United States
Environmental Protection
Agency
Office of Solid Waste
and Emergency Response
(5104)
EPA 550-B99-008
August 1999
www.epa.gov/ceppo/
Guidance for Auditing
Risk Management
Plans/Programs
under Clean Air Act
Section 112(r)
Chemical Emergency Preparedness and Prevention Office
Printed on recycled paper
-------�
-------�
NOTICE
This document is intended solely for the guidance of
government personnel. It is not intended and cannot, be
relied upon to create rights, substantive or procedural,
enforceable by any part, in litigation with the United States.
The Agency reserves the right to act at variance with this
guidance and change it at any time without public notice.
-------�
Acronyms Used in This Guidance
AIChE American Institute of Chemical Engineers
ANSI American National Standards Institute
API American Petroleum Institute
ASME American Society of Mechanical Engineers
CAA Clean Air Act
CBI Confidential Business Information
CCPS Center for Chemical Process Safety
CFR Code of Federal Regulations
D & B Dun and Bradstreet
EPA Environmental Protection Agency
EPCRA Emergency Planning and Community
Right-to-Know Act
ERNS Emergency Response Notification System
HAZWOPER Hazardous Waste Operations and Emergency
Response
LEPC Local Emergency Planning Committee
NCP National Contingency Plan
NFPA National Fire Protection Association
NRS National Response System
OSHA Occupational Safety and Health Administration
PHA Process Hazard Analysis
PPE Personal Protective Equipment
PSM Process Safety Management
RMP Risk Management Plan
SARA Superfund Amendments and Reauthorization
Act
SERC State Emergency Response Commission
-------�
Table of Contents
OF
Introduction [[[ .1
Guidance; Purpose; and Background. ................................ .3
Interrelated Opportunities for Accident Prevention 4
Risk Management Program Requirements 1
Table 1: RMP Program Levels 8
Developing an RMP Audit Program .9
Objective 9
Approaches to an RMP Audit: 9
How to Use Reviews / Audits / Inspections 10
The RMP Audit Process 13
Step (1) Selecting Facilities for RMP Audits 15
Step (2) Off-site Activities 16
Collecting Background Information ............................ .16
Table 2: Background Information .... .17
Planning the Audit 17
Prepare Audit Staff and Plan Logistics 17
Table 3: Potential Audit Components .............................. .18
Step (3) At the Site ............................................ .20
Entering the Facility 20
Opening Meeting 20
Collecting and Analyzing Information .......................... .22
Personal Protective Equipment (PPE) ........................... .23
Exit Briefing 23
Step (4) Concluding Activities 25
Follow-up Meeting 25
Audit Report 25
Step (5) After-Audit Actions 27
Preliminary Determination 27
Final Determination ......................................... .27
ANNEX A: Site Safety Plan for On-Site Activities
ANNEX B: Audit Report
ANNEX C: Audit Checklist
-------�
Guidance for Auditing Risk Management Plans & Programs
-------�
Introduction
-------�
Guidance for Auditing Risk Management Plans & Programs
-------�
GUIDANCE PURPOSE AND BACKGROUND
Purpose
This document provides guidance for implementing agencies
that are required by the Risk Management Program regula-
tion (40 CFR 68.220) to conduct audits. It is designed as a
tool for auditors reviewing industry compliance with the Risk
Management Program regulation. However, this guidance
does not reflect all requirements that a stationary source
must meet to be in compliance with the regulation.
Background
The Environmental Protection Agency (EPA) works closely
with stakeholders to reduce the likelihood and severity of
chemical accidents.
Several important planning and legislative initiatives have
been introduced since 1968. These include the National
Contingency Plan (NCP) (started in 1968), EPA's voluntary
Chemical Emergency Preparedness Program started after the
December 1984 accident in Bhopal (India), the Emergency
Planning and Community Right-to-Know Act of 1986
(EPCRA), and the Accidental Release Prevention require-
ments under Section 112(r) of the Clean Air Act (CAA), as
amended in 1990. These initiatives address the entire safety
continuum dealing with chemical accident preparedness,
response, and prevention.
In this document "RMP" denotes the Risk Management Plan,
which summarizes the source's risk management program and
is submitted to EPA.
Introduction
Guidance Purpose and
Background
-------�
Accident
prevention
opportunities
include:
• Chemical
Safety Audits
• Accident
investigation
• General Duty
M RMP Audits
INTERRELATED OPPORTUNITIES FOR CHEMICAL
ACCIDENT PREVENTION: Chemical Safety Audits,
Accident Investigations, General Duty, and RMP Audits
From a government point of view, chemical accident preven-
tion involves: (1) working with sources to improve their
chemical safety management program, and (2) encouraging
communities to coordinate risk reduction activities with facil-
ities even as they enhance emergency preparedness for
response to possible accidents. Improving the safe use and
management of chemicals begins with an understanding of:
• How and why accidents occur;
• How industry identifies chemical and process hazards;
• How industry designs, maintains, and operates a safe
facility; and
• How the consequences of accidents are minimized.
Industry has the expertise and responsibility to make sure
that the elements of safe operation (e.g., procedures, train-
ing, maintenance) are brought together and managed day-to-
day. Government agencies can help sources by auditing
their safety management programs, comparing them to suc-
cessful practices used by other sources, and stimulating
improvements.
The Risk Management Program regulations are among the
several tools implementing agencies have to help facilities
prevent chemical accidents. Existing and new programmatic
tools are briefly described below. Each of these programs is
designed to help identify the causes of accidental chemical
releases as well as the means to prevent them from occur-
ring. Additionally, these activities can be used to promote
coordination within the local community.
Chemical Safety Audits
Chemical Safety Audits are designed to:
• Share information about chemical safety practices and
technologies with visits to sources that handle hazardous
substances;
• Heighten awareness of the need for and promote chemi-
cal safety at chemical facilities and in the communities
where chemicals are located; and
• Build cooperation among sources, government agencies,
and others.
-------�
Introduction
Interrelated Opportunities
for Accident Prevention
Chemical safety audits are usually voluntary and may include
sources not covered by the Risk Management Program provi-
sions. One purpose of auditing a facility is to identify and
characterize the strengths and weaknesses of specific chemi-
cal accident prevention program areas, as a means to high-
light the elements which form an effective program.
Additionally, audits facilitate the sharing of information
about successful practices and recommending safety improve-
ments. This can lead to process safety improvements, which
may prevent or mitigate releases by the audited source.
Accident Investigations
The fundamental objective of a chemical accident investiga-
tion is to determine the facts, conditions, circumstances, and
causes or probable causes of chemical accidents. The ulti-
mate goal of the accident investigation is to determine the
root causes or management system failures causing an acci-
dent in order to reduce the likelihood of recurrence, mini-
mize the consequences associated with accidental releases,
and make chemical production, processing, handling, and
storage safer. Along with the root cause, the investigation
looks at contributing factors of the event that may have
broad applicability to industry, and the potential to develop
recommendations and lessons learned to prevent future acci-
dents of this type.
Section 112(r) (6) of the Clean Air Act established an inde-
pendent safety board known as the Chemical Safety and
Hazard Investigation Board ("the Chemical Safety Board").
One of the objectives of the Chemical Safety Board, as direct-
ed by the Clean Air Act, is to investigate, determine and
report to the public, the facts, conditions, circumstances, and
cause or probable cause of any accidental release resulting in
fatality, serious injury or substantial property damage.
The General Duty Clause
Section 112(r) (1) of the Clean Air Act, known as the
"General Duty Clause," further expands the range of activi-
ties EPA can undertake to promote chemical safety.
Owners and operators of stationary sources producing, pro-
cessing, handling, or storing extremely hazardous substances
have a general duty to:
The Chemical Safety
Board began operat-
ing in 1998 after it
was funded by
Congress. EPA and
the Chemical Safety
Board have developed
a Memorandum of
Understanding which
addresses their respec-
tive authorities and
coordination on acci-
dent investigation. To
view this MOU, see
www. epa. gov/ceppo/
ap-acin.htm.
For further information
concerning the
Chemical Safety
Board, visit the web
site at
http://chemsafety. gov
or http://csb.gov.
• Identify hazards associated with a potential accidental
release, using appropriate hazard assessment techniques;
-------�
• Design and maintain a safe facility, taking steps to pre-
vent releases; and
• Minimize the consequences of accidental releases that
do occur.
The General Duty Clause is not limited to a finite list of
chemicals or established thresholds.
To the extent state or local law establishes a similar general
duty, implementing agencies other than EPA can take
actions to promote safe operating practices and the preven-
tion of chemical accidents.
RMP Audits
RMP audits help ensure compliance with the Risk
Management Program. EPA intends to use the audit
process as a way to verify the quality of the program sum-
marized in the RMP. When it is reasonable, EPA will
require modifications to the RMP that may lead to quality
improvements in the underlying program.
Each government agency, whether federal, state, or local,
should determine what authorities it presently has to con-
duct the above activities. Most should find that their pre-
sent authorities are sufficient. The agency should consult
with legal counsel to determine the most effective use of
their authorities.
The above-mentioned activities are not mutually exclusive.
Many times, a combination of activities may be used to
achieve results. For example, an agency might investigate a
chemical accident at a facility. While the investigation may
determine a root cause, a chemical safety audit may con-
firm that procedures are being used to reduce the risk of
future accidents. Additionally, the agency may also audit
compliance with the General Duty Clause and/or RMP
requirements.
-------�
Introduction
Risk Management
Program Requirements
RISK MANAGEMENT PROGRAM REQUIREMENTS
Section 112(r) of the CAA requires EPA to publish rules and
guidance for chemical accident prevention. The rules pro-
mulgating the list of regulated substances (published January
31, 1994) and the Risk Management Program provisions
(published June 20, 1996) are found at 40 CFR Part 68. The
Risk Management Program contains three elements: a haz-
ard assessment, a prevention program, and an emergency
response program. The entire program is to be described
and documented in a risk management plan (RMP) which is
submitted to EPA.
In general, the RMP submitted by most facilities includes the
following:
• Executive summary;
• Registration information;
• Off-site consequence analysis;
• Five-year accident history;
• Prevention program; and
• Emergency response program
Owners or operators of a stationary source with more than a
threshold quantity of a regulated substance (one of the 140
listed toxic and flammable substances in 40 CFR Section
68.130) in a process, as determined under section 68.115,
must submit an RMP no later than the latest of the following
dates:
(1) June 21, 1999;
(2) Three years after the date on which a substance is first
listed under 40 CFR 68.130; or
(3) The date on which a regulated substance is first present
in a process above a threshold quantity.
The Risk Management Program regulations also define the
activities that sources must undertake to identify and mini-
mize the risks posed by regulated substances in covered
processes. Specifically, EPA defined three "program levels" to
ensure that individual chemical processes are subject to
appropriate requirements based on the size of the process
and the associated risks, (see table on next page).
Who is Covered?
EPA estimates that approximately
36,000 facilities are covered by the
provisions of 40 CFR Part 68, including:
Chemical manufacturers (industrial
organics and inorganics, paints, phar-
maceuticals, adhesives, sealants, fibers),
Petrochemical (refining and gas pro-
cessing operations, plastics and resins,
synthetic rubber),
Other manufacturing (electronics,
semiconductors, paper, fabricated met-
als, industrial machinery, furniture, tex-
tiles),
Agriculture (fertilizers),
Public sources (drinking and waste
water treatment works),
Electric utilities,
Food and cold storage,
Chemical warehousing,
Chemical wholesalers,
Military and energy installations,
and
Other stationary sources.
-------�
Guidance for Auditing Risk Management Plans & Programs
TABLE 1: RMP PROGRAM LEVELS AND REQUIREMENTS
Program Level
Description
Program 1
Requirements apply to
processes where (1) a
worst- case release, as
determined by the haz-
ard assessment, is not
expected to reach public
receptors; (2) no acci-
dental release has
occurred in the last five
years that caused speci-
fied off-site impacts; and
(3) the source has coor-
dinated emergency
response procedures
with the local planning
and response organiza-
tions. The most likely
processes for this pro-
gram level are those at
remotely located sources
and/or those using list-
ed flammable chemicals.
Program 2
Requirements apply to
processes that do not
meet the eligibility
requirements of
Program 1 or 3.
Program 3
Requirements apply to
processes not eligibile
for Program 1, and
which are in certain
specified industrial cate-
gories or are already
subject to the OSHA
process safety manage-
ment (PSM) standard.
These generally include
higher risk, complex
chemical processing and
petroleum refining oper-
ations.
Requirements
• Conduct an off-site
consequence analysis
that evaluates worst-case
accidental release sce-
nario (s);
• Document the five-year
history of certain acci-
dental releases of regu-
lated substance from
covered processes;
• Coordinate response
plans with local emer-
gency planning and
response agencies; and
• Revise, update, and
submit the RMP at least
every five years.
• Conduct an off-site
consequence analysis
that evaluates worst-case
accidental release sce-
nario (s);
• Document the five-year
history of certain acci-
dental releases of regu-
lated substance from
covered processes;
• Coordinate response
plans with local emer-
gency planning and
response agencies; and
• Revise, update, and
submit the RMP at least
every five years.
Evaluate alternative acci-
dent release scenarios
and establish:
• An integrated preven-
tion program for manag-
ing risk;
• Provisions for respond-
ing to emergencies; and
• An overall manage-
ment system supervising
the implementation of
these program elements.
• Conduct an off-site
consequence analysis
that evaluates worst-case
accidental release sce-
nario (s);
• Document the five-year
history of certain acci-
dental releases of regu-
lated substance from
covered processes;
• Coordinate response
plans with local emer-
gency planning and
response agencies; and
• Revise, update, and
submit the RMP at least
every five years.
Evaluate alternative acci-
dent release scenarios
and establish:
• An integrated preven-
tion program for manag-
ing risk;
• Provisions for respond-
ing to emergencies; and
• An overall manage-
ment system supervising
the implementation of
these program elements.
-------�
DEVELOPING AN RMP AUDIT PROGRAM
Introduction
Developing an
RMP Program
Objective
The RMP regulation states that, in addition to inspections for
the purpose of regulatory development and enforcement of
the CAA, the implementing agency shall periodically audit
RMPs to review their adequacy and require revisions when
necessary to ensure compliance with the Risk Management
Program regulations. This means that the implementing
agency is responsible for verifying RMP information against
an independent source of information, such as data from
other EPA or state databases, or by conducting on-site verifi-
cation.
RMP audits focus on the data contained in the Risk
Management Plan, as well as the underlying risk manage-
ment program. An RMP is a blueprint of how Risk
Management Program provisions are incorporated into
process safety at the facility, just as an emergency response
plan is a blueprint of an emergency response program for a
community or a facility. Emergency plans do not directly
protect the public; emergency response programs are the
comprehensive approach to protecting the public.
