Introduction

This case study concerns a proposed import terminal for liquefied natural gas (LNG). It was planned as a conventional onshore receiving LNG terminal with storage tanks and regasification facilities.

Two phases were planned: an initial capacity of about 10 MMtpa (million tonnes per annum) with expansion capacity for an additional 5 MMtpa later.

The main scope of the project was to design, construct and commission:

• Berthing and jetty facilities to receive LNG from standard commercial LNG vessels through conventional unloading arms
• Onshore LNG storage tanks
• Onshore regasification facilities
• Metering system, odorant injection, gas analyser
• High pressure gas send-out pipeline facilities
• Boil-off gas (BOG) handling and reliquefaction facilities
• Nitrogen ballasting system
• Utilities, services and related infrastructure facilities.

The site was located near sea level, with direct access to deep water. The site footprint was constrained, and part of it was reclaimed land.

The objectives of our work were to:

1. Prepare for and facilitate a risk assessment workshop with the owner and its technical engineering advisers and prepare a risk register covering all aspects of the project
2. Generate treatment options for key risks and an action plan
3. Prepare a project risk management plan as part of the overarching project plan, to be supplemented by the risk management plans of the principal contractors after they were appointed.

This case demonstrates:

• The value of a structured workshop process in enhancing a common understanding and unity of purpose amongst project participants
• The additional relevance for the participants that is obtained by tailoring the risk management approach for the specific characteristics of the project
• The clear benefits of an ‘extended’ risk analysis that includes control effectiveness and potential exposure – as well as consequences, likelihoods and levels of risk – in providing new insights and ideas and a more structured approach to assurance and monitoring.

LNG regasification

Natural gas is primarily methane (CH₄), but it may contain other hydrocarbons, carbon dioxide, hydrogen sulphide, water and other impurities. To produce LNG the natural gas is treated to remove undesired components and the ‘clean’ gas is refrigerated to -162 degrees C and condensed to liquid form. As a liquid it occupies only a fraction of its original volume, which facilitates far more efficient transport and storage.

LNG is transported internationally in tankers to import facilities where the liquid is converted back to the gaseous state for industrial or domestic use. Figure 1 outlines a regasification process similar to the one that was the focus of this project. In summary:

• LNG is unloaded from tankers and stored in large special-purpose tanks
• It is pumped to a vaporiser, where it is heated to evaporate it to a gas; heating may be by burners or by sea water
• After extracting gas needed for fuel and adding an odoriser (methane is odourless, so this is a common safety precaution), the volume of gas is measured, the pressure controlled precisely and it is sent by pipeline to users
• Gas that vaporises in the tanker or the facility, called boil-off gas (BOG), is collected, processed and incorporated in the delivered gas stream.

Approach and context

Risk management process

Our risk management approach was based on the risk management process described in the international risk management standards, ISO 31000 Risk management and IEC 62198 Managing risk in projects, as commonly used in the oil and gas sector. It complied with and extended the company’s risk project management process.

The core of the proposed approach is summarised in Figure 2.

Establishing the context

An important component of the process is gaining an understanding of the objectives of the project and context in which it will take place. As part of this step, we worked with senior owner and project personnel to develop:

• A detailed analysis of stakeholders in the project and their objectives
• A summary of the external environment that might affect the project
• A summary of the internal factors within the project owner and adviser organisations that might influence project outcomes.

The criteria for assessing the consequences of risks were developed and agreed with senior members of the owner and project teams. These included:

• Performance of the facility, including its capacity, quality, feed capability, availability and reliability, and operating cost
• Capital cost of the facility
• Construction schedule
• Effects on people and the environment, both during construction and in operation
• Image and reputation as judged by the main stakeholders
• Governance, compliance and business integrity.

We also developed a set of key elements as part of the context. The key elements were used to focus attention on topics that were smaller and more manageable than the entire project. The full list of key elements covered the scope being assessed. Each key element was considered during the workshop and the risks it brought to mind were noted and analysed before going on to the next key element. The key elements were also used to structure the agenda for the workshop.

Five groups of key elements were used:

• The technical elements (Table 1) dealt with the scope of works, engineering, design, design information, design definition and completeness, technology, packaging and constructibility
• The construction elements (Table 2) dealt with the contractors’ ability to perform the works as planned on the site, to the required standards, using the required processes and within the preferred timeframe
• The project management elements (Table 3) dealt with capability and issues associated with management of the project
• The project commercial elements (Table 4) dealt with the formation and management of the construction contracts
• The business commercial elements (Table 5) dealt with the formation and management of supply and off take agreements and contracts.

The company’s existing scales for describing the consequences and likelihoods of risks were reviewed, enhanced and tailored for this project. The revised scales remained consistent with the existing scales, but were extended to include descriptions more relevant to the project.

