Let’s Be Frank: Stop Normalizing Deviance

Editor’s Note:  Writing under the pseudonym Inspector Frank, the author of this column offers a first-hand, candid view of what he has witnessed throughout his career. His purpose in sharing these experiences and opinions is to encourage readers to think deeper about what they do, why they do it, and the possible impact of their decisions.

Inspectioneering is committed to protecting the anonymity of pseudonymous authors. We do, however, hold these contributors to the same editorial standards as those writing under their own name. In this, we know the author’s identity and maintain communications regarding the author’s published works. If you have any questions, feedback, or concerns stemming from this article, please send an email to befrank@inspectioneering.com and we will forward your correspondence to the appropriate party.

All of us have our own individual risk thresholds. We also all do risk assessments every day, weighing that assessment against our own internal risk threshold. I have seen driving your personal car used as an example to explain this concept. It goes a little like this:

1. Most people in North America drive a vehicle -- maybe mostly on their commute to work, maybe it is a huge part of their work, maybe they also use it for vacations, etc.
2. Every time you get ready to drive somewhere, you do a personal risk assessment: is the weather safe to drive in, is the car in good shape, am I ok to drive, etc.?
3. If, according to your personal risk threshold, the risk seems tolerable, you get in your car and drive.

We obviously sometimes ‘ignore’ a risk because we have taken that risk in the past and had no ill effects. If, for example, you have frequently driven in severe snowstorms and never had an accident, then you may start risk-ranking that activity as being less risky than it actually is. This is a form of ‘normalization of deviance.’

‘Normalization of Deviance’ is a term that is credited to sociologist Diane Vaughan after she started using it when reviewing the Space Shuttle Challenger explosion in the late 1980’s. Ms. Vaughan described ‘normalization of deviance’ as occurring when people within an organization become so insensitive to deviant practices that the deviation no longer feels like a risk. Vaughan defines this as a process where a clearly unsafe practice comes to be considered normal if it does not immediately cause a catastrophe.

Vaughan noted that the root cause of the Challenger disaster was related to the repeated choice of NASA officials to fly the space shuttle despite a known dangerous design flaw with the O-rings. They kept flying because it kept coming back fine (until it didn’t).

This can obviously be a huge problem. Not only in the case of personal risk, but also in terms of organizational risk for the companies we work for. But why does ‘normalization of deviance’ occur?

From my own experience and reading articles about this issue, I think there are multiple reasons. But here is something interesting to consider: as humans, is ‘normalization of deviance’ actually our go-to operating parameter? As individuals trained to work in industrial environments, we all know the safety rules and the safe way to do things, but how many of us cut corners outside of the work environment?

I know we have all done this. I am sure you have stood on a wobbly chair to change a lightbulb at home or climbed on your roof with no safety equipment in place. I would then argue that deviation from standards is more normal than we all care to admit. You have made a personal risk assessment and have knowingly decided to operate in a high-risk zone because you have normalized the deviance.

Consider this… I took a basic business economics and finance course in high school where the instructor said something that has stuck with me for a lot of years. We were having a discussion on running a small business and then having employees steal from the business. He said, “If you have set up a business financial system that allows people to steal from you, or think they can steal from you and get away with it, then you are the one who is in the wrong.” He went on to elaborate that if the safeguards are ineffective and cannot stop theft from occurring, then you (as the business owner) are the one who has messed up.

His statement stayed with me because I see the same issue of people ‘getting away with it’ when we build complex systems to make sure things are done the way they need to be done. Does that mean that what has been called ‘normalization of deviance’ is actually the standard condition? Does that mean what we actually need is ‘normalization of following the rules’ (or ‘normalization of non-deviance’)?

Before I take this any further, let’s consider ‘normalization of deviance’ in the mechanical integrity world. I am sure you have seen it before, but I can recall a couple instances that have stood out in my mind:

1. A hydrotreater unit I worked in had water injection quills in the high-pressure reactor effluent circuit that were critical to corrosion control. In 30 years of operation, they had never been inspected, mainly because of the difficulty in pulling them (due to location and the massiveness of the flanges due to the pressures involved). Also, everyone from Operations to Maintenance said the water injection is working fine, so no need to look at the quills. In this case the ‘deviance’ that was normalized was straying from executing a sound inspection plan to ensure the integrity of equipment that was critical for corrosion protection of the circuit. When we did finally pull them there were no issues, which then reinforced in everyone’s mind that the deviation from an inspection plan was acceptable. This meant that other hydrotreater units’ effluent injection quills were not checked. This led to a near miss a few years later in another unit where the injection quill had failed and changed the mixing conditions to the point where lamellar flow was set up and the injection water did not appropriately dilute the contaminants in the effluent stream. This was discovered more by luck than by any quality inspection plan.
   
