Trans-Northern Pipelines Inc. - Emergency Management Program CV2526-020

Trans-Northern Pipelines Inc. - Emergency Management Program CV2526-020 [PDF 758 KB]

Executive Summary

The Canada Energy Regulator (CER) expects pipelines and associated facilities within the Government of Canada’s jurisdiction to be constructed, operated and abandoned in a safe and secure manner that protects people, property, and the environment. To this end, the CER conducts a variety of compliance oversight activities, such as audits.

Section 103 of the Canadian Energy Regulator Act (S.C. 2019, c.28, s.10) (CER Act) authorizes inspection officers to conduct audits of regulated companies. The purpose of these audits is to assess compliance with the CER Act and its associated Regulations.

The purpose of operational audits is to ensure that regulated companies have established and implemented both a management system and its associated programs, as specified in the Canadian Energy Regulator Onshore Pipeline Regulations (SOR/99-294) (OPR).

The CER conducted a Emergency Management (EM) operational audit of Trans-Northern Pipelines Inc. (the company or TNPI) between 2 September 2025 and 19 December 2025.

The objective of this audit is to verify that the company has developed and implemented specific elements of an EM program in accordance with the requirements of the OPR related to:

  • Hazard identification;
  • Risk assessment;
  • Making employees and others aware of their responsibilities;
  • Internal and external communication;
  • Contingency planning; and
  • Management of documentation.

Of seven audit protocols; six were deemed no issues identified. The one remaining audit protocol was deemed non-compliant.

Within 30 calendar days of receiving the Final Audit Report, the company shall file with the CER a Corrective and Preventive Action (CAPA) Plan that outlines how the non-compliant finding will be resolved. The CER will monitor and assess the implementation of this CAPA Plan to confirm that it is completed in a timely manner.

Note that all findings are specific to the information assessed at the time of the audit as related to the audit scope.

While a non-compliant finding exists, the CER finds that the company can still construct, operate, and abandon pipelines in a manner that will preserve the safety of persons, the environment, and property.

The Final Audit Report will be made public on the CER website.

Top of Page

Table of Contents

Top of Page

List of Tables and Figures

1.0 Background

1.1 Introduction

The CER expects pipelines and associated facilities within the Government of Canada’s jurisdiction to be constructed, operated and abandoned in a safe and secure manner that protects people, property, and the environment.

Section 103 of the CER Act authorizes inspection officers to conduct audits of regulated companies. The purpose of these audits is to assess compliance with the CER Act and its associated Regulations.

The purpose of operational audits is to ensure that regulated companies have established and implemented both a management system and its associated programs, as specified in the OPR.

The CER conducted an EM operational audit of TNPI between 2 September 2025 and 19 December 2025.

1.2 Description of Audit Topic

The CER expects companies to have a fully established and implemented EM program (EMP). This program is expected to proactively address the various scenarios, contingencies, and related actions that are necessary to be taken to protect the public, workers, and the environment during all potential upset or abnormal operating conditions experienced by the company. These upset or abnormal operating conditions can take place at any point during a pipeline or facility’s lifecycle and in any season or weather event. As part the of establishment and implementation of the EMP, the CER expects the company’s management system to be integrated into this program and linked to other OPR section 55 programs as necessary to have robust controls in place to manage and mitigate any upset or abnormal conditions that may occur.

1.3 Company Overview

TNPI has been in operation for over 70 years, starting in 1952, and is a refined fuels product pipeline company headquartered in Richmond Hill, Ontario. TNPI’s CER-regulated system consists of approximately 850 kilometres of pipeline flowing east to west through Ontario and Quebec linking Montreal, Quebec, and Oakville, Ontario. Its system also connects Nanticoke and Toronto, Ontario. Along with these pipeline segments are branch lines which connect to Toronto Pearson International Airport and Montréal–Pierre Elliot Trudeau International Airport, as well as Clarkson and Ottawa, Ontario. TNPI filed an application to the CER on 30 October 2025, for the Farran’s Point to North Toronto Deactivation Project which has subsequently been approved. On average, the system moves approximately 27,500 cubic meters or 172,900 barrels of refined fuel products including gasoline, diesel, aviation fuel, and heating fuel daily.

The map below depicts the company’s CER-regulated assets.

Trans-Northern Pipelines Inc Pipelines and Facilities map Figure 1. Map of Company’s Regulated Assets

2.0 Objective and Scope

The objective of this audit is to verify that the company has developed and implemented specific elements of an EMP in accordance with the requirements of the OPR related to:

  • Hazard identification;
  • Risk assessment;
  • Making employees and others aware of their responsibilities;
  • Internal and external communication;
  • Contingency planning; and
  • The management of documentation.

The table below outlines the scope selected for this audit.

Table 1. Audit Scope

Table 1. Audit Scope

Audit Scope

Details

Audit Topic

Emergency Management

Lifecycle Phases

    
Construction

 x 
Operations

    
Abandonment

Section 55 Programs

 x 
Emergency Management

    
Integrity Management

    
Safety Management

    
Security Management

    
Environmental Protection

    
Damage Prevention

Time Frame

Open

3.0 Methodology

An audit notification letter was sent to the company on 2 September 2025 advising the company of the CER’s plans to conduct an operational audit. The lead auditor provided the audit protocol and initial information request to the company on 3 September 2025 and followed up on 18 September 2025 with a meeting with the company staff to discuss the plans and schedule for the audit. Document review began on 7 November 2025 and interviews were conducted between 8 December 2025 and 11 December 2025. Attendance at a TNPI EM exercise was completed between 28 October 2025 and 29 October 2025.

The auditors assessed compliance through:

  • document reviews;
  • record sampling;
  • interviews; and
  • attendance at EM exercise.

The purpose of the document review is to identify the suite of documents that are intended to meet the requirements related to the audit protocols. This review assesses whether the process is established. The auditors reviewed approximately forty-three documents that were submitted by TNPI.