The outcomes from previous risk assessments were reviewed. Risks that were no longer applicable were deleted and the remainder were included in a new risk register for review in the workshop.

A briefing document was developed and distributed to the invited workshop participants. It described the purpose of the workshop, the scope, the context, the key elements, the workshop process, the rating scales and the initial risk register.

Risk assessment

Risk assessment workshop

A one-day, joint risk assessment workshop was held with the owners, the project team and their main advisers. The individuals were selected to address the complete scope, plus those with the authority to make the necessary decisions. The workshop process is illustrated in Figure 3.

The workshop involved brainstorming, with two passes.

In the first pass, the key elements were considered one at a time, and the participants:

• Identified the risks
• Noted the main controls currently in place and their effectiveness
• Assigned consequences and likelihoods, taking into account the controls, and the potential exposure were all the controls to fail
• Established the initial levels of risk.

In the second pass, the participants:

• Reviewed and agreed the levels of risk for each risk
• Assigned the level of potential exposure.

The nomination of risk owners was left to the project management team for completion after the workshop.

Assessment outcomes: overview

A total of 44 risks were assessed, of which one was rated as Very high and seven were rated High. Risks were spread throughout the key elements, but there was a slight concentration in the Construction works and Site conditions key elements. This reflected the fact that the construction was considered more difficult than usual due to the restricted access to the site and its compact size.

Treatment priorities

Figure 4 represents diagrammatically where attention should be focused for risk treatment. Table 6 indicates the number of risks ranked in each consequence and likelihood cell of the risk matrix. The one risk rated Very high, Insufficient space for the future construction of tank C-3, was considered strategic and hence important for the owner’s team responsible for developing the business strategy.

Control improvement

Figure 5 shows how control effectiveness can be used to provide additional guidance on priorities for risk treatment. Risks in the lower right should receive attention for risk treatment in the form of control improvement by managers; risks in this area have high levels of risk but the controls are not as good as possible for the project.

Table 7 summarises the risks by their levels of risk and their control effectiveness. There were only four risks in the high priority area for control improvement. However there were no risks where the controls were regarded as fully effective, so there was room for improvement on all risks.

Monitoring and review of controls

Figure 6 illustrates the relationship between level of risk and the potential exposure, defined as the consequences if all the controls failed to work as intended. Risks in the upper left area should receive attention for assurance activities such as inspections, reviews and monitoring by managers and assurance providers, as the controls here are important for maintaining the low level of risk.

Table 8 summarises the risks and their potential exposures. There were 18 risks with high potential exposure, but only Medium or Low levels of risk, the priority area for control assurance. These risks have potentially large consequences that could seriously damage the project’s ability to achieve its objectives if the controls were not working as expected. The controls for these risks are very important: managers needed to assure themselves that they were being implemented as effectively as assumed in the assessment, and that they remained effective as work progressed. This required a process for monitoring the controls on a continuing basis.

Risk treatment

Risk treatment workshop

A half-day risk treatment workshop was held with the owners, the project team and their main advisers shortly after the risk assessment. During the workshop participants examined the Very high risk and six of the High risks.

The treatment process commenced with developing a deeper understanding of each risk, in particular the full range of its causes and consequences and reviewing the existing controls for both the causes and consequences. A comprehensive table of information was developed. This table presented the information in the form of a bow tie structure (Figure 7) and a more detailed recording template (Figure 8), which aided understanding and allowed the participants to brainstorm treatment options that might either prevent or reduce the likelihood of the causes, or protect against or reduce the consequences.

Treatment options and action plan

The advantages and disadvantages of each treatment option were discussed and a decision was made on whether to adopt, reject or undertake further investigation of each one.

An action plan was developed that combined:

• Options from the initial levels of risk (Figure 4 and Table 6) and the bow-tie process (Figure 7 and Figure 8)
• Control enhancement actions from the analysis of control effectiveness (Figure 5 and Table 7)
• Assurance actions from the analysis of potential exposures (Figure 6 and Table 8).

Lessons

The workshops brought together the owners and their main technical advisers. This enhanced the common understanding and unity of purpose in what was already a set of close working relationships.

The risk management approach and the assessment scales were based on and consistent with the corporate risk management framework of the project owner, but tailored for this project. This tailoring made the process more ‘real’ and pertinent for the project team, so they saw it as something of direct relevance to them rather than just another requirement from head office.

The ‘extended’ risk analysis, including control effectiveness and potential exposure, was regarded as showing clear benefits over the previous process that only considered consequences, likelihoods and levels of risk. The additional information provided new insights, fresh ideas for improving project outcomes and a more structured approach to assurance and monitoring.

The outcomes from this activity – the risk register, the action plan (including assurance tasks) and the project risk management plan – were designed for continuing use in the project. The project risk management plan specified the responsibilities and process for ongoing risk management through the life of the project.