The objectives of The Royal Academy of Engineering are to pursue, encourage and maintain

excellence in the whole field of engineering in order to promote the advancement of the
science, art and practice of engineering for the benefit of the public.

In pursuit of excellence
The Academy comprises the United Kingdom’s most eminent engineers of all disciplines.
It is able to take advantage of their wealth of knowledge and experience which, with the
interdisciplinary character of the membership, provides a unique resource with which to
meet the objectives.

Its activities include an extensive education programme, research chairs and fellowships,
visiting professorships, industrial secondments and international travel grants. It provides
expert advice on engineering matters to government and other bodies and administers the
UK’s premier annual prize for innovation in engineering,The Royal Academy of Engineering
MacRobert Award.

Election to The Academy is by invitation only. Up to sixty Fellows may be elected annually,
together with Honorary Fellows and Foreign Members who have made exceptional
contributions to engineering. All are elected by their peers for personal achievement of
exceptional merit and distinction. Fellows are distinguished by the title “Fellow of The
Royal Academy of Engineering” and use the designatory letters “FREng”.

The Academy was founded in 1976 as The Fellowship of Engineering on the initiative of
HRH The Duke of Edinburgh and a group of distinguished engineers. It was granted its
Royal Charter in 1983 and, with the gracious consent of HM The Queen, adopted the
present title in 1992.

The Royal Academy of Engineering

29 Great Peter Street,Westminster,
London SW1P 3LW
Telephone: 020 7222 2688 Facsimile: 020 7233 0054 Website: www.raeng.org.uk
Registered Charity No. 293074
 Contents

Introduction 2
The Strategic Context 3
Organising to Manage Risk 4
Risk Management and the Engineering Life Cycle 7
A Framework and Methodology for Assessing and Managing Risk 11
Systems 11
Risk Identification 12
Risk Assessment 12
Risk Management Process 13
Feedback Mechanisms 14
Conclusions and Recommendations 15

APPENDIX 1:
Management of Risk Through an Integrated Review process 16
APPENDIX 2:
Risk Management in R&D Projects 18
APPENDIX 3:
Members of the Working Group 20

1
 Introduction
This report summarises the conclusions of a Royal Academy of Engineering Working Group (see Appendix 3) set up
to investigate and report on “Common Engineering Risk Management Methodologies”.The scope of the
investigation was strategic and did not include the various specific quantitative techniques based on probability and
decision theory. It was decided that these were specialist matters.

However, decision takers do need to be aware of

the use made of such quantitative techniques in
specific projects.They are very powerful and valuable
in the correct context.The enormous improvements
made in the reliability of such engineering products
as electronic devices or aero engines owe much to
such techniques. However, managers should always
question whether the relevant system could be
subject to any external influence not included in the
analysis. Special care has to be exercised to check
whether input data to such analyses might have a
“cultural” or “behavioural” bias. For example data on
equipment reliability can be very dependent on the
level of training given to operators.

The Working Group considered Risk Management

(hereinafter referred to as RM) in terms of the
processes that should apply across all engineering
disciplines. But these have been set in the wider context
of the processes employed in client businesses and
public organisations, and also those demanded by the
wider community of stakeholders including government,
investors and society at large. In the report the term
“enterprise” embraces the whole gamut of relevant
organisations from plc’s through government
departments and agencies to universities and charities.

This report will be of value to the engineering

profession. But policy makers and clients of engineering
products will also find the report of strategic importance
in understanding the risk philosophies embedded in
such products. It is essential that engineers and the
wider stakeholder community share a common
understanding of the whole range of risk issues whether
they arise from marketing, health, safety, environmental,
political, financial, technical or human factors.

2
The Strategic Context
An enterprise, product or service may develop through small, slow, evolutionary changes or by major, innovative, step
changes. Small incremental changes may suffice to sustain a technologically stable product in a mature market.
But, even then, without constant innovation enterprises lose their competitiveness, their economic viability and their
customers. Significant changes through innovation provide the major opportunities to an enterprise. For this
reason it is important that the associated uncertainty is viewed and addressed positively.

Recent social, regulatorary, and business

developments have emphasised the need for boards
to address all aspects of uncertainty in a proactive
manner; and increased the importance attached to
documented evidence of compliance with legal
obligations.They have led to increased corporate
emphasis on alignment of responsibilities, authority
and internal accountability, clear communication and
traceability of actions.These developments have
stimulated the notion of a much-needed common
language and methodology to address issues of
uncertainty whatever their origin.

RM must not be allowed to degenerate into

mindless filling and filing of forms, or applying
mechanistic procedures. Board members must take
the lead and show, by their commitment and actions,
that RM processes are an effective way of identifying,
assessing, and mitigating risks to an acceptable level
so that the real benefits of change can be realised.
They must set a climate in which managers and
employees understand their role and responsibilities
and can draw attention to perceived shortcomings in
product or process without fear of retribution.