The interviews are conducted to determine the extent to which the processes have been implemented. If the responses are consistent with what is written, the auditors assume that the staff are aware of the process, and that it is being followed. The first set of interviews was conducted primarily with management and senior staff to discuss each of the audit protocols. The second set of interviews was organized based on positions, which ranged from office staff to field staff, where the auditors asked questions relating to all the audit protocols at each interview. The auditors conducted approximately 10 interviews.

Records are also sampled to assess whether the process is implemented. Records are outputs, or products of a process. The presence of properly completed records suggests that the process is being used. The auditors sampled approximately sixty-six records.

The list of documents reviewed, records sampled, and the list of interviewees are retained on file with the CER.

In accordance with the established CER audit process, the lead auditor shared a pre-closeout summary of the audit results on 19 December 2025. Normally, the company is given five business days to provide any additional documents or records to help resolve the identified gaps in information or compliance. Subsequent to the pre-closeout meeting, TNPI decided that it would not be providing additional documentation, and the pre-closeout meeting became the final closeout meeting.

4.0 Summary of Findings

The lead auditor has assigned a finding to each audit protocol. A finding can be either:

  • No Issues Identified – No non-compliances were identified during the audit, based on the information provided by the company and reviewed by the auditor within the context of the audit scope; or
  • Non-compliant – The company has not demonstrated that it has met the legal requirements. A CAPA Plan shall be developed and implemented to resolve the deficiency.

All findings are specific to the information assessed at the time of the audit, as related to the audit scope.

The table below summarizes the findings. See Appendix 1: Audit Assessment for more information.

Table 2. Summary of Findings

Audit Protocol (AP) Number Regulation Regulatory Reference Topic Finding Status Finding Summary

AP-01

OPR

6.5(1)(c)

Hazard Identification

No Issues Identified

Through the TNPI Risk Management Standard, risk matrix and associated Guidelines, the EMP is able to complete the necessary risk management activities and consistently identify, assess, and manage organizational and operational risks. Interviews and records demonstrate the process has been implemented.

AP-02

OPR

6.5(1)(d)

Hazard Inventory

No Issues Identified

TNPI has established and maintained an up-to-date inventory of hazards pertaining to the EMP. The corporate and program level registers complement one another with the protection programs linking to the corporate risk register through established touch points.

AP-03

OPR

6.5(1)(e)

Risk Assessment

No Issues Identified

TNPI has established and implemented processes to evaluate risks using both a semi-quantitative method for corporate risks and a more detailed semi-qualitative approach for program level risk assessments. This approach is appropriate for the nature, scope, scale, and complexity of its EMP. The process defines risk tolerance criteria and requires risk to be monitored at a defined frequency. Associated programs and guidelines assure risks are assessed for both normal and abnormal condition hazards. Interviews and records demonstrate the process has been implemented.

AP-04

OPR

6.5(1)(l)

Making Employees and Others Aware of their Responsibilities

No Issues Identified

Using a combination of training and stakeholder management, TNPI was able to demonstrate that it has processes in place to meet this audit protocol requirement. TNPI demonstrated that it is making employees and others aware, such as third-party contractors and stakeholders, of their responsibilities in relation to the EMP. Through the use of planned training exercises both TNPI staff and third-party contractors are exposed to the various roles and responsibilities they would be required to fill if an incident did occur.

AP-05

OPR

6.5(1)(m)

Internal and External Communications

No Issues Identified

Applying the Communications Process, and the Stakeholder Management & Community Relations Standard, TNPI demonstrated that it has a communication process that defines methods for both internal and external communication. TNPI is communicating messages relating to safety, security, and protection of the environment both internally and externally, and the communications are adequate for the EMP. Interviews and records demonstrate the process has been implemented.

AP-06

OPR

6.5(1)(o)

Document Management

No Issues Identified

TNPI’s EMP documentation follows the Data, Document, and Information Management Supporting Guidelines and associated programs to ensure proper creation and management of information. TNPI has established and implemented a process, which provides for the development, updating, reviewing, revising, and controlling of key EM-related documents. Relevant personnel, at both the field and office level, have access to these documents.

AP-07

OPR

6.5(1)(t)

Contingency Planning

Non-compliant

TNPI has a process for developing, assessing, and approving contingency plans for abnormal events including emergency situations. However, the process, at the time this audit was conducted, did not yet meet all of the requirements to be considered fully established and implemented.

5.0 Discussion

TNPI refers to its management system as an Operational Excellence Management System (OEMS) which is directly applicable to all TNPI activities. The sixteen elements that build the OEMS do not define specific work processes or provide specific details on how to develop or implement these requirements. These requirements are found in element guidelines, standards, and processes. The OEMS elements follow the plan – do – check – act cycle of a management system and include the requirements laid out in the OPR’s management system section. Using the requirements from the elements in the OEMS, TNPI has developed a series of programs that are aligned with the OPR’s protection programs. Each program applies the applicable OEMS processes and the unique program-specific processes and procedures to consistently meet legal requirements, identify and manage relevant hazards and risks, and support achieving TNPI’s goals.

The focus of this audit is on Element 10 of the OEMS and its related program where EM activities are carried out. The purpose of this element is stated as communicates clear requirements for effective planning and response related to emergencies. Examples of TNPI’s emergency planning include:

  • Facility specific responses;
  • High water action plans; and
  • Business continuity planning, to name a few.

TNPI’s EMP document emphasizes four program areas to ensure consistent and coordinated management through all aspects of an emergency:

  • Prevention/mitigation;
  • Preparedness;
  • Response; and
  • Recovery.

The OEMS’s sixteen elements and its related programs are interlinked with one another to provide effective guidance for any plans, programs, or processes that it requires. Examples of this are linking Element 5, Organizational Structure, and Element 2, Risk Assessment and Management, to the EM response plans that TNPI needs to have in place should an emergency or incident happen.

