1. HSE-MS Audit Team Briefing Sessions

2. Team Briefing programme
Why do we audit?
When do we audit?
Link Model HSE-MS auditing
What do we audit?
Audit methodology
What do we audit against?
Ten principles of HSE-MS (EP questionnaire)
Site visits & interviews
Report Writing
Audit rating
Audit schedule
Audit Team task distribution

3. Risk definition
Risk = Frequency * Consequence

4. Escalating Impact of Errors Insurable Risks - Assets / Liabilities
1970 Torrey Canyon $ Million
1980 Amoco Cadiz $ ,,
1986 Piper Alpha $ ? ,,
1990 Exxon Valdez $ ,,
1993 Braer $ ? ,,
1995 Sea Empress $ ,,
Next ??????

5. Escalating Impact of Errors Non Insurable Risks - Commercial/Financial
1970 Shell Nuclear Initiative $ 1000? million
1990 Showa Shell $ ,,
1996 Barings Bank $ ,,
1996 Brent Spar $ 100? ,,
1996 Shell Nigeria $ ??? ,,
Next ??????

6. Escalating Impact of Errors
High Impact events - All avoidable
Bhopal people
Exxon Valdez Environment
Herald of Free Enterprise lives
Estonia people
Next ??????
Consequences
Leading to new standards (cost effective?)
Loss of business

7. Moody-Stuart letter 17/3/92
Business Risk
".. the safety and environmental risks of our operations are perhaps the largest business risk we run, .."
Moody-Stuart letter 17/3/92
to Opco MDs and GMs

8. Risk management Risk = Frequency * Consequence
Changing goalposts !
Steady (reduced?) frequencies
Increasing consequences
Have we gained ?
Risk of error needs to be massively reduced!

9. SIEP View
“There should be absolutely no question of operational urgency or other pressures taking priority over safety. It has been repeatedly demonstrated that improved safety in operations goes hand in hand with greater efficiency, quality and cost effectiveness
I would therefore request you to ensure that work does not start before it is confirmed that essential safety systems are in place and that staff are accountable for this requirement. Where we cannot ensure safety, operations should be suspended.
M Moody-Stuart 24/4/92

10. EP 93-1600 (Nov 1993) E&P Guideline on Audits and Reviews
Group Policy:
It is the responsibility of the Chief Executivs and managers of the Group Companies to set up, maintain and operate an appropriate framework of business controls.
The process of internal audit provides a means for independently reviewing these controls.
Audit plans should be drawn up which cover all aspects of a Company’s activities (including operational, commercial, technical, health, safety and environmental aspects).
Appropriate resources with skills matching the objectives should be used to conduct audits.
The Company’s Internal Audit Committee should approve the audit plan, monitor progress against plan, review significant control findings, and ensure that agreed action plans are followed up.
The Group policy applies both to SIEP-EP and the E&P Operating Companies.

11. HSE Audits & Reviews 84-98 Health Management Activity Rig Seismic
Start up
Facility
Environmental 50 45 40 35 30 25 20 15 10 5 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

12. (post SIEP reorganisation) frequency SIEP led E&P Audits
New World
(post SIEP reorganisation) frequency SIEP led E&P Audits
On OU (Opco) request
SIEP steering/guidance to be provided by RBDs, upon detection that OUs do no longer operate with boundaries of Group standards
Coordinate schedule such that same ground is not covered twice within recommended period

13. Business Controls
Business controls are the structured means which management uses to help it achieve the objectives which have been set for the company.

14. Business Controls Framework
Environment
Business
Objectives
Processes
Control Mechanisms
Organisation
Policy
Procedures
Supervision
Management
review and
appraisal
Control
Application
Business Operations

15. Model Management System
Correct
Improve
Policy & Objectives
Organisation
Responsibilities
& Resources
Standards
& Procedures
Implementation
& Monitoring
Review & Appraisal
Control

16. Corrective Action & Improvement Corrective Action & Improvement
HSE Management System
Leadership and Commitment
Policy and Strategic Objectives
Organisation, Responsibilities
Resources, Standards & Doc.
Hazard and Effects Management
Monitoring
Corrective
Action
Planning & Procedures
Implementation
Audit
Corrective Action & Improvement
Corrective Action & Improvement
Management Review

17. Mapping HSE-MS HSE-MS as per model HSE-MS for auditing
Leadership & Commitment
Policy & Strategic Objectives
Organisation & Responsibilities
Resources & Competence Assurance
HEMP
Planning
Standards, Procedures & Doc. Control
Implementation & Monitoring
Audit & Corrective Action
Management Review & Improvement
Leadership & Commitment
Policy & Strategic Objectives
Organisation, Responsibilities, Resources,
Standards & Doc. Control
HEMP
Planning & Procedures
Implementation
Audit
Management Review

18. Audit Definition
Audit is the systematic process whereby it is established that business controls:
are complete and consistent
are cost-effective and efficient
safeguard the company’s resources and promote their effective use
provide, and protect the integrity of, required records and information
comply with laws and regulations