Approaches to an RMP Audit
Full compliance with the Risk Management Program regula-
tions cannot be determined without on-site or independent
verification of all or part of the information submitted in an
RMP. However, each implementing agency should deter-
mine the scope of the audit process to be used. This deter-
mination is based on available resources, priorities, expertise,
and other factors. Auditing to ensure compliance with the
Risk Management Program regulation may consist of a range
of off-site and on-site activities. Off-site activities might
include determining that the rule applies to the source, that
the facility placed itself in the correct program level, and that
the source submitted a complete and correct RMP. On-site
activities might include verification of documentation and
process review.
To ease the inspection burden, the implementing agency
should also determine how the scope and conduct of on-site
audit activities can be coordinated with other regulatory
inspections. For example, the implementing agency might
coordinate with either the federal or state OSHA office with-
RMP audits focus
on compliance
with the plan
requirements, as
well as the
underlying risk
management
program
-------�
in its jurisdiction. If chemical facilities are subject to the
OSHA PSM Standard, OSHA has its own authority over the
facilities' prevention program. This inter-agency coordina-
tion may save resources and decrease the burden on the
facility.
How to Use Reviews / Audits / Inspections
The Risk Management Program regulations mention the use
of completeness checks, reviews, audits, and inspections.
These terms are defined below.
RMP Completeness Checks. The implementing agency may
conduct an in-office "completeness check" of the RMP.
RMP*Submit (a submission system developed by EPA) will
check each RMP before it is submitted to ensure that all the
required data elements have been completed; the software
program will indicate which fields are missing any required
information. In addition, the EPA reporting center will use a
similar technique to review every RMP submitted to see if all
necessary fields have been completed.
RMP Reviews. Implementing agencies may want to review
the data in an RMP to identify discrepancies. For example,
the Executive Summary and registration data can be com-
pared to chemical inventory data submitted to the state
under EPCRA section 312 (always remembering that EPCRA
section 312 and CAA section 112(r) may have differences in
thresholds). Agencies may also want to review RMPs to iden-
tify internal data inconsistencies (e.g., dates listed for activi-
ties should be verified as internally consistent), facilities with
potential problems based on their accident histories, and
unusual data (e.g., failure to list appropriate hazards under
the prevention program). For example, if an RMP reports
that there has recently been a major change in a process that
triggered a review or revision of certain requirements (see
68.l70(k)), but the RMP indicates that these requirements
have not been reviewed or revised since the date of the
change, further inquiry is warranted.
RMP Audits. In an audit, the contents of the RMP are
reviewed to determine completeness of the risk manage-
ment program and adequate compliance with section 112(r)
requirements. Audits involve more than simply reviewing the
RMP; specifically, an audit involves an independent verifica-
tion of the information in an RMP (e.g., by consulting other
data sources or visiting the facility). Some elements of an
audit include: verifying the number of processes a facility has
-------�
Introduction
Developing an
RMP Program
included in its RMP, or the existence of mitigation systems
reported in the RMP. An audit may also focus on accident
histories and off-site consequence analyses (e.g., are the
reported dates reasonable?). Additionally, audits could be
useful in comparing accident histories with accidents report-
ed to the SERC and LEPCs under EPCRA Section 304, which
requires reporting of certain chemical releases. Audits may
also compare practices among facilities within the same
industry sector to determine if particular facilities within the
State are meeting industry standards and implementing
appropriate accident prevention activities.
Inspections. Inspections complement RMP audit activities
and are valuable for evaluating compliance with the substan-
tive elements of the Section 112(r) rule. Many implement-
ing agencies that have programs for the protection of public
health and safety already have staff who are qualified to con-
duct on-site inspections (e.g., water permitting agencies visit
water treatment plants; fire inspectors check on propane dis-
tributors) . With proper training, it may be efficient for these
regulators and inspectors to add 112(r) compliance elements
to their inspection checklist.
Pursuant to an audit, which may be combined with an inspec-
tion, a stationary source may be required to revise its RMP
and correct deficiencies in its underlying program. For
example, if an audit indicated that a stationary source had
not reviewed and updated operating procedures after a
change and that such updates were needed, the stationary
source could be required to update the procedures, re-train
workers in the new procedures, and submit a revised RMP.
-------�
Guidance for Auditing Risk Management Plans & Programs
-------�
The RMP Audit Process
-------�
Guidance for Auditing Risk Management Plans & Programs
-------�
The RMP Audit Process
Step (I): Selecting Facilities
for RMP Audits
STEP (1): SELECTING FACILITIES FOR RMP AUDITS
Under 68.220(b), the implementing agency may select
sources for audits based on any of the following criteria:
(1) Accident history;
(2) Accident history of other sources in the same industry;
(3) Quantity of regulated substances;
(4) Location and proximity to the public and environmental
receptors;
(5) Presence of specific regulated substances;
(6) Hazards identified in the RMP; or
(7) A plan providing for neutral, random oversight.
Related criteria could include the number of accidental
releases, whether there have been any catastrophic accidental
releases, and the known toxicity of chemicals used in the
processes.
Stationary sources with a "Star" or "Merit" ranking under
OSHA's voluntary protection program are exempt from
audits based solely on criteria (2) and (7). However, these
sources may be audited based on any of the other five crite-
ria [68.220(c)]. Each implementing agency should develop
a targeting system, based on their resources and priorities.
There are several
basic steps to con-
ducting an RMP audit.
(1) The first is select-
ing facilities to be
audited. (2) Next,
there is a range of
potential off-site, on-
site, and concluding
activities. (3) Finally,
there is a series of
post-audit actions.
15
-------�
STEP (2): OFF-SITE ACTIVITIES
If more than one auditor is participating in the audit, the
entire audit team should participate in a planning meeting
prior to the audit. This meeting should include any person-
nel from outside the implementing agency who will partici-
pate in the audit. The team should include personnel from
the implementing agency and personnel from other agencies
to provide technical support (i.e., fire marshal, emergency
management staff, environmental management staff).
Additionally, if possible, the implementing agency should
include LEPC members and/or local response agency mem-
bers.
The lead auditor should determine at this point whether or
not the source will be notified in advance of the site visit.
Prior notification may be dictated by implementing agency
policy or practices. If the source is to be notified in advance
of the visit, the lead auditor should schedule well in advance
the date, time, and point of arrival at the source.
The lead auditor should:
• Brief all auditors on the rationale for the audit;
• Assign each auditor specific section(s) of the audit
report, including collecting stationary source background
information related to his/her report section;
• Identify related regulatory requirements (e.g., hot work
permit, HAZWOPER); and
• Establish a schedule for completing collection of the nec-
essary background information, conducting the pre-visit
meeting, conducting the audit, and completing the audit
report.
Collecting Background Information
Preliminary preparation is key to a well organized audit. It is
useful to collect as much of the source background informa-
tion as possible in advance of the audit. The lead auditor
may elect to notify the source, state, and local officials of the
pending audit and request appropriate background informa-
tion. The auditor(s) then can review this information prior
to the visit, prepare a detailed list of topics and questions to
help organize their on-site activities, and minimize the
amount of time spent at the source. The following table lists
some examples of background information that may be use-
ful to auditors.
-------�
The RMP Audit Process
Step (2): Off-Site Activities
TABLE 2: BACKGROUND INFORMATION
Types of Information
Submitted RMP
History of releases at the source and/or similar sources
Chemical processes
EPCRA Chemical Inventory Data
Sources of Information
RMP*Info and/or RMP*Review (database avail-
able to the implementing agency from EPA).
On-scene coordinator reports, Accidental
Release Investigation Program (ARIP) question-
naires, RMPs, Emergency Response Notification
System (ERNS) data, EPCRA 304 release notifica-
tions, State release files.
Industry standards and processing techniques
from trade and professional groups
(e.g.American Institute of Chemical Engineers
(AIChE), ASME, and the Chlorine Institute),
process flow diagrams, and piping and instru-
mentation diagrams.
SERC, LEPC, local fire department.
Auditors should also determine the applicability of existing
checklists specific to the source being audited; for example,
checklists developed by EPA in sector-specific RMP guidances
may be used (e.g., ammonia refrigeration, publicly owned
treatment works, chemical warehouses, propane users).
Auditors should also familiarize themselves with industry and
government standards specific to the source (e.g., standards
developed by OSHA, NFPA, ANSI).
Planning the Audit
An on-site audit might include review of programs and
records, verification of data, and analysis of prevention mea-
sures. See the following table of potential audit components
for suggestions.
Prepare Audit Staff and Plan Logistics
The lead auditor should hold a pre-visit meeting with all
auditors as close to the date of the audit as possible. By this
time all auditors should be familiar with this guidance and
any information they have collected about the stationery
source to be audited and its processes. Additional informa-
tion to be obtained at the source should be identified and
auditors should develop individual plans for conducting their
17
-------�
Guidance for Auditing Risk Management Plans & Programs
TABLE 3: POTENTIAL AUDIT COMPONENTS
Review
Verify
Evaluate
Engineering review
• accident history
• incident investigation reports, and documentation of corrective measures taken
• preventive maintenance program
• process hazard analysis or hazard review, including review of safety information
and risk scenarios
• soundness of air modeling results
• operation and maintenance records, inspection procedures, and repairs records
• training records and review of emergency plan exercise program
• emergency response program capabilities, including exercises, equipment, train-
ing, off-site programs, public notification, procedures, and communication with
local emergency responders
• management of change program, pre-start review program, employee participa-
tion program, hot work permit program, and contractor employee training
• facility classification and program designation
• air modeling methods and results
• model input parameters
• mitigation measures and systems
• process enhancements, including facility-conducted compliance audit results
and recommendations
• additional (unreported) covered processes
• processes
Engineering analyses I • release prevention measures
Engineering verification • mitigation measures, design parameters
portion of the audit. For extensive audits, the pre-visit meet-
ing should:
• Establish the entry authority of each auditor;
• Review each auditor's area of responsibility;
• Review the audit objectives and highlight areas of special
interest;
• Review any site-specific personal health and safety issues,
and complete, if necessary, a site safety plan for on-site
activities;
• Review information about key personnel and operations
at the site;
• Establish an agenda for each day of the site visit;
• Review logistical matters (e.g., nightly team meetings to
discuss results and plan the next day's activity);
-------�
Review the RMP submitted by the source and preliminari-
ly evaluate compliance with regulatory requirements;
Arrange for proper management of confidential business
information (CBI); and
Cover any additional topics.
The RMP Audit Process
Step (2): Off-Site Activities
The lead auditor should also:
• Develop site-specific guidance, if needed;
• Reserve work space and equipment at the source;
• Develop employee interview questionnaires, if an inter-
view is planned; and
• Schedule opening meetings, closing meetings, and daily
debriefings.
-------�
STEP (3): AT THE SITE
Entering the Facility
Under 40 CFR 68.220(d), the implementing agency shall
have access to the source, supporting documentation, and
any area where an accidental release could occur. Upon
entering the source, the auditor(s) should present their offi-
cial credentials. The auditor(s) should arrive at the source
during normal working hours. The auditor(s) may sign a
"sign-in" sheet, log, or visitor register. However, the
auditor(s) must not sign any type of "waiver" or "visitor
release" which would relieve the source of responsibility for
injury or limit the rights of the auditing agencies to collect or
use data obtained from the stationary source. If a waiver or
release is presented, the lead auditor should explain that
such a document will not be signed and request a blank
"sign-in" sheet. If the auditors are refused entry because they
will not sign a release, the lead auditor should report all per-
tinent facts to the implementing agency's legal counsel. If
the matter cannot be resolved, the auditor(s) should leave
the facility. All events surrounding the refused entry must
be fully documented, including the name(s) of the person(s)
refusing entry.
Opening Meeting
The auditor(s) should conduct an opening meeting with
management personnel (e.g., plant manager, superinten-
dents of safety and operations, legal counsel, corporate rep-
resentative). The lead auditor should clearly explain the
purpose and objectives of the audit.
The lead auditor may give a copy of this guidance to the
source to help them understand the scope, purpose, and
objective of the audit. In addition, this guidance may help
the source in assembling information to be reviewed by the
auditor(s). At a minimum, the following items should be
addressed during the opening meeting:
• Discussion of entry and information gathering authorities
(with presentation of auditor(s) credentials);
• Audit purpose and objectives;
• On-site agenda;
• Identification and management of CBI;
• Information necessary to conduct the audit;
-------�
• Safety issues (e.g., source-specific safety orientation train-
ing, emergency response procedures and alarms that may
sound in an emergency);
• Schedule for exit briefing; and
• Audit report preparation.
The auditor(s) should also request a detailed overview of the
chemical processes and/or manufacturing operations at the
source, including block flow and/or process flow diagrams
indicating chemicals and processes involved.
Prior to walking around the facility, the auditor(s) should
request an explanation of the source's Risk Management
Program, including, at a minimum:
• How the elements of the program are implemented;
• Personnel who are responsible for the implementation of
the various elements of the program; and
• A description of the source's records documenting com-
pliance.
The RMP Audit Process
Step (3): At the Site
At the conclusion of the opening meeting, the lead auditor
should request access to the following information, where
applicable:
• Documentation for the hazard assessment, including
selection of model and procedures followed;
• Documentation supporting reports under the five-year
accident history (e.g., follow-up release reports, initial
notifications);
• Documentation for the process hazards analysis or hazard
review;
• Standard operating procedures;
• Training records (e.g., hazard communication, emer-
gency response) for all employees ;
• Pre-startup safety review;
• Integrity or preventive maintenance records;
• Hot work permit program;
• Written procedures to manage change to processes;
• Plan of action for implementation of employee participa-
tion;
• Written process safety information;
-------�
Confidential Business
Information
During the course of
the audit, auditor(s)
may have access or
obtain information that
may be entitled to con-
fidential treatment. It
is the source's respon-
sibility to identify this
information as
Confidential Business
Information (CBI) to
the auditor(s), in
accordance with the
Risk Management
Program regulations.
This information will
be handled in accor-
dance with the imple-
menting agency's pro-
cedures (e.g., 40 CFR
Part 2 for EPA person-
nel). Before visiting
the site, auditor(s)
should check to see if
their agency has train-
ing or programs on
handling CBI.
• Incident investigation reports;
• The emergency response plan developed by the source;
• The two most recent compliance audit reports; and
• Documentation on coordination with local officials on
emergency response activities
Collecting and Analyzing Information
After the opening meeting, the auditor(s) may accomplish
their tasks individually or in small groups, performing their
work as quickly and efficiently as possible. Special attention
should be paid to:
• Verifying the reported program level; and
• Comparing the stationary source's RMP to policies and
procedures actually implemented, especially for produc-
tion or equipment changes.
