to Work.
Briefing: Toolbox Talks at the worksite to discuss the job, how it will be done, and the precautions required.
Discipline: To ensure that everyone knows that they must comply with Permit requirements.
Housekeeping: To ensure that the work site is kept clean and safe at all times.
Verification: An audit program to help ensure requirements of the Permit to Work System are being met in all areas of PDO.
Improvement: A Proposal for Change program, together with audits, to ensure that the system is improved whenever
necessary.
For all work covered by a Permit, it is important that everyone associated with the job:
Understands: The work content and how it will be done; the hazards involved, and precautions that are required; the work
area hazards that may be present there and the precautions required; any emergency actions that may be necessary, and
their own responsibilities.
Complies: With all the requirements of the Permit to ensure the continued safety of personnel, plant, and equipment.
6.4 REFERENCES
The following documents provide further / related information on Implementation and Operation:
PR-1287 – Emergency Procedures part III Contingency Plans, vol II Well PR 1287
Engineering Operations.
PR-1301 – Emergency Procedures part III Contingency Plans, vol II Personnel PR 1301
Centre
PR-1329 – Emergency Procedures part III Contingency Plans, vol 10 Mina al- PR 1329
Fahal Ras Al- Hamra Building
PR-1419 – Abandonment and Restoration Procedure PR 1419
PR-1473 – Well Barrier & Isolation PR 1473
PR-1501 – Fire Brigade Procedure PR 1501
PR-1515 – Onsite Mercury Management Procedure PR 1515
PR-1656 – Emergency Response Document Part III Contingency Plans Volume PR 1656
8 - Information Management & Technology
PR-1708 – Lifting and Hoisting Procedure Inspection Testing and Certification PR 1708
PR-1709 – Lifting and Hoisting Procedure Lift Planning Execution PR 1709
PR-1789 – Corporate Business Continuity Plan (BCP) PR 1789
PR-1797 – PDO Airports Safety Management System PR 1797
PR-1961 – Process Leak Management PR 1961
PR-1972 – Safe Driver PR 1972
PR-1973 – Safe Vehicle PR 1973
PR-1974 – Safe Journey PR 1974
PR-1975 – Waste Management PR 1975
PR-1976 – Environmental Permitting PR 1976
PR-1981 – Chemical Management PR 1981
GU-230 – Fire and Explosion Risk Management (FERM) Facility Plan Guideline GU 230
GU-611 – PDO Guide to Engineering Standards and Procedures GU 611
PDO HSE Guidelines
GU-648 – Guide for Applying Process Safety In Projects GU 648
GU-653 – Behaviour Based Safety GU 653
Shell HSSE & SP Control Framework, Version 2, (Shell Group Standards for
Shell Group Documents December 2009
Health, Security, Safety, the Environment & Social Performance)
At the implementation and operation level, PDO implements and conducts many types of inspections and observations to verify
whether what is required in procedures, specifications, etc., is actually done and done well. The focus of each is:
1) Inspections focus on conditions – equipment, materials, and the environment. They generate findings that can be both
positive – requiring recognition and commendation, and negative – requiring some type of corrective action.
2) Observations focus on people – how people perform their tasks and their behaviour. There are essentially two types of
observations:
Task observation: A technique to ensure that tasks / procedures are performed efficiently and in compliance with
standards.
Behavioural observation: The process of observing how individuals conduct themselves with reference to rules and
practices, in order to reinforce and improve desired standards of behaviour.
Again, like inspections, observations can generate findings that can be both positive, requiring commendation, and those which
require improvements, or correction.
At the management system level, HSE audits / assessments provide management with a systematic, independent way to assess
the implementation of the HSE Management System. PDO has and uses a three-tiered approach to HSE audits / assessments:
1) Level 1: Includes HSE audits conducted on behalf of PDO‟s Internal Audit Committee (IAC) as part of the Integrated Audit
Plan, and also includes independent audits carried out by external bodies, such as ISO 14001 certification audits, CCPS
process safety management audits, etc.
2) Level 2: Includes HSE audits carried out on behalf of Asset Managers as part of their own Asset Level assurance
processes. These could include internal audits as required by external standards, such as ISO 14001, CCPS, etc.
3) Level 3: Includes self-assessments, task / behavioural observations, and workplace inspection activities to supplement the
formal HSE audit / assessment process. Refer to Chapter 5 of this Manual "Planning and Procedures" for more details
about task observation and workplace inspection procedures.
Of the three types of audits carried out at PDO, Level 3 audits, because they are more of a monitoring activity, are carried out
more frequently than Level 1 and 2 audits. PDO maintains procedures for HSE audits / assessments to be carried out, as part of
its normal business activities, in order to:
Determine whether or not the processes and activities of PDO‟s HSE Management System conform to the planned
arrangements and are being suitably, adequately, and effectively implemented.
Determine whether or not PDO‟s HSE Management System is fulfilling the Company‟s HSE policy, goals, objectives,
targets, and/or other relevant performance criteria.
Determine whether or not PDO‟s HSE Management System complies with the relevant legal and/or other requirements to
which it subscribes.
Identify areas for improvements in PDO‟s HSE Management System, with the aim of continually improving the HSE-MS.
Enable management to ensure that potential and/or actual deficiencies and deviations in the management system are
remedied through their effective identification, evaluation / analysis, follow-up action, verification, and ultimate close-out.
7.2 REQUIREMENTS
Lagging indicators are reactive measuring and monitoring criteria, providing output-based information on incidents that have
occurred and in addition providing insights into means of preventing similar incidents in the future. Lagging indicators provide
evidence of deficient HSE performance. They tell us what has gone “wrong” in managing HSE.
- Number and quality of successful emergency drills carried out. - Statistics on near misses / near-miss frequency rate.
- Measuring the integrity of critical safeguarding systems. - Lost time injuries and their frequency and severity rates.
- Number and quality of progress on close out of audit action items. - Occupational illnesses and their frequency and severity rates.
- Number and quality of PDO Management HSE inspections. - Deviations from permissible discharge levels.
- Number and quality of reporting of STOP cards, and their analysis. - Number of spills and/or spill frequency and severity rate.
- Number and quality of structured HSE meetings conducted. - Number and/or fatality rate.
- Journey Management Rate (JMR). - Number or rate of complaints.
- Percentage of audited MOCs that satisfied all aspects of the MOC - HSE performance trend analysis.
procedure - Total Count of Process Safety Incidents (PSIC).
- Training for PSM Critical Positions rate. - Process Safety Total Incident Rate (PSTIR).
- Failure to follow procedures / safe working practices rate. - Process Safety Incident Severity Rate (PSISR).
- On time inspection rate for safety critical items of plant / equipment - Loss of Primary Containment (LOPC)
It is important to remember the following logic with respect to selecting and using leading and lagging indicators: the leading
indicators chosen should have a direct cause and effect relationship with the lagging indicators chosen. For example, the
number and quality of STOP cards reported directly helps to reduce the lost time injury frequency and/or severity rate. These
types of HSE performance data are collected for:
Internal performance reporting, analysis, review, and follow-up information and evidence.
External performance reporting, analysis, review, and follow-up information and evidence for identified and relevant
stakeholders.
Leading indicators and measures such as „substandard acts / practices auditing,‟ „site HSE inspections,‟ „self-assessments,‟ as
well as reactive measures, shall be used to measure and monitor HSE performance and identify opportunities for continual
improvement at PDO. A monitoring system should:
The monitoring system should also regularly examine progress towards achieving Asset level HSE goals, objectives, and/or
targets set in HSE plans.
Periodical monitoring of leading and lagging indicators set for the Corporate, Asset, and Departmental levels.
Systematic observation of the work and behaviour of employees (including leaders), suppliers, contractors, and sub-
contractors to assess compliance with PDO documentation, such as procedures and work instructions. This includes
Contract Holders monitoring and verifying the HSE requirements of contracts that are relevant to the competence and
fitness to work of contractor personnel.
Regular environmental sampling and analysis.
Health surveillance of employees (including individual, group, and area exposure monitoring and medical examinations).
Monitoring of employee performance and progress against personal HSE plans, goals, objectives, and targets.
Procedures should be established for the proper collection, analysis, interpretation, and reporting of monitoring data.
Examples of the HSE records generated and maintained by PDO under each process of the HSE Management System are listed
in the following table. If other records are required locally and/or a new type of record needs to be created and generated, the
relevant party (Corporate, Asset, site, etc.) should also identify these and include them in their Register of HSE records.
HSE Policy and Related Policies - Copies of HSE legislation - Copies of other references /
Legal and Other Requirements - HSE licenses / approvals / permits requirements, such as ISO, CCPS, etc.
