Many Islands Pipe Lines (Canada) Limited: Emergency Management CV2425-003

Many Islands Pipe Lines (Canada) Limited: Emergency Management CV2425-003 [PDF 894 KB]

Executive Summary

The Canada Energy Regulator (CER) expects pipelines and associated facilities within the Government of Canada’s jurisdiction to be constructed, operated, and abandoned in a safe and secure manner that protects people, property, and the environment. To this end, the CER conducts a variety of compliance oversight activities, such as audits.

Section 103 of the Canadian Energy Regulator Act (S.C. 2019, c.28, s.10) (CER Act) authorizes inspection officers to conduct audits of regulated companies. The purpose of these audits is to assess compliance with the CER Act and its associated Regulations.

The purpose of operational audits is to ensure that regulated companies have established and implemented both a management system and its associated programs, as specified in the Canadian Energy Regulator Onshore Pipeline Regulations (SOR/99-294) (OPR).

The CER conducted an Topic: Emergency Management (EM) operational audit of Many Islands Pipe Lines (Canada) Limited (the company or MIPL) between 9 April 2024 and 17 July 2024. The topic and focus area of the audit was Emergency Management. The CER expects companies to have a fully established and implemented Emergency Management Program. This program is expected to proactively address the various scenarios, contingencies, and related actions that are necessary to be taken to protect the public, workers, and the environment during all potential upset or abnormal operating conditions experienced by the company.

The objective of this audit is to verify that the company has developed and implemented specific elements of an EM Program in accordance with the requirements of the OPR related to:

  • Hazard identification;
  • Risk assessment;
  • Identification and delegation of roles and responsibilities;
  • Communication of hazards and risks and emergency response procedures to those who need to be aware;
  • Contingency planning; and
  • The management of documentation.

Of seven audit protocols (AP); six were deemed no issues identified. The remaining one was deemed non-compliant. The summary of findings can be found in Table 2. The one non-compliant finding relates to MIPL not having a mandatory process for its communications activities. The current communications process is only a guideline which MIPL states is strongly recommended.

Within 30 calendar days of receiving the final audit report, the auditee shall file with the CER a corrective and preventive action (CAPA) plan that outlines how the non-compliant finding will be resolved. The CER will monitor and assess the implementation of this CAPA plan to confirm that it is completed in a timely manner.

Note that all findings are specific to the information assessed at the time of the audit as related to the audit scope.

While a non-compliant finding exists, the CER is of the view that the auditee can still construct, operate, and abandon pipelines in a manner that will preserve the safety of persons, the environment, and property.

The final audit report will be made public on the CER website.

Top of Page

Table of Contents

Top of Page

1.0 Background

1.1 Introduction

The CER expects pipelines and associated facilities within the Government of Canada’s jurisdiction to be constructed, operated, and abandoned in a safe and secure manner that protects people, property, and the environment.

Section 103 of the CER Act authorizes Inspection Officers to conduct audits of regulated companies. The purpose of these audits is to assess compliance with the CER Act and its associated Regulations.

The purpose of operational audits is to ensure that regulated companies have established and implemented both a management system and its associated programs, as specified in the OPR.

The CER conducted an Topic: Emergency Management operational audit of MIPL between 9 April 2024 and 17 July 2024.

1.2 Description of Audit Topic

The CER expects companies to have a fully established and implemented emergency management Program. This program is expected to proactively address the various scenarios, contingencies, and related actions that are necessary to be taken to protect the public, workers, and the environment during all potential upset or abnormal operating conditions experienced by the company. These upset or abnormal operating conditions can take place at any point during a pipeline or facility’s lifecycle and in any season or weather event. As part of the establishment and implementation of the Emergency Management program, the CER expects the company’s management system to be integrated into this program and linked to other OPR section 55 programs as necessary to have robust controls in place to manage and mitigate any upset or abnormal conditions that may occur.

1.3 Company Overview

SaskEnergy, which is a provincial Crown corporation of the Province of Saskatchewan (SK), has several subsidiaries as part of its business model for the storage, transportation, and delivery of natural gas within the Province of Saskatchewan, with MIPL as one of them. The MIPL system consists of eight pipelines which cross the interprovincial borders with both Alberta and Manitoba along with the international border. CER-regulated assets for MIPL total approximately 400 kilometres (km) of pipelines along with auxiliary infrastructure.

Many of the management system’s documented processes, procedures, work instructions, and guidance documents were originally developed for SaskEnergy but also directly applied to its subsidiaries. When reading Appendix 1 to this audit report, please note that any references to SaskEnergy are directly applicable to MIPL as well. In addition, MIPL applies the SaskEnergy Unified Management System (UMS) to its operations. According to the UMS policy statement, the UMS applies to all of SaskEnergy’s activities that involve the design, construction, operation, and abandonment of gas lines. As a result, the UMS is to be used by MIPL and its Emergency Management Program for the operation of its CER-regulated pipelines.

The map below depicts the auditee’s CER-regulated assets.

This map is a graphical representation intended for general informational purposes only. Map produced by the CER, July, 2024. Last updated on Jul 12, 2024.

This map is a graphical representation intended for general informational purposes only. Map produced by the CER, July, 2024. Last updated on Jul 12, 2024.

