GCPS 2018

________________________________________________________________________

The Uses and Users of PHA/HAZOP Results

William Bridges, Jeff Thomas, Paul Casarez

Process Improvement Institute, Inc. (PII)
1321 Waterside Lane
Knoxville, TN 37922
Phone: (865) 675-3458
Fax: (865) 622-6800
e-mail: [email protected]
e-mail: [email protected]

©Copyright 2018, all rights reserved, Process Improvement Institute, Inc.

Prepared for Presentation at

American Institute of Chemical Engineers
2018 Spring Meeting and 14th Global Congress on Process Safety
Orlando, Florida
April 22 – 25, 2018

AIChE shall not be responsible for statements or opinions contained

in papers or printed in its publications
GCPS 2018
________________________________________________________________________

The Uses and Users of PHA/HAZOP Results

William Bridges, Jeff Thomas, Paul Casarez

Process Improvement Institute, Inc. (PII)
1321 Waterside Lane
Knoxville, TN 37922
Phone: (865) 675-3458
Fax: (865) 622-6800
e-mail: [email protected]
e-mail: [email protected]

Keywords: PHA, HAZOP, LOPA, SIS, Mechanical Integrity, Fire risk

scenarios, safety critical equipment, operating procedures, safeguards,
independent protection layers, IPLs, trouble shooting guides

Abstract
Process Hazard Analyses (PHAs) performed using methods such as
HAZOP and What-if that are augmented by checklists, have become
well establish as a core for understanding risk in a hazardous chemical
process and other processes. Some see the PHA results as an end to
them itself. But, the real benefit of performing a PHA lies in its
usefulness within all aspects of controlling risk day-to-day.

This paper explains the different uses of the PHA results and who uses
the PHA results. It charts the path for extracts of the PHA results
(including the formal PHA report) to the rest of process safety
implementation and process safety control. The many uses, intended
from the start of hazard evaluations in the 1960s or discovered years
later, will surprise many in the industry. Knowing the uses will help you
implement process safety thoroughly and more efficiently, and this
knowledge of the uses will change the amount of effort you put into the
documentation of the PHA results.
.
GCPS 2018
________________________________________________________________________

Background
The increasingly complex and technical demands of process safety management (PSM)
have placed a large demand on existing resources across the process industries. Success
requires recognition of the synergies between process safety activities. Process hazard
analyses (PHAs) are the "heart" of process safety because it identifies all process safety
accident scenarios for the process and documents these scenarios. If the documentation
in the PHA is clear enough and thorough enough, then it can provide critical input to the
rest of the process safety elements.

1. The PHA report

Many consider the PHA report to be “The PHA”. Actually, the brainstorming meeting
with the team is much more important (100 times more important) to the company than
the report itself because the brainstorming meeting is where the team uncovers accident
scenarios and determines if the risk is tolerable. If the scenarios are not found, then
organization will not know if it has sufficient safeguards against these scenarios.

The report is a record of the meeting and the resulting recommendations for lowering the
risk. It is a short summary of the team discussions (10,000 words per scenario discussion
that are condensed to 100-200 words per scenario).

Purpose and benefits of a thorough report

The report serves several key functions listed below:

 Provides a record of the meeting discussion, including a list of summarized
accident scenarios discussed during the meeting
 Lists the recommendations for lowering the risk to tolerable levels (each of these
recommendations must be resolved)
 Is one of the basis of judging the quality of the PHA meetings for internal and
external compliance evaluations
 Is a valuable input to the other process safety activities and systems  Most of
the paper will focus on this as the main purpose of the PHA report

Figure 1 illustrates the relationship of PHAs to the rest of process safety

Writing Effective Recommendations

One key component of every PHA report, including executive summary reports, is the
recommendation section. Recommendations help management decide how to lower the
risk to tolerable levels. Recommendations many times feed directly into the engineering
GCPS 2018
________________________________________________________________________

of the process, such as by specifying the limit scenario for sizing a relief valve or by
judging when additional independent protection layers (IPLs) are needed.

Figure 1: The Relationship of PHAs to the Rest of Process Safety Activities and Systems
© Process Improvement Institute, Inc. (2013-2018)

PII team leaders and scribes ONLY develop recommendations to bring the risk of a
scenario to a tolerable level, so our PHA teams believe that all of their recommendations
are necessary to achieve tolerable risk. However, not all recommendations will be
accepted by management; they have the right and responsibility to reject
recommendations that will not lower risk effectively, or to reject recommendations if the
risk is already low enough without the recommended improvement. Therefore, it is best
to write the recommendation in a style that allows management flexibility in deciding
what will be implemented.