The attached checklist may be used as guidance to ensure
that regulatory requirements are met and that a basic level of
data quality is achieved. However, this checklist is not intend-
ed to be comprehensive of all applicable requirements.
Accordingly, the checklist is not a substitute for knowledge
and understanding of the regulations.
During the audit, a variety of materials will be gathered relat-
ing to operations at the source. Most of these materials
should be referenced in the report and maintained in a cen-
tral file.
Examples of the types of material that might be included are:
• Sample source memoranda, guidelines, safe operating
procedures, policy statements (e.g., safety practices,
Responsible CARE);
• Correspondence between the source and the implement-
ing agency; or
• Graphic materials such as photographs, maps, charts, plot
plans, organizational charts.
All materials should be labeled with :
• Name of the source;
• Date of the audit; and
• Other identifying information.
-------�
The RMP Audit Process
Step (3): At the Site
Personal Protective Equipment (PPE)
In addition to normal protective equipment (e.g., safety
shoes, hard hats, goggles), auditor(s) may need special
equipment:
• Flame-retardant coveralls in all areas of the plant where
there is potential for flash fires and as may be required by
policy at the source;
• Emergency escape respirators during the walk-around
portion of the audit (personnel conducting these audits
should have received proper training in the use of emer-
gency escape respirators);
• Alert monitors approved for the environment where they
will be used (e.g., HCN, C12);
• Electronic equipment (i.e., still cameras, video cameras,
cellular phones) that are safe for use in the process areas
being audited; and
• Follow facility guidance relative to the appropriate use of
PPE and request notice of any unusual conditions which
may dictate specific precautions.
Exit Briefing
Prior to the exit briefing, auditor(s) should meet privately to
review findings and establish topics for the briefing.
Significant observations and findings should be presented to
management personnel. Any issues requiring clarification
should be listed for discussion with the management person-
nel. The team leader will determine what conclusions or rec-
ommendations will be forwarded to the source at the exit
briefing.
In the exit briefing, the auditor(s) will meet with the man-
agement personnel to discuss the audit results. The lead
auditor should report to the source management all signifi-
cant findings, conclusions, and recommendations for which a
team consensus exists.
Auditor(s) should maintain a professional, courteous
demeanor during all discussions with source personnel.
Auditor(s) should make source officials aware of any stan-
dards, guidelines, or resources that would be helpful in
improving the source risk management program. However,
auditor(s) should be careful to avoid making suggestions
which imply a "consultant" type of relationship, such as
endorsing one product or firm exclusively.
Exit Briefing
• Maintain a
professional courteous
demeanor;
• Make source officials
aware of helpful
standards, guidelines,
or resources;
• Alert management to
situations requiring
immediate remediation
• Avoid implying a
"consulting" relation-
ship
• Do not state that
violations have been
observed
• Avoid statements that
affect subsequent
enforcement actions
23
-------�
Auditor(s) should never state that "violations" have been
observed. Determining that a violation has occurred is gen-
erally done after an enforcement inspection by the appropri-
ate enforcement program in consultation with legal counsel.
Auditor(s) should not make any representations that could
affect any subsequent enforcement actions against the source
(e.g., guaranteeing no enforcement will be taken if a source
performs certain actions to correct a deficiency).
The audit leader should alert the management personnel to
situations that are in need of immediate remediation (e.g.,
improper storage of incompatible chemicals).
-------�
STEP (4): CONCLUDING ACTIVITIES
Follow-up Meeting
Auditor(s) should meet as soon as possible after completion
of the site visit to ensure details of the audit are accurately
recorded. At a minimum, auditor (s) should:
• Immediately review and edit personal notes taken during
the site visit for clarity and completeness;
• Review report format, and identify any additional infor-
mation needed to complete the report;
• Review all important observations and findings;
• Agree on a date for the final report;
• Differentiate recommendations from any observed non-
compliance; and
• Resolve conclusions or recommendations that are not
supported by team consensus.
The RMP Audit Process
Step (4): Concluding
Activities
Audit Report
The report should summarize information gathered during
the audit (the attached checklists may be helpful). The
report should include:
• A basic profile of the source and general information
about the audit;
• A description of the criteria, rationale, and factual infor-
mation used to select the source for an audit; and
• Findings, conclusions, and recommendations.
The findings, conclusions, and recommendations section
should summarize the rest of the information from the com-
pleted checklists. Each finding should be documented with
information collected through document reviews. The audi-
tor^) should not interject opinions or speculative statements
in findings. Any conclusions should be based upon a com-
parative analysis of the finding with applicable rules, regula-
tions, standards, and accepted guidances. Conclusions
should be accompanied by recommendations. Each recom-
mendation should cite the specific rules, regulations, stan-
dards, accepted guidances, or technical basis used to formu-
late the recommendation. The lead auditor should consult
with all appropriate auditors and personnel in the imple-
menting agency to determine if recommendations that are
not supported by a team consensus should be included.
-------�
Each auditor should sign the report before it is submitted to
the appropriate agencies. The original report should be
maintained by the implementing agency. A copy of the
report should be forwarded to the facility's owner or opera-
tor, as well as to the:
• State Emergency Response Commission;
• Local emergency planning committee in whose area the
stationary source is located; and
• If requested, any other federal, state, and local agencies
that participated in the audit.
-------�
The RMP Audit Process
Step (5): After-Audit
Actions
STEP (5): AFTER-AUDIT ACTIONS
Preliminary Determination
Based on the results of the audit, the implementing agency
may issue the owner or operator a written preliminary deter-
mination of necessary revisions to the stationary source's
RMP to ensure that the RMP meets the criteria of 40 CFR
Part 68, Subpart G. The preliminary determination should
include an explanation of the basis for the revisions, reflect-
ing industry standards and guidelines (such as American
Institute of Chemical Engineers (AIChE)/The Center for
Chemical Process Safety (CCPS) guidelines and American
Society of Mechanical Engineers (ASME) and American
Petroleum Institute (API) standards), to the extent that such
standards and guidelines are applicable. The preliminary
determination should also include a timetable for the imple-
mentation of the revisions [68.220(e)].
The owner or operator should respond in writing to the pre-
liminary determination. The response should state that the
owner or operator will implement the revisions contained in
the preliminary determination in accordance with the
timetable included in the preliminary determination, or
should state that the owner or operator rejects the revisions
in whole or in part. For each rejected revision, the owner or
operator should explain the basis for rejecting that revision.
Such explanation may include substitute revisions
[68.220(f)(l)].
The written response should be received by the implement-
ing agency within 90 days of the issuance of the preliminary
determination. The implementing agency may specify a
shorter period of time in the preliminary determination to
protect public health and the environment. Prior to the writ-
ten response being due and upon written request from the
owner or operator, the implementing agency may provide
additional time for the response to be received
[68.220(f)(2)].
Final Determination
After providing the owner or operator an opportunity to
respond to the preliminary determination, the implementing
agency may issue the owner or operator a written final deter-
mination of necessary revisions to the stationary source's
RMP. The final determination may adopt or modify the revi-
sions contained in the preliminary determination, or may
adopt or modify the substitute revisions provided in response
-------�
to the preliminary determination. A final determination that
adopts a revision rejected by the owner or operator should
include an explanation of the basis for the revision. A final
determination that fails to adopt a substitute revision provid-
ed under 68.220(f) should include an explanation of the
basis for finding such substitute revision unreasonable
[68.220(g)].
Thirty days after completion of the actions detailed in the
implementation schedule set in the final determination, the
owner or operator will be in violation of subpart G of part 68
unless the owner or operator revises the RMP, as required by
the final determination, and submits the revised RMP
[68.220(h)].
Once a final determination has been made and the station-
ary source is deemed to be in violation of 40 CFR Part 68, the
audit report along with the final determination should be
referred to the appropriate program within the implement-
ing agency for enforcement actions. If warranted, the imple-
menting agency may initiate an enforcement action, rather
than use the preliminary and final determination process.
The public should have access to the preliminary determina-
tions, responses, and final determination pursuant to 42
U.S.C. 7414(c) [68.210(a),68.220(i)]. The disclosure of clas-
sified information by the Department of Defense or other
federal agencies or contractors of such agencies will be con-
trolled by applicable laws, regulations, or executive orders
concerning the release of classified information [68.210(b)].
None of the actions described above will preclude, limit, or
interfere in any way with the authority of the implementing
agency to exercise its enforcement, investigatory, and infor-
mation gathering authorities under the CAA concerning
accidental releases [68.220(j)].
-------�
Annexes
-------�
Guidance for Auditing Risk Management Plans & Programs
-------�
ANNEX A: SITE SAFETY PLAN FOR ON-SITE ACTIVITIES
The EPA Safety Manual, Chapter 9, and other EPA Policies articulate certain safety
planning efforts prior to field activities. The following format is consistent with these
requirements. Extensive training and certifications, and further planning in the form of
a more extensive Site Safety Plan, may be necessary in addition to the following plan.
STATIONARY SOURCE
LEAD AUDITOR
DATE
DESCRIPTION OF ACTIVITIES
Location and approximate size of stationary source:
Description of tasks and activities to be performed by each of the auditors:
Proposed date of on-site activities beginning:
Duration of the planned activities:
Site topography:
Site accessibility by roads and air:
-------�
HAZARDOUS SUBSTANCES AND HEALTH HAZARDS INVOLVED OR SUSPECTED
AT THE SITE (Fill in any information that is known or suspected)
Areas of Concern Chemical and Physical Identity of Substance
Properties and Precautions
Explosivity
Radioactivity
Oxygen deficiency
(e.g., confined spaces)
Toxic gases
Skin / eye contact
hazards
Heat stress
Pathways from site for hazardous substances dispersion:
WORK PLAN INSTRUCTIONS
Recommended level of protection:
L
a
Cartridge type if level C:
-------�
Site Safety Plan
Monitoring equipment to be used:
Accompanying/helping persons (stationary source/contractors):
Safety clothing/equipment required for those persons:
OSHA required training and certification (29 CFR 1910.120) received by
those persons:
FIELD INVESTIGATION AND DECONTAMINATION PROCEDURES
Decontamination procedures (contaminated protective clothing, instruments,
equipment, etc.):
Disposal procedures (contaminated equipment, supplies, disposable items,
washwater, etc.):
-------�
EMERGENCY CONTACTS
Hospital Phone No.:
Fax:
Emergency Medical Treatment Phone No.
Fax:
Ambulance Phone No.:
Fax:
Hospital Location:
Police Phone No.:
Fire Assistance Phone No.
Regional Health and Safety Officer
(or position with similar duties):
Phone:
-------�
ANNEX B: AUDIT REPORT
Note: A report similar to this will be generated by RMP*Review, the software avail-
able to RMP implementing agencies.
EPA facility ID #:
City:
Date:
State:
County:
AUDIT TEAM:
Lead Auditor:
Auditors:
Date(s) of stationary source visit:
I. STATIONARY SOURCE IDENTIFICATION
Name:
Street Address:
City:
County:
State:
Zip:
Latitude:
Longitude:
B-l
-------�
Dun & Bradstreet No.:
Name, address, and D & B of corporate parent company (if applicable):
Owner / operator: Phone:
Mailing Address:
City: State: Zip:
Name, title, and phone of person responsible for 40 CFR Part 68 implementation:
Name: Title: Phone:
Name and title of emergency contact:
Day Phone: 24-hour Phone:
Names, titles, and phones of stationary source personnel involved in audit (accom-
panied site tours, provided documents and explanations, etc):
II. DATE AND PROGRAM LEVELS OF SUBMITTED RMP
Date of Initial Submission:
Date of Latest Update:
Process (Program 1, 2, 3) as reported in RMP:
Process ID#: Program Level: NAICS Code:
-------�
III. FINDINGS, CONCLUSIONS, AND RECOMENDATIONS*
Signatures:
Lead Auditor:
Auditors:
Approved by:
Signature:
Title:
Date:
Findings, conclusions, and recommendations may be presented in one or
several attachments and referred to in the report.
B-3
-------�
Guidance for Auditing Risk Management Plans & Programs
B-4
-------�
ANNEX C: AUDIT CHECKLIST
Process audited:
Auditor:
Instructions: This checklist may be used for verification of RMP and Program compliance
(Check boxes coding: Y=Yes, N=No, P=Partial, A=Not Applicable)
Note: Compliance Objectives appear in the order they appear in the RMP rule
COMPLIANCE OBJECTIVES
1 . RISK MANAGEMENT PROGRAM AND PLAN
(SUBPARTA)
Applicability [68.1]
Q "
a '•*•
Does the owner or operator of the stationary source have
more than a threshold quantity of a regulated substance in a
process? [68.10(a)]
Has the process had, in the five years prior to submission of
the RMP, an accidental release of a regulated substance
where exposure to the substance, its reaction products,
overpressure generated by an explosion involving the
substance, or radiant heat generated by a fire involving the
substance led to any of the following off-site:
(i) Death; (ii) Injury; or (iii) Response or restoration
activities for an exposure of an environmental receptor?
a
a
a
a
Is the distance to a toxic or flammable endpoint for a
worst-case release assessment less than the distance to any
public receptor? [68.10(b)(2)]
Has the owner or operator coordinated emergency response
procedures between the stationary source and local
emergency planning and response organizations?
[68.10(b)(3)]
Is the covered process subject to OSHA PSM standard, 29
CFR1910.119?[68.10(d)(2)]
Is the covered process in one of the NAICS codes listed in
40 CFR §68.10(d)(l)? [6
1.4.
1.5.
1.6.
Auditor may need to re-answer 1.5 and 1.6 for multiple processes in
comments section.
NOTES
C-l
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
General Requirements [68.12]
a
1.7. Has the owner or operator submitted a single RMP, which
included a registration that reflects all covered processes, as
provided in 68.150 to 68.185? [68.12(a)]
1.8. For Program 1 processes audited, has the owner or operator:
[68.12(b)l
al .8.1. Analyzed the worst-case release scenario for the process(es), as
1.8.2. Documented that the nearest public receptors is beyond the
distance to an endpoint defined in 68.22(a); and [68.12(b)(l)J
provided in 68.25; [68.1200(1)]
a "'
I | 1.8.3. Included the scenario(s) in the RMP as provided in 68.165?