Organisation, Responsibilities, Resources,
Standards, and Documents
- Job descriptions - Terms of Reference of meetings /
Organisation, Structure, and Responsibilities
- Minutes of committees / meetings committees
- Competency / training records
- Training / awareness program materials
Resources, Awareness, Training, and Competence - HSE training passports
- Training plans / training need analyses
- Competence assessments
- Contract documents
- Contract Site Restoration Certificates
- Document C-9 HSE Requirements
Contractor Management - Monthly HSE Reports
- Contract HSE Management Plan
- Minutes of Contractor meetings
- Contract HSE Certificate (Start-Up)
Procurement - Supplier records - Purchase Order documents
- Work Permits
- Workplace HSE inspection records
Operational Control - Service Level Agreements
- STOP Safety Observation Cards
- Task observation records
Emergency Response and Contingency Planning - Emergency Exercise and Drill Reports
Non Compliance and Corrective Actions - Non-Compliance Report forms - Corrective action plans
Incident Notification, Analysis, Reporting, and Follow- - Incident Notification Forms - Follow-up action plans
up - Incident reports - STOP Safety Observation Cards
7.3 PROCEDURES
Any incident (i.e., accident or near miss) and/or non-compliance must be notified, investigated, analyzed, reported, followed up,
learnings extracted and applied where necessary, and ultimately closed out. This process of initiating corrective action is
necessary to ensure that HSE Management System requirements are met, HSE performance continually improves, and that the
likelihood of incidents is minimized. Details for this activity can be found in PR-1418.
The PDO Risk Assessment Matrix (RAM) document shall be used as a standard in the process of notification, investigation,
analysis, reporting, and follow up of incidents for PDO sites. The RAM could also be used in the process of notification,
investigation, analysis, reporting, and follow up of non-compliances.
7.3.1 Non-Compliance
Non-compliances may be sudden and temporary, or they may persist for long periods. They may result from deficiencies and/or
failures in the Management System itself, failures in plant and/or equipment, and/or from human error / behaviour.
Investigation of non-compliance should fully establish the causes, including failures in the Management System. These
investigations enable the planning of corrective action, including measures for:
Implementing corrective action will not be complete until the effectiveness of the above measures has been demonstrated. This
includes making the appropriate changes to PDO procedures, records, and/or other relevant factors.
Incidents have multiple causes, with underlying causes often existing away from the site of the incident. When investigating
incidents, the team should remember and apply the principle of multiple causes:
“Problems and other loss producing events are seldom, if ever, the result of a single cause.”
Proper identification of all causes requires timely and methodical investigation, going beyond the immediate causes and
evidence, and looking for basic or root causes which may cause future incidents. For this reason, incident analysis should be
seen as a means to identify not only immediate causes, but also basic causes and failures in the management system.
The purpose of conducting an incident analysis and producing a formal report on the findings is:
The incident analysis, reporting, and follow-up process comprise a number of consecutive stages once the initial PDO notification
procedure has been completed. These stages are:
All incidents (including near misses) require a formal Incident Report in addition to the initial Incident Notification Form, with the
following exceptions:
Reporting of Low Risk incidents is limited to a completely and accurately filled out Notification Form.
To maximize incident learning benefits, relevant findings and conclusions of incident investigations should be given as wide a
distribution as practicable. Lessons learnt from incidents, which are believed to be of benefit to other relevant internal and
external stakeholders, are communicated throughout PDO.
Distribution of information can occur through discussions and feedback from HSE meetings and team briefings, in addition to
consideration given at the relevant Incident Review Committees. This will help maximize the benefits from the learning point s of
the incident and help prevent recurrence of incidents with similar causes.
PDO leadership fully supports the incident management process and its stages, encourages leadership involvement in the
investigations, and requires sufficient allocation of resources to act on the resulting recommendations. PDO also supports
objective investigations being carried out by competent and unbiased investigators, and taking prompt action to correct
deficiencies.
For the entire process of how notification, investigation, analysis, and reporting of events are managed in PDO, please refer to
PR 1418 Incident Notification, Analysis, Reporting, and Follow-Up for details.
An „Audit Kit‟ contains a set of tools to aid an Audit Team Leader to conduct
an audit. It includes sample slide presentations, questionnaires, templates
and guidelines that can be customized and supplemented by the Audit Team
Leader to suit the individual audit requirements. Further guidance on
conducting audits can be found in PDO procedures and guidelines. These
include HSE-MS, PSUA, and AI-PS audit procedures.
GU 441 HSE Inspection Guide, contains checklists and tools for use in
conducting HSE Inspections (e.g., Joint Management HSE Inspections).
Details on how to conduct audits, audit team composition, audit planning, and audit frequency can be found in specific PDO
procedures, such as PR-1969 Corporate HSE Audits.
7.4 REFERENCES
The following documents provide further / related information on Assurance: Monitoring and Audit.
PR-1171 – Contract HSE Management Part I - Mandatory for PDO Personnel PR 1171
involved in Contract Management
PR-1171 – Contract HSE Management Part II - Mandatory for Contractors & PR 1171
PDO HSE Procedures Contract Holders
PR-1418 – Incident Notification, Reporting and Follow-up Procedure PR 1418
PR-1712 – Level 3 Audit (Engineering Operations) PR 1712
PR-1969 – Corporate HSE Audits PR 1969
Shell HSSE & SP Control Framework, Version 2, (Shell Group Standards for
Shell Group Documents December 2009
Health, Security, Safety, the Environment & Social Performance)
8. REVIEW
8.1 OVERVIEW
A key component of PDO‟s HSE Management System is a formal process whereby senior leadership reviews its efforts with
respect to:
In general, PDO‟s senior leadership should review the HSE Management System at least annually. Review components should
address:
The possible need for changes to PDO‟s HSE Policy and strategic goals and objectives, in the light of changing
circumstances, and the commitment to strive for and make continual improvements to the management system.
Resource allocation for implementation, maintenance, and improvement of the HSE Management System.
Sites and/or situations requiring special attention or focus, on the basis of evaluated hazards and risks and emergency
planning.
These management review processes should be documented, with the results recorded to assist in action tracking and
implementing any review findings, i.e., recommended changes or improvements which become apparent through the review.
This Chapter covers the review components of PDO‟s HSE Management system. It addresses the various parts of formal
management reviews, including review of PDO‟s HSE Policy and goals / objectives, HSE performance, HSE documents, and
other HSE issues that may arise and are of importance. The intent and goal of reviews stated here is to determine the suitability,
adequacy, and effectiveness of the HSE-MS.
8.2 REQUIREMENTS
Board of Shareholders.
The HSE Steering Committee.
The Integrated Audit Committee (IAC). More details about the review role of the IAC can be found in PDO‟s Corporate HSE
Audits Procedure, PR 1969.
The Emergency Response Steering Committee (ERSC). More details about the review role of the ERSC can be found in
CP 123 PDO Emergency Documents Part 1.
Incident Review Committees (IRCs). More details about the roles of IRCs are described in PR 1418 Incident Notification,
Analysis, Reporting, and Follow-Up.
The Managing Director (MD).
Directors, Asset Directors, Project Managers, and/or Line Leaders.
Corporate HSE Manager.
Evaluation of review information to identify the basic causes of good and poor business performance.
Evaluation of basic causes to identify the strengths and weaknesses of the management system.
Evaluation of the effectiveness of the management review process.
8.3 PROCEDURES
Conducting HSE-MS Reviews at PDO leadership levels shall be met as part of the job responsibilities defined for each individual
within the Corporate Management Framework, Job Descriptions, Personal Performance Contracts (PPCs), and PR 1970 HSE-
MS Review.
8.4 REFERENCES
The following documents provide further / related information on Review.
Other PDO Documents Statement of General Business Principles (SGBP) January 2007
Shell HSSE & SP Control Framework, Version 2, (Shell Group Standards for
Shell Group Documents December 2009
Health, Security, Safety, the Environment & Social Performance)
9. GLOSSARY
Understanding the meaning of common terms in the PDO HSE-MS / CP-122 is an essential part of professional HSE
management. It is important that PDO establish its own documented definitions and terms for relevant HSE management
system terminology, so as to reduce the potential for reporting and other communication problems. This glossary is not
exhaustive, and the definitions and abbreviations provided here are for reference only.
Accident - The term „accident‟ is sometimes used to describe an incident which has caused actual injury, loss, or damage.
For the purposes of PDO procedures the term „accident‟ shall not be used. (See incident. The following definitions beginning
with the term “accident” are for illustrative purposes only and the term “incident” can be substituted for “accident” here.).
