(117cp) Adopting an Integrated Process Maturity Risk Model Approach to Process Safety

Process Safety can mean different things to different people but one thing is for sure, that when it comes to automation we need to address the three disciplines of: alarm management cybersecurity and functional safety. The reason is that there are consequences of not addressing these from a risk point of view, such as:

• the consequence of inaction due to operators being flooded with alarms;
• the consequence of compromise due to malware or viruses that disable and/or take over the Safety Instrumented System (SIS) or Basic Process Control System;
• the consequence of failing on demand due to the SIS not being maintained properly.

The key point here is that all three disciplines are managed via performance-based standards that have a lifecycle approach with the same three phases: Analysis, Design/Implementation and Operation and Maintenance. By adopting an integrated risk maturity model, companies can assess how well they are doing at implementing these three disciplines and managing the risks associated with them, to meet tolerable levels. This paper outlines an approach and methodology to help companies establish where they are from a maturity point of view, help identify where they want to get to and how to address any gaps. The paper will also present some examples of where companies have benefited from this type of approach and that it is not just large companies that can benefit but companies of all sizes within the process industries.