   
2. I worked in a mine where corrosion of any uncoated steel in the above-ground processing building was a huge concern due to moisture and the mined product residue. New structural steel would be put in coated, but then the coating would fail very rapidly, and significant corrosion would take place in a fairly short time frame. It was bad enough that during orientation for new workers to the facility, personnel were warned to not lean on handrails without checking them for soundness first. The normalized deviance in this case was a site-wide acceptance that the structure that is meant to keep you safe and holding up processing equipment may be on the verge of falling apart. There was eventually an injury that changed everyone’s outlook on what was an acceptable risk.

I actually can’t think of any personal experiences where ‘normalization of deviance’ had a good outcome.

The next logical question would be "Why do people and organizations find it acceptable to break the rules?" There can be many reasons, but in equipment integrity I have heard variations of the following:

• “That work is unnecessary and we are trying to save money right now.”
• “Accomplishing that task is too burdensome, the ‘juice isn’t worth the squeeze’ and we have a tight turnaround window on this equipment as it is.”
• “Those guidance documents were meant for the inexperienced; we are a robust, mature organization and have never seen those problems in the past.”
• “We will just let the planned inspection slide this one time; next year when the plant is down again, we can do that work.”
• “Those industry/API/corporate standards are just guidelines; we don’t need to follow them all of the time.”
• “Other places I have worked didn’t do this in the inspection plans; this is just a waste of time.”
• “We have never done that and never had a problem, so why do we need to do it now?”

If there is a risk threshold we have put in place as an organization, and we choose to normalize deviation and cross that risk threshold without any justifiable assessment or reason, then we are setting ourselves up to fail as integrity personnel, and potentially have a failure of the equipment we are charged with maintaining.

When it comes to setting up and maintaining effective integrity programs, maybe what we need to do is look at this ‘normalization of deviance’ in another way completely. 

If we understand that deviance opens up the raising of the acceptable risk threshold and is much more normal than we care to admit, then we have to turn the concept around.

As integrity personnel, we should be making ‘normalization of consistency’ our mantra and ‘normalization of excellence’ our goal. This, however, requires a willingness for all levels of our organization to be challenged.

Deviation will likely be the norm if your organizational culture is not actively working to fight it. I have been in work environments where normalization of deviance did not occur or was not accepted. What did they do differently?

The first and biggest thing was that, as I stated above, all levels of that company were willing to be challenged and management actively promoted being challenged on critical decisions. Lots of people in management roles don’t do well with being challenged, so it is definitely not easy to implement this culturally within an organization.

Here are some things to consider when looking at your organization’s potential for normalizing deviance:

1. Do not let past successes during known deviations redefine your risk threshold and become acceptable performance (i.e., the “we have never had that issue there in the past, we will be fine” attitude).
2. Require that the systems you are safeguarding with your programs be proven safe to operate to an acceptable level of risk, rather than the opposite.
3. Get personnel with opposing viewpoints to look and work on your risk assessments. Sometimes everyone getting along on a team does not provide the checks and balances needed to ensure things are operating within an acceptable risk threshold.
4. Keep your integrity systems separate from the day-to-day operation of the facility. Production is king, but equipment integrity is supposed to ‘Guard the Gates’ from a loss of containment and keep things operating under an acceptable risk threshold. Sometimes integrity findings will be such that it might require an unscheduled shutdown, which will affect production.

When we allow ‘normalization of deviance’ to occur it raises our organizations’ risk threshold in an uncontrolled and unmanaged way. Instead of worrying about this, we should be striving for a ‘normalization of excellence,’ a state where we knowingly do not accept raising our risk threshold by deviation.

To paraphrase my high school teacher, if your integrity programs and organizational culture are such that they allow for personnel to cut corners or deviate, and this then becomes an acceptable increase in risk threshold going forward, then the problem isn’t with them, the problem is with your systems.