Accident / incident rates - Measures of accident / incident loss experience within given time periods, developed as a
means of comparison. (Examples: injury frequency rate, injury severity rate, injury index, all injury frequency rate, major
property damage rate, and critical items damage rate).
Accident report - A written summary describing the accident / incident, presenting an analysis of causes and suggestions
for remedial action, and documenting actions taken as preventive or control measures.
Accident / incident analysis - Study of accident / incident experience through compilation of related facts and information
about the nature of injuries and/or damage, and the causal factors. The purpose is to define trends and problem areas and
to identify the critical safety problems as a basis for program objectives and activities. Analyses usually include frequency of
occurrence, severity, nature of injury / damage, part of body injured, part of equipment or material damaged, agency of the
accident, substandard practices and conditions, job factors and personal factors. Refer to Basic Causes and Immediate
Causes.
Accident / incident investigation - A systematic search for factual information on the extent and nature of a specific loss or
near-miss, the related events, the substandard practices and conditions which influenced the events, the basic or roots
causes, and the management actions needed to prevent or control future occurrences.
ALARP - As Low As Reasonably Practicable (ALARP). Risks are said to be reduced to a level of ALARP, at a point where
the time, trouble, complexity, difficulty, and cost of risk reduction measures have been assessed, and where further risk
reduction measures are considered to be unreasonable in regard to the additional risk reductions obtained versus the costs
and benefits of doing so.
All - This term generally refers to a 100% condition. The established method to evaluate an "all" condition is to apply the "3
strikes rule." The "3 strikes rule" means that the third time a deviation is noted, the "all" condition will not be true. (From the
HSE-MS Framework Scorecard [FSC]).
Aspect - The potential to harm people and the environment, cause damage and/or loss of assets, and adversely impact
PDO‟s reputation. (See Hazard). When used in conjunction with environment, as environmental aspect, it has a slightly
different meaning (see Environmental aspect).
Assessment - (1) A comprehensive, systematic assessment of performance to established and accepted criteria.
(2) (HSEQ) A systematic and independent examination to determine whether HSEQ activities and related results comply
with planned arrangements and whether these arrangements are adequately and effectively implemented, and are suitable
to achieve objectives. (See Audit).
Assumption - The rationale on which normative behaviours and beliefs are based.
Assurance - A positive declaration intended to give confidence. Full confidence, freedom from doubt, certainty.
Audit - (1) A comprehensive, systematic assessment of performance to established and accepted criteria.
(2) (HSEQ) A systematic and independent examination to determine whether HSEQ activities and related results comply
with planned arrangements and whether these arrangements are adequately and effectively implemented, and are suitable
to achieve objectives. (See Assessment).
Authority - The capacity to give commands which are accepted as legitimate by others. In the modern organisation the
manager's authority to give instructions to subordinates is drawn primarily from his formal position as a manager, and from
the set of rights and obligations formally associated with the post, rather than from the manager's individual leadership
qualities. However, both sources of authority can be important.
Banding - A process which details the contractor selection process for High and Medium Risk services to Petroleum
Development Oman (PDO). The SP-1171 document describes the methodology that presents a consistent and
standardized approach to HSE evaluation of contractors. The approach also aims to reduce the repeated data requests, for
HSE information, from contractors as part of the technical evaluation process. The overriding objective is to reduce
contractor incidents in PDO and to prioritize doing business with contractors who have a good HSE capability and
performance.
Basic causes - The job and personal factors, such as inadequate engineering, lack of knowledge or skill, etc., from which
the substandard acts and/or substandard conditions originate. Basic causes may also be referred to as underlying, root or
real causes, systems defects or contributing causes. Basic causes are most frequently the result of an inadequate
management system, inadequate management system standards, and/or inadequate compliance with management system
standards. (See Immediate Causes).
BBS - Behavioural Based Safety. A system or program to identify, evaluate, control, and monitor behaviours in an
organisation in order to change and improve „safe‟ behaviours and/or to reduce „at-risk‟ behaviours.
Behavioural observation - The process of observing how individuals conduct themselves with reference to rules and
practices, in order to reinforce and improve desired standards of behaviour.
Budget - A firm's predetermined financial plan, expressed in quantitative or financial terms, for a given future period.
(Examples: the sales budget is generally compiled with the aid of sales forecasts and shows quantities and values of
planned sales broken down by product group, area and type of customer. The distribution costs budget shows planned
distribution activity measured in packages, tonnage, etc., and associated warehousing and transport costs. The master
budget aggregates all other budgets to produce a budgeted “profit-and-loss account” and “balance sheet.”).
Business Assurance Letter – The Business Assurance Letter is a corporate PDO exercise conducted by Finance and with
submissions made to stakeholders. This exercise involves all the functional departments, including MSE. The intent is to
assure, with or without qualifications, that the current implementation status and integrity of the HSE-MS meets suitability,
adequacy, and effectiveness requirements. PDO Leadership should consider whether the Business Assurance Letter can
be made without qualification. In making their appraisal of whether or not a Business Assurance Letter can be made without
qualification, Leaders may consider how an auditor would rate compliance with the Letter concerned. Letters should be
qualified if a significant audit finding would be expected. An audit trail should exist to confirm the basis on which all Letters
have been made.
Business continuity planning - Arrangements for restoring business activities as soon as possible following an emergency
to minimize loss to business and impact on stakeholders.
Business controls - Structured means used to provide reasonable assurance that business objectives are properly set and
are likely to be met with little risk of unacceptable deviation.
CCPS - The Center for Chemical Process Safety, an American organisation which has established guidance standards for
developing and implementing process safety management systems. The CCPS process safety management system
standards consist of 20 elements. For further information see their website at www.aiche.org/ccps
Chemical - A chemical may be a liquid, gas, solid, or powder which in normal use has the potential to cause a heath and/or
physical hazard, and/or the release of toxins into the environment. This definition also includes any materials that will be
created during the manufacturing process, either as intermediates, by-products, and/or wastes. A chemical may be further
defined as: Used or consumed in the manufacturing, R&D, testing or assembly of products; Incorporated into the final
product; Used or consumed in the maintenance of facilities, grounds and equipment; Raw materials, that when handled /
processed at a site, can cause releases of potentially hazardous emissions, by-products or wastes; Any material received on
site with a Material Safety Data Sheet (MSDS); Any material requiring an MSDS, either regulatory, or as required by PDO
Policy (stated in Chemical Management Standards); Certain metal articles that are consumed (i.e., – tooling, weld rods,
braze tapes, electrodes, etc.). A chemical may be a direct or indirect material. (From the HSE-MS Framework Scorecard
[FSC]).
CM - Corrective Maintenance.
Coaching - The day-by-day actions you take to help people perform as well as possible.
Code of Practice (CP – PDO) - A high level document that specifies the overall approach and procedure for performing a
business process / activity, and which states the minimum requirements expected from employees, contractors, and/or other
relevant stakeholders.
Codes - Rules and standards which have been adopted, by a governmental agency or professional regulatory body, as
mandatory regulations having the force and effect of law.
Commitment, management - Visible participation of the (senior) management of their organisation's improvement efforts.
Their participation may include establishing and serving on an HSE committee, establishing HSE policies and goals,
deploying goals to lower levels of the organisation, providing the resources and training that the lower levels need to
achieve the goals, participating in quality improvement teams, and reviewing progress organisation-wide.
Company - This term refers to PDO, a PDO asset, a PDO business facility / operation, or a PDO affiliate. It excludes
contractors or other non-PDO entities. (From the HSE-MS Framework Scorecard [FSC]).
Competence - The ability, in terms of skill, knowledge, and awareness to perform a role within specified standards.
Competence is developed over time from among a combination of education, training, and/or experience.
Competitive strategy - Deciding, on the basis of an evaluation of the firm's own competitive strengths and weaknesses vis-
à-vis those of its rivals and the requirements of the customers, the direction(s) that firm will pursue.
Complete task observation - An observation, planned in advance, of the complete task, using the established task
procedure and/or the most recent task analysis worksheet as references, and recording the results on a specific form.
Contingency measures - Measures that could be taken if an event occurs, in order to minimize its consequence.
Continual improvement - The ongoing improvement of activities, products, services, and/or processes through small steps
and breakthrough improvements.
Contract - Legally binding document or situation in which a seller undertakes to supply goods or services to a buyer in
consideration of some financial or other return.
Contractor - Person or company that conducts work under a contract for the organisation. (See also Sub-contractor).
Control - (1) The process of ensuring that activities are carried out as intended. Control involves monitoring aspects of
performance, making commendations and taking corrective actions where necessary.