19. Internal Audit Mission
To provide, as an integral part of the management review process, independent advice on the maintenance and improvement of a well-balanced business control framework appropriate to the organisation

20. Structure of Questionnaires
Generic Questionnaire (common to all HSE Audits)
Leadership & Commitment
Policy & Strategic Objectives
Organisation & Responsibilities
Resources & Competence
Hazards and Effects Management
Planning
Standards, Procedures & Doc. Control
Implementation & Monitoring
Audit & Corrective Action
Management Review
This is an example only.
Team leader to modify as needed
Subsidiary Questionnaire
Facilities
Subsidiary Questionnaire
Facilities
Subsidiary Questionnaire
Start-Up
Subsidiary Questionnaire
Seismic
Subsidiary Questionnaire
Drilling
Subsidiary Questionnaire
Activity
Subsidiary Questionnaire
Environmt
Subsidiary Questionnaire
Health

21. Objective & Strategy Objective: Strategy
To provide assurance that HSE management system is effective
Strategy
Look for unknown problems
Focus on gaps between areas of responsibility
Investigate identified deficiencies in depth
- find underlying causes
Record all areas investigated, noting any omissions

22. Audit Overview Based on National and Company standards
Sampling process
Overall impression usually negative
attempt to balance but focus on improvement
Focus on controls
Recommendations illustrate rather than limit solution
Ownership by whole team
facts supported by whole team
judgement by consensus

23. Start Up Audit Verification prior to start-up of the facility that:
HSE management is effective during development and construction
Recommendations of design reviews, Hazops etc. have been followed up
Hardware is fit for intended purpose and complies with standards
Operating, maintenance and emergency procedures are available, adequate, and understood
People have been trained for their work

24. Areas Covered Auditee Organisation HSE Management
Competence
HSE Management
Effectiveness of management controls
Equipment and Operability
Fitness for purpose
Design Process
Reviews and change control
Other
Client's request

25. Cause and Effect Cause Recommendation Problem Business objectives?
Policy failing?
Recommendation
Organisation
failing?
Review & App.
failing?
Procedural
failing?
Supervisory
failing?
Problem
Detailed findings/deficiencies/problems

26. Audit Process Familiarisation Review & Testing Reporting
Terms of reference
Control Assessment Matrix
Audit programme (incl. test plans)
Review & Testing
Test findings
Site visit
Study Documentation
Interviews
Reporting
Rating
Present Findings
Drafting
Editing
Report Finalisation

27. Audit process Audit report Summary Level of detail Very detailed
Kick-off meeting
Audit report
Summary
Background data
Present to Auditee
Audit Rating
Audit Programme & Questionnaire
Assess structure of controls
Summarise Findings
Level of detail
Cluster issues
Test controls
Establish state of controls
Detail findings
Clear findings
Very detailed
Familiarisation
Review & testing
Reporting

28. Example only: Team leader to edit
Terms of Reference
OBJECTIVE
To assess the effectiveness of Barendrecht - Ziedewij gas production and evacuation system HSE-MS.
Verify that:
relevant Safety Case is implemented and that the systems are operated accordingly
HSE risks are adequately identified and those considered acceptable are managed at ALARP levels.
SCOPE
Prod. ops. and maint. activities at the B & Z installations
All interfaces with relevant facilities.
Corporate MSs, other than SC management and documents, standards and organisation elements directly related to routine operations of the systems are excluded.
Example only: Team leader to edit

29. Example only: Team leader to edit
Terms of Reference
Special attention
Awareness of and compliance with the management of hazards
Adequacy of measures (planned or in place) to rectify the shortcomings identified in the V&G document,
Adequacy of emergency response and recovery measures,
Example only: Team leader to edit

30. Example only: Team leader to edit
Standards
Laws and regulations of The Netherlands
Permit requirements
Current NAM (BUO) standards and procedures
V&G document.
The audit may also include comment on any shortfall in the above in relation to Shell Group and industry standards.
Audit will be conducted along EP methodology
Example only: Team leader to edit

31. Standards Does it meet legal requirements?
Does it meet current NAM standards?
if not, upgrade automatically
Does it meet current SIEP standard?
Does it meet current industry standard?
if not, upgrade if cost-effective

32. Leadership & Commitment
HSE an integral part of business
Do managers effectively balance any conflict in the competing requirements to safeguard technical integrity and to optimise cashflow?
Do staff believe that management and supervisors are serious about the priority of HSE matters?
Do managers and supervisors periodically visit worksites and attend departmental safety meetings?
Do managers and supervisors lead by example - do they follow their own rules?

33. Policy & Strategic Objectives
Challenging policy and objectives understood by all
Is there a Health, Safety and Environment policy?
Are strategic objectives defined (also for HSE aspects)?
Do the policy and objectives require continuous improvement, and set a leadership goal?
Are objectives cascaded to tasks and targets for all staff?
Does the policy contain an explicit statement that work should be stopped/not started if unsafe?
Are the policy and objectives endorsed by the present chief executive?
Are they readily available to employees and contractors?
Do employees and contractors understand policy and objectives?
Is Contractors' HSE management is consistent with Company's?

34. Organisation & Responsibilities
Is the organisation appropriate?
Are boundaries and interfaces adequately described?
Are responsibilities defined to fully cover all activities?
Is there an appropriate balance between line staff and advisers?
Do all staff have job descriptions (also defining HSE aspects)?
Do staff understand and accept their responsibilities and authorities?

35. Resources & Competence Assurance
Are resources adequate for effective HSE management?
Are job competence needs defined?
Are individual competencies assessed against the job requirements?
Are the mandatory competency requirements being complied with?
Is there an structured HSE training system?
Does the HSE training system meet line requirements?
Is the HSE training system being used?

36. Hazards are known, ALARP and contained
HEMP
Hazards are known, ALARP and contained
Have all hazards and effects been identified?
Are consistent screening criteria avalable?
Have all risks and effects from from hazards been evaluated ?
Have appropriate measures been defined and implemented to reduce intolerable risks to tolerable levels?
Have appropriate measures been defined and implemented to reduce tolerable risks to ALARP level?
Have tolerable risks been elliminated where practicable?
Are the procedures and other measures and practices effective in containing hazards at ALARP level?

37. Likely magnitude of loss
Managing risk
Eliminate
High
Avoid ???
Likely magnitude of loss
REDUCE
Manage Alarp
Accept ???
Low
High
Probability of occurrence

38. Insurance and Risk management
Business
objectives?
Cause
Policy failing?
Organisation
failing?
Review & App.
failing?
Recommendation
HSE
Management
System
Procedural
failing?
Supervisory
failing?
Problem
Detailed findings/deficiencies/problems

39. Risk Assessment Matrix
Definitions
Consequence
consequence of scenarios that can develop from the release of a hazard given the available barriers and defences
(in incidents or near misses the hazard has been released already whereas in all other cases the hazard has not yet been released)
Probability
probability is estimated on the basis of historical evidence that the assessed consequence has materialised (i.e. not the probability of the release of the hazard)

40. Weakness Classification MatrixB C D E
Environ-
ment
Repu-
tation
Severity
People
Assets
Happens several times a year in the audited OU
Happens several times a year in the audited facility
Never heard of in
EP industry
Has
occurred in
EP industry
Has occurred in
the audited OU
No injury
or damage
to health No
damage No
effect No
impact
Manage for continuous improvement
Slight injury
or health
effects
Slight
damage
Slight
effect
Slight
impact 1
Minor injury
or health
effects 2
Minor
damage
Minor
effect
Minor
impact
Major injury
or health
effects
Consider-
able
impact 3
Local
damage
Localised
effect
Incorporate risk reduction Measures
Single fatality
or permanent
total disability 4
Major
damage
Major
effect
National
impact
Intolerable eliminate
Inter-
national
impact 5
Multiple
fatalities
Extensive
damage
Massive
effect
Serious: Exposes OU to a major extent in terms of achievement of corporate HSE objectives or results.
High: Though not serious, essential to be brought to Management attention. Includes medium weaknesses as repeat from previous reports.
Medium: Could result in perceptible and undesirable effect on achievement of HSE objectives.
Low: No major HSE impact at process level, correction will assure greater effectiveness/efficiency in process concerned.

41. Weakness Classification Matrix
People
Assets
Environ-
ment
Repu-
tation
Severity 1 2 3 4 5
No injury
or damage
to health
Slight injury
or health
effects
Minor injury
Major injury
Single fatality
or permanent
total disability
Multiple
fatalities No
damage
Slight
Minor
Local
Major
Extensive
effect
impact
Localised
Consider-
able
National
Inter-
national
Massive
Never heard of in
EP industry A
Low
Medium
High
Has
occurred in B
Has occurred in
the audited OU C D
Happens several times a year in the audited OU E
Happens several times a year in the audited facility
Serious
Serious: Exposes OU to a major extent in terms of achievement of corporate HSE objectives or results.
High: Though not serious, essential to be brought to Management attention. Includes medium weaknesses as repeat from previous reports.
Medium: Could result in perceptible and undesirable effect on achievement of HSE objectives.
Low: No major HSE impact at process level, correction will assure greater effectiveness/efficiency in process concerned.

42. Risk to People Severity Description 0 No injury or damage to health
1 Slight injury or health effects (including first aid case and medical treatment case) - Not affecting work performance or causing disability.
2 Minor injury or health effects (Lost Time Injury) - Affecting work
performance, such as restriction to activities (Restricted Work Case)or a need to take a few days to fully recover (Lost Work Case). Limited health effects which are reversible, eg skin irritation, food poisoning.
3 Major injury or health effects (including Permanent Disability) - Affecting work performance in the longer term, such as a prolonged absence from work. Irreversible health damage without loss of life, eg noise induced hearing loss, chronic back injuries.
4 Single fatality or permanent total disability. From an accident or
occupational illness (poisoning, cancer).
5 Multiple fatalities - From an accident or occupational illness
(poisoning, cancer).

