ARCHIVED - National Energy Board Onshore Pipeline Regulations (OPR) - Final Audit Report of the Enbridge Pipelines Inc. Integrity Management Program - Appendix I - Integrity Management Program Audit Assessment

This page has been archived on the Web

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Appendix I

Integrity Management Program Audit Evaluation TableFootnote i

Table of Contents

1.0 Policy and Commitment

1.1 Leadership Accountability

Expectations:

The company shall have an accountable officer appointed who has the appropriate authority over the company’s human and financial resources required to establish, implement and maintain its management system and protection programs, and to ensure that the company meets its obligations for safety, security and protection of the environment. The company shall have notified the Audit Team of the identity of the accountable officer within 30 days of the appointment and ensure that the accountable officer submits a signed statement to the Audit Team accepting the responsibilities of their position.

References:

OPR section 6.2

Assessment:

Accountable Officer

The Board requires the company to appoint an accountable officer. The accountable officer must be given appropriate authority over the company’s human and financial resources for ensuring that the company meets its obligations for safety, security and protection of the environment.

On 31 March 2014, Enbridge submitted written notice to the Board indicating that its President, Guy Jarvis, had been appointed as the accountable officer for Enbridge Pipelines Inc. and all of its subsidiaries regulated by the Board. In its submission, Enbridge confirmed that it’s accountable officer has the authority over the human and financial resources required to meet the Board’s substantive expectations.

Summary

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has not found any issues of Non-Compliance. The Board has determined that Enbridge is Compliant with this sub-element.

Compliance Status: Compliant

1.2 Policy and Commitment Statements

Expectations:

 The company shall have documented policies and goals intended to ensure activities are conducted in a manner that ensures the safety and security of the public, workers, the pipeline, and protection of property and the environment. The company shall base its management system and protection programs on those policies and goals. The company shall include goals for the prevention of ruptures, liquids and gas releases, fatalities and injuries and for the response to incidents and emergency situations.

The company shall have a policy for the internal reporting of hazards, potential hazards, incidents and near-misses that includes the conditions under which a person who makes a report will be granted immunity from disciplinary action.

The company’s accountable officer shall prepare a policy statement that sets out the company’s commitment to these policies and goals and shall communicate that statement to the company’s employees.

References:

OPR section 6.3

Assessment:

Governance Level Policies and Goals and Commitment Statement

The Board requires the company to document its policies and goals for ensuring its activities are conducted in a manner that ensures the safety and security of the public, workers and pipeline, and the protection of property and the environment.

The NEB OPR does not include any specific management system process requirements for developing policies and goals. However, Enbridge has established clear management system guidance with respect to its process for developing policies and goals. At a governance level, Enbridge’s IMS-01, Governance Documentation outlines the company’s expectations for documenting key corporate policies, such as the Strategic and Business Planning Processes. The Governance Documentation also explains the company’s “Planning Cascade” and associated documentation. This Planning Cascade document explains how the company links its policies and corporate vision to its performance targets and metrics. The practices described within the Governance Documentation process align with the Board’s requirements for establishing policies, goals, objectives, targets and performance measures. While not an absolute alignment between the Board’s requirements and Enbridge’s internal processes it does reflect integration of the Board’s requirements into Enbridge’s business management practices.

(Note: While “goals” are included in this sub-element’s description, for clarity and organization, the review of goals is documented in sub-element 2.3 Goals, Objectives, Targets, below)

Governance Policy

Enbridge’s IMS-01, section 4.2.1, Strategy and Objectives Development Process describes the company’s process for establishing objectives, setting targets, and maintaining a dashboard of scorecard metrics. The executive management team uses the Strategy and Objectives Development Process to direct department priorities and activities. Section 4.3.2, Scorecard and section 4.3.4, Dashboard Reporting Process define the departmental processes for monitoring and measuring its performance against the Liquids Pipelines Business Plan and Enbridge targets.

Governance Commitment Statement

With respect to the OPR requirements relating to developing “a policy statement that sets out the company’s commitment to these policies and goals and shall communicate that statement to the company’s employees”, the Board identified that Enbridge’s IMS-01 included a compliant statement signed by the company’s Accountable Officer. The Board noted that this statement had not been updated in the documents it received at the time of the audit. The Board notes, however, that the documents were provided to the Board before the company notified the Board of its new Accountable Officer. Therefore, the Board will not be making a Non- Compliant finding based on this lack of endorsement.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Policy and Commitment Review

At the department level, Enbridge’s IMS-09 section 2.0, Policy is comprised of one sentence which states that “This management system is guided by the governing Policies set out in IMS-01 (Section 3) and is designed to anchor Safety Management and Operational Reliability expectations for all business functions.”

Enbridge’s Integrity Principles describe the fundamental values in how it manages its Integrity Management program. Although implied by the Integrity Principles, Enbridge does not clearly state its goals for preventing ruptures, liquid and gas releases, fatalities and injuries. It also does not clearly state its goals for responding to incidents and emergency situations.

According to OPR, section 6.3(1)(a), this policy must also describe the conditions under which a person making a report will be granted immunity from disciplinary action. Enbridge policies indicate that persons will be granted immunity from disciplinary action, depending on the situation. However, the company’s policies do not make this explicit. Also, immunity from disciplinary action is not integrated into the policy for internal reporting of hazards, potential hazards, incidents and near-misses as specifically required.

At the governance level, IMS-01, section 1.2.4, Compliance Assurance Enbridge states that “management will ...provide an open and confidential method for the Workforces to report non-compliant, unethical, or unlawful behavior, without fear of retaliation.” This statement does not specifically say that members of its workforce will be granted immunity from disciplinary action when internally reporting hazards, potential hazards, incidents and near-misses.

IMS-02, section 1.4.1, Leadership and Management Responsibility states that “Management will create a positive and frank atmosphere to encourage timely reporting, discussion, and resolution of Events and ethical concerns. They will strongly encourage and support the Workforce to report compliance and ethical issues to their supervisors, management, Human Resources, Compliance OPC, the ECO, or via the Enbridge Ethics and Conduct Hotline. Management will be accountable to understand and apply the no retaliation policy within their span of control over the Workforce that report to them.” While this statement largely meets the requirements of 6.3(1)(a), it does not guarantee all members of Enbridge’s workforce immunity from discipline at all levels of management within the organization.

Enbridge has developed and posted compliance policy statements on its intranet site including its Statement on Business Conduct signed by the President and CEO, dated October 2012. Both the Integrated Management Policy and Risk Management Policy have been signed by the company’s president of Liquids Pipelines and Major Projects. The company’s commitment to following its policies and achieving its goals is communicated to the company’s employees through the various means discussed in Sub-element 3.5 Communication in this audit report.

Summary

The Board found that Enbridge has developed many policies, processes, principles, programs and to guide and support its Integrity Management program.

The Board also found the following areas of non-compliance in the Policy and Commitment Statements sub-element:

  • Enbridge did not demonstrate that it has a policy that explicitly describes internal reporting of hazards, potential hazards, incidents and near-misses as required by OPR, section 6.3(1)(a);
  • Enbridge did not demonstrate that its policies include the conditions under which a person who reports a hazard, potential hazard, incident or near-miss will be granted immunity from disciplinary action as required by OPR, section 6.3(1)(a); and
  • Enbridge did not demonstrate that it has a management system policy for its Integrity Management program that meets the requirements of OPR, section 6.3(1) and (2).

Based on the Board’s evaluation of Enbridge’s management system and the Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

2.0 Planning

2.1 Hazard Identification, Risk Assessment and ControlFootnote 1

Expectations:

The company shall have an established, implemented and effective process for identifying and analyzing all hazards and potential hazards. The company shall establish and maintain an inventory of hazards and potential hazards. The company shall have an established, implemented and effective process for evaluating the risks associated with these hazards, including the risks related to normal and abnormal operating conditions. As part of its formal risk assessment, a company shall keep records to demonstrate the implementation of the hazard identification and risk assessment processes.

The company shall have an established, implemented and effective process for the internal reporting of hazards, potential hazards, incidents and near-misses, and for taking corrective and preventive actions, including the steps to manage imminent hazards. The company shall have and maintain a data management system for monitoring and analyzing the trends in hazards, incidents, and near-misses.

The company shall have an established, implemented and effective process for developing and implementing controls to prevent, manage and mitigate the identified hazards and risks. The company shall communicate those controls to anyone exposed to the risks.

References:

OPR sections 4(2), 6.5(1)(c),(d),(e),(f),(r),(s),39, 40 and 41

CSA Z662-11, Clauses 3.1.2(f), 3.2(a), 3.2(b), 10.5.1.1(d) and 16.2

Assessment:

Governance Level Hazards and Potential Hazards Identification

At a governance level, Enbridge’s IMS-01, section 4.3, Risk Management Process describes the company’s process for identifying hazards, assessing risks and developing and implementing controls. The process includes written descriptions and the steps required for identifying hazards, assessing risks, planning risk responses, monitoring, reviewing and reporting risks. At a high level, the risk management steps identified in Enbridge’s Risk Management Process correspond to the legal requirements of this sub-element. However, in its review of this process, the Board noted deficiencies in the design and implementation of this process.

Enbridge’s Risk Management Process outlines broad, inter-related requirements and commitments; however, it does not meet the Board’s process requirements as outlined in Section 1.0 Audit Terminology and Definitions of the Board’s attached Audit Report.

Governance: Hazard vs Risk

In the governance Risk Management Process and related practices, Enbridge uses the terms “risk” and “hazard” interchangeably; this is inconsistent with the Canada Labour Code and the OPR and common practice definition or use of the terms. The Board has provided the following definition of hazard and risk in the past. Hazard: Source or situation with a potential for harm in terms of injury, ill health, damage to property, damage to workplace and environment, or a combination of these. Risk: Combination of the likelihood and consequence(s) of a specified hazardous event occurring.

Although the Board reviewed Enbridge’s program with this terminology issue in mind, the discrepancy has led to some gaps being identified in the overall Risk Management Process.

Governance Hazards Inventory

Enbridge’s governance Risk Management Process requires that each sub-ordinate management system develop risk registers which is non-compliant with the requirements of OPR both in name and intent. The Board requires companies to develop an inventory of identified hazards and potential hazards.

Governance Risk Evaluation

Enbridge’s governance Risk Management Process includes a risk evaluation practice within it. The Board reviewed Enbridge’s Risk Evaluation practice. The method used to evaluate the risk of hazards (Enbridge - risks) was fully developed and appropriate if it was implemented as designed.

The Board’s audit also assessed the implementation of the risk evaluation process. This assessment determined that, while it was being implemented consistently across all of Enbridge’s programs, it was being utilized in a manner inconsistent with OPR requirements. Through interviews and document and record reviews, it was determined that Enbridge was implementing a practice whereby it applies the risk evaluation process to risks (hazards) taking into consideration the controls that may apply to the risk prior to the assessment. The result of this practice would be the identification of “residual” risk and assumes that the controls are directly applicable and appropriate to the hazard and that the control is being implemented fully on a consistent basis. The OPR process indicates that the risk evaluation should be applied directly to the hazard. This will determine “inherent” risk. This allows companies to fully identify the significance of the hazard and appropriately communicate, establish and implement controls and monitor it as required in the OPR.

In evaluating the establishment and implementation of the Enbridge’s Risk Management Process, the Risk Management Process Map provided in IMS-01 section 4.3, was noted to contain process steps that were colour-coded red and yellow. According to Enbridge, yellow colour coding indicates that the activities required to execute the process step are not adequately documented or not fully implemented in a consistent manner. Red colour coding indicates that the process step is aspirational and is not being executed by the organization. Several process steps within the Risk Management Process Map were colour coded red yet are regulated requirements within the overall Risk Management Process. For example, process step 16 - “identify, assess and prioritize risks” is a process step that is required to meet the requirements of OPR section 6.5(1)(e.). The Board has previously communicated that it recognizes aspirational practices as part of sound continual improvement practices. If a company clearly demonstrates that its practices are above the legal requirements and proactively communicates them as such within its overall programs, the Board will not find them non-compliant with OPR section 4.

Governance Developing and Implementing Controls

The Board also reviewed Enbridge’s governance process for developing and implementing controls to prevent, manage and mitigate the identified hazards and risks. The Board found that Enbridge’s process did not meet the Board’s requirements with respect to the design of a process. As well, the Board was unable to see evidence of clear requirements and directions for considering and applying the hierarchy of controls when developing controls.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Hazard Identification, Risk Assessment and Control
Identification of Hazards and Potential Hazards

The Board found that the processes for identification and analysis of hazards and potential hazards are established and implemented at the Departmental level.

Pipeline Hazards

At the departmental level, Enbridge’s Pipeline Integrity management system (IMS-09, Section 4.5.2) includes programs, plans and procedures for identifying, analyzing, and managing hazards and potential hazards. Enbridge has developed programs for identifying most of the hazards prescribed in CSA Z662-11 Annex H, Clause H2.6, and ASME B31.8S, and has identified specific hazards that are considered to be threats to the integrity of its system. Enbridge has also developed additional programs for identifying hazards that present specific threats to its pipeline such as: the pressure cycling program, inline inspection uncertainty reviews, and internal stress corrosion cracking (specific to Line 21).

In reviewing the documents and records provided by Enbridge, the Board did identify one issue with respect to Enbridge’s hazard identification program. The Board found that it has not included hydrogen sulfide (H2S) gas as hazard or potential hazard. Although Enbridge provided background information challenging the requirements within CSA Z662-11 Section 16, the information does not provide adequate reasoning as to why H2S should not be considered a hazard or potential hazard. The Board notes that CSA Z662-11 requires a company to have a program to sample and analyze hydrogen sulfide (H2S) gas in its crude. While Enbridge routinely monitors it’s crude for constituents to determine compliance with its General Terms and Conditions, including total sulfur content, Enbridge does not monitor for dissolved H2S. Although Enbridge’s pipeline system does not normally contain a gas phase, H2S gas may be present in Enbridge’s pipeline and facilities particularly during slack flow conditions, downstream of pressure reduction valves, and in dead-legs. In the absence of a program to sample and analyze H2S in its crude oil, or a documented engineering assessment, or ANSI/NACE MR0175/ISO 15156-2, Annex C, to assess the hazard or potential hazard of H2S, Enbridge has not demonstrated that it complies with CSA Z662-11, Clause 9.10.1.5, and CSA Z662-11, Clause 16.2.1(b).

The corrective action plan developed with respect to this sub-element associated with H2S as a potential hazard must explicitly include any resultant changes to other management system processes and requirements that may be required. Examples of these changed include, but are not limited to, changes to Hazard and Risk Registers, lists of legal requirements and the hazard management processes.

Facility Hazards

Enbridge’s procedure FI-01, Facilities Integrity Identification of Hazards and Threats outlines its processes identifying all hazards and potential hazards to its facility assets. The company assigns appropriate functional groups within its organization to address the hazards identified. The Facilities Integrity group develops programs for preventing, mitigating and inspecting time dependent damage mechanisms (hazards) in its tanks, piping and piping components that contain shipped products.

Enbridge also identifies hazards through right-of-way (ROW) monitoring, field operations, control centre operations, using inline inspection contractors, and the processes entailed in designing new construction and acquiring assets. Although these sources of hazard identification are not within Enbridge’s Integrity Management Program, they do support Enbridge’s hazard identification programs.

Based on the information provided during the audit, the Board did not identify any issues associated with this area.

Inventory of Hazards and Potential Hazards

Enbridge Liquid Pipelines (LP), Pipeline Integrity and Facilities Integrity departments at Enbridge each maintain a list of hazards and potential hazards that pose a potential risk to the organization. These inventories of hazards and potential hazards are maintained within what Enbridge refers to as its IMP Hazard and Risk Registers. The IMP Hazard and Risk Registers identify hazards and potential hazards, potential consequences, controls, risk rating, planned actions, status of planned actions, action owners, and planned and actual completion dates for risks that require action. Enbridge’s Hazard and Risk Registers demonstrate that Enbridge has established and maintained an inventory of identified hazards and potential hazards, as required.