(2) Physical device to regulate a machine, apparatus, or system within prescribed limits or physical standards of safety and
operating effectiveness.
Controls - Controls include preventive measures (reducing the likelihood / probability), mitigative measures (reducing the
number and severity of consequence) and recovery or recovery preparedness measures (reducing the chain of
consequences arising from a top event). Controls are also called risk reduction measures, preventive measures, barriers,
and/or mitigative measures.
Coordination - The process of combining the work of organisation members and departments to achieve the desired end-
product or goals of the organisation.
Corporate Governance - Defining and implementing a system of rules, processes, procedures, and relationships to
manage the organisation and fulfill its legal, financial, and/or ethical obligations.
Corrective action - Any activity undertaken to address an incident or non-compliance, and if possible, to prevent its
recurrence.
Crisis - An emergency where the situation has escalated to the point where there is actual or potential media interest which
might have a negative impact on reputation at the corporate level and could threaten the survival of the business.
Critical controls - A control or contingency measure which is absent or ineffective would result in at least one risk becoming
unacceptable.
Critical / vital few - A basic management principle which states that a small percentage of specific items, actions, or
activities account for the majority of all accidents and costs. Often referred to as the Pareto Principle.
Critical equipment - Machinery, equipment, and/or materials that is likely to result in a major loss to people, property,
process and/or environment when worn, damaged, abused, misused, improperly applied, etc. These critical few pieces of
machinery, equipment, and/or materials which, when worn, damaged, abused, misused, or improperly applied, are more
likely to result in a major loss.
Critical equipment list - A comprehensive list that includes all critical equipment, machinery, and/or materials at the
location that have historically resulted in the majority of losses (including injury or illness) or have the potential to do so. The
list should include a statement of the criteria used to identify their criticality.
Critical supplies inventory - Activity to identify, register, and evaluate critical spare parts or components resulting in a
comprehensive list of the ones which have historically resulted in major quality problems or nonconformities or which have
the potential to do so.
Critical task - A specific element of work which historically has produced and/or which, when not properly performed, may
produce major loss, either during or as a result of the task.
Culture - (1) The customary beliefs, social forms, and material traits of a racial, religious, or social group. (2) The
characteristic features of everyday existence shared by people in a place or time. (3) The way the organisation believes,
thinks, and acts with respect to risk.
Customer complaint system - A structured method to handle and solve individual customer complaints and to take corrective
actions to avoid or minimize all customer complaints. The system should cover: registration, analysis, solving complaints,
customer feedback, preventive action, information to employees and customer(s), and evaluation of actions.
Customer feedback - Information received via meetings, personnel talks, complaint forms, etc., from existing or new
customers.
Customer satisfaction - The most important criteria in all quality work in the organisation. Approximating or exceeding
customer expectations.
Design - The process of translating a product idea into a product which can be produced and marketed on a commercial
basis.
Design input - All documents required to serve as source for basic information for development and design. (Examples:
customer requirements, rules and regulations from external authorities, functional requirement lists, contract documents,
engineering handbooks and technical standards, and design data from suppliers).
Design output - The final work result of the development and design function. (Examples: drawings, technical
specifications, manuals and bills of materials).
Design review - A formal and independent examination of an existing proposed design for the purpose of detection and
remedy of deficiencies in the requirements and/or design which could affect such things as reliability performance,
maintainability performance, maintenance support performance requirements, fitness for the purpose and the identification
of potential improvements. (Note: Design review by itself is not sufficient to ensure proper design.).
Design verification - Activity to check whether the design (work results) meets the input requirements by conducting design
reviews, qualification tests, alternative calculations, and comparison with similar proven designs.
DI - Design Integrity.
Disability - Any injury or illness, temporary or permanent, which prevents a person from carrying on his or her usual activity.
Disabling injury - A work injury which results in death, permanent total disability, permanent partial disability, temporary
total disability, or restricted ability to perform normal work.
Distribution - The process of storing and moving products to customers, often through intermediates such as wholesalers
and retailers. The task of physical distribution management involves moving specified quantities of products to places
where customers can conveniently buy them, in time to replenish stocks, in good condition. The objective is to maximize
availability of product while minimizing cost of distribution (synonym: physical distribution).
Document control - The operational techniques and activities to ensure the right and proper use of all documentation in the
organisation. Document control addresses: document layout, approval, issue, changes, modifications, distribution, and
removal of obsolete documents.
Document distribution list - Comprehensive list mentioning document numbers, date of issue, revision number, document
name, quantity issued, department of issue, department of destination, file storage place, retention, etc.
Dosimeter - A personal device used to monitor an individual's exposure to an occupational health hazard, such as radiation,
vibration, noise, etc.
Duty of Care - An obligation and concept that a sensible person / organisation would apply or use in circumstances when
acting towards the public, and/or other stakeholders. Considered in some countries to be a legal requirement. If the actions
of a person or organisation are not made with watchfulness, attention, caution, and prudence, their actions are considered
negligent. Consequently, the resulting damages may be claimed as negligence in a lawsuit. PDO has now formerly
adopted the term to mean it will take full cognizance of the health and welfare of all employees, contractors, and other
persons that may be affected by its operations in Oman. The duty of care shall in particular monitor the working and living
conditions of the workforce.
Economic quality - The economic level of quality at which the cost of securing higher quality would exceed the benefits of
the improved quality.
Effect - An adverse impact on people, the environment or PDO‟s reputation; damage and/or loss of assets. (See Impact).
Emergency - A situation that poses an immediate threat to human life, major / serious damage to property / assets, the
environment, product / service and other quality matters, and/or the security of the site / organisation.
Emergency needs assessment - The process of recognizing and evaluating potential emergencies that could occur in an
organisation. Used as the basis for developing a comprehensive emergency response plan.
Emergency plan - A comprehensive document to provide guidance on actions to be taken under various possible
emergency conditions. Includes responsibilities of individuals / departments, resources available for use, sources of aid
outside the organisation, procedures to follow, authority to make decisions, requirements for implementing procedures within
departments, training in and practice of emergency procedures, communications, and reports required.
Emergency team - A group of employees who act as a unit in some or all types of emergencies.
Employee - A person employed by PDO who is not directing or controlling the activities of a group of workers. (From the
HSE-MS Framework Scorecard [FSC]).
EMS coordinator / Management Representative - A person, reporting to upper management, one of whose functions is to
measure and evaluate the environmental management system effectiveness. The coordinator also advises and assists on
matters relating to the environmental management system.
Environment - Surroundings in which an organisation operates, including air, water, land, natural resources, flora, fauna,
humans, and their interrelation.
Environmental accident - An unintended event that results in loss to the environment above an acceptable level / threshold
limit.
Environmental aspect - Element of an organisation‟s activities, products, and/or services which can interact with the
environment. Environmental aspects can have both positive and negative consequences or impacts. NOTE: A significant
environmental aspect is one which has or can have a significant environmental impact.
Environmental effect - Any direct or indirect impingement of the activities, products, and/or services of the organisation
upon the environment, whether adverse (negative) or beneficial (positive).
Environmental hazard - An operating condition that may result in an environmental incident or accident. A negative
environmental aspect is the same as an environmental hazard.
Environmental incident - An unintended event which could or does result in a loss to the environment.
Environmental Management System (EMS) - That part of the overall management system which includes organisational
structure, planning activities, responsibilities, practices, procedures, processes, and resources for developing,
implementing, achieving, reviewing, and maintaining the environmental policy.
Environmental objective - Overall environmental goal, arising from the environmental policy, that an organisation sets itself
to achieve, and which is quantified where practicable.
Environmental performance - Measurable results of the environmental management system, related to an organisation‟s
control of its environmental aspects, based on its environmental policy, objectives, and targets.
Environmental management program - A description of the means of achieving environmental objectives and targets.
Environmental target - Detailed performance requirement, quantified where practicable, applicable to the organisation or
parts thereof, that arises from the environmental objectives and that needs to be set and met in order to achieve those
objectives.
Ergonomic Risk Factor Analysis - Formally reviewing and documenting the presence and severity of ergonomic risk
factors in a job process. (From the HSE-MS Framework Scorecard [FSC]).
Ergonomic Risk Factors - Forceful exertions, awkward postures, repetitive motions, duration, vibrations, contact stress.
(From the HSE-MS Framework Scorecard [FSC]).
Ergonomics Team - A group of employees working together to solve ergonomic problems. (From the HSE-MS Framework
Scorecard [FSC]).
Established - A routine or procedure that is valid, recognized, and accepted on a permanent basis.