The best style for writing a recommendation is shown below. Always begin with a
general statement of the concern so that management can address it in the best way
possible. Then, provide management with a listing of specific suggestions (if possible)
GCPS 2018
________________________________________________________________________

Recommendation Nº: Consider… (state general concern).

Otherwise… (state the consequence that could occur). The
team considered… (list the existing safeguards). Specific
suggestions by the PHA team include ….

The Otherwise sentence is optional. If the existing safeguards are not listed, then
management may think the team missed these safeguards and may judge that the exiting
risk is tolerable. Specific suggestions from the team are listed without rating. (Example:
“Provide an independent high level switch to shut down the feed pump.”)

Report Content

In order to decide how to structure the report you must first decide what purpose the
report will serve. If the report is strictly for compliance then a very thin report will
typically suffice. If the report will be used to aid in the development of trouble-shooting
guides or to support other process safety activities and management systems, then the
clarity and quality of the report are very critical.

Introduction/Scope

This section should provide:

 The purpose of the PHA (e..g, to satisfy requirements of OSHA PSM, company
standard XXX,)
 Whether the PHA is an initial PHA, a revalidation, or a re-do of a previous PHA
 What phase of the life cycle of the process (e.g., detailed design, pre-commission,
post-commission, ongoing operations)
 The scope of the process(es) covered (including any procedures reviewed as part of
PHA of non-routine modes of operation)
 Date(s) the PHA was conducted
 Name and position/title of team members present during the meeting(s)
 Any special circumstances affecting the scope, etc.

Method Used

This section should describe the method (e.g., HAZOP, What-if, FMEA) that was used to
complete the PHA and a brief description of the method itself.
GCPS 2018
________________________________________________________________________

Executive Summary

This section should provide:

 Summary of recommendations perhaps with a table breaking down the type and
number of recommendations if safety, environmental, and operability issues were
considered.

PHA Tables

This section should include final copies of each of the completed PHA analysis tables (in
the best format for each chosen method, HAZOP, What-if, 2 Guideword HAZOP of
steps, etc.)

Appendices

Any documents that were used to support the PHA should be referenced. These may
include:
 Previous incidents
 Checklist tables
 MOCs
 Drawings, P&IDs, etc. (ensure the same revisions used during the meeting are
attached/referenced in the appendix)
 List of procedures (with revision number) used

To produce a report of good quality and excellent level of detail takes about the same
amount of time after the PHA meeting as the meeting itself takes. But typically, only the
leader and scribe write the report. The rest of the team members dedicate their time to
providing input during the meetings and gathering data to close open items. The
following table shows the typical responsibilities of the leader and scribe in preparing a
high quality PHA report.
GCPS 2018
________________________________________________________________________

Table 1. Leader/Scribe report responsibilities

Scribe Leader
Finish tables Finish recommendations
 convert rough notes to words  convert notes to words
 move info to the correct location in  add phrases to explain “why”
tables  embellish if necessary
 try to ensure consistency of words,  issue Preliminary Report of
links, etc. Recommendations

Draft the rest of the report

 introduction/scope
 method used
 executive summary
 appendices
o previous incidents
o checklist tables
o list of documents
o etc.

Review leader’s work Review scribe’s work

Compile/issue Full PHA Report
© Process Improvement Institute, Inc. (2013-2018)

Steps for completing the report

 Prepare summary of recommendations and have the team and management review
 Management can already assign responsibility and estimate completion schedule, or
assign completion date for each recommendation (optional at this point)
 Draft report
o Formalize logistical notes (i.e., attendance records, list of drawings, list of
documents)
o Develop detailed recommendations
o Develop detailed hazard review notes/data (HAZOP or FMEA tables)
 Have draft report reviewed (distribute for employee review – optional at this time)
 Make corrections as necessary
 Finalize PHA report and obtain signoffs, distribute, and/or file official copies
 Distribute PHA report to affected employees for comment/review (if not done at draft
stage). Obtain written proof of employee review.
GCPS 2018
________________________________________________________________________

2. Uses and Users of PHA Results (with EXAMPLES)

As stated earlier and as illustrated in Figure 1, there are many users of the results of the
PHA. Table 2 is a partial listing of the users and uses, in relatively order of importance
(the ordering is based on the combined experience of PII, who have helped more than 50
organizations implement process safety and who have led and documented thousands of
PHAs of entire units or plants.

