Strategies and Effective Practices



          to Manage and Mitigate Hazards







          Reduce risk by elimination of bypass events
          g   Select safeguards that would not typically
              need bypassing for start-up.
          g   Automate the temporary inhibiting of
              safeguards (following required permissives)
              during start-up to eliminate the need for
              manual bypassing. Include a timing function
              that automatically reverts the interlock to full
              operation after a specified period.

          g   Avoid protection strategies that would use
              the same safeguard device in conflicting
              states (e.g., one hazardous event requires
              a valve to close while a different hazardous
              event would require the same valve
              to open).
          g   Use redundancy in safeguard architecture
              so that each malfunctioning safeguard
              device can be repaired without defeating
              the entire safeguard function.


          Use controlled and auditable means of access restriction for bypasses.
          g   Install locks and/or car seals (per plant convention) on root valves used to bypass devices and control access to the
              keys. See the Energy Isolation SWP for details on the use of isolation locks and car seals.

          g   Use passwords to control bypasses of programmable devices and ensure passwords are not known/shared openly.


          Manage risk during the bypass of a safeguard.
          g   Identify and implement compensating measures sufficient to address any risk gap created by the bypass.


          Design safeguards to be tested during a turnaround or outage
          g   Use redundancy in safeguard architecture so that planned testing can be performed during facility outages when
              process equipment will be isolated in an inherently safe state.


          Understand operational status

          g   If the plant, or a portion thereof, is unstable and a potential to initiate a hazardous event exists, caution should be
              exercised before authorizing bypasses.


          Recognize changes in process conditions
          g   Bypass permits, procedures, or MOCs that extend over many hours need to be reevaluated to ensure the
              surrounding area and plant conditions have not significantly changed, and that the compensating measures
              detailed on the permit are still valid.






         5   SAFE WORK PRACTICE, TEMPORARY INSTRUMENTATION AND CONTROLS BYPASS