Q
Q
a
1.8.4. Completed the five-year accident history for the process as
provided in 68.42 [68.1200(2)]; and
1.8.5. Included the history in the RMP as provided in 68.168?
[68.12(b)(2)l
1.8.6. Ensured that response actions have been coordinated with local
emergency planning and response agencies? [68.1200(3)]
al .8.7. Included the appropriate certification statement for Program 1
processes? [68.1200(4)]
1.9. For Program 2 processes, has the owner or operator: [68.12(c)]
al .9.1. Developed and implemented a management system as
provided in 68.15? [68.12(c)(l)]
a "'
1.9.2. Conducted a hazard assessment as provided in 68.20 through
68.42? [68.12(c)(2)]
al .9.3. Implemented the Program 2 prevention steps provided in 68.48
through 68.60 or implemented the Program 3 prevention steps
provided in 68.65 through 68.87? [68.12(c)(3)]
al .9.4. Developed and implemented an emergency response program
as provided in 68.90 to 68.95? [68.12(c)(4)]
a "
1.9.5. Submitted, as part of the RMP, the data on prevention program
elements for Program 2 processes as provided in 68.170?
[68.12(c)(5)]
C-2
-------�
1.10.1. Developed and implemented a management system as
provided in 68.15? [68.12(d)(l)]
1.10.2. Conducted a hazard assessment as provided in 68.20 through
68.42? [68.12(d)(2)]
al. 10.3. Implemented the prevention requirements provided in 68.65
through 68.87? [68.12(d)(3)J
a ""
a
1.10.4. Developed and implemented an emergency response program
as provided in 68.90 to 68.95? [68.12(d)(4)J
1.10.5. Submitted, as part of the RMP, the data on prevention program
elements for Program 3 processes as provided in 68.175?
[68.12(d)(5)]
Management [68.15]
Has the owner or operator:
Q
[68.15(a)]
a "'
1.11. Developed a management system to oversee the
implementation of the risk management program elements?
1.12. Assigned a qualified person or position that has the overall
responsibility for the development, implementation, and
integration of the risk management program elements?
[68.15(b)J
1.13. Documented other persons responsible for implementing
individual requirements of the risk management program and
defined the lines of authority through an organization chart or
similar document? [68.15(c)J
General Findings / Conclusions:
COMPLIANCE OBJECTIVES NOTES
1.10. For Program 3 processes, has the owner or operator: [68.12(d)]
Q
C-3
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
Documentation obtained to support Findings / Conclusions:
2. RMP SUBMISSION (SUBPART G) 68.150-68.190
a
a
2.1. Did the owner or operator submit an RMP on or before June
21, 1999? Postmark date of initial submission: [68.10,
a
68.10(a)(l),68.150(a)&(b)]
If submission was after June 21, 1999, was submittal required because:
[68.10&68.150(b)]
2.1.1. Initial listing of a regulated substance under 68.130 after June
21, 1999 [68.10(a)(2)&68.150(b)(2)]
a 2.1.2. A regulated substance was first present at the stationary source
above the threshold quantity in a process [68.10(a)(3) &
68.150(b)(2)]
2.2. Has the owner or operator revised and updated the RMP within
5 years of initial submission? Date of the last revision and
a
update [68.190(a)]:
2.3. If required, has the owner or operator submitted a revised RMP
for any of the following: [68.190(b)]
2.3.1. Within 3 years after EPA first listed a newly regulated
substance? [68.190(b)(2)]
2.3.2. No later than the date on which a new regulated substance is
first present in an already covered process above a threshold
quantity? [68.190(b)(3)]
a 2.3.3. No later than the date on which a regulated substance is first
present above a threshold quantity in a new process?
[68.190(b)(4)]
a 2.3.4. Within six months of a change that requires a revised PHA or
hazard review? [68.190(b)(5)]
C-4
-------�
2.3.5. Within six months of a change that requires a revised off-site
consequence analysis as provided in 68.36? [68.190(b)(6)]
Q
Q
a
I | 2.4.1. If so, were the provisions of 68.151 and 68.152 followed ?
2.3.6. Within six months of a change that alters the Program level
that applied to any covered process? [68.190(b)(7)]
2.4. Has the owner or operator included information submitted as
CBImtheRMP?[68.150(d)]
RMP: Executive Summary
2.5. Has the owner or operator included a brief description of the
following elements in the executive summary of the RMP:
[68.155]
a 2.5.1. The accidental release prevention and emergency response
policies at the stationary source? [68.155(a)]
a '"
a
limit the distances for each reported scenario? [68.155(c)]
Q ""
2.5.6. The five-year accident history? [68.155(e)J
2.5.2. The stationary source and regulated substances handled?
[68.155(b)J
2.5.4. The worst-case release and alternative release scenario(s),
including administrative controls and mitigation measures to
2.5.5. The general accidental release prevention program and
chemical-specific prevention steps? [68.155(d)J
a
I | 2.5.7. The emergency response program? [68.155(f)]
I—| 2.5.8. Planned changes to improve safety? [68.155(g)]
COMPLIANCE OBJECTIVES NOTES
C-5
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
RMP: Registration
a
a
2.6. Has the owner or operator included a single registration form
in the RMP which covers all regulated substances handled in
covered processes? [68.160(a)]
2.7. Does the registration include the following data: [68.160(b)]
2.7.1. Stationary source name, full address, Dun and Bradstreet
number; longitude and latitude with method and description?
Q
[68.160(b)(l)&(2)]
a 2.7.2. Corporate parent company name and Dun and Bradstreet
number? [68.160(b)(3)]
Q """
Q
[68.160(b)(5)]
a 2.7.5. The name, title, telephone number, and 24-hour number of the
emergency contact? [68.160(b)(6)]
Q ""
2.7.3. The name, telephone number, and mailing address of the
owner or operator? [68.160(b)(4)]
2.7.4. The name and title of the person or position with overall
responsibility for RMP elements and implementation?
2.7.6. For each covered process, the name and CAS number of each
regulated substance held above the threshold quantity in the
process, the maximum quantity of each regulated substance or
mixture in the process, the NAICS code, and the Program level
of the process? [68.160(b)(7)]
2.7.7. The stationary source EPA identifier? [68.160(b)(8)]
a 2.7.8. The number of full-time employees at the stationary source?
[68.160(b)(9)]
Q """
[68.160(b)(10)]
a ""
Planning and Community Right-to-Know Act? [68.160(b)(l 1)]
Q """
2.7.9. Whether the stationary source is subject of 29 CFR §1910.119,
OSHA's Process Safety Management Standard?
2.7.10. Whether the stationary source is subject to 40 CFR Part 355,
the Emergency Planning Requirements of the Emergency
2.7.11. If the stationary source has a CAA Title V operating permit, its
permit number? [68.160(b)(12)]
C-6
-------�
2.8.3. For Program 2 and 3 processes, were additional worst-case
scenarios also submitted, if required by 68.25(a)(2)(iii)?
Q
[68.165(a)(2)]
a 2.8.4. For Program 2 and 3 processes, was information submitted on
one alternative scenario for each regulated toxic substance held
above the threshold quantity and one alternative scenario to
represent all regulated flammable substances held above the
threshold? [68.165(a)(2)]
2.9 Does the RMP include the following information for each
submitted release scenario: [68.165(b)J
2.9.1. Scenario type (explosion, fire, toxic gas release, or liquid spill
and vaporization)? [68.165(b)(5)]
a
2.9.2. Chemical name of released substance? [68.165(b)(l)]
COMPLIANCE OBJECTIVES NOTES
a 2.7.12. The date of the last safety inspection of the stationary source
by a Federal, state, or local government agency and the identity
of the inspecting entity? [68.160(b)(13)]
RMP: Off-site Consequence Analysis
2.8. Does the RMP include the following: [68.165(a)]
2.8.1. One worst-case release scenario for each Program 1 process?
[68.165(a)(l)]
a 2.8.2. For Program 2 and 3 processes, one worst-case release scenario
to represent all regulated toxic substances held above the
threshold quantity and one worst-case release scenario to
represent all regulated flammable substances held above the
threshold quantity? [68.165(a)(2)]
a
a
2.9.4. Physical state of substance (toxics only)? [68.165(b)(3)]
a
C-7
2.9.3. Percentage weight of the chemical in a liquid mixture (toxics
only)? [68.165(b)(2)J
Q
2.9.5. Basis of results (model name if used)? [68.165(b)(4)]
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
Quantity released in pounds? [68.165(b)(6)]
Q ""
a
2.9.7. Release rate? [68.165(b)(7)]
2.9.9. Wind speed and atmospheric stability class (toxics only)?
[68.165(b)(9)]
I—| 2.9.8. Release duration? [68.165(b)(8)]
a
I—| 2.9.10. Topography (toxics only)? [68.165(b)(10)]
I—| 2.9.11. Distance to endpoint? [68.165(b)(ll)]
a 2.9.12. Public and environmental receptors within the distance?
[68.165(b)(12)]
2.9.13. Passive mitigation considered? [68.16500(13)]
I | 2.9.14. Active mitigation considered (alternative releases scenarios
a
2.9.14.
only)? [68.1650004)]
RMP: Five-year accident history
a 2.10. Has the owner or operator provided the five-year accident
history information in 68.42 on each accident covered by
68.42? [68.168]
2.11. Does the RMP include the following information for each
reported accidental release: [68.4200]
2.11.1. Date, time, and approximate duration of the release?
a
a
a
I—| 2.11.4. NAIES code for the process? [68.4200(4)]
C-8
[68.42(b)(l)]
2.11.2. Chemical(s) released? [68.4200(2)]
2.11.3. Estimated quantity released in pounds and percentage weight
in a mixture (toxics)? [68.4200(3)]
-------�
2.11.5. The type of release event and its source? [68.42(b)(5)]
Q
Q
2.11.6. Weather conditions (if known)? [68.42(b)(6)J
I—| 2.11.7. On-site impacts? [68.42(b)(7)]
I—| 2.11.8. Known offsite impacts? [68.42(b)(8)]
Q
2.11.9. Initiating event and contributing factors (if known)?
[68.42(b)(9)J
a 2.11.10. Whether offsite responders were notified (if known)?
[68.42(b)(10)J
a '""
2.11.11. Operational or process changes that resulted from investigation
of the release? [68.42(b)(ll)J
RMP: Prevention program / Program 2 [68.17]
2.12. Has the owner or operator included the following information
for each covered process in Program 2? [68.170(a)]
2.12.1. The NAICS code for the process? [68.170(b)]
Q
a
2.12.2. The name(s) of the chemical(s) covered? [68.170(c)]
a 2.12.3. The date of the most recent review or revision of the safety
information and a list of Federal or state regulations or
industry-specific design codes and standards used to
demonstrate compliance with the safely information
requirement. [68.170(d)J
a 2.12 A. The date of completion of the most recent hazard review or
update? [68.170(e)]
a 2.12.4.1. The expected date of completion of any changes resulting from
the hazard review or update? [68.170(e)(l)]
COMPLIANCE OBJECTIVES NOTES
C-9
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
2.12.4.2. Major hazards identified? [68.170(e)(2)]
Q
a
2.12.4.3. Process controls in use? [68.170(e)(3)]
I—| 2.12.4.4. Mitigation systems in use? [68.170(e)(4)]
I | 2.12.4.5. Monitoring and detection systems in use? [68.170(e)(5)]
I—| 2.12.4.6. Changes since the last hazard review? [68.170(e)(6)]
a 2.12.5. The date of the most recent review or revision of operating
procedures? [68.170(f)]
a 2.12.6. The date of the most recent review or revision of training
programs? [68.170(g)]
a "'"
I—| 2.12.6.2. The type of competency testing used? [68.170(g)(2)]
a
2.12.6.1 The type of training provided—classroom, classroom plus on
the job, on the job? [68.170(g)(l)]
2.12.7. The date of the most recent review or revision of maintenance
procedures and the date of the most recent equipment
Q
a
inspection or test and the equipment inspected or tested?
[68.170(h)J
The date of the most recent compliance audit and the expected
date of completion of any changes resulting from the
a
compliance audit? [68.170(i)]
2.12.9. The date of the most recent incident investigation and the
expected date of completion of any changes resulting from the
investigation? [68.170(j)]
2.12.10. The date of the most recent change that triggered a review or
revision of safety information, hazard review, operating or
maintenance procedures, or training? [68.170(k)J
RMP: Prevention program / Program 3 [68.175]
2.13. Has the owner or operator included in the RMP information
addressing 68.175(b) to 68.175(p)? [68.175(a)J
C-10
-------�
COMPLIANCE OBJECTIVES
NOTES
Q
Q
2.13.1. The NAICS code for the process? [68.175(b)J
The name(s) of the substance(s) covered? [68.175(c)J
The date on which the safety information was last reviewed or
revised? [68.175(d)J
a 2j3A
I — | 2.13.4.1.
I — | 2.13.4.2.
I — | 2.13.4.3.
I — | 2.13.4.4.
I — | 2.13.4.5.
I — | 2.13.4.6.
a ii3-5-
I — | 2.13.6.
2.13.6.1.
I — |
I — |
a
The date of completion of the most recent process hazard
analysis (PHA) or update and the technique used? [68. 175(e)]
The expected date of completion of any changes resulting from
thePHA?[68.175(e)(l)]
Major hazards identified? [68.175(e)(2)]
Process controls in use? [68.175(e)(3)]
Mitigation systems in use? [68.175(e)(4)]
Monitoring and detection systems in use? [68.175(e)(5)]
Changes since the last PHA? [68.175(e)(6)]
The date of the most recent review or revision of operating
procedures? [68.175(f)]
The date of the most recent review or revision of training
programs? [68.175(g)]
The type of training provided—classroom, classroom plus on
the job, on the job? [68.175(g)(l)]
2.13.6.2. The type of competency testing used? [68.175(g)(2)J
The date of the most recent review of revision of maintenance
procedures and the date of the most recent equipment
inspection or test and the equipment inspected of tested?
[68.175(h)J
C-ll
-------�
Guidance for Auditing Risk Management Plans & Programs
NOTES
COMPLIANCE
1 — | 2.13.8.
a ii3-9-
1 — | 2.13.10.
1 — | 2.13.11.
1 — | 2.13.12.
1 — | 2.13.13.
1 — | 2.13.14.
1 — | 2.13.15.
OBJECTIVES
The date of the most recent change that triggered management
of change procedures and the date of the most recent review or
revision of management of change procedures? [68.175(i)J
The date of the most recent pre-startup review? [68.175Q]
The date of the most recent compliance audit and the expected
date of completion of any changes resulting from the
compliance audit? [68.175(k)]
The date of the most recent incident investigation and the
expected date of completion of any changes resulting from the
investigation? [68.175(1)]
The date of the most recent review or revision of employee
participation plans? [68. 175(m)]
The date of the most recent review or revision of hot work
permit procedures? [68.175(n)]
The date of the most recent review or revision of contractor
safety procedures? [68.175(o)]
The date of the most recent evaluation of contractor safety
performance? [68.175(p)]
RMP: Emergency Response Program [68.18]
2.14. Has the owner or operator included the following information
in the RMP on the emergency response program: [68.18]
2.14.1. Does a written emergency response plan exist? [68.180(a)(l)]
a 2. 14.2. Does the plan include specific actions to be taken in response
to an accidental releases of a regulated substance?