Evaluation of Risk

The Board identified that, at the departmental level, Enbridge has developed specific IMS-09 requirements to address IMP risk management requirements. Enbridge indicated that its departmental processes are based on and linked with the Risk Management Process in IMS-01. Enbridge’s processes included analysis of information gathered in the risk identification stage to understand what the risks were and to evaluate any potential controls used to mitigate the risks to an acceptable level. The company practices incorporated the use of a risk matrix (Heat Map) to identify and categorize risks into four groupings. Enbridge presented evidence that demonstrated it had set its acceptable risk tolerance as Level II (Medium Risk). According to the information provided by Enbridge, risk response plans are required to be developed for Level III and Level IV risks to reduce the risks to acceptable levels (Level II or below). Further, Enbridge demonstrated it had developed and utilized a Risk Exposure Index (REI) to show the relative number of risks that exceed Enbridge’s established risk tolerance level. The REI allowed Enbridge to compare and manage risks departments. During the audit Enbridge demonstrated that it was updating its risk index models to move from primarily qualitative to more quantitative practices. Review of the information provided to demonstrate the improvements indicated that the (two) processes that observed to be in development are the Mainline Risk Assessment model and the Facilities Risk Model.

Records to Demonstrate Hazard Identification and Risk Assessment Process

The Board was provided information indicating that, at a minimum, Enbridge monitors its risks quarterly and at the end of each year. Further documentation and record review indicated that process owners or project managers are responsible for monitoring risks within processes or projects and that the Enbridge Management Team monitored the risks documented within the Risk Registers to ensure that corrective actions and mitigation plans were being completed as scheduled. Further, it was noted that Enbridge’s Compliance department conducted quarterly and annual reviews on behalf of the executive management team to confirm that risks were being effectively mitigated.

Documentation indicated that the Enbridge Liquids Pipelines Risk Management group is responsible for internal reporting of hazards and potential hazards through the annual Liquids Pipelines Risk Report, the Corporate Risk Assessment and the quarterly Operational Risk Management Report. These reports were supported by the data in the risk registers and the Risk Exposure Index. Enbridge posted this information on its intranet.

Reporting Hazards, Potential Hazards, Incidents and Near-misses

Enbridge’s process for internally reporting risks on an annual basis is outlined in IMS-01 and associated process documents. The Risk Management department compiles information and generates risk reports including the annual Liquid Pipelines Risk Report, the Corporate Risk Assessment and the quarterly Operational Risk Management report. Department risk registers track the proposed corrective and preventative actions. The Risk Management department is responsible for internal reporting of hazards and potential hazards at a governance level.

Hazards, potential hazards and threats identified through aerial and land-based ROW inspections are communicated immediately to Enbridge Operations personnel followed by daily reports to Enbridge Operations that summarize all hazards and threats. Employees can access these reports on a database.

As a member of One-Call systems in each province, reports of hazards, potential hazards and threats (including potential third-party strikes) are provided to key Enbridge personnel for immediate action and mitigation. Hazards and potential hazards related to integrity are communicated to the Pipeline Integrity department and Field Operations. All leaks are reported through Enbridge’s online Leak Reporting System which is accessible by all employees. The Leak Reporting System automatically disseminates reports to key personnel.

Monitoring and Analyzing Trends

Enbridge uses its data management system for monitoring and analyzing trends in hazards, incidents, and near-misses. The company monitors the failure mechanisms and failure rates for its mainline system on a per-km per-yr basis. Enbridge defines a failure as an undesired event that results in any loss of containment. Enbridge’s Event Learning Process which includes hazards, incidents and near-misses, documents and manages corrective and preventive actions. The Event Learning Process provides procedures for documenting and investigating events, developing and completing corrective action plans, and documenting learnings. Enbridge provides the records and resources that support the Event Learning Process to its employees on the Pipeline Integrity SharePoint site.

To facilitate change in response to the analysis of trends in hazards, incidents, and near-misses, Enbridge’s Leak Reduction Team monitors and analyzes causes of systemic leaks, and makes recommendations for system-wide initiatives for reducing leaks on the Liquid Pipelines system. To capture a wide range of experience and knowledge, this team is comprised of personnel from several functional areas with roles in leak reduction.

Developing and Implementing Controls

The Pipeline Integrity department is responsible for identifying, assessing and managing threats to the pipeline system. By common integrity management practice, “threats” align with the Boards “hazards” requirements. IMS-09, section 4.5 describes the processes, activities and decisions for developing and implementing controls to prevent, manage and mitigate the identified threats/hazards and risks. Based on its interviews and documents review, the Board noted that these processes include practices and procedures for developing and implementing controls, as well as mitigation strategies for preventing, managing and mitigating hazards and risks.

The Board has found that, although Enbridge did not demonstrate that it has a process to identify, assess and manage hazards (threats) to the pipeline system at a governance level, based on the information reviewed and interviews conducted, Enbridge has demonstrated that it has developed and implemented programs at a Department level which meet the requirements of OPR section 6.5(1)(f).

Communication of Controls

Enbridge communicates its controls to prevent, manage and mitigate the identified hazards and risks through various means. Enbridge’s Risk Management department is responsible for the processes used to communicate controls to anyone expose to the risks. This department compiles Enbridge’s risks and information on the status of these risks in the annual Liquid Pipelines Risk Report, the Corporate Risk Assessment and the quarterly Operational Risk Management Report. The Operational Risk Management Plan communicates progress in managing or mitigating operational hazards and risks to senior management. Enbridge also communicates controls through signage, tailgate meetings, safety meetings, in its procedures and manuals and through safety bulletins. Further, Enbridge’s Hazard and Risk Registers provide a summary of controls implemented, and planned to be implemented, to manage and mitigate hazards and risks. These registers are communicated to Enbridge personnel via its intranet. An overall assessment of Enbridge’s compliance with the OPR management system communication process requirements is included in sub-element 3.5.

Summary

The Board found that, at a program level, Enbridge had established practices and processes for identifying and managing the majority and most significant of its hazards and potential hazards.

The Board also found that Enbridge did not demonstrate that it has established and implemented management system processes for identifying, analyzing and managing all hazards and potential hazards and associated risks that meet the Board’s requirements. Within its governance document IMS-01, Enbridge’s Risk Management Process focuses on managing risks for the company, however, the process does not identify and analyze hazards and potential hazards as required by OPR section 6.5(1)(c.).

Additionally, the Board found that Enbridge did not demonstrate that it has included H2S as a potential hazard within its processes. In the absence of a program to sample and analyze H2S in its crude oil, or a documented engineering assessment, or ANSI/NACE MR0175/ISO 15156-2, Annex C, to assess the hazard or potential hazard of H2S, Enbridge has not demonstrated that it complies with CSA Z662-11, Clause 9.10.1.5, and CSA Z662-11, Clause 16.2.1(b).

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

2.2 Legal Requirements

Expectations:

The company shall have an established, implemented and effective process for identifying and monitoring compliance with all legal requirements that are applicable to the company in matters of safety, security and protection of the environment. The company shall have and maintain a list of those legal requirements. The company shall have a documented process to identify and resolve non-compliances as they relate to legal requirements, which includes updating the management and protection programs as required.

References:

OPR section 6.5(1)(g), (h), (i)

CSA Z662-11, Clause 3.2

Assessment:

Governance: Identifying Legal Requirements

At a governance level, Enbridge’s IMS-01, Governing Policy and Process Management System and IMS-02, Compliance and Ethics Management System describe the company’s processes for identifying and monitoring its compliance with legal requirements. The IMS-02, Compliance and Ethics Management System, section 4.5.1 indicates that the company is required to develop a master corporate compliance register and departmental compliance registers. The compliance registers link to the company’s verification processes, which are described in IMS-01, section 4.4, Health Checks and IMS-01, section 4.5, Internal Reviews. IMS-02, section 5.2, Performance Measurement and Management describes the company’s governance processes for measuring and monitoring its compliance.

The OPR requires a company to establish and implement a process to identify its legal requirements and establish and maintain a legal list of the identified requirements. IMS-02 section 4.5.1 outlines Enbridge’s processes for identifying its legal requirements and outlines requirements to develop master and departmental compliance registers. Review of this process indicated that it aligns with the OPR process requirements for identifying legal requirements and establishing and maintaining a legal list. Review of the process as documented identified that, by description it should lead to a compliant process. For example the process includes steps requiring monitoring of legal changes, updating compliance registers, etc. It also establishes roles and responsibilities. However, the Board’s audit of this process identified that it was limited to description of the requirements and did not meet the Board’s management system process requirements. Further, the process does not require the development of a single legal list. The process includes requirements to develop a master compliance register; however, this register specifically excludes certain requirements such as in orders and permits. These are to be tracked in individual departmental compliance registers.

The Board also reviewed the linked compliance verification processes that Enbridge indicated were used to monitor compliance. The Board’s review indicated that some of the processes are not designed to meet the Board’s requirements. For example, both the Health Check and Internal Review processes are specifically not expected to be comprehensive with respect to evaluating departmental or management functions or departmental or project performance. Additionally, as described in the Internal Audit sub-element 4.3 below, the Internal Review process has not been established and implemented at the time of the audit and Health Checks are limited to reviewing the existing identified requirements that have been integrated within its existing processes and practices.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Legal Requirements
Identifying and Monitoring Compliance

At the governance level, Enbridge addresses its legal requirements in IMS-01 and IMS-02. IMS-01, section 4.5, Internal Review Process states that internal reviews will be conducted every 12 to 18 months using a standardized compliance review protocol. The Internal Review Process does not state that the internal review will be a zero-based assessment against the legal requirements, however, this process states that compliance deficiencies will be noted and tracked using an Event Report and that non-compliance with regulatory requirements typically constitutes an event.

At the department level, the PI-14, Event Learning Process procedure, section 5.2, Event Classification includes “an error or interpretation issue related to regulatory compliance” as an event, and classifies the event as an “internal failure”. While the PI-14 process includes regulatory non-compliance as an event, PI-14 Section 3.1 “Regulations, Codes and Standards”, refers only to CSA Z662 Oil and Gas Pipeline Systems and the National Energy Board - Onshore Pipeline Regulations. This section does not include reference to other applicable or adopted codes and industry standards. A non-compliant event associated with these missing codes and standards, or new versions of CSA Z662 or the OPR would not be identified by the Event Learning Process.

Establishing and Maintaining a List of Legal Requirements

At the department level, the IMS-09 Compliance Register (Master) has been developed to maintain a list of legal requirements that are applicable to the integrity management department in matters of safety, security and protection of the environment as required in OPR section 6.5(1)(h). In a review of this document, the Board noted that the list of legal requirements was incomplete and did not address the level of specificity required to enable the company to monitor its compliance with the legal requirements. The IMS-09 Compliance Register (Master) did not include a complete list of applicable or adopted codes and standards, and reference documents such as; American Petroleum Institute, American Society of Mechanical Engineers, National Association of Corrosion Engineers, Canadian General Standards Board, Canadian Gas Association and Alberta Boilers Safety Association. Further, it did not include Enbridge’s integrity documents, standards, processes and procedures that reference industry standards.

Based on the review of Enbridge’s IMS-09 Compliance Register (Master) and applicable procedures, Enbridge did not demonstrate that it has established and maintained a list of legal requirements that meets the requirements of OPR section 6.5(1)(h).

Monitoring Compliance

The Pipeline Integrity department is responsible for assessing compliance to current and pending regulations and maintaining a list of legal requirements for that department. The PI-83, Pipeline Integrity Health Check procedure applies to the Integrity Management System and related documents controlled and owned by the Pipeline Integrity department. Health Checks are to be completed regularly to measure the compliance, conformance and performance of Enbridge’s programs, and to identify improvement opportunities. The company defines compliance as adhering to laws, regulations and legal requirements in all jurisdictions where Enbridge operates, and adhering to Enbridge’s internal policies and procedures. PI-83 references regulatory compliance requirements in the OPR; CSA Z662, Oil and Gas Pipeline Systems (2011); API 1160, Managing System Integrity for Hazardous Liquids Pipelines; ASME B31.8S, Managing System Integrity of Gas Pipelines; and CSA Z662-11, Annex N, Guidelines for Pipeline Integrity Management Programs. The Board’s review of procedures and practices indicated that the content and the practices would not assure that a full or exhaustive review of compliance would or was being undertaken.

Identifying and Resolving Non-Compliances

During the audit, Enbridge demonstrated that, subject to the limitations identified above, it had developed several processes and procedures designed to identify and resolve non-compliances as they relate to its identified legal requirements at the program.

Summary

The Board found that Enbridge had developed a number of governance and program level processes and practices for identifying and monitoring its legal requirements.

The Board also found that Enbridge’s management system processes and requirements did not meet the OPR requirements. Enbridge did not provide its Master Compliance Register referred to in IMS-02 for review by the Board during the audit and therefore did not demonstrate that it has established and maintained a list of legal requirements as required by the OPR. Further, at the department level, the IMS-09 Compliance Register (Master) list of legal requirements was incomplete and did not address the level of specificity required to enable the company to monitor its compliance with the legal requirements.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

2.3 Goals, Objectives and Targets

Expectations:

The company shall have an established, implemented and effective process for developing and setting goals, objectives and specific targets relevant to the risks and hazards associated with the company’s facilities and activities (i.e., construction, operation and maintenance). The company’s process for setting objectives and specific targets shall ensure that the objectives and targets are those required to achieve its goals, and shall ensure that the objectives and targets are reviewed annually.

The company shall include goals for the prevention of ruptures, liquid and gas releases, fatalities and injuries, and for the response to incidents and emergency situations. The company’s goals shall be communicated to employees.

The company shall develop performance measures for assessing the company’s success in achieving its goals, objectives, and targets. The company shall annually review its performance in achieving its goals, objectives and targets and the performance of its management system. The company shall document the annual review of its performance, including the actions taken during the year to correct any deficiencies identified in its quality assurance program, in an annual report, and signed by the accountable officer.

References:

OPR sections 6.3, 6.5(1)(a), (b), 6.6

Assessment:

Governance: Goals, Objectives and Targets for Risks and Hazards

The OPR does not include any specific management system process requirements for developing policies and goals. However, Enbridge has established clear management system guidance with respect to its process for developing policies and goals. At a governance level, Enbridge’s IMS-01, Governance Documentation outlines the company’s expectations for documenting key corporate policies, such as the Strategic and Business Planning Processes. The Governance Documentation also explains the company’s “Planning Cascade” and associated documentation. This Planning Cascade document explains how the company links its policies and corporate vision to its performance targets and metrics. The practices described within the Governance Documentation process align with the Board’s requirements for establishing policies, goals, objectives, targets and performance measures. While not an absolute alignment between the Board’s requirements and Enbridge’s internal processes it does reflect integration of the Board’s requirements into Enbridge’s business management practices.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Goals

(Enbridge demonstrated that its program level Goals, Objectives and Targets aligned with the governance requirements; therefore, this section will focus on the specific goal requirements found in the OPR which apply to this program.)

The OPR identifies that a company must have goals for preventing ruptures, liquid and gas releases, fatalities and injuries, as well as for responding to incidents and emergency situations. Although implicitly included within its Integrity Principles, Enbridge did not demonstrate that it had an explicit statement of goals for preventing ruptures, liquid and gas releases, fatalities and injuries, and for responding to incidents and emergency situations as required in OPR section 6.3 (1)(b). It was noted that Enbridge’s Integrity Principles described the company’s fundamental values with respect to how it manages its integrity management program. Further, The Liquids Pipelines Priorities in the annual Product Integrity Department Plan include a measurable end result and objectives to be achieved within a set timeframe. Priority (1) for Liquids Pipelines states that company intends to “Eliminate ruptures and reduce leaks.” This implies preventing ruptures, liquid and gas releases, fatalities and injuries. However, it does not explicitly state that the company’s goal is to prevent leaks, not just to reduce leaks. Based on the Board’s review of documentation provided, Enbridge’s did not demonstrate that it has a policy at the governance level that explicitly establishes goals for preventing ruptures, liquid and gas releases, fatalities and injuries.

Although Enbridge did not demonstrate that it has explicit goals for the prevention of ruptures, liquid and gas releases, fatalities and injuries, and for the response to incidents and emergency situations, Enbridge does communicate its existing goals and priorities to its employees through a variety of means including presentations, emails, eLink advisories, documents, scorecards, and department plans.