“The best processes are useless if they are treated as box ticking
rather than real concentration on ensuring that the process adds value.
……….Strong leadership within a team can often provide remarkable
results at times of crisis as can an organisation clearly focussed
throughout on risk management, with each risk being managed at an
appropriate level within the organisation by individuals and teams who
have the awareness of risk as part of their culture.”
John Weston CBE FREng 2001 Lloyd’s Register Lecture

3
 Organising to Manage Risk
Different levels within the hierarchy of an enterprise Each level provides context for those reporting to it.
have to address different degrees of uncertainty. It is important that there is an active dialogue and
The Board has to ensure that all of the significant review of uncertainties facing the enterprise to
uncertainties that actually or potentially face the ensure that they are being addressed at the
enterprise are addressed. It has to deal with a high appropriate level. It is especially important that
degree of uncertainty in the external environment those closest to the workforce are able, and indeed
and in the outcomes of decisions taken. The range encouraged, to feed back up the line the realities
of issues is so wide as to defy a common metric; of resources, operations, the capabilities of the
indeed many of the issues can only be addressed enterprise, its successes and failures.
in qualitative terms. The Board should be thinking
strategically about the long-term aspirations of its This may seem obvious, but the Working Group
stakeholders; about redefining objectives; about felt that very often its simplicity and logic are lost
radical as well as evolutionary ways of achieving in organisational complexity and lack of clarity.
objectives; and about countering external as well Each level in the organisation must share its own
as internal threats. perceptions of the key risk issues with other
interfacing levels. A Project Manager cannot identify
Thus, the Board defines the total framework within the vital issues to higher management unless he or
which the rest of the organisation operates. Those she understands the impact of the issues on the
reporting to the Board are accountable for a business. But this sharing must not dilute or confuse
narrower range of issues, often reduced to a single the accountability for RM decisions.The business
enterprise-wide function. Sometimes it is a subset manager is still accountable for the business risk,
of responsibilities that are defined geographically or but decisions are made in the knowledge that the
with respect to a set of projects that form a distinct project or operations manager accountable for
programme. They manage a mix of medium term technical risk management understands what is
strategic and tactical considerations. at stake for the business, and vice versa.

Project directors, managers and professional A particular problem is identified in “matrix”

engineers are generally accountable for a self- type organisations in which responsibilities and
contained activity with well defined near term accountabilities can overlap between “business
objectives, deliverables, timescales and resources. streams”, “functions” and “geography”. It is not within
Tactical considerations dominate with a focus on the scope of this report to argue the pro’s and con’s
achieving the agreed performance on time and of this type of organisation. But application of the
within budget. In general, uncertainties can be proposed principles will make it clear that lack of
reduced to the impact on those three parameters. definition in where responsibility lies is not
acceptable. If there are differences of opinion
between different elements in the matrix then it
must be made clear at what point in the organisation
there is an authority that can resolve them.

4
Responsibility, Authority
and Accountability
Within every enterprise responsibility is assigned
CEO
and authority delegated from the top. This implies

ty
ori
a liability on individuals to be held to account.

th
Au
Board

Ac
Members

and

co
un
Responsibility and accountability for everything that

ity

tab
il
sib
an enterprise does, or does not do, lies with the

ilit
on

y
most senior executive (Chairman, CEO, or

sp
Re
Project Managers
equivalent) who has authority over all resources Function Managers
of the enterprise.The CEO is accountable to all
of the stakeholders in the enterprise.

The CEO assigns responsibilities to each direct

report for a defined subset of activities or functions
and delegates authority over the resources needed
to fulfil their responsibilities. Each first report is A general point of which we are all aware, but often
accountable to the CEO for the effective and neglect, is the tension that exists between the virtues
optimal use of those resources in fulfiling their of a strong dynamic ownership and leadership of a
responsibilities. project and the loss of objectivity that this can often
spawn. Projects can gain a momentum that drives them
The process of assignment of responsibility, on whatever the odds against success. In the field of
delegation of resources and upward accountability corporate governance, recommendations have been
is applied recursively throughout the enterprise. made about separation of Chairman and CEO
functions and the crucial role played by independent
Each level of an enterprise has a unique combination non-executive directors. Similarly in all projects
of responsibility, capability and authority. It is essential serious consideration should be given to co-opting
that uncertainties be managed at the appropriate independent minds to participate in formal risk
level of the enterprise. That will normally be at the management reviews and audits at key decision points.
lowest level that can reduce the uncertainty to an
acceptable level of risk. Remaining risks and the Risk Management is an integral part of the Lifecycle
aggregate of lower level risks should be escalated so management process and all risk management plans
that ultimately the residual, aggregated risk can be will be independently assessed at the Phase Reviews
addressed at board level. John Weston CBE FREng 2001 Lloyd’s Register Lecture
During this process directors and senior managers
need to be alert to opportunities to optimise risk Every enterprise should have a written statement of
reduction solutions across functional, or other its Risk Policy endorsed by the Board and reviewed
artificial internal barriers. Otherwise the necessary annually.This policy should be supported by a set of
division of work can often lead to sub optimal risk management principles.The following example is
solutions at the enterprise level. loosely based on an actual statement used by a
leading UK plc.