2.0 Objective and Scope

The objective of this audit is to verify that the company has developed and implemented specific elements of an emergency management program in accordance with the requirements of the OPR related to:

  • Hazard identification;
  • Risk assessment;
  • Identification and delegation of roles and responsibilities;
  • Communication of hazards and risks and emergency response procedures to those who need to be aware;
  • Contingency planning; and
  • The management of documentation.

The Table 1 below outlines the scope selected for this audit.

2.0 Objective and Scope

Audit Scope

Details

Audit Topic

Topic: Emergency Management

Lifecycle Phases

    
Construction

 x 
Operations

    
Abandonment

Section 55 Programs

 x 
Emergency Management

    
Integrity Management

    
Safety Management

    
Security Management

    
Environmental Protection

    
Damage Prevention

Time Frame

Open

3.0 Methodology

The auditors assessed compliance through:

  • Document reviews;
  • Record sampling;
  • Interviews; and
  • Attendance at an emergency response exercise.

The list of documents reviewed, records sampled, and the list of interviewees are retained on file with the CER.

An audit notification letter was sent to the auditee on 9 April 2024 advising the auditee of the CER’s plans to conduct an operational audit. The lead auditor provided the audit protocol and initial information request to the auditee on 10 April 2024 and followed up on 17 April 2024 with a meeting with the auditee to discuss the plans and schedule for the audit. Document review began on 27 May 2024 and interviews were conducted between 25 June 2024 and 26 June 2024.

In accordance with the established CER audit process, the lead auditor shared a pre-closeout summary of the audit results on 17 July 2024. At that time, the auditee was given ten business days to provide any additional documents or records to help resolve the identified gaps in information or compliance. Subsequent to the pre-closeout meeting, the auditee provided additional information to assist the lead auditor in making their final assessment of compliance. The lead auditor conducted a final closeout meeting with the auditee on 27 August 2024.

4.0 Summary of Findings

The lead auditor has assigned a finding to each audit protocol. A finding can be either:

  • No Issues Identified – No non-compliances were identified during the audit, based on the information provided by the auditee and reviewed by the auditor within the context of the audit scope; or
  • Non-Compliant – The auditee has not demonstrated that it has met the legal requirements. A CAPA plan shall be developed and implemented to resolve the deficiency.

All findings are specific to the information assessed at the time of the audit, as related to the audit scope.

The table below summarizes the findings. See Appendix 1: Audit Assessment for more information.

Audit Protocol (AP) Number Regulation or Other Requirement Regulatory Reference Topic Finding Status Finding Summary

AP-01

OPR

6.5(1)(c)

Hazard Identification

No Issues Identified

MIPL has an approved process which identifies hazards and potential hazards for all Program areas. As part of this process, multiple categories of potential hazards are assessed by each Program for relevance to its specific area of operation, and the results of this assessment must be documented. This process is directly linked to additional processes that function to support the requirements of Audit Protocols two and three.

AP-02

OPR

6.5(1)(d)

Hazard Inventory

No Issues Identified

MIPL keeps a hazard inventory for all Programs and could focus this inventory to the relevant hazards and potential hazards related to the Emergency Management Program. This inventory is reviewed quarterly and updated annually to ensure it remains current and an effective tool for all Programs to use along with other activities such as projects.

AP-03

OPR

6.5(1)(e)

Risk Assessment

No Issues Identified

MIPL has an implemented process to assess the risks for both normal and abnormal operating conditions. As part of this process the likelihood and impact of every hazard is assessed against a series of set criteria to determine the probable level of risk. The process also requires the risk levels to be assessed twice, once without any controls in place to determine the inherent level of risk for the hazard and then a second time with Program controls in place to determine its residual risk levels.

AP-04

OPR

6.5(1)(l)

Making Employees and Others Aware of their Responsibilities

No Issues Identified

MIPL, through the UMS Framework, has a process that ensures all staff and contractors are aware of their respective responsibilities. MIPL builds on this with links to its training and competency activities especially with respect to the Emergency Management Program and the training operational staff are required to complete with respect to the Incident Command System (ICS) and the internal Emergency Response 101 training.

AP-05

OPR

6.5(1)(m)

Internal and External Communications

Non-Compliant

MIPL does not have a communications process, which is mandatory and repeatable, at this time. By activity MIPL has many of the aspects that would be expected of a communications process, however it relies on the actions and the memory of its well-trained and experienced staff to follow through on them. If these staff were to move on, it could create a knowledge gap that would allow mistakes to take place and the existing plans to fail. From an Emergency Management Program perspective, MIPL provided a lengthy list of documents to demonstrate the various target audiences that it needs to communicate with, and the different messages each of these target audiences require.

AP-06

OPR

6.5(1)(o)

Document Management

No Issues Identified

MIPL provided a process that demonstrated MIPL documents are being consistently managed and controlled through their lifecycle. MIPL also demonstrated that documents are reviewed and approved at appropriate levels and that staff have almost instantaneous access to the library of emergency management processes, procedures, manuals, and work instructions through their electronic devices.