In addition to TNPI’s OEMS and the related EMP, TNPI has also developed and published its corporate Emergency Response Plan (ERP). The plan states it’s responsible for governing the execution of emergency response activities to all emergencies and operational incidents occurring within TNPI facilities, infrastructure, and operations in Canada. For specific scenarios, TNPI has also developed site specific ERPs to accommodate specific response strategies required due to unique circumstances or locations.

Like many other companies in the oil & gas sector, TNPI has adopted the Incident Command System (ICS). The ICS is a command-and-control structure used by numerous emergency response organizations, both within Canada and internationally, to manage emergency incidents. In the event of an incident, TNPI has indicated it will establish a unified command structure with all responding authorities and appropriate stakeholders and Indigenous communities. TNPI provides those assigned ICS roles with ICS training and an extensive Field Operations Guide-Incident Management Handbook for use and reference.

A CER auditor and the EM Subject Matter Expert (SME) participated as observers in an emergency exercise conducted by TNPI, to better understand how these exercises interface with the company’s OEMS, and how they help the OEMS meet the requirements of the OPR. Due to time and availability constraints, the CER staff were unable to attend a TNPI CER-specific emergency exercise. However, they were able to attend another emergency exercise of TNPI’s Alberta Products Pipe Line Ltd., which is regulated by the Alberta Energy Regulator. TNPI indicated the same management system and EM principals are used for both systems. The auditors confirm that the information provided by TNPI in the document review and during interviews was consistent with what was observed in the Alberta Products Pipe Line Ltd. emergency exercise.

Overall, TNPI’s management system and the EMP appear to be well designed. Processes exist for each of the requirements assessed during this audit and are both well written and comprehensive with workers provided access to all programs and supporting information. TNPI staff interviewed were well informed and knowledgeable about the EMP as well as their specific roles. TNPI was able to produce records for all sampling requests, which is an indicator that the processes were being implemented and in use.

6.0 Conclusion

In summary, the CER conducted an operational audit of TNPI related to EM. Out of a total of seven audit protocols, six were classified as no issues identified, resulting in an audit score of 86 percent.

TNPI is expected to resolve the deficiency through the implementation of a CAPA Plan. The CER will monitor and assess the implementation of this CAPA Plan and issue an audit closeout letter upon its completion.

Top of Page

7.0 Next Steps

TNPI is required to resolve the non-compliant finding through the implementation of a CAPA Plan.

The next steps of the audit process are as follows:

  • Within 30 calendar days of receiving the Final Audit Report, the company shall file with the CER, a CAPA Plan that outlines how the non-compliant finding will be resolved.
  • The CER will monitor and assess the implementation of the CAPA Plan to confirm that it is completed:
    • on a timely basis; and
    • in a safe and secure manner that protects people, property, and the environment.
  • Once implementation is completed, the CER will issue an audit closeout letter.
Top of Page

Appendix 1: Audit Assessment

AP-01 - Hazard Identification
AP-01 - Hazard Identification

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(c)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for identifying and analyzing all hazards and potential hazards.

Expected Outcome
  • The company has a compliant process that is established and implemented.
  • The methods for identification of hazards and potential hazards are appropriate for the nature, scope, scale, and complexity of the company’s operations, activities and section 55 programs.
  • The identification of hazards and potential hazards must include the full lifecycle of the pipeline.
  • The company has comprehensively identified and analyzed all relevant hazards and potential hazards.
  • The hazards and potential hazards have been identified for the company’s scope of operations through the lifecycle of the pipelines.
  • The identified hazards and potential hazards have been analyzed for the type and severity of their consequences.

Relevant Information Provided by the Company

The following key documents and records are related to this finding:

  • Operational Excellence Management System Manual
  • Element 2 TNPI Risk Assessment and Management Supporting Guidelines
  • TNPI Risk Management Standard
  • Risk Assessment Matrix
  • Risk Assessment Worksheet TEMPLATE
  • Incident Management Investigation and Corrective Actions Supporting Guidelines
  • Management of Change (MOC) Procedure
  • Last Minute Risk Assessment (LRMA) Procedure
  • Job Safety Analysis Procedure
  • Event Reporting Procedure
  • Event Reporting Policy
  • TNPI Emergency Response Plan
  • Emergency Response Program
  • Field Operations Guide (FOG)
  • Initial Responder Handbook
  • Example Daily Email sent HIDs, Near Misses & Incidents
  • TNPI Hazard Inventory EM Summary
  • Toronto Airport Process Hazard Assessment (PHA) Report
  • Tunnel Job Safety Analysis (JSA) Example
  • Meter and Pump Stations and Valve Sites – JSEP Risk Assessment
  • West Line Technical Risk Assessment

The following interviews are related to this finding:

  • Day 1 of interviews with TNPI representatives to cover hazard identification (AP-01), hazard inventory (AP-02), and risk assessment (AP-03).
  • Day 2 of interviews with TNPI field staff – All audit protocols.

Finding Summary

Through the TNPI Risk Management Standard, risk matrix and associated Guidelines, the EMP is able to complete the necessary risk management activities and consistently identify, assess, and manage organizational and operational risks. Interviews and records demonstrate the process has been implemented.
Detailed Assessment

The TNPI Risk Management Standard states that it is the process to provide a systematic and consistent approach for the identification, assessment and management of TNPI’s priority organizational risks and operations risks. The standard goes on to indicate that it supports or is linked to other OEMS elements and programs, such as the EMP, that need to complete risk management activities. The Risk Management Standard’s scope includes all projects, operational and non-operational phases of a pipeline’s lifecycle, reasonably foreseeable emergency situations, and both normal and abnormal operating conditions.

TNPI indicated it takes a broad view when identifying its potential hazards, followed by systematically reviewing and narrowing the list of potential hazards by determining which are relevant to its operations. TNPI uses a three-step approach to hazard identification including the review of the established, existing TNPI hazard inventory, a review of existing management system information (qualitative and quantitative), followed by a guided brainstorming session with SMEs. In addition, each TNPI program, such as the EMP, is required to identify potential and possibly new program specific hazards to be included in the hazard identification and evaluation process. Once these steps are done, the potential hazards are reviewed by the TNPI programs and key stakeholders followed by an update, if required, to the TNPI hazard inventory, which is discussed in AP-02.