Event - Something that occurs in a certain place during a particular interval of time (and after a hazard is released).
Event Tree Analysis (ETA) - Works in the opposite direction to FTA. ETA takes an event and predicts an outcome. Event
Tree Analysis uses inductive reasoning / logic.
Evidence - Information (from documents, records or any other source) given to establish fact.
Exposure hours - Exposure Hours represent the total number of hours of employment for work as defined under section
2.1.3 of the HSE Statistics guidelines, including overtime and training but excluding leave, sickness, and/or other absences.
External parties, environmental - Those with an interest in the environmental effects of an organisation's activities,
products and services (e.g., government agencies; local residents; the organisation's investors; insurers; customers and
consumers; environmental interest groups; and the general public).
Extrinsic motivation - Means of motivating behaviours applied to individuals by outside agents. Characterized by
consequence (reward / punishment) management, observation and coaching processes, promotional activities, etc.
Failure costs, external - The costs arising outside the manufacturing organisation of the failure to achieve quality specified.
Failure costs, internal - The costs arising within the manufacturing organisation of the failure to achieve quality specified.
The term can include the cost of scrap, rework and re-inspection, and also consequential losses within the organisation.
Failure Mode Analysis (FMA) - A procedure to determine which malfunction symptoms appear immediately before or after
a failure of a critical parameter in a system. After all the possible causes are listed for each symptom, the product is
designed to eliminate the problems.
Failure Mode and Effect Analysis (FMEA) - A procedure in which each potential failure mode in every sub-item of an item
is analyzed to determine its effect on other sub-items and on the required function on the item.
Failure Mode Effects and Criticality Analysis (FMECA) - A procedure that is performed after a failure mode effects
analysis to classify each potential failure effect according to its severity and probability of occurrence.
Fatality - A fatality is a classification of a death resulting from a Work Injury, or Occupational Illness, regardless of the time
intervening between injury / illness and death.
Fault Tree Analysis (FTA) - A procedure / graphical technique that provides a systematic description of the combinations of
possible occurrences in a system, which can result in an undesirable outcome. This technique can combine both hardware
and human failures. Often, while a hazardous event has not occurred before, the preconditions and underlying causes and
failures have. It is therefore possible to synthesize a top event or the undesirable outcome. This technique is one of the
most powerful used to examine how failure events can occur following a sequence of other faults. Fault Tree Analysis
uses deductive reasoning / logic.
FIFO - First In, First Out. First goods produced or received should be picked first. Used in purchasing / procurement and
inventory control.
First-aid injury - A minor injury requiring only first-aid treatment, normally given by someone other than a physician.
First / Front - line management - Those who directly supervise most of the non-managerial employees. Typical titles
include: foreman, supervisor, unit supervisor.
Formal - External form or structure. According to fixed customs or rules. Done or made in an orderly fashion: methodical,
definite, and explicit.
Formal Evaluation - A documented review of program progress against performance requirements and goals, including
recommendations for future improvements and activities. (From the HSE-MS Framework Scorecard [FSC]).
Functional responsibilities - Ensuring an efficient and coordinated effort from the various operational divisions of the firm
(marketing, production, etc.) through appropriate management and organisational structures and management control and
reward systems.
Goal - 1) A statement describing a desired level of performance. Objectives and targets are both types of goals. Goals
should be SMART- Specific, Measurable, Achievable (Attainable), Realistic, and Time bound. 2) The result or achievement
toward which effort is directed. (See Objective and Target).
Good / best practice - An error free, proven and documented working practice that exceeds the norms of known, current
operational performance within a specific business environment.
Guideline (GU – PDO) - A non-mandatory document providing supplementary information about acceptable methods for
implementing requirements found in policies, business processes, procedures, work instructions, etc.
Hazard - 1) The potential to harm people and the environment, cause damage and/or loss of assets, and adversely impact
PDO‟s reputation. (See Aspect). 2) A condition, act, and/or practice with the potential for accidental loss.
Hazard classification - A designation of relative loss potential. A system to code substandard practices or conditions by
the potential severity of the loss, should an accident or loss occur.
Hazards and effects register - A quality record that demonstrates that all hazards and effects have been identified, are
understood, and are being properly controlled. This Register is kept current throughout the life cycle of a project or activity,
i.e., from the planning and design stage, through operation, to decommissioning, abandonment, and disposal.
HAZOP - Hazard and operability. The application of a formal systematic detailed examination of the process and
engineering intention of new or existing facilities to assess the hazard potential of operation outside the design intention or
malfunction of individual items of equipment and their consequential effects on the facility as a whole. The HAZOP
technique was "defined" in the Chemical Industries Association Code and updated more recently in the CCPS Hazard
Identification Procedures.
Hearts and Minds - Hearts and Minds is all about developing a safety 'culture.' The Hearts and Minds safety program was
developed by Shell Exploration & Production in 2002, based on research with leading universities since 1986, and is being
successfully applied in Royal Dutch / Shell Group companies around the world. The program uses a range of tools and
techniques to help the organisation involve all staff in managing Health, Safety, and Environment as an integral part of their
business. Collectively, these tools and techniques are known as the Hearts and Minds Toolkit.
High risk incident / high potential incident - Incident for which the combination of potential consequences and probability is
assessed to be in the high risk – red shaded area – of the Risk Assessment Matrix.
HSE Case - A demonstration of how the Company manages “high” HSE risks to a level that is ALARP.
HSE Critical Activity - Any activity that is undertaken to provide or maintain controls for RAM 3+ consequences.
HSE Critical Roles - Includes any job description with accountabilities and/or responsibilities for conducting HSE Critical
Activities.
Human resources management - The branch of management concerned with administering the employment relationship
and with achieving effective use of human resources available in the organisation. The rationale for employing human
resource managers is that specialized knowledge of aspects of “people management” (recruitment and selection, training,
performance appraisal, welfare, payment systems, labor law, industrial relations) will lead to better managerial and
organisational performance (synonym: personnel management).
Immediate causes - The substandard acts / practices and/or conditions which directly contribute to the occurrence of an
accident / incident. Frequently referred to as unsafe acts or conditions, or direct causes.
Impact - An adverse impact on people, the environment or PDO‟s reputation; damage and/or loss of assets. (See Effect).
Incident - 1) An incident is an unplanned and undesired event or chain of events that has, or could have, resulted in injury or
illness, damage to assets, the environment, company reputation, and/or consequential business loss. (From PDO – from PR-
1418 Incident Notification, Reporting, and Follow-up procedure).
2) The release or near release of a hazard, which exceeds a defined limit or threshold limit value. These are unplanned
events or a chain of events, which has caused or could have caused injury, illness, damage and loss to assets, the
environment, and/or company reputation. (For Process Safety Management, and for reference in Process 4, HEMP).
Information management - The process of gathering, processing and interpreting data both from the firm's external
environment and from inside the firm, generally using the information technology provided by computers.
Inherent (“gross”) risk - is an assessment without any responses being applied and assuming no controls are in place (or
failure of existing ones). (From CP-131).
Injury frequency rate - A lagging indicator and an injury experience measurement. An injury frequency rate may also be
referred to as a lost-time frequency rate. Local jurisdictional standards should be consulted.
Injury severity rate - A lagging indicator and a severity of injury measurement. Local jurisdictional standards should be
consulted.
Inspection - A scheduled, structured examination of a work site with a specific focus on physical conditions and working
acts and/or practices, in addition to normal supervisory duties. (A type of monitoring).
Interested Parties (stakeholders) - People or organisations with an interest in the organisation‟s activities, products, and/or
services. This can include government regulators and inspectors, investors, insurance companies, employees, the local
community, customers and consumers, NGO‟s, environmental groups, and the general public.
Intrinsic motivation - A means of engaging the individual to develop an internal competence and desire for appropriate
behaviours. Characterized by education and training, empowerment, meaningful tasks, and opportunities, etc.
ISO - International Organisation for Standardization - ISO (International Organisation for Standardization) is the world's
largest developer and publisher of International Standards. ISO is a network of the national standards institutes of 163
countries, one member per country, with a Central Secretariat in Geneva, Switzerland, that coordinates the system. ISO is a
non-governmental organisation that forms a bridge between the public and private sectors. On the one hand, many of its
member institutes are part of the governmental structure of their countries, or are mandated by their government. On the
other hand, other members have their roots uniquely in the private sector, having been set up by national partnerships of
industry associations. The ISO website is: www.iso.org
Job description - A written statement describing the activities involved with a particular job or occupation, e.g., purpose,
major responsibilities, accountabilities and functions, (synonym: position description).