AP-07

OPR

6.5(1)(t)

Contingency Planning

No Issues Identified

MIPL provided a process that can be applied as necessary to abnormal operating conditions that may impact the Emergency Management Program, or any other program. Contingency planning, in some instances, has been turned into standard work instructions that staff are simply expected to implement as part of their regular work routines.

5.0 Discussion

MIPL provided a significant amount of information related to its Emergency Management Program, and its management system for the CER auditors to review. Overall, the information provided indicated that MIPL has a succinct, established, and implemented management system that is strongly linked to its Emergency Management Program.

The one non-compliance identified during this audit is located in MIPL’s Internal and External Communications process and its related activities. The non-compliance is more process orientated in that it’s the management system documentation that the CER auditors found was an issue, not what MIPL was implementing as part of its Emergency Management Program. While the non-compliance exists, the current experienced staff at MIPL are ensuring safe, secure, and environmentally sound steps are being implemented within its Emergency Management Program.

On 17 June 2024, two CER staff participated in a tabletop exercise, (compliance verification activity 2425-088) as part of this Audit, conducted by MIPL at the Pierceland West Compressor Station near Pierceland, SK.

Overall, CER staff are of the view that that the company response actions during the exercise were appropriate to protect people, the environment, and property and that the exercise objectives were achieved. CER Staff are of the view that the exercise was well planned and resourced and competent staff participated in the exercise that were familiar with response priorities and MIPL emergency response actions. CER Staff note that the exercise facilitator played an important role and asked good probing questions to further enhance the participation and learning of MIPL employees. No non-compliances were identified.

6.0 Next Steps

The auditee is required to resolve the non-compliant finding through the implementation of a CAPA plan. The next steps of the audit process are as follows:

  • Within 30 calendar days of receiving the Final Audit Report, the auditee shall file with the CER, a CAPA plan that outlines how the non-compliant findings will be resolved;
  • The CER will monitor and assess the implementation of the CAPA plan to confirm that it is completed:
    • on a timely basis; and
    • in a safe and secure manner that protects people, property, and the environment;
  • Once implementation is completed, the CER will issue an audit closeout letter.

7.0 Conclusion

In summary, the CER conducted an operational audit of MIPL related to Emergency Management. Out of a total of seven audit protocols, six were classified as no issues identified, resulting in an audit score of 86%.

While a minor deficiency exists, the CER auditors do not believe there are any serious risks to the MIPL Emergency Management Program based on the information reviewed for this audit.

MIPL is expected to resolve this deficiency through the implementation of a CAPA plan. The CER will monitor and assess the implementation of this CAPA plan and issue an audit closeout letter upon its completion.

Top of Page

Appendix 1: Audit Assessment

AP-01 - Hazard Identification
AP-01 - Hazard Identification

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(c)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for identifying and analyzing all hazards and potential hazard.

Expected Outcome
  • The company has a compliant process that is established and implemented.
  • The methods for identification of hazards and potential hazards are appropriate for the nature, scope, scale, and complexity of the company’s operations, activities, and section 55 programs.
  • The identification of hazards and potential hazards must include the full lifecycle of the pipeline.
  • The company has comprehensively identified and analyzed all relevant hazards and potential hazards.
  • The hazards and potential hazards have been identified for the company’s scope of operations through the lifecycle of the pipelines.
  • The identified hazards and potential hazards have been analyzed for the type and severity of their consequences.

Relevant Information Provided by the auditee

The following key documents and records are related to this finding:

  • Hazard Identification and Risk Assessment Framework
  • Hazard Identification Process
  • Risk Assessment and Mitigation Process
  • Hazard REO Workflow
  • Near Miss – REO Workflow
  • CEMP – Management Review
  • Corporate Emergency Management Program
  • Hazard List and Risk Register
  • SaskEnergy HIRA Summit 2023

Finding Summary

In summary, MIPL has an approved process which identifies hazards and potential hazards for all Program areas. As part of this process, multiple categories of potential hazards are assessed by each Program for relevance to its specific area of operation, and the results of this assessment must be documented. This process is directly linked to additional processes that function to support the requirements of Audit Protocols two and three.
Detailed Assessment

MIPL pointed to the Hazard Identification Process as the document for this Audit Protocol requirement. Part of this process includes identifying the roles and responsibilities necessary to make the process work as designed. MIPL indicated this document was developed and implemented in response to a 2018 National Energy Board (the predecessor to the CER) audit finding. The document states that this process is to provide guidance and steps necessary to consistently, and comprehensively identify hazards and potential hazards and to evaluate them for relevance to SaskEnergy Programs. SaskEnergy Programs align with the OPR’s section 55 programs of:

  • Environmental Protection;
  • Emergency Management;
  • Integrity Management;
  • Damage Prevention;
  • Safety Management; and
  • Security Management.

