500 likes | 637 Views
3 rd Party Certification Process Overview. Representing COS: Dr. Jeff Ostmeyer, CPEA EHS Advisor – Center for Offshore Safety Anadarko Petroleum Corporation. Presented to: Houston STEPS. June 19, 2012. COS Mission Statement. Our Mission...
E N D
3rd Party Certification Process Overview Representing COS: Dr. Jeff Ostmeyer, CPEA EHS Advisor – Center for Offshore Safety Anadarko Petroleum Corporation Presented to: Houston STEPS June 19, 2012
COS Mission Statement Our Mission... Promote the highest level of safety for offshore drilling, completions, & operations by effective leadership, communication, teamwork, utilization of disciplined safety management systems & independent third-party auditing & certification. • Our Objectives… • Enhancing and continuously improving industry's safety and environmental • performance, • Ensuring public confidence and trust in the oil and gas industry, • Increasing public awareness of industry's safety and environmental • performance, • Stimulating cooperation within industry to share good practices and learn • from each other, and • Providing a platform for collaboration between industry, the government, • and other stakeholders. 06/15/12
COS Operating Basis • The Center for Offshore Safety will be responsible for: • Providing expert assistance to member companies, • Assuring that third party certification program auditors meet • the program’s goals, and that the program is complementary • with government regulations, • Compiling and analyzing key industry metrics, • Coordinating Center sponsored functions designed to facilitate • the sharing and learning process, • Identifying and promoting opportunities for industry to • continuously improve, • Interfacing with Industry leaders to assure leadership and • system deficiencies are recognized and addressed promptly, and • Communicating with government and external stakeholders. 06/15/12
COS Vision and Path Forward • Promote an industry culture of incident-free operations • Process safety in addition to personal safety • Emphasis on behavior • No harm to people, no harm to environment • One-stop central source for: • Information & knowledge • Audit accreditation • Program certification • Tools and technical assistance • Elevate the industry’s quality and safety standards • Create and share good practices • Continuous improvement 06/15/12
Key Objectives - COS 3rd Party Certification • COS accredited 3rd party audits satisfy BSEE’s requirements • for audits. • COS’s auditing process provides members with a higher level of • confidence on managing risk and identifying specific opportunities • for improving performance on their facilities. • Member specific data is treated private and confidential. • The auditing process results in learnings and good practices being • shared with the COS which then shares with industry leading to • improved industry performance. • COS incurs no liability as a result of the audit process. • Government regulators embrace COS accredited 3rd party audits as an effective means of complying with the regulations and improving industry performance. • DRAFT - • Work in Progress 06/15/12
Current SEMS Requirements Auditor(s)* Govt Regulators Retains auditing services Audits Informs COS Member * May be either internal or external • DRAFT - • Work in Progress 06/15/12
SEMS II (As Proposed) Approves qualifications Auditor(s)* Govt Regulators Informs Retains auditing services Audits Informs COS Member *Must be external • DRAFT - • Work in Progress 06/15/12
COS Planned Approach Start COS ASPs* Accredits Manages and provides oversight Provides perspective Informs Issues SEMS certificates Auditor(s) Govt Regulators Retains auditing services Audits Informs COS Member *Audit Service Providers • DRAFT - • Work in Progress 02/16/12
Basic Requirements • Establishes standards for 3rd party Audit Service Providers (ASPs), auditors, and SEMS audit protocol and certifications, • Works with COS members to understand industry audit requirements to assure sufficient numbers of COS accredited 3rd party auditors for COS members, • Accredits ASPs; periodically validates ASPs' and Auditors' performance, and effectiveness of COS audit protocol, • Compiles industry data and shares w/industry via COS reports and sponsored forums, and • Agrees to maintains confidentiality of COS Member specific data. Center for Offshore Safety (COS) • Determines need for SEMS audit to comply with government regulations and/or COS requirements, • Retains services of a COS accredited Audit Service Provider (ASP) to perform SEMS audits, • Takes responsibility for notifying government regulatory agencies as required by regulations, • Agrees to share SEMS audit data with the COS, via a standardized format, for purposes of determining industry trends, and • Takes responsibility for notifying government regulatory agencies of SEMS audit results. COS Member (Operator, Drilling Company, Service Company, and/or Supplier) • DRAFT - • Work in Progress 06/15/12
