United States Environmental Protection Agency Office of Solid Waste and Emergency Response (5104) EPA 550-B99-008 August 1999 www.epa.gov/ceppo/ Guidance for Auditing Risk Management Plans/Programs under Clean Air Act Section 112(r) Chemical Emergency Preparedness and Prevention Office Printed on recycled paper ------- ------- NOTICE This document is intended solely for the guidance of government personnel. It is not intended and cannot, be relied upon to create rights, substantive or procedural, enforceable by any part, in litigation with the United States. The Agency reserves the right to act at variance with this guidance and change it at any time without public notice. ------- Acronyms Used in This Guidance AIChE American Institute of Chemical Engineers ANSI American National Standards Institute API American Petroleum Institute ASME American Society of Mechanical Engineers CAA Clean Air Act CBI Confidential Business Information CCPS Center for Chemical Process Safety CFR Code of Federal Regulations D & B Dun and Bradstreet EPA Environmental Protection Agency EPCRA Emergency Planning and Community Right-to-Know Act ERNS Emergency Response Notification System HAZWOPER Hazardous Waste Operations and Emergency Response LEPC Local Emergency Planning Committee NCP National Contingency Plan NFPA National Fire Protection Association NRS National Response System OSHA Occupational Safety and Health Administration PHA Process Hazard Analysis PPE Personal Protective Equipment PSM Process Safety Management RMP Risk Management Plan SARA Superfund Amendments and Reauthorization Act SERC State Emergency Response Commission ------- Table of Contents OF Introduction [[[ .1 Guidance; Purpose; and Background. ................................ .3 Interrelated Opportunities for Accident Prevention 4 Risk Management Program Requirements 1 Table 1: RMP Program Levels 8 Developing an RMP Audit Program .9 Objective 9 Approaches to an RMP Audit: 9 How to Use Reviews / Audits / Inspections 10 The RMP Audit Process 13 Step (1) Selecting Facilities for RMP Audits 15 Step (2) Off-site Activities 16 Collecting Background Information ............................ .16 Table 2: Background Information .... .17 Planning the Audit 17 Prepare Audit Staff and Plan Logistics 17 Table 3: Potential Audit Components .............................. .18 Step (3) At the Site ............................................ .20 Entering the Facility 20 Opening Meeting 20 Collecting and Analyzing Information .......................... .22 Personal Protective Equipment (PPE) ........................... .23 Exit Briefing 23 Step (4) Concluding Activities 25 Follow-up Meeting 25 Audit Report 25 Step (5) After-Audit Actions 27 Preliminary Determination 27 Final Determination ......................................... .27 ANNEX A: Site Safety Plan for On-Site Activities ANNEX B: Audit Report ANNEX C: Audit Checklist ------- Guidance for Auditing Risk Management Plans & Programs ------- Introduction ------- Guidance for Auditing Risk Management Plans & Programs ------- GUIDANCE PURPOSE AND BACKGROUND Purpose This document provides guidance for implementing agencies that are required by the Risk Management Program regula- tion (40 CFR 68.220) to conduct audits. It is designed as a tool for auditors reviewing industry compliance with the Risk Management Program regulation. However, this guidance does not reflect all requirements that a stationary source must meet to be in compliance with the regulation. Background The Environmental Protection Agency (EPA) works closely with stakeholders to reduce the likelihood and severity of chemical accidents. Several important planning and legislative initiatives have been introduced since 1968. These include the National Contingency Plan (NCP) (started in 1968), EPA's voluntary Chemical Emergency Preparedness Program started after the December 1984 accident in Bhopal (India), the Emergency Planning and Community Right-to-Know Act of 1986 (EPCRA), and the Accidental Release Prevention require- ments under Section 112(r) of the Clean Air Act (CAA), as amended in 1990. These initiatives address the entire safety continuum dealing with chemical accident preparedness, response, and prevention. In this document "RMP" denotes the Risk Management Plan, which summarizes the source's risk management program and is submitted to EPA. Introduction Guidance Purpose and Background ------- Accident prevention opportunities include: • Chemical Safety Audits • Accident investigation • General Duty M RMP Audits INTERRELATED OPPORTUNITIES FOR CHEMICAL ACCIDENT PREVENTION: Chemical Safety Audits, Accident Investigations, General Duty, and RMP Audits From a government point of view, chemical accident preven- tion involves: (1) working with sources to improve their chemical safety management program, and (2) encouraging communities to coordinate risk reduction activities with facil- ities even as they enhance emergency preparedness for response to possible accidents. Improving the safe use and management of chemicals begins with an understanding of: • How and why accidents occur; • How industry identifies chemical and process hazards; • How industry designs, maintains, and operates a safe facility; and • How the consequences of accidents are minimized. Industry has the expertise and responsibility to make sure that the elements of safe operation (e.g., procedures, train- ing, maintenance) are brought together and managed day-to- day. Government agencies can help sources by auditing their safety management programs, comparing them to suc- cessful practices used by other sources, and stimulating improvements. The Risk Management Program regulations are among the several tools implementing agencies have to help facilities prevent chemical accidents. Existing and new programmatic tools are briefly described below. Each of these programs is designed to help identify the causes of accidental chemical releases as well as the means to prevent them from occur- ring. Additionally, these activities can be used to promote coordination within the local community. Chemical Safety Audits Chemical Safety Audits are designed to: • Share information about chemical safety practices and technologies with visits to sources that handle hazardous substances; • Heighten awareness of the need for and promote chemi- cal safety at chemical facilities and in the communities where chemicals are located; and • Build cooperation among sources, government agencies, and others. ------- Introduction Interrelated Opportunities for Accident Prevention Chemical safety audits are usually voluntary and may include sources not covered by the Risk Management Program provi- sions. One purpose of auditing a facility is to identify and characterize the strengths and weaknesses of specific chemi- cal accident prevention program areas, as a means to high- light the elements which form an effective program. Additionally, audits facilitate the sharing of information about successful practices and recommending safety improve- ments. This can lead to process safety improvements, which may prevent or mitigate releases by the audited source. Accident Investigations The fundamental objective of a chemical accident investiga- tion is to determine the facts, conditions, circumstances, and causes or probable causes of chemical accidents. The ulti- mate goal of the accident investigation is to determine the root causes or management system failures causing an acci- dent in order to reduce the likelihood of recurrence, mini- mize the consequences associated with accidental releases, and make chemical production, processing, handling, and storage safer. Along with the root cause, the investigation looks at contributing factors of the event that may have broad applicability to industry, and the potential to develop recommendations and lessons learned to prevent future acci- dents of this type. Section 112(r) (6) of the Clean Air Act established an inde- pendent safety board known as the Chemical Safety and Hazard Investigation Board ("the Chemical Safety Board"). One of the objectives of the Chemical Safety Board, as direct- ed by the Clean Air Act, is to investigate, determine and report to the public, the facts, conditions, circumstances, and cause or probable cause of any accidental release resulting in fatality, serious injury or substantial property damage. The General Duty Clause Section 112(r) (1) of the Clean Air Act, known as the "General Duty Clause," further expands the range of activi- ties EPA can undertake to promote chemical safety. Owners and operators of stationary sources producing, pro- cessing, handling, or storing extremely hazardous substances have a general duty to: The Chemical Safety Board began operat- ing in 1998 after it was funded by Congress. EPA and the Chemical Safety Board have developed a Memorandum of Understanding which addresses their respec- tive authorities and coordination on acci- dent investigation. To view this MOU, see www. epa. gov/ceppo/ ap-acin.htm. For further information concerning the Chemical Safety Board, visit the web site at http://chemsafety. gov or http://csb.gov. • Identify hazards associated with a potential accidental release, using appropriate hazard assessment techniques; ------- • Design and maintain a safe facility, taking steps to pre- vent releases; and • Minimize the consequences of accidental releases that do occur. The General Duty Clause is not limited to a finite list of chemicals or established thresholds. To the extent state or local law establishes a similar general duty, implementing agencies other than EPA can take actions to promote safe operating practices and the preven- tion of chemical accidents. RMP Audits RMP audits help ensure compliance with the Risk Management Program. EPA intends to use the audit process as a way to verify the quality of the program sum- marized in the RMP. When it is reasonable, EPA will require modifications to the RMP that may lead to quality improvements in the underlying program. Each government agency, whether federal, state, or local, should determine what authorities it presently has to con- duct the above activities. Most should find that their pre- sent authorities are sufficient. The agency should consult with legal counsel to determine the most effective use of their authorities. The above-mentioned activities are not mutually exclusive. Many times, a combination of activities may be used to achieve results. For example, an agency might investigate a chemical accident at a facility. While the investigation may determine a root cause, a chemical safety audit may con- firm that procedures are being used to reduce the risk of future accidents. Additionally, the agency may also audit compliance with the General Duty Clause and/or RMP requirements. ------- Introduction Risk Management Program Requirements RISK MANAGEMENT PROGRAM REQUIREMENTS Section 112(r) of the CAA requires EPA to publish rules and guidance for chemical accident prevention. The rules pro- mulgating the list of regulated substances (published January 31, 1994) and the Risk Management Program provisions (published June 20, 1996) are found at 40 CFR Part 68. The Risk Management Program contains three elements: a haz- ard assessment, a prevention program, and an emergency response program. The entire program is to be described and documented in a risk management plan (RMP) which is submitted to EPA. In general, the RMP submitted by most facilities includes the following: • Executive summary; • Registration information; • Off-site consequence analysis; • Five-year accident history; • Prevention program; and • Emergency response program Owners or operators of a stationary source with more than a threshold quantity of a regulated substance (one of the 140 listed toxic and flammable substances in 40 CFR Section 68.130) in a process, as determined under section 68.115, must submit an RMP no later than the latest of the following dates: (1) June 21, 1999; (2) Three years after the date on which a substance is first listed under 40 CFR 68.130; or (3) The date on which a regulated substance is first present in a process above a threshold quantity. The Risk Management Program regulations also define the activities that sources must undertake to identify and mini- mize the risks posed by regulated substances in covered processes. Specifically, EPA defined three "program levels" to ensure that individual chemical processes are subject to appropriate requirements based on the size of the process and the associated risks, (see table on next page). Who is Covered? EPA estimates that approximately 36,000 facilities are covered by the provisions of 40 CFR Part 68, including: Chemical manufacturers (industrial organics and inorganics, paints, phar- maceuticals, adhesives, sealants, fibers), Petrochemical (refining and gas pro- cessing operations, plastics and resins, synthetic rubber), Other manufacturing (electronics, semiconductors, paper, fabricated met- als, industrial machinery, furniture, tex- tiles), Agriculture (fertilizers), Public sources (drinking and waste water treatment works), Electric utilities, Food and cold storage, Chemical warehousing, Chemical wholesalers, Military and energy installations, and Other stationary sources. ------- Guidance for Auditing Risk Management Plans & Programs TABLE 1: RMP PROGRAM LEVELS AND REQUIREMENTS Program Level Description Program 1 Requirements apply to processes where (1) a worst- case release, as determined by the haz- ard assessment, is not expected to reach public receptors; (2) no acci- dental release has occurred in the last five years that caused speci- fied off-site impacts; and (3) the source has coor- dinated emergency response procedures with the local planning and response organiza- tions. The most likely processes for this pro- gram level are those at remotely located sources and/or those using list- ed flammable chemicals. Program 2 Requirements apply to processes that do not meet the eligibility requirements of Program 1 or 3. Program 3 Requirements apply to processes not eligibile for Program 1, and which are in certain specified industrial cate- gories or are already subject to the OSHA process safety manage- ment (PSM) standard. These generally include higher risk, complex chemical processing and petroleum refining oper- ations. Requirements • Conduct an off-site consequence analysis that evaluates worst-case accidental release sce- nario (s); • Document the five-year history of certain acci- dental releases of regu- lated substance from covered processes; • Coordinate response plans with local emer- gency planning and response agencies; and • Revise, update, and submit the RMP at least every five years. • Conduct an off-site consequence analysis that evaluates worst-case accidental release sce- nario (s); • Document the five-year history of certain acci- dental releases of regu- lated substance from covered processes; • Coordinate response plans with local emer- gency planning and response agencies; and • Revise, update, and submit the RMP at least every five years. Evaluate alternative acci- dent release scenarios and establish: • An integrated preven- tion program for manag- ing