The methods for identification of hazards are appropriate for the nature, scope, scale, and complexity of the company’s operations and activities, as they relate to the Corporate Emergency Management Program. For this audit, the CER did not look at the full lifecycle of MIPL’s CER-regulated pipelines, just the operational aspects related to Emergency Management. MIPL takes a broad view in identifying potential hazards relevant to the Program and its operations. Hazards are to be identified at a broad or high level without specifying the effect or the consequence of the hazard. This allows each individual Program to look at how the “hazard event” may trigger or affect specific activities of that particular Program. MIPL uses broad categories or sources of potential hazards to start the process of identifying individual Program hazards. Some of these broad categories, to name a few, are:

  • Management system information in the form of training, assessments, and SaskEnergy Committee actions etc.;
  • Incidents, near-misses, and hazards;
  • Previously established Program level hazards and potential hazards;
  • Field hazard identification; and
  • Audit and inspection findings.

On an annual basis MIPL will conduct a review of its hazards and potential hazards and assess them for any changes. Each Program is required to take this list of hazards and potential hazards and compare against the previous year’s review. Any newly identified hazards are brought forward to the annual review workshop. As part of this annual review, Programs are expected to consider hazards and potential hazards related to both normal and abnormal operating conditions. MIPL documentation states that, in evaluating each potential hazard, Programs will document the rationale for including or excluding a specific hazard from that Program area.

Over the course of the year, when necessary, new hazards may be identified that need to be managed. MIPL has an Interim Hazard Identification and Risk Review Process that it applies in these situations. This process requires Programs to monitor, identify, and assess any changes in hazards and risks as they are identified.

MIPL provided records that demonstrate that the process has been implemented. These include workshop attendance sheets, emails provided by the company that relate to preparation for the workshop, as well as the Hazard List and Risk Register. Interviews with management and field staff also indicate that the process has been implemented.

Hazard identification is embedded in several of the key documents relating to emergency management. The Corporate Emergency Management Program has a section entitled Threat & Hazard Identification, which references the above Hazard Identification Process in the context of emergency management. The company’s Emergency Procedures Manual (EPM) discusses hazards in several sections, including the need to assess the potential for hazards prior to responding to the emergency, which positions in the Incident Command Structure identify and manage hazards, and the software tool that is to be used to report hazards. A substantial portion of this manual is dedicated to describing the appropriate response to hazards during an emergency.

Top of Page
AP AP-02 - Hazard Inventory
AP-02 - Hazard Inventory

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(d)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and maintain an inventory of the identified hazards and potential hazards.

Expected Outcome
  • The company has a compliant inventory that is established and maintained.
  • The inventory includes hazards and potential hazards associated within the company’s scope of operations and activities through the lifecycle of the pipelines.
  • Hazards and potential hazards are identified across all section 55 programs.
  • The inventory has been maintained, it is current, and is up to date including changes made to company operations and activities.
  • The inventory is being used as part of the risk evaluation and controls processes

Relevant Information Provided by the auditee

The following key documents and records are related to this finding:

  • Hazard Identification Process
  • Hazard List and Risk Register – EM Filtered
  • Hazard Identification and Risk Assessment Framework
  • Merging two High Residual Risks
  • SaskEnergy HIRA Summit 2023 final
  • Corporate Emergency Management Program

Finding Summary

In summary, MIPL keeps a hazard inventory for all Programs and could focus this inventory to the relevant hazards and potential hazards related to the Emergency Management Program. This inventory is reviewed quarterly and updated annually to ensure it remains current and an effective tool for all Programs to use along with other activities such as projects.
Detailed Assessment

MIPL provided its Hazard List and Risk Register document to demonstrate that it had an inventory of its hazards and potential hazards which has been established and is being maintained. This inventory was further refined to show just the emergency management Program level hazards and potential hazards. Approximately 200 hazards are considered as relevant to the corporate Emergency Management Program. As noted in Audit Protocol one above, this audit did not look at the full lifecycle of MIPL’s CER-regulated pipelines, but focused on operational aspects related to Emergency Management. The Hazard List and Risk Register manages key data beyond what is required by this Audit Protocol, but necessary as part of the overall MIPL strategy to manage its hazards and risks such as:

  • Hazard description;
  • Hazard category;
  • Hazards relevance to programs;
  • Inherent risk assessment;
  • Detailed controls currently in place;
  • Residual risk assessment;
  • Planned risk mitigation actions; and
  • Status of implementation of risk mitigation actions.

MIPL documentation states that this Hazard List and Risk Register is reviewed quarterly and updated on an annual basis. According to the Hazard Identification Process, the annual update will look at the entire list and consider the following:

  • The correctness of the hazard categorization;
  • Duplicate hazards; and
  • Alignment of hazards with definitions and requirements.

MIPL documentation also identifies that new projects use this Hazard List and Risk Register to support the development of their various activities. Project personnel may develop a project-specific Hazard List that uses the main MIPL Hazard List and Risk Register as its starting point and add or remove hazards and risks from this list depending on their relevance to the project.

Top of Page
AP-03 - Risk Assessment
AP-03 - Risk Assessment

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(e)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for evaluating the risks associated with the identified hazards and potential hazards, including the risks related to normal and abnormal operating conditions.

Expected Outcome
  • The company has a compliant process for evaluating risks that is established and implemented.
  • The method(s) for risk evaluation confirm that the risks associated with the identified hazards (related to normal and abnormal operating conditions) are based on referenced regulatory standards and are appropriate for the nature, scope, scale, and complexity of the company’s operations, activities, and are connected to the purposes and intended outcomes of the section 55 programs.
  • Risks are evaluated for all hazards and potential hazards and include normal and abnormal conditions.
  • Risk levels are monitored on a periodic basis and as needed and re-evaluated for changing circumstances.
  • Risk tolerance/acceptance criteria is determined for all hazards and potential hazards.