Basic Requirements • Retains the service of professional (e.g., qualified, competent, and certified) auditors and subject mater experts to provide SEMS auditing services for COS members, • Provides oversight to SEMS auditors to assure compliance with COS standards and SEMS auditing protocol, • Performs audit services in behalf of COS member; works with COS member to determine both scope, duration, and logistics of SEMS audit; agrees to maintain confidentiality of audit findings, • Issues SEMS certificate(s) at closeout of audit,and agrees to • provide COS with standard report at closeout of audit, • Agrees to allow COS to periodically assess ASP and auditor performance. Audit Service Provider (ASP) Auditor • Maintains qualifications and competency consistent with expectations of ASP expectations and requirements, COS standards, and government regulations, • Performs SEMS audit services solely in behalf of ASP; utilizes COS auditing protocols and standardized reports, • Complies with all government regulations and COS member safety requirements, • Agrees to maintain confidentiality of audit findings, and • Agrees to allow ASP and/or COS to periodically assess auditor qualifications, competency, and performance.. • DRAFT - • Work in Progress 06/15/12
DRAFT - • Work in Progress COS Suggested Strategic Approach to Managing Risk Through 3rd Party Audits and Certification • Key Considerations • 1) All offshore facilities do not represent the same inherent risk: • Deepwater Risk > OCS Risk • Drilling Risk > Operating Risk • New Operations Risk > Mature Operations Risk • 2) The level of audit should match the level of risk: • Lower and moderate relative risk warrant 2 levels of audit control • Higher relative risk warrant 3 levels of audit control • Staging of audits should reflect risk; higher relative risk first • If resources are potentially limited then a process should be in place to assure those resources are focused on higher relative risk first • DRAFT - • Work in Progress 06/15/12
DRAFT - • Work in Progress COS Suggested Strategic Approach to Managing Risk Through 3rd Party Audits and Certification Accreditation Organization Oversight (COS) (COS – 2 – 04) 3rd Layer of Control Audit Service Provider Oversight (COS – 2 – 03) Increasing Levels of Control Deepwater (+1000 ft) 2nd Layer of Control Training Requirements for Auditors (COS – 2 – 01) Audit Team Requirements (COS – 2 – 02) + 1st Layer of Control • DRAFT - • Work in Progress 06/15/12
DRAFT - • Work in Progress COS Suggested Strategic Approach to Managing Risk Through 3rd Party Audits and Certification OCS Accreditation Organization Oversight (COS) (COS – 2 – 04) + 3rd Layer of Control Requirements Addressed within Current SEMS Proposal Audit Service Provider Oversight (COS – 2 – 03) Increasing Levels of Control Deepwater (+1000 ft) + 2nd Layer of Control Training Requirements for Auditors (COS – 2 – 01) Audit Team Requirements (COS – 2 – 02) + 1st Layer of Control Increasing Risk Lower Relative Risk (i.e., Mature Facilities on OCS) Moderate Relative Risk (i.e., Drilling on OCS) Higher Relative Risk (i.e., Deepwater Drilling and Operations) • DRAFT - • Work in Progress 06/15/12
COS Link to Competency Assurance Accredits and periodically audits processes and joint competencies Audit Service Provider COS Accredits and periodically audits training program May periodically evaluate individual competency May periodically evaluate individual competency Lead Auditor Certified Training Provider Auditor(s) • DRAFT - • Work in Progress 06/15/12
COS/ASP/COS Member Company Relationships Audit Service Provider (ASP) • Contract between ASP and COS • Member Company • Suggested language for • contract referenced in • contract between COS • and ASP • Contract between ASP and COS • Under development by API • Stipulates using COS language • in contract between ASP and • COS Member Company • References COS publications • Certification Process • Audit protocol • ASP qualifications • Auditor qualifications • Standard audit report COS Member Company COS • Membership Agreement • Ready for endorsement by • COS Board • References COS publications • DRAFT - • Work in Progress 06/15/12
COS Member/Contractor/ASP Relationships COS Accredited ASP COS Accredited ASP Recognizes COS certificates Issued by other COS accredited ASPs and avoids duplication of auditing Issues SEMS certificates Issues SEMS certificates Contractor* Retains auditing services Retains auditing services Resolves potential SEMS conflicts via bridging document COS Member *Generic term for drilling company, service/supply company, construction company • DRAFT - • Work in Progress 06/15/12