[68.180(a)(2)]
a 2. 1 4. 3 . Does the plan include procedures for informing the public and
local agencies responsible for responding to accidental
releases? [68. 180(a)(3)]
a 2. 14.4. Does the plan include information on emergency health care?
[68.180(a)(4)]
a
2. 14. 5. Date of the most recent review of update of emergency
response plan? [68. 1 80(a)(5)]
C-12
-------�
Q
Q
2.14.6. Date of the most recent emergency response training for
employees? [68.180(a)(6)]
2.15. Has the owner or operator provided the name and telephone
number of the local agency with which emergency response
activities and the emergency response plan is coordinated?
[68.180(b)]
I | 2.16. Has the owner or operator listed other Federal or state
emergency plan requirements to which the stationary source is
subject? [68.180(c)]
RMP: Certification [68.185]
2.17. Has the owner or operator: [68.185]
a 2.18. For Program 1 processes, submitted the certification statement
m68.12(b)(4)?[68.185(a)]
a ""
2.19. For Program 2 or 3 processes, submitted the appropriate
certification statement that to the best of the signer's
knowledge, information, and belief formed after reasonable
inquiry, the information submitted is true, accurate, and
complete? [68.185(b)J
General Findings / Conclusions:
COMPLIANCE OBJECTIVES NOTES
Documentation obtained to support Findings / Conclusions:
C-13
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
3. HAZARD ASSESSMENT (SUBPART B) 68.20-68.42
Hazard Assessment: Applicability [68.2]
Q
3.1. Has the owner or operator prepared a worst-case release
scenario analysis as provided in 68.25 and completed the five-
year accident history as provided in 68.42? [68.2]
Hazard Assessment: Offsite consequence analysis parameters [68.22]
Has the owner or operator:
a
a
3.2. Used the following endpoints for offsite consequence analysis
for a worst-case scenario: [68.22(a)J
3.2.1. For toxics: the endpoints provided in Appendix A of 40 CFR
Part68?[68.22(a)(l)]
3.2.2. For flammables: an explosion resulting in an overpressure of 1
psi? [68.22(a)(2)(i)]
3.3. Used the following endpoints for offsite consequence analysis
for an alternative release scenario: [68.22(a)J
a 3.3.1. For toxics: the endpoints provided in Appendix A of 40 CFR
Part68?[68.22(a)(l)]
Q ""
Q
a
generally recognized sources? [68.22(a)(2)(iii)J
Q "
Q
a
3.3.2. For flammables: an explosion resulting in an overpressure of 1
psi? [68.22(a)(2)(i)]
3.3.3. For flammables: a fire resulting in a radiant heat/exposure of 5
kw/m2 for 40 seconds? [68.22(a)(2)(n)]
3.3.4. For flammables: a concentration resulting in a lower
flammability limit, as provided in NFPA documents or other
3.4. Used appropriate wind speeds and stability classes for the
release analysis? [68.22(b)]
3.5. Used appropriate ambient temperature and humidity values for
the release analysis? [68.22(c)J
3.6. Used appropriate values for the height of the release for the
release analysis? [68.22(d)J
a 3.7. Used appropriate surface roughness values for the release
analysis? [68.22(e)J
C-14
-------�
COMPLIANCE OBJECTIVES NOTES
Q
a
3.8. Do tables and models, used for dispersion analysis of toxic
substances, appropriately account for dense or neutrally
buoyant gases? [68.22(f)]
3.9. Were liquids, other than gases liquefied by refrigeration only,
considered to be released at the highest daily maximum
temperature, based on data for the previous three years
appropriate for a stationary source, or at process temperature,
whichever is higher? [68.22(g)J
Hazard Assessment: Worst-case release scenario analysis [68.25]
Has the owner or operator of Program 1 processes:
3.10. Analyzed and reported in the RMP one worst-case scenario for
each Program 1 process? [68.25(a)(l)J
Has the owner or operator of Program 2 or 3 processes:
3.11. Analyzed and reported in the RMP one worst-case release
scenario estimated to create the greatest distance to an endpoint
resulting from an accidental release of a regulated toxic
substance from covered processes under worst-case
conditions? [68.25(a)(2)(i)]
3.12. Analyzed and reported in the RMP one worst-case release
scenario estimated to create the greatest distance to an endpoint
resulting from an accidental release of a regulated flammable
substance from covered processes under worst-case
conditions? [68.25(a)(2)(ii)]
3.13. Analyzed and reported in the RMP additional worst-case
release scenarios for a hazard class if the a worst-case release
from another covered process at the stationary source
potentially affects public receptors different from those
potentially affected by the worst-case release scenario
developed under 68.25(a)(2)(i) or 68.25(a)(2)(ii)?
[68.25(a)(2)(m)]
Has the owner or operator:
3.14. Determined the worst-case release quantity to be the greater of
the following: [68.25(b)J
C-15
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
a 3 . 1 4. 1 . If released from a vessel, the greatest amount held in a single
vessel, taking into account administrative controls that limit the
maximum quantity ? [68.25(b)(l)J
a
3. 14.2. If released from a pipe, the greatest amount held in the pipe,
taking into account administrative controls that limit the
maximum quantity? [68.25(b)(2)]
Has the owner or operator:
For toxic substances that are normally gases at ambient temperature and
handled as a gas or liquid under pressure:
a 3 . 1 5 . Assumed the whole quantity in the vessel or pipe would be
Q
a
released as a gas over 10 minutes? [68.25(c)(l)J
3.16. Assumed the release rate to be the total quantity divided by 10,
if there are no passive mitigation systems in place?
[68.25(c)(l)]
Has the owner or operator:
For toxic gases handled as refrigerated liquids at ambient pressure:
3.17. Assumed the substance would be released as a gas in 10
minutes, if not contained by passive mitigation systems or if
the contained pool would have a depth of 1 cm or less?
[68.25(c)(2)(i)]
3.18. [ Optional for owner / operator ] Assumed the quantity in the
vessel or pipe would be spilled instantaneously to form a liquid
pool, if the released substance would be contained by passive
mitigation systems in a pool with a depth greater than 1 cm?
[68.25(c)(2)(n)]
3.19. Calculated the volatilization rate at the boiling point of the
substance and at the conditions specified in 68.25(d)?
a
[68.25(c)(2)(n)]
Has the owner or operator:
For toxic substances that are normally liquids at ambient temperature:
3.20. Assumed the quantity in the vessel or pipe would be spilled
instantaneously to form a liquid pool? [68.25(d)(l)J
3.21. Determined the surface area of the pool by assuming that the
liquid spreads to 1 cm deep, if there is no passive mitigation
system in place that would serve to contain the spill and limit
the surface area, or if passive mitigation is in place, the surface
area of the contained liquid shall be used to calculate the
volatilization rate? [68.25(d)(l)(i)]
C-16
-------�
COMPLIANCE OBJECTIVES
NOTES
Q
a
a
a
Taken into account the actual surface characteristics, if the
release would occur onto a surface that is not paved or smooth?
a
a
3.23. Determined the volatilization rate by accounting for the highest
daily maximum temperature in the past three years, the
temperature of the substance in the vessel, and the
concentration of the substance if the liquid spilled is a mixture
or solution? [68.25(d)(2)J
3.24. Determined the rate of release to air from the volatilization rate
of the liquid pool? [68.25(d)(3)J
3.25. Determined the rate of release to air by using the methodology
in the RMP Offsite Consequence Analysis Guidance, any other
publicly available techniques that account for the modeling
conditions and are recognized by industry as applicable as part
of current practices, or proprietary models that account for the
modeling conditions may be used provided the owner or
operator allows the implementing agency access to the model
and describes model features and differences from publicly
available models to local emergency planners upon request.
[68.25(d)(3)J
Has the owner or operator:
For flammables:
3.26.1. Assumed the quantity in a vessel(s) of flammable gas held as a
gas or liquid under pressure or refrigerated gas released to an
undiked area vaporizes resulting in a vapor cloud explosion?
[68.25(e)J
3.26.2. For refrigerated gas released to a contained area or liquids
released below their atmospheric boiling point, assumed the
quantity volatilized in 10 minutes results in a vapor cloud.
[68.25(f)J
3.27. Assumed a yield factor of 10% of the available energy is
released in the explosion for determining the distance to the
explosion endpoint, if the model used is based on
TNT-equivalent methods? [68.25(e)]
Has the owner or operator:
3.28. Used the parameters defined in 68.22 to determine distance to
the endpoints? [68.25(g)]
C-17
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
a 3.29. Determined the rate of release to air by using the methodology
in the RMP Offsite Consequence Analysis Guidance, any other
publicly available techniques that account for the modeling
conditions and are recognized by industry as applicable as part
of current practices, or proprietary models that account for the
modeling conditions may be used provided the owner or
operator allows the implementing agency access to the model
and describes model features and differences from publicly
available models to local emergency planners upon request.
[68.25(g)]
3.29.1 What modeling technique did the owner or operator use?
LI [68.25(g)]
a ""
scenario and will still function as intended? [68.25(h)J
Q ""
Q
3.30. Ensured that the passive mitigation system, if considered, is
capable of withstanding the release event triggering the
3.31. Considered also the following factors in selecting the
worst-case release scenarios: [68.25(i)J
3.31.1. Smaller quantities handled at higher process temperature or
pressure? [68.25(i)(l)]
a 3.31.2. Proximity to the boundary of the stationary source?
[68.25(i)(2)]
Hazard Assessment: Alternative release scenario analysis [68.28]
Has the owner or operator:
Q
3.32. Identified and analyzed at least one alternative release scenario
for each regulated toxic substance held in a covered
process(es) and at least one alternative release scenario to
represent all flammable substances held in covered processes?
[68.28(a)J
3.33. Selected a scenario: [68.28(b)J
a
3.33.1. That is more likely to occur than the worst-case release
scenario under 68.25? [68.28(b)(l)(i)]
3.33.2. That will reach an endpoint off-site, unless no such scenario
exists? [68.28(b)(l)(n)]
3.34. Considered release scenarios which included, but are not
limited to, the following: [68.28(b)(2)J
C-18
-------�
3.34.3. Process vessel or pump releases due to cracks, seal failure, or
dram, bleed, or plug failure? [68.28(b)(2)(m)]
a 3.34.4. Vessel overfilling and spill, or overpressurization and venting
through relief valves or rupture disks? [68.28(b)(2)(iv)]
Q ""
Q
a
3.34.5. Shipping container mishandling and breakage or puncturing
leading to a spill? [68.28(b)(2)(v)]
3.35. Used the parameters defined in 68.22 to determine distance to
the endpomts? [68.28(c)J
3.36. Determined the rate of release to air by using the methodology
in the RMP Offsite Consequence Analysis Guidance, any other
publicly available techniques that account for the modeling
conditions and are recognized by industry as applicable as part
of current practices, or proprietary models that account for the
modeling conditions may be used provided the owner or
operator allows the implementing agency access to the model
and describes model features and differences from publicly
available models to local emergency planners upon request.
[68.28(c)J
3.37. Ensured that the passive and active mitigation systems, if
considered, are capable of withstanding the release event
Q
triggering the scenario and will be functional? [68.28(d)J
3.38. Considered the following factors in selecting the alternative
release scenarios: [68.25(e)J
3.38.1. The five-year accident history provided in 68.42? [68.25(e)(l)]
a 3.38.2. Failure scenarios identified under 68.50 or 68.67?
[68.25(e)(2)]
COMPLIANCE OBJECTIVES NOTES
3.34.1. Transfer hose releases due to splits or sudden hose uncoupling?
[68.28(b)(2)(i)]
a 3.34.2. Process piping releases from failures at flanges Joints, welds,
valves and valve seals, and drains or bleeds? [68.28(b)(2)(ii)J
a ""
C-19
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
Hazard Assessment: Defining off-site impacts ~ population [68.3]
Has the owner or operator:
Q
release at the center? [68.30(a)]
a ""
RMP? [68.30(b)J
a ""
I | 3.42. Estimated the population to two significant digits? [68.30(d)J
3.39. Estimated population that would be included in the distance to
the endpoint in the RMP based on a circle with the point of
3.40. Identified the presence of institutions, parks and recreational
areas, major commercial, office, and industrial buildings in the
3.41. Used most recent Census data, or other updated information to
estimate the population? [68.30(c)J
Hazard Assessment: Defining off-site impacts ~ environment [68.33]
Has the owner or operator:
a 3.43. Identified environmental receptors that would be included in
the distance to the endpoint based on a circle with the point of
release at the center? [68.33(a)]
a 3.44. Relied on information provided on local U.S.G. S. maps, or on
any data source containing U.S.G.S. data to identify
environmental receptors? [ Source may have used Land View to
obtain information ] [68.33(b)J
Hazard Assessment: Review and update [68.36]
Has the owner or operator:
Q
Q
3.45. Reviewed and updated the off-site consequence analyses at
least once every five years? [68.36(a)J
3.46. Completed a revised analysis and submit a revised RMP within
six months of a change in processes, quantities stored or
handled, or any other aspect that might reasonably be expected
on increase or decrease the distance to the endpoint by a factor
of two or more? [68.36(b)J
C-20
-------�
Has the owner or operator maintained records of the following:
a 3.47. For worst-case scenarios: a description of the vessel or pipeline
and substance selected, assumptions and parameters used, the
rationale for selection, and anticipated effect of the
administrative controls and passive mitigation on the release
quantity and rate? [68.39(a)]
a 3.48. For alternative release scenarios: a description of the scenarios
identified, assumptions and parameters used, the rationale for
the selection of specific scenarios, and anticipated effect of the
administrative controls and mitigation on the release quantity
and rate? [68.39(b)J
a 3.49. Documentation of estimated quantity released, release rate, and
duration of release? [68.39(c)J
a ""
3.50. Methodology used to determine distance to endpoints?
[68.39(d)J
a 3.51. Data used to estimate population and environmental receptors
potentially affected? [68.39(e)J
Hazard Assessment: Five-year accident history [68.42]