Relevant Information Provided by the auditee

The following key documents and records are related to this finding:

  • Hazard Identification and Risk Assessment Framework
  • Risk Assessment and Mitigation Process
  • Hazard List and Risk Register – Final
  • Corporate Emergency Management Program
  • Hazard Identification Process
  • Contingency Planning Process
  • Adding new Hazard in Risk Register
  • SaskEnergy HIRA Summit 2023 Final

Finding Summary

In summary, MIPL has an implemented process to assess the risks for both normal and abnormal operating conditions. As part of this process the likelihood and impact of every hazard is assessed against a series of set criteria to determine the probable level of risk. The process also requires the risk levels to be assessed twice, once without any controls in place to determine the inherent level of risk for the hazard and then a second time with Program controls in place to determine its residual risk levels.
Detailed Assessment

MIPL’s Risk Assessment and Mitigation Process document states that it enables the systematic evaluation of the risks associated with hazards identified through the Hazard Identification Process. The risk assessment process builds upon the Hazard Identification Process and considers the relevant hazards from the previous stage in the overall hazard and risk assessment framework. This is done for all programs, as listed in Audit Protocol one. SaskEnergy has applied a semi-quantitative approach for risk assessment utilizing two risk components: the likelihood that it will occur and the impact of that potential loss.

The method(s) for risk evaluation are to confirm that the risks associated with the identified hazards (related to normal and abnormal operating conditions) are based on the regulatory standards and are appropriate for the nature, scope, scale, and complexity of the company’s ongoing operations. The MIPL Risk Assessment process applies a risk matrix to determine the likelihood, impact, and the associated risk tolerance level for each hazard. The matrix is a five by five grid to allow for a more detailed analysis and to allow for the differentiating of the assessed hazards and risks. The Likelihood axis on the matrix considers a range of possibilities from almost certain (chance of occurrence more than 1/10 chance) to rare (chance of occurrence 1/10,000 years). The Risk Assessment process states that MIPL will use subject matter experts (SME) combined with quantitative data, if available, to assess and assign an appropriate likelihood level for each hazard assessed. The Impact axis of the matrix considers multiple impact categories to ensure a comprehensive assessment. These categories are:

  • Health and Safety;
  • Environment;
  • Financial;
  • Reputation;
  • Reliability; and
  • Legal/Regulatory.

The Impact axis of the matrix is broken down into a five-level severity scale for each of the above categories. The severity scale goes from lowest one (insignificant) to five (catastrophic). Each category includes its own specific criteria that must be met to fit into one of these severity scale levels. Each hazard is evaluated against the specific criteria and a score is developed for each category. The category with the highest score is the one that is used to make an overall determination of risk and to determine what type(s) and levels of controls will be needed to address it. These methods are appropriate for the nature, scope, scale, and complexity of the company’s activities.

As first mentioned in Audit Protocol two, MIPL assesses the risk of each hazard twice through its hazard and risk assessment framework. The first assessment is done with no controls in place and is called its inherent risk. This provides the base level of risk that has nothing in place to mitigate any possible outcomes that may arise. If this base risk level is determined to be too high, the Programs responsible for this risk apply various controls in an effort to reduce the risk to an acceptable level. The risk assessment process is completed a second time considering these various controls and a residual risk level is determined. This process is repeated until the risk levels are reduced to an acceptable level, or senior executives review and accept the elevated risk level for the hazard under consideration.

MIPL staff were asked if duration of exposure is considered when determining risk levels as long-term exposure to some chemicals and substances can be debilitating to one’s health. MIPL indicated that they have recently completed a benzene exposure study on field staff that is directly related to this concern. Results are being integrated into their operational plans.

According to the Contingency Planning Process, abnormal operating conditions automatically require a risk assessment to be completed. As such, abnormal operating conditions are considered proactively at the beginning of the overall risk assessment process. A contingency plan may be developed as a control to limit the likelihood or the severity of impact if an event were to occur. Additional details on abnormal operating conditions and the planning of contingencies are available in Audit Protocol seven.

MIPL has implemented their Risk Assessment and Mitigation Process. Sampling of records along with interviews with emergency and field staff confirm the implementation of this process. Each hazard in the Hazard List and Risk Register has been assigned a risk likelihood, impact, and threshold rating, for both inherent risk and for residual risk. As discussed in Audit Protocol one, the company’s EPM has sections dedicated to describing the appropriate incident response to hazard scenarios during an emergency. For each of these scenarios, controls are incorporated into the response protocol. This is aligned with the Corporate Emergency Management Program, which indicates that emergency response is often the final control when previous controls to mitigate a hazard have been ineffective.

Top of Page
AP-04 - Making Employees and Others Aware of their Responsibilities
AP-04 - Making Employees and Others Aware of their Responsibilities

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(l)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for making employees and other persons working with or on behalf of the company aware of their responsibilities in relation to the processes and procedures required by this section.

