SEARCH

In manufacturing, to improve responsiveness to customer demand, LEAN uses pull to expose waste which is then eliminated or reduced to achieve consistent flow resulting in greater productivity. In highly-regulated, high-risk industries, to improve meeting stakeholder obligations, LEAN COMPLIANCE uses higher standards to expose risk which is then eliminated or reduced to achieve consistent performance resulting in the advancement of better outcomes. #effectivecompliance

Pro-activity can be applied at any level within an organization. However, it is primarily the role of management programs achieved by means of feed-forward instead of feedback processes. A feed-forward process anticipates, plans, and then directs underlying systems to advance overall outcomes. Establishing management programs are essential when it comes to meeting performance and outcome-based obligations. While feedback processes are necessary to verify conformance to rules and standards, feed-forward process are needed to advance goals and objectives specifically those connected with vision zero targets: zero harm, zero incidents, zero violations, zero defects, and so on. It is not expected that a company's systems are capable of achieving vision zero targets at the start. However, what is expected is that companies continually improve their capabilities over time to get closer to the ultimate goal of zero. Management programs drive the improvement of these capabilities while management systems make sure that performance is consistently achieved. Further reading on the topic of management programs and systems: https://www.leancompliance.ca/post/where-to-make-compliance-improvements https://www.leancompliance.ca/post/where-to-add-proactive-processes https://www.leancompliance.ca/post/operational-risk-where-do-risks-come-from

