Lockout/Tagout (LOTO) Procedure Register: Always the Current, Verified Procedure
Hold every machine's lockout/tagout procedure — energy sources, isolation points, steps, verification — in one approved register; log each LOTO event against the current revision; and prove the required periodic review is done, with an EHS sign-off gate before any procedure goes live.
An internal web tool where maintenance/EHS enter a machine's LOTO procedure, an EHS lead reviews and approves it before it becomes the current revision, technicians always see the current approved procedure, every LOTO event is logged against that revision, the annual review is reminded and signed off, and you export the full LOTO register — with nothing going live until a person approves it.
Before you start
- A Supabase account (free)
- A Vercel account (free)
- A Resend account (free)
- Exports you already have: a per-machine LOTO procedure CSV (energy sources, isolation points, steps) and review dates, plus any procedure documents to upload
- Your sign-off rules (who approves a procedure and a periodic review)
- Claude Code or any AI coding agent
The problem this kills
A maintenance tech walks up to a press to clear a jam. To do it safely, every energy source has to be isolated and verified de-energized — electrical, pneumatic, hydraulic, stored mechanical, the lot — in the right order, at the right isolation points. The procedure for this exact machine lives... where? In a binder by the line that's three revisions out of date? On a laminated card someone updated by hand? In a folder on a shared drive nobody trusts? If the tech works to the wrong procedure, or misses a stored-energy source the laminated card never mentioned, that's how people get hurt.
On top of that, the regulator (and your own EHS program) requires that each LOTO procedure is periodically reviewed — typically annually — and that you can prove the review happened. Most plants discover at audit time that half the reviews are overdue and nobody can find the sign-off. Then there's no record of which tech actually used which procedure on which day.
You don't need a six-figure EHS platform to fix this. You can build the register yourself, this afternoon — one place where every procedure is versioned, approved before it goes live, used in the field, logged on every event, and provably reviewed on schedule.
What you'll build
An internal web tool your EHS, maintenance, and supervisors log into. Maintenance or EHS enters a machine's LOTO procedure — its energy sources, isolation points, the step-by-step sequence, and the verification steps. Before that procedure becomes the one techs actually follow, an EHS lead reviews and approves it. Only on approval does it become the current revision; the previous one is kept in history, so you always know exactly what was live on any date.
Out on the floor, a tech opens the machine and sees the current approved procedure — never a stale draft. When they perform a lockout, they log the LOTO event against that revision: who, when, why, which machine. The tool tracks each procedure's next review date, emails a reminder before it comes due, flags anything overdue, and captures the periodic review sign-off when EHS confirms the procedure is still correct. Any revision repeats the same approval gate. When an auditor or a customer asks for proof, you export the full LOTO register — every machine, current revision, energy sources, last review, and event history — on demand.
What's inside the Implementation Plan
The downloadable plan is a single markdown file you paste into an AI coding agent. It opens by interviewing you about your own plant — how you identify machines and assets, your real energy-source categories, how your procedures are structured, your revision and approval rules, your review cadence, who's allowed to sign off, and your messy edge cases — and then it reads a short spec back for your thumbs-up before it builds anything. That's the difference between a register shaped to your equipment and naming and a generic template you'd have to fight.
From there it walks the agent through the data model (machines/assets, procedures and their revisions, energy sources, isolation steps, LOTO events, and review sign-offs), the procedure and review-date importers, the document-upload path to Storage, the EHS approval gate that promotes a draft to current, the technician-facing current-procedure view, the LOTO event log, the review-reminder and overdue logic, and the final register export. Every step ends with a ready-to-copy prompt. There's a full "No API yet?" path: import your procedure CSV, export a clean register CSV, and you never have to touch your CMMS or EHS system API to ship.
The governance it includes (this is the point)
In safety, the controls are the deliverable. The plan builds them in: a login so only your team can use it; row-level security so each plant or organization only ever sees its own machines and procedures; a complete audit trail of who drafted a procedure, who approved it, who logged each LOTO event, who signed off each review, and exactly when; a hard human-in-the-loop gate so no procedure becomes the current revision until EHS approves it — the tool drafts, a qualified person commits; and a duplicate guard (machine + procedure revision) so the same revision can't be published twice. Overdue reviews are flagged and chased automatically. That's the audit story your EHS director — and an OSHA-style auditor — actually wants.
Who it's for
EHS managers, maintenance leads and technicians, and production supervisors who own lockout/tagout and are tired of trusting a binder. If you can explain to a new tech how this machine is isolated and who's allowed to approve the procedure, you can build this — no developer required.
You've got this — open the plan, paste the first prompt, answer a few questions about how your LOTO program actually runs, and you'll watch your first machine's procedure go from draft to approved-and-current on its own.