a 3.52. Has the owner or operator included all accidental releases from
covered processes that resulted in deaths, injuries, or
significant property damage on site, or known offsite deaths,
injuries, evacuations, sheltering in place, properly damage, or
environmental damage? [68.42(a)J
3.53. Has the owner or operator reported the following information
for each accidental release: [68.42(b)J
3.53.1. Date, time, and approximate duration of the release?
COMPLIANCE OBJECTIVES NOTES
Hazard Assessment: Documentation [68.39]
a
a
a
C-21
[68.42(b)(l)J
3.53.2. Chemical(s) released? [68.42(b)(2)J
3.53.3. Estimated quantity released in pounds and percentage weight
in a mixture (toxics)? [68.42(b)(3)]
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
3.53.4. NAICS code for the process? [68.42(b)(4)J
a
a
3.53.5. The type of release event and its source? [68.42(b)(5)J
I—| 3.53.6. Weather conditions (if known)? [68.42(b)(6)]
I—| 3.53.7. On-site impacts? [68.42(b)(7)]
I—| 3.53.8. Known offsite impacts? [68.42(b)(8)]
Q
3.53.9. Initiating event and contributing factors (if known)?
[68.42(b)(9)J
3.53.10. Whether offsite responders were notified (if known)?
[68.42(b)(10)J
3.53.11. Operational or process changes that resulted from investigation
of the release? [68.42(b)(ll)J
a
General Findings / Conclusions:
Documentation obtained to support Findings / Conclusions:
C-22
-------�
4.1.3. Safe upper and lower temperatures, pressures, flows, and
compositions? [68.48(a)(3)]
Q
a
4.1.5. Codes and standards used to design, build, and operate the
process? [68.48(a)(5)J
a 4.2. Ensured the process is designed in compliance with recognized
and generally accepted good engineering practices? [68.48(b)J
Q "
4.3. Updated information if a major change has occurred that made
the information inaccurate? [68.48(c)J
Program 2 Prevention - Hazard review [68.5]
Q
4.4. Has the owner or operator conducted a review of the hazards
associated with the regulated substances, processes, and
procedures? [68.50(a)]
4.5. Did the review identify:
COMPLIANCE OBJECTIVES NOTES
4. PROGRAM 2 PREVENTION PROGRAM
(SUBPART C) [68.48 - 68.60]
Program 2 Prevention - Safety information [68.48]
Has the owner or operator:
4.1. Compiled and maintained the following up-to-date safety
information, related to the regulated substances, processes, and
equipment: [68.48(a)J
a 4.1.1. Material Safety Data Sheets (MSDS) that meet the
requirements of the OSHA Hazard Communication Standard
[29 CFR 1910.1200(g)]? [68.48(a)(l)]
a 4.1.2. Maximum intended inventory of equipment in which the
regulated substances are stored or processed? [68.48(a)(2)J
Q ""
4.1.4. Equipment specifications? [68.48(a)(4)J
C-23
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
a 4.5.1. The hazards associated with the process and regulated
substances? [68.50(a)(l)]
Q -2-
Q 4-5J-
Opportunities for equipment malfunctions or human errors that
could cause an accidental release? [68.50(a)(2)J
The safeguards used or needed to control the hazards or
prevent equipment malfunctions or human error? [68.50(a)(3)]
a 4.5.4. Any steps used or needed to detect or monitor releases?
[68.50(a)(4)]
Has the owner or operator:
Q
4.6. Determined by inspecting all equipment that the processes are
designed, fabricated, and operated in accordance with
a
a
applicable standards or rules, if designed to meet industry
standards or Federal or state design rules? [68.50(b)J
4.7. Documented the results of the review? [68.50(c)J
4.8. Ensured that problems identified were resolved in a timely
manner? [68.50(c)]
a 4.9. Updated the review at least once every five years or whenever
a major change in the processes occurred? [68.50(d)J
a ""
4.10. Resolved all issues identified in the review before startup of
the changed process? [68.50(d)J
Program 2 Prevention - Operating procedures [68.52]
a 4.11. Has the owner or operator prepared written operating
procedures that provide clear instructions or steps for safely
conducting activities associated with each covered process
consistent with the safety information for that process?
Operating procedures or instructions provided by equipment
manufacturers or developed by persons or organizations
knowledgeable about the process and equipment may be used
as a basis for a stationary source's operating procedures.
[68.52(a)J
4.12. Do the procedures address the following: [68.52(b)J
4.12.1. Initial startup? [68.52(b)(l)]
C-24
-------�
4.12.2. Normal operations? [68.52(b)(2)]
Q
Q
4.12.3. Temporary operations? [68.52(b)(3)]
4.12.4. Emergency shutdown and operations? [68.52(b)(4)J
a
a
4.12.5. Normal shutdown? [68.52(b)(5)]
4.12.6. Startup following a normal or emergency shutdown or a major
change that requires a hazard review? [68.52(b)(6)J
Q
Q
I—| 4.12.8. Equipment inspections? [68.52(b)(8)]
4.12.7. Consequences of deviations and steps required to correct or
avoid deviations? [68.52(b)(7)]
a 4.13. Has the owner or operator ensured that the operating
procedures have been updated, if necessary, whenever a major
change occurred and prior to startup of the changed process?
[68.52(c)
COMPLIANCE OBJECTIVES NOTES
C-25
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
Program 2 Prevention - Training [68.54]
Has the owner or operator:
4.14. Certified that each employee presently operating a process, and
each employee newly assigned to a covered process have been
trained or tested competent in the operating procedures
provided in § 68.52 that pertain to their duties? For those
employees already operating a process on June 21, 1999, the
owner or operator may certify in writing that the employee has
the required knowledge, skills, and abilities to safely carry out
the duties and responsibilities as provided in the operating
procedures. [68.54(a)J
4.15. Provided refresher training at least every three years, or more
often if necessary, to each employee operating a process, to
ensure that the employee understands and adheres to the
current operating procedures of the process? [68.54(b)J
4.16. Determined, in consultation with the employees operating the
process, the appropriate frequency of refresher training?
[68.54(b)]
4.17. Certified that each employee was trained in any updated or
new procedures prior to startup of a process after a major
change? [68.54(d)J
a
a
Program 2 Prevention - Maintenance [68.56]
Q
a
Has the owner or operator:
4.18. Prepared and implemented procedures to maintain the
on-going mechanical integrity of the process equipment?
[68.56(a)J
4.19. Trained or caused to be trained each employee, involved in
maintaining the on-going mechanical integrity of the process,
in the hazards of the process, in how to avoid or correct unsafe
conditions, and in the procedures applicable to the employee's
job tasks? [68.56(b)J
4.20. Has every maintenance contractor ensured that each contract
maintenance employee is trained to perform the maintenance
procedures developed? [68.56(c)J
C-26
-------�
4.22. Has the owner or operator certified that compliance audits are
conducted at least every three years to verify that the
procedures and practices are adequate and are being followed?
[68.58(a)J
I | 4.23. Has compliance audit been conducted by at least one person
knowledgeable in the process? [68.58(b)J
Q '"
Q
4.24. Has the owner operator developed a report of the audits
findings? [68.58(c)]
4.25. Has the owner or operator promptly determined and
documented an appropriate response to each of the findings of
the audit and documented that deficiencies had been corrected?
[68.58(d)J
a 4.26. Has the owner or operator retained the two most recent
compliance audit reports, unless more than five years old?
[68.58(e)J
Program 2 Prevention - Incident investigation [68.6]
Q
4.27. Has the owner or operator investigated each incident which
resulted in, or could reasonably have resulted in a catastrophic
release? [68.60(a)]
a ""
4.28. Were all incident investigations initiated not later than 48 hours
following the incident? [68.60(b)]
4.29. Was a summary prepared at the conclusion of every
investigation, which included: [68.60(c)J
4.29.1. Date of incident? [68.60(c)(l)]
COMPLIANCE OBJECTIVES NOTES
4.21. Has the owner or operator performed or caused to be
performed inspections and tests on process equipment that
follow recognized and generally accepted engineering
practices? [68.56(d)]
Program 2 Prevention - Compliance audits [68.58]
Q
C-27
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
I—| 4.29.2. Date investigation began? [68.60(c)(2)]
I—| 4.29.3. A description of incident? [68.60(c)(3)]
I—| 4.29.4. The factors that contributed to the incident? [68.60(c)(4)]
a 4.29.5. Any recommendations resulting from the investigation?
[68.60(c)(5)]
a 4.30. Has the owner or operator promptly addressed and resolved the
investigation findings and recommendations, and are the
resolutions and corrective actions documented? [68.60(d)J
a 4.31. Has the owner or operator reviewed the finding with all
affected personnel whose job tasks are affected by the
findings? [68.60(e)]
a 4.32. Has the owner or operator retained investigation summaries for
five years? [68.60(f)]
General Findings / Conclusions:
Documentation obtained to support Findings / Conclusions:
C-28
-------�
5.1. Has the owner or operator compiled written process safety
information, which includes information pertaining to the
hazards of the regulated substances used or produced by the
process, information pertaining to the technology of the
process, and information pertaining to the equipment in the
process, before conducting any process hazard analysis
required by the rule? [68.65(a)J
Does the process safety information contain the following for
hazards of the substances: [68.65(b)J
5.2.1. Toxicity information? [68.65(b)(l)]
Q
Q
5.2.2. Permissible exposure limits? [68.65(b)(2)J
I—I 5.2.3. Physical data? [68.65(b)(3)J
I—| 5.2.4. Reactivity data? [68.65(b)(4)]
I—| 5.2.5. Corrosivity data? [68.65(b)(5)]
I—| 5.2.6. Thermal and chemical stability data? [68.65(b)(6)]
a 5.2.7. Hazardous effects of inadvertent mixing of materials that could
foreseeably occur? [68.65(b)(7)J
5.3. Does the process safety information contain the following for
technology of the process: [68.65(c)(l)J
5.3.1. A block flow diagram or simplified process flow diagram?
COMPLIANCE OBJECTIVES NOTES
5. PROGRAMS PREVENTION PROGRAM
(SUBPART D) [68.65 - 68.87]
Program 3 Prevention - Process safety information [68.65]
Q
C-29
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
I—| 5.3.2. Process chemistry? [68.65(c)(l)(ii)]
I—| 5.3.3. Maximum intended inventory? [68.65(c)(l)(iii)]
a 5.3.4. Safe upper and lower limits for such items as temperatures,
pressures, flows or compositions? [68.65(c)(l)(iv)]
a ""
5.3.5. An evaluation of the consequences of deviations?
[68.65(c)(l)(v)]
5.4. Does the process safety information contain the following for
the equipment in the process: [68.65(d)(l)J
I—| 5.4.1. Materials of construction? [68.65(d)(l)(i)]
I | 5.4.2. Piping and instrument diagrams? [68.65(d)(l)(ii)]
I—| 5.4.3. Electrical classification? [68.65(d)(l)(iii)]
I | 5.4.4. Relief system design and design basis? [68.65(d)(l)(iv)]
I—| 5.4.5. Ventilation system design? [68.65(d)(l)(v)]
I | 5.4.6. Design codes and standards employed? [68.65(d)(l)(vi)]
a
I—| 5.4.8. Safety systems? [68.65(d)(l)(viii)]
Q
engineering practices? [68.65(d)(2)J
a "
5.4.7. Material and energy balances for processes built after June 21,
1999? [68.65(d)(l)(vn)]
5.5. Has the owner or operator documented that equipment
complies with recognized and generally accepted good
5.6. Has the owner or operator determined and documented that
existing equipment, designed and constructed in accordance
with codes, standards, or practices that are no longer in general
use, is designed, maintained, inspected, tested, and operating in
a safe manner? [68.65(d)(3)J
C-30
-------�
COMPLIANCE OBJECTIVES NOTES
Program 3 Prevention - Process hazard analysis [68.67]
a 5.7. Has the owner or operator performed an initial process hazard
analysis (PHA), and has this analysis identified, evaluated, and
controlled the hazards involved in the process? [68.67(a)J
a 5.8. Has the owner or operator determined and documented the
priority order for conducting PHAs, and was it based on a
appropriate rationales? [68.67(a)J
a 5.9. Has the owner or operator used one or more of the following
technologies: [68.67(b)J
I—| 5.9.1. What-If? [68.67(b)(l)]
I—| 5.9.2. Checklist? [68.67(b)(2)J
I—| 5.9.3. What-If/Checklist? [68.67(b)(3)J
I—| 5.9.4. Hazard and Operability Study (HAZOP)? [68.67(b)(4)J
I—| 5.9.5. Failure Mode and Effects Analysis (FMEA)? [68.67(b)(5)]
I—| 5.9.6. Fault Tree Analysis? [68.67(b)(6)J
I | 5.9.7. An appropriate equivalent methodology? [68.67(b)(7)]
5.10. Did the PHA address: [68.67(c)]
5.10.1. The hazards of the process? [68.67(c)(l)]
Q
5.10.2. Identification of any incident which had a likely potential for
catastrophic consequences? [68.67(c)(2)J
C-31
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
a5.10.3. Engineering and administrative controls applicable to hazards
and interrelationships? [68.67(c)(3)]
Q ""
5.10.5. Stationary source siting? [68.67(c)(5)]
5.10.4. Consequences of failure of engineering and administrative
controls? [68.67(c)(4)J
Q
I—| 5.10.6. Human factors? [68.67(c)(6)J
a5.10.7. An evaluation of a range of the possible safety and health
effects of failure of controls? [68.67(c)(7)]
Q ""
appropriate personnel? [68.67(d)J
a ""
5.11. Was the PHA performed by a team with expertise in
engineering and process operations and did the team include
5.12. Has the owner or operator established a system to promptly
address the team's findings and recommendations; assured that
the recommendations are resolved in a timely manner and
documented; documented what actions are to be taken;
completed actions as soon as possible; developed a written
schedule of when these actions are to be completed; and
communicated the actions to operating, maintenance and other
employees whose work assignments are in the process and who
may be affected by the recommendations? [68.67(e)J
5.13. Has the PHA been updated and re validated by a team every
five years after the completion of the initial PHA to assure that
Q
the PHA is consistent with the current process? [68.67(f)]
5.14. Has the owner or operator retained PHAs and updates or
revalidations for each process covered, as well as the resolution
of recommendations for the life of the process? [68.67(g)J
Program 3 Prevention - Operating procedures [68.69]
aS. 15. Has the owner or operator developed and implemented written
operating procedures that provide instructions or steps for
conducting activities associated with each covered process
consistent with the safety information? [68.69(a)J
5.16. Do the procedures address the following: [68.69(a)J
C-32
-------�
COMPLIANCE OBJECTIVES
5.16.1. Steps for each operating phase: [68.69(a)(l)J
NOTES
Q
5.16.1.1. Initial startup? [68.69(a)(l)(i)]
a
a
a
a
5.16.1.2. Normal operations? [68.69(a)(l)(n)]
5.16.1.3. Temporary operations? [68.69(a)(l)(iii)]
5.16.1.4. Emergency shutdown including the conditions under which
emergency shutdown is required, and the assignment of
shutdown responsibility to qualified operators to ensure that
emergency shutdown is executed in a safe and timely manner?