risk; • Provisions for respond- ing to emergencies; and • An overall manage- ment system supervising the implementation of these program elements. • Conduct an off-site consequence analysis that evaluates worst-case accidental release sce- nario (s); • Document the five-year history of certain acci- dental releases of regu- lated substance from covered processes; • Coordinate response plans with local emer- gency planning and response agencies; and • Revise, update, and submit the RMP at least every five years. Evaluate alternative acci- dent release scenarios and establish: • An integrated preven- tion program for manag- ing risk; • Provisions for respond- ing to emergencies; and • An overall manage- ment system supervising the implementation of these program elements. ------- DEVELOPING AN RMP AUDIT PROGRAM Introduction Developing an RMP Program Objective The RMP regulation states that, in addition to inspections for the purpose of regulatory development and enforcement of the CAA, the implementing agency shall periodically audit RMPs to review their adequacy and require revisions when necessary to ensure compliance with the Risk Management Program regulations. This means that the implementing agency is responsible for verifying RMP information against an independent source of information, such as data from other EPA or state databases, or by conducting on-site verifi- cation. RMP audits focus on the data contained in the Risk Management Plan, as well as the underlying risk manage- ment program. An RMP is a blueprint of how Risk Management Program provisions are incorporated into process safety at the facility, just as an emergency response plan is a blueprint of an emergency response program for a community or a facility. Emergency plans do not directly protect the public; emergency response programs are the comprehensive approach to protecting the public. Approaches to an RMP Audit Full compliance with the Risk Management Program regula- tions cannot be determined without on-site or independent verification of all or part of the information submitted in an RMP. However, each implementing agency should deter- mine the scope of the audit process to be used. This deter- mination is based on available resources, priorities, expertise, and other factors. Auditing to ensure compliance with the Risk Management Program regulation may consist of a range of off-site and on-site activities. Off-site activities might include determining that the rule applies to the source, that the facility placed itself in the correct program level, and that the source submitted a complete and correct RMP. On-site activities might include verification of documentation and process review. To ease the inspection burden, the implementing agency should also determine how the scope and conduct of on-site audit activities can be coordinated with other regulatory inspections. For example, the implementing agency might coordinate with either the federal or state OSHA office with- RMP audits focus on compliance with the plan requirements, as well as the underlying risk management program ------- in its jurisdiction. If chemical facilities are subject to the OSHA PSM Standard, OSHA has its own authority over the facilities' prevention program. This inter-agency coordina- tion may save resources and decrease the burden on the facility. How to Use Reviews / Audits / Inspections The Risk Management Program regulations mention the use of completeness checks, reviews, audits, and inspections. These terms are defined below. RMP Completeness Checks. The implementing agency may conduct an in-office "completeness check" of the RMP. RMP*Submit (a submission system developed by EPA) will check each RMP before it is submitted to ensure that all the required data elements have been completed; the software program will indicate which fields are missing any required information. In addition, the EPA reporting center will use a similar technique to review every RMP submitted to see if all necessary fields have been completed. RMP Reviews. Implementing agencies may want to review the data in an RMP to identify discrepancies. For example, the Executive Summary and registration data can be com- pared to chemical inventory data submitted to the state under EPCRA section 312 (always remembering that EPCRA section 312 and CAA section 112(r) may have differences in thresholds). Agencies may also want to review RMPs to iden- tify internal data inconsistencies (e.g., dates listed for activi- ties should be verified as internally consistent), facilities with potential problems based on their accident histories, and unusual data (e.g., failure to list appropriate hazards under the prevention program). For example, if an RMP reports that there has recently been a major change in a process that triggered a review or revision of certain requirements (see 68.l70(k)), but the RMP indicates that these requirements have not been reviewed or revised since the date of the change, further inquiry is warranted. RMP Audits. In an audit, the contents of the RMP are reviewed to determine completeness of the risk manage- ment program and adequate compliance with section 112(r) requirements. Audits involve more than simply reviewing the RMP; specifically, an audit involves an independent verifica- tion of the information in an RMP (e.g., by consulting other data sources or visiting the facility). Some elements of an audit include: verifying the number of processes a facility has ------- Introduction Developing an RMP Program included in its RMP, or the existence of mitigation systems reported in the RMP. An audit may also focus on accident histories and off-site consequence analyses (e.g., are the reported dates reasonable?). Additionally, audits could be useful in comparing accident histories with accidents report- ed to the SERC and LEPCs under EPCRA Section 304, which requires reporting of certain chemical releases. Audits may also compare practices among facilities within the same industry sector to determine if particular facilities within the State are meeting industry standards and implementing appropriate accident prevention activities. Inspections. Inspections complement RMP audit activities and are valuable for evaluating compliance with the substan- tive elements of the Section 112(r) rule. Many implement- ing agencies that have programs for the protection of public health and safety already have staff who are qualified to con- duct on-site inspections (e.g., water permitting agencies visit water treatment plants; fire inspectors check on propane dis- tributors) . With proper training, it may be efficient for these regulators and inspectors to add 112(r) compliance elements to their inspection checklist. Pursuant to an audit, which may be combined with an inspec- tion, a stationary source may be required to revise its RMP and correct deficiencies in its underlying program. For example, if an audit indicated that a stationary source had not reviewed and updated operating procedures after a change and that such updates were needed, the stationary source could be required to update the procedures, re-train workers in the new procedures, and submit a revised RMP. ------- Guidance for Auditing Risk Management Plans & Programs ------- The RMP Audit Process ------- Guidance for Auditing Risk Management Plans & Programs ------- The RMP Audit Process Step (I): Selecting Facilities for RMP Audits STEP (1): SELECTING FACILITIES FOR RMP AUDITS Under 68.220(b), the implementing agency may select sources for audits based on any of the following criteria: (1) Accident history; (2) Accident history of other sources in the same industry; (3) Quantity of regulated substances; (4) Location and proximity to the public and environmental receptors; (5) Presence of specific regulated substances; (6) Hazards identified in the RMP; or (7) A plan providing for neutral, random oversight. Related criteria could include the number of accidental releases, whether there have been any catastrophic accidental releases, and the known toxicity of chemicals used in the processes. Stationary sources with a "Star" or "Merit" ranking under OSHA's voluntary protection program are exempt from audits based solely on criteria (2) and (7). However, these sources may be audited based on any of the other five crite- ria [68.220(c)]. Each implementing agency should develop a targeting system, based on their resources and priorities. There are several basic steps to con- ducting an RMP audit. (1) The first is select- ing facilities to be audited. (2) Next, there is a range of potential off-site, on- site, and concluding activities. (3) Finally, there is a series of post-audit actions. 15 ------- STEP (2): OFF-SITE ACTIVITIES If more than one auditor is participating in the audit, the entire audit team should participate in a planning meeting prior to the audit. This meeting should include any person- nel from outside the implementing agency who will partici- pate in the audit. The team should include personnel from the implementing agency and personnel from other agencies to provide technical support (i.e., fire marshal, emergency management staff, environmental management staff). Additionally, if possible, the implementing agency should include LEPC members and/or local response agency mem- bers. The lead auditor should determine at this point whether or not the source will be notified in advance of the site visit. Prior notification may be dictated by implementing agency policy or practices. If the source is to be notified in advance of the visit, the lead auditor should schedule well in advance the date, time, and point of arrival at the source. The lead auditor should: • Brief all auditors on the rationale for the audit; • Assign each auditor specific section(s) of the audit report, including collecting stationary source background information related to his/her report section; • Identify related regulatory requirements (e.g., hot work permit, HAZWOPER); and • Establish a schedule for completing collection of the nec- essary background information, conducting the pre-visit meeting, conducting the audit, and completing the audit report. Collecting Background Information Preliminary preparation is key to a well organized audit. It is useful to collect as much of the source background informa- tion as possible in advance of the audit. The lead auditor may elect to notify the source, state, and local officials of the pending audit and request appropriate background informa- tion. The auditor(s) then can review this information prior to the visit, prepare a detailed list of topics and questions to help organize their on-site activities, and minimize the amount of time spent at the source. The following table lists some examples of background information that may be use- ful to auditors. ------- The RMP Audit Process Step (2): Off-Site Activities TABLE 2: BACKGROUND INFORMATION Types of Information Submitted RMP History of releases at the source and/or similar sources Chemical processes EPCRA Chemical Inventory Data Sources of Information RMP*Info and/or RMP*Review (database avail- able to the implementing agency from EPA). On-scene coordinator reports, Accidental Release Investigation Program (ARIP) question- naires, RMPs, Emergency Response Notification System (ERNS) data, EPCRA 304 release notifica- tions, State release files. Industry standards and processing techniques from trade and professional groups (e.g.American Institute of Chemical Engineers (AIChE), ASME, and the Chlorine Institute), process flow diagrams, and piping and instru- mentation diagrams. SERC, LEPC, local fire department. Auditors should also determine the applicability of existing checklists specific to the source being audited; for example, checklists developed by EPA in sector-specific RMP guidances may be used (e.g., ammonia refrigeration, publicly owned treatment works, chemical warehouses, propane users). Auditors should also familiarize themselves with industry and government standards specific to the source (e.g., standards developed by OSHA, NFPA, ANSI). Planning the Audit An on-site audit might include review of programs and records, verification of data, and analysis of prevention mea- sures. See the following table of potential audit components for suggestions. Prepare Audit Staff and Plan Logistics The lead auditor should hold a pre-visit meeting with all auditors as close to the date of the audit as possible. By this time all auditors should be familiar with this guidance and any information they have collected about the stationery source to be audited and its processes. Additional informa- tion to be obtained at the source should be identified and auditors should develop individual plans for conducting their 17 ------- Guidance for Auditing Risk Management Plans & Programs TABLE 3: POTENTIAL AUDIT COMPONENTS Review Verify Evaluate Engineering review • accident history • incident investigation reports, and documentation of corrective measures taken • preventive maintenance program • process hazard analysis or hazard review, including review of safety information and risk scenarios • soundness of air modeling results • operation and maintenance records, inspection procedures, and repairs records • training records and review of emergency plan exercise program • emergency response program capabilities, including exercises, equipment, train- ing, off-site programs, public notification, procedures, and communication with local emergency responders • management of change program, pre-start review program, employee participa- tion program, hot work permit program, and contractor employee training • facility classification and program designation • air modeling methods and results • model input parameters • mitigation measures and systems • process enhancements, including facility-conducted compliance audit results and recommendations • additional (unreported) covered processes • processes Engineering analyses I • release prevention measures Engineering verification • mitigation measures, design parameters portion of the audit. For extensive audits, the pre-visit meet- ing should: • Establish the entry authority of each auditor; • Review each auditor's area of responsibility; • Review the audit objectives and highlight areas of special interest; • Review any site-specific personal health and safety issues, and complete, if necessary, a site safety plan for on-site activities; • Review information about key personnel and operations at the site; • Establish an agenda for each day of the site visit; • Review logistical matters (e.g., nightly team meetings to discuss results and plan the next day's activity); ------- Review the RMP submitted by the source and preliminari- ly evaluate compliance with regulatory requirements; Arrange for proper management of confidential business information (CBI); and Cover any additional topics. The RMP Audit Process Step (2): Off-Site Activities The lead auditor should also: • Develop site-specific guidance, if needed; • Reserve work space and equipment at the source; • Develop employee interview questionnaires, if an inter- view is planned; and • Schedule opening meetings, closing meetings, and daily debriefings. ------- STEP (3): AT THE SITE Entering the Facility Under 40 CFR 68.220(d), the implementing agency shall have access to the source, supporting documentation, and any area where an accidental release could occur. Upon entering the source, the auditor(s) should present their offi- cial credentials. The auditor(s) should arrive at the source during normal working hours. The auditor(s) may sign a "sign-in" sheet, log, or visitor register. However, the auditor(s) must not sign any type of "waiver" or "visitor release" which would relieve the source of responsibility for injury or limit the rights of the auditing agencies to collect or use data obtained from the stationary source. If a waiver or release is presented, the lead auditor should explain that such a document will not be signed and request a blank "sign-in" sheet. If the auditors are refused entry because they will not sign a release, the lead auditor should report all per- tinent facts to the implementing agency's legal counsel. If the matter cannot be resolved, the auditor(s) should leave the facility. All events surrounding the refused entry must be fully documented, including the name(s) of the person(s) refusing entry. Opening Meeting The auditor(s) should conduct an opening meeting with management personnel (e.g., plant manager, superinten- dents of safety and operations, legal counsel, corporate rep- resentative). The lead auditor should clearly explain the purpose and objectives of the audit. The lead auditor may give a copy of this guidance to the source to help them understand the scope, purpose, and objective of the audit. In addition, this guidance may help the source in assembling information to be reviewed by the auditor(s). At a minimum, the following items should be addressed during the opening meeting: • Discussion of entry and information gathering authorities (with presentation of auditor(s) credentials); • Audit purpose and objectives; • On-site agenda; • Identification and management of CBI; • Information necessary to conduct the audit; ------- • Safety issues (e.g., source-specific safety orientation train- ing, emergency response procedures and alarms that may sound in an emergency); • Schedule for exit briefing; and • Audit report preparation. The auditor(s) should also request a detailed overview of the chemical processes and/or manufacturing operations at the source, including block flow and/or process flow diagrams indicating chemicals and processes involved. Prior to walking around the facility, the auditor(s) should request an explanation of the source's Risk Management Program, including, at a minimum: • How the elements of the program are implemented; • Personnel who are responsible for the implementation of the various elements of the program; and • A description of the source's records documenting com- pliance. The RMP Audit Process Step (3): At the Site At the conclusion of the opening meeting, the lead auditor should request access to the following information, where applicable: • Documentation for the hazard assessment, including selection of model and procedures followed; • Documentation supporting reports under the five-year accident history (e.g., follow-up release reports, initial notifications); • Documentation for the process hazards analysis or hazard review; • Standard operating procedures; • Training records (e.g., hazard communication, emer- gency response) for all employees ; • Pre-startup safety review; • Integrity or preventive maintenance records; • Hot work permit program; • Written procedures to manage change to processes; • Plan of action for implementation of employee participa- tion; • Written process safety information; ------- Confidential Business Information During the course of the audit, auditor(s) may have access or obtain information that may be entitled to con- fidential treatment. It is the source's respon- sibility to identify this information as Confidential Business Information (CBI) to the auditor(s), in accordance with the Risk Management Program regulations. This information will be handled in accor- dance with the imple- menting agency's pro- cedures (e.g., 40 CFR Part 2 for EPA person- nel). Before visiting the site, auditor(s) should check to see if their agency has train- ing or programs on handling CBI. • Incident investigation reports; • The emergency response plan developed by the source; • The two most recent compliance audit reports; and • Documentation on coordination with local officials on emergency response activities Collecting and Analyzing Information After the opening meeting, the auditor(s) may accomplish their tasks individually or in small groups, performing their work as quickly and efficiently as possible. Special attention should be paid to: • Verifying the reported program level; and • Comparing the stationary source's RMP to policies and procedures actually implemented, especially for produc- tion or equipment changes. The attached checklist may be used as guidance to ensure that regulatory requirements are met and that a basic level of data quality is achieved. However, this checklist is not intend- ed to be comprehensive of all applicable requirements. Accordingly, the checklist is not a substitute for knowledge and understanding of the regulations. During the audit, a variety of materials will be gathered relat- ing to operations at the source. Most of these materials should be referenced in the report and maintained in a cen- tral file. Examples of the types of material that might be included are: • Sample source memoranda, guidelines, safe operating procedures, policy statements (e.g., safety practices, Responsible CARE); • Correspondence between the source and the implement- ing agency; or • Graphic materials such as photographs, maps, charts, plot plans, organizational charts. All materials should be labeled with : • Name of the source; • Date of the audit; and • Other identifying information. ------- The RMP Audit Process Step (3): At the Site Personal Protective Equipment (PPE) In addition to normal protective equipment (e.g., safety shoes, hard hats, goggles), auditor(s) may need special equipment: • Flame-retardant coveralls in all areas of the plant where there is potential for flash fires and as may be required by policy at the source; • Emergency escape respirators during the walk-around portion of the audit (personnel conducting these audits should have received proper training in the use of emer- gency escape respirators); • Alert monitors approved for the environment where they will be used (e.g., HCN, C12); • Electronic equipment (i.e., still cameras, video cameras, cellular phones) that are safe for use in the process areas being audited; and • Follow facility guidance relative to the appropriate use of PPE and request notice of any unusual conditions which may dictate specific precautions. Exit Briefing Prior to the exit briefing, auditor(s) should meet privately to review findings and establish topics for the briefing. Significant observations and findings should be presented to management personnel. Any issues requiring clarification should be listed for discussion with the management person- nel. The team leader will determine what conclusions or rec- ommendations will be forwarded to the source at the exit briefing. In the exit briefing, the auditor(s) will meet with the man- agement personnel to discuss the audit results. The lead auditor should report to the source management all signifi- cant findings, conclusions, and recommendations for which a team consensus exists. Auditor(s) should maintain a professional, courteous demeanor during all discussions with source personnel. Auditor(s) should make source officials aware of any stan- dards, guidelines, or resources that would be helpful in improving the source risk management program. However, auditor(s) should be careful to avoid making suggestions which imply a "consultant" type of relationship, such as endorsing one product or firm exclusively. Exit Briefing • Maintain a professional courteous demeanor; • Make source officials aware of helpful standards, guidelines, or resources; • Alert management to situations requiring immediate remediation • Avoid implying a "consulting" relation- ship • Do not state that violations have been observed • Avoid statements that affect subsequent enforcement actions 23 ------- Auditor(s) should never state that "violations" have been observed. Determining that a violation has occurred is gen- erally done after an enforcement inspection by the appropri- ate enforcement program in consultation with legal counsel. Auditor(s) should not make any representations that could affect any subsequent enforcement actions against the source (e.g., guaranteeing no enforcement will be taken if a source performs certain actions to correct a deficiency). The audit leader should alert the management personnel to situations that are in need of immediate remediation (e.g., improper storage of incompatible chemicals). ------- STEP (4): CONCLUDING ACTIVITIES Follow-up Meeting Auditor(s) should meet as soon as possible after completion of the site visit to ensure details of the audit are accurately recorded. At a minimum, auditor (s) should: • Immediately review and edit personal notes taken during the site visit for clarity and completeness; • Review report format, and identify any additional infor- mation needed to complete the report; • Review all important observations and findings; • Agree on a date for the final report; • Differentiate recommendations from any observed non- compliance; and • Resolve conclusions or recommendations that are not supported by team consensus. The RMP Audit Process Step (4): Concluding Activities Audit Report The report should summarize information gathered during the audit (the attached checklists may be helpful). The report should include: • A basic profile of the source and general information about the audit; • A description of the criteria, rationale, and factual infor- mation used to select the source for an audit; and • Findings, conclusions, and recommendations. The findings, conclusions, and recommendations section should summarize the rest of the information from the com- pleted checklists. Each finding should be documented with information collected through document reviews. The audi- tor^) should not interject opinions or speculative statements in findings. Any conclusions should be based upon a com- parative analysis of the finding with applicable rules, regula- tions, standards, and accepted guidances. Conclusions should be accompanied by recommendations. Each recom- mendation should cite the specific rules, regulations, stan- dards, accepted guidances, or technical basis used to formu- late the recommendation. The lead auditor should consult with all appropriate auditors and personnel in the imple- menting agency to determine if recommendations that are not supported by a team consensus should be included. ------- Each auditor should sign the report before it is submitted to the appropriate agencies. The original report should be maintained by the implementing agency. A copy of the report should be forwarded to the facility's owner or opera- tor, as well as to the: • State Emergency Response Commission; • Local emergency planning committee in whose area the stationary source is located; and • If requested, any other federal, state, and local agencies that participated in the audit. ------- The RMP Audit Process Step (5): After-Audit Actions STEP (5): AFTER-AUDIT ACTIONS Preliminary Determination Based on the results of the audit, the implementing agency may issue the owner or operator a written preliminary deter- mination of necessary revisions to the stationary source's RMP to ensure that the RMP meets the criteria of 40 CFR Part 68, Subpart G. The preliminary determination should include an explanation of the basis for the revisions, reflect- ing industry standards and guidelines (such as American Institute of Chemical Engineers (AIChE)/The Center for Chemical Process Safety (CCPS) guidelines and American Society of Mechanical Engineers (ASME) and American Petroleum Institute (API) standards), to the extent that such standards and guidelines are applicable. The preliminary determination should also include a timetable for the imple- mentation of the revisions [68.220(e)]. The owner or operator should respond in writing to the pre- liminary determination. The response should state that the owner or operator will implement the revisions contained in the preliminary determination in accordance with the timetable included in the preliminary determination, or should state that the owner or operator rejects the revisions in whole or in part. For each rejected revision, the owner or operator should explain the basis for rejecting that revision. Such explanation may include substitute revisions [68.220(f)(l)]. The written response should be received by the implement- ing agency within 90 days of the issuance of the preliminary determination. The implementing agency may specify a shorter period of time in the preliminary determination to protect public health and the environment. Prior to the writ- ten response being due and upon written request from the owner or operator, the implementing agency may provide additional time for the response to be received [68.220(f)(2)]. Final Determination After providing the owner or operator an opportunity to respond to the preliminary determination, the implementing agency may issue the owner or operator a written final deter- mination of necessary revisions to the stationary source's RMP. The final determination may adopt or modify the revi- sions contained in the preliminary determination, or may adopt or modify the substitute revisions provided in response ------- to the preliminary determination. A final determination that adopts a revision rejected by the owner or operator should include an explanation of the basis for the revision. A final determination that fails to adopt a substitute revision provid- ed under 68.220(f) should include an explanation of the basis for finding such substitute revision unreasonable [68.220(g)]. Thirty days after completion of the actions detailed in the implementation schedule set in the final determination, the owner or operator will be in violation of subpart G of part 68 unless the owner or operator revises the RMP, as required by the final determination, and submits the revised RMP [68.220(h)]. Once a final determination has been made and the station- ary source is deemed to be in violation of 40 CFR Part 68, the audit report along with the final determination should be referred to the appropriate program within the implement- ing agency for enforcement actions. If warranted, the imple- menting agency may initiate an enforcement action, rather than use the preliminary and final determination process. The public should have access to the preliminary determina- tions, responses, and final determination pursuant to 42 U.S.C. 7414(c) [68.210(a),68.220(i)]. The disclosure of clas- sified information by the Department of Defense or other federal agencies or contractors of such agencies will be con- trolled by applicable laws, regulations, or executive orders concerning