Examples of the information gathered through the management system approach to hazard identification includes:

  • Audit findings and corrective action plans;
  • Incident and near-miss reporting, including trending - both positive and negative trends;
  • Regulatory non-compliance;
  • External inspection findings; and
  • Right-of-Way assessments, among others.

As part of its hazard identification and risk assessment, TNPI uses a scenario modelling and consequence analysis approach to look at potential spill volumes and to analyze the resulting interaction and impact on identified receptors and high consequence areas. Combining the modelling, which includes high consequence areas, along with receptor identification, and aerial mapping, provides the information TNPI needs to complete a consequence analysis and develop an EM response approach.

Several TNPI EM documents provided for this audit protocol reference the use of ICS as part of a response to an incident or potential incident. The Initial Responders Handbook provides the field technician with step-by-step instructions to follow when first responding to a potential incident scene. This includes a detailed section on hazard assessment which provides a list of potential hazards the field technicians need to consider as part of their site assessment. Examples from this list include:

  • Heavy equipment movement and general vehicle traffic;
  • Hazardous energies (i.e., electrical, mechanical, chemical, thermal);
  • Potential sources of ignition;
  • Confined spaces; and
  • Open and/or frozen surface water to name a few.

The handbook goes on to state that ICS form 201-5 Site-Specific Health and Safety Plan should identify these potential hazards, and they must be clearly communicated to responders. Should the incident be serious enough to require a larger response, the ICS system strongly encourages the use of a Safety Officer, among other roles, as part of the response. In addition, to further assist with the safety of responders and the public, the development of a JSA to support the safety plan is also something TNPI will consider during a response. According to TNPI documentation and its roles and responsibilities matrix, a Safety Officer works as a support officer for the Incident Commander and is responsible for developing and recommending measures for assuring personnel safety, and to monitor and/or anticipate hazardous and unsafe situations.

Interviews with EM and operations field staff yielded responses that were consistent with each other, as well as with the process documents discussed above.

TNPI provided records as evidence that the process was implemented. Examples of records included risk assessment worksheets for meter and valve sites, e-mails on daily hazard identifications, near-misses and incidents, process hazard assessments, Management of Change on a significant change in service along one segment of its pipeline, and receptor identification studies along a portion of its system. These assessments identified additional hazards related to the system, and recommendations on how to reduce associated risk.

TNPI has established and implemented a process that is appropriate for the nature, scope, scale, and complexity of its activities, and it is applied to the EMP and across the entire lifecycle of the pipeline.

AP-02 Hazard Inventory
AP-02 Hazard Inventory

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(d)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and maintain an inventory of the identified hazards and potential hazards.

Expected Outcome
  • The company has a compliant inventory that is established and maintained.
  • The inventory includes hazards and potential hazards associated within the company’s scope of operations and activities through the lifecycle of the pipelines.
  • Hazards and potential hazards are identified across all section 55 programs.
  • The inventory has been maintained, it is current, and is up-to-date including changes made to company operations and activities.
  • The inventory is being used as part of the risk evaluation and controls processes.

Relevant Information Provided by the Company

The following key documents and records are related to this finding:

  • Element 2 TNPI Risk Assessment and Management Supporting Guidelines
  • TNPI Risk Management Standard
  • Last Minute Risk Assessment (LMRA) Procedure
  • Job Safety Analysis Procedure
  • Emergency Response Program
  • TNPI Emergency Response Plan
  • 2023 update example of new threats identified
  • Example Daily Email sent HIDs, Near Misses & Incidents
  • TNPI Hazard Inventory EM Summary
  • Hazards Managed by EM Program Pillars
  • TNPI Field Safety Orientation Incident Section

The following interviews are related to this finding:

  • Day 1 of interviews with TNPI representatives to cover hazard identification (AP-01), hazard inventory (AP-02), and risk assessment (AP-03).
  • Day 2 of interviews with TNPI field staff – All audit protocols.

Finding Summary

TNPI has established and maintained an up-to-date inventory of hazards pertaining to the EMP. The corporate and program level registers complement one another with the protection programs linking to the corporate risk register through established touch points.
Detailed Assessment

During interviews, TNPI provided its corporate risk register for review. While this register is high-level, it does contain EMP hazards and potential hazards. TNPI indicated that each protection program is responsible for maintaining a much more detailed and refined level of hazards and potential hazards, which TNPI provided for the EMP. The corporate and program level registers complement one another with the protection programs linking to the corporate risk register through established touch points. This register is an output of the standards and guidelines discussed in AP-01. TNPI indicated the register is updated on a regular basis and includes the rationale for including or excluding each hazard from the subsequent risk assessment process. Program stewardship meetings and document reviews by the Process Safety function ensure the inventory remains complete and current.

Examples of hazards relevant to TNPI’s EMP included natural disasters, inadequate emergency response training, information technology/cyber-attack, inoperable emergency response equipment, etc. TNPI staff indicated the register is used as a lead-in to identify various controls for field staff.

Interviews with EM office staff and field supervisors yielded responses that were consistent with the content within the TNPI Risk Management Standard. Field technicians, while less familiar with the EM registry, were able to provide background information on each of the hazards when asked.

TNPI has established and maintained an up-to-date inventory of hazards, pertaining to the EMP, and this inventory is being used as part of the risk evaluation and controls processes.

AP-03 Risk Assessment
AP-03 Risk Assessment

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(e)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for evaluating the risks associated with the identified hazards and potential hazards, including the risks related to normal and abnormal operating conditions.