Job Process - The set of tasks that an employee performs. Job processes include assembly, disassembly, testing, repair,
inspection, data entry (office environment), maintenance, programming, and/or many others. (From the HSE-MS
Framework Scorecard [FSC]).
Joint safety and health committee - A committee consisting of non-supervisory and supervisory representatives appointed
to consider safety and health matters. The existence of a joint safety and health committee is frequently required by law.
Just-In-Time (JIT) system - A production management system in which materials, components and products are produced
for, or delivered to, the next stage of production (or customers) at the exact time needed. JIT seeks to minimize the amount
of work-in-process stocks held by a firm by synchronizing the flow of materials between production processes; and to
economize on finished product stocks by matching the final assembly of products with the rate of customers' orders.
Leading indicators - Measurements of inputs to a process. Answers the question, “How well are we doing our work?”
Proactive measures.
Leadership – 1) Leadership is the collective function of all leaders. (from CP-122, Process 1, Leadership and Commitment).
2) Leadership is the process wherein a leader engages with and mobilizes others to drive change in an organisation. 3) The
process of influencing others to achieve certain goals. Effective leadership is often seen as the outcome of leadership
qualities (traits) which some people have and some do not.
Lesson plan - A document which provides guidance to a course instructor regarding the proper presentation of a subject.
Lesson plans usually include learner objectives, educational approaches to be used, materials and learning aids to be used,
outlines of the presentations and time to be spent in teaching the subjects.
Letter of Assurance (LOA) - The LOA is a confirmation from a contractor CEO, with or without qualifications, that the
current implementation status and integrity of the Contractor‟s HSE management system meets the Contract
requirements. Each Contractor is required to submit one LOA only to cover all contracts with the Company that are
operational on 1 January of that year. These statements shall be in bold type and where necessary are followed by
explanatory guidance in italics. Contractor CEOs should consider this guidance in deciding whether or not a statement can
be made without qualification. In making their appraisal of whether or not a statement can be made without qualification,
Contractor CEOs should consider how an auditor would rate compliance with the statement concerned. Statements should
be qualified if a significant audit finding would be expected. An audit trail should exist to confirm the basis on which all
statements have been made.
Life cycle, product - Term relating to a generally accepted hypothesis that all products are subject to a pattern of demand
which, after its start, grows, stabilizes for a period, then tends to decline and finally disappear. The life cycle contention is
that all products have both a beginning and an end. This dictates the need for new product development; the order of time
frame determines the intensity with which such development takes place.
LIFO - Last In, First Out. Last goods produced or received should be picked first. Used in purchasing / procurement and
inventory control.
Likelihood - The expectation, possibility, and/or chance of an event happening. Usually expressed as a frequency (i.e.
once every 10 years), but sometimes as a probability (i.e. 0.2, 40% etc.).
Lock-out - A practice for preventing the undesired operation of equipment or power systems by the affixing of a device with
a lock which prevents anyone from turning on the power or energy source.
Logistics - Term borrowed from the military, describing the science and practice of estimating the likely flows and timings of
company resources for any particular project or campaign and providing the means to achieve them. Primarily used in
physical distribution and the control of materials transfer and stock holdings. Logistics consist of materials management and
physical distribution (synonym: logistics management).
Loss - The avoidable waste of any resource, such as people, equipment, materials, and/or the environment.
Loss control - Activities to reduce accidental losses to an organisation. These losses may include injuries, occupational
illnesses, property damage, process losses, down-time, quality degradation, environmental impacts, etc. These activities
include anything done to prevent or minimize the risk of loss exposures, reduce losses when loss-producing events occur,
and/or terminate or avoid risks.
LTI - Lost Time Injuries are the sum of Fatalities, Permanent Total Disabilities, and Lost Workday Cases. N.B. If, in a single
Incident 20 people receive lost time injuries, then it is accounted for corporate reporting purposes as 20 LTI's (not 1 LTI).
LTIF - The Lost Time Injury Frequency is the number of Lost Time Injuries per million man-hours worked during the period.
Major injury / illness - Injury or illness resulting in at least a temporary disability (disabling injury).
Major property damage rate - The degree of economic loss determined by the organisation to be significant enough to
require the same management attention normally given a disabling or lost-time injury. See Disabling Injury.
Management - 1) Getting things done through others. The process of organizing and directing human and physical
resources within an organisation to meet defined objectives. Key management functions and roles are planning, organizing,
leading, and controlling. 2) A person, or persons, who directs or controls the activities of a group of employees. (From the
HSE-MS Framework Scorecard [FSC]).
Management audits - Comprehensive audits of managers' compliance with clearly defined criteria, conducted by managers
of comparable levels and experience.
Management system - (1) ISO: The part of the overall management system that includes organisational structure,
planning activities, responsibilities, practices, procedures, processes, and resources for developing, implementing,
achieving, reviewing, and maintaining the (environmental) policy.
(2) A framework of controls for managing organisational risks and driving continual improvement.
Management system performance standard - A management system performance standard is a statement detailing
WHO, does WHAT, WHEN and/or HOW OFTEN. A management system performance standard is a statement detailing
WHO, does WHAT, WHEN and/or HOW OFTEN. These standards define performance expectations or requirements of
PDO leadership, employees, and/or suppliers, contractors, and sub-contractors.
Manual - A document that links the policy with all related codes of practice, procedures, specifications, work instructions,
and/or guidelines for performing a business activity.
Manual of Permitted Operations (MOPO) - Defines the limit of safe operation permitted for a particular asset if control and
or mitigation measures are reduced and/or removed, yet maintaining a tolerable level or risk. It considers combinations of
hazards and hazardous events.
Materials handling - The physical movement of materials from place to place, their packaging (in carton / pallet /
containers) and storage as they proceed through various production, warehousing, and distribution processes. Materials
handling seeks to minimize internal transport costs, damage to, and waste of, materials. Handling activities can include:
unloading, sorting, palletizing, storing, order picking, loading, discharging, unpacking.
Medical Case Management Representative - Individual contracted or employed by PDO to manage: injury costs (worker
compensation), absences, return to work placements, and/or employee health care programs. (From the HSE-MS
Framework Scorecard [FSC]).
Medium and low risk incident - Incident for which the combination of potential consequences and probability is assessed
to be in the yellow or blue shaded area of the Risk Assessment Matrix.
Middle management - Those between the senior managers and first-line supervisors. Titles typically relate to department
head or general supervisory personnel. (See Senior Management, First-Line Management).
Mission statement - An explicit written statement for the reason an organisation exists, the social needs it fulfils, and its
fundamental business focus. Mission statements are designed to give substance to the perceived purposes of the
organisation and provide all employees with an indication of what they are attempting to achieve through their collective
endeavor (related terms: policy statement, organisation statement).
Mitigation measures - To reduce or limit the number and severity of the consequences arising from a hazardous event or
effect.
Monitoring - To oversee, supervise, or regulate for purposes of control, checking continually, and/or keeping track of.
Monitoring here may include using specialized equipment, human observation, and/or a combination of both.
Must - indicates a course of action with a required, mandatory status within PDO. (See should).
Mutual aid agreements - Formal agreements with local, private organisations to provide resources in the event of an
emergency.
Near-miss - An incident that could have caused illness, injury or damage to assets, the environment or company reputation,
or consequential business loss, but did not. All near misses shall be treated as incidents and shall be investigated and
reported according to their potential risk. (From PDO PR-1418).
Non-compliance - Failure to meet the HSE Management System requirements. Non-compliance may be identified by
monitoring activities, adverse trends in performance indicators, non-completion of HSE Plans, failure to meet targets,
incident investigations, and/or audits / assessments.
Objective - A statement about where PDO wants to be in regard to HSE issues, sometime in the future.
Objective setting - Determining the general goals of PDO, i.e., increasing the rate of return on capital employed, increasing
earnings per share, etc. (synonym: goal setting).
Observation - Seeing with sufficient care to be able to give an account of conditions and behaviour. Observing means to
perceive or identify through various senses (e.g., vision, hearing, taste, smell, touch). Observing includes noticing, noting,
and understanding the significance of what you observe. In this sense, observing is more of a psychological process.
Occupation - A position title covering all work activities that a person performs while holding that title. (Examples:
electrician, carpenter, loss control coordinator, welder, doctor).
Occupational illness - (1) Any abnormal condition or disorder of an employee, other than one resulting from an
occupational injury, caused by exposure to environmental factors associated with employment.
(2) Any illness that results from a work accident or from an exposure involving a single incident in the work environment.
Occupational safety - The control of personal injury, illness, and property damage in work-related environments and
situations.