5
 Risk Policy The Risk Policy is supported by a set of risk
The Company’s total resources provide the basis management principles:
on which its continuing reputation, viability and
profitability are built.These resources encompass • Risk management is the responsibility of all
employees, engineering, services, production and persons accountable for the successful completion
technological capability, market access and physical of any activity, programme, project, process or
and financial assets.These assets are utilised with the service or the achievement of any objective.
support of our suppliers and partners to satisfy our • Risk management is a continuous process and
customers.The company also has a responsibility to not a single task only undertaken prior to moving
care for the environment in both its operations and to the next process, step or phase.
in the use of the products that it supplies.
• Risk management encompasses the
implementation of cost-effective controls or
Innovation, particularly in advancing our technology
contingency plans with the intent of exceeding
is crucial to our ongoing success. It is vital that we
goals and objectives, including the minimisation of
preserve those resources that enable us to innovate,
costs, timescales and liabilities.
develop and apply new technology profitably.The
Company has the will and determination to take the • The active management of risk shall be an
rational risks necessary to preserve a leadership integral part of the normal management and
position in a competitive environment.This will be review process to define future actions and plans
achieved through a series of business processes and ensure their satisfactory execution.
(described elsewhere) including risk management.
• Risks are reported by the business responsible
for the activity, objective, programme, project or
Risk management is the systematic process to service against their business plan.
identify, assess, treat and manage risks that either
threaten the above resources or provide beneficial • Formalised risk management processes are
opportunities for our stakeholders. essential for satisfactory negotiations with
customers, partners, suppliers, and regulators.
All managers are responsible for compliance with the • A risk provision must be established to fund risk
risk management policy and to exhibit the company’s assessment and treatment and the financial
stated behaviour to have the will to take rational impact of risk.
risks.This is achieved as a result of the application,
by all employees, of the risk management principles
• Activities that may affect the enterprise’s image
or reputation shall be subject to formal risk
processes and procedures.
management.

• A documented risk management process is used.

• Every risk identified must have a single owner

and a clearly identified individual within the
enterprise who is responsible for managing the
risk. (These could be the same person).

6
Risk Management and the Engineering Life Cycle
The “Engineering Life Cycle” is a sequence that begins with a conceptual phase initiated by some innovative idea,
sometimes stimulated by research, or a need expressed by a client or marketing function. It ends with the resultant
process or product being de-commissioned and disposed of.

The number of steps between the beginning and the Risks of success and/or failure are at a maximum
end varies according to the nature of the process or and the process is one of gaining knowledge,
product and the way different organisations operate. researching possibilities and narrowing down the
But is important to identify the appropriate stages options to a manageable universe.Yet paradoxically
and characterise them. While a core common many organisations do not see this as a high-risk
methodology, described in the next section, can be phase because the quantity of resource that has to
applied to RM throughout, the nature of the risks be committed is often minimal compared to later
and their characteristics are very different in the phases.This is a mistake.The outcome of this stage
various phases of the life cycle. can determine the whole future of the endeavour
and it can be very difficult and expensive to have
A key control is to set up “Stage Gates” at to return to this phase later. If there is a need for
appropriate points.These points may or may not research, then some special considerations apply
coincide with the steps below.This is a judgement and Appendix 2 is a paper produced by a Working
that needs to made in the light of the complexity Group member that addresses these.
and duration of the project. But it is essential to lay
down what is required in terms of achievement, “Research” should be regarded as one of the key
audit and management approval to pass on to the RM tools. It is one of the most powerful means to
next stage. significantly reduce uncertainties. It is therefore
critical during the concept phase to be open to
Concept the potential need for research and to be ready to
At this stage uncertainty is usually at its greatest.The integrate R&D programme(s) into the “Life Cycle”.
overarching enterprise drivers still have to be clearly
defined.The economic and social/political climate A key consideration at this stage is who to involve
within which the project will operate has to be in the process and how to involve them.There is
specified.The real needs of the client(s) are still usually a trade off to be struck between the
uncertain.There are technology choices to resolve. advantage of close involvement of all stakeholders
at this stage and the disadvantages of exposing the
uncertainties and inadequately developed and
protected innovations that characterise this phase.
It is crucial that this phase is managed at a high level
in the organisation and that responsibility is vested
in an individual able to access all of the strategic
resources necessary. Engineers are a key resource
and must be part of the process to advise on
potential relevant technologies and to evaluate
the associated uncertainties and risks.

