IQPC data and document management in oil and gas, Dubai

PDO on how to fix ‘guerilla filers,’ KOC reports on real-time failures and how to avoid them, ODC shopping for environmental compliance system, PDO— ‘everything you wanted to know about compliance but were afraid to ask!’ BSI Systems and Qatargas on information and data security.

Khalfan Said Al Sinawi, described Petroleum Development Oman’s (PDO) ‘journey’ to records management. A new central archive building offered the opportunity to get a handle on PDO’s physical document archive. This had suffered in the past from ‘guerilla filing’ with everyone tending to do their own thing! Records management is growing in importance as virtually any document, from contract to correspondence, can have regulatory/compliance implications. Records have a lifecycle, from creation, through classification (adding metadata), through maintenance and disposal. Managers tend to avoid taking disposal decisions, so records managers provide guidelines on retention. Risk and regulation governs records management.

PDO’s information management team had developed tools for archival and subsequent search and retrieval. Incoming documents enter the workflow where they are catalogued, boxed and barcoded before storage. Classification is done at the box level which has allowed for a very fast clean-up of the archive. The result is a tidy, well-run archive with 24,000 boxes that are now in store and catalogued in Fugro’s Traxx application.

One reason for the project’s success was that its scope was kept manageable. In particular, no digitizing was performed during the project. PDO is now in a position to perform ‘scan-on-demand’ of frequently used boxes and is planning to add the Shell E&P Catalog standard.

Kuwait Oil Co.’s Hamad Al-Zuabi told of successes and failures of real-time data projects. KOC’s production optimization information system (POIS) connects around 400 wells, but the system had limited use until last year. The problem was hard to identify. There were competent engineers and the technology supplied by Aspen Tech worked well. But something was missing in between. This issue was that there was no life cycle asset-focused process. People were asking ‘Why do we need real-time data?’ ‘Who is it for?’ ‘What problems does it solve?’

Al-Zuabi believes that staff need educating in the use of real-time data, particularly in the light of the ‘data tsunami’ that is approaching. KOC’s heavy oil projects will see increasing use of automation. The problem today is that POIS ownership is unclear, real-time workflows need developing and there is a lack of SCADA systems knowledge. Early attempts to develop real-time workflows for various activities were failures.

This situation is changing with the development of a web portal for KOC’s real-time data. The ‘Sahala’ portal was developed in house in Microsoft .NET code. It is used to automate workflows and provide access to data from both the POIS and in Schlumberger’s Finder. A daily production report now shows outstanding maintenance tickets. This immediately got management attention and is now used to pinpoint HR issues. SCADA systems are different, but the portal approach can be used to put information under the decision maker’s nose!

The Oil Development Co. (ODC) is establishing a road map for the participation of International Oil Companies (IOC) in Kuwait. Ahmed Thaher explained that ODC has signed a protocol with Kuwait’s environmental protection agency (EPA) and is actively seeking IT solutions for environmental compliance. ODC’s requirements are for an ‘agile’ compliance management system capable of providing timely data for interaction with IOCs. The system should embed the ISO 14000 standards.

Another PDO presentation, from Martin Farfan, promised ‘everything you want to know about compliance, but were afraid to ask!’ The last twenty years has seen huge growth in external/mandatory compliance. Compliance starts with business management systems. These can be decomposed into processes prior to implementing policies and standards for control and monitoring. Compliance is now embedded into the information lifecycle.

People present the main risk to compliance, and training and awareness are key. In general, employees are not experts in compliance! A compliance subject matter expert is needed, operating at discipline head-level.

Ahmad Rafiq Al Khatib (BSI Systems) presented a paper on information security management. What originated as a British Standard has now been ratified as the ISO 27001 information systems standard. The standard covers ‘socio-enviro-financial risk’ associated with written, spoken and computer information. It is not (just) an IT standard. Some Emirates mandate 27001 so the standard will soon impacts Middle East National Oil Companies and government organizations. Risk based management systems are ‘an investment in your company’s future.’ In the Q&A, Martin Farfan noted that many oil companies have internal procedures and audits that are on a par with ISO 27001.

Keith Ballantyne (Qatargas) spoke on project information and data security – and on the need for up-front project security audits to ‘strike a balance between bureaucracy and security/access. The appropriate yardstick is the ISO 27001 as above. Company data today is available in hard copy, Fax, in document management systems, on shared drives, USB keys, email and laptops. Many users save data to a laptop hard drive without backup. Security goes beyond access control. Data on laptops and CDs needs encryption in case critical financial information is left in the airport. DOD certified ‘e-shredding’ software is used. And ‘Joe the thief’ occasionally roams around Qatargas’ offices confiscating CDs and laptops that have been left lying around!

This article is an abstract from The Data Room’s Technology Watch report from the IQPC Dubai conference. More information and samples of this subscription-based service from and

Click here to comment on this article

Click here to view this article in context on a desktop

© Oil IT Journal - all rights reserved.