Expected Outcome
  • The company has a compliant process for evaluating risks that is established and implemented.
  • The method(s) for risk evaluation confirm that the risks associated with the identified hazards (related to normal and abnormal operating conditions) are based on referenced regulatory standards and are appropriate for the nature, scope, scale, and complexity of the company’s operations, activities, and are connected to the purposes and intended outcomes of the section 55 programs.
  • Risks are evaluated for all hazards and potential hazards and include normal and abnormal conditions.
  • Risk levels are monitored on a periodic basis and as needed and re-evaluated for changing circumstances.
  • Risk tolerance/acceptance criteria is determined for all hazards and potential hazards.

Relevant Information Provided by the Company

The following key documents and records are related to this finding:

  • Element 2 TNPI Risk Assessment and Management Supporting Guidelines
  • TNPI Risk Management Standard
  • Job Safety Analysis Procedure
  • TNPI Emergency Response Plan
  • Emergency Response Program
  • Engineering Project Management Manual
  • High Water Action Plan
  • Contingency Planning Process
  • Program Contingency Assessments and Plan Template
  • Safety Tip Tuesday – The Energy Wheel
  • MOC Document updated Intelex Summary
  • ERP classification change

The following interviews are related to this finding:

  • Day 1 of interviews with TNPI representatives to cover hazard identification (AP-01), hazard inventory (AP-02), and risk assessment (AP-03).
  • Day 2 of interviews with TNPI field staff – All audit protocols.

Finding Summary

TNPI has established and implemented processes to evaluate risks using both a semi-quantitative method for corporate risks and a more detailed semi-qualitative approach for program level risk assessments. This approach is appropriate for the nature, scope, scale, and complexity of its EMP. The process defines risk tolerance criteria and requires risk to be monitored at a defined frequency. Associated programs and guidelines assure risks are assessed for both normal and abnormal condition hazards. Interviews and records demonstrate the process has been implemented.

Detailed Assessment

TNPI pointed to its Risk Management Standard as the process, procedures, and work instructions required for this audit protocol. The standard goes on to say [a]t the corporate level, TNPI’s high level risk assessment process applies a semi-quantitative risk assessment methodology[…] at the protection program level the standard states In lieu of the semi-quantitative risk assessment model, TNPI processes and programs may apply more detailed quantitative methods to evaluate program -specific risks and prioritize risk treatment plans. Examples of more quantitative assessments completed by TNPI were provided in the form of Hazard and Operability studies and project stage gate reviews. TNPI indicated that, if unacceptable risks are identified, the EMP will revise its existing operational controls or add additional controls to ensure the risks are mitigated.

As part of TNPI’s hazard identification and risk assessment work, it looks at and takes into account inherent and residual risk. Inherent risk is the level of risk involved in an activity that does not take into account any controls or barriers. Residual risk is the level of risk that exists after controls and barriers have been established and implemented. The EMP will continue to add controls and barriers until the level of risk has been reduced to a point where TNPI considers it acceptable. TNPI also indicated that it will periodically reassess risks to determine if risk levels remain acceptable or if changes have occurred requiring additional controls or updates to existing controls.

TNPI’s EMP document states that it will apply the risk evaluation process at least once every three years, or when new EM related hazards are identified by:

  • Management of Change needs;
  • Incident Management;
  • Audit, Inspection and Assessments;
  • Exercise After Action Reports;
  • Management Review; and
  • Last Minute Risk Assessments.

To complete its semi-quantitative risk assessments, TNPI uses a four by five risk matrix with consequence and probability on the axis. To estimate the potential consequence of a specific hazard or risk, existing mitigation measures or activities need to be considered to mitigate the hazard. Consequences are considered for the following categories:

  • Health & Safety;
  • Environmental;
  • Reputational;
  • Regulatory; and
  • Financial.

Probability is determined by looking at a scale from certainty to unlikely dividing into five different levels. Each level has a range associated with it from starting at a probability of occurring potentially yearly to practically impossible to occur. When applying the consequence determination along with the probability of occurrence to the risk matrix, a risk tolerability level can be determined. Each risk level defines what a specific role, such as the Program Owner or the Accountable Manager, is accountable to complete to mitigate the risk and bring the residual risk level down to an acceptable range. The risk levels and accountabilities reach to the President of the company and require sign-off for Level 1 risks should they be identified.

During interviews with TNPI staff, they indicated that abnormal operating conditions are brought into the risk assessment process. Examples were provided of this being done for the Nanticoke facility and a discussion was held on an assessment recently completed on the Montreal pipeline segment.

Interviews with company staff provided responses that were consistent with the processes and standards discussed above. Field staff were able to discuss risk assessments, JSAs, process hazard assessments, and last-minute risk assessments that they complete during routine work assignments. Field staff also indicated that, for EM field exercises, they have written JSAs and Safe Work Permits (SWPs) as part of the exercises. TNPI staff indicated that JSAs and SWPs work together and require all work groups to sign on to each other’s permits to communicate with everyone what is needed to work safely and in an environmentally friendly manner.

TNPI has established and implemented a process to evaluate risks, and the method is appropriate for the nature, scope, scale, and complexity of its EMP. The process defines risk tolerance criteria and requires risk to be monitored at a defined frequency.

AP-04 Making Employees and Others Aware of their Responsibilities
AP-04 Controls

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(l)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for making employees and other persons working with or on behalf of the company aware of their responsibilities in relation to the processes and procedures required by this section.

Expected Outcome
  • The company has a compliant process for making employees and other persons aware of their responsibilities.
  • Responsibilities are defined for employees and those other persons working on behalf of the company in relation to the processes and other requirements for paragraphs 6.5(1)(a to x) of the OPR.

Relevant Information Provided by the Company

The following key documents and records are related to this finding:

  • Emergency Management Program
  • Element 5B Learning and Competency Supporting Guidelines
  • Element 11 Stakeholder Management and Community Relations Supporting Guidelines
  • Corporate Training Program & Policy
  • Learning and Competency Process
  • Element 10 Emergency Management Supporting Guidelines
  • Emergency Response Liaison & Continuing Education Program Approach
  • Safe Work Permit Procedure
  • TNPI North Dundas Fire
  • Exercise ICS 204 Air Monitoring Assignment
  • TNPI Field Safety Orientation Incident Section
  • Submitted Job Descriptions for roles interviewed.