7
 Specification Design
The end product of the conceptual phase is a small At this stage significant resources begin to get
number of options, ideally one, which can be worked committed. But the major risks to be managed do
up into a project specification. Conventionally this not normally concern resource.They are more
specification would define the required performance, concerned with assessing the robustness of the
cost and timescale for the project. Indeed in some emerging product.The fact that it is largely virtual at
sectors this is referred to as PCT. In reality things are this stage provides a particular challenge and
not quite that simple.The process is not a frequently the designers resort to prototyping
straightforward linear one.“Performance” will be defined and/or simulation to resolve uncertainties. Particular
more accurately as the project design progresses. uncertainties result when a design is a mixture of
Likewise “cost” is only one side of the business existing modules, perhaps from a third party supplier,
equation.Working to a cost criterion simplifies matters. and novel modules.The resultant interactions can
But what really counts is “value”.The definition of value produce surprising and even catastrophic results. All
will vary according to the mission of the enterprise. designers will break their task down into manageable
It might be as basic as profit, or alternatively some components and will have formal reviews of
more sophisticated measure of satisfaction for progress. But the RM procedures outlined in the
customers or other stakeholders. Some performance next chapter are not just for these reviews.They
parameters will be found easy to meet and can be have to be embedded into the whole design process.
readily extended if they add value. Others will prove
more difficult and their importance to the project It is during this project phase that health, safety and
outcome will be a matter of debate. .These uncertainties environmental considerations begin to loom large. A
can only be addressed in consultation with the other key part of the Risk Assessment process described in
stakeholders in the project in an iterative process. the next section is the identification of risks and HSE
risks need specific attention during the project
It is particularly important that the Project development phase.
Director/Manager has a full understanding of the
operational and maintenance regime that will apply to
the resultant product or process. Such simplifications
as the “lowest cost solution”, or “most reliable
technology”, or “most advanced control system”
will not be optimal decisions unless they match
the requirements of the ultimate operating regime.

Society is increasingly calling for the safe and

environmentally acceptable disposal of not only
waste and by products from operations but also for
the product or process at the end of its economical
life.There are still great uncertainties in how regulations
will develop in this regard, but there will undoubtedly
be prizes for those who can successfully anticipate
these changes during the specification phase.

8
Construction/ Fabrication
For a one-off such as a power station or motorway
the really significant resources are now committed
and the management of these poses its own risk
management challenge. For a “production line” item
like an automobile or TV set this phase may be the
re-tooling of the production line to produce the first
prototype(s).This process normally involves less
uncertainty than a major construction project and
the boundary between it and the design step is less
clear-cut. Indeed the characteristics of an existing line
may well be the major determinant in the design
process.

For major capital projects it is important that the

RM processes described later are applied not just
to the processes of site preparation, procurement,
construction, inspection etc., but also to the
organisation of the project and the assignment of
responsibilities between the various parties involved.
The optimal formulation of contracts involves major
risk assessment and evaluation skills.

The (Sizewell B) PWR Project Group was set up with

responsibility for compiling the safety case; determining
the station layout; acting as architect/engineer for the
station systems; specifying the equipment; managing
the procurement; managing the construction site;
conducting the commissioning and managing the
overall project.This was the first time that all of
these functions had been combined for a major
nuclear power station in the UK.The concentration
of skills, cohesion of effort and elimination of
traditionally difficult interfaces proved to be of
major importance to the success of the project.
John G. Collier FREng FRS 1995 Christopher Hinton Lecture

9
 Commissioning This task is made even more difficult by the business
Whether it is the first sea trials of a ship, the first test trend to employ contractors and subcontractors to
flight of a plane or bringing a nuclear reactor on line operate and maintain. If operations are not seen as a
the anticipation is that these are very much “proving” core part of the enterprise it is important not only
events in which there are no surprises. Obviously this to spell this out clearly, but also to define very clearly
depends very much on the effectiveness of the earlier how the obvious new risks introduced are to be
phases. But there are risks; otherwise, this phase would managed at the interfaces between the principal and
be omitted. Part of the RM process at this stage is the contractor.
the commitment of extra manpower resources
beyond the normal operating crew together with De-commissioning and Disposal
extra monitoring and safety equipment required to This is no longer a phase that can be left to sort
ensure safety, and optimal feedback from the trials. itself out “on the day”. Increasingly, enterprise
reputations are put at risk by failures to address this
Operations (Including Maintenance) phase of a project. All products are implicated from
Depending on the sector, operations can be the simple household chemical and appliances to major
“Cinderella” phase when everything is left to the structures like power stations.The earlier in the life
frontline and supervision to handle.The philosophy of the project that the issues are addressed the
is that it is now all just repetitive routine and the more likely it is that optimal solutions will be found,
uncertainties are all well known and predictable. and just as importantly, be seen to be taken seriously.
But of course this is when the “built in” problems But this is a phase that needs to be taken seriously
manifest themselves and disasters occur. Most in its own right particularly as very often third
accident reports identify human error and failure to parties, remote from the original designers and
follow procedures as the cause. Sometimes designers producers of the product or process will be carrying
give operators very difficult and unsuitable roles to out the work.
perform. Another report in this series of three deals
with one key aspect of this – “The Risk of Humans
in the Control Loop”. Operators frequently find their
own ways of doing things and there is often a slow
evolution away from the designer’s original intent.This
process is fraught with risks and must be managed
carefully. It requires effort to identify and incorporate
improvements discovered by operators and to
eliminate bad practices that creep in and put system
integrity as risk.

10
A Framework for Assessing and Managing Risk
Different engineering disciplines and industrial and public sectors have developed diverse approaches to RM. In
this section we describe the underlying generic aspects of those approaches and the power of systems thinking.
The combination of a generic RM model and systems thinking provides a powerful tool to tackle complex and
multi-disciplinary projects. Later we illustrate this generic model with a specific example from a major UK enterprise.