[68.69(a)(l)(iv)]
5.16.1.5. Emergency operations? [68.69(a)(l)(v)]
I—|
I—|
5.16.1.6. Normal shutdown? [68.69(a)(l)(vi)]
5.16.1.7. Startup following a turnaround, or after emergency shutdown?
5.16.2. Operating limits: [68.69(a)(2)J
a
a
5.16.2.1. Consequences of deviations? [68.69(a)(2)(i)J
5.16.2.2. Steps required to correct or avoid deviation? [68.69(a)(2)(ii)J
5.16.3. Safety and health considerations: [68.69(a)(3)J
a
a
5.16.3.1. Properties of, and hazards presented by, the chemicals used in
the process? [68.69(a)(3)(i)]
5.16.3.2. Precautions necessary to prevent exposure, including
engineering controls, administrative controls, and personal
protective equipment? [68.69(a)(3)(ii)J
C-33
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
1 — | 5.16.3.3.
1 — | 5.16.3.4.
1 — | 5.16.3.5.
1 — | 5.16.4.
a 5j7-
a 5js-
a 5j9-
Control measures to be taken if physical contact or airborne
exposure occurs? [68.69(a)(3)(iii)J
Quality control for raw materials and control of hazardous
chemical inventory levels? [68.69(a)(3)(iv)J
Any special or unique hazards? [68.69(a)(3)(v)J
Safety systems and their functions? [68.69(a)(4)J
Are operating procedures readily accessible to employees who
are involved in a process? [68.69(b)J
Has the owner or operator certified annually that the operating
procedures are current and accurate and that procedures have
been reviewed as often as necessary? [68.69(c)J
Has the owner or operator developed and implemented safe
work practices to provide for the control of hazards during
specific operations, such as logout/tagout? [68.69(d)J
Program 3 Prevention - Training [68.71]
a 5.20. Has each employee presently involved in operating a process,
and each employee before being involved in operating a newly
assigned process, been initially trained in an overview of the
process and in the operating procedures? [68.71(a)(l)J
a 5.21. Did initial training include emphasis on safety and health
hazards, emergency operations including shutdown, and safe
work practices applicable to the employee's job tasks?
[68.71 (a)(2) allows in lieu of initial training for those employees already
involved in operating a process on June 21,1999 an owner or operator may
certify in writing that the employee has the required knowledge, skills, and
abilities to safely carry out the duties and responsibilities as specified in the
operating procedures] [68.71(a)(l)
a 5.22. Has refresher training been provided at least every three years,
or more often if necessary, to each employee involved in
operating a process to assure that the employee understands
and adheres to the current operating procedures of the process?
[68.7 l(b)
I | 5.23. Has owner or operator ascertained and documented in a record
that each employee involved in operating a process has
received and understood the training required? [68.71(c)J
C-34
-------�
COMPLIANCE OBJECTIVES NOTES
Does the prepared record contain the identity of the employee,
the date of training, and the means used to verify that the
employee understood the training? [68.71(c)j
Program 3 Prevention - Mechanical integrity [68.73]
a 5.25. Has the owner or operator established and implemented written
procedures to maintain the on-going integrity of the process
equipment listed in 68.73(a)? [68.73(b)J
a 5.26. Has the owner or operator trained each employee involved in
maintaining the on-going integrity of process equipment?
[68.73(c)]
Has the owner or operator:
a 5.27. Performed inspections and tests on process equipment?
r68.73(d¥lYI
Q
Q
a
[68.73(d)(l)J
Followed recognized and generally accepted good engineering
practices for inspection and testing procedures? [68.73(d)(2)j
5.29. Ensured the frequency of inspections and tests of process
equipment is consistent with applicable manufacturers'
recommendations, good engineering practices, and prior
operating experience? [68.73(d)(3)j
5.30. Documented each inspection and test that had been performed
on process equipment, which identifies the date of the
inspection or test, the name of the person who performed the
inspection or test, the serial number or other identifier of the
equipment on which the inspection or test was performed, a
description of the inspection or test performed, and the results
of the inspection or test? [68.73(d)(4)]
5.31. Corrected deficiencies in equipment that were outside
acceptable limits defined by the process safety information
before further use or in a safe and timely manner when
necessary means were taken to assure safe operation?
[68.73(e)J
Assured that equipment as it was fabricated is suitable for the
process application for which it will be used in the construction
of new plants and equipment? [68.73(f)(l)]
C-35
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
a 5.33. Performed appropriate checks and inspections to assure that
equipment was installed properly and consistent with design
specifications and the manufacturer's instructions?
[68.73(f)(2)]
a 5.34. Assured that maintenance materials, spare parts and equipment
were suitable for the process application for which they would
beused?[68.73(f)(3)]
Program 3 Prevention - Management of change [68.75]
a
a
a
a
a
5.35. Has the owner or operator established and implemented written
procedures to manage changes to process chemicals,
technology, equipment, and procedures, and changes to
stationary sources that affect a covered process? [68.75(a)J
5.36. Do procedures assure that the following consideration are
addressed prior to any change: [68.75(b)J
I | 5.36.1. The technical basis for the proposed change? [68.75(b)(l)]
I—| 5.36.2. Impact of change on safety and health? [68.75(b)(2)]
I | 5.36.3. Modifications to operating procedures? [68.75(b)(3)]
5.36.4. Necessary time period for the change? [68.75(b)(4)]
5.36.5. Authorization requirements for the proposed change?
[68.75(b)(5)]
5.37. Were employees, involved in operating a process and
maintenance, and contract employees, whose job tasks would
be affected by a change in the process, informed of, and trained
in, the change prior to start-up of the process or affected part of
the process? [68.75(c)]
5.37. If a change resulted in a change in the process safely
information, was such information updated accordingly?
Q
[68.75(d)J
5.38. If a change resulted in a change in the operating procedures or
practices, had such procedures or practices been updated
accordingly? [68.75(e)J
C-36
-------�
5.40.3. For new stationary sources, a process hazard analysis had been
performed and recommendations had been resolved or
5.40.4. Modified stationary sources meet the requirements contained in
management of change? [68.77(b)(3)J
a 5.40.5. Training of each employee involved in operating a process had
been completed? [68.77(b)(4)J
Program 3 Prevention - Compliance audits [68.79]
a 5.41. Has the owner or operator certified that the stationary source
has evaluated compliance with the provisions of the prevention
program at least every three years to verify that the developed
procedures and practices are adequate and are being followed?
[68.79(a)J
a 5.42. Has the audit been conducted by at least one person
knowledgeable in the process? [68.79(b)J
5.43. Are the audits findings documented in report? [68.79(c)J
COMPLIANCE OBJECTIVES NOTES
Program 3 Prevention - Pre-startup review [68.77]
a 5.39. Has the owner or operator performed a pre-startup safely
review for new stationary sources and for modified stationary
sources when the modification was significant enough to
require a change in the process safety information,? [68.77(a)J
5.40. Did the pre-startup safety review confirm that prior to the
introduction of regulated substances to a process: [68.77(b)J
a 5.40.1. Construction and equipment was in accordance with design
specifications? [68.77(b)(l)J
a 5.40.2. Safety, operating, maintenance, and emergency procedures
were in place and were adequate? [68.77(b)(2)J
Q ""
implemented before startup? [68.77(b)(3)]
a
C-37
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
a 5.44. Has the owner or operator promptly determined and
documented an appropriate response to each of the findings of
the audit and documented that deficiencies had been corrected?
[68.79(d)J
a 5.45. Has the owner or operator retained the two most recent
compliance audit reports? [68.79(e)J
Program 3 Prevention - Incident investigation [68.81]
Q
a
a
5.46. Has the owner or operator investigated each incident which
resulted in, or could reasonably have resulted in a catastrophic
release of a regulated substance? [68.81(a)J
a 5.47. Were all incident investigations initiated not later than 48 hours
following the incident? [68.81(b)]
Q ""
5.48. Was an incident investigation team established and did it
consist of at least one person knowledgeable in the process
involved, including a contract employee if the incident
involved work of the contractor, and other persons with
appropriate knowledge and experience to thoroughly
investigate and analyze the incident? [68.81(c)J
5.49. Was a report prepared at the conclusion of every investigation?
[68.81(d)J
Does every report include: [68.81(d)J
I—| 5.51.1. Date of incident? [68.81(d)(l)]
I—| 5.51.2. Date investigation began? [68.81(d)(2)]
I—| 5.51.3. A description of the incident? [68.81(d)(3)]
5.51.4. The factors that contributed to the incident? [68.81(d)(4)]
5.51.5. Any recommendations resulting from the investigation?
[68.81(d)(5)]
a 5.52. Has the owner or operator established a system to address and
resolve the report findings and recommendations, and are the
resolutions and corrective actions documented? [68.81(e)J
C-38
-------�
COMPLIANCE OBJECTIVES NOTES
Was the report reviewed with all affected personnel whose job
tasks are relevant to the incident findings including contract
employees where applicable? [68.81(f)]
Program 3 Prevention - Employee participation [68.83]
a
a
a
Has the owner or operator:
5.54. Developed a written plan of action regarding the
implementation of the employee participation required by this
section? [68.83(a)]
5.55. Consulted with employees and their representatives on the
conduct and development of process hazards analyses and on
the development of the other elements of process safety
management in chemical accident prevention provisions?
[68.83(b)J
Provided to employees and their representatives access to
process hazard analyses and to all other information required to
be developed under chemical accident prevention rule?
[68.83(c)J
Program 3 Prevention - Hot work permit [68.85]
a
a
a
a
Has the owner or operator issued a hot work permit for each
hot work operation conducted on or near a covered process?
[68.85(a)J
5.58. Does the permit document that the fire prevention and
protection requirements in 29 CFR 1910.252(a) have been
implemented prior to beginning the hot work operations?
[68.85(b)J
5.59. Does the permit indicate the date(s) authorized for hot work
and the object on which hot works to be performed? [68.85(b)J
5.60. Are the permits being kept on file until completion of the hot
work operations? [68.85(b)J
C-39
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
Program 3 Prevention - Contractors [68.87]
Has the owner or operator: [68.87(b)J
Q
selecting a contractor,? [68.87(b)(l)]
a ""
contractor's work and the process? [68.87(b)(2)J
Q ""
Q
5.61. Obtained and evaluated information regarding the contract
owner or operator's safety performance and programs when
5.62. Informed contract owner or operator of the known potential
fire, explosion, or toxic release hazards related to the
5.63. Explained to the contract owner or operator the applicable
provisions of emergency response program? [68.87(b)(3)J
5.64. Developed and implemented safe work practices consistent
with §68.69(d), to control the entrance, presence, and exit of
the contract owner or operator and contract employees in
covered process areas? [68.87(b)(4)J
General Findings / Conclusions:
6.1. Has the owner or operator of a stationary source developed an
emergency response program, unless the source need not
comply? [68.90(a)]
If the employees of the stationary source will not respond to accidental
releases of regulated substances:
Documentation obtained to support Findings / Conclusions:
6. EMERGENCY RESPONSE (SUBPART E) 68.90 - 68.95
Emergency Response - Applicability [68.9]
a
C-40
-------�
.4. Are appropriate mechanisms in place to notify emergency
responders when there is a need for a response? [68.90(b)(3)]
Q
Emergency Response - Applicability [68.9]
a 6.5. Has the owner or operator developed and implemented an
emergency response program for the purpose of protecting
public health and the environment? [68.95(a)J
6.6. Does the program include the following elements: [68.95(a)J
a 6.6.1. An emergency response plan which is maintained at the
stationary source? [68.95(a)(l)]
Q ""
Q
a
6.6.2. Procedures for the use of emergency response equipment and
for its inspection, testing, and maintenance? [68.95(a)(2)J
6.6.3. Training for all employees in relevant procedures?
[68.95(a)(3)J
6.6.4. Procedures to review and update, as appropriate, the
emergency response plan to reflect changes at the stationary
source and ensure that employees are informed of changes?
[68.95(a)(4)J
6.7. Does the emergency response plan contain the following
elements: [68.95(a)(l)]
I | 6.7.1. Procedures for informing the public and local emergency
response agencies about accidental releases? [68.95(a)(l)(i)J
a ""
6.7.2. Documentation of proper first-aid and emergency medical
treatment necessary to treat accidental human exposures?
COMPLIANCE OBJECTIVES NOTES
6.2. For stationary sources with any regulated toxic substance held
in a process above the threshold quantity, is the stationary
source included in the community emergency response plan
developed under EPCRA? [68.90(b)(l)]
6.3. For stationary sources with only regulated flammable
substances held in a process above the threshold quantity, has
the owner or operator coordinated response actions with the
local fire department? [68.90(b)(2)]
C-41
-------�
Guidance for Auditing Risk Management Plans & Programs
COMPLIANCE OBJECTIVES NOTES
a
a
a
a
6.7.3. Procedures and measures for emergency response after an
accidental release of a regulated substance? [68.95(a)(l)(iii)]
6.8. Did the owner or operator use a written plan that complies with
other Federal contingency plan regulations or is consistent with
the approach in the National Response Team's Integrated
Contingency Plan Guidance ("One Plan")? If so, does the
plan include the elements provided in paragraph (a) of 68.95,
and also complies with paragraph (c) of 68.95? [68.95(b)j
6.9. Has the emergency response plan been coordinated with the
community emergency response plan developed under
EPCRA? [68.95(c)J
6.10. Has the owner or operator provided to the local emergency
response officials information necessary for developing and
implementing the community emergency response plan
requested by the LEPC or emergency response officials?