The following interviews are related to this finding:

  • Day 3 of interviews with TNPI representatives to cover roles & responsibilities (AP–04), and communications (AP–05).
  • Day 2 of interviews with TNPI field staff – All audit protocols.

Finding Summary

Using a combination of training and stakeholder management, TNPI was able to demonstrate that it has processes in place to meet this audit protocol requirement. TNPI demonstrated that it is making employees and others aware, such as third-party contractors and stakeholders, of their responsibilities in relation to the EMP. Through the use of planned training exercises, both TNPI staff and third-party contractors are exposed to the various roles and responsibilities they would be required to fill if an incident did occur.

Detailed Assessment

TNPI pointed to a combination of training and stakeholder management process documents to address the requirements of this audit protocol. The Learning and Competency Process sets out the parameters which verify the competency of the various positions within TNPI and ensure staff are performing their jobs as required. Specifically, the EMP training is developed as part of this process and is to be applied by the EMP leadership. The EMP documentation points to the Stakeholder Management and Community Relations Standard to provide TNPI’s overall internal and external audiences and the required communication needs. This leads to continuing education and liaison with external stakeholders and Indigenous rights holders. These external stakeholders include the first responders and emergency response personnel in the communities where TNPI’s assets are operated.

Within TNPI’s documentation, roles and accountabilities for training are detailed starting with the CEO and moving down through the various leaders and training providers until it reaches the responsibilities of the individual worker which includes employees and some contractors. As part of having a competent workforce, who are aware of their responsibilities to respond to incidents, and as discussed above in the audit report, TNPI uses the Incident Command System. According to the EMP documentation, TNPI’s Emergency Response Team is to be trained in ICS 100, 200, and 300 level courses depending on their response role and overall responsibilities. During interviews with field staff and a review of training records, the auditors were able to verify this training has been completed. The EMP also outlines where additional role specific ICS training is required, such as for the Incident Commander, Environment Unit Leader, and the Operations Section Chief, to name a few.

To maintain the EM competency amongst its staff, TNPI has an annual EM exercise plan. These exercises are scenario based to test a wide range of potential emergency events and can include tabletop or full-scale exercises. TNPI’s staff and contractors’ response to these exercises is evaluated by TNPI senior EM staff and external agencies such as the CER. TNPI staff indicated that they open the exercise participation to external stakeholders, municipal response personnel, and Indigenous rights holders if they wish to participate and gain insight into how a potential response would take place.

The EMP documentation indicates that the program is to follow the Contract Management Standard and the Contractor Management Procedure with regards to third-party contractors. TNPI indicated that for most third-party contractors, the hiring manager is responsible for assessing competence of the third-party prior to them being hired. Generally, this is completed via prequalification during the procurement process. Follow up field orientations and participation in spill response exercises is part of the orientation of third-party contractors into TNPI’s operations.

Interviews with TNPI staff yielded responses that were in alignment with the processes, procedures, and guidelines discussed above. TNPI staff indicated the emergency exercises were integral to teaching, maintaining competency, and communicating the responsibilities related to emergency response to relevant internal and external stakeholders and Indigenous rights holders.

To determine implementation of the processes and procedures listed above, the auditors sampled a variety of records pertaining to the EMP, staff training status and training requirements, training records for field staff interviewees, and records generated during a large-scale emergency exercise. TNPI was able to provide all records.

TNPI has established and implemented processes for making employees and others aware, such as third-party contractors and stakeholders, of their responsibilities in relation to the EMP.

AP-05 Internal and External Communications
AP-05 Internal and External Communications

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(m)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for the internal and external communication of information relating to safety, security, and protection of the environment.

Expected Outcome
  • The company has a compliant process that is established and implemented.
  • The methods for both internal communication and external communication are defined.
  • The company is communicating internally and externally related to safety, security and protection of the environment.
  • Internal and external communication is occurring and it is adequate for the management system and section 55 program implementation.

Relevant Information Provided by the Company

The following key documents and records are related to this finding:

  • Emergency Management Program
  • Element 11 Stakeholder Management and Community Relations Supporting Guidelines
  • Communications Process
  • Stakeholder Management & Community Relations Standard
  • Communication with Property Owners
  • TN Brochure TNPI East
  • Stakeholder Calendar

The following interviews are related to this finding:

  • Day 3 of interviews with TNPI representatives to cover roles & responsibilities (AP-04), and communications (AP-05).
  • Day 2 of interviews with TNPI field staff – All audit protocols.

Finding Summary

Applying the Communications Process, and the Stakeholder Management & Community Relations Standard, TNPI demonstrated that it has a communication process that defines methods for both internal and external communication. TNPI is communicating messages relating to safety, security, and protection of the environment both internally and externally, and the communications are adequate for the EMP. Interviews and records demonstrate the process has been implemented.
Detailed Assessment

TNPI pointed to the Stakeholder Management & Community Relations Supporting Guidelines, the Communications Process, and the Stakeholder Management & Community Relations Standard as the documentation where the requirements are found for this audit protocol. These documents are linked to the EMP through the Communications Process document where it states [t]his Communications Process applies to the TNPI’s OEMS, and all underlying standards, systems, programs, processes, activities and regulations required managing its assets throughout its lifecycle. The EMP fits under the OEMS umbrella along with its standards and related documentation.

The Communications Process and the Stakeholder Management and Community Relations standard go into detail on TNPI’s external communications processes and activities. Items such as stakeholder analysis, developing an annual communication plan, reviewing and executing an annual communication plan, evaluating communication program performance, training of those carrying out the communications plan, and identifying corrective actions are just some of the steps involved in fully implementing TNPI’s external stakeholder communications process. The TNPI Stakeholder Calendar tracks required communications by identified groups, defines who is to lead, and holds records of engagement and outcomes.

