AcuSafe Home Page -> January 2002 Newsletter
  

    

Part 1: Security Update





              		     

Are You Prepared to be Prepared?

David A. Moore
President, AcuTech Consulting Group, Chemetica, Inc.

The world of safety and security in chemical process safety has certainly changed since September 11th, but the biggest challenges may be yet to come. What is this new risk management dilemma for chemical security, and what can we anticipate will occur in the future to deal with it? Are you ready to manage the new chemical security responsibilities and to exceed the expectations of the public and regulators? Are you prepared to deal with this new risk in a prudent and timely manner?

A New Awareness of Deliberate Release Potential

Prior to September 11th, chemical process safety activities focused on accidental release risks, and excluded most considerations of intentional releases. This was most likely due to a perception that these risks were managed adequately, and that the threat of a terrorist attack, particularly on U.S. chemical manufacturing facilities or transportation system, was remote. 

The pendulum has dramatically swung the other direction, and now there is a real concern for this threat, as well as a sense of shock over the potential for damages. This has created a sense of urgency to analyze this threat and to make any changes that are necessary to reduce the risk. Hopefully we won’t be forced to make sacrifices in our accidental risk efforts in light of the urgency for security improvements.

At this juncture, most companies handling hazardous materials would admit that considerations of terrorist attack were not given much thought, but they are struggling to understand the risk and do the right thing right away. Many companies have already done some form of threat assessment and security hazard assessment, and have upgraded physical security measures. 

Depending on the degree of exposure potential of the company or the public from an intentional release, the attractiveness of a target, and the ease of attack, companies may face entirely different risks than the facilities were designed to manage. It could require a very different mode of operation and security than is currently being employed. 

Risk Dilemma

The bigger problem is facing the new  risk – what do we do about it and how do we know we have reduced the risk to an acceptable level? Public fear of this risk is extraordinary, and so risk acceptance could likely be altogether different. The risk decisions we have made over the years that seemed adequate for accidental risk may not be adequate for intentional risk.

Worse than this, the sky seems to be the limit for what may go wrong and what industry may have to do to prevent or protect against these threats. Sorting out the real risks from the possible hazards is going to be a major undertaking, and there is much uncertainty at this point on how to accomplish such a risk assessment and how to cope with this threat. Two key approaches are emerging – the Sandia Labs Vulnerability Assessment Model (VAM) and the Security Guidelines and approach developed by the American Chemistry Council, Synthetic Organic Chemical Manufacturer’s Association, and the Chlorine Institute. (AcuSafe will report on both of these methods in next month’s continuation of this article.)

The AcuTech Consulting Group has given thought to the possible threats and attempted to organize the many combinations and permutations into a threat matrix.  Key to this matrix is the first variable – what is the target? Is the company a direct target or is it affected by a terrorist attack. From a pure risk management standpoint, companies need to be prepared for both contingencies, not only for the possibility of physical attack to their facilities. This shows the multi-faceted aspects of the problem, and the need for industry, community and government cooperation to address the problem. 

This is a new area of process risk management, and much has to be done to further understand the potential, determine analysis methods, develop supporting guidance, and educate managers and engineers on how to manage the issue, to name a few activities required. Also, we have to come to grips with the determination of risk, and to decide on which threats are worthy of further analysis and change to our processes and the way we manage them.

Regulatory Developments

While industry is facing this learning curve, the pressure to quickly reduce the risk continues. Already AcuTech is aware of efforts at the Federal and State level to regulate the issue. For example, we previously reported on the proposed Chemical Security Act of 2001, which is presently on a fast-track on the Hill. But State and Local regulators have also called into action. The State of New Jersey Department of Environmental Protection, the agency that administers the New Jersey Toxic Catastrophe Prevention Act (TCPA) regulations, has written to registered companies (http://www.acusafe.com/Security/NJDEP Site Security letter December 2001.tif) to require that they update their reports of hazard review under N.J.A.C. 7:31-3 and process hazard analysis with risk assessment under N.J.A.C. 7:31-4. NJDEP references the newly published chemical security guidance from the American Chemistry Council (http://www.americanchemistry.com), which is developed on facility security and transportation security. 

In another example, the Cuyahoga County, Ohio, Local Emergency Planning Committee (LEPC) issued security guidance (http://www.acusafe.com/Security/Cuyahoga County Security Guidance.pdf). The LEPC recommends:

  • that industry undertakes a security hazard review to assure that the hazardous materials stored on-site at their locations are adequately protected from intruders by structural and procedural safeguards. 
  • that industry reviews any emergency plans for their facilities to assure that they have accounted for the possibility of deliberate releases of these materials by others. 
  • that industry reviews personnel protection issues as well as any opportunities for hazard reduction.
  • that industry contacts local public safety officials for their community to get further assistance with plans and procedures and for coordination with local emergency responders. 

They recommend the following resources:

  • Site Security Guidelines for the U.S. Chemical Industry, American Chemistry Council, Chlorine Institute, Inc., Synthetic Organic Chemical Manufacturers Association, October 2001. This document is available on the Internet at http://www.AmericanChemistry.com.
  • Emergency Management Guide for Business and Industry, Federal Emergency Management Agency, October 1993. This document is available on the Internet at http://www.fema.gov/library/lib07.htm.
  • Chemical Accidents from Electric Power Outages, United States Environmental Protection Agency, EPA550-F-01-010, September 2001. This document is available on the Internet at http://www.epa.gov/swercepp/p-new.htm.
  • National Fire Protection Association code NFPA 1600 – Disaster Management (latest edition). This document is available for a fee from the NFPA at http://www.nfpa.org.

The expectation is that industry will confront the issue head-on, and quickly, and take all necessary measures to reduce risk appropriately. 

To be Continued

Next month AcuSafe will report on the progress in the regulatory developments in this area, as well as on new guidance efforts from ACC, Federal OSHA, and the Center for Chemical Process Safety.

If you have an interpretation that you would like to share with AcuSafe or feedback about this feature, please email us at editor@acusafe.com Go Back to AcuSafe.

AcuSafe is a presentation of AcuTech Consulting, ©2002, All Rights Reserved