Many of the RM methodologies and processes in use

Systems
in UK businesses, whether associated with the
It should be relatively straightforward to apply the
engineering industry or not, derive from engineering
principles below to simple projects. But their real power
project management. Of their nature, engineering
lies in their application to larger more complex projects.
projects involve the management of technology risks.
The concepts and language of “Systems” are powerful
These are usually expressed in terms of risks to
tools in handling such large projects.They are not
costs, timescales and performance of the individual
specific to any one discipline or sector, and are
project. As RM has been extended into all areas of
particularly useful when problems and solutions are
business, encouraged by the requirements of the
intrinsically intra-disciplinary or cross several boundaries.
Turnbull guidance, so the scope of risk management
has widened to include such things as reputation risk
The key skills lie in defining the boundaries of the
management and risk communication. However, the
system and then breaking it down into manageable
methodology and process is essentially the same. It is
subsystems.The wider the boundaries the more likely
particularly important to note that risk assessment
that all potential issues will be taken into account,
and management are not add-ons to mainstream
but relevance, significance and resources have to be
operating activities.They must be embedded in
evaluated when deciding what is the system. A project
ongoing operations and continuously employed.
that may bankrupt the company if it goes badly
wrong must include the financial markets within its
This continuous process is based on an overall
system. Studies of a process involving hazardous
framework, consisting of four stages as in the following
chemicals must include the physical environment
figure:
within the system. Equally the installation of a new
cost control system would include neither of these.

Identify Assess Manage The power of the thinking in systems terms lies in
recognising that the properties of a system in its
environment are the sum of the properties of the
Communicate & Feedback sub-systems, plus the properties that are consequent
on the interactions between sub-systems. In any project
there are risks that the actual system, or subsystem
properties fall short of the desired ones. But more than
risk identification, assessment, management and
that, alongside the desired synergy from integration
feedback. From time to time the process is
there may be unexpected, undesirable emergent
interrupted for review and audit. While good record
properties as a result of interactions between subsystems.
keeping and documentation are fundamental
Both must be addressed explicitly and processes put in
throughout, they are absolutely crucial for audits.
place that alert relevant personnel to this possibility
and which define how these interactions will be managed.

11
 Risk identification A similar matrix can be drawn to show how
knowledge and impact are distributed. It may be
The generic risks of whatever system is being
tolerable to accept a low level of knowledge of a
considered, from a whole business to an individual
phenomenon if the impact is low, but not if the
project, need to be identified, grouped into themes
impact is high. Such a matrix would be invaluable in
and recorded on a risk register that will be maintained
determining the need for research referred to earlier.
over the long term.The initial preparation of such a
register will draw on past experience from all
The risk register will form the central information
stakeholders e.g. customers, suppliers, staff, the public,
store about such risks, their ranking, status and
shareholders etc.The risk register is often first drawn
management strategies.
up as a “straw man” by the responsible analyst or
manager, based on past experience, existing risk
It is generally agreed that it is essential to consider
analysis etc. It may then be tested by a brainstorming
the potential likelihood and impact of each risk
workshop with all the stakeholders and a comparison
separately since the two dimensions require different
with industry norms and benchmarks. New risks
treatment. For example, a low likelihood, high impact
should be added as and when identified, and old risks
risk, such as an accident resulting in multiple deaths,
archived when no longer applicable (e.g. because of
needs to be managed in a different way to a high
overall changes in the external environment, project
likelihood, low impact risk, such as loss of working
progress etc.), or fully mitigated as part of the
hours in winter due to flu.
feedback process (see figure on right).

Risk Assessment Once generic risks, within the scope of the analysis,
have been identified and quantified as far as is
Risks should be assessed against criteria determined
practical, a strategy is normally developed for their
before or during risk identification.They should be
control, reduction or mitigation.
assessed for likelihood and impact to establish a
ranking for each, even when a specific value is not
possible or appropriate.The appropriate likelihood
and impact measurements will need to be agreed.
The impacts in turn may need to be divided into
a number of dimensions relating to money, time,
regulation and reputation, political (especially if
sensitive or multi-national), etc. Impact
Once ranked, the risks are most easily displayed on Low Medium Medium High
-low -high
a likelihood-impact matrix that serves as a clear
High xx x
communication tool, allowing anyone, including those
Likelihood

Medium x x
not associated with the issues being considered, to - high
INTOLERABLE

be able to understand the level of associated risk. Medium

- low
xx x

The matrix can be coloured to highlight the most x xx x

Low
important risks, and guidelines can be drawn up about
TOLERABLE MAY BE TOLERABLE

the significance of the colours (see figure on right).

12
Risk Management Process As in the risk identification stage, it can be very
helpful to produce a simple pictorial representation
Management options are normally designed to
of risks and their controls to identify coverage, by
achieve one or more of the following:
producing a risk control matrix along the lines of
• Avoid - i.e. make a fundamental change so the that in the figure below.
risk is no longer an issue.
Controls

• Reduce - i.e. reduce the chances that the

Risk Likelihood
Risk Impact
potential event will happen (e.g.. manage the Risk
Ref.
Risk
Description
Avoid Reduce Mitigate Transfer Accept

likelihood dimension by using a more reliable

technology).