Summary

The Board found that Enbridge has demonstrated an alignment between its governance processes and with the OPR requirements; the Board has not identified non-compliance with them.

The Board also found that, while Enbridge demonstrated that it had developed its Integrity Principles, and Enbridge’s Liquids Pipelines Priority (1) that both imply prevention of ruptures, liquid and gas releases, fatalities and injuries; neither establishes explicit goals for the prevention of ruptures, liquid and gas releases, fatalities and injuries as required by the OPR.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

2.4 Organizational Structure, Roles and Responsibilities

Expectations:

The company shall have a documented organizational structure that enables it to meet the requirements of its management system and its obligations to carry out activities in a manner that ensures the safety and security of the public, company employees and the pipeline, and protection of property and the environment. The documented structure shall enable the company to determine and communicate the roles, responsibilities and authority of the officers and employees at all levels. The company shall document contractors’ responsibilities in its construction and maintenance safety manuals.

The documented organizational structure shall also enable the company to demonstrate that the human resources allocated to establishing, implementing and maintaining the management system are sufficient to meet the requirements of the management system and to meet the company’s obligations to design, construct, operate or abandon its facilities to ensure the safety and security of the public and the company’s employees, and the protection of property and the environment. The company shall complete an annual documented evaluation in order to demonstrate adequate human resourcing to meet these obligations.

References:

OPR sections 6.4, 20, 31

CSA Z662-11, Clauses 3.1.1, 3.1.2(b) and 3.2

Assessment:

Governance Organizational Structure and Roles and Responsibilities

At a governance level, Enbridge demonstrated that it has a single, over-arching management system process that describes the organizational structure and responsibilities for the ongoing development and implementation of its management system. The IMS documents defined the roles and responsibilities regarding occupational health and safety of all employees and contractors.

The governance management system documents indicated that Enbridge’s executive management was responsible for upholding the management system policies, process, standards and requirements. They were also responsible for ensuring that appropriate resources are available to monitor compliance and implement continuous improvement of the management system. Further the documentation identified that Enbridge’s President’s responsibilities include allocating the resources necessary for management system compliance.

Governance Annual Evaluation of Resource Need

Enbridge demonstrated that it has developed a number of corporately required or supported mechanisms for evaluating its resourcing needs.

Enbridge did not; however, provide specific documentation and records to demonstrate it evaluates the need for human resources allocated to establishing, implementing and maintaining its management system and explicitly meeting its OPR section 6 obligations at a corporate or program level.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Organizational Structure and Roles and Responsibilities

The Board identified that Enbridge’s Integrity Management Program is supported by approximately 250 integrity personnel mostly based in Edmonton; 150 are Enbridge employees and 100 are provisional contractors. Enbridge has integrity specialists in each of its regional offices that liaise with the Pipeline Integrity team in Edmonton. These individuals are supported by field technicians, pipeline maintenance personnel and contracted specialists.

Enbridge’s integrity management organizational structure is documented in IMS-09, and supported by organizational charts for each region and supporting department or functional group. Enbridge documents the organizational structures of all of its business units and functional areas using an online tool called OrgPlus. These organizational structures align with the activities required to ensure the safety and security of the public, company employees and the pipeline, as well as the protection of property and the environment.

The Integrity Management program is executed through three functional groups: Pipeline Integrity, Operations and Engineering. The Pipeline Integrity department is part of Enbridge Pipelines Inc. - Liquids Pipelines. The Vice President of Pipeline Integrity leads the department and is supported by directors, senior managers, managers and a workforce. The Vice President of Pipeline Integrity reports to the Chief Operating Officer, who reports to the President - Liquids Pipelines and Major Projects. The Vice President of Pipeline Integrity is accountable for pipeline integrity management. The following three directors administer the programs: Director of Integrity Programs, Director of Integrity Systems and Director of Infrastructure Integrity. This organizational structure is documented in the Pipeline Integrity Functional Organization Chart dated 15 March 2013.

Roles, responsibilities and authorities that support the implementation of the Facilities Integrity Management program are detailed in Facilities Integrity Roles, Responsibilities and Authorities - Guideline Document Version 3.7 (19 April 2013). This document lists known threats to facilities, and outlines the responsibilities and deliverables of Facilities Integrity and other departments in managing these threats. It also identifies the responsibilities and authorities of each Facility Integrity position to ensure that employees understand what they are expected to deliver.

Roles, responsibilities and authorities for Pipeline Integrity functions are detailed in IMS-09, section 1.8, Functional RASCI. This chart details the roles for Pipeline Integrity, Facilities Integrity and supporting departments. Roles and Responsibilities are also documented in program documents related to specific threats.

As components of the gathering system require integrity management approaches different from those used for the mainline pipeline system, Enbridge clarified these responsibilities in IMP-00-02-02, Organizational Lines of Responsibility. IMP-00-02-02 details the responsibilities of each supporting group within the Gathering group of companies, including Enbridge Pipeline Integrity and Enbridge Pipeline Saskatchewan Inc.

Roles and Responsibilities

The Board identified the following practices processes being implemented within Enbridge’s integrity management department for establishing and communicating roles and responsibilities of company employees and workers.

Enbridge hiring leaders work with Human Resources to develop job profiles for each position within the Integrity Management Program including positions that support normal and abnormal operations. Job profiles outline the roles and responsibilities of each position. Job ladders describe the work done at each level. Although these job ladders do not detail the specifics of positions; they do define the knowledge, skills and abilities required at each level on the job ladder.

Enbridge links individual development plans and performance targets to its department plans, and to the overall business performance measured on the company’s scorecard and through initiatives tracking. Interviews with Enbridge personnel confirmed that the company is committed to ensuring that adequate and appropriate resources are in place to meet its obligations for designing, constructing, operating and abandoning its facilities to ensure the safety and security of the public and the company’s employees, and the protection of property and the environment.

The Board requires the company to determine and communicate the roles, responsibilities and authority of its officers and employees at all levels within the company. Department Plans outline each department’s objectives, initiatives, performance targets and priorities for the upcoming year, and is communicated to all stakeholders to ensure support and understanding. The company also communicates roles and responsibilities through discussions and meetings with employees, on its SharePoint sites, by email, and on the company’s intranet.

The Board requires the company to document contractors’ responsibilities in its construction and maintenance safety manuals. Enbridge defines two types of contractors: provisional contractors and contractors. Enbridge treats provisional contractors like employees and includes them in the company’s organizational structure. Provisional contractors must follow the same requirements as Enbridge employees. They include contract technical specialists that work within Enbridge departments alongside Enbridge employees. In contrast, contractors are personnel that typically provide a specified term of services or supply a product to Enbridge. Contractors are supported by specific written contracts that outline their responsibilities and the services or products they will provide. As stated in these written agreements, contractors work under the supervision of Enbridge personnel. Contractors acknowledge that they understand the terms and conditions to which they have committed, as documented on a work order or within a master service agreement.

Enbridge’s Contractor Safety Manual (January 2012) outlines the company’s rules, safe work practices and procedures for pipeline and facility construction and maintenance activities. Contractors work under the oversight of a company site inspector or operations representative. In contrast, provisioned contractors work under the direct supervision of an Enbridge employee and must follow the company’s operating and maintenance procedures. Workers hired for a set period of time under the direct supervision of a company operations representative must also follow Enbridge’s operating and maintenance procedures. The Contractor Safety Manual is part of the contract document. Enbridge gives the contractor copies of the manual before the contractor starts to work on any of the contracted activities. Documented in Enbridge’s Operations and Maintenance Manual (OMM), Book 2: Safety 01-02-04, the Contractor Safety Management Program provides direction for managing contractor health and safety. It describes identifying hazards, implementing controls and preventing losses that arise from contractor work. The Contractor Safety Management Program applies to all contractors and contract personnel performing construction and maintenance work for Enbridge.

Annual Evaluation of Resource Need

Enbridge did not provide documentation or records to demonstrate it specifically evaluates and demonstrates that the human resources allocated to establishing, implementing and maintaining its management system and meeting its OPR section 6 obligations are sufficient.

With respect to its integrity management program evaluation of need, Enbridge demonstrated that it uses several mechanisms to evaluate its human resources needs. Key examples include:

  • Liquids Pipelines priorities and objectives review and planning - (The leadership team defines the key priorities and objectives for Liquids Pipelines in alignment with the Strategic Plan; the Strategic Plan defines the focus and priorities for the company as a whole);
  • Integrity Management Department Plan development - (IMS-01 processes based);
  • Workforce planning - (Enbridge Human Resources department led to identify the job types and the number of each job type required to ensure there are sufficient resources to meet management and protection requirements; and
  • Annual Work Plan update and development - (The Integrity Management department develops a detailed annual work plan that takes into account the priorities, objectives and Liquids Pipelines business unit planning).

The Board found these mechanisms were being implemented within Enbridge’s Integrity Management department.

The Board’s review of Enbridge’s processes and practices being used to evaluate its human resource needs identified that it did not specifically account for requirements related to staff outside of the department that have integrity management responsibilities, such as Field Operations and Maintenance staff.

Summary

At the department level, the Integrity Management program organizational structure is documented in IMS-09 and supported by organizational charts for each region and supporting department or functional group. Based on the documents reviewed, the Board found that Enbridge’s organizational structure enables the company to meet the requirements of its management system and its obligations for carrying out activities in a way that ensures the safety and security of the public, company employees and the pipeline and protection of property and the environment. The Board found that has developed and implemented a number of corporately required or supported mechanisms for evaluating its resourcing needs.

The Board also found that Enbridge did not demonstrate that it explicitly evaluates the need for human resources allocated to establishing, implementing and maintaining its management system and meeting its OPR section 6 obligations at a corporate or program level. Further, the Board found that Enbridge’s program level evaluation of need did not specifically account for integrity management program activities that were conducted by staff outside of the department that have Integrity Management responsibilities.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

3.0 IMPLEMENTATION

3.1 Operational Control-Normal Operations

Expectations:

The company shall have an established, implemented and effective process for developing and implementing corrective, mitigative, preventive and protective controls associated with the hazards and risks identified in elements 2.0 and 3.0, and for communicating these controls to anyone who is exposed to the risks.

The company shall have an established, implemented and effective process for coordinating, controlling and managing the operational activities of employees and other people working with or on behalf of the company.

References:

OPR section 6.5(1)(e), (f), (q)

CSA Z662-11, Clause 3.1.2(f), 3.2 and 10

Assessment:

Governance Developing and Implementing Operational Controls - Normal Operations

At a governance level, Enbridge’s IMS-01, section 4.3, Risk Management Process describes the company’s process for developing and implementing controls for addressing its hazards and risks. As noted in sub-element 2.1 of this audit, the Board found that this Enbridge process is non-compliant for several reasons, including the process design and implementation of the hierarchy of controls. Since the Board has already identified that Enbridge will have to develop corrective action plans for sub-element 2.1, the Board will not assign additional non-compliances for the governance process in this sub-element; however, Enbridge must specifically consider and include any corrective actions associated with this sub-element within the corrective action developed plan developed for sub-element 2.1.

Governance Processes for Coordinating, Controlling and Managing the Operational Activities of Employees and other People Working With or On Behalf of the Company

These management system process requirements are described in OPR section 6.5(1)(k) and (q). During the audit Enbridge indicated that these requirements were described within its IMS-01 sections 2.4 Management System Development and Implementation Requirements and 4.14 Workforce Competency and Qualification Management Process and in its OMMs and various other program level processes.

Review of the IMS processes indicated that they did not address the requirements identified in the sub-element directly and that, as noted elsewhere in this report the IMS-01 4.14 Workforce Competency and Qualification Management Process has not been demonstrated to be established or implemented. Review of the OMM processes indicated that they were not considered as governance management system process within the company. Enbridge is therefore non-compliant with respect to its OPR management system process requirements.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Developing and Implementing Operational Controls - Normal Operations
Developing and Implementing Controls

At the governance level, Enbridge’s Liquids Pipelines Risk Management department focusses on quantifying (As stated in IMS-09 section 4.5.2, “mitigation actions are carried out in consideration of high consequence areas such as waterways and populated areas.”)

The Board found that Enbridge’s Integrity Management department was developing and implementing controls that address the hazards, threat and risks identified within its integrity management program. During the audit Enbridge identified that it has focused on quantifying the consequences of a loss of containment along the length of the pipeline and has developed a consequence profile for each segment of the mainline pipeline system. Enbridge also identified that its mitigation actions (controls) are carried out in consideration of high consequence areas such as waterways and populated areas.

As assuring the control of pipeline and facility hazards is of primary importance to the Board, this audit included an in-depth examination of Enbridge’s Operational Controls. A description of the controls developed and implemented by Enbridge has been included in this sub-element. Unless otherwise noted, based on the information provided by Enbridge, no issues of non-compliance were noted during the Board’s audit of the controls.

At the department level, Enbridge develops and implements controls for preventing, managing and mitigating the identified hazards through three types of programs: prevention, monitoring and mitigation.

The company uses its IMS-09, section 4.5.2, Pipeline Integrity Threat Management Process to:

  • Identify potential integrity hazards or degradation mechanisms that could lead to failure;
  • Characterize risks, and assess the consequences and likelihood of occurrence of risk events; and
  • Manage hazards in accordance with the company’s asset management requirements through prevention, monitoring and mitigation.

After identifying actual and potential threats and assessing their risks, the company develops prevention, mitigation and monitoring actions to control the threats. Enbridge documents the threats, risks, and planned actions to control threats in Hazard and Risk Registers for the Pipeline Integrity and Facilities Integrity departments, the annual Pipeline Integrity Department Plan and the Field Operations Department Plan. The company measures the status of the planned actions for controlling hazards and communicates the results as part of its improvement cycle. In addition to department plans and risk registers, Enbridge also uses its 2014 Liquids Pipelines Scorecard to track and communicate the performance of the Liquids Pipelines business unit.

Threat Management

Enbridge has designed and implemented a threat management process that includes activities, processes and procedures for ensuring the safety and integrity of pipelines and facilities. As part of this process, Enbridge manages control of identified threats through various methods of prevention, monitoring and mitigation.

Enbridge has developed processes, plans and procedures for managing the following threats to its pipeline system:

  • fatigue and stress corrosion cracking;
  • internal and external corrosion;
  • coating degradation;
  • welding defects;
  • AC interference;
  • geotechnical; and
  • deformation and strain.

Enbridge’s Damage Prevention department, Operations group and Control Centre Operations manage other threats, such as third-party damage, improper operations and control system malfunctions.

Threat Mitigation Programs

Enbridge has three primary methods in its Integrity Management program for mitigating threats: in-line inspections, pressure tests and direct assessments. The company relies primarily on in-line inspections to manage and monitor the hazards of internal corrosion, external corrosion, cracking, dents and mechanical damage. The company’s dig program is based primarily on the probability of failure. Based on Enbridge’s presentations and audit interviews, the Board found that the Integrity Management Program has applied a very conservative approach in its integrity programs to reduce the probability of failures to such a low level that the risks will remain low throughout the company’s pipeline system. The Board identified that Enbridge does not evaluate the consequences of failure when establishing dig schedules, but rather considers all possible consequences as “high” and focusses on reducing the probabilities to very low levels. The Board notes that Enbridge’s activities and conservative assumptions have been maintaining a very low probability of failures, which meets the company’s intention of achieving an acceptably low level of risk. This conservative approach is based on; less time between inline inspection re-assessments; reduced pressure cycling; and using very conservative crack growth rates and internal or external corrosion growth rates in deterministic modelling.

Enbridge categorizes its threat control and risk reduction programs into the following five categories:

  • surveillance and condition monitoring (measures to identify, and reduce or eliminate risks and hazards at their source);
  • mitigative measures;
  • preventive measures;
  • protective measures; and
  • remedial measures.
Surveillance and Condition Monitoring

Enbridge uses surveillance and condition monitoring to detect the presence of threats, monitor threat progression, and reduce or eliminate the threats or hazards at their source. Enbridge has developed various techniques and programs to monitor its system, verify pipeline and facility integrity, and confirm that prevention mechanisms are effective. Pipeline threat monitoring includes inline inspection, online pressure monitoring, pressure cycling monitoring, active slope monitoring, aerial and ground-based pipeline ROW monitoring, hydro-testing, non-destructive examination and direct assessment techniques. Threat monitoring for Enbridge’s facilities focusses on its; above-ground and below-ground station piping; above-ground storage tanks, laterals, small diameter piping, underground sumps, and flanges.