Off-site emergency - An emergency occurring outside the boundaries or direct control of an organisation, but that affects or
has the potential to affect the organisation‟s stakeholders.
Off-the-job safety - The control of exposures to hazards outside the workplace environment.
OI - Operating Integrity.
Opportunity - 1) A possible action with the potential to produce an event with positive consequences. Sometimes referred
to as upside risk. 2) Opportunities are those factors, which could influence the achievement of business objectives having
a potential positive consequence. The opportunity can be assessed in terms of its probability of success and upside
potential. (From CP-131).
Organisation - Any organized body or establishment, such as a business, company, government, department, charity,
and/or society. For bodies or establishments with more than one site, each single site may be defined as an organisation,
and the group is called a corporation.
Partial task observation - A planned observation of a segment or part of a task that includes the noting and recording of
facts and events relating to the observation. See Random Sampling as a guide to the selection of jobs to be partially
observed.
Performance indicators (KPI) - A proxy measure of organisational performance often used where profit or “bottom-line”
indicators are either inadequate or irrelevant guides to performance. Use of performance indicators is thought to improve
managerial decision making concerning resource allocation.
Performance standard - A performance standard typically imposes quantifiable limits and targets, such as "how much gas can
be released into the air." Many of the Royal Decrees and Ministerial Decisions in Oman are Performance Standards. These are
often referred to as technical standards.
Personnel - The term personnel includes people at all organisational levels including hourly workforce, management /
supervision, and HSE. It also includes any special considerations that may be required for the handicapped. (From the
HSE-MS Framework Scorecard [FSC]).
Physical capability analysis - A systematic analysis of jobs or tasks to determine size, strength, endurance, acclimatization,
and other similar physical aspects needed to perform a job or task safely and effectively.
Plan - A document describing what procedures and/or other associated documents and resources shall be applied by whom
and when / how often to a specific project, process, activity, and/or contract.
Planned general inspection - A general inspection of the overall workplace that is planned in advance. Planned
inspections are usually done at an established frequency and by properly trained operating personnel.
Planned personal contacts - An intentional daily / weekly meeting of a manager and an employee to discuss a critical HSE
and/or production topic related to that employee's work.
Planning, business - A method of controlling the business that involves the setting of long-term objectives and the
formulation of action programs designed to achieve those objectives.
PM - Planned Maintenance.
Policy, business - (1) The strategies and measures adopted by the organisation to manage the business as a means of
achieving its organisation objectives.
(2) A concise statement of PDO‟s attitude on a particular subject in response to business needs. (From CP-100).
(3) A senior management statement which guides administration, reflects management's attitudes and commitment to safety
and health, and defines the authority and respective relationships required to accomplish the organisation's objectives.
(4) The overall intentions and direction of an organisation regarding quality, as formally expressed by senior management.
Practice(s) - General methods or guidelines to follow when performing a task that does not have to be performed identically
each time it is done.
Pre-placement physical examination - A medical examination prior to job placement to determine suitability for work.
Preventive action - Any action taken to investigate, prevent, and/or reduce defects, failures, and other causes of loss.
Prevention measures - To reduce the likelihood / probability of hazards or to prevent or avoid the release of a hazard.
Primary processes - The chain of activities which add value to the product, activity, and/or service (i.e., marketing, design
and development, production, distribution, after-sales service). Often referred to as core processes.
Procedure (PR – PDO) - A document that specifies the way a work process / activity / task is to be performed, describing
why (purpose), what (scope), who (responsibility), when (frequency), how (tasks involved), and how many / how much
(specifications).
Process - A sequence of activities that adds value by producing required outputs from a variety of inputs.
Process hazard - The intrinsic property of a dangerous substance or physical situation with the potential to cause major
accidental loss.
Process monitoring and control - Checking performance of the process at regular intervals in relation to pre-established
norms, including taking corrective action where necessary.
Process safety - The control of process hazards with the potential to cause major accidental loss.
Product stewardship - The responsible and ethical management of the health, safety, and environmental aspects of a
product from its invention through its processes of production to its ultimate use and beyond.
Production - The conversion process for transforming inputs such as materials, labor, and capital into goods and services.
Production scheduling - The detailed planning of production to achieve production targets within specified timetables and
avoid production delays, while making effective use of labor resources and ensuring high rates of machine utilization.
Production scheduling is generally undertaken by the production planning department and will be based on orders received
for products or forecasts of product demand.
Project - A project is a temporary and one-time endeavor undertaken to create a unique product or service. This property
of being a temporary and one-time undertaking contrasts with processes, or operations, which are permanent or semi-
permanent ongoing functional work to create the same product or service over-and-over again.
Protocol(s) - Standardized, documented process for managing a specific illness or injury type according to current medical
practice guidelines. (From the HSE-MS Framework Scorecard [FSC]).
PS - Performance Standard.
Purchasing - The business function which is involved in procuring raw materials, components, finished goods, and capital
equipment; and ordering and acquiring supplies and services at competitive prices (synonyms: procuring, buying).
Qualified / approved suppliers - A group of suppliers or subcontractors who fulfill the approval criteria for purchasing
products or services.
Quality - (1) The degree to which the perceived situation meets the expected situation.
(2) The totality of features and characteristics of a product or service that determine its ability to satisfy stated or implied
needs.
Quality assurance - All planned and systematic actions necessary to provide adequate confidence that a product or service
will satisfy given requirements for quality.
Quality control - The operational techniques and activities used to fulfill requirements for quality.
Quality management - That aspect of the overall management function that determines and implements the quality policy.
Quality manual - A document outlining the general quality policies, procedures, and practices of an organisation.
Quality system - The organisational structure, responsibilities, procedures, processes, and resources for implementing
quality management.
Quality-related costs - The expenditure incurred in defect prevention and appraisal activities plus the losses due to internal
and external failure (synonym: costs of non-quality).
Random sampling - A method for selecting units to be examined or population to be interviewed in an audit which gives
every unit of the same type equal chance of being selected for inclusion in a sample that is statistically valid. Sample size(s)
can be adjusted for desired accuracy and confidence levels.
RASCI Chart - A RASCI chart is a tool for describing “who does what and when / how often.” R = Responsible, A =
Accountable, S = Supportive, C = Consulted, and I = Informed. This is taken from the more generic concept of “R-A-C-I.”
Record - A document containing information with respect to results achieved and/or providing evidence of activities
performed. (A record is an “output” document and it typically cannot be revised or altered.).
Recovery measures - Those measures aimed at reinstating or returning the situation to normal operating conditions.
Regulation - A rule or ordinance, law, and/or device by which people, equipment, materials, and/or the environment are
controlled by an external agency or organisation.
Residual (“net”) risk - an assessment of the risk taking the quality and effectiveness of the controls in place and after
responses have been applied. The potential difference between inherent and residual risk gives an indication of the quality
and effectiveness of the controls in place. (From CP-131).
Responsibility - The obligation to carry out specified duties and tasks (e.g., someone who has responsibility for “X” in an
organisation is obliged to carry them out, or to ensure that others do so). A common problem in organisations is that
responsibilities are weakly defined; it is not fully clear who is responsible for what, with the result that certain functions are not
carried out effectively.
Review, system / management system - A formal evaluation by upper management of the status and adequacy of a
system in relation to policy and new objectives resulting from changing circumstances.
Risk - The frequency of occurrence (likelihood) of an undesired event, and the severity of the consequences (effects) of that
event.
Risk acceptance - A set of criteria defining the limits above which risks cannot be tolerated.
Risk analysis - The quantitative or qualitative process to assess the likelihood and potential consequences of a possible
event.
Risk appetite - The positive benefits of exploiting a business opportunity associated with the risks.
Risk assessment – 1) Any process used to identify, quantify, or rank risks. 2) The total process of risk analysis,
interpretation of results, and recommendations of corrective action (from SP1258). (See Risk analysis).
Risk competence - An individual‟s risk perception, risk acceptance, and knowledge and commitment to norms in order to
be able to correctly identify, evaluate, and control the risks they are exposed to.
Risk evaluation - The process by which risk information is considered against judgment and standards, to ensure that the
controls in place are adequate to reduce risks to an acceptable level.
Risk management - A process that is used to ensure that all significant risks are identified, evaluated, prioritized, managed
(controlled), and monitored effectively.
Risk management system - A structured approach used by organisations to coordinate risk management related activities
and drive continual improvement.
Risk matrix - A tool for conducting qualitative risk assessment, which characterizes risks based on their likelihood and
consequences.
Risk measures - Measures that effect affect the likelihood and/or the consequences of events.
Satisfaction measurement - To measure the satisfaction of customers with a product or service via interviews or other
techniques.