the release of classified information [68.210(b)]. None of the actions described above will preclude, limit, or interfere in any way with the authority of the implementing agency to exercise its enforcement, investigatory, and infor- mation gathering authorities under the CAA concerning accidental releases [68.220(j)]. ------- Annexes ------- Guidance for Auditing Risk Management Plans & Programs ------- ANNEX A: SITE SAFETY PLAN FOR ON-SITE ACTIVITIES The EPA Safety Manual, Chapter 9, and other EPA Policies articulate certain safety planning efforts prior to field activities. The following format is consistent with these requirements. Extensive training and certifications, and further planning in the form of a more extensive Site Safety Plan, may be necessary in addition to the following plan. STATIONARY SOURCE LEAD AUDITOR DATE DESCRIPTION OF ACTIVITIES Location and approximate size of stationary source: Description of tasks and activities to be performed by each of the auditors: Proposed date of on-site activities beginning: Duration of the planned activities: Site topography: Site accessibility by roads and air: ------- HAZARDOUS SUBSTANCES AND HEALTH HAZARDS INVOLVED OR SUSPECTED AT THE SITE (Fill in any information that is known or suspected) Areas of Concern Chemical and Physical Identity of Substance Properties and Precautions Explosivity Radioactivity Oxygen deficiency (e.g., confined spaces) Toxic gases Skin / eye contact hazards Heat stress Pathways from site for hazardous substances dispersion: WORK PLAN INSTRUCTIONS Recommended level of protection: L a Cartridge type if level C: ------- Site Safety Plan Monitoring equipment to be used: Accompanying/helping persons (stationary source/contractors): Safety clothing/equipment required for those persons: OSHA required training and certification (29 CFR 1910.120) received by those persons: FIELD INVESTIGATION AND DECONTAMINATION PROCEDURES Decontamination procedures (contaminated protective clothing, instruments, equipment, etc.): Disposal procedures (contaminated equipment, supplies, disposable items, washwater, etc.): ------- EMERGENCY CONTACTS Hospital Phone No.: Fax: Emergency Medical Treatment Phone No. Fax: Ambulance Phone No.: Fax: Hospital Location: Police Phone No.: Fire Assistance Phone No. Regional Health and Safety Officer (or position with similar duties): Phone: ------- ANNEX B: AUDIT REPORT Note: A report similar to this will be generated by RMP*Review, the software avail- able to RMP implementing agencies. EPA facility ID #: City: Date: State: County: AUDIT TEAM: Lead Auditor: Auditors: Date(s) of stationary source visit: I. STATIONARY SOURCE IDENTIFICATION Name: Street Address: City: County: State: Zip: Latitude: Longitude: B-l ------- Dun & Bradstreet No.: Name, address, and D & B of corporate parent company (if applicable): Owner / operator: Phone: Mailing Address: City: State: Zip: Name, title, and phone of person responsible for 40 CFR Part 68 implementation: Name: Title: Phone: Name and title of emergency contact: Day Phone: 24-hour Phone: Names, titles, and phones of stationary source personnel involved in audit (accom- panied site tours, provided documents and explanations, etc): II. DATE AND PROGRAM LEVELS OF SUBMITTED RMP Date of Initial Submission: Date of Latest Update: Process (Program 1, 2, 3) as reported in RMP: Process ID#: Program Level: NAICS Code: ------- III. FINDINGS, CONCLUSIONS, AND RECOMENDATIONS* Signatures: Lead Auditor: Auditors: Approved by: Signature: Title: Date: Findings, conclusions, and recommendations may be presented in one or several attachments and referred to in the report. B-3 ------- Guidance for Auditing Risk Management Plans & Programs B-4 ------- ANNEX C: AUDIT CHECKLIST Process audited: Auditor: Instructions: This checklist may be used for verification of RMP and Program compliance (Check boxes coding: Y=Yes, N=No, P=Partial, A=Not Applicable) Note: Compliance Objectives appear in the order they appear in the RMP rule COMPLIANCE OBJECTIVES 1 . RISK MANAGEMENT PROGRAM AND PLAN (SUBPARTA) Applicability [68.1] Q " a '•*• Does the owner or operator of the stationary source have more than a threshold quantity of a regulated substance in a process? [68.10(a)] Has the process had, in the five years prior to submission of the RMP, an accidental release of a regulated substance where exposure to the substance, its reaction products, overpressure generated by an explosion involving the substance, or radiant heat generated by a fire involving the substance led to any of the following off-site: (i) Death; (ii) Injury; or (iii) Response or restoration activities for an exposure of an environmental receptor? a a a a Is the distance to a toxic or flammable endpoint for a worst-case release assessment less than the distance to any public receptor? [68.10(b)(2)] Has the owner or operator coordinated emergency response procedures between the stationary source and local emergency planning and response organizations? [68.10(b)(3)] Is the covered process subject to OSHA PSM standard, 29 CFR1910.119?[68.10(d)(2)] Is the covered process in one of the NAICS codes listed in 40 CFR §68.10(d)(l)? [6 1.4. 1.5. 1.6. Auditor may need to re-answer 1.5 and 1.6 for multiple processes in comments section. NOTES C-l ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES General Requirements [68.12] a 1.7. Has the owner or operator submitted a single RMP, which included a registration that reflects all covered processes, as provided in 68.150 to 68.185? [68.12(a)] 1.8. For Program 1 processes audited, has the owner or operator: [68.12(b)l al .8.1. Analyzed the worst-case release scenario for the process(es), as 1.8.2. Documented that the nearest public receptors is beyond the distance to an endpoint defined in 68.22(a); and [68.12(b)(l)J provided in 68.25; [68.1200(1)] a "' I | 1.8.3. Included the scenario(s) in the RMP as provided in 68.165? Q Q a 1.8.4. Completed the five-year accident history for the process as provided in 68.42 [68.1200(2)]; and 1.8.5. Included the history in the RMP as provided in 68.168? [68.12(b)(2)l 1.8.6. Ensured that response actions have been coordinated with local emergency planning and response agencies? [68.1200(3)] al .8.7. Included the appropriate certification statement for Program 1 processes? [68.1200(4)] 1.9. For Program 2 processes, has the owner or operator: [68.12(c)] al .9.1. Developed and implemented a management system as provided in 68.15? [68.12(c)(l)] a "' 1.9.2. Conducted a hazard assessment as provided in 68.20 through 68.42? [68.12(c)(2)] al .9.3. Implemented the Program 2 prevention steps provided in 68.48 through 68.60 or implemented the Program 3 prevention steps provided in 68.65 through 68.87? [68.12(c)(3)] al .9.4. Developed and implemented an emergency response program as provided in 68.90 to 68.95? [68.12(c)(4)] a " 1.9.5. Submitted, as part of the RMP, the data on prevention program elements for Program 2 processes as provided in 68.170? [68.12(c)(5)] C-2 ------- 1.10.1. Developed and implemented a management system as provided in 68.15? [68.12(d)(l)] 1.10.2. Conducted a hazard assessment as provided in 68.20 through 68.42? [68.12(d)(2)] al. 10.3. Implemented the prevention requirements provided in 68.65 through 68.87? [68.12(d)(3)J a "" a 1.10.4. Developed and implemented an emergency response program as provided in 68.90 to 68.95? [68.12(d)(4)J 1.10.5. Submitted, as part of the RMP, the data on prevention program elements for Program 3 processes as provided in 68.175? [68.12(d)(5)] Management [68.15] Has the owner or operator: Q [68.15(a)] a "' 1.11. Developed a management system to oversee the implementation of the risk management program elements? 1.12. Assigned a qualified person or position that has the overall responsibility for the development, implementation, and integration of the risk management program elements? [68.15(b)J 1.13. Documented other persons responsible for implementing individual requirements of the risk management program and defined the lines of authority through an organization chart or similar document? [68.15(c)J General Findings / Conclusions: COMPLIANCE OBJECTIVES NOTES 1.10. For Program 3 processes, has the owner or operator: [68.12(d)] Q C-3 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES Documentation obtained to support Findings / Conclusions: 2. RMP SUBMISSION (SUBPART G) 68.150-68.190 a a 2.1. Did the owner or operator submit an RMP on or before June 21, 1999? Postmark date of initial submission: [68.10, a 68.10(a)(l),68.150(a)&(b)] If submission was after June 21, 1999, was submittal required because: [68.10&68.150(b)] 2.1.1. Initial listing of a regulated substance under 68.130 after June 21, 1999 [68.10(a)(2)&68.150(b)(2)] a 2.1.2. A regulated substance was first present at the stationary source above the threshold quantity in a process [68.10(a)(3) & 68.150(b)(2)] 2.2. Has the owner or operator revised and updated the RMP within 5 years of initial submission? Date of the last revision and a update [68.190(a)]: 2.3. If required, has the owner or operator submitted a revised RMP for any of the following: [68.190(b)] 2.3.1. Within 3 years after EPA first listed a newly regulated substance? [68.190(b)(2)] 2.3.2. No later than the date on which a new regulated substance is first present in an already covered process above a threshold quantity? [68.190(b)(3)] a 2.3.3. No later than the date on which a regulated substance is first present above a threshold quantity in a new process? [68.190(b)(4)] a 2.3.4. Within six months of a change that requires a revised PHA or hazard review? [68.190(b)(5)] C-4 ------- 2.3.5. Within six months of a change that requires a revised off-site consequence analysis as provided in 68.36? [68.190(b)(6)] Q Q a I | 2.4.1. If so, were the provisions of 68.151 and 68.152 followed ? 2.3.6. Within six months of a change that alters the Program level that applied to any covered process? [68.190(b)(7)] 2.4. Has the owner or operator included information submitted as CBImtheRMP?[68.150(d)] RMP: Executive Summary 2.5. Has the owner or operator included a brief description of the following elements in the executive summary of the RMP: [68.155] a 2.5.1. The accidental release prevention and emergency response policies at the stationary source? [68.155(a)] a '" a limit the distances for each reported scenario? [68.155(c)] Q "" 2.5.6. The five-year accident history? [68.155(e)J 2.5.2. The stationary source and regulated substances handled? [68.155(b)J 2.5.4. The worst-case release and alternative release scenario(s), including administrative controls and mitigation measures to 2.5.5. The general accidental release prevention program and chemical-specific prevention steps? [68.155(d)J a I | 2.5.7. The emergency response program? [68.155(f)] I—| 2.5.8. Planned changes to improve safety? [68.155(g)] COMPLIANCE OBJECTIVES NOTES C-5 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES RMP: Registration a a 2.6. Has the owner or operator included a single registration form in the RMP which covers all regulated substances handled in covered processes? [68.160(a)] 2.7. Does the registration include the following data: [68.160(b)] 2.7.1. Stationary source name, full address, Dun and Bradstreet number; longitude and latitude with method and description? Q [68.160(b)(l)&(2)] a 2.7.2. Corporate parent company name and Dun and Bradstreet number? [68.160(b)(3)] Q """ Q [68.160(b)(5)] a 2.7.5. The name, title, telephone number, and 24-hour number of the emergency contact? [68.160(b)(6)] Q "" 2.7.3. The name, telephone number, and mailing address of the owner or operator? [68.160(b)(4)] 2.7.4. The name and title of the person or position with overall responsibility for RMP elements and implementation? 2.7.6. For each covered process, the name and CAS number of each regulated substance held above the threshold quantity in the process, the maximum quantity of each regulated substance or mixture in the process, the NAICS code, and the Program level of the process? [68.160(b)(7)] 2.7.7. The stationary source EPA identifier? [68.160(b)(8)] a 2.7.8. The number of full-time employees at the stationary source? [68.160(b)(9)] Q """ [68.160(b)(10)] a "" Planning and Community Right-to-Know Act? [68.160(b)(l 1)] Q """ 2.7.9. Whether the stationary source is subject of 29 CFR §1910.119, OSHA's Process Safety Management Standard? 2.7.10. Whether the stationary source is subject to 40 CFR Part 355, the Emergency Planning Requirements of the Emergency 2.7.11. If the stationary source has a CAA Title V operating permit, its permit number? [68.160(b)(12)] C-6 ------- 2.8.3. For Program 2 and 3 processes, were additional worst-case scenarios also submitted, if required by 68.25(a)(2)(iii)? Q [68.165(a)(2)] a 2.8.4. For Program 2 and 3 processes, was information submitted on one alternative scenario for each regulated toxic substance held above the threshold quantity and one alternative scenario to represent all regulated flammable substances held above the threshold? [68.165(a)(2)] 2.9 Does the RMP include the following information for each submitted release scenario: [68.165(b)J 2.9.1. Scenario type (explosion, fire, toxic gas release, or liquid spill and vaporization)? [68.165(b)(5)] a 2.9.2. Chemical name of released substance? [68.165(b)(l)] COMPLIANCE OBJECTIVES NOTES a 2.7.12. The date of the last safety inspection of the stationary source by a Federal, state, or local government agency and the identity of the inspecting entity? [68.160(b)(13)] RMP: Off-site Consequence Analysis 2.8. Does the RMP include the following: [68.165(a)] 2.8.1. One worst-case release scenario for each Program 1 process? [68.165(a)(l)] a 2.8.2. For Program 2 and 3 processes, one worst-case release scenario to represent all regulated toxic substances held above the threshold quantity and one worst-case release scenario to represent all regulated flammable substances held above the threshold quantity? [68.165(a)(2)] a a 2.9.4. Physical state of substance (toxics only)? [68.165(b)(3)] a C-7 2.9.3. Percentage weight of the chemical in a liquid mixture (toxics only)? [68.165(b)(2)J Q 2.9.5. Basis of results (model name if used)? [68.165(b)(4)] ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES Quantity released in pounds? [68.165(b)(6)] Q "" a 2.9.7. Release rate? [68.165(b)(7)] 2.9.9. Wind speed and atmospheric stability class (toxics only)? [68.165(b)(9)] I—| 2.9.8. Release duration? [68.165(b)(8)] a I—| 2.9.10. Topography (toxics only)? [68.165(b)(10)] I—| 2.9.11. Distance to endpoint? [68.165(b)(ll)] a 2.9.12. Public and environmental receptors within the distance? [68.165(b)(12)] 2.9.13. Passive mitigation considered? [68.16500(13)] I | 2.9.14. Active mitigation considered (alternative releases scenarios a 2.9.14. only)? [68.1650004)] RMP: Five-year accident history a 2.10. Has the owner or operator provided the five-year accident history information in 68.42 on each accident covered by 68.42? [68.168] 2.11. Does the RMP include the following information for each reported accidental release: [68.4200] 2.11.1. Date, time, and approximate duration of the release? a a a I—| 2.11.4. NAIES code for the process? [68.4200(4)] C-8 [68.42(b)(l)] 2.11.2. Chemical(s) released? [68.4200(2)] 