Table 2. The Primary Users and Uses of PHA/HAZOP Results

Rank User Use
Process engineering, Project ▫ Identifying the Independent Protection Layers
Engineering, Designers, (IPLs) needed (including SIFs)
1 Instrumentation, EPC, etc. ▫ Identifying the target SIL (PHA = SIL Study)
▫ Finding the limiting case for PSV sizing
▫ Vent, duct, flare, and dike sizing
Mechanical integrity - ▫ List of Initiating Events (IEs) and IPLs (all safety
inspection, test, PM plans & critical equipment)
2
schedules & procedures ▫ Information on component reliability or availability
needed to reach the target risk reduction factor
Operations department, ▫ List of Human IEs and procedure and human
including operating factors aspects to focus on
procedures and focusing of ▫ List of Human IPLs that will need trouble-shooting
3 training and drills guides and annual drills per operator
▫ Beginning portions of Trouble-shooting Guides
(the procedures for responding to critical
deviations)
Fire protection design and Identifying fire scenarios for
fire-fighting plans ▫ Fire-fighting system design; fire water capacity
4
▫ Fire-fighting scenarios for active drills
▫ Gas/fire detection requirements
Management of Change ▫ PHA describes current risk control envelope
5 ▫ PHA is one basis to identify and document
changes
6 PHA Revalidation ▫ Each PHA Revalidation builds upon the prior PHA
Incident Investigations ▫ PHAs identify possible accident scenarios to
7 check (Did the initiating predicted occur? Did one
or more IPLs fail?)
Auditors and quality ▫ Did the PHA address the requirements
8
assurance checks ▫ Did the organization user results per listing above
© Process Improvement Institute, Inc. (2013-2018)

A small fraction of PHA/HAZOP studies and related PHA/HAZOP reports meet the
needs of all of the users listed above. Some people may say that is it possible for the
PHA and report to meet all of the needs. But the authors and other experienced PHA
GCPS 2018
________________________________________________________________________

Leaders have been providing PHAs and reports that meet these needs for decades.

An organization that ensures their PHAs meet the needs of these users is one that
understands how to control process safety. PII tests for this linkage during PSM audits.
One way we do this is to extract about a dozen causes and a dozen safeguards (those that
either are or appear to be IPLs) and then we check to see if these are in the list of Safety
Critical Elements (SCE) and check to make sure that site is inspecting, testing, and
maintaining each of these components. If not, then the site has a gap or perhaps the site
fails to understand the relationship between the PHA and the rest of process safety.

The next few sections are examples of how to use the PHA to provide the information
stated in Table 2 or how this information may be extracted from the PHA results and used
in controlling risk at the site.

EXAMPLE 2-A: Determination of IPLs and SIFs during

PHA/HAZOP as feed into Engineering/Design and into
Mechanical Integrity1

One of most valuable outcomes of starting LOPA in the mid-1990s was the
crystallization of the qualitative definition of an IPL. If the PHA/HAZOP leader was
competent in the definition of an IPL, we found that IPLs could be just as easily
identified in a PHA/HAZOP as in a LOPA. This was a significant outcome, since IPLs
(along with the Initiating Events, IEs) are what we need to focus on to maintain tolerable
risk for each scenario. In other words, we can focus our reliability/maintenance and
operational efforts on IPLs to conserve resources while maximizing control of risk. SIFs
are just one type of IPL and we found the same was true for identifying SIFs and setting
their SILs. Also, as mentioned earlier, ANSI/ISA 84.00.01-2004 allows SIL to be set
qualitatively.2 COMPETENCY, as always, is Critical; the path to competency includes
learning the rules for using this approach, so the rules are explained first in this paper.

Intentionally Achieving COMPETENCY in the Qualitative Definition of an IPL and

SIF

First, the PHA Leader must become fully competent in the rules and descriptions of SIFs
(of various SILs) and other IPLs. This is discussed in details in other papers by PII.
Many PHA leaders are not competent in even how to conduct a PHA; in fact, about 90%
of the PHAs reports that we have reviewed around the world are woefully deficient,
especially with respect to finding scenarios during startup, shutdown, and online
GCPS 2018
________________________________________________________________________

maintenance. Per the authors’ experience, the path to the necessary competency is
typically:

 Already be an experienced PHA leader, trained in all PHA methods, and capable of
applying these methods to all modes of operation and capable to make sound
qualitative judgments, along with the PHA team members, on when the number and
type of IPLs is sufficent to control the risk. Achieving full competency as a PHA
leader may require some remedial training on how to lead PHAs of startup, shutdown,
and online modes of operation; or remedial training on how to uncover and discuss all
plausible damage mechanisms.
 Attend a LOPA course to learn the basics of IPLs (including SIFs) as described in the
previous sections. The key on qualitative risk judgment is to know when there are
enough IPLs for the accident scenario under review.
 Get coaching (by someone already competent) during actual PHAs to learn how to
help a team make judgments if safeguards meet the definition of an IPL (or SIF) or
not and also on if there are enough IPls for the accident scenario (risk judgment). We
know from thousands of PHAs over the past decades that a PHA team can make
excellent risk judgments > 95% of the time, which also means that the IPLs and SIFs
can be clearly identified > 95% of the time.
 Achieve competency, in the opinion of the competent coach on the skills above.
 In addition to the PHA team leader competency, the PHA team has enough
understanding of either qualitatively risk judgment or LOPA risk judgment– just in
time training by the PHA leader (we tend to accomplish this training across the first
5-10 accident scenarios we discuss)
Using the Qualitative Definition of an IPL and SIF

The competent PHA/HAZOP leader can now guide the PHA/HAZOP team through the
following thought processes:

 IF (1) the safeguard meets the definition of an IPL and (2) if the team believes
(qualitatively) this safeguard is critical to control risk to tolerable level
(qualitatively),then add the designator “ – IPL” to the right of the safeguard text.
If the safeguard is not going to be labeled an IPL, then it can be run to failure;
unless the safeguard supports an IPL, such as when a sight glass supports an LAH
used in an Human Response IPL, in which case the sight glass will have some PM
(such a periodic cleaning of the sight glass).
GCPS 2018
________________________________________________________________________

 IF an instrument is already in the ESD system or SIS and qualitatively meets the
archetecture of an SIL 1, or SIL 2, or SIL 3, and also meets the definitions/rules
for an IPL, then add the “- SIL-1” (or SIL-2, or SIL-3) to the right of the text.

Table 3: Excerpts from Petrochemical Process PHA at SS-TPC3

No.: 2 XXXX storage spheres xxx-T-XX A/B/C/D/E/F/G/H/I/J/K/L (1 of 12)

# Dev Causes Consequences Safeguards Recommendations

2.1 High Too much flow High pressure (see 2.5) High level SIF with level sensors
level to one sphere voted 2oo2, to close inlet valve
from XX Plant - SIL 1
(through their Overflow thru pressure
pump; about 40 equalization line to other
bar MDH) spheres (through normally open
[NO] valve) - IPL

Misdirected flow Overpressure of sphere not High level SIF with level sensors
- Liquid from credible from high level, voted 2oo2, to close inlet valve
xxx Plant(s) to for normal operating - SIL 1
spheres (see pressure of the column Overflow thru pressure
1.4) (which is 1.75 MPa), unless equalization line to other
all spheres are liquid filled spheres (through normally open
and then thermal [NO] valve) - IPL
expansion of the liquid
could overpressure the Spheres rated for 1.95MPa
spheres (19.5 Bar, approx) and the
highest pressure possible from
Overflow into the the column feeding the spheres
equalization line will is 1.75 MPa
interfere with withdrawal Level indication and high level
from the column, but this alarm in DCS, used by operators
is an operational upset to manually select which tank to
only fill - Human Response IPL
Excessive pressure on inlet
of high pressure liquid
pumps, leading to excess
load on pumps and trip of
pumps on high pumps,
causing trips of xxx, xxx,
etc. - significant operability
issue

2.2 Low Failing to switch Low/no flow - Liquid from Level indication and low level Rec 4. Make sure the
level from the sphere spheres through high alarm, inspected each year, per Human IPL of response
with low level in pressure product pumps government regulation (not to low level in all
time (based on to the vaporizer (see IPL; part of the cause) spheres and tanks is
level indication) 4.2) Feeding from two spheres at all described in a trouble-
times, so unlikely for BOTH shooting guide (like an
spheres to have low level at the SOP) and practiced once
same time - IPL per year per unit
operator. This will make
Two level indication from SIS this response a valid
level transmitter, with low level IPL.
alarm, with more than 60 min
Low/no flow - Unqualified available to switch tanks (SIF
liquid from spheres back driven alarm and response) -
to Plant (see 6.2) possible IPL, if action of the
operator is quick enough
GCPS 2018
________________________________________________________________________

Table 3 is an excerpt from a PHA report that illustrates the identification of a safeguard
as IPLs or SIFs; and this also defines the target SIL needed.

For the PHA illustrated in Table 3, in some cases the SIF that was installed for protection
against scenarios during continuous mode of operation did not protect against even more
catastrophic and much more likely consequences during startup or online maintenance.
For such situations, additional IPLs, including SIFs specific to startup or online
maintenance, were recommended by the PHA team.

At this site in China, the non-human IPLs identified were entered into the computerized
maintenance management system (CMMS) and maintained as critical features in
reliability/maintenance systems. The human IPLs put on a schedule to test (using live
drills) once a year. All of these activities are to ensure the IPLs/SIFs deliver the PFD
anticipated, while still ensuring reliable operation/control by not causing too many
spurious trips.

EXAMPLE 2-B: Developing Trouble-Shooting Guides from

PHA/HAZOP Results 4

Trouble-shooting guides are a special form of operating procedure; they are written for
the actions that we want the operators to take to recover from a process deviation, before
an emergency situation occurs. They are called guides (rather than procedures) since
rarely can we predict the process conditions at the time the action is required (so a rigid
procedure with exact ordering of steps is not possible to write). Trouble-shooting guides
(and training and drills of the action) are required for any action that is considered a
Human Response IPL. The Action Limit is what we show as the Min or Max in a
Trouble-Shooting Guide. The action limit triggers the demand to use the trouble-
shooting guide.
 The response is typically still possible, but it is time dependent. The time available is
called the process safety time (PST). The operator must complete the diagnosis,
make the necessary change(s), and make sure they are out of harm’s way by the end
of the Maximum Allowable Response Time (MART).
 We usually set an alarm or a pre-alarm to trigger this action.
 This is usually before the shutdown triggers (ESD occur automatically) or release
points (PSV set points) are reached
 The Min and Max shown in the Trouble-shooting Guide table is not the absolute
safety limit for a system, but is instead some value that leaves us some time to take
action to prevent from reaching the absolute limits.
GCPS 2018
________________________________________________________________________

 There is still time to prevent or avoid the final consequence that could occur if we
reach the ultimate limits of the process. Usually, we want the MART to be ½ or less
of the PST, and we want MART > 10 minutes for trouble shooting in the field/plant
and MART > 5 min for trouble-shooting only from the control room.
If the unit has a good PHA/HAZOP, then it is best to extract information from the
HAZOP (or What-If) analysis tables to start the development of each troubleshooting
guide. The guide is then finished with input from the process experts.

Table 4. Examples of Creating a Trouble-Shooting Guide from a HAZOP Table

HAZOP Table Entry Trouble-Shooting Guide Entry

Cause: Bypass valve is open or
Make sure the bypass is tightly closed
passing
Safeguard: Isolation valves for the
Isolate the vessel, if necessary
vessel
Make sure the relief valve block valves/relief
Safeguard: Relief valve
path are open

The key categories of information needed in a trouble-shooting guide are:

 IMMEDIATE ACTION (by system or by operator)

 DECIDE IF ALARM is REAL
 FINDING and FIXING the CAUSE
 FIX or BYPASS PROBLEM
The example below is of a trouble shooting guide for one critical alarm/action.
GCPS 2018
________________________________________________________________________

Figure 2
GCPS 2018
________________________________________________________________________

Image and layout copyrighted by PII, 2008-2018

Optimal presentation of trouble-shooting information.

Ideally (or ultimately) such trouble-shooting information should be imbedded in the basic
process control system (DCS) so that the operators can access the information on the
DCS screen “on demand,” with the click of mouse or key.

EXAMPLE 2-C: Documenting Changes in Baseline PHA/HAZOP

to streamline Next PHA Revalidation (Evergreen PHA)5

An evergreen PHA is the result of using the baseline PHA report to the fullest for
documenting MOC risk review results and for updating for learnings from incidents, as
they occur (not waiting for the 5 year cycle to complete). See the table on the next page.
GCPS 2018
________________________________________________________________________
GCPS 2018
________________________________________________________________________

This approach requires a high quality and thorough baseline PHA. It uses codes, in
brackets, to note which MOC or incident the new information came from.