• Mitigate - i.e. reduce the consequences of the

risk, if it should happen (e.g.. manage the impact
If it is not otherwise clear who owns and manages
dimension; install a safety barrier).
the risk then columns should be added to identify
• Transfer - i.e. transfer the effects of the risk to the relevant managers.
another organisation more capable of handling it.
Once the risk and control structures have been
• Do Nothing - i.e. accept that the risk may be
realised and therefore accept the consequences. placed on the matrix, the cells can be filled in to show:

• which risks is a given control intended

In selecting the most appropriate control option, the to address?
following need to be considered as a minimum:
• which controls are effective in reducing
• The likelihood and impacts of the risk. a given risk?

• The effectiveness of the strategy in meeting • who is tasked to manage the risk
its objectives.
Additional columns can be added in the matrix for
• Other consequences, desirable and undesirable,
of the strategy on the issues. the quantification step, if this is applicable (e.g. cost
of risk control, maximum cost of risk realised and
• The cost of implementing the strategy.
ratio of these two). At the simplest level, the
applicability can be indicated by a “yes” or “no” in
The above will allow an evaluation of the
relevant cells. More information can be included in
effectiveness of the options, and hence allow decisions
the matrix by using a scale, such as High, Medium,
to be made. Clearly, it is important to consider all
or Low, to indicate how effective the control is in
options for controlling risk. If, as is frequently the case
dealing with the risk.
in contracts involving either outright purchase of
new engineered products/constructions, or
The Risk Control matrix is a powerful tool for
outsourcing, it is intended to transfer the risk to the
displaying different levels of information on relations
contractor, then both the realism of the risks being
between risks and controls. Even in its most simple,
controlled by the contractor and the contract
qualitative form, before any quantitative information
clauses intended to achieve the transfer, will need
is included, great insight can be gained by looking at
careful examination.
the overall risk-control pattern.

13
 Risk Communication
and Feedback
Good RM is part of a system of continuous
improvement. For continuous improvement,
feedback is essential.This means understanding the
past, measuring what has happened, where practical,
setting targets for improvement and monitoring their
achievement.

This whole process requires openness and honesty.

This is more easily said than done.There are always
pressures to minimise problems and mistakes, or to
ignore the risk until it is too late.This is why the
Board’s commitment to the integrity of the risk
management process is vital.The process can of
course be integrated with performance appraisal
systems, quality management systems and such
initiatives as the Business Excellence Model.

The key need is to learn from past mistakes and to

understand how the external world is changing to
make past mistakes either more or less likely to
occur in future.

14
6. Conclusions and Recommendations
A generic process for Engineering Risk Management is described and recommended for general use. It is already
followed by some key UK enterprises and is believed to summarise current best practice.

The philosophy and guidance behind the Turnbull It is not the purpose of this report to comment on
Report on corporate risk are very strongly supported the various quantitative, probabilistically based
and provide a necessary context within any organisation techniques that are so valuable in sorting out
for good engineering risk management practice. technical and financial options.The use of such
methods has contributed enormously to the
Boards and senior executives must ensure that improvements and reliability of engineering products
engineering risk management is set within the and processes in recent times. But attention is drawn
context of the risk management policy and principles to the reality that such techniques are limited in
of the enterprise. It is necessary for individuals within application to quite well defined systems and
the enterprise to understand the nature and degree problems. Also there is a need to carefully assess
of risk that are appropriate.This will vary enormously whether the input data themselves are valid in the
according to the maturity of the enterprise, its context in which they are applied. All data from
financial strength, the nature of the technology systems involving human activity will show some
involved and the environment within which it has to degree of cultural bias.
operate. But Boards need to make it clear to all
stakeholders that there is no such thing as a “risk
free environment” and that the future of the
enterprise depends on a degree of risk taking.

A structured and documented process is essential.

The process of RM should be explicit and executed
in a manner that can be communicated to third
parties and provide a record for post-hoc analysis
and review.

While every effort will be made to ensure that RM

procedures are as objective as possible judgements
do have to be made with inadequate data available.
Also human emotion inevitably enters into processes
dealing with uncertainty. Another report in this series
“Societal Aspects of Risk” describes how we can
perceive risks in ways quite different from their
simple quantitative evaluation. We need to be
sensitive to the possible distortions that this can
cause and be prepared to test our evaluations
against those made by others both internal and
external to the project.

15
 Appendix 1
Management of risk through At a first level, the project should be reviewed at
an integrated review process regular, say monthly, intervals as part of its normal
Whilst the role of risk management as an essential project management process. This review, at a
project management tool is well recognised, its contract level, should be undertaken by the local
application may not guarantee the successful delivery business team and should address short-term issues
of large and complex projects. Two particular particularly those arising from the risk management
weaknesses are addressed here, namely the risk procedure. In addition this review should look at
management task may be handled as an activity other items such as cost and schedule data and
separate to the main management task, and it may predict the out-turn performance of the project.
be undertaken by personnel of a relatively low level Changes in the data month on month will help in
within an organisation. identifying adverse trends and potential problems.