2.11.3. Estimated quantity released in pounds and percentage weight in a mixture (toxics)? [68.4200(3)] ------- 2.11.5. The type of release event and its source? [68.42(b)(5)] Q Q 2.11.6. Weather conditions (if known)? [68.42(b)(6)J I—| 2.11.7. On-site impacts? [68.42(b)(7)] I—| 2.11.8. Known offsite impacts? [68.42(b)(8)] Q 2.11.9. Initiating event and contributing factors (if known)? [68.42(b)(9)J a 2.11.10. Whether offsite responders were notified (if known)? [68.42(b)(10)J a '"" 2.11.11. Operational or process changes that resulted from investigation of the release? [68.42(b)(ll)J RMP: Prevention program / Program 2 [68.17] 2.12. Has the owner or operator included the following information for each covered process in Program 2? [68.170(a)] 2.12.1. The NAICS code for the process? [68.170(b)] Q a 2.12.2. The name(s) of the chemical(s) covered? [68.170(c)] a 2.12.3. The date of the most recent review or revision of the safety information and a list of Federal or state regulations or industry-specific design codes and standards used to demonstrate compliance with the safely information requirement. [68.170(d)J a 2.12 A. The date of completion of the most recent hazard review or update? [68.170(e)] a 2.12.4.1. The expected date of completion of any changes resulting from the hazard review or update? [68.170(e)(l)] COMPLIANCE OBJECTIVES NOTES C-9 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES 2.12.4.2. Major hazards identified? [68.170(e)(2)] Q a 2.12.4.3. Process controls in use? [68.170(e)(3)] I—| 2.12.4.4. Mitigation systems in use? [68.170(e)(4)] I | 2.12.4.5. Monitoring and detection systems in use? [68.170(e)(5)] I—| 2.12.4.6. Changes since the last hazard review? [68.170(e)(6)] a 2.12.5. The date of the most recent review or revision of operating procedures? [68.170(f)] a 2.12.6. The date of the most recent review or revision of training programs? [68.170(g)] a "'" I—| 2.12.6.2. The type of competency testing used? [68.170(g)(2)] a 2.12.6.1 The type of training provided—classroom, classroom plus on the job, on the job? [68.170(g)(l)] 2.12.7. The date of the most recent review or revision of maintenance procedures and the date of the most recent equipment Q a inspection or test and the equipment inspected or tested? [68.170(h)J The date of the most recent compliance audit and the expected date of completion of any changes resulting from the a compliance audit? [68.170(i)] 2.12.9. The date of the most recent incident investigation and the expected date of completion of any changes resulting from the investigation? [68.170(j)] 2.12.10. The date of the most recent change that triggered a review or revision of safety information, hazard review, operating or maintenance procedures, or training? [68.170(k)J RMP: Prevention program / Program 3 [68.175] 2.13. Has the owner or operator included in the RMP information addressing 68.175(b) to 68.175(p)? [68.175(a)J C-10 ------- COMPLIANCE OBJECTIVES NOTES Q Q 2.13.1. The NAICS code for the process? [68.175(b)J The name(s) of the substance(s) covered? [68.175(c)J The date on which the safety information was last reviewed or revised? [68.175(d)J a 2j3A I — | 2.13.4.1. I — | 2.13.4.2. I — | 2.13.4.3. I — | 2.13.4.4. I — | 2.13.4.5. I — | 2.13.4.6. a ii3-5- I — | 2.13.6. 2.13.6.1. I — | I — | a The date of completion of the most recent process hazard analysis (PHA) or update and the technique used? [68. 175(e)] The expected date of completion of any changes resulting from thePHA?[68.175(e)(l)] Major hazards identified? [68.175(e)(2)] Process controls in use? [68.175(e)(3)] Mitigation systems in use? [68.175(e)(4)] Monitoring and detection systems in use? [68.175(e)(5)] Changes since the last PHA? [68.175(e)(6)] The date of the most recent review or revision of operating procedures? [68.175(f)] The date of the most recent review or revision of training programs? [68.175(g)] The type of training provided—classroom, classroom plus on the job, on the job? [68.175(g)(l)] 2.13.6.2. The type of competency testing used? [68.175(g)(2)J The date of the most recent review of revision of maintenance procedures and the date of the most recent equipment inspection or test and the equipment inspected of tested? [68.175(h)J C-ll ------- Guidance for Auditing Risk Management Plans & Programs NOTES COMPLIANCE 1 — | 2.13.8. a ii3-9- 1 — | 2.13.10. 1 — | 2.13.11. 1 — | 2.13.12. 1 — | 2.13.13. 1 — | 2.13.14. 1 — | 2.13.15. OBJECTIVES The date of the most recent change that triggered management of change procedures and the date of the most recent review or revision of management of change procedures? [68.175(i)J The date of the most recent pre-startup review? [68.175Q] The date of the most recent compliance audit and the expected date of completion of any changes resulting from the compliance audit? [68.175(k)] The date of the most recent incident investigation and the expected date of completion of any changes resulting from the investigation? [68.175(1)] The date of the most recent review or revision of employee participation plans? [68. 175(m)] The date of the most recent review or revision of hot work permit procedures? [68.175(n)] The date of the most recent review or revision of contractor safety procedures? [68.175(o)] The date of the most recent evaluation of contractor safety performance? [68.175(p)] RMP: Emergency Response Program [68.18] 2.14. Has the owner or operator included the following information in the RMP on the emergency response program: [68.18] 2.14.1. Does a written emergency response plan exist? [68.180(a)(l)] a 2. 14.2. Does the plan include specific actions to be taken in response to an accidental releases of a regulated substance? [68.180(a)(2)] a 2. 1 4. 3 . Does the plan include procedures for informing the public and local agencies responsible for responding to accidental releases? [68. 180(a)(3)] a 2. 14.4. Does the plan include information on emergency health care? [68.180(a)(4)] a 2. 14. 5. Date of the most recent review of update of emergency response plan? [68. 1 80(a)(5)] C-12 ------- Q Q 2.14.6. Date of the most recent emergency response training for employees? [68.180(a)(6)] 2.15. Has the owner or operator provided the name and telephone number of the local agency with which emergency response activities and the emergency response plan is coordinated? [68.180(b)] I | 2.16. Has the owner or operator listed other Federal or state emergency plan requirements to which the stationary source is subject? [68.180(c)] RMP: Certification [68.185] 2.17. Has the owner or operator: [68.185] a 2.18. For Program 1 processes, submitted the certification statement m68.12(b)(4)?[68.185(a)] a "" 2.19. For Program 2 or 3 processes, submitted the appropriate certification statement that to the best of the signer's knowledge, information, and belief formed after reasonable inquiry, the information submitted is true, accurate, and complete? [68.185(b)J General Findings / Conclusions: COMPLIANCE OBJECTIVES NOTES Documentation obtained to support Findings / Conclusions: C-13 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES 3. HAZARD ASSESSMENT (SUBPART B) 68.20-68.42 Hazard Assessment: Applicability [68.2] Q 3.1. Has the owner or operator prepared a worst-case release scenario analysis as provided in 68.25 and completed the five- year accident history as provided in 68.42? [68.2] Hazard Assessment: Offsite consequence analysis parameters [68.22] Has the owner or operator: a a 3.2. Used the following endpoints for offsite consequence analysis for a worst-case scenario: [68.22(a)J 3.2.1. For toxics: the endpoints provided in Appendix A of 40 CFR Part68?[68.22(a)(l)] 3.2.2. For flammables: an explosion resulting in an overpressure of 1 psi? [68.22(a)(2)(i)] 3.3. Used the following endpoints for offsite consequence analysis for an alternative release scenario: [68.22(a)J a 3.3.1. For toxics: the endpoints provided in Appendix A of 40 CFR Part68?[68.22(a)(l)] Q "" Q a generally recognized sources? [68.22(a)(2)(iii)J Q " Q a 3.3.2. For flammables: an explosion resulting in an overpressure of 1 psi? [68.22(a)(2)(i)] 3.3.3. For flammables: a fire resulting in a radiant heat/exposure of 5 kw/m2 for 40 seconds? [68.22(a)(2)(n)] 3.3.4. For flammables: a concentration resulting in a lower flammability limit, as provided in NFPA documents or other 3.4. Used appropriate wind speeds and stability classes for the release analysis? [68.22(b)] 3.5. Used appropriate ambient temperature and humidity values for the release analysis? [68.22(c)J 3.6. Used appropriate values for the height of the release for the release analysis? [68.22(d)J a 3.7. Used appropriate surface roughness values for the release analysis? [68.22(e)J C-14 ------- COMPLIANCE OBJECTIVES NOTES Q a 3.8. Do tables and models, used for dispersion analysis of toxic substances, appropriately account for dense or neutrally buoyant gases? [68.22(f)] 3.9. Were liquids, other than gases liquefied by refrigeration only, considered to be released at the highest daily maximum temperature, based on data for the previous three years appropriate for a stationary source, or at process temperature, whichever is higher? [68.22(g)J Hazard Assessment: Worst-case release scenario analysis [68.25] Has the owner or operator of Program 1 processes: 3.10. Analyzed and reported in the RMP one worst-case scenario for each Program 1 process? [68.25(a)(l)J Has the owner or operator of Program 2 or 3 processes: 3.11. Analyzed and reported in the RMP one worst-case release scenario estimated to create the greatest distance to an endpoint resulting from an accidental release of a regulated toxic substance from covered processes under worst-case conditions? [68.25(a)(2)(i)] 3.12. Analyzed and reported in the RMP one worst-case release scenario estimated to create the greatest distance to an endpoint resulting from an accidental release of a regulated flammable substance from covered processes under worst-case conditions? [68.25(a)(2)(ii)] 3.13. Analyzed and reported in the RMP additional worst-case release scenarios for a hazard class if the a worst-case release from another covered process at the stationary source potentially affects public receptors different from those potentially affected by the worst-case release scenario developed under 68.25(a)(2)(i) or 68.25(a)(2)(ii)? [68.25(a)(2)(m)] Has the owner or operator: 3.14. Determined the worst-case release quantity to be the greater of the following: [68.25(b)J C-15 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES a 3 . 1 4. 1 . If released from a vessel, the greatest amount held in a single vessel, taking into account administrative controls that limit the maximum quantity ? [68.25(b)(l)J a 3. 14.2. If released from a pipe, the greatest amount held in the pipe, taking into account administrative controls that limit the maximum quantity? [68.25(b)(2)] Has the owner or operator: For toxic substances that are normally gases at ambient temperature and handled as a gas or liquid under pressure: a 3 . 1 5 . Assumed the whole quantity in the vessel or pipe would be Q a released as a gas over 10 minutes? [68.25(c)(l)J 3.16. Assumed the release rate to be the total quantity divided by 10, if there are no passive mitigation systems in place? [68.25(c)(l)] Has the owner or operator: For toxic gases handled as refrigerated liquids at ambient pressure: 3.17. Assumed the substance would be released as a gas in 10 minutes, if not contained by passive mitigation systems or if the contained pool would have a depth of 1 cm or less? [68.25(c)(2)(i)] 3.18. [ Optional for owner / operator ] Assumed the quantity in the vessel or pipe would be spilled instantaneously to form a liquid pool, if the released substance would be contained by passive mitigation systems in a pool with a depth greater than 1 cm? [68.25(c)(2)(n)] 3.19. Calculated the volatilization rate at the boiling point of the substance and at the conditions specified in 68.25(d)? a [68.25(c)(2)(n)] Has the owner or operator: For toxic substances that are normally liquids at ambient temperature: 3.20. Assumed the quantity in the vessel or pipe would be spilled instantaneously to form a liquid pool? [68.25(d)(l)J 3.21. Determined the surface area of the pool by assuming that the liquid spreads to 1 cm deep, if there is no passive mitigation system in place that would serve to contain the spill and limit the surface area, or if passive mitigation is in place, the surface area of the contained liquid shall be used to calculate the volatilization rate? [68.25(d)(l)(i)] C-16 ------- COMPLIANCE OBJECTIVES NOTES Q a a a Taken into account the actual surface characteristics, if the release would occur onto a surface that is not paved or smooth? a a 3.23. Determined the volatilization rate by accounting for the highest daily maximum temperature in the past three years, the temperature of the substance in the vessel, and the concentration of the substance if the liquid spilled is a mixture or solution? [68.25(d)(2)J 3.24. Determined the rate of release to air from the volatilization rate of the liquid pool? [68.25(d)(3)J 3.25. Determined the rate of release to air by using the methodology in the RMP Offsite Consequence Analysis Guidance, any other publicly available techniques that account for the modeling conditions and are recognized by industry as applicable as part of current practices, or proprietary models that account for the modeling conditions may be used provided the owner or operator allows the implementing agency access to the model and describes model features and differences from publicly available models to local emergency planners upon request. [68.25(d)(3)J Has the owner or operator: For flammables: 3.26.1. Assumed the quantity in a vessel(s) of flammable gas held as a gas or liquid under pressure or refrigerated gas released to an undiked area vaporizes resulting in a vapor cloud explosion? [68.25(e)J 3.26.2. For refrigerated gas released to a contained area or liquids released below their atmospheric boiling point, assumed the quantity volatilized in 10 minutes results in a vapor cloud. [68.25(f)J 3.27. Assumed a yield factor of 10% of the available energy is released in the explosion for determining the distance to the explosion endpoint, if the model used is based on TNT-equivalent methods? [68.25(e)] Has the owner or operator: 3.28. Used the parameters defined in 68.22 to determine distance to the endpoints? [68.25(g)] C-17 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES a 3.29. Determined the rate of release to air by using the methodology in the RMP Offsite Consequence Analysis Guidance, any other publicly available techniques that account for the modeling conditions and are recognized by industry as applicable as part of current practices, or proprietary models that account for the modeling conditions may be used provided the owner or operator allows the implementing agency access to the model and describes model features and differences from publicly available models to local emergency planners upon request. [68.25(g)] 3.29.1 What modeling technique did the owner or operator use? LI [68.25(g)] a "" scenario and will still function as intended? [68.25(h)J Q "" Q 3.30. Ensured that the passive mitigation