Additionally, to ensure that its monitoring programs are effective and that mitigations are being designed and implemented, a team (Leak Reduction Team) of subject matter experts from Pipeline Integrity, Operations and Engineering reviews all integrity related failures for each monitoring program.

Mitigative Measures to Address Risks and Hazards

Enbridge applies mitigative measures and activities to reduce the likelihood of failures and minimize the consequences if a failure occurs. IMS-09, section 4.5.5 provides an overview of the company’s mitigation process for managing potential pipeline threats and threats that have been identified through in-line inspections and other means. Enbridge’s mitigation measures include:

  • repairing or replacing pipe;
  • stabilizing slopes on pipeline ROWs;
  • using cathodic protection for external corrosion control;
  • reducing pipeline pressure;
  • controlling pressure cycling;
  • increasing overburden over pipelines;
  • using corrosion inhibitors for internal corrosion control;
  • secondary containment around tankage; and
  • a maintenance pigging program.
Preventive Measures to Address Risks and Hazards

As described in IMS-09, section 1.7.2, preventing threats requires an integrated team approach that includes the Pipeline Integrity department, Operations and the Risk Management group. Preventive measures at Enbridge include:

  • selective pipeline routing;
  • proper construction and material selection;
  • limiting operating stress through design;
  • quality pipeline installation; and
  • quality control programs during construction of tanks, piping and associated equipment.

Preventive measures for Operations include applying cathodic protection and using chemical inhibitors to help prevent threats and manage defects identified through monitoring. These programs are primarily managed by Enbridge’s Field Operations and Maintenance department and are supported by technical expertise within the Pipeline Integrity department.

Enbridge’s damage prevention activities also include programs such as Pipeline Depth Monitoring and right-of-way (ROW) patrols to monitor threats that may pose a threat, risk or hazard. Other preventive measures include signage, line locating and One-Call systems, and communicating with landowners, the public, excavators and contractors to prevent third-party damage

Protective Measures to Address Risks and Hazards

Enbridge’s protective measures to guard pipeline and facilities equipment against damage and failure are largely based on its coating integrity and cathodic protection programs.

Enbridge has a dedicated coating integrity program to address any coating of Enbridge’s steel assets. Protective coatings are used on almost all of Enbridge’s steel assets that are exposed to corrosive environments including immersion, buried service and atmospheric conditions. Enbridge records the type of coatings used on each of its pipelines on line summary documents and route sheets.

Enbridge has also developed, implemented and documented a cathodic protection program to mitigate external corrosion on its pipelines and below-grade station piping. Routine monitoring and maintenance of its cathodic protection systems is completed as per the regulatory requirements.

Remedial Measures

Remedial measures are activities completed to correct known issues, such as pipeline defects. Defects that do not meet Enbridge’s established acceptance levels are removed or repaired or otherwise mitigated through maintenance activities. Remedial activities include pipeline reinforcement, cut out, repair and temporary pressure reduction. They also include facility equipment repair, replacement or refurbishment. Pipeline Integrity works closely with Operations, Engineering project teams and other supporting departments to ensure remedial measures are completed according to plan and that resources are allocated appropriately.

Enbridge’s threat management process includes various programs for preventing, monitoring and mitigating threats to its pipeline system. The Board reviewed several key threat management programs as discussed below.

Crack Management Program

Enbridge stated that the most common time-dependent cracking mechanisms experienced in its pipeline systems are fatigue cracking and stress corrosion cracking. Enbridge has developed a crack management program for addressing crack threats on its pipelines which applies to all liquid mainlines that fall within Pipeline Integrity’s responsibility. The Crack Management Plan is a continuous cycle that consists of assessing crack susceptibility, determining the reassessment interval and monitoring conditions.

Crack Susceptibility Assessment Process

This process applies to pipeline segments that have not had a susceptibility assessment or have experienced a change in probability during condition monitoring. Enbridge’s Crack Susceptibility Guideline provides guidance on determining susceptibility for fatigue cracking and stress corrosion cracking. Once susceptibility is determined, a mitigation plan is prepared. Enbridge’s Crack Threat Assessment Guideline provides guidance on choosing the best crack assessment method for a comprehensive assessment. Crack assessment methods include crack inline inspection, pressure tests and direct assessment.

Re-assessment Interval Process

Enbridge uses this process to determine the intervals at which the crack susceptibility and crack threat of the relevant pipeline segment should be re-assessed. This process applies to all pipeline segments within Pipeline Integrity’s responsibility. Procedure PI-41, Crack Inline Inspection Interval Determination outlines the company’s process for determining re-assessment intervals. Section 4.1, Susceptibility, describes the factors that affect failure susceptibly for fatigue cracking and stress corrosion cracking; however, Section 4.1 fails to address corrosion fatigue. The Board noted that corrosion fatigue is also not addressed in Enbridge’s Crack Susceptibility Guideline document.

Crack Inline Inspections

According to Enbridge’s documentation, crack inline inspection is the most common crack threat assessment method used by Enbridge. Inline inspection is considered the most informative form of crack threat assessment because it provides detailed information about axial cracks and crack-like features. At the time of the audit, the only NEB regulated mainline pipeline that was not piggable and had not had a crack inline inspection was Line 24.

Corrosion Fatigue

As part of its audit, the Board specifically examined Enbridge’s crack management program for information with respect to how Enbridge manages the threat of corrosion fatigue.

As a result of the Board’s Integrity Management Program audit of Enbridge in 2008, Enbridge committed to applying its learnings from the 2007 Glenavon failure to its corrosion fatigue model. Enbridge committed to develop and implement a method that includes local corrosion wall loss as well as crack depth when performing engineering assessments of crack defects occurring in areas of corrosion. Enbridge also committed to develop and implement a corrosion fatigue model for pipelines under cyclic loading that estimates growth rates for cracks occurring in areas of corrosion to be used when determining re-inspection intervals.

In light of the 2010 failure in the United States referred to as the “Marshall, Michigan rupture and release”, corrosion fatigue was considered a critical component of Enbridge’s crack management program. The National Transportation Safety Board, in its PB2012-916501 report dated June 2012, determined that "the probable cause of the pipeline rupture was corrosion fatigue cracks that grew and coalesced from crack and corosion wall loss in addition to the crack depth when performing engineering assessments of crack defects coincident rosion defects under dis-bonded polyethylene tape coating...”. In response to the 2010 Marshall failure, Enbridge submitted its newly developed and implemented crack management program for corrosion fatigue to its US regulators to address the recommendations made by the NTSB. Enbridge was required to develop and implement a methodology that included local corrwith areas of corrosion. As well, it was to develop and implement a corrosion fatigue model for pipelines under cyclic loading that estimates growth rates for cracks that coincide with areas of corrosion when determining re-inspection intervals. Enbridge stated that it had addressed the recommendations by modifying its Integrity Management Program and Crack Management Program.

Direct Assessment

Enbridge uses this threat assessment method on pipelines for which the target threat is stress corrosion cracking. Direct assessment involves gathering and analyzing dig results from sites likely to have stress corrosion cracking. During audit interviews, Enbridge stated that it has developed its own procedures for direct assessments based on Inline Inspection data. NEB inspections of Enbridge’s dig sites carried out in support of this audit confirmed that the direct assessment methodology used by Enbridge was adequate.

Stress Corrosion Cracking (SCC)

Enbridge’s OMM, Book 3: 05-03-02, Evaluating Stress Corrosion Cracking Clusters documents this method of assessing SCC. With this method, clusters of crack-like indications are evaluated to determine whether the clusters have significant stress corrosion cracking. Enbridge’s assessment method for SCC, as determined during NEB inspections, was considered to be adequate.

Threat Management of New Construction

The Board saw evidence that subject matter leads from Enbridge’s Corrosion Programs department within Pipeline Integrity participate in new construction activities. These staff members help develop hydro-test plans, identify the need for chemical inhibitors, and are responsible for the cathodic protection design standards applicable to new construction. Once the pipeline is transitioned to the Pipeline Integrity department, an internal corrosion control program is developed and implemented for each new pipeline to prevent and control internal corrosion threats. No issues were identified during the review of this practice.

Geohazard Management Program

At the time of the audit, Enbridge’s geohazard management program was in development.

The Board was advised that the procedures for slope management, river crossing management, longitudinal stress management, the Inertial Monitoring Unit, longitudinal strain evaluation and seismic load management are under development. Enbridge currently monitors slopes and water crossings using ROW patrols conducted every two weeks and ground inspections conducted on intervals based on the threat at each site. The geohazard management program manages approximately 500 slopes and 700 watercourse crossings for NEB regulated pipelines.

Enbridge’s current geohazard management program addresses most geotechnical hazards and the associated monitoring and mitigation requirements. However, the Board identified that Enbridge does not, currently have a formal program for managing the threat of seismic activity. At the time of the audit, Enbridge was developing a program for managing the threat of seismic activity. As the program was still in development at the time of the audit, Enbridge did not demonstrate that the program meets the requirements included in this sub-element.

Mechanical Damage Management Program

Enbridge’s Mechanical Damage Management Program (MDMP) integrates the company’s geometry Inline Inspections (ILI) with its corrosion program Inline Inspections. During the audit presentations, interviews and responses to follow-up information requests, Enbridge’s MDMP team provided documents and records to verify that high resolution geometry inline inspection tools have been run in all of Enbridge’s NEB regulated pipelines.

The Mechanical Damage Management Program is supported by Pipeline Integrity (PI) procedures that address ILI mechanical damage data review and assessment, data trending and integration and developing and executing a dig program to investigate ILI features related to mechanical damage.

The auditors did not identify any issues with the current state of how the MDMP s addresses the hazards due to mechanical damage, as well as the monitoring and mitigation requirements from a technical standpoint. Enbridge’s MDMP corresponds to the current industry practices and available technical methodologies. However, in terms of management system requirements, Enbridge’s Pipeline Integrity Management System document (IMS-09), Section 4.5.5 Mitigate Pipeline Threats Process Overview, and specifically Figure 4.5.5-1 the Process Overview Map, does not contain a documented process step for the MDMP.

During the audit presentations and interviews, Enbridge MDMP subject matter experts indicated that the MDMP had yet to be integrated into the IMS-09 process requirements. While the MDMP, from a program level technical practice standpoint, does address the hazards related to mechanical damage, the Board determined that the MDMP cannot be assessed as compliant because of its current state of formal incorporation into the Pipeline Integrity Management System process.

Inline Inspections Data Integration 

During the audit, Enbridge gave a presentation outlining its Inline Inspections Data Integration tool that it uses to identify where possible multiple anomalies identified by ILI, may be located in the pipelines. Since each inline inspection tool is not able to detect every feature type, Enbridge integrates inline inspections data to identify the following interacting threats:

  • corrosion + crack;
  • deformation + corrosion;
  • deformation + crack; and
  • deformation + crack + corrosion.

Enbridge has completed a data integration assessment associated with the above on all of its NEB regulated pipelines.

Enbridge excavated 87 features based on its threat integration analysis for Lines 01, 03, 05 and 11. The results demonstrated that primary and secondary features were found to be interacting in the field 52% of the time. This indicates that almost half of the digs completed may have not been required, which supports the conservative approach Enbridge has been taking for identifying and addressing possible anomalies. Enbridge continues to work with inline inspections vendors to improve its detection and characterization of anomalies.

Program Processes for Coordinating, Controlling and Managing the Operational Activities of Employees and other People Working With or On Behalf of the Company

As noted above, during the audit Enbridge indicated that it has established a number of OMM and program based processes that address the Board’s requirements for coordinating, controlling and managing the operational activities of employees and other people working with or on behalf of the company. The Board’s review of the referenced documents and associated records provided by Enbridge indicated that, at the integrity management program level, the company has established appropriate practices and processes.

Summary

The Board found that Enbridge has developed and implemented a significant number of programs, processes and practices to prevent, manage and mitigate most of its hazards.

The Board also found non-compliances related to Enbridge’s hazard mitigation programs and controls.

The Board found that, at the governance level, Enbridge references IMS-01, section 4.3 Risk Management Process and the Risk Management Process Map. Step #17 - Identify Risk Mitigation approach and prepare Risk control plan on this process map is colour coded red, indicating that the processes are either aspirational or are not fully established or implemented and therefore are non-compliant with the OPR. This non-compliance has been previously identified as part of the Board’s finding documented in sub-element 2.1 Hazard Identification, Risk Assessment and Control, above. The corrective actions developed to address that finding must specifically must specifically consider and include any corrective actions associated with this sub-element.

The Board found that Enbridge did not provide information with sufficient clarity for the Board to evaluate Enbridge’s controls to address the threat of corrosion fatigue as part of its crack management program. Enbridge will need to provide this information in a manner that facilitates the Board’s evaluation.

The Board found that Enbridge’s Geohazard Management Program did address most of its geotechnical hazards; however, the program and the associated controls were not fully developed and implemented and therefore presently non-compliant. Additionally, the Board found that Enbridge’s GeoHazard Management Program had not fully integrated and addressed all of the requirements for managing the threat of seismic activity.

The Board found that Enbridge’s Mechanical Damage Management Program did address most of the identified hazards due to mechanical damage; however, because of its current state of development and implementation, the Board assessed Enbridge’s mechanical damage management program as non-compliant.

The Board found that, at the program level, Enbridge has developed and implemented processes and practices for coordinating, controlling and managing the operational activities of employees and other people working with or on behalf of the company; however, the Board also found that Enbridge has not established and implemented management system level processes that meet the OPR requirements relating to these same issues.

Based on the Board’s evaluation of Enbridge’s management system and the Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

 

Compliance Status: Non-Compliant

3.2 Operational Control-Upset or Abnormal Operating Conditions

Expectations:

The company shall establish and maintain plans and procedures to identify the potential for upset or abnormal operating conditions, accidental releases, incidents and emergency situations. The company shall also define proposed responses to these events and prevent and mitigate the likely consequence and/or impacts of these events. The procedures must be periodically tested and reviewed, and revised where appropriate (for example, after upset or abnormal events). The company shall have an established, implemented and effective process for developing contingency plans for abnormal events that may occur during construction, operation, maintenance, abandonment or emergency situations.

References:

OPR section 6.5(1)(c), (d), (e), (f), (t)

Assessment:

Governance Upset and Abnormal Operating Conditions

Enbridge uses the processes described in sub-elements 2.1 and 3.1 of this audit report to identify hazards and potential hazards to the occupational health and safety of its workers during abnormal operating conditions, accidental releases, incidents and emergency situations. Therefore, the general findings of those sub-elements apply to this sub-element as well. Since any issues applicable to this sub-element must be addressed in the corrective action plan developed for sub-element 2.1, the Board will not assign further Non-Compliances for the governance process in this sub-element.

Governance Developing Contingency Plans for Abnormal Events

The Board requires the company to establish and implement an effective process for developing contingency plans for abnormal events that may occur during construction, operation, maintenance, abandonment or emergency situations. It is important to note that contingency plans are not limited to emergency response. The Board found that Enbridge’s governance processes did not include specific processes or policies for developing contingency plans for abnormal events.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Upset or Abnormal Operating Conditions

As assuring the control of pipeline and facility hazards is of primary importance to the Board, this audit included an in-depth examination of Enbridge’s Operational Controls. A description of the controls developed and implemented by Enbridge has been included in this sub-element. Unless otherwise noted, based on the information provided by Enbridge, no issues of non-compliance were noted during the Board’s audit of the controls.