43. Risk to Assets Severity Description 0 Zero damage.
1 Slight damage - No disruption to operation (costs less than US$10,000).
2 Minor damage - Brief disruption (costs less than US$100,000).
3 Local damage - Partial shutdown (can be restarted but costs up to US$500,000).
4 Major damage - Partial operation loss (2 weeks shutdown, costs up to US$10,000,000.
5 Extensive damage - Substantial or total loss of operation (costs in excess of US$10,000,000)

44. Risk to Environment Severity Description
0 Zero effect - No environmental damage. No change in the environment.
No financial consequences.
1 Slight effect - Local environmental damage. Within the fence and within systems. Negligible financial consequences.
2 Minor effect - Contamination. Damage sufficiently large to attack the environment. Single exceedance of statutory or prescribed criterion. Single complaint. No permanent effect on the environment.
3 Localised effect - Limited loss of discharges known toxicity. Repeated exceedance of statutory or prescribed limit. Affecting neighbourhood.
4 Major effect - Severe environmental damage. The company is required to take extensive measures to restore contaminated environment to its original state. Extended exceedance of statutory or prescribed limits.
5 Massive effect - Persistent severe environmental damage or severe nuisance extending over a large area. In terms of commercial or recreational use or nature conservancy, a major economic loss for the company. Constant, high exceedance of statutory or prescribed limits.

45. 3 Risk to Reputation Severity Description
0 No impact - No public awareness.
1 Slight impact - Public awareness may exist, but there is no public concern.
2 Limited impact - Some local public concern. Some local media and/or political attention with potentially adverse aspects for company operations.
3 Considerable impact - Regional public concern. Extensive adverse attention in local media. Slight national media and/or local/regional political attention. Adverse stance of local government and/or action groups.
4 National impact - National public concern. Extensive adverse attention in the national media. Regional/national policies with potentially restrictive measures and/or impact on grant of licences. Mobilisation of action group.
5 International impact - International public attention. Extensive adverse attention in international media. National/international policies with potentially severe impact on access to new areas, grants of licences and/or tax legislation. 3

46. Classification findings/recommendations
Weakness Definition
Serious Exposes company to a major extent in terms of achievement of corporate HSE objectives or results
High Though not serious, is essential to be brought to attention of senior management team. Includes any medium weakness which is repeat finding from previous report.
Medium Could result in perceptible and undesirable effect on achievement of HSE objectives.
Low ** No major HSE impact at process level, correction will assure greater effectiveness/efficiency.
** Low Recommendations will be kept out of body audit report.
Will be appended to report as memo to auditee.

47. Bow-tie Concept HAZARD CONSEQUENCES Harm to people and Events and
damage to assets
or environment
Events and
Circumstances
BARRIERS
HAZARD
CONSEQUENCES
Undesirable event with
potential for harm or damage
Engineering activities
Maintenance activities
Operations activities

48. WORKPLACE HAZARD MANAGEMENT
HSE Risk Management
SAFETY / HSE CASE
COMPANY
CONTRACTOR
Demonstration (regulator, shareholder
Major hazards of installation
Quantitative risk assessment
Safety-critical activities
Latent failures
Execution
(Minor) hazards at the workplace
Qualitative risk assessment
Hazardous activities
Active failures
Engineering
Design
Hardware
WORKPLACE HAZARD MANAGEMENT
Operations
People

49. Contractor HSE What is contracted? equipment and personnel
specified product or service
Contractor HSE management system
Pre-qualification: can contractor meet all HSE req’s?
Role of contractholder/ single point responsibility
Contract HSE plan
have all hazards been identified
are controls in place to eliminate/control hazards
are systems in place to verify: audits and inspections

50. contractual requirements HSE Plan
Managing HSE Risk OU
Contractor
Policy
Process
Task
HSE-MS
HSE-MS
interface documents
Rig specific HSE Case
HSE Case
contractual requirements HSE Plan
Manage workplace hazards
Manage workplace hazards

51. ? Documented systems e.g. for drilling operations Company Common
industry guidance
Company
Common
Contractor
Policy and
vision ?
HSE-MS
HSE-MS
processes
(high level)
Contract HSE Requirements
Departmental MS
HSE-Case
for Equipment +
Site Addendum
Demonstration/assurance that all documents are in place and are operational at the right level etc.
HSE-Case for Company Operation
processes
(detailed)
Interface Document
Workplace hazard management system
Workplace hazard management system
task level

52. Report - Contents Chapter 1 Chapter 2 Mgt Summary Audit admin.
HSE-MS elements
Leader ship & Commitment
Policy & Strategic objectives
Organisation & Responsibilities
Resources & competence assurance
HEMP
Planning
Standards, Procs, Doc. Control
Implementation & Monitoring
Audit
Management review
Summary
of Ten
HSE-MS
Elements
Chapter 3 - HSE- MS
Chapter 4 - HSE in Business
Detailed description of adequacy & deficiencies of barriers and controls to manage the main risks & hazards
3.1 Leadership & commitment
3.2 Policy & Strategic Objectives
3.3 Organisation & Responsibilities
3.4 Resources & Competence
3.5 HEMP
3.6 Planning
3.7 Standards, Procedures & DC
3.8 Implementation & Monitoring
3.9 Audit
3.10 Management Review
Description of main risks/hazards and summary of adequacy barriers/controls to manage these

53. Year 2000 problem 10 to 30 % of all chips affected
Problem as yet ill defined- Crunch in 1999? Everybody wants updates at the same time
Old systems will not be updated- replace in time
Processes may stop, Customers and Suppliers may stop.
Safeguarding systems may stop unnoticed
In HSE area most systems are hardwired, but F&G system likely affected

54. Structured and comprehensive
Planning
Structured and comprehensive
Is there an effective integrated planning process, including short, medium and venture life plans?
Do plans align with corporate objectives?
Do plans cover all activities necessary to protect asset integrity?
Is there an annual HSE plan?
Emergency response (ER)
Are adequate ER plans and procedures in place within a defined hierarchy?
Are ER plans and procedures available where required?
Are ER plans and procedures known and understood and used?
Are ER plans and procedures and plans systematically reviewed/updated?

55. Standards, Procedures & Doc. Control
Are standards clearly defined and appropriate?
Are adequate procedures in place within a defined hierarchy?
Are procedures appropriate to the operation and do they define mandatory aspects?
Are procedures available where required?
Are procedures known and understood and used?
Are procedures and plans systematically reviewed/updated?
Is there an effective document control system?

56. Implementation & Monitoring
Is work implemented in line with plans and procedures?
Do supervisors regularly check the work of their subordinates and provide remedial advice as needed?
Are performance measurement and control systems established?
Are improvement targets set and achieved, are there regular reviews at all levels?
Is performance measured against SMART targets and are appropriate and timely reports generated?
Are control breakdowns investigated and remedied?
Is non-compliance adequately dealt with?
Is the monitoring system responsive to developmental change?
Is there a structured system for HSE communication?
Is there an adequate system for incident investigation reporting?
Are staff (at all levels) HSE motivated?

57. A structured programme in place
Audit
A structured programme in place
Is there an Internal Audit Committee?
Is there an integrated audit programme?
How is the audit programme managed?
Are audits truly independent?
Are the audit resources adequate and competent?
Are audit recommendations comprehensively followed-up?
Is the follow-up process adequately reported?
Is there a system for lateral application of audit recommendations?

58. Management retain overview and stimulate improvement
Management Review
Management retain overview and stimulate improvement
Is there a comprehensive HSE review (at least annually)?
Is there an effective management inspection visit programme?
Is asset integrity periodically assessed by management?
Are audit reports (singly and cumulatively) reviewed by management?
Are incident investigations (singly and cumulatively) reviewed by management?
Do managers of an appropriate level lead investigations of serious incidents?
What improvements have resulted from the management review process?
Do management have their eyes on (the right) ball?

59. Work Site Programme Procedures Job report Standards Production
Job order
Production

60. Deficiencies Policy Deficiency? Control Deficiency? Control Lateral?
Detail Lateral?
Detail Deficiency
Detail Lateral?
Detail Lateral?

61. Findings Require Verification eg:
Interview confirming written procedure
Observation of activity confirming written procedure
MoM confirming interview
Observation of hardware confirming standard

62. Questionnaires
Define area to be covered, and divided between the team members
Reduce gaps and oversights
Reduce overlap and repetition
Suggest subjects and detail for new auditors
Help structure interviews and research
Stimulate imagination to add
Must be edited, tailored, NOT a check list

63. Generic Questions Equipment Aspects
What is it?
What does it do?
Does it work?
How do you know?
How often tested / maintained?
Test / maintenance covered by procedure?
Procedure available? - correct? - followed?
Is special equipment needed? - available? - used?
Test / maintenance checked by supervisor?
Results recorded?
Reliability calculated?
Procedure / frequency systemmatically reviewed / adjusted?

64. Generic Questions Competence Aspects
Are job needs defined?
Are each individual’s skills recorded?
Is there a gap analysis?
Is supplementary training planned?
Has competence been verified?
By whom? - against what criteria?
Who checks your work?
What exactly is checked? - how often?
Is feedback provided?
What training has been received? (also on-the-job)
What further training is required?

65. Generic Questions Procedural Aspects
Are all safety-crital aspects covered by procedures?
Are mandatory aspects identified?
Is each procedure:
comprehensive, clear and concise?
available where required?
known and used?
authorised by an appropriate person?
a controlled document?
systemmatically reviewed?
Are staff encouraged to improve procedures?
Do procedures satisfy underlying objectives?