system, if considered, is capable of withstanding the release event triggering the 3.31. Considered also the following factors in selecting the worst-case release scenarios: [68.25(i)J 3.31.1. Smaller quantities handled at higher process temperature or pressure? [68.25(i)(l)] a 3.31.2. Proximity to the boundary of the stationary source? [68.25(i)(2)] Hazard Assessment: Alternative release scenario analysis [68.28] Has the owner or operator: Q 3.32. Identified and analyzed at least one alternative release scenario for each regulated toxic substance held in a covered process(es) and at least one alternative release scenario to represent all flammable substances held in covered processes? [68.28(a)J 3.33. Selected a scenario: [68.28(b)J a 3.33.1. That is more likely to occur than the worst-case release scenario under 68.25? [68.28(b)(l)(i)] 3.33.2. That will reach an endpoint off-site, unless no such scenario exists? [68.28(b)(l)(n)] 3.34. Considered release scenarios which included, but are not limited to, the following: [68.28(b)(2)J C-18 ------- 3.34.3. Process vessel or pump releases due to cracks, seal failure, or dram, bleed, or plug failure? [68.28(b)(2)(m)] a 3.34.4. Vessel overfilling and spill, or overpressurization and venting through relief valves or rupture disks? [68.28(b)(2)(iv)] Q "" Q a 3.34.5. Shipping container mishandling and breakage or puncturing leading to a spill? [68.28(b)(2)(v)] 3.35. Used the parameters defined in 68.22 to determine distance to the endpomts? [68.28(c)J 3.36. Determined the rate of release to air by using the methodology in the RMP Offsite Consequence Analysis Guidance, any other publicly available techniques that account for the modeling conditions and are recognized by industry as applicable as part of current practices, or proprietary models that account for the modeling conditions may be used provided the owner or operator allows the implementing agency access to the model and describes model features and differences from publicly available models to local emergency planners upon request. [68.28(c)J 3.37. Ensured that the passive and active mitigation systems, if considered, are capable of withstanding the release event Q triggering the scenario and will be functional? [68.28(d)J 3.38. Considered the following factors in selecting the alternative release scenarios: [68.25(e)J 3.38.1. The five-year accident history provided in 68.42? [68.25(e)(l)] a 3.38.2. Failure scenarios identified under 68.50 or 68.67? [68.25(e)(2)] COMPLIANCE OBJECTIVES NOTES 3.34.1. Transfer hose releases due to splits or sudden hose uncoupling? [68.28(b)(2)(i)] a 3.34.2. Process piping releases from failures at flanges Joints, welds, valves and valve seals, and drains or bleeds? [68.28(b)(2)(ii)J a "" C-19 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES Hazard Assessment: Defining off-site impacts ~ population [68.3] Has the owner or operator: Q release at the center? [68.30(a)] a "" RMP? [68.30(b)J a "" I | 3.42. Estimated the population to two significant digits? [68.30(d)J 3.39. Estimated population that would be included in the distance to the endpoint in the RMP based on a circle with the point of 3.40. Identified the presence of institutions, parks and recreational areas, major commercial, office, and industrial buildings in the 3.41. Used most recent Census data, or other updated information to estimate the population? [68.30(c)J Hazard Assessment: Defining off-site impacts ~ environment [68.33] Has the owner or operator: a 3.43. Identified environmental receptors that would be included in the distance to the endpoint based on a circle with the point of release at the center? [68.33(a)] a 3.44. Relied on information provided on local U.S.G. S. maps, or on any data source containing U.S.G.S. data to identify environmental receptors? [ Source may have used Land View to obtain information ] [68.33(b)J Hazard Assessment: Review and update [68.36] Has the owner or operator: Q Q 3.45. Reviewed and updated the off-site consequence analyses at least once every five years? [68.36(a)J 3.46. Completed a revised analysis and submit a revised RMP within six months of a change in processes, quantities stored or handled, or any other aspect that might reasonably be expected on increase or decrease the distance to the endpoint by a factor of two or more? [68.36(b)J C-20 ------- Has the owner or operator maintained records of the following: a 3.47. For worst-case scenarios: a description of the vessel or pipeline and substance selected, assumptions and parameters used, the rationale for selection, and anticipated effect of the administrative controls and passive mitigation on the release quantity and rate? [68.39(a)] a 3.48. For alternative release scenarios: a description of the scenarios identified, assumptions and parameters used, the rationale for the selection of specific scenarios, and anticipated effect of the administrative controls and mitigation on the release quantity and rate? [68.39(b)J a 3.49. Documentation of estimated quantity released, release rate, and duration of release? [68.39(c)J a "" 3.50. Methodology used to determine distance to endpoints? [68.39(d)J a 3.51. Data used to estimate population and environmental receptors potentially affected? [68.39(e)J Hazard Assessment: Five-year accident history [68.42] a 3.52. Has the owner or operator included all accidental releases from covered processes that resulted in deaths, injuries, or significant property damage on site, or known offsite deaths, injuries, evacuations, sheltering in place, properly damage, or environmental damage? [68.42(a)J 3.53. Has the owner or operator reported the following information for each accidental release: [68.42(b)J 3.53.1. Date, time, and approximate duration of the release? COMPLIANCE OBJECTIVES NOTES Hazard Assessment: Documentation [68.39] a a a C-21 [68.42(b)(l)J 3.53.2. Chemical(s) released? [68.42(b)(2)J 3.53.3. Estimated quantity released in pounds and percentage weight in a mixture (toxics)? [68.42(b)(3)] ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES 3.53.4. NAICS code for the process? [68.42(b)(4)J a a 3.53.5. The type of release event and its source? [68.42(b)(5)J I—| 3.53.6. Weather conditions (if known)? [68.42(b)(6)] I—| 3.53.7. On-site impacts? [68.42(b)(7)] I—| 3.53.8. Known offsite impacts? [68.42(b)(8)] Q 3.53.9. Initiating event and contributing factors (if known)? [68.42(b)(9)J 3.53.10. Whether offsite responders were notified (if known)? [68.42(b)(10)J 3.53.11. Operational or process changes that resulted from investigation of the release? [68.42(b)(ll)J a General Findings / Conclusions: Documentation obtained to support Findings / Conclusions: C-22 ------- 4.1.3. Safe upper and lower temperatures, pressures, flows, and compositions? [68.48(a)(3)] Q a 4.1.5. Codes and standards used to design, build, and operate the process? [68.48(a)(5)J a 4.2. Ensured the process is designed in compliance with recognized and generally accepted good engineering practices? [68.48(b)J Q " 4.3. Updated information if a major change has occurred that made the information inaccurate? [68.48(c)J Program 2 Prevention - Hazard review [68.5] Q 4.4. Has the owner or operator conducted a review of the hazards associated with the regulated substances, processes, and procedures? [68.50(a)] 4.5. Did the review identify: COMPLIANCE OBJECTIVES NOTES 4. PROGRAM 2 PREVENTION PROGRAM (SUBPART C) [68.48 - 68.60] Program 2 Prevention - Safety information [68.48] Has the owner or operator: 4.1. Compiled and maintained the following up-to-date safety information, related to the regulated substances, processes, and equipment: [68.48(a)J a 4.1.1. Material Safety Data Sheets (MSDS) that meet the requirements of the OSHA Hazard Communication Standard [29 CFR 1910.1200(g)]? [68.48(a)(l)] a 4.1.2. Maximum intended inventory of equipment in which the regulated substances are stored or processed? [68.48(a)(2)J Q "" 4.1.4. Equipment specifications? [68.48(a)(4)J C-23 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES a 4.5.1. The hazards associated with the process and regulated substances? [68.50(a)(l)] Q -2- Q 4-5J- Opportunities for equipment malfunctions or human errors that could cause an accidental release? [68.50(a)(2)J The safeguards used or needed to control the hazards or prevent equipment malfunctions or human error? [68.50(a)(3)] a 4.5.4. Any steps used or needed to detect or monitor releases? [68.50(a)(4)] Has the owner or operator: Q 4.6. Determined by inspecting all equipment that the processes are designed, fabricated, and operated in accordance with a a applicable standards or rules, if designed to meet industry standards or Federal or state design rules? [68.50(b)J 4.7. Documented the results of the review? [68.50(c)J 4.8. Ensured that problems identified were resolved in a timely manner? [68.50(c)] a 4.9. Updated the review at least once every five years or whenever a major change in the processes occurred? [68.50(d)J a "" 4.10. Resolved all issues identified in the review before startup of the changed process? [68.50(d)J Program 2 Prevention - Operating procedures [68.52] a 4.11. Has the owner or operator prepared written operating procedures that provide clear instructions or steps for safely conducting activities associated with each covered process consistent with the safety information for that process? Operating procedures or instructions provided by equipment manufacturers or developed by persons or organizations knowledgeable about the process and equipment may be used as a basis for a stationary source's operating procedures. [68.52(a)J 4.12. Do the procedures address the following: [68.52(b)J 4.12.1. Initial startup? [68.52(b)(l)] C-24 ------- 4.12.2. Normal operations? [68.52(b)(2)] Q Q 4.12.3. Temporary operations? [68.52(b)(3)] 4.12.4. Emergency shutdown and operations? [68.52(b)(4)J a a 4.12.5. Normal shutdown? [68.52(b)(5)] 4.12.6. Startup following a normal or emergency shutdown or a major change that requires a hazard review? [68.52(b)(6)J Q Q I—| 4.12.8. Equipment inspections? [68.52(b)(8)] 4.12.7. Consequences of deviations and steps required to correct or avoid deviations? [68.52(b)(7)] a 4.13. Has the owner or operator ensured that the operating procedures have been updated, if necessary, whenever a major change occurred and prior to startup of the changed process? [68.52(c) COMPLIANCE OBJECTIVES NOTES C-25 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES Program 2 Prevention - Training [68.54] Has the owner or operator: 4.14. Certified that each employee presently operating a process, and each employee newly assigned to a covered process have been trained or tested competent in the operating procedures provided in § 68.52 that pertain to their duties? For those employees already operating a process on June 21, 1999, the owner or operator may certify in writing that the employee has the required knowledge, skills, and abilities to safely carry out the duties and responsibilities as provided in the operating procedures. [68.54(a)J 4.15. Provided refresher training at least every three years, or more often if necessary, to each employee operating a process, to ensure that the employee understands and adheres to the current operating procedures of the process? [68.54(b)J 4.16. Determined, in consultation with the employees operating the process, the appropriate frequency of refresher training? [68.54(b)] 4.17. Certified that each employee was trained in any updated or new procedures prior to startup of a process after a major change? [68.54(d)J a a Program 2 Prevention - Maintenance [68.56] Q a Has the owner or operator: 4.18. Prepared and implemented procedures to maintain the on-going mechanical integrity of the process equipment? [68.56(a)J 4.19. Trained or caused to be trained each employee, involved in maintaining the on-going mechanical integrity of the process, in the hazards of the process, in how to avoid or correct unsafe conditions, and in the procedures applicable to the employee's job tasks? [68.56(b)J 4.20. Has every maintenance contractor ensured that each contract maintenance employee is trained to perform the maintenance procedures developed? [68.56(c)J C-26 ------- 4.22. Has the owner or operator certified that compliance audits are conducted at least every three years to verify that the procedures and practices are adequate and are being followed? [68.58(a)J I | 4.23. Has compliance audit been conducted by at least one person knowledgeable in the process? [68.58(b)J Q '" Q 4.24. Has the owner operator developed a report of the audits findings? [68.58(c)] 4.25. Has the owner or operator promptly determined and documented an appropriate response to each of the findings of the audit and documented that deficiencies had been corrected? [68.58(d)J a 4.26. Has the owner or operator retained the two most recent compliance audit reports, unless more than five years old? [68.58(e)J Program 2 Prevention - Incident investigation [68.6] Q 4.27. Has the owner or operator investigated each incident which resulted in, or could reasonably have resulted in a catastrophic release? [68.60(a)] a "" 4.28. Were all incident investigations initiated not later than 48 hours following the incident? [68.60(b)] 4.29. Was a summary prepared at the conclusion of every investigation, which included: [68.60(c)J 4.29.1. Date of incident? [68.60(c)(l)] COMPLIANCE OBJECTIVES NOTES 4.21. Has the owner or operator performed or caused to be performed inspections and tests on process equipment that follow recognized and generally accepted engineering practices? [68.56(d)] Program 2 Prevention - Compliance audits [68.58] Q C-27 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES I—| 4.29.2. Date investigation began? [68.60(c)(2)] I—| 4.29.3. A description of incident? [68.60(c)(3)] I—| 4.29.4. The factors that contributed to the incident? [68.60(c)(4)] a 4.29.5. Any recommendations resulting from the investigation? [68.60(c)(5)] a 4.30. Has the owner or operator promptly addressed and resolved the investigation findings and recommendations, and are the resolutions and corrective actions documented? [68.60(d)J a 4.31. Has the owner or operator reviewed the finding with all affected personnel whose job tasks are affected by the findings? [68.60(e)] a 4.32. Has the owner or operator retained investigation summaries for five years? [68.60(f)] General Findings / Conclusions: Documentation obtained to support Findings / Conclusions: C-28 ------- 5.1. Has the owner or operator compiled written process safety information, which includes information pertaining to the hazards of the regulated substances used or produced by the process, information pertaining to the technology of the process, and information pertaining to the equipment in the process, before conducting any process hazard analysis required by the rule? [68.65(a)J Does the process safety information contain the following for hazards of the substances: [68.65(b)J 5.2.1. Toxicity information? [68.65(b)(l)] Q Q 5.2.2. Permissible exposure limits? [68.65(b)(2)J I—I 5.2.3. Physical data? [68.65(b)(3)J I—| 5.2.4. Reactivity data? [68.65(b)(4)] I—| 5.2.5. Corrosivity data? [68.65(b)(5)] I—| 5.2.6. Thermal and chemical stability data? [68.65(b)(6)] a 