This illustration describes a review process that integrates In a multi-project environment, these monthly
risk management into the wider management of a project data can be summarised and used to manage
project and allows senior personnel to make a a series of projects in parallel, with reviews being
meaningful contribution to the management of project held on perhaps a quarterly basis. These reviews can
risk at appropriate points in the project life cycle. assist in setting priorities between projects and can
take a wider perspective, dealing with a number of
This integrated review process allows different aspects projects for the same customer for instance. This
of the project to be examined from a number of review might also comprise a different group of
perspectives and at appropriate points in the project people than the monthly project review but would
life cycle. In addition, the use of independent senior usually have executive authority to direct change as
personnel with wide ranging experience can add required.
significant value to the outcome of these reviews.
Contract and business reviews described are widely
The use of these reviews is not unique to one used and are an accepted way of running individual
industry and they have been adopted and adapted contracts or a portfolio of tasks. If the above are
in a number of business fields. An integral part of used in combination with two other reviews which
this process is a conventional risk management look at the quality of the project against its
procedure that is used to identify and manage requirements and the application of processes
programme risks. By using this risk information in to a project, then a higher degree of success/greater
conjunction with the integrated reviews, positive risk degree of risk reduction can be achieved.
reduction activity can result. The output from the
risk management procedure should be summarised
for use by other review forums.

16
In reviewing the quality of the project output, It is recognised that this process will not capture or
typically through a design review, the performance correct all the problems that might be encountered
of a product can be checked against its design on the project. However, its integrated nature will
requirement. This review can be equally valid in ensure that the project has been examined from a
a recurring as well as non-recurring project number of complementary viewpoints and the value
environment.The review should be undertaken of the reviews is very much dependent upon the
at appropriate points in the programme eg prior quality of people used in the process. There is a cost
to committing to production, to ensure product involved in deploying this process, but if it is applied
integrity. In particular the review should check that in a sensible manner then tangible benefits can result.
the requirements have been fully understood and There are also cultural barriers that have to be
have been dissected into their relevant elements. In overcome with regard to outside examiners sitting ‘in
addition, it should check that each of these elements judgement’ over a project; the level of their executive
is meeting its individual specification and can be authority must be clearly defined.
integrated to meet the overall requirements of the
customer. The review might be undertaken by an On the benefit side, the process facilitates a constant
external reviewer in conjunction with the project checking of ‘are we doing what we think we are
team. A key element of this review is to examine doing’ and maximises the contribution that can be
the risks in achieving the specification and made by senior personnel. The process also allows
amendments should be fed back to the risk the exchange of best practice in a multi project
management procedure for resolution. environment and facilitates a learning organisation.

The application of process to a project can be In summary, the process described integrates a
reviewed by examining the management plans and conventional risk management procedure into an
information that is being used to manage the project. overall integrated management review process which
Again this review could be undertaken at key points itself is focused on managing and reducing risk. The
in the project eg prior to bid submission and can process comprises three reviews namely, Contract
utilise experienced senior staff as both independent Review, Design Review and Phase Review. It can be
Chairman and Assessors. The review could assess implemented at an acceptable cost and allows for
plans and methods being utilised as well as reviewing the exchange of learning within an organisation. In
the management organisation and utilisation of addition the experience of senior personnel can be
resources. The key element is to examine the used to maximum advantage.
success of the plans in delivering the project to date
as well as making a judgement on the ability of Finally, the process enables the management of risk
future plans to deliver the project. Again, the risk to be everyone’s concern and focuses the
analysis forms a key part of this review and any new organisation on resolving the key issues that can
or amended risks are identified back to the risk prevent a project from being delivered successfully.
management procedure for resolution. This review
can be used as a check to ensure that everything is in
place before moving on to the next phase of the
project and is often known as a Phase or Gate Review,
and should also consider the outputs from both the
contract and design reviews described earlier.

17
 Appendix 2
Risk Management in R&D Projects that there will be uncertainty in R&D costs and time
The application of the generic risk management to complete in relation to the initial estimate.These
process recommended in this report to R&D latter considerations are important in terms of risk
projects requires particular analysis of the inherent management methods.
uncertainty in R&D. By definition the outcome of
research is unknown. So it cannot be assumed that For (2 & 3) one needs to define proxy objective(s)
the desired outcomes of the research are achievable. then parade the R&D ideas against the objective(s).
The key to effective R&D risk management is to get On the whole, type 2 is to do with general technology
agreement on the balance between the future watch and type 3 is to do with novel concepts.
resource expenditure to the value of the desired
outcome. Past expenditure on R&D must always be There is a long standing body of evidence to show
regarded as sunk cost, and should never influence that most organisations allow about 10% of R&D
future spend. For this reason the feedback stage of time to cover areas 2 and 3 (e.g. “In Improving the
risk management is particularly important as are the effectiveness of R&D” - McGraw Hill 1965, a survey
milestones in de-risking the research project. of US technical research organisations showed that
It is assumed that before a research programme is on average 10% of any research portfolio went on
started the funding organisation will undertake some general basic research).The uncertainty surrounding
project cost/benefit analysis related to the part high risk high return research connected to long
played by the R&D programme in the strategy and term challenges, probably means a 10% allocation is
objectives of the organisation. the simplest and most reasonable thing to do, when
determining the overall shape and risks of an R&D
There are three basic situations where R&D assists portfolio. Allowing this amount of resources means
overall strategy and objectives: that all researchers should have time to keep up to
speed on the key advances in their research areas
1. The first and simplest is where the objective is
(technology watch) and the organisation should have
decided and R&D plays a definitive part in
time and money to fund those few individuals capable
achieving it e.g. design an aeroplane that can do X;
of doing inventive research. Inventive research needs
2. The second is where the objective is known in a
people based rather than project based decision
general way, but no defined programme exists
making (you back the brain not the project). In
e.g. update knowledge of industrial base or
inventive research organisation all R&D may be type
industrial trends;
3. In this case funding of each project will be heavily
3. The third is where the objective is not known,
weighted to the quality of the individuals undertaking
but the assumed benefits of a technology
the work in the achievability assessment outlined below.
advance are sought e.g. using nanotechnology, 3G
communications.
There are four key dimensions that need to be taken
For (1) it is essential to choose the right projects to into account when assessing R&D projects. They are:
achieve the aim. Most industrial R&D programmes
fall broadly into this category.They are intended to
• Performance.The purpose of the project.

