Digging into Integrity First: what exactly is third-party verification?

As part of the Integrity First cycle, companies perform self-assessments on their current systems, processes and practices within identified priority areas. Based on these assessments, members assign a level of maturity: foundational, continually improving, proactive or leading.

These assessments then go through third-party verifications to increase trust and credibility; strengthen consistency in the interpretation and application of Integrity First guidance documents; and drive performance improvements and operational efficiencies. This process occurs on a four-year cycle, and information gathered is shared among participating companies, leading to continual improvement throughout the industry.

To get more information on third-party verification, we spoke with James D. Brown, a partner in ERM Certification and Verification Services (ERM CVS). James is an engineer with experience in pipelines, and leads a team of evaluators who perform the verifications of Integrity First members.

Who performs third-party verifications?

ERM CVS is the company hired by CEPA to provide third-party verification services for Integrity First. ERM CVS is an arm of ERM, a London, UK-based group.

ERM employs two lead external verifiers, each of whom have 30 plus years oil and gas pipeline experience “including being on the front line when things have gone wrong,” said Brown.

“On Integrity First, we have eight external verifiers, people who go with the leads and support them. On each verification there is a two-person team; the lead and the external.”

Why did CEPA select ERM CVS to perform the verifications?

In selecting an organization to perform the verifications, it was important to CEPA that the organization was not directly involved in work with the transmission pipeline industry or CEPA members and that they had the required expertise and reputation. ERM CVS fit the bill.

“We are not beholden to the industry. We are independent from the pipeline industry. That’s why CEPA selected us as a verifier, we were able to demonstrate that independence,” said Brown.

“We do not care if someone is verified or is not verified. What we do care about is whether the verification is fair, neutral and free of bias.”

How does a third-party verification work?

Brown explains that CEPA members first prepare a self-assessment based on the Integrity First criteria. The criteria exist at four maturity levels. Foundational is the lowest, and leading is the highest, indicating that the member is a leader in that specific area.

The verification method is based on witnessing the evidence. Brown gives the example that for the area of Control room management, at a certain maturity level, companies are required to have defined succession plans for critical technical and non-technical roles. To verify that this requirement is properly rated through the organization’s self-assessment, ERM CVS will typically meet with human resources professionals to go over the plan, ensuring it is current.

“We will say yes, we’ve witnessed it and verified that item as they rated it appropriately on the maturity level,” says Brown.

Control room management verification, for example, includes going into the control rooms, talking to operators, and ensuring documents that guide processes are current and in place.

What areas of Integrity First have gone through third-party verification, and what’s next?

ERM CVS began verifications for Integrity First in 2016, and the third-party verification system continues to roll out. In 2016 emergency management went through the verification stage; in 2017, pipeline integrity and control room management were added; and in 2018, third-party verification will be performed on CEPA members’ damage prevention self-assessments.

Third-party verification plays an important role in increasing the credibility of Integrity First, and ensures that the guidance documents are properly interpreted and maturity levels are consistently applied throughout the industry.

“The industry collectively is trying to make a difference. The verifications support that,” said Brown. “We are holding them to what the criteria say and identifying whether the evidence supports their self-assessment.”


Read next: Can regulators benefit from Integrity First?