5.2.7. Hazardous effects of inadvertent mixing of materials that could foreseeably occur? [68.65(b)(7)J 5.3. Does the process safety information contain the following for technology of the process: [68.65(c)(l)J 5.3.1. A block flow diagram or simplified process flow diagram? COMPLIANCE OBJECTIVES NOTES 5. PROGRAMS PREVENTION PROGRAM (SUBPART D) [68.65 - 68.87] Program 3 Prevention - Process safety information [68.65] Q C-29 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES I—| 5.3.2. Process chemistry? [68.65(c)(l)(ii)] I—| 5.3.3. Maximum intended inventory? [68.65(c)(l)(iii)] a 5.3.4. Safe upper and lower limits for such items as temperatures, pressures, flows or compositions? [68.65(c)(l)(iv)] a "" 5.3.5. An evaluation of the consequences of deviations? [68.65(c)(l)(v)] 5.4. Does the process safety information contain the following for the equipment in the process: [68.65(d)(l)J I—| 5.4.1. Materials of construction? [68.65(d)(l)(i)] I | 5.4.2. Piping and instrument diagrams? [68.65(d)(l)(ii)] I—| 5.4.3. Electrical classification? [68.65(d)(l)(iii)] I | 5.4.4. Relief system design and design basis? [68.65(d)(l)(iv)] I—| 5.4.5. Ventilation system design? [68.65(d)(l)(v)] I | 5.4.6. Design codes and standards employed? [68.65(d)(l)(vi)] a I—| 5.4.8. Safety systems? [68.65(d)(l)(viii)] Q engineering practices? [68.65(d)(2)J a " 5.4.7. Material and energy balances for processes built after June 21, 1999? [68.65(d)(l)(vn)] 5.5. Has the owner or operator documented that equipment complies with recognized and generally accepted good 5.6. Has the owner or operator determined and documented that existing equipment, designed and constructed in accordance with codes, standards, or practices that are no longer in general use, is designed, maintained, inspected, tested, and operating in a safe manner? [68.65(d)(3)J C-30 ------- COMPLIANCE OBJECTIVES NOTES Program 3 Prevention - Process hazard analysis [68.67] a 5.7. Has the owner or operator performed an initial process hazard analysis (PHA), and has this analysis identified, evaluated, and controlled the hazards involved in the process? [68.67(a)J a 5.8. Has the owner or operator determined and documented the priority order for conducting PHAs, and was it based on a appropriate rationales? [68.67(a)J a 5.9. Has the owner or operator used one or more of the following technologies: [68.67(b)J I—| 5.9.1. What-If? [68.67(b)(l)] I—| 5.9.2. Checklist? [68.67(b)(2)J I—| 5.9.3. What-If/Checklist? [68.67(b)(3)J I—| 5.9.4. Hazard and Operability Study (HAZOP)? [68.67(b)(4)J I—| 5.9.5. Failure Mode and Effects Analysis (FMEA)? [68.67(b)(5)] I—| 5.9.6. Fault Tree Analysis? [68.67(b)(6)J I | 5.9.7. An appropriate equivalent methodology? [68.67(b)(7)] 5.10. Did the PHA address: [68.67(c)] 5.10.1. The hazards of the process? [68.67(c)(l)] Q 5.10.2. Identification of any incident which had a likely potential for catastrophic consequences? [68.67(c)(2)J C-31 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES a5.10.3. Engineering and administrative controls applicable to hazards and interrelationships? [68.67(c)(3)] Q "" 5.10.5. Stationary source siting? [68.67(c)(5)] 5.10.4. Consequences of failure of engineering and administrative controls? [68.67(c)(4)J Q I—| 5.10.6. Human factors? [68.67(c)(6)J a5.10.7. An evaluation of a range of the possible safety and health effects of failure of controls? [68.67(c)(7)] Q "" appropriate personnel? [68.67(d)J a "" 5.11. Was the PHA performed by a team with expertise in engineering and process operations and did the team include 5.12. Has the owner or operator established a system to promptly address the team's findings and recommendations; assured that the recommendations are resolved in a timely manner and documented; documented what actions are to be taken; completed actions as soon as possible; developed a written schedule of when these actions are to be completed; and communicated the actions to operating, maintenance and other employees whose work assignments are in the process and who may be affected by the recommendations? [68.67(e)J 5.13. Has the PHA been updated and re validated by a team every five years after the completion of the initial PHA to assure that Q the PHA is consistent with the current process? [68.67(f)] 5.14. Has the owner or operator retained PHAs and updates or revalidations for each process covered, as well as the resolution of recommendations for the life of the process? [68.67(g)J Program 3 Prevention - Operating procedures [68.69] aS. 15. Has the owner or operator developed and implemented written operating procedures that provide instructions or steps for conducting activities associated with each covered process consistent with the safety information? [68.69(a)J 5.16. Do the procedures address the following: [68.69(a)J C-32 ------- COMPLIANCE OBJECTIVES 5.16.1. Steps for each operating phase: [68.69(a)(l)J NOTES Q 5.16.1.1. Initial startup? [68.69(a)(l)(i)] a a a a 5.16.1.2. Normal operations? [68.69(a)(l)(n)] 5.16.1.3. Temporary operations? [68.69(a)(l)(iii)] 5.16.1.4. Emergency shutdown including the conditions under which emergency shutdown is required, and the assignment of shutdown responsibility to qualified operators to ensure that emergency shutdown is executed in a safe and timely manner? [68.69(a)(l)(iv)] 5.16.1.5. Emergency operations? [68.69(a)(l)(v)] I—| I—| 5.16.1.6. Normal shutdown? [68.69(a)(l)(vi)] 5.16.1.7. Startup following a turnaround, or after emergency shutdown? 5.16.2. Operating limits: [68.69(a)(2)J a a 5.16.2.1. Consequences of deviations? [68.69(a)(2)(i)J 5.16.2.2. Steps required to correct or avoid deviation? [68.69(a)(2)(ii)J 5.16.3. Safety and health considerations: [68.69(a)(3)J a a 5.16.3.1. Properties of, and hazards presented by, the chemicals used in the process? [68.69(a)(3)(i)] 5.16.3.2. Precautions necessary to prevent exposure, including engineering controls, administrative controls, and personal protective equipment? [68.69(a)(3)(ii)J C-33 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES 1 — | 5.16.3.3. 1 — | 5.16.3.4. 1 — | 5.16.3.5. 1 — | 5.16.4. a 5j7- a 5js- a 5j9- Control measures to be taken if physical contact or airborne exposure occurs? [68.69(a)(3)(iii)J Quality control for raw materials and control of hazardous chemical inventory levels? [68.69(a)(3)(iv)J Any special or unique hazards? [68.69(a)(3)(v)J Safety systems and their functions? [68.69(a)(4)J Are operating procedures readily accessible to employees who are involved in a process? [68.69(b)J Has the owner or operator certified annually that the operating procedures are current and accurate and that procedures have been reviewed as often as necessary? [68.69(c)J Has the owner or operator developed and implemented safe work practices to provide for the control of hazards during specific operations, such as logout/tagout? [68.69(d)J Program 3 Prevention - Training [68.71] a 5.20. Has each employee presently involved in operating a process, and each employee before being involved in operating a newly assigned process, been initially trained in an overview of the process and in the operating procedures? [68.71(a)(l)J a 5.21. Did initial training include emphasis on safety and health hazards, emergency operations including shutdown, and safe work practices applicable to the employee's job tasks? [68.71 (a)(2) allows in lieu of initial training for those employees already involved in operating a process on June 21,1999 an owner or operator may certify in writing that the employee has the required knowledge, skills, and abilities to safely carry out the duties and responsibilities as specified in the operating procedures] [68.71(a)(l) a 5.22. Has refresher training been provided at least every three years, or more often if necessary, to each employee involved in operating a process to assure that the employee understands and adheres to the current operating procedures of the process? [68.7 l(b) I | 5.23. Has owner or operator ascertained and documented in a record that each employee involved in operating a process has received and understood the training required? [68.71(c)J C-34 ------- COMPLIANCE OBJECTIVES NOTES Does the prepared record contain the identity of the employee, the date of training, and the means used to verify that the employee understood the training? [68.71(c)j Program 3 Prevention - Mechanical integrity [68.73] a 5.25. Has the owner or operator established and implemented written procedures to maintain the on-going integrity of the process equipment listed in 68.73(a)? [68.73(b)J a 5.26. Has the owner or operator trained each employee involved in maintaining the on-going integrity of process equipment? [68.73(c)] Has the owner or operator: a 5.27. Performed inspections and tests on process equipment? r68.73(d¥lYI Q Q a [68.73(d)(l)J Followed recognized and generally accepted good engineering practices for inspection and testing procedures? [68.73(d)(2)j 5.29. Ensured the frequency of inspections and tests of process equipment is consistent with applicable manufacturers' recommendations, good engineering practices, and prior operating experience? [68.73(d)(3)j 5.30. Documented each inspection and test that had been performed on process equipment, which identifies the date of the inspection or test, the name of the person who performed the inspection or test, the serial number or other identifier of the equipment on which the inspection or test was performed, a description of the inspection or test performed, and the results of the inspection or test? [68.73(d)(4)] 5.31. Corrected deficiencies in equipment that were outside acceptable limits defined by the process safety information before further use or in a safe and timely manner when necessary means were taken to assure safe operation? [68.73(e)J Assured that equipment as it was fabricated is suitable for the process application for which it will be used in the construction of new plants and equipment? [68.73(f)(l)] C-35 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES a 5.33. Performed appropriate checks and inspections to assure that equipment was installed properly and consistent with design specifications and the manufacturer's instructions? [68.73(f)(2)] a 5.34. Assured that maintenance materials, spare parts and equipment were suitable for the process application for which they would beused?[68.73(f)(3)] Program 3 Prevention - Management of change [68.75] a a a a a 5.35. Has the owner or operator established and implemented written procedures to manage changes to process chemicals, technology, equipment, and procedures, and changes to stationary sources that affect a covered process? [68.75(a)J 5.36. Do procedures assure that the following consideration are addressed prior to any change: [68.75(b)J I | 5.36.1. The technical basis for the proposed change? [68.75(b)(l)] I—| 5.36.2. Impact of change on safety and health? [68.75(b)(2)] I | 5.36.3. Modifications to operating procedures? [68.75(b)(3)] 5.36.4. Necessary time period for the change? [68.75(b)(4)] 5.36.5. Authorization requirements for the proposed change? [68.75(b)(5)] 5.37. Were employees, involved in operating a process and maintenance, and contract employees, whose job tasks would be affected by a change in the process, informed of, and trained in, the change prior to start-up of the process or affected part of the process? [68.75(c)] 5.37. If a change resulted in a change in the process safely information, was such information updated accordingly? Q [68.75(d)J 5.38. If a change resulted in a change in the operating procedures or practices, had such procedures or practices been updated accordingly? [68.75(e)J C-36 ------- 5.40.3. For new stationary sources, a process hazard analysis had been performed and recommendations had been resolved or 5.40.4. Modified stationary sources meet the requirements contained in management of change? [68.77(b)(3)J a 5.40.5. Training of each employee involved in operating a process had been completed? [68.77(b)(4)J Program 3 Prevention - Compliance audits [68.79] a 5.41. Has the owner or operator certified that the stationary source has evaluated compliance with the provisions of the prevention program at least every three years to verify that the developed procedures and practices are adequate and are being followed? [68.79(a)J a 5.42. Has the audit been conducted by at least one person knowledgeable in the process? [68.79(b)J 5.43. Are the audits findings documented in report? [68.79(c)J COMPLIANCE OBJECTIVES NOTES Program 3 Prevention - Pre-startup review [68.77] a 5.39. Has the owner or operator performed a pre-startup safely review for new stationary sources and for modified stationary sources when the modification was significant enough to require a change in the process safety information,? [68.77(a)J 5.40. Did the pre-startup safety review confirm that prior to the introduction of regulated substances to a process: [68.77(b)J a 5.40.1. Construction and equipment was in accordance with design specifications? [68.77(b)(l)J a 5.40.2. Safety, operating, maintenance, and emergency procedures were in place and were adequate? [68.77(b)(2)J Q "" implemented before startup? [68.77(b)(3)] a C-37 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES a 5.44. Has the owner or operator promptly determined and documented an appropriate response to each of the findings of the audit and documented that deficiencies had been corrected? [68.79(d)J a 5.45. Has the owner or operator retained the two most recent compliance audit reports? [68.79(e)J Program 3 Prevention - Incident investigation [68.81] Q a a 5.46. Has the owner or operator investigated each incident which resulted in, or could reasonably have resulted in a catastrophic release of a regulated substance? [68.81(a)J a 5.47. Were all incident investigations initiated not later than 48 hours following the incident? [68.81(b)] Q "" 5.48. Was an incident investigation team established and did it consist of at least one person knowledgeable in the process involved, including a contract employee if the incident involved work of the contractor, and other persons with appropriate knowledge and experience to thoroughly investigate and analyze the incident? [68.81(c)J 5.49. Was a report prepared at the conclusion of every investigation? [68.81(d)J Does every report include: [68.81(d)J I—| 5.51.1. Date of incident? [68.81(d)(l)] I—| 5.51.2. Date investigation began? [68.81(d)(2)] I—| 5.51.3. A description of the incident? [68.81(d)(3)] 5.51.4. The factors that contributed to the incident? [68.81(d)(4)] 5.51.5. Any recommendations resulting from the investigation? [68.81(d)(5)] a 5.52. Has the owner or operator established a system to address and resolve the report findings and recommendations, and are the resolutions and corrective actions documented? [68.81(e)J C-38 ------- COMPLIANCE OBJECTIVES NOTES Was the report reviewed with all affected personnel whose job tasks are relevant to the incident findings including contract employees where applicable? [68.81(f)] Program 3 Prevention - Employee participation [68.83] a a a Has the owner or operator: 5.54. Developed a written plan of action regarding the implementation of the employee participation required by this section? [68.83(a)] 