Pressure Control and Over-pressure Protection

Enbridge presented information on its Pipeline Integrity - Protocol, 3.2, that any pressure above 100% of the allowable working pressure is deemed an overpressure, and that Control Centre Operations contacts Pipeline Integrity if an overpressure exceeds 110% of the maximum allowable operating pressure. Enbridge previously advised the Board that it does not have mechanical overpressure protections on its pipeline as required in CSA Z662-11, Clause 4.18.1.2 The Board therefore issued a Safety Order in May 2013 (SO-E101-004-2013) that required Enbridge to submit, for Board approval, its plan for conducting a transient analysis and assessment on all Enbridge pipelines and facilities. The Safety Order also required Enbridge to provide a timeline and explain the prioritization of its transient analysis mitigation plan. Further, Enbridge was required to provide a status update every six months on the progress of its overpressure control and overpressure protection mitigation. The last progress meeting with Enbridge and NEB staff concluded that Enbridge was proceeding with changes to its operating procedures and PSV settings, installing pressure relief systems and imposing flow restrictions when required.

As the Board has oversight on the issue of overpressure control and overpressure protection through its Safety Order and subsequent follow-up, overpressure control and overpressure protection have been excluded from the scope of the Integrity Management Program audit.

Summary

Based on interviews, and document and record reviews, the Board found that Enbridge has established controls for managing and mitigating abnormal operating conditions that have been identified in its integrity management program.

The Board also found that Enbridge does not have a management system process for developing contingency plans that meets the requirements of the OPR.

Based on the Board’s evaluation of Enbridge’s management system and the Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

3.3 Management of Change

Expectations:

The company shall have an established, implemented and effective process for identifying and managing any change that could affect safety, security or protection of the environment, including any new hazard or risk, any change in a design, specification, standard or procedure and any change in the company’s organizational structure or the legal requirements applicable to the company.

References:

OPR section 6.5(1)(i)

CSA Z662-11, Clause 3.1.2(g)

Assessment:

Governance Management of Change Process

During the audit, Enbridge identified that it had developed a governance management of change process. In reviewing the documents and records and conducting interviews, the Board found that Enbridge’s governance process had not been fully established or implemented at the time of the Board’s audit. The Board’s review found that Enbridge’s design of its governance process does not meet the OPR management system process requirements.

During the audit, Enbridge indicated that MOC processes and requirements are embedded in all of its existing written processes, procedures and practices. Enbridge indicated that a single MOC process would not be able to meet its or other companies with significant facilities and processes, requirements. Therefore, Enbridge has multiple processes embedded in multiple locations. Further, Enbridge indicated that its interpretation of the OPR is to “ensure that a MOC process is available for unplanned, unexpected or infrequent changes that are not already embedded in existing activities and processes. There is no requirement in the OPR for these various management of change processes to be formally tied to one another.”

The Board has found that Enbridge’s interpretation and practices are inconsistent with the Board’s interpretation of the OPR process requirements. The Board notes that the OPR requires a company to develop a management system MOC process that identifies and manages any change that could affect safety, security or the protection of the environment, not only those described by Enbridge. Further the Board notes that, while a company may have multiple processes, there still must be consistency in process requirements, development and implementation as well as coordination of the various practices in order to meet the OPR requirements and to ensure formal management. The Board notes that a singular management system process developed to meet the OPR requirements, as prescribed, would address these requirements.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Management of Change Process

At the department level, IMS-09, section 4.2 Management of Change referenced Enbridge’s IMS-01 governance process. The Board identified that Enbridge had developed and implemented its PI-82, Pipeline Integrity Management of Change procedure. PI-82 outlines the roles and responsibilities, processes and procedures for ensuring that all changes are planned appropriately to eliminate and/or reduce risks and are completed safely. As per the documentation provided for review, PI-82 “applies to all changes initiated or led by the Pipeline Integrity department including changes to process, design, specifications, standards, procedures, operations and personnel. It applies to all assets where change is managed through Pipeline Integrity; and covers permanent, temporary and emergency changes.” Further it was demonstrated that PI-82 also addressed changes that are initiated by other Enbridge departments that may affect pipeline integrity, and that the changes are communicated as required by the Liquids Pipelines (LP) MOC process. Enbridge also demonstrated that Pipeline Integrity MOC records are filed and stored formally. The Board’s review of the Liquids Pipelines (LP) MOC process indicated that it has not been incorporated within the existing IMS process.

Summary

The Board found that Enbridge demonstrated that it had established and implemented a number of MOC procedures and practices to document and manage change at the program level on a consistent basis. The Board identified that all departments and programs were using Enbridge’s Liquids Pipelines MOC process, including Integrity Management, as its primary corporate MOC process. The Board, however, identified that this process did not meet all of the MOC process requirements and was specifically not intended to be included within its IMS process.

The Board also found that Enbridge did not demonstrate that it had established and implemented a management system level process that meets the requirements of the OPR.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

3.4 Training, Competence and Evaluation

Expectations:

The company shall have an established, implemented and effective process for developing competency requirements and training programs that provide employees and other persons working with or on behalf of the company with the training that will enable them to perform their duties in a manner that is safe, ensures the security of the pipeline and protects the environment.

The company shall have an established, implemented and effective process for verifying that employees and other persons working with or on behalf of the company are trained and competent, and for supervising them to ensure that they perform their duties in a manner that is safe, ensures the security of the pipeline and protects the environment. The company shall have an established, implemented and effective process for making employees and other persons working with or on behalf of the company aware of their responsibilities in relation to the processes and procedures required by the management system or the company’s protection programs.

The company shall have an established, implemented and effective process for generating and managing training documents and records.

References:

OPR section 6.5(1)(j), (k), (l), (p)

CSA Z662-11, Clauses 3.1.2(c), 3.2 and 10.2.1

Assessment:

Governance Competency Processes and Training Program

Through interviews and document and record review, the Board found that Enbridge has established and implemented a documented, comprehensive training program applicable to its employees undertaking integrity management activities. The training program is appropriately supported and managed throughout the organization. Enbridge has developed a management system called the Enbridge Learning Management System (eLMS). eLMS provides the mechanism to register, deliver, track and record learning completions. Enbridge’s Human Resources department provides support to all departments for the development of departmental content and eLearning programs and each department manages the content of programs housed in eLMS. The Board verified that Enbridge has implemented the systems to generate, manage and document the various training programs through front line interviews and inspections.

Notwithstanding Enbridge’s training program implementation, the Board found that Enbridge had not established and implemented compliant, documented processes for developing competency requirements that are used to develop training and learning programs and to establish baseline competencies required for employees and others working on behalf of the company to perform assigned tasks in a manner that is safe, ensures the security of the pipeline and protects the environment. Similarly, the Board found that Enbridge has not established and implemented a process for verifying competency as required. Interviews with staff indicated that there were undocumented competency evaluation processes being undertaken at the time of the audit; however, they did not meet the Board’s management system process requirements. Record reviews conducted by the Board indicated that Enbridge had at one time implemented a formal Competency Based Training program but that had been officially discontinued a number of years ago. It was identified that staff in some of the regions were still implementing the practices of this program as a method to ensure competency of new staff.

The Board considers competency identification and verification to be a key component in assuring the safety of workers, the public, the environment and facilities. Therefore, this issue was brought to Enbridge’s attention as requiring urgent attention. Enbridge has responded by developing an interim process while Enbridge’s Workforce Competency and Qualification Process (WCQP), commenced in 2013, is being fully rolled out. This was provided to the Board for review prior to end of its close-out discussions. While not yet demonstrated as established or implemented, based on initial interviews with departmental staff, the Board found that the described practices could meet the Board’s requirements.

The Board’s review of the written governance policy that had been provided by Enbridge indicated that some of the key legally required process requirements were mapped as “red”. According to Enbridge’s described process mapping convention this would indicate that the process steps are “aspirational” and therefore outside of its legal requirements to be measured by the Board. As noted elsewhere in this report, aspirational or stretch practices are encouraged but they cannot include legally required content within this category.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Competency Process and Training Program

At the department level, IMS-09 section 4.3 refers to the Pipeline Integrity Competency and Qualification Program as a systematic approach to ensure that training and qualifications align with industry best practice and result in a competent workforce. Documents referenced in this section are Pipeline Integrity Competency and Qualification Program - PI SharePoint and the IMS - 01 Workforce Competency and Qualification Process, as noted above.

Training

Enbridge’s Pipeline Integrity Training and Qualifications Program outlines Enbridge’s processes for developing training and competency requirements to “ensure that its personnel are qualified to fulfill tasks required to achieve Pipeline Integrity Management system objectives.” This program includes descriptions of the roles and responsibilities required to ensure effective implementation and are supported by several sub-programs to ensure personnel have access to and receive the necessary training.

Training and qualifications of provisional contractors are reviewed by Enbridge People Leaders on a case-by-case basis. Provisional contractors are provided job descriptions and expectations within their contracts. Training and qualifications requirements for non-provisioned contractors, consultants and vendors are outlined in the Supply Chain Management System.

Effectiveness of Training

Enbridge’s procedure to review the effectiveness of its training programs is described in OMM, Book 1, General Compliance Reference - Procedure and Training Effectiveness. Pipeline Integrity reviews its training and qualifications program annually as part of its management system review to ensure that the program is fit-for-purpose and is delivering the desired results. The company reviewed its training and qualifications program in 2013 and documented all of the resulting improvement requirements in the 2014 Continuous Improvement Plan and department initiatives. Enbridge demonstrated that it is maintaining a process for reviewing the effectiveness of its training and qualifications program, and ensuring that proposed improvements are being implemented.

Qualifications and Supervision of Contractors

OMM, Book 2, Safety - Contractor Safety Management Program applies to all contractors and contract personnel that perform construction or maintenance work at Enbridge facilities including the pipeline ROW. Contractors must meet the requirements of the contractor safety prequalification process before they begin to work for Enbridge. Once a contract is awarded, Enbridge operations personnel supervise the contractor throughout execution of the work. Interviews with Enbridge regional personnel and field personnel verified that contractors do not complete work for Enbridge without an Enbridge employee or representative in attendance. Enbridge refers to contractor evaluations to ensure that contractors are trained and competent to complete the work awarded to them. Enbridge has also implemented a process to ensure that contractors receive a level of supervision that helps ensure that the work is completed in a manner that is safe, ensures the security of the pipeline and protects the environment. Based on the records reviewed, the Board found that Enbridge’s processes for verifying that contractors are adequately trained and supervised has been established and implemented.

Competence

The Training, Competence and Assessment - Field Operations Training Services document summarizes the current state of Enbridge’s program for assessing employee competence. According to this document, competency assessment is completed through a layered approach that consists of mandatory training, procedures, field level mentorship/supervision, and health and safety programs. An experienced employee within the same discipline mentors new hires. The duration of the mentorship is at the discretion of field leadership and depends on the new hires’ pace of development. Enbridge only permits new hires to perform safety critical tasks independently after the employee’s direct leader has deemed the person competent to do so.

The mentorship program used in the South Prairie Region (Estevan) and in the Central Region (Regina) includes documentation that states that, once mentored staff demonstrate proficiency, the mentor must complete a sign-off document. The Board did not receive records that demonstrated that Enbridge had been consistently completing this formal sign-off. Audit interviews indicated that the sign-off is presently an informal process. Enbridge does, however, have a process for supervising workers to ensure that they perform their duties in a manner that is safe, ensures the security of the pipeline and protects the environment. Enbridge personnel stated that, by practice, new hires typically work with a mentor for at least one year before being allowed to undertake tasks independently. The new hires are advised verbally that they have been assessed as competent to do the tasks safely and according to prescribed procedures.

Awareness of Responsibilities

The Board requires the company to have an established, implemented and effective process for making employees and other persons working with or on behalf of the company aware of their responsibilities in the processes and procedures required by the management system and the company’s protection programs. In a review of programs and procedures Enbridge uses to communicate the responsibilities of employees and other persons working on behalf of the company, Enbridge demonstrated that it met the requirements of OPR Section 6.5(1)(l).

Generating and Managing Training Documents and Records

Enbridge’s process for generating and managing training documents and records is largely based on the following:

  • Enbridge Learning Management System - to manage department training records;
  • Matrix Verification Reports on the Field Operations Learning Management System (TRAC);
  • Individual Development Plans - to manage training and records at an individual level; and
  • Monthly Training Report for Pipeline Integrity.

In reviewing the records, Enbridge demonstrated that it had an established, implemented and effective process for generating training documents and records.

Summary

The Board found that Enbridge had established and implemented a formal management program for identifying and managing its training requirements.

The Board also found that Enbridge had started to implement a new process for the identification and verification of worker competency. However, this new process remains non-compliant as it has not been established or implemented and that its governance management system process does not meet the Board’s requirements.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

3.5 Communication

Expectations:

The company shall have an established, implemented and effective process for the internal and external communication of information relating to safety, security and environmental protection. The process should include procedures for communication with the public, company employees, contractors, regulatory agencies and emergency responders.

References:

OPR section 6.5(1)(m)

CSA Z662-11 Clauses 3.1.2(d) and 3.2

Assessment:

Governance Communication Process

The Board found that Enbridge’s governance level management system processes are inadequate. Enbridge’s IMS-01 is limited to requiring Enbridge’s IMS-01 is limited to requiring that each department must develop a communication plan and does not meet the OPR requirements.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Communication

At the Program level, the Board assessed Enbridge’s communication processes specific to the Pipeline Integrity Management Program. IMS-09 Section 4.4 Communication, Participation and Engagement provided an overview of several programs and methods being used by this department in communicating pipeline integrity related information. At the department level, Enbridge did not demonstrate that it has a formal, documented communication plan that supports the effective implementation and operation of the safety and loss management system as per CSA Z662-11 clause 3.1.2(d) and as required by Enbridge’s governance management system commitments.

Regardless of the state of Enbridge’s management system process, the Board found that Enbridge conducts a significant amount of internal and external communication using a number of corporate and departmental practices. During audit interviews, Enbridge personnel stated that the communication processes by which they received information about safety, security and environmental protection were effective. The Board found that Enbridge’s personnel demonstrated a good understanding of integrity management information and were knowledgeable in accessing information through the various communication methods that supported the staff comments.

Summary

The Board found that Enbridge communicated throughout its organization as a matter of practice.

The Board also found that Enbridge had not established or implemented a communication process that meets the Board’s management system process requirements, the requirements outlined in CSA Z662-11 clause 3.1.2(d) and as required by its internal commitments.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

3.6 Documentation and Document Control

Expectations:

The company shall have an established, implemented and effective process for identifying the documents required for the company to meet its obligations to conduct activities in a manner that ensures the safety and security of the public, company employees and the pipeline, and protection of property and the environment. The documents shall include all of the processes and procedures required as part of the company’s management system.

The company shall have an established, implemented and effective process for preparing, reviewing, revising and controlling documents, including a process for obtaining approval of the documents by the appropriate authority. The documentation should be reviewed and revised at regular and planned intervals.

Documents shall be revised where changes are required as a result of legal requirements. Documents should be revised immediately where changes may result in significant negative consequences.

References:

OPR sections 6.5(1)(i), (n), (o), 6.5(3)

Assessment:

Governance Process for Identifying the Documents Required to Meet its Obligations

This sub-element includes the requirements to develop a process for identifying the documents required for the company to meet its obligations described in OPR section 6.

In the information provided to the Board, Enbridge indicated that its interpretation of the OPR requirements is that the required documents to meet its obligation are “those documents developed as part of the management system required by the OPR”. Enbridge further identified that its management system design is comprehensive and encompasses the all of the company’s activities that are designed to meet the obligations. As such it indicated that its IMS - 01 section 1.3 Integrated Management Structure identifies the documents required. The Board’s review of this section indicated that it did not constitute a list of documents or classes/categories of required documents. It was a high level description of the nineteen management systems that comprise Enbridge’s management system and high level descriptions of the content of each.

Governance Documentation and Document Control

During the audit, Enbridge was not able to demonstrate that it had established or implemented a governance management system process that meets the Board’s Documentation and Document Control process requirements. Enbridge did not provide a documented management system process until after the Board’s closeout discussions. This document was dated 22 August 2014; however, until provided by Enbridge, the Board was not presented evidence of its existence either as a document or as referred to by Enbridge staff during interviews. The Board could not therefore verify its establishment or implementation during the audit.

The Board’s review of this document indicated that it did not meet the OPR management system process requirements as described elsewhere in this audit report. As well the Board could not determine the applicability of the process to the programs required in OPR section 55 as the process as written only appears to apply to the governance management system processes.