achieve a narrowing down and de-risking of the • Time. How long it will take to achieve this.
technology options that are intended to fill a product • Cost.The cost or cost/benefit of the project.
gap or perceived customer need.The more
• Achievability. What is the likelihood of the project
ambitious and blue skies the project the more likely meeting these objectives?

18
Performance, time and cost are the standard project (high/medium/low) risk rating for achieving its stated
dimensions, with the normal range of risks associated objectives. It is a management decision how to assign
with them. It is the additional dimension of a risk level to projects. One example might be a
achievability that needs very careful consideration in straight numeric decision: we could sum the project’s
R&D project risk analysis. scores to get a Total Achievability Score (maximum
score = 35, when using a five category range, which
Regardless of how lofty the research objectives are, would mean that the research has no significant
there is little point in funding a project that has no barriers to meeting its objectives), and then assign
chance of achieving its objectives. risk ratings as below:

Research may not meet its stated aims within the • total score between 25 and 35 = green risk;
budget and time available due to: • total score between 15 and 14 = amber risk;
• Lack of quality people to carry out the research;
• total score between 1 and 14 = red risk;
• Lack of centres of excellence where the research There are disadvantages to such a simple numerical
could be carried out (including a lack of suitable method - a project could score really poorly on one
test centres); area, but well on all others, and still get a green risk
• Inability to conduct a comprehensive testing rating. Management might therefore want to say that
programme; a low score on some dimensions automatically gives a
project a red risk score, for example if there are
• The research is starting from a point where there
is a low probability of technical success (e.g. serious ethical considerations.
Technology Readiness Level as defined by NASA);
There might also be a management decision to link or
• There are significant dependencies on the weight some dimensions more highly than others. For
development of other new technologies; example, the quality of the research team might
• Industry is unable to manufacture the new product; assume greater importance for all R&D programmes
with a low maturity level.
• The research is socially or ethically unacceptable.
There are many possible sets of metrics for measuring Management might choose to have different scales or
the applicability of each of the above statements to each include some additional dimensions not put forward
project. These metric scales will vary from organisation here.This would not affect the conceptual framework
to organisation.They all suffer from the defect of of the risk assessment. Each R&D project can then be
reducing a very complex assessment to an enormous given a simple comprehensible profile for future
degree. One of the simplest is to develop a small range funding discussions, as in figure below:
from one to three to one to five, where one means
R&D Project Name: Score
that the project does have significant problems in this
Criteria 5 4 3 2 1
area, and a three/five means that this factor is not Fills a product gap (potential performance)

likely to impact the project meeting its objectives. Timescale to achieve product
Costs of achieving product
Availability of a quality research team
To simplify the dimensions to be considered in Availability of facilities/centres of excellence

assessing the R&D risks, you could reduce all of the Ability to test acceptance
Maturity of the concept (Technology Readiness Level)
above factors down to a single estimate of the Dependencies on other new technology
likelihood of the project to meet its objectives. Each Ability to manufacture
Social and Ethical acceptability
project could then be assigned a red/amber/green

19
 Appendix 3:
The Common Methodologies Working Group
Chairman
Mr John Turnbull FREng
(previously Mr Peter Chamberlain FREng)

Members
Professor David Andrews FREng University College
London
Dr Louise Bennett, Director vivas ltd

Professor Phillip Bennett FREng CSE International Ltd

Mr David Buchanan FREng Health & Safety Lab

Mr Steve Charters (July 2002 - ) Rolls-Royce

Mr Richard Haryott FREng ARUP

Mr Simon Howison BAE Systems plc

Professor Roger Kemp FREng Alstom T & D

(Sept 2001 -
March 2002)

Mr Terry Lazenby FREng

Dr Peter Rainey Rolls-Royce

(Sept 2001- July 2002)

Professor David Stupples PA Consulting

Secretariat
Mr Tony Eades The Royal
Academy of
Engineering

20