5.55. Consulted with employees and their representatives on the conduct and development of process hazards analyses and on the development of the other elements of process safety management in chemical accident prevention provisions? [68.83(b)J Provided to employees and their representatives access to process hazard analyses and to all other information required to be developed under chemical accident prevention rule? [68.83(c)J Program 3 Prevention - Hot work permit [68.85] a a a a Has the owner or operator issued a hot work permit for each hot work operation conducted on or near a covered process? [68.85(a)J 5.58. Does the permit document that the fire prevention and protection requirements in 29 CFR 1910.252(a) have been implemented prior to beginning the hot work operations? [68.85(b)J 5.59. Does the permit indicate the date(s) authorized for hot work and the object on which hot works to be performed? [68.85(b)J 5.60. Are the permits being kept on file until completion of the hot work operations? [68.85(b)J C-39 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES Program 3 Prevention - Contractors [68.87] Has the owner or operator: [68.87(b)J Q selecting a contractor,? [68.87(b)(l)] a "" contractor's work and the process? [68.87(b)(2)J Q "" Q 5.61. Obtained and evaluated information regarding the contract owner or operator's safety performance and programs when 5.62. Informed contract owner or operator of the known potential fire, explosion, or toxic release hazards related to the 5.63. Explained to the contract owner or operator the applicable provisions of emergency response program? [68.87(b)(3)J 5.64. Developed and implemented safe work practices consistent with §68.69(d), to control the entrance, presence, and exit of the contract owner or operator and contract employees in covered process areas? [68.87(b)(4)J General Findings / Conclusions: 6.1. Has the owner or operator of a stationary source developed an emergency response program, unless the source need not comply? [68.90(a)] If the employees of the stationary source will not respond to accidental releases of regulated substances: Documentation obtained to support Findings / Conclusions: 6. EMERGENCY RESPONSE (SUBPART E) 68.90 - 68.95 Emergency Response - Applicability [68.9] a C-40 ------- .4. Are appropriate mechanisms in place to notify emergency responders when there is a need for a response? [68.90(b)(3)] Q Emergency Response - Applicability [68.9] a 6.5. Has the owner or operator developed and implemented an emergency response program for the purpose of protecting public health and the environment? [68.95(a)J 6.6. Does the program include the following elements: [68.95(a)J a 6.6.1. An emergency response plan which is maintained at the stationary source? [68.95(a)(l)] Q "" Q a 6.6.2. Procedures for the use of emergency response equipment and for its inspection, testing, and maintenance? [68.95(a)(2)J 6.6.3. Training for all employees in relevant procedures? [68.95(a)(3)J 6.6.4. Procedures to review and update, as appropriate, the emergency response plan to reflect changes at the stationary source and ensure that employees are informed of changes? [68.95(a)(4)J 6.7. Does the emergency response plan contain the following elements: [68.95(a)(l)] I | 6.7.1. Procedures for informing the public and local emergency response agencies about accidental releases? [68.95(a)(l)(i)J a "" 6.7.2. Documentation of proper first-aid and emergency medical treatment necessary to treat accidental human exposures? COMPLIANCE OBJECTIVES NOTES 6.2. For stationary sources with any regulated toxic substance held in a process above the threshold quantity, is the stationary source included in the community emergency response plan developed under EPCRA? [68.90(b)(l)] 6.3. For stationary sources with only regulated flammable substances held in a process above the threshold quantity, has the owner or operator coordinated response actions with the local fire department? [68.90(b)(2)] C-41 ------- Guidance for Auditing Risk Management Plans & Programs COMPLIANCE OBJECTIVES NOTES a a a a 6.7.3. Procedures and measures for emergency response after an accidental release of a regulated substance? [68.95(a)(l)(iii)] 6.8. Did the owner or operator use a written plan that complies with other Federal contingency plan regulations or is consistent with the approach in the National Response Team's Integrated Contingency Plan Guidance ("One Plan")? If so, does the plan include the elements provided in paragraph (a) of 68.95, and also complies with paragraph (c) of 68.95? [68.95(b)j 6.9. Has the emergency response plan been coordinated with the community emergency response plan developed under EPCRA? [68.95(c)J 6.10. Has the owner or operator provided to the local emergency response officials information necessary for developing and implementing the community emergency response plan requested by the LEPC or emergency response officials? [68.95(c)] General Findings / Conclusions: Documentation obtained to support Findings / Conclusions: C-42 ------- ANNEX D: RISK MANAGEMENT PROGRAM AND OSHA PROCESS SAFETY MANAGEMENT: LIST OF REGULATED SUBSTANCES (BY CHEMICAL NAME) List of Regulated Substances CAS Chemical Name 106-98-9 1-butene 97-00-7 1 -chloro-2,4-dinitrobenzene 590-21 -6 1 -chloropropylene {1 -propene, 1 -chloro-} 109-67-1 1-pentene 57-14-7 1,1-dimethylhydrazine {Dimethylhydrazine} {Hydrazine, 1,1-dimethyl-} 106-99-0 1,3-butadiene 504-60-9 1,3-pentadiei 107-01-7 2-butene 590-18-1 2-butene-cis 624-64-6 2-butene-trans {2-butene, (E)} 557-98-2 2-chloropropylene {1-propene, 2-chloro 563-46-2 2-methyl-l-butene 115-11-7 2-methylpropene {1 -propene, 2-methyl-} 646-04-8 2-pentene (E)- 627-20-3 2-pentene (Z)- 463-82-1 2,2-dimethylpropane {Propane, 2,2-dimethyl-} 97-02-9 2,4-dinitroaniline 563-45-1 3-methyl-l-butene 75-07-0 Acetaldehyde 74-86-2 Acetylene {Ethyne} 107-02-8 Acrolein {2-propenal} 107-13-1 Acrylonitrile {2-propenenitrile} 814-68-6 Acrylyl Chloride {2-propenoyl Chloride} Varies Alkylaluminums 107-18-6 Allyl Alcohol {2-propen-l-ol} 107-05-1 Allyl Chloride 107-11 -9 Allylamine {2-propen-l -amine} 7664-41-7 Ammonia (Anhydrous) 7664-41-7 Ammonia (>=20% for RMP) (>44% for PSM) 7790-98-9 Ammonium Perchlorate 7787-36-2 Ammonium Permanganate 7784-34-1 Arsenous Trichloride 7784-42-1 Arsine {Arsenic Hydride} 10294-34-5 Boron Trichloride {Borane, Trichloro-} 7637-07-2 Boron Triflouride {Borane, Trifluoro-] 353-42-4 Boron Triflouride Compound with Methyl Ether (1:1) {Boron, Trifluoro[oxybis[methane]-,T-4} 7726-95-6 Bromine 13863-41-7 Bromine Chloride 7787-71-5 Bromine Trifluoride RMP Threshold Quantity (TQ) Ibs. RMP Threshold Corrected to Gals PSM Threshold Quantity (TQ) Ibs Toxic Endpoint D-l ------- Guidance for Auditing Risk Management Plans & Programs RMP Threshold Corrected to Gals PSM Toxic Threshold Endpoint Quantity (TQ) Ibs RMP Threshold Quantity (TQ) Ibs. CAS Chemical Name 7789-30-2 Bromine Pentafluoride 598-73-2 Bromotrifluorethylene {Ethene, Bromotrifluoro-} 106-97-8 Butane 25167-67-3 Butene 75-91-2 Butyl Hydroperoxide (Tertiary) 614-45-9 Butyl Perbenzoate 75-15-0 Carbon Disulfide 463-58-1 Carbon Oxysulfide {Carbon Oxide Sulfide (Cos)} {Carbonyl Sulfide} 353-44-5 Carbonyl Fluoride 9004-70-0 Cellulose Nitrate (>12.6% Nitrogen for PSM) 7782-50-5 Chlorine 10049-04-4 Chlorine Dioxide {Chlorine Oxide (CI02)} 7791-21-1 Chlorine Monoxide {Chlorine Oxide} 13637-63-3 Chlorine Pentrafluoride 7790-91-2 Chlorine Trifluoride 96-06-2 Chlorodiethylaluminum {Diethylaluminum Chloride} 67-66-3 Chloroform {Methane, Trichloro-} 542-88-1 Chloromethyl Ether {Bis(chloromethyl) Ether} {Methane, Oxybisfchloro-} {Dichloromethyl Ether} 107-30-2 Chloromethyl Methyl Ether {Methane, Chloromethoxy-} 76-06-2 Chloropicrin None Chloropicrin and Methyl Bromide Mixture None Chloropicrin and Methyl Chloride Mixture 4170-30-3 Crotonaldehyde {2-butenal} 123-73-9 Crotonaldehyde, (E)- {2-butenal, (E)-} 80-15-9 Cumene Hydroperoxidi 460-19-5 Cyanogen {Ethanedinitrile} 506-77-4 Cyanogen Chloride 675-14-9 Cyanuric Fluoride 108-91-8 Cyclohexylamine {Cyclohexanamine} 75-19-4 Cyclopropane 110-22-5 Diacetyl Peroxide (>70% for PSM) 334-88-3 Diazomethane 94-36-0 Dibenzoyl Peroxide 19287-45-7 Diborane {Diborane (6)} 110-05-4 Dibutyl Peroxide (Tertiary) 4109-96-0 Dichlorosilane {Silane, Dichloro-} 557-20-0 Diethylzinc 75-37-6 Difluoroethane {Ethane, 1,1-difluoro-} 105-64-6 Diisopropyl Peroxydicarbonate 105-74-8 Dilauroyl Peroxide 124-40-3 Dimethylamine {Methanamine, N-methyl-} 75-78-5 Dimethyldichlorosilane {Silane, Dichlorodimethyl-} 106-89-8 Epichlorohydrin {Oxirane, (Chloromethyl)-; 0.026 0.076 D-2 ------- List of Regulated Substances CAS Chemical Name 74-84-0 107-00-6 75-00-3 60-29-7 75-08-1 1338-23-4 109-95-5 Ethane Ethyl Acetylene {1-butyne} Ethyl Chloride {Chloroethane} {Ethane, Chloro-} Ethyl Ether {Ethane, l,l'-oxybis-} Ethyl Mercaptan {Ethanethiol} Ethyl Methyl Ketone Peroxide Ethyl Nitrite {Nitrous Acid, Ethyl Ester} Ethylamine {Monoethylamine} (Ethanamine) 75-04-7 74-85-1 Ethylene {Ethene} 371-62-0 Ethylene Fluorohydrin 75-21-8 Ethylene Oxide {Oxirane} 107-15-3 Ethylenediamine {1,2-ethanediamine} 151-56-4 Ethyleneimine {Aziridine} 7782-41-4 Fluorine 50-00-0 Formaldehyde (Solution) 110-00-9 Furan 684-16-2 Hexafluoroacetone 302-01-2 Hydrazine 7647-01-0 Hydrochloric Acid (>=37% for RMP) 74-90-8 Hydrocyanic Acid {Hydrogen Cyanide} 1333-74-0 Hydrogen 10035-10-6 Hydrogen Bromide 7647-01 -0 Hydrogen Chloride (Anhydrous for CAA 112(r)- RMP and PSM)) {Hydrochloric Acid} 7664-39-3 Hydrogen Fluoride/hydrofluoric Acid (>=50% for RMP) {Hydrofluoric Acid} 7722-84-1 Hydrogen Peroxide (>= 52% for PSM) 7783-07-5 Hydrogen Selenide 7783-06-4 Hydrogen Sulfide 7803-49-8 Hyroxylamine 13463-40-6 Iron, Pentacarbonyl- {Iron Carbonyl (Fe(co)5), (Tb-5-11)- 75-28-5 Isobutane {Propane, 2-methyl} 78-82-0 Isobutyronitrile {Propanenitrile, 2-methyl-} 78-78-4 Isopentane {Butane, 2-methyl-} 78-79-5 Isoprene {1,3-butadiene, 2-methyl-; 75-31-0 Isopropylamine {2-propanamine} 75-29-6 Isopropyl Chloride {Propane, 2-chloro-! 108-23-6 Isopropyl Chloroformate {Carbonochloridic Acid, 1 -methylethyl Ester} 463-51-4 Ketene 78-85-3 Methacrylaldehyde 126-98-7 Methacrylonitrile {2-propenenitrile, 2-methyl-} {Methylacrylonitrile} 920-46-7 Methacryloyl Chloride 74-82-8 Methane 74-83-9 Methyl Bromide RMP Threshold Quantity (TQ) Ibs. 10,000 10,000 10,000 10,000 10,000 10,000 10,000 10,000 RMP Threshold Corrected to Gals PSM Threshold Quantity (TQ) Ibs 15,000 15,000 2,500 10,000 5,000 1,000 2,500 10,000 20,000 10,000 10,000 10,000 10,000 15,000 10,000 10,000 Toxic Endpoint 0.09 0.49 0.018 0.0039 0.012 0.0012 2,500 D-3 ------- Guidance for Auditing Risk Management Plans & Programs CAS Chemical Name 74-87-3 Methyl Chloride {Chloromethane} {Methane, Chloro-} 79-22-1 Methyl Chloroformate {Carbonochloridic Acid, Methylester} {Methyl Chlorocarbonate} 115-10-6 Methyl Ether {Methane, Oxybis-} 1338-23-4 Methyl Ethyl Ketone Peroxide (>60% for PSM) 453-18-9 Methyl Fluoroacetate 421-20-5 Methyl Florosulfate 107-31-3 Methyl Formate {Formic Acid, Methyl Ester} 60-34-4 Methyl Hydrazine 74-88-4 Methyl Iodide 624-83-9 Methyl Isocyanate {Methane, Isocyanato-] 74-93-1 Methyl Mercaptan {Methanethiol} {Thiomethanol} 556-64-9 Methyl Thiocyanate {Thiocyanic Acid, Methyl Ester} 79-84-4 Methyl Vinyl Ketone 74-89-5 Methylamine {Methanamine} {Monomethylamine} 75-79-6 Methyltrichlorosilane {Silane, Trichloromethyl-} 13463-39-3 Nickel Carbonyl {Nickel Tetracarbonyl} 7697-37-2 Nitric Acid (>=80% for RMP) (>=94.5% for PSM) 10102-43-9 Nitric Oxide {Nitrogen Oxide (No)} 100-01-6 Nitroaniline {Para Nitroaniline} 7783-54-2 Nitrogen Trifluoride 10102-44-0 Nitrogen Oxides (NO, N02, N204, N203) 10544-72-6 Nitrogen Tetroxide {Nitrogen Peroxide} 10544-73-7 Nitrogen Trioxide 10102-44-0 Nitrogen Dioxide 75-52-5 Nitromethane 8014-95-7 Oleum (Fuming Sulfuric Acid) (65-80% for PSM) {Sulfuric Acid, with Sulfur Trioxide} 20816-12-0 Osmium Tetroxi 7783-41-7 Oxygen Difluoride {Fluorine Monoxide} 10028-15-6 Ozone 19624-22-7 Pentaborane 109-66-0 Pentane 79-21-0 Peracetic Acid (>60% Acetic Acid for PSM) {Ethaneperoxoic Acid} {Peroxyacetic Acid} 7601-90-3 Perchloric Acid (>60% for PSM) 594-42-3 Perchloromethylmercaptan {Methanesulfenyl Chloride, Trichloro-} 7616-94-6 Perchloryl Fluoride 75-44-5 Phosgene {Carbonic Bichloride} {Carbonyl Chloride} 7803-51-2 Phosphine {Hydrogen Phosphide} 10025-87-3 Phosphorus Oxychloride {Phosphoryl Chloride} 7719-12-2 Phosphorus Trichloride {Phosphorous Trichloride} 110-89-4 Piperidine 463-49-0 Propadiene {1,2-propadiene} 74-98-6 Propane RMP Threshold Quantity (TQ) Ibs. RMP Threshold Corrected to Gals PSM Threshold Quantity (TQ) Ibs 15,000 500 Toxic Endpoint 0.82 0.0019 0.018 0.00067 0.026 0.031 0.0076 0.00081 0.0035 0.003 0.028 0.022 D-4 ------- CAS Chemical Name 106-96-7 Propargyl Bromide {3-bromopropyne} 107-12-0 Propionitrile {Ethyl Cyanide} (Propanenitrile) 627-13-4 Propyl Nitrate 109-61 -5 Propyl Chloroformate {Carbonochloridic Acid, Propylester} 115-07-1 Propylene {1 -propene} 75-56-9 Propylene oxide {oxirane, methyl-} 75-55-8 Propyleneimine {Aziridine, 2-methyl} 74-99-7 Propyne {1 -propyne} 107-44-8 Sarin 7783-79-1 Selenium Hexafluoride 7803-62-5 Silane 7803-52-3 Stibine {Antimony Hydride} 7446-09-5 Sulfur Dioxide (Anhydrous for RMP) 5714-22-7 Sulfur Pentafluoride 7783-60-0 Sulfur Tetraflouride {Sulfur Fluoride, (Sf4) (T-4)- 7446-11-9 Sulfur Trioxide {Sulfuric Anhydride} 7783-80-4 Tellurium Hexafluoride 116-14-3 Tetrafluoroethylene {Ethene, Tetrafluoro-} 10036-47-2 Tetrafluorohydrazine 75-74-1 Tetramethyllead {Plumbane, Tetramethyl-} 75-76-3 Tetramethylsilane {Silane, Tetramethyl-} 509-14-8 Tetranitromethane {Methane, Tetranitro-} 7719-09-7 Thionyl Chloride 7550-45-0 Titanium Tetrachloride {Titanium Chloride (Ticl4)(T-4)} 584-84-9 Toluene 2,4-diisocyanate {Benzene, 2,4-diisocyanato-l-methyl-} 91-08-7 Toluene 2,6-diisocyanate {Benzene, 1,3-diisocyanato-2-methyl-} 26471-62-5 Toluene Diisocyanate (Unspecified Isomer) {Benzene, 1,3-diisocyanatomethyl-} 1558-25-4 Trichloro(chloromethyl)silane 27137-85-5 Trichloro(dichlorophenyl)silane 10025-78-2 Trichlorosilane {Silane, Trichloro-} 79-38-9 Trifluorochloroethylene {Ethene, Chlorotrifluoro-} 75-50-3 Trimethylamine {Methanamine, N,n-dimethyl-} 75-77-4 Trimethylchlorosilane {Silane, Chlorotrimethyl-} 2487-90-3 Trimethyoxysilane 108-05-4 Vinyl Acetate Monomer {Acetic Acid Ethenyl Ester} 689-97-4 Vinyl Acetylene {1 -buten-3-yne} 75-01-4 Vinyl Chloride {Ethene, Chloro-} 109-92-2 Vinyl Ethyl Ether {Ethene, Ethoxy- 75-02-5 Vinyl Fluoride {Ethene, Fluoro-} 107-25-5 Vinyl Methyl Ether {Ethene, Methoxy-} 75-35-4 Vinylidene Chloride {Ethene, 1,1-dichloro-} {1,1-dichlorethylene} 75-38-7 Vinylidene Fluoride {Ethene, 1,1-difluoro-} RMP Threshold Quantity (TQ) Ibs. RMP Threshold Corrected to Gals List of Regulated Substances PSM Toxic Threshold Endpoint Quantity (TQ) Ibs 10,000 5,000 2,500 10,000 10,000 2,500 10,000 10,000 10,000 10,000 10,000 10,000 10,000 15,000 10,000 10,000 10,000 10,000 10,000 10,000 10,000 1,494 15,000 10,000 10,000 10,000 10,000 1,649 1,968 1,395 1,485 1,697 100 0.0037 D-5 ------- ------- ------- vvEPA United States Environmental Protection Agency (5104) Washington, DC 20460 Official Business Penalty for Private Use $300 ------- |