The Stakeholder Management and Community Relations standard provides details on the roles and responsibilities that are in place for the execution of this process. The responsibilities start with the Director of Regulatory and External Affairs and flow through several layers of management ending with TNPI’s employees. The standard also indicates what training needs to be completed as part of this standard.

Internal communications are also identified and addressed in the Stakeholder Management and Community Relations standard. The standard states [i]nternal communications activities include updates from the TNPI Leadership Team and others to employees, contractors, and shareholders, as well as communications training. The standard goes on to break down internal communication activities and expectations as:

  • Regularly engage with employees, contractors, and shareholders;
  • Monthly Health, Safety, and Environment meetings along with quarterly Town Hall sessions;
  • Reinforce TNPI’s Safety Culture through strategic and ongoing safety focussed touch points;
  • Participate in daily employee discussions; and
  • Encourage transparent, two-way communications to inspire confidence and build trust in the TNPI leadership team to name a few.

Interviews with TNPI staff yielded responses that were consistent with each other, as well as with the process and standards documents discussed above.

TNPI provided several samples of records related to external communication. The first example is a TNPI brochure, provided in both English and French, that contains information related to emergency management, including emergency contact numbers, what to do in the event an incident is observed, and signs of a product release. Another example is a mailout, again in both English and French, announcing TNPI’s revised and updated website for stakeholders and the public to use.

TNPI has a communication process that defines methods for both internal and external communication. The company is communicating messages relating to safety, security, and protection of the environment both internally and externally, and the communications are adequate for the EMP.

AP-06 Document Management
AP-06 Document Management

Finding Status

No issues identified

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(o)

Regulatory Requirement

The company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for preparing, reviewing, revising, and controlling those documents, including a process for obtaining approval of the documents by the appropriate authority.

Expected Outcome
  • The company has a compliant process that is established and implemented.
  • The methods for preparing, reviewing, revising, and controlling those documents are defined for the management system and the section 55 programs.
  • Company personnel, who have a defined need, have adequate access to the identified documents.
  • Documents are managed and controlled using the defined process.

Relevant Information Provided by the Company

The following key documents and records are related to this finding:

  • Operational Excellence Management System Manual
  • Management of Change (MOC) Procedure
  • TNPI Emergency Management Program
  • TNPI Emergency Response Plan
  • Field Operations Guide – FOG
  • Document Management Process
  • Element 4 Data, Document and Information Management Supporting Guidelines
  • Intelex Document Control Procedure
  • Record Retention and Information Control
  • Critical Procedures Process
  • MOC Document updated Intelex Summary
  • Review & Revision Summary
  • TNPI Annual Review & Revision Summary
  • Incident Management Handbook Review

The following interviews are related to this finding:

  • Day 2 of interviews with TNPI representatives to cover document management (AP-06) and contingency planning (AP-07).
  • Day 2 of interviews with TNPI field staff – All audit protocols.

Finding Summary

TNPI’s EMP documentation follows the Data, Document, and Information Management Supporting Guidelines and associated programs to ensure proper creation and management of information. TNPI has established and implemented a process, which provides for the development, updating, reviewing, revising, and controlling of key EM-related documents. Relevant personnel, at both the field and office level, have access to these documents.
Detailed Assessment

TNPI pointed to its Data Document and Information Management Supporting Guidelines, the Document Management Process and the Intelex Document Control Procedure as the main documents that address the process requirements for this audit protocol. The EMP documentation states that it follows the Data, Document, and Information Management Supporting Guidelines to ensure proper creation and management of information. The Data Document and Information Management Supporting Guidelines:

  • States that documents, records, and information can be located and accessed under routine and non-routine conditions including emergencies at all locations where they are used;
  • Remains legible and readily identifiable;
  • Are periodically reviewed, revised as necessary, and approved for adequacy by authorized personnel;
  • Are classified and protected based on the risk presented by inappropriate, inadvertent or malicious disclosures;
  • Are fit for purpose.

TNPI staff indicated that EM exercise documentation is stored within its ICS system software provided by the one of its main response contractors. These documents are searchable, and the information is stored for future review and use.

The software system referred to as the Intelex document control system (Intelex), provides TNPI’s centralized system for managing its operating information. In addition, Intelex ensures the most current documents and records are centrally stored and accessible to TNPI staff that need them. As an example of this, TNPI indicated the entire Hazard Inventory resides within Intelex. The auditors found that, during their document review, some documents appeared to be dated and in need of updates. However, during interviews TNPI staff were able to explain how its version history and document access history is maintained in Intelex and the documents are reviewed on at least a three-year cycle, and only when updates are made to the document does the date change on the cover page.

The Document Management process outlines TNPI’s approach to developing and implementing document management from creation, to review, approval, issuance, and revision control. The Intelex Document Control Procedure contains a roles and responsibilities section which explains document author and document owner responsibilities related to the creation, approval, and updating of existing or new documents. The TNPI management of change process is used to manage changes to key TNPI documents.

Interviews with TNPI staff provided responses that were consistent with each other, as well as with the process and guideline documents discussed above. For example, all interviewees were aware of the ICS software and how it works for exercises and incidents.

TNPI provided multiple examples of documents and records related to the EMP that have gone through the process and procedures discussed above. Some examples include records of past exercises, past JSA’s, PHA’s, and SWP’s that have been used as part of the EMP. During attendance at the EM exercise in the fall of 2025, CER staff were allowed to see the ICS TRG software in action and were able to ask questions about its functionality and abilities.

TNPI has established and implemented a process which provides for the development, updating, reviewing, revising, and controlling of key EM-related documents. Relevant personnel, at both the field and office level have access to these documents.

AP-07 Contingency Planning
AP-07 Contingency Planning

Finding Status

Non-compliant

Regulation

OPR

Regulatory Reference

Paragraph 6.5(1)(t)

Regulatory Requirement

A company shall, as part of its management system and the programs referred to in section 55, establish and implement a process for developing contingency plans for abnormal events that may occur during construction, operation, maintenance, abandonment or emergency situations.