Regardless of the Enbridge’s lack of compliant management system processes, the Board found that Enbridge does have some document control processes that it is presently using on a corporate basis. Enbridge governs its document processes through its Documents Policy, which is available on the company’s intranet and through an online tool called the Governance Documents Library. The Board identified that the Documents Policy and its associated practices and tools set Enbridge’s minimum standards for documents and document tracking.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Documentation and Document Control
Identification of Documents

As part of its demonstration of compliance with the Board’s document control and management requirements, Enbridge provided its Pipeline Integrity Management System Master Controlled Document List and its Facilities Integrity Master Document List. Review of these lists identified that they constituted lists of documents to be formally managed within the program; however, they did not include management system processes that meet the OPR requirements for identification of documents required to meet its obligations under OPR section 6.

Preparing, Reviewing, Revising and Controlling Documents

The Board requires the company to establish and implement a process for preparing, reviewing, revising and controlling documents. The process must include obtaining approval of documents by the appropriate authority. Further, the company must document these processes and procedures. In reviewing Enbridge’s integrity management program document management processes, the Board found that Enbridge has demonstrated that it has developed and implemented processes that meet the OPR requirements at a program level.

Managing Change of Documents

The Board requires the company to establish and implement a process for identifying and managing any document changes. In reviewing Enbridge’s integrity management program document management processes, the Board found that Enbridge has demonstrated that it has developed and implemented document change practices that meet the OPR requirements at a program level.

Summary

The Board found that, at the program level, Enbridge demonstrated that it had developed document control lists and procedures and practices for managing and controlling its integrity management program documents that address many of the OPR requirements.

The Board also found that, at the governance level, Enbridge provided its new IMS-01, section 4.9 Governance Document Control Process, dated 22 August 2014; however, Enbridge did not demonstrate that this process met the OPR requirements or had been established and implemented.

The Board also found that Enbridge did not demonstrate that it had a process for identifying the documents required to meet its obligations under OPR section 6.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

4.0 CHECKING AND CORRECTIVE ACTION

4.1 Inspection, Measurement and Monitoring

Expectations:

The company shall have an established, implemented and effective process for inspecting and monitoring the company’s activities and facilities to evaluate the adequacy and effectiveness of the protection programs and for taking corrective and preventive actions if deficiencies are identified. The evaluation shall include compliance with legal requirements.

The company shall have an established, implemented and effective process for evaluating the adequacy and effectiveness of the company’s management system, and for monitoring, measuring and documenting the company’s performance in meeting its obligations to perform its activities in a manner that ensures the safety and security of the public, company employees and the pipeline, and protection of property and the environment.

The company shall have an established, maintained and effective data management system for monitoring and analyzing the trends in hazards, incidents and near-misses. The company shall have documentation and records resulting from the inspection and monitoring activities for its programs.

The company management system shall ensure coordination between its protection programs, and the company should integrate the results of its inspection and monitoring activities with other data in its hazard identification and analysis, risk assessments, performance measures and annual management reviews, to ensure continual improvement in meeting the company’s obligations for safety, security and protection of the environment.

References:

OPR sections 6.1(d), 6.5(1)(g), (s), (u), (v), 56

CSA Z662-11, Clauses 3.1, 3.2, 4.18, 10.9.5

Assessment:

Governance Inspection, Measurement and Monitoring

The Board requires companies to have an established, implemented and effective process for inspecting and monitoring the company’s activities and facilities to evaluate the adequacy and effectiveness of the protection programs and for taking corrective and preventive actions if deficiencies are identified.

Through staff interviews, and document and record review, the Board found that Enbridge has documented its governance management system inspection, measurement and monitoring practices in its IMS-01 manuals. The IMS documents describe Enbridge’s process for Health Checks, internal reviews, audits and external audits. The Board completed a full review of the Health Checks, internal reviews, audits and external audits as part of its evaluation of Enbridge’s Internal Audits and Quality Assurance Program and has documented them in Sub-element 4.3 Internal Audits, below. The Board has identified deficiencies with the processes and practices that directly relate this sub-element as well. The Board, however, will not assign an additional non-compliance based on that finding within the section. Enbridge’s CAP must include corrective actions that ensure that the processes will address the linked requirements within this sub-element explicitly.

Surveillance and Monitoring Program

The OPR requires companies to develop and implement surveillance and monitoring program. During its audit the Board identified that Enbridge undertakes numerous types and a high number of monitoring and surveillance activities of its regulated facilities. The Board found, however, that the amalgamation of activities do not meet the OPR section 39 program requirements with respect to design and management. The Board has included its program requirements with Section 1.0 Audit Terminology and Definitions in the attached audit report.

Governance Corrective and Preventative Actions

During the audit, Enbridge indicated that its IMS, section 4.6, Corrective and Preventive Action Management Process defines the minimum standards for administering, tracking and managing corrective and preventive actions through their implementation and resolution. This process applies to Enbridge departments and addresses events, hazards and near-misses. This process includes Health Checks, internal reviews, regulatory inspections, investigation and audits. The documentation provided at the time of the audit does not show that Enbridge’s Corrective and Preventative Action Management Process has been fully implemented. Portions of the process, according to the process map, have only been partially implemented at the IMS level.

The Board notes that the requirement to have a process to take corrective and preventive action is included in many of the sub-elements within the Board’s audit protocol and the OPR. The Board therefore requires the corrective action plan developed to address the deficiencies identified for this sub-element to explicitly include all sub-element and OPR requirements, where corrective and preventive actions are referenced.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Inspection, Measurement and Monitoring

As assuring the control of pipeline and facility hazards is of primary importance to the Board, this audit included an in-depth examination of Enbridge’s inspection, measurement and monitoring processes. A description of the processes and practices developed and implemented by Enbridge has been included in this sub-element. Unless otherwise noted, based on the information provided by Enbridge, no issues of non-compliance were noted during the Board’s audit of Enbridge’s processes and practices.

Evaluating Adequacy and Effectiveness

As part of its demonstration of compliance Enbridge directed the Board to its IMS-09, section 5.2, Performance Measurement Management. This section stated, “Pipeline Integrity performance measures are evaluated with respect to their effectiveness within the Management System and associated integrity management processes and programs. Performance measures are also evaluated against existing and proposed regulatory requirements.” In its review of Enbridge’s documentation and records, the Board found that it had established metrics for evaluating the adequacy and effectiveness of its protection programs, as per the statements. These were listed in IMS-09, Appendix 7.1 and included:

  • Number of leaks or Ruptures - on the mainline or at facilities;
  • Inline inspection program - planned runs versus completed runs;
  • Remediation program - km of pipe replaced, % of digs completed within deadlines; and
  • Inspection of high-risk facilities - planned inspections versus completed inspections.
Surveillance and Condition Monitoring

The Board identified that Enbridge has implemented surveillance and condition monitoring activities to detect the presence of threats, monitor threat progression and reduce or eliminate the threats or hazards at their source. Enbridge uses various techniques to monitor its system, verify pipeline and facility integrity and confirm that the company’s prevention mechanisms are effective. Many of these have been discussed and assessed in Section 3.1: Operational Control - Normal Operations.

Techniques that Enbridge uses to monitor its system and to confirm that its prevention mechanisms are effective include:

  • pipeline ROW surveys;
  • corrosion control surveys (cathodic protection);
  • external corrosion monitoring;
  • internal corrosion monitoring and chemical injection program;
  • inline inspections management process;
  • hydro-test management process;
  • geotechnical surveys and water crossing surveys; and
  • mechanical damage management programs.

Enbridge also has developed several programs to support Facilities Integrity Management. These include:

  • facility (on-property) piping program;
  • laterals (off-property) piping program;
  • flange integrity program;
  • pressure vessel integrity program;
  • replacement and monitoring of sump tanks;
  • above-ground storage tank integrity program; and
  • ancillary small diameter piping program.
ROW Aerial Inspections

Enbridge stated that it relies almost exclusively on its aerial inspections for surveillance and monitoring of its pipeline ROWs. Enbridge patrols its pipeline system on a regular basis using fixed wing aircraft and helicopters. With the exception of ROW aerial inspections of Enbridge’s gathering system in Saskatchewan, all pilots completing the ROW aerial inspections are Enbridge employees. Enbridge’s South Prairie Regioncontracts its ROW inspections to a company in Saskatchewan that patrols the gathering system on behalf of Enbridge. CSA Z662-11, Clause 10.6.1.1 uses the term “periodically” and the OPR-99, section 39 remains silent on the patrol frequency. The Board found that Enbridge’s ROW patrol frequencies are in compliance with the intent of the standard and regulation for pipeline patrol frequency.

The Board reviewed Enbridge’s procedures and reports for aerial ROW patrols. The Board found that Enbridge’s procedures include the requirement for observing conditions and activities set out in CSA Z662-11, Clause 10.6.1.1; however, the company’s monthly patrol reports do not include verifying that each required condition and activity was surveyed or assessed during the flights. As such, Enbridge did not demonstrate that its aerial surveillance programs fully comply with the requirements of CSA Z662-11, Clause 10.6.1.1 and the OPR.

Monitoring of Corrosion and Chemical Injection Program

In its audit the Board identified that Enbridge samples its products periodically to ensure they meet the specifications for products transported in its pipeline system. The company completes a chemical analysis on the samples to determine sulphur content, water content, product density and the presence of contaminants. Enbridge has installed corrosion monitoring coupons in 40 of its incoming pipelines at terminals and remote terminals through its pipeline system to monitor the effectiveness of the chemical programs put into place to manage internal corrosion. Enbridge analyzes coupons twice a year for average metal loss that may be attributed to corrosion, pitting, and/or erosion. The company also analyzes product samples to determine the adequacy of its chemical injection program by measuring the residual inhibitor.

Cathodic Protection Monitoring

Enbridge monitors its cathodic protection programs through annual corrosion control surveys, which are primarily completed by contracted companies. Enbridge uses information from the annual cathodic protection reports for each region to compile its Pipeline Integrity cathodic protection line summary. The line summary assists Pipeline Integrity threat managers in establishing re-assessment intervals for inline inspections.

Note: Enbridge’s regulated facilities include, by necessity a significant number of “non-pipeline” facilities that require individualized integrity management and monitoring practices and activities based on technical requirements. As part of its audit, the Board reviewed these requirements separately during its integrity management program in order to ensure that an appropriate audit was conducted. The Board included it assessment within this sub-element as it best aligned with the required outcomes. The Board, however, expects that, in the developing any management system process corrective actions arising from this audit, these facilities will be explicitly considered, where appropriate.

Facilities Integrity Program Overview

The Enbridge Facilities Integrity department was formed in 2005 to address releases from tankage, equipment and piping in Enbridge’s stations and terminals. In 2011, the Pipeline Integrity department integrated the Facilities Integrity group within its organization. The purpose of this change was to ensure that all pipelines and facilities assets have access to all of Enbridge’s integrity subject matter experts, and to allow for an integrated approach between the pipeline and facility integrity management systems. Enbridge developed its Facilities Integrity management system to be in alignment with its Pipeline Integrity management system.

IMS-01, Governing Policies and Processes, Section 1.2, The Foundations of Integrated Management, outlines the 16 process sets required to achieve safety management and operational reliability. Number 12 is the process for System and Facilities Integrity. In this process, Enbridge describes its structured approach for assessing the integrity of its pipeline and facility assets through monitoring, inspection and evaluation programs.

While IMS-09 is the overarching document for Pipeline Integrity and Facility Integrity, Enbridge uses a tiered approach for its Facilities Integrity Program processes and procedures. Documents such as the Facilities Integrity Management Program Framework and the Facilities Integrity Roles, Responsibilities and Authorities Guideline fall under the umbrella of IMS-09. These guidance documents are supported by Tier 2 processes and procedures, which are labelled with an FI number. Enbridge’s FI documents provide details on the purpose, scope, responsibilities and procedures. Tier 3 procedures are taken from the OMM and provide detailed procedures for operations personnel to follow when conducting site-specific tasks.

As discussed previously in this section, Enbridge has developed several programs to support Facilities Integrity Management.

Enbridge’s Functional Structure and the Facilities Integrity Management Program

The Enbridge Facilities Integrity Management Program is implemented within the facilities of Enbridge Liquids Pipelines Inc. This includes Enbridge Pipelines (Westspur) Inc., Enbridge Bakken Pipeline Company Inc., Enbridge Southern Lights GP Inc., Enbridge Pipelines (Norman Wells) Inc., as well as Enbridge’s gathering systems in Enbridge Pipelines Saskatchewan Inc. and Enbridge Pipelines North Dakota (USA).

Station Piping Program

Enbridge has developed and implemented a Facilities Integrity Management Program for its above-ground and underground station piping. Enbridge's station piping program addresses corrosion in above-ground and below-ground facility piping. According to Enbridge's Facility Integrity 2014 Path to Zero Incidents document, station piping accounted for approximately 7% of the releases in Enbridge facilities over the past 11 years. Enbridge’s station piping program currently focuses on internal corrosion issues in piping sections of idle piping, dead-leg piping, low flow and/or intermittent flow, and low points in the piping segments. The company’s station piping program also addresses the other potential threats of external corrosion that have been identified including corrosion under insulation, cracking, mechanical damage and erosion.

Enbridge implements its station piping program through its processes for identifying hazards and threats, and prioritizing facilities by risk ranking. The station piping program manager and regional Engineering and Operations staff identify the hazards and threats, and rank the risk to facilities. The company develops an annual scope of work for its priority facilities based on hazards, threats and risks identified and incorporates learnings and continuous improvement opportunities into the station piping program for subsequent cycles of risk prioritization.

Lateral Integrity Program

Enbridge developed its initial station lateral program in response to a requirement from the US Department of Transportation for a baseline assessment of all line pipe affecting a high consequence area. The lateral integrity program was later expanded to Enbridge’s Canadian operations due to the potential impact on population and environment if a release were to occur. The program covers pipelines not included in Enbridge’s main pipeline segments, such as station-to-station transfer lines. These pipeline segments are typically not piggable, except by using tethered inline inspection tools. Enbridge performs a risk prioritization based on the likelihood and consequence of failure. Enbridge’s Facility Integrity group has inspected 10 laterals in Canada to date: 4 in the Western Region, 3 in the Central Region and 3 in the Eastern Region 3. The company has a 15 year plan to continue baseline inspections on all identified laterals. Re-inspection intervals are determined based on a condition assessment of the asset and a determination of remaining life based on its deterioration rate. Enbridge’s lateral integrity program is intended to prevent leaks and ruptures within the company’s facilities.

Small Diameter Piping Program

Enbridge has developed and implemented a Facilities Integrity Management Program for small diameter piping located within its facilities. Enbridge's small diameter piping program was implemented to reduce the frequency of leaks in its facilities by replacing installations prone to failure due to vibration of small diameter connections. Enbridge presented that 11% of the company’s facilities releases in 2014 were due to small diameter piping. Enbridge annually develops a scope of work for this program that is given to Operations for implementation. Enbridge’s small diameter piping integrity program is intended to prevent leaks and ruptures within its facilities.

Flange Integrity Program

The company implemented its flange integrity program for its buried flanges because it identified this as an area in which preventive inspection and maintenance could reduce the number of releases. Facilities releases for flanges accounted for 11% of the company’s facilities releases. The initial flange integrity program focused on threats related to improper assembly, gasket damage or degradation, and flange bolt loosening. Enbridge has since identified areas of improvement for its flange assembly and torqueing procedures that improve the reliability of flanged connections. Enbridge’s flange integrity program is intended to prevent leaks and ruptures within its facilities.

Above-Ground Storage Tank Integrity Program

This program applies to the company’s breakout tanks, above-ground tanks, storage tanks, atmospheric tanks, welded steel tanks for oil storage, and oil tanks. Enbridge’s processes and procedures for inspection cycles, maintenance intervals and long-range planning to address above-ground storage tank integrity are in accordance with API 653, Standard for Tank Inspection, Repair, Alteration and Reconstruction. API 653 is the industry standard for above-ground storage tanks. Enbridge also has developed and implemented procedures to support inspection and maintenance activities. Enbridge employs API 653 certified inspectors to plan, coordinate and provide technical supervision of the company’s above-ground storage tank inspections. This was confirmed during site inspections in support of the Integrity Management program audit. Enbridge’s above-ground storage tank integrity program is intended to prevent leaks and ruptures within its facilities.

