Risk Assessments
This topic has a brief overview and covers:
The objective of Risk Management is to reduce or eliminate unacceptable risks and manage the overall exposure in a cost effective manner.
The total risk to an organization includes direct and indirect consequences of failures. To determine this total exposure, infrastructure managers need to assess the relative risk of each individual asset.
Well-managed organizations are those that appreciate and control the risks involved in their business or service delivery.
Managers of major infrastructure portfolios experience several conflicting impacts on their activities, namely:
- Economic environment resulting in:
- Reduced capital budgets for replacement and rehabilitation works ("just in time" investments)
- Reduced recurrent expenditures for maintenance
- Ageing infrastructure stocks with a greater probability of failure
- Greater customer awareness, with demands for a higher level of service from existing assets and the provision of new services
- Increased accountability for service failure and resulting litigation
- Demands for cost effective, commercial, business-like performance.
For many passive community infrastructure assets, the deferral of maintenance and renewal works will not immediately affect the performance of the assets.
However if this process is continued without assessing the full ramifications (including the risk cost of the consequences of failure), then an organization may find that the compounding problems of the ageing infrastructure cannot be rectified even with substantial investment.
The key elements of risk engineering/management for infrastructure assets are:
- Risk Identification
- Identification of the fault tree
- Pre-event influences
- Control systems available
- Failure event outcomes - consequences
- Post event influences.
- Risk Quantification, determining the economic cost of the failure (risk cost) to the business including:
- Cost to repair asset and ancillary damage
- Loss of business
- Other ancillary costs:
- Social
- Business
- Political.
- Risk Evaluation, assessing the current risk cost to determine its severity and level of acceptability.
- Risk Control, developing a strategy to either:
- Reduce or eliminate probability of failure effectively
- Reduce the impact of the failure for those events that are not cost effective or have a random probability that is difficult to assess. (Failure management plans).
Risk assessment and management is a key ingredient of advanced life cycle asset management.
Well-managed organizations are those that assess and control the risks involved in their business or service delivery.
In a competitive environment, it can also be argued that private and public enterprise must continue to add value in providing that service, i.e. must "do more with less" in order to survive.
The cost of service is relatively easy to determine, however the level of service will be more difficult to determine. How authorities handle the ageing asset problem and the associated risk will be extremely important. All service organizations owe a duty of care to their customers. A system must be in place that can defend them from litigation after asset failures.
From a business point of view, this will amount to reducing the organization's costs and level of service to a point just above the level that would result in significant increases in customer complaints. However the problem with long-lived passive assets is the difficulty in predicting, with a high degree of confidence, the time at which failure or a sharp decline in level of service is likely to occur.
Organizations need to be aware that reduced or delayed maintenance and renewal will not only reduce immediate costs, but may also:
- Decrease levels of service
- Increase the risk of failures
- Shorten the effective life of the asset.
In the area of capital investment, effectiveness should be based on an acceptable return on capital, with new investment being made as late as possible (just in time), which requires accurate risk assessment.
If the organization delays investment in the area of infrastructure renewal, then they can expect greater numbers of failures. This constitutes a risk cost (or a loss) to the organization through the consequences of these failures. This will relate to loss of service or system failure. However in some cases it could result in litigation or even loss of life. Risk management (loss reduction) will become a critical activity for all business units in these organizations.
A uniform approach to risk reduction as part of Advanced Asset Management is essential. Organizations must develop a clear picture of the assets that provide the services, current asset condition, decay profile, mode of failure, and the rehabilitation or replacement required to meet the minimum acceptable level of service, as expected by the customers, without compromising on the acceptable level of risk.
Risk cost to the organization needs to be assessed for all failures, from those needing minor maintenance to major catastrophic structural failures. The reduction or avoidance of risk needs to be quantified as a benefit to the business.
RISK
COST | = | COST OF THE CONSEQUENCES
OF FAILURE
TO MAKE THE INVESTMENT | X | PROBABILITY OF THE
FAILURE OCCURRING |
The main functional activities of risk management involve:
- Analyzing the risk of failure
- Determining the economic cost of the failure to the business (risk cost)
- Reducing the risk of failure cost effectively
- Developing failure management plans for those failures that cannot be cost effectively avoided or predicted with suitable accuracy.
Risk management should be carried out as a normal part of asset management. The situations will change for individual assets, and for the systems of which they form part, throughout their lives, and as demands for the service they provide change.