Expected Outcome
  • The company has a compliant process that is established and implemented.
  • The company has methods for developing contingency plans for abnormal events that include construction, operations, maintenance, abandonment, and emergency situations.
  • The company’s contingency plans are developed, maintained, and apply to all section 55 programs.
  • The company has the ability to implement contingency plans when required, for one or all section 55 programs at the same time.

Relevant Information Provided by the Company

The following key documents and records are related to this finding:

  • TNPI Emergency Management Plan
  • Emergency Management Program
  • Contingency Planning Process
  • Program Contingency Assessments and Plan Template

The following interviews are related to this finding:

  • Day 2 of interviews with TNPI representatives to cover document management (AP-06) and contingency planning (AP-07).
  • Day 2 of interviews with TNPI field staff – All audit protocols.

Finding Summary

TNPI has a process for developing, assessing, and approving contingency plans for abnormal events including emergency situations. However, the process, at the time this audit was conducted, did not yet meet all of the requirements to be considered fully established and implemented.

Detailed Assessment

TNPI pointed to its EMP documentation and the Contingency Planning process document to meet the necessary process requirements for this audit protocol. The Contingency Planning process states that it […] aims to identify, prioritize, and prepare contingency plans to address abnormal operating conditions and minimize their potential impact. Developing a contingency plan involves making decisions in advance about the management of human and nonhuman resources, coordination, and communications procedures, and being aware of a range of technical and logistical responses that may be required by TNPI Programs. It goes on to state that [t]his Contingency Planning Process provides guidance for the systematic identification and assessment of abnormal events or situations including roles, responsibilities and steps to ensure adequate actions are taken if an abnormal event or situation occurs. Furthermore, this process exists to:

  • Identify potential program level abnormal operating conditions or events that may require the development of a contingency plan;
  • Support the assessment and prioritization of abnormal events;
  • Support the planning of required contingencies;
  • Outline the requirements for periodic reviews and updates as required.

    • The Contingency Planning process indicates that a contingency plan may be created as a control, in response to a hazard or potential hazard, and to reduce the likelihood or to mitigate the impact if the event or scenario were to happen. It goes on to state that contingency plans are inputs to the corporate risk register and used as means of controlling abnormal operating conditions.

    TNPI’s documentation indicates that a contingency plan should be developed to allow program staff to manage an abnormal operating condition and to return to business as usual. When documenting a contingency plan, the Contingency Planning process provides the following guidance to the author:

    • Identify the trigger – what will cause you to implement the contingency plan;
    • Determine who is in charge at each stage and what reporting they must follow;
    • Define time periods, i.e., what’s to be done in the first hour, the first day, the first week;
    • Keep the plan simple and use plain language – you never know who will read and implement the plan when it's needed;
    • Consider related resource restrictions – such as if the organization will be able to function the same way if you have to implement a contingency plan, or if the contingency plan will reduce capabilities;
    • Identify unique needs of staff involved in executing the contingency plan that are not normally required;
    • Define success – what you will need to do to return to business as usual.

    While the Contingency Planning process document provides significant direction for TNPI staff on how and when to address contingencies, it does not meet the CER’s test for being an established and implemented process. The audit notification letter was sent to TNPI on 2 September 2025, and this process document was not released until 10 October 2025. The CER’s longstanding criteria for a document to be considered established and implemented are that it must beFootnote 1:

    • Developed in the format required by the company;
    • Approved and endorsed for use by the appropriate management authority;
    • Communicated throughout the organization;
    • Provided to staff and third-party contractors who use the processes and who have been adequately trained on how to use it;
    • Able to show that staff and others working on behalf of the company have demonstrated use of the process;
    • Supported by records and interviews that provide evidence that the process has been fully implemented;
    • Implemented on a permanent basis, meeting all of the prescribed requirements, for at least three months.

    Because the Contingency Planning process was only approved one month after TNPI was notified of the audit, versus the required period of three months, it is not considered implemented.

    During interviews, TNPI staff were able to demonstrate the document has been, internally, considered a draft document since 2022. It was noted during review of the Contingency Planning process that some of the element owners have completed the Contingency Planning process for their respective programs, including Operations and EMPs, and that training has been completed with element owners on the contingency planning process and requirements.

    Interviews with TNPI staff yielded responses that were consistent with each other, as well as with the process documents discussed above.

    Examples of contingency plans reviewed include the EM Contingency Planning Document, Business Continuity and Recovery Plan, TNPI Pandemic Plan, and the Disaster Recovery Plan.

    TNPI has a process for developing contingency plans for abnormal events including emergency situations. However, the process, at the time this audit was conducted, did not yet meet all of the requirements to be considered fully established and implemented.

    Top of Page

    Appendix 2: Terms and Abbreviations

    For a set of general definitions applicable to all operational audits, please see Appendix I of the CER Management System Requirements and CER Management System Audit Guide found on www.cer-rec.gc.ca.

    Appendix 2: Terms and Abbreviations

    Term or Abbreviation

    Definition

    CAPA

    Corrective and Preventative Action Plan

    CER

    Canada Energy Regulator

    CER Act

    Canadian Energy Regulator Act (S.C. 2019, c.28, s.10)

    EM

    Emergency Management

    EMP

    Emergency Management Program

    ERP

    Emergency Response Plan

    ERT

    Emergency Response Team

    ICS

    Incident Command System

    Intelex

    Intelex document control system

    JSA

    Job Safety Analysis

    LMRA

    Last Minute Risk Assessment

    MOC

    Management of Change

    OPR

    Canadian Energy Regulator Onshore Pipeline Regulations (SOR/99-294)

    OEMS

    Operational Excellence Management System

    PHA

    Process Hazard Assessment

    SME

    Subject Matter Expert

    SWP

    Safe Work Permits

    The company

    Trans-Northern Pipelines Inc. (TNPI)
    Top of Page
    Date modified: