Life is full of risks. In our personal lives there are a multitude of risks that we face almost daily. And in business, the risks can have huge financial consequences. In our business, we know that industrial control system projects are full of risks, that can also have huge financial impacts. Those projects involve sophisticated design of highly technical systems that monitor and control complex manufacturing processes. That is the ideal picture of a risk breeding ground.
As the project owner, you are concerned about a number of issues. You know that any problems with the project could cost your firm thousands, maybe millions, of dollars of lost production if things go wrong. Not to mention the impact on delivery commitments.
Risk Mitigation Strategies
If risk mitigation is defined as the process of taking action to reduce the adverse affects of risk, then your strategy must be to determine how you’re going to face risk and what steps you’re willing to take. There are essentially four possible strategies, as follows.
- Risk Acceptance: You recognize the risk and accept the possible consequences, while hoping that nothing goes wrong. This is a lot easier to do when the projects are small and the consequences of any problems are not serious. On large projects, it is often said that hope is not a strategy.
- Risk Avoidance: You could choose to not do your project. No project means no risks. This is the equivalent of kicking the can down the road because the long-term risk of not implementing a control system upgrade or replacement is likely to be greater than the short-term risk of moving forward.
- Risk Transference: You contractually require the SI to accept all the risk associated with a project. This sounds great, but you are unlikely to find an SI willing to accept 100 percent of the risk. This could leave you in the same position as a risk avoidance strategy.
- Risk Limitation: You find an SI who shares your understanding of the risks, has the elements in place to minimize risks, and can help you with steps you can take to also minimize risks.
Selecting an Integrator
Generally speaking, you will find the best strategy to be working with an SI that can help you with risk limitation, though in some cases, you may find integrators willing to accept some degree of risk transference, depending on the circumstances. However, since SIs typically have a high degree of risk on their shoulders already, transference is usually a strategy unlikely to be available.
Often, the characteristics you will need to look for in the SI you choose for your project will be part of the risk limitation strategy. We won’t try to repeat those characteristics here, but one of the goals of CSIA certification is to help identify the SIs that have such characteristics in the way they perform their business.
Project Structure and Delivery
Another factor that can come into play is the project structure itself. Choosing between a fixed fee structure or a cost-plus structure can alter where the bulk of some risks reside. A rarity, but one I’m personally familiar with, involved a construction contractor that would put a portion of its fee in a cost-plus project into an escrow account. At the project’s completion, the owner was able to determine how much of that escrowed fee the contractor would get based on the owner’s assessment of the contractor’s performance. Genuinely a shared risk approach.
What is less often considered a factor, but can loom just as large, is the use of a design-build project delivery approach to mitigate risks. With a single entity handling both engineering and construction, the risks of schedule slippages are greatly reduced. Also, the single point of responsibility for project performance can eliminate the type of conflicts that sometimes arise between engineer and contractor at project handoff points.
What Concerns You
There are several things you want to know about the system integrator (SI) about to take on your industrial automation controls project:
- Is the SI financially stable, with the resources needed to take on your project? Have they ever had to walk away from a project?
- Does the SI have the expertise, with your industry and your equipment, to do a high quality design and installation?
- Does the SI have the quality and safety standards and process in place to play a role in risk mitigation?
- Does the SI have sufficient depth of experience in the automation and controls industry? Can they bring to bear outside resources if necessary?
- Does the SI have a strong track record of project management? Are their PMs certified?
- Is the SI big enough to scale up their resources for your project?
- How good is the SI at communicating and sharing project data with the owner?
The wrong answers will significantly increase the risk to you. The right answers demonstrate that the SI has in place industrial risk mitigation services and process that help reduce the risk to you.
Conclusion
Yes, implementing an industrial control system upgrade is likely to be a complex project with plenty of risk inherent in it. But the risks of not doing it could be way worse. Your system could become expensive, even impossible, to maintain. You could leave your processes vulnerable to cyber security risks. You many miss out on productivity improvements available only with an upgrade.
The key is to recognize and understand the risks you’ll face. Then find an SI who also understands risks and knows how to employe industrial risk mitigation processes to minimize those risks.
For additional information related to risk mitigation, check out the description of CSIA certification, designed in large part to help mitigate risk for industrial control system project owners. You can also check out our own page on industrial risk mitigation.