COS Certification – How it Works • Step 1 – Establishing Audit Service Providers • An ASP (as an independent entity with no ties to the COS) implements a business model for creating and managing an audit team to provide 3rd party auditing services to industry. Audit team must be qualified and trained consistent with COS publications. • An ASP approaches COS/API for COS accreditation. • The ASP pays for the accreditation process and agrees to periodic oversight by COS. • The COS/API accredits Audit Service Provider(s (ASPs) and adds the ASP to the COS published list of accredited ASPs. • DRAFT - • Work in Progress 05/23/12
COS Certification – How it Works • Step 2 – Linking Audit Service Providers with COS Members • A COS Member establishes a need for a 3rd party audit and utilizes the COS website to identify/validate potential audit service providers (ASP). • The COS Member selects an ASP and enters into a business agreement with the ASP to provide a 3rd party audit; the COS Member and ASP business contract includes language endorsed by the COS. • The ASP and COS Member agree to an “audit plan” consistent with COS protocols and publications. • The ASP provides the COS a courtesy notice such that the COS, at COS’ discretion, may provide oversight consistent with the accreditation process. • DRAFT - • Work in Progress 06/15/12
COS Certification – How it Works • Step 3 – Performing the Audit and Closeout • The ASP performs a SEMS audit consistent with COS protocol. • The ASP, through the use of COS standard report, provides the COS Member Company a report that identifies SEMS gaps, and identifies which gaps must be closed out to “certify”. • The COS Member creates a gap(s) closure plan for review with the ASP. The ASP and COS Member agree to timing for gap(s) closure and which gaps closures must be validated by ASP. • The ASP also creates a recommendation on “good practices” that the COS Member may consider sharing with the COS. • DRAFT - • Work in Progress 06/15/12
COS Certification – How it Works • Step 4 – Issuing Certificates • Upon closeout of audit gaps, the ASP issues the standard COS report to the COS, and • The ASP issues a dated COS Certificate. • Step 5 – COS Member Company Follow-Up • The COS Member Company, at their own discretion, shares “better practices” with the COS (or allows the ASP to do so in their behalf). • The COS Member Company, consistent with COS Membership Agreement, maintains their SEMS program, and seeks out recertification within 3yr period. • DRAFT - • Work in Progress 06/15/12
Assuring Team Competency Start Do individual team members meet requirements established in Section x.x (see slide # 22 for summary) Select different individuals and revalidate competency against Section x.x No Yes Select different Team Lead and revalidate competency against Section x.x Does Team Lead meet requirements established in Section x.x (see slide # 24 for summary) No Yes Add additional and/or select different team members and revalidate competency against Section x.x Does whole audit team meet requirements established in Section x.x (see slide #26 for summary) No Yes Audit may proceed • DRAFT - • Work in Progress 06/15/12
Audit Team Member Competency COS-1-03 • Audit Team members shall meet the following minimum qualification requirements: • Two (2) yrs. offshore oil and gas (or related industry) experience, • Evaluated by either the Audit Service Provider (ASP) through the ASPs documented process or by a recognized auditor Certification Body (i.e., BEAC) • Completed a 24 hour training program that meets the applicable requirements outlined in COS-1-04, and includes three (3) hours of examination and/or skills evaluation. • Technical competency of the audit team may be supplemented by use of Technical Experts with the following qualifications: • Bachelor’s degree or equivalent work experience, • Five (5) years experience in oil and gas (or related industry), and • Five (5) years experience specifically in the area of their expertise. • If a Technical Expert is designated as an audit team member, then that Technical Expert must meet the expected requirements for audit team members. • DRAFT - • Work in Progress 06/15/12
Quality Assurance for Auditor Designation Audit Service Provider Note: An Audit Service Provider may also be a certified training provider. Provides COS endorsed SEMS auditor training and evaluation Checks certification, training, and qualification as SEMS auditor Auditor(s) Certified Training Provider • DRAFT - • Work in Progress 06/15/12
Audit Team Lead Competency In addition to meeting the qualifications outlined for an audit team member, lead auditors will have: • Been certified by an auditor Certification Body (i.e., BEAC, RAB-QSA, IRCA, etc.) as a management system auditor, • Participated in at least three (3) audits in the past three years, • Participated full time in at least one (1) audit as either a lead auditor or a lead-auditor-in-training, • A minimum five (5) yrs. offshore oil and gas (or related) experience within the last 8 years, • Completed an additional eight (8) hrs. lead auditor training class that includes one (1) hour on professional ethics, and one (1) hour of examination and/or skills evaluation. • DRAFT - • Work in Progress 06/15/12
Quality Assurance for Lead Auditor Designation Audit Service Provider Note: An Audit Service Provider may also be a certified training provider. Provides COS endorsed SEMS lead auditor training and evaluation Issues certification as management system auditor Checks certification, training, and qualification as management system lead auditor Lead Auditor *BEAC, RAB-QSA, IRCA, etc. Auditor Certification Bodies* Certified Training Provider • DRAFT - • Work in Progress 06/15/12
Audit Team Collective Competency • Audit teams must have a joint competency that reflects: • Five (5) yrs. experience in development and implementation of HSE management systems, • Five (5) yrs. experience with MOC, HRAs, offshore procedures, process safety, and mechanical integrity, • Two (2) yrs. experience with interpretation and application of 30 CFR Part 250/RP 75, • Specific knowledge and understanding of COS RP75 SEMS audit protocols, and • Specific knowledge and experience related to operation of the facility. • Collective competency may be achieved by either a single individual or the combined competency of multiple individuals. • For full scale SEMS program certification, audit teams must have as a minimum of one (1) Audit Team Leader that meets the audit team lead qualifications plus two (2) additional auditors that meet the audit team member qualifications. • Validation of individual facility compliance with a company’s SEMS program will be performed as agreed to between the ASP and the company. • DRAFT - • Work in Progress 06/15/12
Additional Key Points The ASP is responsible for selecting, qualifying, and appointing audit team members and, if necessary, technical experts to assure audit team competence leads to a high quality audit. The audit team, as a whole, must either have the required collective competency to assess the technical challenges of the facility being audited, or must supplement the audit team with qualified technical experts. Specific roles and responsibilities of the audit team members must be documented and cross checked. ASPs must have a documented process in place for periodically evaluating the performance of both audit team leaders and audit team members. ASP’s are responsible for assuring audit team leaders are maintaining competency. In addition to the training outlined in COS-1-01, each member of the audit team must have safety related training (i.e., HUET, TWIC, etc.) required by the offshore facilities being visited. The COS reserves the right to periodically, at COS’s discretion, audit ASP processes and auditor(s) competency. • DRAFT - • Work in Progress 06/15/12
ASP Competency Evaluator ASPs Link to Competency Assurance Audit Service Provider * Lead Auditors must also have a certification as a management system auditor issued by an internationally recognized auditor certification body (ACB) such as BEAC, RAB-QSA, IRCA, etc. Assigns Provides oversight and leadership Lead Auditor* Periodically evaluates Periodically evaluates Evaluates real time Auditor(s) • DRAFT - • Work in Progress 06/15/12
ASP Competency Evaluator Training Providers Link to Competency Assurance Trains, evaluates, and issues certification as COS SEMS lead auditor Trains, evaluates, and issues certification as COS SEMS lead auditor Trains, evaluates, and issues certification as COS SEMS auditor * Lead Auditors must also have a certification as a management system auditor issued by an internationally recognized auditor certification body (ACB) such as BEAC, RAB-QSA, IRCA, etc. Lead Auditor* Certified Training Provider Auditor(s) • DRAFT - • Work in Progress 06/15/12
SEMS Audit Reporting Timeline COS Member implements corrective action plan As Agreed to by member and ASP 3 years COS member consults with ASP on a verification process. As Agreed to by member and ASP 6 Months Maximum 30 Days 30 Days COS Member completes report with corrective action plans to address NC’s identified in the COS Standard Audit Report issued by ASP Corrective action plans include timing and responsible parties If audit to fulfill BSEE requirement – ASP to submit the COS Standard Audit report to BSEE, and COS member to provide COS Standard Audit Report to BSEE with corrective action plans included ASP accepts and verifies corrective actions; all NCs must be closed out for ASP to certify ASP provides