Failures of critical controls, risk normalisation, and weak governance: Callide investigation report findings

Extracts from the Callide investigation, involving a significant boiler pressure event. Thanks to @wade n for flagging this report.

Not going into the event details – so check out the report.

Extracts:

· “The incident reflects a systemic failure to manage both technical and organisational risks, highlighting the critical need for integrated system reviews, clearly defined performance standards, and disciplined oversight of process safety”

· “The incident was triggered by the concurrent failure of several independent controls”

· “Clinker falls were treated as routine operational events rather than serious process safety concerns. As a result, these events were not consistently reported, investigated, or escalated”

· “This normalisation eroded oversight, diminished risk visibility, and contributed to missed opportunities for control improvements”

· “The Burner Management System incorporates multiple layers of logic and sequencing. However, there is no unified view of how the system behaves under critical conditions”

· “Control logic diagrams are fragmented, and there is no accessible, documented end-to-end representation of system operation during a real-world event”

· “This lack of transparency restricted the identification of latent risks and limited the ability to validate system performance under worst-case conditions”

· “Key safety systems did not perform as intended”

· “Process safety was not embedded into frontline operations. Operators lacked formal training in process safety, critical signals were missed or normalised, and process safety events were not recognised”

· “Governance was fragmented, ownership unclear, and improvement efforts lacked operational impact”

· “Staffing shortages, high overtime use and limited supervision reduced operational resilience”

· “Resourcing risks were not assessed, and critical tasks like clinker management lacked formal training and oversight”

· “Supervisors had no structured program to build or verify technical and leadership capability”

· “Early warnings were missed, accountability was diluted, and assurance efforts prioritised volume over substance”

· “Weak governance allowed issues to persist without intervention”

· “A mindset of production as a priority led to compromised decisions, reduced risk escalation, and reluctance to speak up due to fear of blame or inaction”

· “Operational Risk Assessments were used to justify continued operation, while Critical Control Verifications prioritised target completion over testing control effectiveness”