So, if the organization intends to keep their baseline PHA evergreen, then the PHA
Leaders and Scribes of MOC risk reviews need to learn how to find and edit the baseline
PHAs. This approach results in the baseline PHA being up-to-date with each single or
grouping of revisions. The approach also saves considerable time as each 5 year
revalidation cycle as the bulk of the updating is already complete well in advance, while
the information is still fresh in the minds of the PHA leader and scribe.

3. IMPLEMENTATION PATH FOR USING PHA RESULTS

The path forward is not complicated, but it is hard work and requires organization
discipline, primarily meaning that management acts upon a long term vision and not
short-term vision. The basic steps to achieve the goals using PHAs are:
 Develop the organizational requirements for the linkages from the PHA/HAZOP
results as listed in Table 2. Develop the standard to document these requirements and
establish the roles and responsivities and accountabilities in this standard.
 Develop the guidelines and rules for documentation of PHA/HAZOP results, as
illustrated in this paper and related papers, so that the basic data required in Table 2 is
available in the PHA/HAZOP results.
 Have PHA/HAZOP Leaders attain the competencies necessary to deliver the quality
and thoroughness of results needed, especially for identifying the IEs and IPLs
(including SIFs and SILs) as illustrated in this paper and as described in detail in
other papers by the authors.
 Develop one or more guidelines for extracting the data from the PHA/HAZOP reports
to use the rest of process safety activities and management systems
o Guideline for Creating Trouble-Shooting Guides from PHA/HAZOP results
o Guideline for Extract critical IPLs and IEs from PHA/HAZOP Results to
Identify Critical Engineered Features (or Safety Critical Equipment)
 Have staff develop the competencies needed for the extractions and use mentioned
above.
 Develop the capabilities to keep the baseline PHA/HAZOP evergreen for each
Change, one the MOC is actually implemented.
 Periodically audit and improve these systems
GCPS 2018
________________________________________________________________________

4. CONCLUSIONS

For many organizations, PHA/HAZOP results are an untapped gold mine of information.
If the right protocols for performing and documenting PHA/HAZOPs are put in place and
if the rules and guidelines for using the vast data in the PHA/HAZOP results are
established, then HUGE gains in synergy from the PHA/HAZOP results are possible.
These are gains that were intended from the beginning of process safety to help prevent
incidents

5. ACRONYMS USED
AIChE – American Institute of Chemical Engineers
CCPS – Center for Chemical Process Safety (of AIChE)
GCPS -- Global Congress of Process safety
HAZOP – Hazard and Operability; as in HAZOP Analysis or HAZOP Study
IE – Initiating Event
IPL – Independent Protection Layer
LAH – High level alarm
LOPA – Layer of Protection Analysis
MOC – Management of Change
PHA – Process Hazard Analysis
PSM – Process Safety Management
OSHA – US Occupational and Health Administration
SIF – Safety Instrumented Function
SIL – Safety Integrity Level
SIS – Safety Instrumented System

6. REFERENCES
1. “Identify SIF and Specify Necessary SIL, and other IPLs, as part of PHA/HAZOP –
or - Why it is not necessary to ‘Boldly Go Beyond HAZOP and LOPA’”, W. Bridges
and A. Dowell III, 12th Global Congress on Process Safety, Houston, TX, AIChE,
April 2016.
2. Functional Safety: Safety Instrumented Systems for the Process Industry
Sector - Part 3: Guidance for the Determination of the Required Safety
Integrity Levels; ANSI/ISA 84.00.01 Part 3, 2004.
3. “Implementation of Process Hazard Analysis at SINOPEC-SABIC Tianjin
Petrochemical Company Ltd, China”, Homoud Al-Maymouni, Yunzhong Gao (both
from SS-TPC), and W. Bridges, 11th Global Congress on Process Safety, Austin, TX,
AIChE, April 2015.
GCPS 2018
________________________________________________________________________

4. “Best Practices for Writing Operating Procedures and Trouble-Shooting Guides” W.

Bridges and R. Tew, 13th Global Congress on Process Safety, San Antonio, TX,
AIChE, March 2017.
5. “Best practices for PHA Revalidations,” W. Bridges, R. Tew, M Massello, 14th
Global Congress on Process Safety. Orlando, FL, AIChE, April 2018.