September/October 2010

ISA alarm management standard packs a punch

By Bill Hollifield

The topic of alarm management has long held a high profile in quite a few industries. In keeping with this status, the ANSI/ISA-18.2-2009 standard, Management of Alarm Systems for the Process Industries, will impact all industries using modern control systems.

ISA-18.2 is different from many standards for industry because it is not about hardware or component design. It is about the work processes of people. Poorly performing alarm systems do not create themselves. ISA-18.2 focuses on work processes for effective alarm management.

The standard is designed for computerized control systems from which an operator responds to alarms. It applies whether your process is continuous, batch, or discrete. It does not matter if you are making (or moving) gasoline, plastics, megawatts, or aspirin. This is because alarm response is a human-machine interaction. The steps for detecting an alarm, analyzing the situation, and making a response are human steps that do not vary significantly based on the process you are controlling.

Regulatory impact

The regulatory environment is complex. In general, regulatory agencies require an employer to document that equipment complies with recognized and generally accepted good engineering practices. Codes and standards may qualify as such, depending on the application. This is important because a regulated industry might be expected to either comply with standards or show how they are doing something just as good.

In a 2009 ISA EXPO presentation, an OSHA representative showed how codes and ISA standards were used as a source of fines and penalties. OSHA and the Chemical Safety Board may use ISA-18.2 for those purposes. ISA-18.2 has been submitted to the IEC to begin the process of developing an international standard for alarm management.

ISA-18.2 states, "The practices and procedures of this standard shall be applied to existing systems in a reasonable time as determined by the owner/operator." Our advice is to get started.

Life-cycle stages

ISA-18.2 is written with a 10-stage life-cycle structure. These are not activities. Life cycle is a document structure for organizing requirements and recommendations, not a project plan for improving an existing system. The stages are:

  • Alarm Philosophy: This documents the alarm-system objectives and work processes to meet them. Major contents include alarm definition, roles and responsibilities, alarm prioritization basis, performance monitoring, management of change, and training.
  • Identification: These are work processes that determine which alarms are necessary. All modern control systems have comprehensive built-in alarm capability; often having more than a dozen types of alarms available for many measurements. Alarm choices should be made explicitly, not by general rules.
  • Rationalization: The process of ensuring an alarm meets the requirements set forth in the alarm philosophy. This includes several activities such as alarm type and setpoint determination, prioritization, advanced method applicability, classification, and documentation.
  • Detailed Design: Creating an alarm that meets the requirements determined in the rationalization.
  • Implementation: The alarm design is brought into operational status, involving commissioning, testing, and training.
  • Operation: The alarm is functional.
  • Maintenance: The alarm is non-functional, due to either test or repair activities. (Do not equate this life-cycle stage with the maintenance department or function.)
  • Monitoring and Assessment: The alarm system's performance is monitored and reported against the philosophy goals. Several analyses are recommended, including a non-mandatory table of metrics.
  • Management of Change: Changes to the alarm system follow a defined process.
  • Audit: Periodic reviews are conducted to maintain and evaluate the alarm system and related work processes.

The only surprises in ISA-18.2 are the concepts of alarm classification and highly managed alarms. Alarm classification is a method for keeping track of administrative requirements for alarms, such as testing and training.

The term highly managed alarms identifies alarms with quite a few administrative requirements. (This designation triumphed over critical, vital, special, and super-duper.) There is no requirement to use this classification.

Several follow-up ISA technical reports are in development that will provide additional information about the life-cycle stages.

ISA-18.2 is an important-and different-standard. It is expected to have considerable regulatory impact. If you have not started yet on alarm management, now is the time.

ABOUT THE AUTHOR

Bill Hollifield is the principal alarm management and HMI consultant at PAS (www.pas.com.) He is a voting member of the ISA18 committee and co-author of: The High Performance HMI Handbook and Alarm Management: A Comprehensive Guide (Second Edition).