[68.95(c)]
General Findings / Conclusions:
Documentation obtained to support Findings / Conclusions:
C-42
-------�
ANNEX D: RISK MANAGEMENT PROGRAM AND OSHA
PROCESS SAFETY MANAGEMENT: LIST OF REGULATED
SUBSTANCES (BY CHEMICAL NAME)
List of Regulated
Substances
CAS Chemical Name
106-98-9 1-butene
97-00-7 1 -chloro-2,4-dinitrobenzene
590-21 -6 1 -chloropropylene {1 -propene, 1 -chloro-}
109-67-1 1-pentene
57-14-7 1,1-dimethylhydrazine {Dimethylhydrazine} {Hydrazine, 1,1-dimethyl-}
106-99-0 1,3-butadiene
504-60-9 1,3-pentadiei
107-01-7 2-butene
590-18-1 2-butene-cis
624-64-6 2-butene-trans {2-butene, (E)}
557-98-2 2-chloropropylene {1-propene, 2-chloro
563-46-2 2-methyl-l-butene
115-11-7 2-methylpropene {1 -propene, 2-methyl-}
646-04-8 2-pentene (E)-
627-20-3 2-pentene (Z)-
463-82-1 2,2-dimethylpropane {Propane, 2,2-dimethyl-}
97-02-9 2,4-dinitroaniline
563-45-1 3-methyl-l-butene
75-07-0 Acetaldehyde
74-86-2 Acetylene {Ethyne}
107-02-8 Acrolein {2-propenal}
107-13-1 Acrylonitrile {2-propenenitrile}
814-68-6 Acrylyl Chloride {2-propenoyl Chloride}
Varies Alkylaluminums
107-18-6 Allyl Alcohol {2-propen-l-ol}
107-05-1 Allyl Chloride
107-11 -9 Allylamine {2-propen-l -amine}
7664-41-7 Ammonia (Anhydrous)
7664-41-7 Ammonia (>=20% for RMP) (>44% for PSM)
7790-98-9 Ammonium Perchlorate
7787-36-2 Ammonium Permanganate
7784-34-1 Arsenous Trichloride
7784-42-1 Arsine {Arsenic Hydride}
10294-34-5 Boron Trichloride {Borane, Trichloro-}
7637-07-2 Boron Triflouride {Borane, Trifluoro-]
353-42-4 Boron Triflouride Compound with Methyl Ether (1:1)
{Boron, Trifluoro[oxybis[methane]-,T-4}
7726-95-6 Bromine
13863-41-7 Bromine Chloride
7787-71-5 Bromine Trifluoride
RMP
Threshold
Quantity
(TQ) Ibs.
RMP
Threshold
Corrected
to Gals
PSM
Threshold
Quantity
(TQ) Ibs
Toxic
Endpoint
D-l
-------�
Guidance for Auditing Risk Management Plans & Programs
RMP
Threshold
Corrected
to Gals
PSM Toxic
Threshold Endpoint
Quantity
(TQ) Ibs
RMP
Threshold
Quantity
(TQ) Ibs.
CAS Chemical Name
7789-30-2 Bromine Pentafluoride
598-73-2 Bromotrifluorethylene {Ethene, Bromotrifluoro-}
106-97-8 Butane
25167-67-3 Butene
75-91-2 Butyl Hydroperoxide (Tertiary)
614-45-9 Butyl Perbenzoate
75-15-0 Carbon Disulfide
463-58-1 Carbon Oxysulfide {Carbon Oxide Sulfide (Cos)} {Carbonyl Sulfide}
353-44-5 Carbonyl Fluoride
9004-70-0 Cellulose Nitrate (>12.6% Nitrogen for PSM)
7782-50-5 Chlorine
10049-04-4 Chlorine Dioxide {Chlorine Oxide (CI02)}
7791-21-1 Chlorine Monoxide {Chlorine Oxide}
13637-63-3 Chlorine Pentrafluoride
7790-91-2 Chlorine Trifluoride
96-06-2 Chlorodiethylaluminum {Diethylaluminum Chloride}
67-66-3 Chloroform {Methane, Trichloro-}
542-88-1 Chloromethyl Ether {Bis(chloromethyl) Ether} {Methane,
Oxybisfchloro-} {Dichloromethyl Ether}
107-30-2 Chloromethyl Methyl Ether {Methane, Chloromethoxy-}
76-06-2 Chloropicrin
None Chloropicrin and Methyl Bromide Mixture
None Chloropicrin and Methyl Chloride Mixture
4170-30-3 Crotonaldehyde {2-butenal}
123-73-9 Crotonaldehyde, (E)- {2-butenal, (E)-}
80-15-9 Cumene Hydroperoxidi
460-19-5 Cyanogen {Ethanedinitrile}
506-77-4 Cyanogen Chloride
675-14-9 Cyanuric Fluoride
108-91-8 Cyclohexylamine {Cyclohexanamine}
75-19-4 Cyclopropane
110-22-5 Diacetyl Peroxide (>70% for PSM)
334-88-3 Diazomethane
94-36-0 Dibenzoyl Peroxide
19287-45-7 Diborane {Diborane (6)}
110-05-4 Dibutyl Peroxide (Tertiary)
4109-96-0 Dichlorosilane {Silane, Dichloro-}
557-20-0 Diethylzinc
75-37-6 Difluoroethane {Ethane, 1,1-difluoro-}
105-64-6 Diisopropyl Peroxydicarbonate
105-74-8 Dilauroyl Peroxide
124-40-3 Dimethylamine {Methanamine, N-methyl-}
75-78-5 Dimethyldichlorosilane {Silane, Dichlorodimethyl-}
106-89-8 Epichlorohydrin {Oxirane, (Chloromethyl)-;
0.026
0.076
D-2
-------�
List of Regulated
Substances
CAS Chemical Name
74-84-0
107-00-6
75-00-3
60-29-7
75-08-1
1338-23-4
109-95-5
Ethane
Ethyl Acetylene {1-butyne}
Ethyl Chloride {Chloroethane} {Ethane, Chloro-}
Ethyl Ether {Ethane, l,l'-oxybis-}
Ethyl Mercaptan {Ethanethiol}
Ethyl Methyl Ketone Peroxide
Ethyl Nitrite {Nitrous Acid, Ethyl Ester}
Ethylamine {Monoethylamine} (Ethanamine)
75-04-7
74-85-1 Ethylene {Ethene}
371-62-0 Ethylene Fluorohydrin
75-21-8 Ethylene Oxide {Oxirane}
107-15-3 Ethylenediamine {1,2-ethanediamine}
151-56-4 Ethyleneimine {Aziridine}
7782-41-4 Fluorine
50-00-0 Formaldehyde (Solution)
110-00-9 Furan
684-16-2 Hexafluoroacetone
302-01-2 Hydrazine
7647-01-0 Hydrochloric Acid (>=37% for RMP)
74-90-8 Hydrocyanic Acid {Hydrogen Cyanide}
1333-74-0 Hydrogen
10035-10-6 Hydrogen Bromide
7647-01 -0 Hydrogen Chloride (Anhydrous for CAA 112(r)- RMP and PSM))
{Hydrochloric Acid}
7664-39-3 Hydrogen Fluoride/hydrofluoric Acid (>=50% for RMP)
{Hydrofluoric Acid}
7722-84-1 Hydrogen Peroxide (>= 52% for PSM)
7783-07-5 Hydrogen Selenide
7783-06-4 Hydrogen Sulfide
7803-49-8 Hyroxylamine
13463-40-6 Iron, Pentacarbonyl- {Iron Carbonyl (Fe(co)5), (Tb-5-11)-
75-28-5 Isobutane {Propane, 2-methyl}
78-82-0 Isobutyronitrile {Propanenitrile, 2-methyl-}
78-78-4 Isopentane {Butane, 2-methyl-}
78-79-5 Isoprene {1,3-butadiene, 2-methyl-;
75-31-0 Isopropylamine {2-propanamine}
75-29-6 Isopropyl Chloride {Propane, 2-chloro-!
108-23-6 Isopropyl Chloroformate {Carbonochloridic Acid, 1 -methylethyl Ester}
463-51-4 Ketene
78-85-3 Methacrylaldehyde
126-98-7 Methacrylonitrile {2-propenenitrile, 2-methyl-} {Methylacrylonitrile}
920-46-7 Methacryloyl Chloride
74-82-8 Methane
74-83-9 Methyl Bromide
RMP
Threshold
Quantity
(TQ) Ibs.
10,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
RMP
Threshold
Corrected
to Gals
PSM
Threshold
Quantity
(TQ) Ibs
15,000
15,000
2,500
10,000
5,000
1,000
2,500
10,000
20,000
10,000
10,000
10,000
10,000
15,000
10,000
10,000
Toxic
Endpoint
0.09
0.49
0.018
0.0039
0.012
0.0012
2,500
D-3
-------�
Guidance for Auditing Risk Management Plans & Programs
CAS Chemical Name
74-87-3 Methyl Chloride {Chloromethane} {Methane, Chloro-}
79-22-1 Methyl Chloroformate {Carbonochloridic Acid, Methylester}
{Methyl Chlorocarbonate}
115-10-6 Methyl Ether {Methane, Oxybis-}
1338-23-4 Methyl Ethyl Ketone Peroxide (>60% for PSM)
453-18-9 Methyl Fluoroacetate
421-20-5 Methyl Florosulfate
107-31-3 Methyl Formate {Formic Acid, Methyl Ester}
60-34-4 Methyl Hydrazine
74-88-4 Methyl Iodide
624-83-9 Methyl Isocyanate {Methane, Isocyanato-]
74-93-1 Methyl Mercaptan {Methanethiol} {Thiomethanol}
556-64-9 Methyl Thiocyanate {Thiocyanic Acid, Methyl Ester}
79-84-4 Methyl Vinyl Ketone
74-89-5 Methylamine {Methanamine} {Monomethylamine}
75-79-6 Methyltrichlorosilane {Silane, Trichloromethyl-}
13463-39-3 Nickel Carbonyl {Nickel Tetracarbonyl}
7697-37-2 Nitric Acid (>=80% for RMP) (>=94.5% for PSM)
10102-43-9 Nitric Oxide {Nitrogen Oxide (No)}
100-01-6 Nitroaniline {Para Nitroaniline}
7783-54-2 Nitrogen Trifluoride
10102-44-0 Nitrogen Oxides (NO, N02, N204, N203)
10544-72-6 Nitrogen Tetroxide {Nitrogen Peroxide}
10544-73-7 Nitrogen Trioxide
10102-44-0 Nitrogen Dioxide
75-52-5 Nitromethane
8014-95-7 Oleum (Fuming Sulfuric Acid) (65-80% for PSM)
{Sulfuric Acid, with Sulfur Trioxide}
20816-12-0 Osmium Tetroxi
7783-41-7 Oxygen Difluoride {Fluorine Monoxide}
10028-15-6 Ozone
19624-22-7 Pentaborane
109-66-0 Pentane
79-21-0 Peracetic Acid (>60% Acetic Acid for PSM)
{Ethaneperoxoic Acid} {Peroxyacetic Acid}
7601-90-3 Perchloric Acid (>60% for PSM)
594-42-3 Perchloromethylmercaptan {Methanesulfenyl Chloride, Trichloro-}
7616-94-6 Perchloryl Fluoride
75-44-5 Phosgene {Carbonic Bichloride} {Carbonyl Chloride}
7803-51-2 Phosphine {Hydrogen Phosphide}
10025-87-3 Phosphorus Oxychloride {Phosphoryl Chloride}
7719-12-2 Phosphorus Trichloride {Phosphorous Trichloride}
110-89-4 Piperidine
463-49-0 Propadiene {1,2-propadiene}
74-98-6 Propane
RMP
Threshold
Quantity
(TQ) Ibs.
RMP
Threshold
Corrected
to Gals
PSM
Threshold
Quantity
(TQ) Ibs
15,000
500
Toxic
Endpoint
0.82
0.0019
0.018
0.00067
0.026
0.031
0.0076
0.00081
0.0035
0.003
0.028
0.022
D-4
-------�
CAS Chemical Name
106-96-7 Propargyl Bromide {3-bromopropyne}
107-12-0 Propionitrile {Ethyl Cyanide} (Propanenitrile)
627-13-4 Propyl Nitrate
109-61 -5 Propyl Chloroformate {Carbonochloridic Acid, Propylester}
115-07-1 Propylene {1 -propene}
75-56-9 Propylene oxide {oxirane, methyl-}
75-55-8 Propyleneimine {Aziridine, 2-methyl}
74-99-7 Propyne {1 -propyne}
107-44-8 Sarin
7783-79-1 Selenium Hexafluoride
7803-62-5 Silane
7803-52-3 Stibine {Antimony Hydride}
7446-09-5 Sulfur Dioxide (Anhydrous for RMP)
5714-22-7 Sulfur Pentafluoride
7783-60-0 Sulfur Tetraflouride {Sulfur Fluoride, (Sf4) (T-4)-
7446-11-9 Sulfur Trioxide {Sulfuric Anhydride}
7783-80-4 Tellurium Hexafluoride
116-14-3 Tetrafluoroethylene {Ethene, Tetrafluoro-}
10036-47-2 Tetrafluorohydrazine
75-74-1 Tetramethyllead {Plumbane, Tetramethyl-}
75-76-3 Tetramethylsilane {Silane, Tetramethyl-}
509-14-8 Tetranitromethane {Methane, Tetranitro-}
7719-09-7 Thionyl Chloride
7550-45-0 Titanium Tetrachloride {Titanium Chloride (Ticl4)(T-4)}
584-84-9 Toluene 2,4-diisocyanate {Benzene, 2,4-diisocyanato-l-methyl-}
91-08-7 Toluene 2,6-diisocyanate {Benzene, 1,3-diisocyanato-2-methyl-}
26471-62-5 Toluene Diisocyanate (Unspecified Isomer)
{Benzene, 1,3-diisocyanatomethyl-}
1558-25-4 Trichloro(chloromethyl)silane
27137-85-5 Trichloro(dichlorophenyl)silane
10025-78-2 Trichlorosilane {Silane, Trichloro-}
79-38-9 Trifluorochloroethylene {Ethene, Chlorotrifluoro-}
75-50-3 Trimethylamine {Methanamine, N,n-dimethyl-}
75-77-4 Trimethylchlorosilane {Silane, Chlorotrimethyl-}
2487-90-3 Trimethyoxysilane
108-05-4 Vinyl Acetate Monomer {Acetic Acid Ethenyl Ester}
689-97-4 Vinyl Acetylene {1 -buten-3-yne}
75-01-4 Vinyl Chloride {Ethene, Chloro-}
109-92-2 Vinyl Ethyl Ether {Ethene, Ethoxy-
75-02-5 Vinyl Fluoride {Ethene, Fluoro-}
107-25-5 Vinyl Methyl Ether {Ethene, Methoxy-}
75-35-4 Vinylidene Chloride {Ethene, 1,1-dichloro-} {1,1-dichlorethylene}
75-38-7 Vinylidene Fluoride {Ethene, 1,1-difluoro-}
RMP
Threshold
Quantity
(TQ) Ibs.
RMP
Threshold
Corrected
to Gals
List of Regulated
Substances
PSM Toxic
Threshold Endpoint
Quantity
(TQ) Ibs
10,000
5,000
2,500
10,000
10,000
2,500
10,000
10,000
10,000
10,000
10,000
10,000
10,000
15,000
10,000
10,000
10,000
10,000
10,000
10,000
10,000
1,494
15,000
10,000
10,000
10,000
10,000
1,649
1,968
1,395
1,485
1,697
100
0.0037
D-5
-------�
-------�
-------�
vvEPA
United States
Environmental Protection
Agency (5104)
Washington, DC 20460
Official Business
Penalty for Private Use
$300
-------� |