Expected Outcome
  • The company has a compliant process for making employees and other persons aware of their responsibilities.
  • Responsibilities are defined for employees and those other persons working on behalf of the company in relation to the processes and other requirements for paragraphs 6.5(1)(a to x) of the OPR.

Relevant Information Provided by the auditee

The following key documents and records are related to this finding:

  • Competency Assessment Plan Process
  • Training & Competency Assessment Process
  • Code of Business Conduct and Ethics Policy
  • MIPL EPM March 2024
  • New Employee Checklist
  • Respond to an Emergency Construction Skills Checklist CAP 55
  • Respond to an Emergency Distribution Skills Checklist CAP 55
  • Corporate Emergency Management Program
  • Emergency Response Training Listed in LMS
  • First Responder Engagement and Training Process
  • On Site Commander Checklist
  • Incident Response – Emergency Response Guidelines
  • Incident Response – Emergency Response Plan Section 1 Overview
  • Incident Response – Emergency Response Plan Section 2 Initial Response
  • Mandatory Compliance Training and Competency Assessments

Finding Summary

In summary, MIPL, through the UMS Framework, has a process that ensures all staff and contractors are aware of their respective responsibilities. MIPL builds on this with links to its training and competency activities especially with respect to the Emergency Management Program and the training operational staff are required to complete with respect to ICS and the internal Emergency Response 101 training.
Detailed Assessment

MIPL indicated that its Corporate Emergency Management Program and UMS Framework document point to the process requirements and outputs for this Audit Protocol. The UMS Framework states that it provides the structure to systematically outline the roles and responsibilities of the UMS and that the UMS system, programs and processes have been aligned to the divisions, groups, and individuals that own and are responsible for their development, implementation, and maintenance.

MIPL provided a significant amount of information on how it ensures contractors are capable to assist in completing its work. This includes competency checks, prequalification of contractors, and the supervision of its contractors.

The CER auditors noted that MIPL has focused on roles and responsibilities, training & competency, and communications of both its internal workforce and contractors as part of this audit protocol. All of the above can be considered key activities associated with this audit protocol.

MIPL pointed to the roles and responsibilities that are part of the incident response when using the ICS. Each position in ICS has its roles and responsibilities carefully laid out for the incumbent to follow in the event a person is asked to fulfil a role in the ICS framework. Having detailed, pre-determined procedures for positions within the ICS structure allows for any potential responder to work in a consistent and effective manner.

MIPL’s Corporate Emergency Management Program coordinates all programs as they relate to emergencies that threaten the safe and reliable operation of the company’s natural gas systems. MIPL has an EPM which defines the response system and organizational structure for responding to emergency events. One section of the manual provides a detailed list of responsibilities for key roles. At a minimum, an Incident Commander and an On-site Commander will be activated and responsible for all subordinate position responsibilities unless positions are filled. Other roles will be activated depending on the details of the emergency event.

All operations employees undergo annual Emergency Response 101 training. Field Supervisors and all incident command roles must take ICS 100 training. Operations managers and incident command roles require ICS 200 training. The company has provided a list of staff who have taken these courses.

MIPL also conducts emergency response exercises where the participants can test their ability to respond to various mock scenarios. MIPL staff stated that it relies on quarterly tabletop exercises to help keep staff current and ready in the event of an incident. Employees, first responders, local community representatives, and government agencies are invited to these exercises. The EPM specifies the minimum frequency that emergency exercises must occur. The company provided records of a mock tabletop exercise that occurred earlier in 2024. The mock scenario involved a fire caused by the spontaneous combustion of iron sulfide.

Top of Page
AP-05 - Communications
AP-05 - Communications

Finding Status

Non-compliant

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(m)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for the internal and external communication of information relating to safety, security, and protection of the environment.

Expected Outcome
  • The company has a compliant process that is established and implemented.
  • The methods for both internal communication and external communication are defined.
  • The company is communicating internally and externally related to safety, security, and protection of the environment.
  • Internal and external communication is occurring and it is adequate for the management system and section 55 program implementation.

Relevant Information Provided by the auditee

The following key documents and records are related to this finding:

  • Internal and External Communication Process
  • Activities Near Pipelines – Encroachments
  • Activities Near Pipelines – HP Pipelines
  • Activities Near Pipelines – Seismic Exploration
  • Activities Near Pipelines – Support of Pipelines
  • Agency Engagement Process
  • Corporate Emergency Management Program
  • Damage Prevention – External Interference Reporting Work Instructions
  • Engagement Policy for MIPL Projects
  • External Corporate Communications Policy
  • First Responder Engagement and Training Process
  • Incident Response – Incident Investigation – Transmission Facilities Reporting Procedures
  • Integrated Public Awareness Process
  • Media Response Protocol
  • MIPL EPM March 2024
  • Public Awareness Plan
  • Responsibility for Communications Internal and External
  • UMS Framework
  • Yorkton Innergy
  • First Responder Training Booklet
  • Incident Response – Emergency Response Plan – Section 1 Overview
  • Incident Response – Emergency Response Plan – Section 2 Initial Response
  • Incident Response – Fires and Explosions
  • MIPL Notification Log Area Users
  • MIPL Notification Log Response Agencies
  • MIPL Pamphlet
  • Responsibility for Communications Internal and External
  • First Responder Training Booklet
  • Communications Resources on UMS
  • Many Islands Pipe Lines (Canada) Limited – Public Awareness Pamphlet
  • Update Address Information

