What actually sites do when there is an overdue maintenance for shutdown systems?
Performing risk assessment? What actually is discussed to assess the risk?
Please share how this all goes when happens.
Overdue maintenance of shutdown systems
Re: Overdue maintenance of shutdown systems
Is this function credited in the hazard analysis as a risk-reduction barrier?
If yes, this has to be a process safety issue and require a formal team risk assessment requiring approval from technical authorities.
The degradation is required to be captured as focused barrier one.
Complete enlisting of remaining independent protection systems is needed:
Relief valves
Operator response
Alarms
Mechanical design margin
Other SIS layers
Passive safeguards
If yes, this has to be a process safety issue and require a formal team risk assessment requiring approval from technical authorities.
The degradation is required to be captured as focused barrier one.
Complete enlisting of remaining independent protection systems is needed:
Relief valves
Operator response
Alarms
Mechanical design margin
Other SIS layers
Passive safeguards
Re: Overdue maintenance of shutdown systems
Risk assessment is what we have been doing to register this as a process safety deviation.
And all the barriers which should be supporting are being considered as their availability matters during this time.
But the issue is that this still happens, and requires to be lived with.
Are there ways to avoid overdue maintenance of such shutdown systems?
What about looking into the past data, current maintenance history or any other test which could provide the assurance rather declaring all this, and performing formal risk assessments?
And all the barriers which should be supporting are being considered as their availability matters during this time.
But the issue is that this still happens, and requires to be lived with.
Are there ways to avoid overdue maintenance of such shutdown systems?
What about looking into the past data, current maintenance history or any other test which could provide the assurance rather declaring all this, and performing formal risk assessments?
Re: Overdue maintenance of shutdown systems
See just have a look into the current frequency of the pM plans in place.
To perform shutdown based PMs, they should be aligned with the shutdown plan otherwise, you will end up saying the same things, PM overdue.
And if not possible to align, then yes, risk assessment for every overdue PM is a must to do thing.
You won't be able to do anything about the consequence while estimating the risk but the probability part can be properly calculated based upon historical data.
To perform shutdown based PMs, they should be aligned with the shutdown plan otherwise, you will end up saying the same things, PM overdue.
And if not possible to align, then yes, risk assessment for every overdue PM is a must to do thing.
You won't be able to do anything about the consequence while estimating the risk but the probability part can be properly calculated based upon historical data.
Re: Overdue maintenance of shutdown systems
This is important.
While you perform the risk assessment, now the shutdown system cannot be assured of its performance, all these listed systems by tuan are required to be considered as available mitigations. I am not sure how are you making sure about the assurance of mitigations health?
While you perform the risk assessment, now the shutdown system cannot be assured of its performance, all these listed systems by tuan are required to be considered as available mitigations. I am not sure how are you making sure about the assurance of mitigations health?
tuan wrote: 20 Jan 2026, 18:09 Is this function credited in the hazard analysis as a risk-reduction barrier?
If yes, this has to be a process safety issue and require a formal team risk assessment requiring approval from technical authorities.
The degradation is required to be captured as focused barrier one.
Complete enlisting of remaining independent protection systems is needed:
Relief valves
Operator response
Alarms
Mechanical design margin
Other SIS layers
Passive safeguards
Re: Overdue maintenance of shutdown systems
That is another point ivani1. We set something to act as a mitigation, and then we forget the health of such mitigations in place.
I would call for an intelligent system locking these mitigations once assigned to a downgraded situation or to a process safety risk.
I would call for an intelligent system locking these mitigations once assigned to a downgraded situation or to a process safety risk.
ivani1 wrote: 07 Feb 2026, 07:04 This is important.
While you perform the risk assessment, now the shutdown system cannot be assured of its performance, all these listed systems by tuan are required to be considered as available mitigations. I am not sure how are you making sure about the assurance of mitigations health?
tuan wrote: 20 Jan 2026, 18:09 Is this function credited in the hazard analysis as a risk-reduction barrier?
If yes, this has to be a process safety issue and require a formal team risk assessment requiring approval from technical authorities.
The degradation is required to be captured as focused barrier one.
Complete enlisting of remaining independent protection systems is needed:
Relief valves
Operator response
Alarms
Mechanical design margin
Other SIS layers
Passive safeguards