Responsible asset managers need to be able to:
- Determine the mode of failure e.g. Capacity, Performance, Structural Integrity
- Predict the point in time when failure is likely and therefore determine as accurately as possible the probability of failure as the asset decays
- Determine the relative merits for maintenance or renewal expenditure, based on a verifiable benefit cost throughout the life of the asset
- Monitor maintenance costs, causes and rectification activities and take action to cost effectively:
- Eliminate or reduce the cause of the failure
- Reduce the consequences and the costs of rectifying the failure
- Analyze investments in proposed works programs for all assets, and determine priority between asset types and asset groups within the asset type
- Direct their finite resources to achieve the greatest benefits including risk reduction
- Apply control measures to those assets in which risk reduction is possible. In general pre-event control is more cost effective than post-event control, however, managers need to identify the most viable option.
Risk assessment and management should be an integral part of an organization’s life cycle asset management. It is a vital part of any business plan for infrastructure utilities.
The key quality areas include how well the organization:
- Identifies the risk (types) that their business faces
- Assesses the impact of these risks
- Manage the risks identified.
For most utility businesses the key types of risk they face include:
- Commercial business risks (including regulatory risks)
- Customer expectations and political implications
- Product and service delivery failures covering both quality and quantity and degrees of failure.
The four main elements of the risk management process are:
- Risk identification
- Risk quantification
- Risk evaluation
- Risk control.
The software or tools will determine the level of sophistication of the risk assessment and management. This will normally match the types of information available or collected by the business.
Risk assessment can use basic point matrix, complex points matrix or economic cost models. The extent of analysis may range from a risk area at the macro level to the detailed analysis related to asset type or even the modes of failure.
In the more advanced system, it should be possible to predict the probability of failure based on the past failure /maintenance histories, the condition of the assets, or the operating environment.
Appropriate commercial tactics can enhance the cost effectiveness of risk management.
Commercial tactics should include the ability to identify the various risk assessment and management tasks, and can:
- Relate this to an organization’s “in house” skills and resources
- Decide how best to allocate these tasks to:
- In house resources
- Specialist risk management staff or team
- External risk management consultants.
A prudent but cost effective approach is to:
- Carry out the initial filter on the overall risk areas
- Instigate a delegated authority to oversee the responsibility
- Apply high priorities and urgent actions to those risks deemed as critical.
It is of paramount importance that risk management is included in the corporate policy documents and be an integral part of all Total Asset Management Plans.
The organization will continuously review the risk assessment process and develop risk criteria that take account of economic thresholds for general application in the decision making process. A strategy for introducing risk management throughout the organization should be in place. Guidelines on risk management should be developed and made readily available to staff responsible for such activities.
Staff and works resources commensurate with the risk priority should be allocated so that the organization can:
- Comply with all statutory requirements
- Ensure health and safety of all staff and public
- Ensure all business obligations are met
- Undertake and maintain an effective risk management program.
Staff duty statements should clearly indicate risk assessment / management roles and responsibilities. Staff should be made aware of where risk management authority sits and the corporate sponsor and structure for such activities.
All staff responsible for the management of the organization should be trained to an appropriate level to ensure that risk management practices can be effectively applied.
The organization should develop their asset management plans using these risk management guidelines.
All risks should be identified and the plans should identify the risk reduction strategies and actions and report on the overall residual risk exposure that the organization carries.
The main functions of risk management involve:
- Identifying and analyzing the risk of failure
- Quantifying the risk cost
- Evaluating the acceptable risk level
- Undertaking risk control measures.
These activities should be carried out as a normal part of asset management. The situations will change for individual assets, and for the systems which they form part of, throughout their lives, and as demands for the service they provide change.
The initial analysis of risk is an essential activity of good asset management, however activities arising from this analysis need to be assessed on a benefit/cost basis.
Identifying the risk, or the consequences of failure of an asset, has many uses in the field of advanced asset management:
- It permits the identification of critical assets. This can be achieved through:
- Developing asset maintenance strategies and plans based on reliability centered maintenance (RCM), failure modes effect, and criticality analysis (FMECA)
- Determining the economically viable level of monitoring for the asset with respect to both condition and performance
- Determining the key operational monitoring points for remote controlled SCADA or other automatic control systems.
- It becomes the driving force for the creation of failure management plans
- It can assist in "cause" and "activity" analysis to help optimize maintenance activities
- It is essential in the evaluation of all investment opportunities including additional maintenance, renewal and asset replacement.
The acceptable level of risk differs from organization to organization depending on how risk averse or risk inclined an organization is, and also depending on the circumstances and environment in which the failure may occur. The current risk costs to two similar assets may be the same, but because one enjoys a higher profile than the other, the acceptable level of risk for the two assets may be different.