The topic of what is essential is on the minds of many individuals, organizations, and governments certainly with respect to navigating the COVID-19 pandemic. Over the last several weeks we have seen governments mandate shutdowns and/or lock-downs of non-essential businesses and services, along with public movements and transportation as part of the #StayAtHome measures. All of these actions are intended to fight the corona virus but all of them have an impact that goes beyond COVID-19. One surprising impact is that it is causing many to reflect on what is essential for their life, their business, their jobs, and for their communities in which they live. There is nothing like a good crisis to help prioritize what is important and what is not. When the game changes so do the rules and strategies that go along with it. As an example, In recent weeks, as many of you might know, the Environmental Protection Agency (EPA) decided to suspend its enforcement of environmental laws signalling to companies that they would not need to meet environmental standards and regulations during the corona virus outbreak. This was done in recognition that (in their words) companies might better use their resources to ensure their pollution control equipment remains up and running and the facilities are operating safely, than to carry out routine sampling and reporting. PHMSA's Pipeline Safety Program has also issued a stay of enforcement to state pipeline safety program managers, pipeline operators, and operators of gas storage and liquefied natural gas facilities. The agency has temporarily halted its enforcement of compliance with operator qualification, control room management, and employment drug testing requirements, but has not relieved operators of their safety responsibility to use trained, non-impaired workers to perform operation and maintenance tasks. PHMSA also encourages state pipeline safety partners to consider suspending certain enforcement efforts for noncompliance in the interest of prompt and efficient pipeline safety activities related to the effects of the COVID-19 outbreak. If these actions means anything, they means this ... that inspection, reporting, and enforcement are not essential to environmental as well as pipeline safety. You could, and we will ask the question, "if these things are not essential, then what is?" Finding an Answer That is the question that I want us to consider now. “What are the essential properties of a pipeline safety management system?” If we didn’t focus on such things as certification, audits, and enforcement. If instead we focused on something else, what would our systems look like? For our discussion today, we will use as a reference API RP 1173, although what we will be talking about also applies to the Canadian standard CSA Z662. And before we dive in, I know that many of you are already thinking, doesn’t 1173 already define what is essential when it talks about the elements contained in the guideline? Well, yes, and no. Let me explain. When we think of the question in front of us some might answer it by counting the number of shall statements in API RP 1173 guideline. I know that some of you have done this. Hands up if you have! The word “shall” is used over 150 times in the context of what the guideline considers as mandatory requirements which one might think are good candidates for what is essential. But, essential for what? As a point of interest, and maybe more, we all know that API RP 1173 is a voluntary guideline, albeit, strongly encouraged but voluntary just the same. The reason for raising this point is that some might come to conclusion that the number of mandatory requirements might be closer to zero rather than 150. I don’t think you would be wrong if you thought this. API RP 1173 is voluntary so there is technically speaking nothing mandatory about it. Perhaps, this is splitting hairs, but maybe not. When it comes to deciding what is mandatory depends on what you are trying to accomplish. If the goal is, let’s say certification, then perhaps you will end up with a number that might be closer to 150 than zero. But again I will ask, are these essential? Let me ask the question another way. How many requirements and which ones must be met for a pipeline SMS to be effective, to be operational? You might answer this one differently which most will agree would produce a better answer but maybe not the best answer. For that we need to ask yet another question. What properties (you could also say behaviors, or better capabilities) must be present for a pipeline safety management system to be effective? I propose that it is the establishment of these properties that define what is really “essential” not for the purpose of certification, or to pass an audit, but rather to fulfil the purpose of a Pipeline SMS which is according to API RP 1173 is: “to enhance effectiveness of risk management and enable continual improvement of pipeline safety performance…ultimately to achieve the goal of zero incidents” Answering this will give you a different set of requirements. And here’s the kicker. These are already stated in API RP 1173, but they are not listed as mandatory requirements connected with shall statements, and so they are mostly overlooked, but not today. Every Purposeful System Has Essential Parts We will look at these in some detail in a few moments. However, right now, I want to unpack our question further by means of an example and by analogy. I will use an example of a car which is familiar to most. A car is not a safety system but is instead a transportation system not too unlike transportation systems we use to move hazardous liquids and gases. A car is a system made up of various components with the purpose of transporting people (mostly) from one location to another. A car is effective when it performs its purpose which in this case is transporting people from point a to point b. If it doesn't do that then we don't really have a car we don't have a transportation system. There is a person by the name of Dr. Russell Ackoff, a contemporary of Edward Deming, both of who were considered as thought leaders in the space of systems-thinking. Although more familiar in the context of quality, their contributions have impacted the way we think about systems in many other domains including safety. Russell Ackoff defines a system in the following way and this is important: “A system is a whole which is defined by its function in a larger system of which it’s a part” Using our example of a car which is a system defined by its function of transportation; that’s its purpose. It is part of a larger system which is you could say is a larger transportation system that includes highways, roads, and so on. Ackoff continues with his definition: “For a system to perform its function it has essential parts” These are parts that if they do not exist prevent the system from performing its function. Nothing surprising here, but wait there's more. Non-purposeful Systems Only Have Parts “ System properties are derived out of the interaction of its parts and not the action of its parts taken separately ” It is the collective interactions of all essential parts that are responsible for the overall system behavior. Transportation is an emergent property of a car when all the essential parts work together. It is not the property of any of its parts taken separately. When you take a car apart it is no longer a car. It cannot perform its function. You can take all the parts and put them on the ground. You can analyze them, improve them, but you still don’t have a car. Some of you may now be getting the idea of where I am going when it comes to safety systems.. but hang on .. where almost there. There are also no parts on their own that can perform the function of a car. For example, a car engine, by itself cannot transport anything including itself. Another way of saying all this is a system is not the sum of its parts. In fact, a system is a product of the interaction of its parts. Without the interactions you only have a bin of parts, a collection of components, a set of elements, but you do not have a system. In the case of a car the emergent property of transportation is never realized. And when this is applied to Pipeline Safety Management Systems the emergent property of safety (or protection if you like) is also never realized. A Common But Ineffective Approach I am now going to make a statement which may be surprising to some, but here it is: Many (perhaps most) organizations when it comes to pipeline safety implement only the parts and not the necessary interactions. They are failing to establish the essential properties necessary to advance overall pipeline safety performance. At most they are advancing their bin of parts or relabeling what they already have, but they have not advanced their safety system. We can see this by the use of a common approach for implementing API RP 1173 which is to divide-and conquer by focusing on the elements and shall statements, which is understandable for a variety of reasons, but ineffective nonetheless. Let me explain why. The RP 1173 guideline is structured as management system standard similar to ISO standards and some regulatory frameworks, but with important differences. First, it is not a prescriptive standard, intended to be audited. It is a performance standard to be used as an evaluation framework for companies to improve overall pipeline safety performance. Although, as many should already know, the guideline is presented as a collection of essential elements (10 in total) with language that is compatible with prescriptive standards that utilize audits and certifications. You will find, “shall standards” contained in and across all 10 elements: Leadership and Management Commitment Stakeholder Engagement Risk Management Operational Controls Incident Investigation, Evaluation and Lessons Learned Safety Assurance Management Review and Continuous Improvement Emergency Preparedness and Response Competence, Awareness and Training Documentation and Record Keeping You will see the same thing for CSA Z662. But this is not a signal for how the guideline should be implemented. The shall statements afford some measure of support for an audit function , but not the safety performance improvement function , and therein lies the rub. A Bin of Parts When following an element-first approach you will end up with is a collection of parts which can be tested to see if they are present, and thus supports some degree of verification. However, you do not end up with an operational system that is effective at improving safety performance. For that you need another approach and another set of requirements. An Operational System To have an effective system it is necessary to focus on system properties with the goal of having all essential parts working together as a whole. Doing so will result in an operational system that will improve safety performance over time and advance outcomes making progress towards zero incidents (the ultimate purpose of API RP 1173). And when you do this the implementation will look different than the other. API RP 1173 Essential Requirements API RP 1173 tells us what system requirements are essential but does not specify how these are to be done. These are summarized in the section called, “Managing Safety of Complex Processes” although you will find others throughout the document. These are all properties or capabilities that are essential to improve safety performance. They all speak to the system as a whole and about interactions. However, there are no shall statements, no prescriptions. The "how" part of system requirements needs to be defined by each company based on their own level of risk, organizational structures, and specific goals and objectives. These are more difficult to audit or to certify against. However, and here's the thing, without capabilities to support system level interactions you do not have a system. All you have is a collection of individual and separate elements. Not defining the "how" is normal for a performance-based guideline, but not normal for those that have for years focused only on prescriptive and legal compliance obligations, and that is why we need to as an industry do more to educate organizations on "how" to do this. What is Essential Depends on Desired Outcomes When implementing API RP 1173 some have have focused on the shall statements anticipating that certification may be required at a future date, and/or it’s a place to start which they will improve on later. However for that to happen you need an operational system that has essential behaviors, perhaps not at the performance levels you ultimately need, to be a platform on which to measure, learn, and improve your safety performance over time. Using our example of a car, you cannot achieve better transportation capabilities by reorganizing your stock room of parts, or by adding or removing parts. If you can’t build a car, you at least need a motorcycle or a bicycle as a starting point not a stock room of parts. And given that API RP 1173 is a voluntary guideline anyways I see no reason why organizations should not focus on what is essential rather than what will pass a possible audit. Essential Properties For an Effective Pipeline Safety Program Effective Pipeline Safety programs are those that are: Operational – they must have all the essential parts working together as a whole to produce an emergent property of safety evidenced by the achieving and advancing safety outcomes. Capabilities (people, process, and technology) are sufficient to ensure that the system is more than the sum of its parts, and instead is product of the interactions its parts. Proactive – new goals and measures are established that continually advance outcomes. Feed-forward controls are used to prevent or mitigate the effects of uncertainty and the ensure the advancement of outcomes. Continuous improvement is applied to both outcomes and performance. Viable - can be achieved using current technologies. Sustainable – capable of consistently achieving targeted levels. Resilient – consistently performs in the presence of changing conditions. Feed-back controls are used to reduce variation and to create consistency in both performance and outcomes. Efficient – achieves targeted performance with minimum waste. Adaptive – learns from the past to improve future outcomes. Performance and outcomes are measured to understand correlation and causation. Transparent – capable of retrospective investigation and analysis. Measures of effectiveness, performance, and conformance are continually measured, monitored, and shared to steer the system towards its ultimate goal of zero incidents. Systems that have these properties in increasing measures of capability maturity are more likely to advance safety goals, provide greater confidence (i.e. assurance) that safety outcomes can be achieved in the future, and create a culture where safety is valued.

To meet all your obligations at the speed of risk you must be proactive which is characterized by focusing more on: Forward Planning over Rear-view Planning Management Preview over Management Review Pre-incident Investigations over Post-incident Investigations Project Pre-mortems over Project Post-mortems Prevention over Mitigation Feed-forward control over Feed-back control Evaluate / improve cycles over Audit / fix cycles

NC State University each year publishes their research on the state of risk oversight. The latest version is available reflecting input from 563 respondents. Their findings suggest that significant room for improvement exists particularly in the area of effectiveness. Their conclusion is that organizations need to be more proactive with their risk management. Companies that have robust risk management capabilities are in a better position to address not only the COVID-19 pandemic, but also other threats to mission success. Key Findings from the report include: Most respondents perceive a much riskier business environment now compared to five years ago. COVID-19 has probably increased that perception exponentially for most business leaders. Even before COVID-19, respondents noted that a number of external parties were pressuring senior executives for more extensive information about risks. That will likely be even greater once the pandemic crisis is behind us. Few executives describe their organization’s risk management process as mature. COVID-19 has most likely highlighted even more limitations in their organization’s risk oversight capabilities than previously considered. More organizations are appointing a Chief Risk Officer or creating management-level risk committees to help lead the organization’s risk efforts. That leadership is critical if an organization wants to ensure the process is ongoing and value-adding. About half of the respondent organizations engage in formal risk identification and risk assessment processes. Hopefully more business leaders will see the value in engaging in those processes in the future so that they can be in a more proactive versus reactive risk management posture when the next big risk event emerges. Few respondents perceive their risk management process as providing important strategic value. The ongoing pandemic crisis is hopefully convincing more executives of the strategic importance of having rich insights about risks facing the organization as they make key strategic decisions. Boards tend to delegate responsibilities for risk oversight to a board level committee. More boards are likely to pull that back to the full board level given all individuals on the board need to be informed about the range of top risks for the organization. The process used to generate reports to the board about risks is often ad hoc. Executives may want to rethink how they identify and prioritize risk information to be discussed with the board, given many boards are likely to place even greater pressure on management for more timely and robust risk reporting. Organizations struggle to embed risk accountabilities as part of employee compensation. That is something executives may want to rethink so that risk owners feel greater accountability for overseeing risks assigned to them. Cultural barriers exist inside organizations that limit the strengthening of risk management processes. Business leaders need to focus on what barriers are present inside their organizations to determine what needs to be done to remove those barriers so progress can be realized. You can download the full report here .

A principle that is easily forgotten is that to change outcomes you need to change your capabilities. Michael Porter's value chain analysis helps to visualize the chain of capabilities needed to create business value. However, capabilities are needed for every endeavor that requires an outcome to be achieved and even more so sustained and improved over time. The practice of this principle is essential for meeting objectives associated with regulatory performance and outcome based obligations. It is also necessary to solve problems in pursuit of those goals. The following capabilities driven business canvas will help you focus your attention on what matters most when improving outcomes. This canvas is available in a PowerPoint format along with other templates, workshops, and resources by becoming a member of The Proactive Certainty Program™. FREE memberships are available as our way of helping you address the uncertainties of COVID-19.

Companies need effective risk & compliance systems to ensure they stay between the lines during normal operations and even more so during a crisis. The current conditions are not likely to return to normal any time soon or at all. Companies will need to adapt their current systems to remain operational under changed and changing conditions. That's why we are introducing a NEW compliance resiliency program which helps you rapidly assess, analyze and prioritize your efforts to adapt your existing systems to the new normal so you can continue to meet your stakeholder obligations and improve your resiliency to future changes. ​ Our systems-first approach takes a holistic and risk-based view to obligations to establish essential capabilities that you need right now and can improve over time. This new program covers quality, safety, security, environmental and regulatory objectives and is available on-line as part of The Proactive Certainty Program. Reach out to us today to find out more about this new program.

One of the ways we contend with uncertainty is by having reserves. These are additional resources that can be made available to address a crisis situation, or more generally to ensure mission outcomes are achieved. During the COVID-19 pandemic a loss of critical positions will put a strain on operations. To contend with this, companies may look to their reserves to provide continuity of essential services and functions. A hidden and untapped reserve are previously retired staff; those who still hold necessary certifications, experience, and knowledge. This group of people if mobilized can help you contend with the dragon of uncertainty. References: [1] https://www.itv.com/news/2020-03-01/doctors-and-nurses-could-be-brought-out-of-retirement-to-fight-coronavirus/

I was thinking this morning about all the ways that life is able to go on even in the midst and you might say in spite of the corona pandemic. In a culture of immediacy when you can have whatever you want when you want, the idea of a disruption is unthinkable and possibly even frightening to some. However, it is during times like these that we can see more clearly what was always there but we have, perhaps, taken for granted. In every part of life there are those who go largely unnoticed that without them life just stands still. These are folks that help to keep the lights on, the water flowing, the streets safe, the food supplies moving, and provide the goods and services we have come to expect. These are people that work on the front lines of health care, energy production, food supply, emergency services, and many more. People who work in these industries don't have the option to "stay at home" but are called on now to work more hours than they probably would like to make sure that life does go on for all of us. They too are worried for their families and how they will manage. But they go to work anyways so that the lights stay on for everyone. Thank you to all those that who work behind the scenes to keep life going on. May you and your families be kept safe.

In a previous webinar I was asked this question with respect to compliance: Question: What would be the one area of an organization to start the focus on transitioning from reactive to proactive compliance? Short answer : the area where the obligations are most at risk. Longer answer: organizational designs based on "Taylor-ism" structure themselves around the specialization of work. Each level of work will have a different time horizon. The first level of work is concerned with the here and now; what will I do today, this hour, this moment. The next layer of work focuses on what needs to be done this week and so on up the organization. The level of reactivity will be the highest at the bottom of the organization and should become more proactive as you move up the organization. What we have observed is that the transition between reactive and proactive occurs most often at the director level of the organization; those that direct or lead managers. They are concerned more with effectiveness rather than efficiency. They will have a time horizon (1-3 years) that requires that they set goals, identify strategies, and anticipate and contend with risk which are all proactive activities. However, in many organizations directors are not proactive and instead manage managers rather than direct them. So I would begin with the directors of quality, safety, environmental, and regulatory programs. If they are not proactive the company can never be. Lean Compliance has a program to help directors become more proactive with their compliance. More information can be found here .

Many companies apply linear thinking and steps when attempting to improve their risk and compliance systems. As a result they never reach program effectiveness leaving organizations at risk which threatens their mission success. That's why we recommend companies simultaneously establish the following essential operational processes that work together as a whole to achieve, sustain, and advance compliance performance and outcomes. Maturity of each process can be advanced to achieve higher performance and better outcomes while remaining aligned with each other and overall business objectives.

Balanced scorecards help companies track performance. In today's marketplace characterized by digital disruption you need to make sure that you track more than just performance along the value chain. You need to include areas of your business that are responsible for innovation and growth. These will have different measures and different management approaches. However, what you need most of all is to track progress against outcomes. Are we increasing value in the eyes of our customers? Are margins improving? Are we mitigating risks to ensure outcomes are advanced? Make sure your scorecard covers your entire business model.