Finding Summary

In summary, MIPL does not have a communications process, which is mandatory and repeatable, at this time. By activity, MIPL has many of the aspects that would be expected of a communications process, however it relies on the actions and the memory of its well-trained and experienced staff to follow through on them. If these staff were to move on, it could create a knowledge gap that would allow mistakes to take place and the existing plans to fail. From an Emergency Management Program perspective, MIPL provided a lengthy list of documents to demonstrate the various target audiences that it needs to communicate with, and the different messages each of these target audiences require.
Detailed Assessment

MIPL staff pointed to the Internal and External Communications process document as one of its corporate governance level documents for the process requirement. In review of this document, it provides high level optional guidance and direction in the development of formal communications plans. Additionally, the document points the user to a series of steps that are followed as part of the development of a communications plan:

  • Identify and assess stakeholders;
  • Determine what needs to be communicated;
  • Determine approach to communications;
  • Prepare and present communications; and
  • Review lessons learned.

In addition to the Internal and External Communications process document, the UMS Management Framework document stated the purpose of this element is to establish the expectations for the critical activities related to informing, engaging, and cooperating with internal and external stakeholders. MIPL is accountable and must be responsive to its external stakeholders who have a right to be informed about the hazards, risks, and benefits of the pipeline system; and the action required to effectively respond to pipeline emergencies.

Internal and external communication requirements are folded into the EPM in a variety of locations.

Communication is cited as a key component of emergency response. The EPM defines the emergency response, which includes the actions necessary to manage key stakeholder communications. It clarifies:

  • notification and communication requirements for the public, government agencies, and company management; and
  • communication methodology to support timely, effective, and on-going notification of the public, media, contractors, regulators, government agencies, and company employees and their families.

MIPL acknowledged that its communications process uses language that is intended to recognize the breadth and depth of its documented communications plans and procedures already in place and the fact that its knowledgeable staff are already aware of how to implement the procedures and work instructions in question. The CER auditors noted this in the Process for Development of Internal/External Communication Plans. This document is only a guideline which is strongly recommended but not mandatory. The focus is on developing communication plans, which are a part of internal and external communications, but it’s not comprehensive. Wording such as “guide the development”, not intended to be exhaustive”, and “guide to development of the plan” are all subjective and allow the user discretion in what is or is not to be applied. It is different from the other UMS integrated processes, which are mandatory and comprehensive. The CER auditors are aware that a company cannot account for every scenario and activity that might require a communications plan, procedure, or work instruction. However, by not requiring staff to follow a repeatable process, it may create confusion if the who, what, when, where, why, and how are not properly accounted for in the development of a communications plan or for where a specific activity is about to take place.

During interviews, MIPL staff stated that its day-to-day operational internal and external procedures and work instructions have communications requirements built into the document. MIPL believes this makes it easier for the end user to know what to do and how to make it happen. An example provided during the interviews was the role of the ICS Communications Officer. A large part of their role is documented and prepared before anyone is even assigned to the position. Other examples were provided such as pre-written communication documents for incident reporting, various stakeholder engagements, and for operations use such as shelter in place.

MIPL provided a significant number of Emergency Management related documents to demonstrate how both external and internal communications are being carried out. The documents are distinct in the audience/stakeholder and message(s) conveyed to the end user. As an example of internal communication, MIPL staff explained how the Control Room would communicate with the emergency management Program in the event that a Control Room operator noticed an issue while watching their screens. Further, internal and external communications are consistently discussed and tested during exercises as seen at the Pierceland exercise in June attended by CER staff.

Top of Page
AP-06 - Document Management
AP-05 - Communications

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(o)

Regulatory Requirement

The company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for preparing, reviewing, revising, and controlling those documents, including a process for obtaining approval of the documents by the appropriate authority.

Expected Outcome
  • The company has a compliant process that is established and implemented.
  • The methods for preparing, reviewing, revising, and controlling those documents are defined for the management system and the section 55 programs.
  • Company personnel, who have a defined need, have adequate access to the identified documents.
  • Documents are managed and controlled using the defined process.

Relevant Information Provided by the auditee

The following key documents and records are related to this finding:

  • CEMP – Management Review
  • Document Management Process
  • Enterprise Information Management Policy
  • Management of Change Framework
  • CEMP Document – UMS Publication Entry
  • Corporate Emergency Management Program
  • Document Management Process
  • Maintenance of the EMP and the EPM
  • UMS Dcoument Approval

Finding Summary

In summary, MIPL provided a process that demonstrated MIPL documents are being consistently managed and controlled through their lifecycle. MIPL also demonstrated that documents are reviewed and approved at appropriate levels and that staff have almost instantaneous access to the library of emergency management processes, procedures, manuals, and work instructions through their electronic devices.
Detailed Assessment

MIPL staff pointed to the Document Management Process as the document to address the process requirement of this Audit Protocol. Using this document allows MIPL to:

  • Ensure UMS documents are consistently managed and controlled through their lifecycle (this includes creating, revising, reviewing, publishing, retiring, and deleting); and
  • UMS documents are protected in a consistent and controlled manner following Enterprise Information Management practices.