completed COS Standard Audit Report with corrective action plans to COS Good practices shared with COS, if approved by COS member ASP issues a dated COS SEMS Certificate Audit Closed COS Member Company maintains their SEMS program COS Member Company starts next COS certification audit within 3 year period Minimum 30 Days Audit Starts ASP Audit Plan to COS Member SEMS audit Initiated by COS Member COS Member contracts with ASP to perform SEMS audit COS provided a courtesy notification Auditing Complete – Formal audit close-out meeting between ASP and COS Member Draft Audit report provided to COS member by ASP ASP issues COS Standard Audit Report to COS Member Report identifies NCs (does not include corrective action plans) BSEE Audit Complete COS Member decides that audit will meet BSEE requirements COS Member provides audit plan to BSEE • DRAFT - • Work in Progress 06/15/12
COS Standard SEMS Report • DRAFT - • Work in Progress 06/15/12
COS Standard SEMS Audit ReportStakeholders - Needs To ensure the needs of all stakeholders are met, we need to identify the stakeholders and understand their needs. A single report that meets all common stakeholder needs will benefit everyone. • DRAFT - • Work in Progress 06/15/12
COS Standard SEMS Audit ReportStakeholders Operator / Auditee BSEE COS Industry (General Sense) Industry (Senior Executives) Public & NGO • DRAFT - • Work in Progress 06/15/12
COS Standard SEMS Audit ReportStakeholders – Needs - Operator/Auditee Provide a standard report format with enough detail to identify appropriate corrective action Adequacy of system vs failure to execute Meet reporting needs to satisfy BSEE compliance requirements (directly transferable) Timely Minimize delays Meet reporting needs to COS (directly transferable) Must add value Avoid Failure Objectivity rather than Subjectivity Unacceptable delays in meeting regulatory timing requirements Provide enough detail to take action, without getting into excessive non-value added information • DRAFT - • Work in Progress 06/15/12
COS Standard SEMS Audit ReportStakeholders – Needs - Industry (General Sense) Indirectly from COS Timely access to data General understanding What’s working (complying) What’s not working (noncomplying) Potential effective practices • DRAFT - • Work in Progress 06/15/12
COS Standard SEMS Audit ReportStakeholders – Needs - Industry (Senior Executives) Indirectly from COS Level of confidence on actual progress Understanding of industry exposure Limit individual company liability Potential effective practices • DRAFT - • Work in Progress 06/15/12
Standard COS SEMS Audit ReportIncludes: - all consistent needsExcludes: - non-consistent needs • DRAFT - • Work in Progress 06/15/12
COS Audit Report Utilization of report findings • DRAFT - • Work in Progress 06/15/12
Audit Report • Cover Pages • Who, What, When, Where, and How • Results • Section for each of the 13 SEMS Elements • Nonconformances • DRAFT - • Work in Progress 06/15/12
SEMS Elements Analysis – Raw Data - % Conformance by Element Element % Compliance • DRAFT - • Work in Progress 06/15/12
SEMS Elements Analysis – Raw Data - % Conformance by Question in ElementElement 7 Question % Compliance • DRAFT - • Work in Progress 06/15/12
SEMS ElementsAnalysis – Ranked Data • DRAFT - • Work in Progress 06/15/12
SEMS ESEMS Evaluation & actionlements - Results Analysis – Ranked by Company Compliance (blind) % Compliance Company • DRAFT - • Work in Progress 06/15/12
SEMS Evaluation & action • Develop and implement blind voluntary system for COS Members to share effective practices, by SEMS Element, with other COS Members • Members with an effective SEMS element can provide effective practices • Members can view effective practices provided by other members • May have a COS review panel to evaluate provided effective practices • COS review panel could include ASP • COS review panel may include BSEE? • COS develops list of Subject Matter Experts (SME) by SEMS Element • Members contact COS SME for assistance • DRAFT - • Work in Progress 06/15/12
SEMS Elements - Results Analysis – Ranked by Question Compliance within Element % Compliance Question • DRAFT - • Work in Progress 06/15/12
SEMS Elements - Results Analysis – Ranked by questions with lowest Compliance % Compliance Question • DRAFT - • Work in Progress 06/15/12
SEMS Evaluation & action • Critical review of findings and corrective actions for questions with greatest incidence of noncompliance. • Risk rank questions • Focus on higher risk issues first • Identify commonalities and trends • Perform broad root cause analyses as appropriate • Identify and seek good practices • Identify potential corrective actions • Share learnings • DRAFT - • Work in Progress 06/15/12
Measuring Success Questions? • DRAFT - • Work in Progress 06/15/12
Questions? 06/15/12