Senior management - Group of managers who have a substantial role in formulating the objectives and policies of the
organisation. Usually managers at the top of the hierarchy are described in this way, but where there is substantial
decentralization of decision-making; managers at lower levels of the organisation may have this status. Typical titles
include: President, Vice-President, General Manager, Plant Manager, etc. (synonyms: top management, upper
management).
Service department - Part of an organisation concerned with providing after sales service to customers; frequently involved
with the handling of complaints which require tactful replacement or rectification to avoid temporary or permanent loss of
goodwill.
Service Level Agreement - Service Level Agreements specify the nature, scope, and flexibility of essential services to be
provided by Service Asset Managers to Product Flow Asset Managers. They also specify quality of a service, how it is
measured, on what terms payment is made, deliverables, and responsibilities (including management of HSE risks).
Severity - A measure of the level of harm or damage that the accident could cause. Also known as consequence, impact,
or hazard effect. Severity is often expressed as the level of injury or the financial costs of damage.
Shall - indicates a course of action with a required, mandatory status within PDO. (See Must).
Significant incident - Incident with actual consequences rating of 4 or 5 on the Risk Assessment Matrix.
Simple risk assessment - The process of asking one‟s self a brief, simple series of questions relating to a specific task that
enables more effective risk recognition, evaluation, and control.
Site / Operation Ergonomic Priority List - A list of job processes that have the highest ergonomic concerns. For small
sites, a general operation level list may be developed instead as long as individual sites can add their own specific priorities.
(From the HSE-MS Framework Scorecard [FSC]).
Site Medical - Medical professionals contracted or employed by PDO to service employees at one or more PDO sites.
(From the HSE-MS Framework Scorecard [FSC]).
Skill development coaching - (1) The actions taken to help employees perform as well as possible through techniques
such as performance reviews, discussions, etc.
(2) Actions taken on a day-to-day basis, designed to motivate an employee to improve his or her skills.
Specification (SP – PDO) - The specific requirements that are mandatory – with respect to performance, implementation,
monitoring, and/or reporting. A specification can apply to materials, products, activities, and/or services.
Stakeholders - See “Interested parties.” Those groups who affect and/or are affected by the organisation and its activities.
These may include, but are not limited to: owners, trustees, employees, associations, trade unions, customers, members,
partners, suppliers, competitors, government, regulators, the electorate, non-governmental organisations (NGOs) / not-for-
profit organisations, pressure groups and influencers, and/or communities.
Standard - A standard represents agreement on best practice for the technology or process concerned. For example, ISO
14001 is an international standard that represents worldwide agreement on best practices for environmental management.
This is NOT a (technical) performance standard.
Standards, performance - The defined criterion for effective performance of work or activities. Performance standards
should define who is responsible for performing what work when or how often. (See Management system performance
standard).
Standards, ISO-9000 and ISO 14000 series - A set of individual but related international guidelines on quality and
environmental management developed to help companies effectively document the quality and environmental activities to be
implemented to maintain an efficient quality and environmental management system. The standards are developed by the
International Organisation for Standardization (ISO), an international agency composed of the national standards bodies of
160+ countries. (See ISO).
Statistical Process Control (SPC) - The application of statistical techniques to control a process. Often the term statistical
quality control is used interchangeably with statistical process control; however, the SPC includes acceptance sampling as
well as statistics process control.
Strategic direction - Deciding what business activities the firm should conduct and where. (Examples: continue its existing
activities, divest some of them and/or diversify into new product markets, remain a national supplier, etc.).
Strategy - The formulation of a unified body of strategic plans by a firm in order to achieve its business objectives. Business
strategy integrates all aspects of a firm's production activities through all levels, including:
(1) Objective or goal setting, (2) Strategic direction, (3) Choice of growth mode, (4) Competitive strategy, and (5) Functional
responsibilities.
(Related terms: business policy, corporate strategy, strategic management).
Subcontracting - Arrangement by which a person or a firm, based on a legal contract, supplies goods and/or services to
another person or firm.
Subcontractor - Person or company that does work under a contract with the contractor.
Substandard acts and substandard conditions - Acts or conditions that do not meet established standards; frequently
referred to as unsafe acts or conditions.
Sustainable development - Defined in the 1987 Report of the World Commission on Environment and Development Our
Common Future as “development that meets the needs of the present, without compromising the ability of future
generations to meet their own needs.”
System - An established way of carrying out an activity or series of activities, including the identification, training, and
involvement of individuals responsible for the activity; a clear definition of the activity and how to do it; and a mechanism to
ensure that the activity is performed as expected.
TA - Technical Authority.
Target - A specific endpoint, usually either stating the date of completion of particular actions needed to achieve the
objectives and/or achieving specified quantitative performance measures.
Task - A specific work assignment within an occupation, consisting of a definite sequence of steps.
Task analysis - A systematic analysis of the steps involved in doing a task, the loss exposures involved and the controls
necessary to prevent loss. It is a prerequisite to the development of job / task procedures and practices. An important step in
the analysis would be consideration of the elimination or reduction of loss exposures.
Task instruction - The process of transferring the knowledge and skills necessary to properly perform a job / task.
Task observation - Task observation is a technique to ensure that tasks / procedures are performed efficiently and in
compliance with standards.
Technical Integrity - An asset should be procured, designed, constructed, commissioned, operated, and maintained so
that it is suitable for its required purpose, considering structural integrity, process containment, ignition control and systems
for protection, detection, shutdown, emergency response, and life saving.
Tender - Offer to supply goods or services at a price; usually a detailed document outlining all the conditions which would
relate to any ensuing contract. Commonly associated with government contracts for building, construction service, or periodic
supplies.
Threat - A possible cause that will potentially release a hazard and produce an event.
Top Event - The „release‟ of a hazard; something that occurs in a certain place during a particular interval of time.
Top Management - The most senior management members at the site, typically a Director, service manager, and/or other
operations managers. (From the HSE-MS Framework Scorecard [FSC]).
TRC - Total Reportable Cases are the sum of Fatalities, Permanent Total Disabilities, Permanent Partial Disabilities, Lost
Workday Cases, Restricted Work Cases, and Medical Treatment Cases. This is sometimes referred to as Total Recordable
Cases.
TRCF - The Total Reportable Case Frequency is the number of Total Reportable Cases per million Exposure Hours worked
during the period.
Trend Analysis - This term refers to a process by which data is analyzed to determine underlying contributing factors, such
as but not limited to, root causes, location, department, specific equipment, lack of procedures, failure to follow procedures,
and/or improper procedures. (From the HSE-MS Framework Scorecard [FSC]).
TROIF - The Total Reportable Occupational Illness Frequency is the sum of all occupational illnesses whether or not they
have resulted in deaths, permanent total disabilities, permanent partial disabilities, lost workday cases, and/or restricted
workday cases per million working hours during the reporting period.
Unbiased - Independent or impartial. Also, not having a vested interest in the subject or object being evaluated, audited,
and/or assessed.
Unbiased person - A person who, by lack of vested interest or external pressure, can render an objective observation or
decision. Usually someone outside of the direct line of authority.
Values - The understandings and expectations that describe how the organisation‟s people behave and upon which all
business relationships are based (e.g. trust, support, and truth).
VIAR - The Vehicle Injury Accident Rate is the number of company and (sub)contractor employees who sustained an injury
as a consequence of road traffic accidents per 100 million kilometers driven.
Vision - A statement that describes how the organisation wishes to be or become in the future.
Work Instruction - A document that specifies in a step-by-step manner how a task or a set of tasks is to be performed.
(Work Instructions are often simplified from an associated procedure.)
Work-related - Work related activities are defined as those activities for which management controls are in place, or should
have been in place.
Work Restrictions - Clear definitions of the physical activities an employee may perform while recovering from an injury or
illness. (From the HSE-MS Framework Scorecard [FSC]).
Zero energy state - The state of equipment in which every power source that can produce movement of a part of the
equipment or release of energy has been rendered inactive.
SP-1278 - Specification for Site Selection and Soil Investigation Works Engineering Guidelines UIB
SP-1284 - Signs and Signboards UIB
SP-2017 - Well Failure Model UPT
SP-2061 - Technical Authority System UEQ2
SP-2113 - Specification for Commissioning and Start-Up (Key Principals) UOP6
GU-289 - PDO Security Guide UIC4
GU-425 - GU-425 Contracting and Procurement Guidelines FPB3
GU-513 - Guidelines for Alarm Management and Rationalisation UEP351
GU-622 - Contract Performance Management (CPM) Framework Guideline FPS12
GU-632 - Water Management Control Framework Guideline UCG