Underground Tank Replacement and Monitoring

Enbridge has developed and implemented a program for replacing and monitoring underground sump tanks. Sump tanks are used within Enbridge’s facilities for purposes, such as temporary storage of runoff products that contain flammable and/or combustible liquids. Enbridge developed its underground tank replacement and monitoring program in the 1990’s in response to a voluntary guideline issued by the Canadian Council for the Ministers of the Environment. This voluntary guideline was entitled Environmental Code of Practice for Aboveground and Underground Tank Systems Containing Petroleum and Allied Petroleum Products. The guideline recommended that all underground single-walled steel tanks be replaced with double-walled tanks that include a leak detection system. Enbridge has addressed the recommendations by focusing on the replacement of underground tanks that do not have secondary containment and by monitoring the integrity of all other tanks, including repairs and replacements as necessary. Enbridge’s underground tank replacement and monitoring integrity program is intended to prevent leaks and ruptures within its facilities.

Pressure Vessel Integrity Program

Enbridge has developed and implemented a Facilities Integrity Management Program for inspecting, repairing and replacing its pressure equipment. Enbridge’s pressure equipment integrity program complies with API 510, Pressure Vessel Inspection Code and CSA B51, Inspection and Repair of Certified Pressure Vessels. Enbridge employs contract personnel certified as API 510 Authorized Inspectors to plan, coordinate and provide technical supervision for the pressure equipment integrity program. The pressure vessel integrity program manages 379 pressure vessels within its Canadian operations. Enbridge’s program also includes assessing the integrity of all pressure equipment owned and operated by Enbridge Liquids Pipelines. This includes fired equipment such as boilers and heaters. Enbridge’s pressure vessel integrity program is intended to prevent leaks and ruptures within its facilities.

Facilities Integrity Management Program Technical Requirements

In addition to the requirements in CSA Z662-11, Clause 3.2, Enbridge refers to two additional industry standards relevant to the station piping program. API, RP 570, Piping Inspection Code: In-Service Inspection, Rating, Repair and Alteration of Piping Systems and API 2611, Terminal Piping Inspection - Inspection of In-Service Terminal Piping Systems provide guidance on risk-based inspection procedures, inspection methodologies, frequency and extent of inspections and data evaluation, analysis and recording. Enbridge has conducted gap analyses of its station piping program as compared to the requirements of API 570 and API 2611. The company determined that the station piping program meets or exceeds most of the requirements of the standards. Enbridge identifies some areas that require minor improvements and the company made recommendations for changes to its practices. In March 2014, Enbridge completed a Hazard and Risk Register for its Facilities Integrity department. A total of 40 risk scenarios were assessed. Enbridge has developed an action plan with planned completion dates to address the root cause for each identified risk.

Geotechnical Monitoring

CSA Z662 clause 10.6.1.1(f), (g) and (h) present requirements for pipeline monitoring of geotechnical issues. Enbridge stated that it developing and implementing its geohazard mitigation design.

The audit identified that Enbridge’s geohazard management program falls within the Pipeline Integrity department. The Board was provided evidence that Enbridge’s program was managing approximately 500 slopes and 700 watercourse crossings that affect NEB regulated pipelines. The Pipeline Integrity department’s long-range plan specified the pipelines that should receive “smart pig” runs and the frequency of the runs. With “smart pig” runs, Enbridge used an Inertial Monitoring Unit to monitor slope movement in real time. In 2013, the Pipeline Integrity department conducted a geohazard baseline study to identify significant slopes and water crossings. Approximately 520 slopes and 677 water crossings were identified that affect NEB regulated pipelines. Additionally, review of Enbridge’s OMM, Book 3, 03-02-01 identified that its procedure for ROW patrols included requirements for monitoring geotechnical threats.

Evaluating Program Effectiveness

As discussed in section 3.1, Operations Control - Normal Operations of this audit report, Enbridge’s Leak Reduction Team reviews all integrity type failures as they relate to each monitoring program. This helps ensure that the monitoring programs at Enbridge are effective and that appropriate mitigations are being used to manage the company’s pipeline system. Enbridge evaluates the effectiveness of its leak prevention programs through metrics such as the number of leaks and ruptures, and contacts (or near-contacts) on pipeline facilities.

Summary

The Board found that, at the program level, Enbridge had met the OPR requirements with respect to developing a process for inspecting and monitoring of is activities and facilities. The Board found that Enbridge was undertaking numerous inspections and monitoring activities in support of its Integrity Management program.

The Board also found that Enbridge had implemented its surveillance and condition monitoring activities through various programs that detect threats, monitor threat progression, and reduce or eliminate the threats or hazards at their source. Enbridge used various techniques to monitor its system, verify pipeline and facility integrity, and confirm that its prevention mechanisms are effective.

The Board found that, while Enbridge was undertaking many of the activities that would normally be undertaken as part of a surveillance and monitoring program, it had not developed or implemented them in a manner that meets the Board’s program requirements.

The Board found that, while Enbridge’s procedures and training programs for aerial ROW patrols include the requirement for observing the conditions and activities set out in CSA Z662-11, the company’s patrol reports did not include requirements to develop records that demonstrate verification that each required condition and activity was surveyed or assessed during the ROW patrols. As such, Enbridge did not demonstrate that its aerial surveillance programs comply with the requirements of OPR and CSA Z662-11.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

4.2 Investigating and Reporting Incidents and Near-misses

Expectations:

The company shall have an established, implemented and effective process for reporting on hazards, potential hazards, incidents and near-misses, and for taking corrective and preventive actions. This should include conducting investigations where required or where hazards, potential hazards, incidents and near-misses have or could have resulted in the safety and security of the public, company employees and the pipeline, and protection of property and the environment, being significantly compromised.

The company shall have an established, maintained and effective data management system for monitoring and analyzing the trends in hazards, incidents and near-misses.

The company should integrate the results of its reporting on hazards, potential hazards, incidents and near-misses with other data in hazard identification and analysis, risk assessments, performance measures and annual management reviews, to ensure continual improvement in meeting the company’s obligations for safety, security and protection of the environment.

References:

OPR sections 6.5(1)(r)(s)(u)(w)(x), 52

CSA Z662-11, Clauses 3.1.2(g) and 3.1.2(h), (i), 3.2, 10.3.6, 10.4.4 and 10.5

Assessment:

Governance Investigating and Reporting Incidents and Near-misses

The Board notes that there is not a specific OPR management system or other process development requirement for investigating incidents or near-misses. The Board, however, considers processes for conducting investigations to be implicit with any process developed to satisfy OPR 6.5(1)(r) and therefore companies must demonstrate how they develop adequate and effective corrective and preventive actions associated with incidents and near-misses.

Enbridge provided its IMS-01 4.10 Event Investigation Processes, and its IMS-01 4.6 Corrective and Preventive Action Management (CAPA) Process in support of it meeting the requirements of OPR 6.5(1)(r). The Board found that Enbridge’s Event investigation Processes were designed in aid of understanding the causes of events from the perspective of root and contributory causes to prevent recurrence within the Enbridge entities to which it is applied. The processes included Event Investigation Principles, Event Impact Criteria and Low and Medium and High Impact Event Investigation Processes. The IMS-01 4.10 processes were documented in detail. Review of the associated process maps indicated that the processes included specific links to the IMS-01, 4.6 CAPA process for assurance of consistent corrective and preventive action development and implementation. Review of the IMS- 01, 4.6 CAPA Process is documented below.

The Board noted that the process maps provided to the Board indicated that the processes had not been full established and implemented at the time of the Board’s audit. Regardless of the full implementation of the processes, the Board was able to see evidence of implementation of key investigation process activities within Enbridge’s program level activities in its audit activities.

Governance Corrective and Preventative Actions

During the audit, Enbridge indicated that its IMS, section 4.6, Corrective and Preventive Action Management Process defines the minimum standards for administering, tracking and managing corrective and preventive actions through their implementation and resolution. This process applies to Enbridge departments and addresses events, hazards and near-misses. This process includes Health Checks, internal reviews, regulatory inspections, investigation and audits. The documentation provided at the time of the audit does not show that Enbridge’s Corrective and Preventative Action Management Process has been fully implemented. Portions of the process, according to the process map, have only been partially implemented at the IMS level.

The Board notes that the requirement to have a process to take corrective and preventive action is included in many of the sub-elements within the Board’s audit protocol and the OPR. The Board therefore requires the corrective action plan developed to address the deficiencies identified for this sub-element to explicitly include all sub-element and OPR requirements, where corrective and preventive actions are referenced.

Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Incident Reporting

The Board requires the company to have an established, implemented and effective process for the internal reporting of hazards, potential hazards, incidents and near-misses, and for taking corrective and preventive actions, including steps for managing imminent hazards.

Enbridge’s Risk Management department is responsible at the governance level for the process of internal reporting of hazards and potential hazards. The Risk Management department compiles information and generates risk reports including an annual Liquids Pipelines Risk Report, a Corporate Risk Assessment and a quarterly Operational Risk Management Report. Further, Pipeline Integrity and Facilities Integrity each compile and maintain a list of identified risks and hazards in Hazard and Risk Registers. The Hazard and Risk Registers include planned actions, status of planned actions, action owners and planned and actual completion dates. Controls to; prevent, manage and mitigate the identified hazards and risks are also listed and assessed in each of the Hazard and Risk Registers.

At the program level, IMS-09, section 4.5.7, Pipeline Incident Management outlines processes and supporting procedures for the internal reporting of hazards, potential hazards, incidents and near-misses, and for taking corrective and preventive actions, including steps to manage imminent hazards.

Hazards, potential hazards and threats identified through ROW inspections (aerial and land-based) are communicated immediately to Enbridge Operations personnel. All hazards and threats found during ROW inspections are summarized in daily reports that are provided to Enbridge Operations. Employees can access these daily reports on the company’s database. Enbridge is a member of Alberta One-Call and Saskatchewan First-Call. All hazards, potential hazards and threats, including the potential for third-party strikes, are reported directly to key Enbridge personnel for immediate action and mitigation. Once identified, integrity related hazards or potential hazards are reported and communicated through various means, depending on the hazards or potential hazards. All leaks are reported and communicated through Enbridge’s online Leak Reporting System, which is accessible by all employees and automatically sends reports to key personnel identified in the system.

Enbridge’s Leak Reduction Team monitors and analyzes causes of systemic leaks, and makes recommendations for system-wide initiatives for reducing leaks on the Liquid Pipelines system. To capture a wide range of experience and knowledge, this team is comprised of personnel from several functional areas with roles in leak reduction.

Enbridge has developed an Event Learning Process for documenting and managing corrective and preventive actions to enhance the company’s Pipeline Integrity Management Program. Hazards, incidents and near-misses are included as events within this process. The Event Learning Process provides procedures and the mechanism for documenting and investigating events, developing and completing corrective action plans, and documenting learnings. Records and resources for the Event Learning Process are available to Enbridge employees through the Pipeline Integrity SharePoint site.

Enbridge integrates the results of its reporting of hazards, potential hazards, incidents and near-misses with other data in hazard identification and analysis, risk assessments, performance measures and annual management reviews, to ensure continual improvement. Enbridge’s integrates Enbridge’s list of identified risks and the status of these risks into an annual Liquids Pipelines Risk Report, a Corporate Risk Assessment and a quarterly Operational Risk Management Report. These reports and records are supported by the data in the Pipeline Integrity and Facilities Integrity Hazard and Risk Registers. Enbridge communicates these reports directly with staff and by providing them for review on its intranet. Progress in managing or mitigating operational hazards and risks are communicated to senior management through the Operational Risk Management Plan.

Summary

The Board found that Enbridge has developed and implemented its Event Learning Process for documenting and investigating events that include hazards, incidents and near-misses. This process also included requirements for developing and completing corrective action plans, and documenting learnings.

The Board also found that, at the governance level, Enbridge’s IMS-01, section 4.10 Event Investigation Processes, dated 11-December 2013 had been documented and included in its Governing Policies and Processes Management System manual and that key activities were being implemented within its programs. These processes were, however, identified as “In Progress” and therefore not established and implemented.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

4.3 Internal Audits

Expectations:

The company shall have an established, implemented and effective quality assurance program for its management system and for each protection program, including a process for conducting regular inspections and audits and for taking corrective and preventive actions if deficiencies are identified. The audit process should identify and manage the training and competency requirements for staff carrying out the audits.

The company should integrate the results of its audits with other data in hazard identification and analysis, risk assessment, performance measures and annual management review, to ensure continual improvement in meeting the company’s obligations for safety, security and protection of the environment.

References:

OPR section 6.5(1)(w), (x)

Assessment:

Governance Quality Assurance Program

During the Board’s audit, Enbridge indicated that quality assurance is implicit within a management system, especially within the “Check-Act” elements of the standard “Plan-Do-Check-Act” structure to which it follows. Therefore, Enbridge’s indicated that it met the Board’s requirements to establish and implement a documented Quality Assurance Program by having a documented, appropriately designed management system that incorporates quality assurance activities.

In reviewing Enbridge’s “Check-Act” elements, the Board noted that they do contain a number of activities that would normally be considered quality assurance activities. Examples of these activities are inspections, audits, data trending, monitoring performance measures, etc. Within the limitations of the results of the Board’s audit associated with the elements, the Board was able to view records of the activities being implemented as required.

The Board has found, however, that Enbridge’s interpretation of Quality Assurance Program is incorrect. The Board has found that Enbridge has not met its expectations with respect to “programs”. The Board has provided clear guidance as part of the guidance notes that accompany the OPR that a program is not simply a description of activities. Programs are:” a documented set of processes and procedures designed to regularly accomplish a result. A program outlines how plans, processes and procedures are linked, and how each one contributes toward the result. Program planning and evaluation are conducted regularly to check that the program is achieving intended results”. The Board’s definition is included in Section 1.0 Audit Terminology and Definitions of the attached audit report.

Governance Internal Audits

Enbridge indicated that its management system includes processes that meet the Board’s auditing process requirements. Enbridge indicated that it accounts for the OPR requirements using a combination of its Health Check and Internal Review processes. While not standard in its approach to conducting audits, the Board reviewed Enbridge’s practice to determine whether it met the OPR requirements. Additionally, Enbridge indicated that the Board should consider the audits completed as part of its Internal Auditing program activities as part of its demonstration of undertaking the required audits.

The Board found through its review of documentation and records associated with the two referenced processes that they did not individually or together constitute a compliant auditing process. The Board found that both processes were specifically designed not to be exhaustive in their reviews of practice, processes or legal requirements. Further, the Internal Review process had not been fully established or implemented at the time of the audit. Enbridge was in the process of confirming the design of the process by conducting a review of one of its internal processes.

As noted, Enbridge provided a description of its Internal Auditing process and activities as well as selected records of completed audits as a demonstration of completing audits. Review of the Internal Audit process indicated that it was a process designed to be implemented based on corporate risk priorities as directed by Enbridge’s senior governance and not a repeatable compliance review process applicable directly to the Board’s requirements. Additionally, the audit records did not demonstrate it had conducted audits compliant with OPR sections 53 or 55.

Additionally, Enbridge indicated that it had conducted a number of internal and 3rd party assessments of its management system against its OPR requirements. Review of the associated records provided by Enbridge indicated that they were evaluations of the alignment of Enbridge’s management systems with the OPR management system and program requirements and did not evaluate the adequacy and effectiveness or compliance of the company practices.

Based on the Board’s review of Enbridge’s audit processes, audit activities completed to date and other linked processes such as those related to legal requirements, Enbridge was unable to demonstrate that it had completed audits consistent with section 53 of OPR. Further, the Board finds Enbridge’s integrated management system process for conducting audits does not meet the Board’s requirements from the perspective of present design and of Enbridge’s interpretation of audits.