66. Interviewing - Preparation
Review collected documents & data
Team members select areas
Edit questionnaire for selected areas
Discuss finalised questionnaires
Identify site interviewees
Adjust areas selected to give full coverage
Ask Auditee to schedule interviews
One hour each on interviewee's territory

67. Interviewing - Pairing
Each auditor paired:
to witness deficiencies
to confirm adequacy
to question the other’s assumptions
to minimise misunderstandings between interviewer and interviewee

68. Interviewing - Organisation
Make an appointment
on interviewee's territory
Pick relevant areas, highlight key questions
Agree timing and stick to it
Make notes on questionnaire
Keep quiet during other's time
Be on time and don’t overrun
Cover all key points or make another appointment
Thank interviewee
Compare overall impressions
The better one is prepared for the interview , the more one gets from it !

69. Interviewing - Approach
Minimise stress
2 interviewers only (max one hour)
Introduce interviewers
Outline aims of audit
Normal Opco routine supported by Dept.
Audit of system - not individuals
Aim to improve future - not witch hunt past
Open report and presentation
Report is view of audit team - not of sources
Ask interviewee’s background
Use open questions and listen to replies
Avoid judgments, but do not condone
Do not argue or attack

70. Report - Contents Chapter 1 Chapter 2 Mgt Summary Audit admin.
HSE-MS elements
Leader ship & Commitment
Policy & Strategic objectives
Organisation & Responsibilities
Resources & competence assurance
HEMP
Planning
Standards, Procs, Doc. Control
Implementation & Monitoring
Audit
Management review
Summary
of Ten
HSE-MS
Elements
Chapter 3 - HSE- MS
Chapter 4 - HSE in Business
Leadership & commitment
Policy & Strategic Objectives
3.3 Organisation & Responsibilities
Resources & Competence
HEMP
Planning
Standards, Procedures & DC
Implementation & Monitoring
3.9 Audit
3.10 Management Review
4.1 Containment
4.2 Control of ignition
4.3 Safeguarding systems
4.4 Operator/process interfaces
4.5 Personnel emergency services
4.6 Fire hazard management
4.7 Workplace practices
4.8 Occupational Health
4.9 Transport & logistics
4.10 Service contractors

71. Report Objectives For auditee(s) and for management
Issues, effects, causes identified
Practicable recommendations corrective action
Opinion on adequacy of control framework
For auditee(s) and for management

72. Report - Text Handling 2nd Draft Team Author Team Author Team Author
1st
Draft
Critic
Team
Critic
2nd
Draft
Auditee
Team Discussion
Auditee
Report

73. Report - Style Standard index and format
Team editor solely responsible for English
Minimise recommendations "to study"
Factual rather than opinion
IS/IS NOT rather than TEAM CONSIDER
if necessary verify further
No time for perfection
not "agreed" by auditee
not binding on auditee

74. Report - Text Drafting Keep it short, punchy and to-the-point
Outline section format
Describe the situation as found
Comment on good as well as bad
Discuss improvement
Action: “Improve....”
All text to all team
Check text with severest critic
Agree facts and feasibility
Welcome support
Mark up changes for later inclusion
Keep it short, punchy and to-the-point
Do not attempt to duplicate process design manuals or give a process description aimed at the inexperienced report readers

75. Report - Text Drafting Tips and hints:
Write everything in style “Normal”.
Don’t attempt to format your text i.e. do not put TABS and CRs in an attempt to “make it look nice”.
Use document “EMPTY.DOC” as at emplate for every new report section.
Make a separate file for every new section you have written or have to write.
Give meaningful document name e.g. 419mm.doc
Put name and date in document footer
Use your spelling checker (UK English not US)
Use your team mate(s) to read your drafts
Read AUDITKIT documents
STYLE.DOC and FORMAT.DOC
Remember: Some 30% of what you have written may be modified or removed during the team editing sessions. Don’t waste your/our time.

76. Report - Actions Stand Alone, Clear & Concise SMAR(T) Motivational
Definitive when read in isolation
Not longer than three lines
SMAR(T)
Specific - as specific as expertise allows and sufficiently specific to ensure that deficiency will indeed be remedied
Measurable - must be able to define completion
Achievable - must be possible
Realistic - should be fit-for-purpose
Time-based - timeframe not included in audit report - to be decided by Auditee
Motivational
Start with an active verb - verify, issue, revise, replace, remove, provide, install, define or appoint
Avoid - consider, coordinate, ensure, initiate, monitor, supervise

77. Classification of actions
Four step activity (refer to classify.doc)
1. Determine the category (People, Assets, Environment, Reputation).
2. Determine the severity level (refer to standard definitions).
3. Determine the context ie position A,B, C, D, E.
4. Code/classify the actions eg:
(P)H = People High
(A)M = Assets Medium
5. Classify Chapter 3 and 4 actions as per HSE element

78. Report example 4.1.1 Wells, flowlines and manifolds (incl. risers)
Dynamic risers are of Wellstream design. The production lines have PVDF pressure barriers, a material that has shown several failures recently. Testing of a new end fitting construction to investigate the PVDF problem has been completed to the satisfaction of XXXX. Service life is expected to be ten years and the failure mechanism is the development of a small leak which can be detected in the turret. The expectation, based on model and laboratory tests, is that this leak will develop to a full blown failure over a period of several months. In this case, the full flowline contents will flow in an uncontrolled way into or in the vicinity of, the turret. A contingency plan should be developed, as little experience with this failure mode exists.
Action (R)S (a) (6) Develop a riser failure contingency plan.
Riser leak detection equipment (annulus flow metering) will be installed. This equipment is safety critical and its effectiveness should be ensured at all times. At present, it is not covered in the Safety Case. A maintenance and inspection programme should be developed, reflecting its importance.
Action (E)H (b) (5) Include Riser leak risk and detection system in the Safety Case.
Action (A)H (c) (7) Develop a maintenance programme for riser leak detection equipment.

79. Report example 3.8.4 Incident investigation reporting
The standard of incident investigation has improved to acceptable standards during the past two months. There remains however a number of areas related to Incident investigation reporting which give cause for concern. There is no formal agreed procedure for the prompt communication of incidents between X, Y and Z representatives. There have been occasions where incident occurrence was communicated via third parties e.g. the recent turret fire.
Action (P)H (a) (8) Enforce contractual terms for incident notification.
Severity Rating (SR) and the subsequent level of management involvement is a problem area. Contractor management are reluctant to participate in formal investigations and try to reduce the SR. Higher motivation is required.
Action (P)H (b) (8) Adhere to procedures for establishing incident SR; improve level of contractor management participation in incident investigations.
There is no evidence to suggest that near miss reporting is practiced at the yard or is promoted, supported or valued by the SMT. Important learning values are missed.
Action (P)M (c) (8) Implement a near miss reporting system.

80. Bad Action Item
“If engineers and users require MC information, they should access the CAIRS system. However if a hard copy needs to be sighted, usually a copy is available at either the Plant or Warehouse. Only as a last resort should copies be requested from Information Services”.
Identify potential users and train them in the use of CAIRS.

81. Bad Action Item
“As there is a potential for a legal liability situation to develop, the Corporate policy and guidelines (proposed) should address this issue. Staff should be made aware of the potential for legal liability and where responsibilities lie”.
1 Include legal liabilities in proposed Corporate policy and guidelines.
2 Develop course and train XYZ staff in legal liability.

82. Bad Action Item
“Management endorsement be obtained to conduct a review to establish what impact there has been on safety and quality standards of not having a QA/QC group within the Operations Division. Also to review whether there is a need for such a group and how QA/QC requirements for Operations Division should be addressed in future”.

83. SHELL-SPEAK - 1 FREQUENT REGULAR AD HOC PERIODIC ENSURE
When I remember
REGULAR
When the Boss remembers
AD HOC
When I’m forced to.
PERIODIC
Once in a Blue Moon
ENSURE
An object dressed up as a task
ENSURE COMPLIANCE
An object dressed up as a macho task
MONITOR
I’ll watch but I’m not responsible ...
unless it works!
SIPM - EPO/65

84. SHELL-SPEAK - 2 CO-ORDINATE SUPERVISE DEVELOP AWARENESS
They get the work, I get the credit
SUPERVISE
As with Co-ordinate, but I’m bigger than them
DEVELOP AWARENESS
It may happen anyway; if it does I get the credit
ACTIVELY ENCOURAGE
I’ll clap my hands; it shows I’m awake.
AUTHORIZE
Where’s my rubber stamp?
SUPPORT
I’ll read it before I stamp it.
SIPM - EPO/65

85. SHELL-SPEAK - 3 INITIATE, ESTABLISH, etc. ALL KEY PERSONNEL
I tell them to do it .
ALL
SOME
KEY PERSONNEL
Whoever is easily spared.
Whoever is in at the time.
APPROPRIATE
Most convenient
RELEVANT
At least I can see the connection
ARRANGE
I’ll have my secretary do something.
SIPM - EPO/65

86. Team Editing - Objectives
i Agree & confirm documentation of facts
ii Build consensus and common view (total report supported by all team members)
iii Obtain ownership by all team members
iv Ensure clarity and conciseness
v Eliminate irrelevant detail and repetition
vi Unify style and correct grammar (also define audit-specific global checks)

87. Team Editing - Process One sub-section at a time:
i Is text understandable - can it be clarified?
ii Does it demonstrate sampling of the subject area?
iii Are findings factually correct?
iv Are there any sensitivities?
v Do all findings have related actions?
vi Are all actions preceded by findings?
vii Are actions SMAR(T)?
viii Minimise additional sub-headings
ix Ungroup actions
x Unify style and correct grammar
minute sessions
Anyone may call for time-out

88. Example only: Team leader to edit
Audit Report Schedule
Report % Complete
The Hague
Example only: Team leader to edit
100 %
Team editing & summary
50 %
10 % 1 6 13 18
Audit Days

89. Finalisation of Report
Plug gaps
Gather all outstanding data
Check classified actions
Collate appendices:
Summary sheet
Glossary of abbreviations
Classified action list
Correspondence on TOR
Global checks
spelling, references, etc.

90. Global Checks Spell check: Miscellaneous: correct normal spelling
pick-up abbreviations in custom dictionary
ensure consistency of abbreviations
ensure consistent spelling of place names
Miscellaneous:
H2S, CO2, quote marks, apostrophies, spaces, bold, italic etc.
Other audit-specific (defined during team edit)

91. Completion of Audit Give team-edited draft report to Auditee
Assessment and audit opinion
Draft Main Findings
Agree wording of Main Findings with Auditee
Incorporate feedback agreed with Auditee
Dry-run presentation within team
Make final presentation to management
Finalise report editing
Present final draft report to Auditee (formal report to be issued within one month)

92. Overall Opinion: Satisfactory / Unsatisfactory
Audit opinion
Management Review
Leadership and Commitment
Policy and Strategic Objectives
Organisation and Responsibilities
Resources and Competence Assurance
HEMP
Planning
Standards, Procedures & Doc Control
Implementation and Monitoring
Audit
Overall Opinion: Satisfactory / Unsatisfactory

93. HSE-MS Element Assessment
A high standard of control requiring no additional management attention.
A high enough standard of control for improvements to be handled by the normal management involvement.
Essential controls are in place, but the deficiencies require focused management intervention.
Essential controls are missing or ineffective. Prompt management action is needed. ++ + -
- -

94. Audit Opinion Satisfactory
Although some control weaknesses were identified which require timely corrective actions, such weaknesses, either individually or taken in the aggregate, do not significantly impair the overall controls of the unit of the organisation

95. Audit Opinion Unsatisfactory
Controls lack essential elements or sufficient attention by the unit. The weaknesses identified, individually or in the aggregate, significantly impair important controls of the unit to the extent that prompt corrective measures by management are necessary to bring such controls to a satisfactory level

96. Linking Audit to Business Controls
Policy
Org-
anisation
Mgment
Review
Super-
vision
Pro-
cedures
Leadership & Commitment + -
- - + - + -
- - - +
Policy & Strategic Objectives
Organise & Responsibilities
Resources & Comp Assurance
HEMP
Planning
Standards, Procs & Doc Contr
Implement & Communicate
Audit
Management Review
Example only: Team leader to edit

97. Classified recommendations per HSE-MS element
This is an example only.
Team leader to modify as needed
Management Review
Classification
Audit:
Implement & Monitor
Low
Stand, Procs & D/C
Medium
Planning
High
HEMP
Serious
Resources & Comp
Org. & Resp
Policy & Strat. Obj
Leadership & Commitment 2 4 6 8 10 12 14 16 18
No. of recommendations
Serious: Exposes OU to a major extent in terms of achievement of corporate HSE objectives or results.
High: Though not serious, essential to be brought to Management attention. Includes medium weaknesses as repeat from previous reports.
Medium: Could result in perceptible and undesirable effect on achievement of HSE objectives.
Low: No major HSE impact at process level, correction will assure greater effectiveness/efficiency in process concerned.

98. Classified recommendations per risk category
This is an example only.
Team leader to modify as needed
Reputation
Classification
Low
Environment
Medium
High
Assets
Serious
People 5 10 15 20 25 30 35
no. of recommendations
High: Though not serious, essential to be brought to Management attention. Includes medium weaknesses as repeat from previous reports.
Low: No major HSE impact at process level, correction will assure greater effectiveness/efficiency in process concerned.
Serious: Exposes OU to a major extent in terms of achievement of corporate HSE objectives or results.
Medium: Could result in perceptible and undesirable effect on achievement of HSE objectives.

99. Team leader to modify as needed.
Schedule
Week 1
Week 2
Week 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
Opening Presentation X
Briefing by NAM X
"Crash" course in auditing X X
Assign tasks X
Study material X X
Develop quests & interviews X X
Site visits X X X
Interviews & facts verification X X X X
Discuss findings with team X X X X X
Discuss findings with auditee X X X
Report writing & verification X X X
Team review prelim draft X
Audit assessment X X
Editing / classify action items
Example only.
Team leader to modify as needed. X
Final draft / presentation

100. Task distribution Management introduction Team Leader
Team introduction Team Leader
Team preparation/planning Audit Team
Site visits Audit Team
Interviews
site supervision/workforce Audit Team
management interviews Audit Team
Preparation 1st draft Audit Team
Review/verification 1st draft Audit Team
Preparation 2nd draft Audit Team
Team editing Audit Team
Compile report Team Leader
Presentation of findings
Principal Auditee Team Leader
Local supervision/management Team Leader
Senior Management Team Leader

101. Team Leader role Avoid significant omissions Eliminate the “waffle”
Identify audit objectives
Focus audit thrust
Significant risk area
Avoid significant omissions
Significant risk area
Eliminate the “waffle”
Significant risk area
Avoid immaterial
Minimal risk area
Minimal risk
Avoid immaterial