See the latest EHS federal and state regulatory updates due to COVID-19

Incident Investigation, one of 14 elements of OSHA's Process Safety Management program (29 CFR 1910.119), requires subject facilities to develop internal capabilities to initiate, document, and execute a full incident investigation program. This program should be carried out by a multi-disciplinary team comprised of members with the knowledge and ability to offer specific expertise in the incident investigation, and should include employees or contractors involved in the incident. This team is responsible for conducting interviews, gathering evidence and documentation, and writing reports related to the specific incident.

PSM hardhat

Of the 14 PSM elements, incident management is one of the most misunderstood elements with regard to its implementation, execution, and document retention. The basic intent behind incident investigation and management with respect to a PSM-regulated facility is to "recognize and investigate types of events that resulted in, or could reasonably result in a catastrophic release." It should be noted that other safety incidents are not subject to this specific PSM element. For instance, facilities with "near miss" programs or general OSHA safety programs may dictate the investigation of various types of incidents-such as trips, slips, and falls-that may not have reasonably resulted in a catastrophic release. This distinction is important and creates a data management challenge for tracking and resolving PSM-specific incidents, as described below.

Incident Investigation Tracking

The EHS manager must decide whether to track PSM incidents in parallel with tracking general OSHA or other non-PSM related incidents or within the same program. If combining incident management programs such as ISO, general safety, and near-miss and tracking them together, be aware that PSM requirements are typically the most restrictive and will require more detailed review and implementation. For example, the PSM incident form is prescriptive and must look exactly as provided in 29 CFR 1910.119 (m). Required information includes the date of the incident, the date the investigation began, a description of the incident, factors that contributed to the incident, and recommendations resulting from the investigation. Additionally, PSM incident investigations must be started within 48 hours of identifying the event or risk being out of compliance during the next audit.

Risk Management

An advantage of combining incident programs is the opportunity it gives the investigating team to gain proficiency at conducting a thorough incident investigation, given that non-PSM incidents and near-misses may occur more frequently than PSM events. Another advantage to combining the programs is having enough auditable material for the required PSM Compliance Audits that are conducted every three years. Because PSM events are typically and hopefully few and far between, this often results in a lack of data in terms of representative incident investigation records, when being audited. Administering the facility's incident investigation program through the PSM program generates additional documentation for the auditor's review that demonstrates that the facility is actively tracking all incidents.

A downside of co-mingling the PSM data with other programs is that the PSM program may require operating those other programs more restrictively than would be required if operated independently. This unnecessary stringency could prove problematic for high-frequency incident tracking programs - such as ISO non-conformance reporting - that already have standardized tracking systems and follow ISO procedures. Another downside is that by combining PSM and other incidents, the emphasis on PSM events and the ability to recall the data may become lost in the overall data; whereas specific emphasis should be maintained on those types of incidents that may have resulted in employee injuries and possible fatalities. A fatal incident and an ISO non-conformance product issue should not have to compete for attention.

Preparing for Compliance Audits

PSM requires incident record be kept for a period of five years, but often auditors find there are no incidents on record to review. In the typical audit, the auditor will review at least five years of facility history, but the frequency for a PSM incident that resulted or could have resulted in a catastrophic release may be well over five years for many facilities. Also, some facilities may have never had a qualifying incident in their operating history, and relatively new facilities that are undergoing their first audit likely haven't had enough history to experience an incident. Facilities that have not experienced PSM incidents may wish to consider performing routine emergency response drills and running mock incident reports on the emergency response release scenarios. This may be beneficial in demonstrating to the auditor that the facility is actively engaged in incident tracking, and not simply ignoring real incidents.

Root Cause Analysis

Incident investigation should be designed to reduce the likelihood of an incident and the recurrence of incidents. Many times, facilities rely on an ordered list of action items from the incident investigations with no tie to the actual root cause of the incident. PSM requires compiling and tracking actions from incident investigations, referred to as recommendations in 29 CFR 1910.119., Although the regulation does not require using a root cause analysis (RCA) tool to identify the true cause of the event, a best practice is to develop the incident investigation recommendations through a standardized RCA procedure, to ensure the list of recommendations is meaningful, and more importantly, that implementation of the recommendations actually solves the problem and prevents a recurrence.

There are several RCA products on the market, with some of the more popular tools including 5-Why, ThinkReliability Cause-Mapping, and TapRoot. The choice of tool is less important than agreeing on its use and being trained on the specific methodology for identifying the root cause(s) of a PSM incident. Facilities unfamiliar with conducting a root cause analysis may benefit from engaging an external consultant to perform the first one or two, until facility staff have gained sufficient proficiency.

PSM pull quote

Finalizing the Incident Action Items

Incident investigation actions items and recommendations have a tendency to pile up and may easily be ignored, if not properly tracked through a standardized tracking system. A spreadsheet can be useful to an extent, but for manageable and interactive results, a facility's existing tracking software may provide a better solution.

Most PSM subject facilities have a maintenance management system and utilize software such as MP2, Maximo, and SAP to track preventive maintenance work orders. With minimal modifications, these systems can easily be used to track PSM incident investigation recommendations. Since the infrastructure is already in place, and facility employees are already familiar with it, adding the PSM incident investigation element blends seamlessly.

To properly finalize and close an incident investigation, the team should demonstrate that all recommendations from the incident have been reviewed by the facility employees, that the tracking system provides evidence of sequential updates and progress, and that recommendations have been implemented by the deadlines set by the investigating team. OSHA and compliance auditors will want to see the data compiled in a tracking system and that it can easily be sorted and reviewed against the paper forms, ensuring
accurate closeout of each item. Using existing software platforms streamlines this process and alleviates static spreadsheet dilemmas.