As noted above, Enbridge’s Health Check and Internal Review processes have specific design issues that, when evaluated together, do not meet the Board’s audit expectations with respect to comprehensiveness of the required audits. Additionally, the Board finds that Enbridge’s interpretation that the OPR audit requirements can be met using a combination of processes conducted over a number years is incorrect. The Board notes that there is a common understanding that an audit is a discrete verification activity that allows for an assessment of conformance/compliance to be made at a given time. The Board notes that the comprehensive audits it requires necessitates evaluation of systems and programs that require evaluation of linked processes and evaluations of the adequacy and implementation of the system, programs and processes. This requires specific coordination of the reviews in terms of time, processes, programs and regions. Enbridge’s present practices, based on its interpretation of the regulations, do not allow for the required assessments to be made. The Board understands that audits often contain a number of different activities; however, each activity is coordinated within the auditing process and scheduled within the individual plan for the audit.

Auditor Training

This sub-element indicates that a company audit process should identify and manage the training and competency requirements for staff carrying out the audits. Enbridge did not demonstrate that its training and competency activities account for staff implementing its audit related processes. The Corrective Action Plan associated with the Board’s Non-Compliant finding related to Training and Competency and Evaluation as described in sub-element 3.4 above will need to explicitly address this issue.

Governance Corrective and Preventive Actions Process

The Board’s audit process requirements include establishment and implementation of a process for taking corrective and preventive actions to address any deficiencies identified by the audits. As part of its review of the documentation and records provided by Enbridge, the Board reviewed the establishment and implementation Enbridge’s corrective and preventive action process. The Board found that Enbridge had developed a Corrective and Preventive Action (CAPA) Management Process and included it within its IMS governance documentation (IMS-01, section 4.6 Corrective and Preventive Action Management Process). Review of this governance process indicated that it did not meet the Board’s process design requirements as outlined in Section 1.0 Audit Terminology and Definitions section of the attached audit report. For example there are no definitions of corrective or preventive actions or appropriate linkages to or from other management system processes. Additionally, the process map indicated that none of the required steps were fully implemented.

The Board notes that the requirement to have a process to take corrective and preventive action is included in many of the sub-elements within the Board’s audit protocol and the OPR. The Board therefore requires the corrective action plan developed to address the deficiencies identified for this sub-element to explicitly include all sub-element and OPR requirements, where corrective and preventive actions are referenced.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Quality Assurance Program and Internal Audits.

As noted above, Enbridge was unable to demonstrate that it has an established, implemented and effective quality assurance program for its management system and Integrity Management Program; however, the company did provide several examples of completed audit activities and did provide an overview of several integrity related inspection programs which are being completed on a regular basis.

At the integrity management program level, Enbridge uses various techniques to monitor its system, verify pipeline integrity and facility integrity and confirm that its prevention mechanisms are effective. Enbridge’s inspection, surveillance and monitoring activities are implemented to evaluate the adequacy and effectiveness of its protection programs as outlined in IMS-09, Pipeline Integrity Management System and section 5.2, Verification and Review - Performance Measurement Management. Enbridge also evaluates its performance measures against existing and proposed regulatory requirements.

During the audit, Enbridge provided records relating to a number of its Integrity Management program audit activities that it had completed in the past.

Enbridge provided the following examples of audits completed or planned:

  • Internal Audit department reviews (Contractor Safety Management, Western Region Audit, Eastern Region Audit) - Review of these records indicated that the activities focused largely on field operations and included corrective actions, status and timelines.
  • Regional/functional reviews - Review of these records indicated that the activities did not focus on Enbridge’s management system and were not completed on a regular basis.
  • Health Checks for departments and projects - Review of these records indicated that the activities indicated that they were completed as per Enbridge’s requirements, but as described previously did not meet the Board’s requirements.
  • 2011 Integrity Management Program Pre-audit and Audit Summary - Review of these records indicated that this activity was based on the USA Pipeline and Hazardous Materials Safety Administration’s Standard Inspection Report of a Liquid or Gas Pipeline Carrier” and applicable Canadian Federal audit protocols. The review assessed compliance with USA and Canadian regulatory requirements. However, the report provided to the Board did not include corrective action plans, timelines or follow-up to findings. For this reason, the Board found that the activity did not constitute an adequate and effective audit of Enbridge’s Integrity Management Program.

During the review of Enbridge’s Integrity Management program, the company indicated that the reviews completed by this and other functional or program areas should be considered together to demonstrate that it has conducted audits of its program areas as required by OPR Section 53. Based on its review of the documentation and records provided by Enbridge, the Board has found that Enbridge has not met its section 53 audit requirements for this program.

Summary

The Board found that Enbridge demonstrated that it is conducting many of the activities that normally are contained within a quality assurance program on a regular basis.

The Board also found deficiencies with Enbridge’s Quality Assurance Program both from the perspective of definition and design.

Enbridge provided several examples of completed audit related activities; however, the Board found deficiencies with respect to the design of the management system audit processes and activities. The Board also found that Enbridge was not able to demonstrate that it has undertaken audits consistent with the OPR requirements.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

4.4 Records Management

Expectations:

The company shall have an established, implemented and effective process for generating, retaining, and maintaining records that document the implementation of the management system and its protection programs, and for providing access to those who require them in the course of their duties.

References:

OPR section 6.5(1)(p)

Assessment:

Governance Records Management

During the Board’s audit, Enbridge provided the Board with a copy of its draft governance Records Management Process. The Board’s review indicated that process incorporated its existing practices along with new requirements within it. The Board could not determine the adequacy of the process as some of the referenced Tier 2 and 3 documents were not provided with Enbridge’s submission. As well, the Board did not find that the process was established or implemented as it was considered by Enbridge to be in draft format and staff interviewed did not refer to it as a required process during interviews. The Board found that Enbridge has not established or implemented a management system process the meets the OPR requirements. This lack of a compliant management system process, however, is not indicative of a lack of formal records management within Enbridge.

The Board found that, at the time of the audit, Enbridge managed its records according to its Records Management Policy. Based on this policy Enbridge had developed its Records Retention Schedule and Records Development and Sustainment Standard that further guided its records practices. In reviewing these documents, the Board found that Enbridge has established practices for generating, retaining and maintaining its corporate records.

The Board’s review of Enbridge’s corporate records management practices identified that the company’s Records Management department is responsible for developing and maintaining the company’s records management requirements and recommended processes and that its individual department managers are responsible for maintaining and implementing processes and practices at the department level. Department managers develop, maintain and implement departmental records procedures that are aligned with the company’s records management requirements. During its audit the Board found that the established requirements and practices were being implemented on a consistent basis and that the existing requirements were incorporated into the draft Records Management Process.

(Note: During its audit the Board noted that Enbridge’s Management and Protection Programs are directed by its Governance Management System Processes; therefore, a full review of the Governance Processes and their application at the “program” level follows.)

Integrity Management Program Records Management

At the program level, Enbridge demonstrated that it has established and implemented processes for generating, retaining and maintaining records related to the implementation of its Integrity Management Program.

The Pipeline Integrity department is responsible for ensuring that integrity management records are generated and retained in accordance with the company’s records management policies and procedures. These policies and procedures are provided by the Enbridge Records Retention Schedule and the Information Management Records Retention Guideline. The Records Retention Schedule identifies 40 categories of information and evidence that define business functions, activities, transactions and processes, and must therefore be handled according to the creation and retention requirements.

The Pipeline Integrity Data Matrix identifies data groups related to pipeline asset information, inline inspections, non-destructive examinations, dig information, pipeline operating conditions and facility asset information. These data groups are subdivided into data elements. Pipeline Integrity data management systems are identified for each element. These data management systems include OneSource, eDig, PipeTrax2, Pressure Restriction Tracking, Maximo, PI Google Earth, ILI Run History and Line Summary.

During the audit interviews and site inspections, the Board observed evidence of the data management system Enbridge has implemented to manage its Integrity Management program records. The records obtained from the data management system adhere to Enbridge’s Records Classification System and Retention Schedule. No issues were identified during the audit.

Summary

The Board found that Enbridge had developed a draft governance Records Management Process as part of it management system.

The Board also found that Enbridge had implemented a consistent records management practice for application across its organization that resulted in appropriate records management practice being implemented at the program and corporate levels.

The Board also found that, due to the draft nature of the process and the lack of Tier 2 and 3 documentation provided during the audit, Enbridge did not demonstrate that it has established and implemented a management system process that meets the OPR requirements.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

5.0 MANAGEMENT REVIEW

5.1 Management Review

Expectations:

The company shall have an established, implemented and effective process for conducting an annual management review of the management system and each protection program and for ensuring continual improvement in meeting the company’s obligations to perform its activities in a manner that ensures the safety and security of the public, company employees and the pipeline, and protection of property and the environment. The management review should include a review of any decisions, actions and commitments which relate to the improvement of the management system and protection programs, and the company’s overall performance.

The company shall complete an annual report for the previous calendar year, signed by the accountable officer, that describes the performance of the company’s management system in meeting its obligations for safety, security and protection of the environment and the company’s achievement of its goals, objectives and targets during that year, as measured by the performance measures developed under the management system and any actions taken during that year to correct deficiencies identified by the quality assurance program. The company shall submit to the Board a statement, signed by the accountable officer, no later than April 30 of each year, indicating that it has completed its annual report.

References:

OPR sections 6.5(1)(w), (x), 6.6

CSA Z662-11, Clauses 3.1.2 (h)(iii) and 3.2

Assessment:

(The sub-element is attributed to companies’ senior management and Accountable Officer; therefore, the Board does not break up its review into governance and program levels.)

Annual Management Reviews

IMS-01, section 4.3 outlines the Management System Review Process for ensuring that each management system, including IMS-09, is reviewed annually to confirm that the desired results are being achieved. As detailed in IMS-09, section 6.0, Management System Review, Pipeline Integrity completes an annual management system review of IMS-09 using its PI-84, Pipeline Integrity Management System Review procedure. Enbridge completes this review to evaluate the overall performance of its Integrity Management program. The review also enables the company to identify and address areas of improvement that may be required to meet specific priorities of the Pipeline Integrity department, and the priorities and obligations of the company. The Board reviewed the 2012 Management Review Report and the 2013 Pipeline Integrity Management System Review Report. Both reports demonstrated that Enbridge assesses its Pipeline Integrity Management program activities, results and completed improvements. The reports also included a list of planned improvements. Enbridge indicated that an additional process, PC-1801, Accountable Officer Report Development Process, is also used to evaluate the management system. The output of the PC-1801 process is the Annual Report.

Upon reviewing of Enbridge’s processes and records supporting implementation of an annual management review, the Board noted the following:

  • IMS-01, Management System Review Process is not fully established; as defined by Enbridge standards, all process steps were considered aspirational;
  • PC-1801, Accountable Officer Report Development Process is not referenced or inferred in IMS-01 or IMS-09, and thus is not integrated into Enbridge’s management system;
  • PC-1801, Accountable Officer Report Development Process is not established as per the Board’s working definition (approval date on the document is 21 October 2014); and
  • While certain tasks are being reviewed by practice or by exception, the IMS-09 annual review process does not include a review of the implementation of the Integrity Management program at the operations level.

Based on the Board’s evaluation of Enbridge’s Management System and Integrity Management Program against the requirements, the Board has determined that Enbridge has not established and implemented a process for conducting an annual review of its management system and protection program. Enbridge will have to develop corrective actions to address the described deficiencies.

Adequacy and Effectiveness of the Management System

While the Board has listed this requirement under sub-element 4.1 of the Protocol, Enbridge indicated during the audit that its IMS-01, Management System Review Process is also used to evaluate the adequacy and effectiveness of the company’s management system. When reviewing the content of this governance process, Enbridge indicated that each process within the management system is reviewed to ensure effectiveness. Enbridge’s IMS-09, Management System Review Process overviews this requirement. Enbridge has developed an additional process, PC-1701, Management System Evaluation Process. The PC-1701 process includes an evaluation of the adequacy and effectiveness of the overall management system. Records provided to demonstrate implementation of these processes include:

  • 2012 and 2013 Pipeline Integrity Management System Review Reports;
  • 2013 Internal Management System Alignment Assessment; and
  • 3rd Party Assessment (Dynamic Risk) completed in 2013.

Upon review of the various processes and records supporting the implementation of a process for evaluating the adequacy and effectiveness of the company’s management system, the Board noted the following:

  • IMS-01, Management System Review Process is not fully established; as defined by Enbridge standards, all process steps were considered aspirational;
  • IMS-01, Management Review Process does not include an evaluation of the adequacy of the management system;
  • PC-1701, Management System Evaluation Process is not referenced or inferred in IMS-01 or IMS-09, and thus is not integrated into Enbridge’s management system;
  • Internal Management System Alignment Assessment describes assessing adequacy, effectiveness and implementation of processes, but it is based on the OPR requirements and not an evaluation of Enbridge’s management system as designed;
  • 3rd Party Assessment (Dynamic Risk) is strictly an alignment/compliance assessment to the OPR 6.1-6.6 requirements and does not attest to the adequacy or effectiveness of Enbridge’s management system (IMS 01 et al); and
  • Records from the IMS-09, Management Review Process could not confirm that the management system has been fully reviewed for adequacy.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge has not established and implemented a process for evaluating the adequacy and effectiveness of the management system. Enbridge will have to develop corrective actions to address the described deficiencies.

Annual Report

Enbridge develops an Annual Accountable Officer Report that describes the performance of the company’s management system in meeting its obligations for safety, security and protection of the environment. The report also describes the company’s performance in achieving its goals, objectives and targets during that year. The company’s performance is evaluated against the performance measures developed under the management system and any actions taken that year to correct deficiencies identified by the quality assurance program. The PC-1801, Accountable Officer Report Development Process describes the required process for developing the Annual Accountable Officer Report. According to this process, the Annual Accountable Officer Report must “detail the performance of Enbridge LP management system and will cover areas of leadership, performance measures, internal review, management review and corrective actions taken.” The report must also include details about achievement of goals, objectives and targets during that year as assessed through performance measures.

According to the PC-1801, Accountable Officer Report Development Process, Enbridge must complete its Annual Accountable Officer Report, have it signed by the accountable officer, and submit it to the Board no later than April 30 of each year. The Board confirmed that the Annual Accountable Officer Report for the 2013 performance year was signed by the accountable officer and submitted to the Board by 30 April 30 2014.

Upon review of the Annual Report, the Board noted that the report does reference some internal and external reviews conducted on the management system. The Annual Report also includes a section that describes the actions taken that year to address deficiencies. However, Enbridge’s Annual Report does not specify the deficiencies and actions items, and does not focus on the development and status of the management system. While it is important to communicate this information to the accountable officer, it is not fully representative of Board’s quality assurance program requirement (see sub-element 4.3). Thus, it is unclear whether the accountable officer is aware of the actions taken that year to address deficiencies identified by the quality assurance program. The Board also noted that the deficiencies identified in sub-elements 1.2 and 2.3 will need to be addressed in future annual reports.

Management Responsibility

Further to the review of these processes and activities, the Board notes that Enbridge has not conducted audits consistent with its OPR obligations. The Board views the responsibility for undertaking these audits as resting with the company’s senior management (as represented by its Accountable Officer) as the annual report developed as per OPR specifically requires review and reporting on aspects of the Quality Assurance Program (specifically including audits) and the performance of the management system in meeting its obligations under OPR section 6. Additionally, the Board has made Non-Compliant findings related Sub-elements 1.2 Policy and Commitment Statements and 2.3 Goals, Objectives and Targets that relate to the development of explicit policies and goals required by the OPR. While the Board’s Non-Compliant findings are mitigated by the nature of the deficiencies (implicit inclusion vs. explicit requirements), it is the responsibility of company management to ensure the development and implementation of compliant policies and goals that guide the companies management system and programs.

Summary

The Board found that Enbridge had developed processes for and undertaken activities relating to its Management Review responsibilities.

The Board also found that Enbridge’s processes did not meet all of the requirements outlined in the OPR. Additionally, the Board has found that Enbridge has not conducted audits consistent with the requirements of OPR section 53.

Based on the Board’s evaluation of Enbridge’s management system and Integrity Management program against the requirements, the Board has determined that Enbridge is Non-Compliant with this sub-element. Enbridge will have to develop corrective actions to address the described deficiencies.

Compliance Status: Non-Compliant

Date modified: