Integrity Management Plan

Last updated

Integrity Management Plan (part of an asset integrity management system) is a documented and systematic approach to ensure the long-term integrity of an asset or assets. [1]

Integrity management planning is a process for assessing and mitigating risks in an effort to reduce both the likelihood and consequences of incidents.

Asset integrity plans are maintained and reviewed regularly so that they:

An effective IMP should contain:

Also:

The Integrity Management Plan (IMP) forms a part of the overall asset integrity management system and is audited as per the Integrity Engineering Audit (IEA).

Particularly post the Deepwater Horizon oil spill, the role of asset integrity has never been more critical to the global oil and gas business. Not only can a well-managed asset integrity plan help operators identify and reduce safety risks before they escalate but focusing on asset integrity can also play a major role in both achieving operational excellence and extending the life of ageing assets. See also

Related Research Articles

<span class="mw-page-title-main">Risk management</span> Identification, evaluation and control of risks

Risk management is the identification, evaluation, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.

<span class="mw-page-title-main">Safety engineering</span> Engineering discipline which assures that engineered systems provide acceptable levels of safety

Safety engineering is an engineering discipline which assures that engineered systems provide acceptable levels of safety. It is strongly related to industrial engineering/systems engineering, and the subset system safety engineering. Safety engineering assures that a life-critical system behaves as needed, even when components fail.

Security management is the identification of an organization's assets, followed by the development, documentation, and implementation of policies and procedures for protecting assets.

Broadly speaking, a risk assessment is the combined effort of:

  1. identifying and analyzing potential (future) events that may negatively impact individuals, assets, and/or the environment ; and
  2. making judgments "on the tolerability of the risk on the basis of a risk analysis" while considering influencing factors.

Failure mode and effects analysis is the process of reviewing as many components, assemblies, and subsystems as possible to identify potential failure modes in a system and their causes and effects. For each component, the failure modes and their resulting effects on the rest of the system are recorded in a specific FMEA worksheet. There are numerous variations of such worksheets. An FMEA can be a qualitative analysis, but may be put on a quantitative basis when mathematical failure rate models are combined with a statistical failure mode ratio database. It was one of the first highly structured, systematic techniques for failure analysis. It was developed by reliability engineers in the late 1950s to study problems that might arise from malfunctions of military systems. An FMEA is often the first step of a system reliability study.

In business and accounting, information technology controls are specific activities performed by persons or systems designed to ensure that business objectives are met. They are a subset of an enterprise's internal control. IT control objectives relate to the confidentiality, integrity, and availability of data and the overall management of the IT function of the business enterprise. IT controls are often described in two categories: IT general controls (ITGC) and IT application controls. ITGC include controls over the Information Technology (IT) environment, computer operations, access to programs and data, program development and program changes. IT application controls refer to transaction processing controls, sometimes called "input-processing-output" controls. Information technology controls have been given increased prominence in corporations listed in the United States by the Sarbanes-Oxley Act. The COBIT Framework is a widely used framework promulgated by the IT Governance Institute, which defines a variety of ITGC and application control objectives and recommended evaluation approaches. IT departments in organizations are often led by a chief information officer (CIO), who is responsible for ensuring effective information technology controls are utilized.

<span class="mw-page-title-main">Critical infrastructure protection</span>

Critical infrastructure protection (CIP) is a concept that relates to the preparedness and response to serious incidents that involve the critical infrastructure of a region or nation.

Risk Based Inspection (RBI) is an Optimal maintenance business process used to examine equipment such as pressure vessels, (QOC) quick opening closure - doors, heat exchangers, and piping in industrial plants. RBI is a decision-making methodology for optimizing inspection plans. The RBI concept lies in that the risk of failure can be assessed in relation to a level that is acceptable, and inspection and repair used to ensure that the level of risk is below that acceptance limit. It examines the Health, Safety and Environment (HSE) and business risk of ‘active’ and ‘potential’ Damage Mechanisms (DMs) to assess and rank failure probability and consequence. This ranking is used to optimize inspection intervals based on site-acceptable risk levels and operating limits, while mitigating risks as appropriate. RBI analysis can be qualitative, quantitative or semi-quantitative in nature.

Information security management (ISM) defines and manages controls that an organization needs to implement to ensure that it is sensibly protecting the confidentiality, availability, and integrity of assets from threats and vulnerabilities. The core of ISM includes information risk management, a process that involves the assessment of the risks an organization must deal with in the management and protection of assets, as well as the dissemination of the risks to all appropriate stakeholders. This requires proper asset identification and valuation steps, including evaluating the value of confidentiality, integrity, availability, and replacement of assets. As part of information security management, an organization may implement an information security management system and other best practices found in the ISO/IEC 27001, ISO/IEC 27002, and ISO/IEC 27035 standards on information security.

ISO/IEC 27005 "Information technology — Security techniques — Information security risk management" is an international standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) providing good practice guidance on managing risks to information. It is a core part of the ISO/IEC 27000-series of standards, commonly known as ISO27k.

An emergency procedure is a plan of actions to be conducted in a certain order or manner, in response to a specific class of reasonably foreseeable emergency, a situation that poses an immediate risk to health, life, property, or the environment. Where a range of emergencies are reasonably foreseeable, an emergency plan may be drawn up to manage each threat. Most emergencies require urgent intervention to prevent a worsening of the situation, although in some situations, mitigation may not be possible and agencies may only be able to offer palliative care for the aftermath. The emergency plan should allow for these possibilities.

Information technology risk, IT risk, IT-related risk, or cyber risk is any risk related to information technology. While information has long been appreciated as a valuable and important asset, the rise of the knowledge economy and the Digital Revolution has led to organizations becoming increasingly dependent on information, information processing and especially IT. Various events or incidents that compromise IT in some way can therefore cause adverse impacts on the organization's business processes or mission, ranging from inconsequential to catastrophic in scale.

Technical Integrity Engineering is a term applied to the engineering disciplines associated with the design, assurance, and verification functions that ensure a product, process, or system meets its appropriate and intended requirements under stated operating conditions. Application of these disciplines minimizes the cost, schedule, technical, and legal risks of a program and improves the overall life cycle cost.

An Integrity Engineering Audit is carried out within an Integrity engineering function so as to ensure compliance with international, national and company specific standards and regulations.

ISO 26262, titled "Road vehicles – Functional safety", is an international standard for functional safety of electrical and/or electronic systems that are installed in serial production road vehicles, defined by the International Organization for Standardization (ISO) in 2011, and revised in 2018.

Asset Integrity Management Systems (AIMS) outline the ability of an asset to perform its required function effectively and efficiently whilst protecting health, safety and the environment and the means of ensuring that the people, systems, processes, and resources that deliver integrity are in place, in use and will perform when required over the whole life-cycle of the asset. The technical aspects of AIMS are illustrated in Figure 1. Originally developed in the UK, Asset Integrity Management was the result of a collaboration between the HSE and leading oil and gas operators resulting in a series of reports and workshops, the outcome being a group of documents called Key Programmes, currently publicly available.

<span class="mw-page-title-main">IT risk management</span>

IT risk management is the application of risk management methods to information technology in order to manage IT risk, i.e.:

Piping corrosion circuit or Corrosion loop / Piping Circuitization and Corrosion Modelling, is carried out as part of either a Risk Based Inspection analysis (RBI) or Materials Operating Envelope analysis (MOE). It is the systematization of the piping components versus failure modes analysis into materials operating envelope. It groups piping materials / chemical make-up into systems / sub systems and assigns corrosion mechanisms. These are then monitored over the operating lifetime of the facility. This analysis is performed on circuit inspection results to determine and optimize circuit corrosion rates and measured thickness/dates for circuit components. Corrosion Circuits are utilized in the Integrity Management Plan (IMP) which forms a part of the overall Asset integrity management system and is an integral part of any RBI analysis. Many times a "system" will be a broad overview of the facilities process flow, broken by stream constituents, while a circuit level analysis breaks systems into smaller "circuits" that group common metallurgies, equal temperatures and pressures, and expected damage mechanisms.

Robotic non-destructive testing (NDT) is a method of inspection used to assess the structural integrity of petroleum, natural gas, and water installations. Crawler-based robotic tools are commonly used for in-line inspection (ILI) applications in pipelines that cannot be inspected using traditional intelligent pigging tools.

ISO 22300:2021, Security and resilience – Vocabulary, is an international standard developed by ISO/TC 292 Security and resilience. This document defines terms used in security and resilience standards and includes 360 terms and definitions. This edition was published in the beginning of 2021 and replaces the second edition from 2018.

References

  1. AS2885 Pipelines - Gas and liquid petroleum Part 3. Standards Australia. 2012. ISBN   978 1 74342 214 4.

2 "Integrity Management Plan". Sunoco Logistics.

3 "Pipeline Integrity Management Plan". Atlanta Gas and Light. Archived from the original on 2012-03-10.

4 DEPARTMENT OF TRANSPORTATION Pipeline and Hazardous Materials Safety Administration 49 CFR Parts 192 and 195 [Docket No. RSPA–04–16855; Amdt. 192–101 and 195–85]Federal Register /Vol. 70, No. 205 /Tuesday, October 25, 2005 /Rules and Regulations https://web.archive.org/web/20120228214259/http://www.wutc.wa.gov/webdocs.nsf/b8da29aede8fdd67882571430005a9c1/b9bc43effc07ff6388256fe10062a0a2/$FILE/70%20FR%2061571.pdf