This document was supplemented by other documents such as the Enterprise Information Management Policy and the Management of Change Framework.

MIPL staff demonstrated how a document would be updated by anyone who submits a change request. The change is ultimately reviewed by the document owner who has to approve or reject the change and provide reasons for doing so. With additional document review the CER auditors noted the process responsibilities provides a table that lays out the document type, level of review, level of approval, and if the responsibility can be delegated. By following this table, documents are updated, reviewed, and approved at an appropriate level within MIPL.

During the development of new processes, procedures, work instructions, etc. or the modification of these documents, a review committee is involved. This committee is responsible to review the new documents or changes to existing documents to look for impacts to the various Programs, as listed in Audit Protocol one, that may have not been originally anticipated. This review committee includes field level staff who are part of the document review. MIPL staff also stated the Emergency Management Program has staff members on the review committee, to provide any feedback as needed.

MIPL provided another document entitled Maintenance of the Emergency Management Program and EPM. This document specifies the activities which need to take place to update critical documents, namely the Corporate Emergency Management Program and the EPM. This document also mandates electronic versions of these documents to be posted on several internal websites and systems, including a mobile emergency management library. MIPL staff indicated documents that are a part of the library are pushed out to all company iPhones to allow staff, down to the field level, to have immediate access to the newest and latest documents while working almost anywhere.

Top of Page
AP-07 – Contingency Planning
AP-07 – Contingency Planning

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(t)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for developing contingency plans for abnormal events that may occur during construction, operation, maintenance, abandonment or emergency situations.

Expected Outcome
  • The company has a compliant process that is established and implemented.
  • The company has methods for developing contingency plans for abnormal events that include construction, operations, maintenance, abandonment, and emergency situations.
  • The company’s contingency plans are developed, maintained, and apply to all section 55 programs.
  • The company has the ability to implement contingency plans when required, for one or all section 55 programs at the same time.

Relevant Information Provided by the auditee

The following key documents and records are related to this finding:

  • Contingency Planning Process
  • EM Contingency Assessments and Plans
  • Hazard Identification and Risk Assessment Framework
  • Risk Assessment and Mitigation Process
  • CEMP – Management Review
  • Corporate Emergency Management Program
  • 2023 Contingency Plan Summary

Finding Summary

In summary, MIPL provided a process that can be applied as necessary to abnormal operating conditions that may impact the Emergency Management Program, or any other program. Contingency planning, in some instances, has been turned into standard work instructions that staff are simply expected to implement as part of their regular work routines.
Detailed Assessment

MIPL staff pointed to the Contingency Planning Process document to address the process requirement of this Audit Protocol. The document states contingency planning aims to identify, prioritize, and prepare SaskEnergy to respond to emergency and abnormal operating conditions and their potential impact. The process ensures Programs (see Audit Protocol one for Program areas) can effectively respond to unplanned events and minimize disruption of its primary plans. The document states that this process exists to:

  • Identify potential Program level abnormal operating conditions or events that may require the development of a contingency plan;
  • Support the assessment and prioritization of abnormal events;
  • Support the planning of required contingencies; and
  • Outline the requirements for periodic reviews as required.

Each Program, such as Emergency Management, has a contingency assessment and plan document (EM Contingency Assessments and Plans) to support its contingency planning process. This document helps to determine if a contingency plan is required, based on the risk level identified. This document also provides templates to guide the development of the contingency plan, and outlines triggers for the implementation of the plan, time periods involved, roles and responsibilities, resourcing, approvals required, communication and training requirements for the contingency plan, and the key outcomes of the plan. The EM Contingency Assessments and Plans document provides five contingency plans related to the Emergency Management Program. MIPL documentation states that all contingency plans are to be reviewed annually.

MIPL staff indicated that, in many cases, contingency plans are embedded in work instructions and procedures that are used on a regular basis. An example provided was working alone, as the requirements for doing this are embedded in existing documents and not in its own specific contingency plan. Additionally, the ERP includes and embeds contingency planning into key response positions.

In scenarios where an abnormal operating condition or event extends beyond a single Program area with potential impact to multiple areas, MIPL indicated it will apply the Hazard Identification and Risk Assessment Framework. An event or scenario that may lead to an abnormal operating condition can also be considered as a hazard to the Program. This framework was discussed in more detail in Audit Protocols one to three.

Top of Page

Appendix 2: Terms and Abbreviations

Appendix 2: Terms and Abbreviations

Term/Abbreviation

Definition

AP

Audit Protocol

CAPA

Corrective and Preventive Action

CER

Canada Energy Regulator

CER Act

Canadian Energy Regulator Act

EM

Emergency Management

EPM

Emergency Procedure Manual

ICS

Incident Command System

km

Kilometers

OPR

Canadian Energy Regulator Onshore Pipeline Regulations

SK

Saskatchewan

SME

Subject Matter Expert

UMS

Unified Management System

Top of Page
Date modified: