Moving Risk Managment into the 21st Century
RADICAL RISK IDENTIFICATION Moving Risk Management into the 21st Century Laurie Wiggins CEO & Founder Sysenex Inc.
Background Laurie Wiggins International Space Station
27 years of Systems Engineering experience Broad experience in aerospace, IT systems - 19 years with The Boeing Company
Sea Launch LV
Space Experiments
IT
Next Generation Air Traffic Control
2
Risk Management Today A typical risk management process in Aerospace
Source: MITRE
September 1, 2007, MITRE Systems Engineering (SE) Competency Model, Version 1, pp. 10, 40-41.
3
Risk Issues in Aerospace Today
Increasing trend of overruns, performance problems • Waiting is Expensive - Although most know risks are more expensive and
time-consuming to address later in development, they don’t know how much more
• 300-500%+
• Per our Survey - Although 75% of organizations surveyed have a RM process in place, 51% of them reported a risk related loss or failure
• The Equals Key - Different groups within an organization address technical, safety, financial/business, strategic risk – skews decision making
• Subjectivity – risks identified depend on personnel involved 4
Risk Issues in Aerospace Today
Standards Say ‘What’ but not ‘How’ Current RI Methods are Ad Hoc, Non-Comprehensive Personal experience/lessons learned Consult SMEs/Program Personnel Brainstorming FMEAs, other Failure Analyses Consult Stakeholders PRA
83.3% 71.4% 66.6% 54.7% 50.0% 40.5%
Not Much Help is Available A Sysenex/George Mason University study revealed 50+ commercially available risk tools – none of which identify risk
5
Risk Issues in Aerospace Today We’ve been doing it the same way for 50+ years
We Need to Do Better
6
Radical Risk Identification
There is a Better Way • Hundreds of programs, their risks and outcomes were analyzed • A set of common risks emerged • These common risks = common underlying program problems • despite having many ‘faces’ depending on a specific product or service
INNOVATION: These common risks can be used to diagnose as yet unidentified program problems 7
Radical Risk Identification 218 Risks in six areas
Operational
Managerial
T Technical
Enterprise
Organizational
External
Current Risk ID Enterprise Risk Management 8
Radical Risk Identification Risk Area Breakouts - Selected Risks Technical
Requirements Definition •Interface Definition and Control •Common Mode/Cascading Failures •Quality •Safety •Logistics Supportability •Technology Maturity •Failure Analysis •Models and Simulations •Data Quality •Software Module Maturity •Software Integration Maturity •Experience Required to Implement HW Module •HS Methodology and Process Maturity •Change Management Process •Producibility •Testing Planning •COTS/GOTS/Reuse Experience
Organizational
Organizational Interest in Personnel Motivation •Organizational Management Processes •Organizational Culture •Organizational Experience •Organizational Business/Mission Benefit
Operational
•System Operational Problems •Obsolescence Management Process •Personnel Training and Experience •Human Error •Near Miss Consideration •User Acceptance •User Satisfaction •System Availability •System Failure Contingencies
Enterprise
Enterprise Experience •Enterprise Reputation •Enterprise Management Processes •Enterprise Security Processes •Enterprise Contingency Planning
Management
Management Experience •Resources and Commitment •Overall Program Staffing •Personnel Experience •Turnover Rate •Personnel Morale •Subcontractor Management •Supplier Management
External •Funding •Regulatory •Legal •Labor Market •Customer Experience •Customer Interaction
9
Program Risk ID
Program Risk ID Risk Identification Dramatically Enhanced Via Program Risk ID
A web-based software tool For One Program – trending through time
Across Many Programs -
compare risk levels across programs
www.programriskid.com
10
Background Laurie Wiggins International Space Station
27 years of Systems Engineering experience Broad experience in aerospace, IT systems - 19 years with The Boeing Company
Sea Launch LV
Space Experiments
IT
Next Generation Air Traffic Control
2
Risk Management Today A typical risk management process in Aerospace
Source: MITRE
September 1, 2007, MITRE Systems Engineering (SE) Competency Model, Version 1, pp. 10, 40-41.
3
Risk Issues in Aerospace Today
Increasing trend of overruns, performance problems • Waiting is Expensive - Although most know risks are more expensive and
time-consuming to address later in development, they don’t know how much more
• 300-500%+
• Per our Survey - Although 75% of organizations surveyed have a RM process in place, 51% of them reported a risk related loss or failure
• The Equals Key - Different groups within an organization address technical, safety, financial/business, strategic risk – skews decision making
• Subjectivity – risks identified depend on personnel involved 4
Risk Issues in Aerospace Today
Standards Say ‘What’ but not ‘How’ Current RI Methods are Ad Hoc, Non-Comprehensive Personal experience/lessons learned Consult SMEs/Program Personnel Brainstorming FMEAs, other Failure Analyses Consult Stakeholders PRA
83.3% 71.4% 66.6% 54.7% 50.0% 40.5%
Not Much Help is Available A Sysenex/George Mason University study revealed 50+ commercially available risk tools – none of which identify risk
5
Risk Issues in Aerospace Today We’ve been doing it the same way for 50+ years
We Need to Do Better
6
Radical Risk Identification
There is a Better Way • Hundreds of programs, their risks and outcomes were analyzed • A set of common risks emerged • These common risks = common underlying program problems • despite having many ‘faces’ depending on a specific product or service
INNOVATION: These common risks can be used to diagnose as yet unidentified program problems 7
Radical Risk Identification 218 Risks in six areas
Operational
Managerial
T Technical
Enterprise
Organizational
External
Current Risk ID Enterprise Risk Management 8
Radical Risk Identification Risk Area Breakouts - Selected Risks Technical
Requirements Definition •Interface Definition and Control •Common Mode/Cascading Failures •Quality •Safety •Logistics Supportability •Technology Maturity •Failure Analysis •Models and Simulations •Data Quality •Software Module Maturity •Software Integration Maturity •Experience Required to Implement HW Module •HS Methodology and Process Maturity •Change Management Process •Producibility •Testing Planning •COTS/GOTS/Reuse Experience
Organizational
Organizational Interest in Personnel Motivation •Organizational Management Processes •Organizational Culture •Organizational Experience •Organizational Business/Mission Benefit
Operational
•System Operational Problems •Obsolescence Management Process •Personnel Training and Experience •Human Error •Near Miss Consideration •User Acceptance •User Satisfaction •System Availability •System Failure Contingencies
Enterprise
Enterprise Experience •Enterprise Reputation •Enterprise Management Processes •Enterprise Security Processes •Enterprise Contingency Planning
Management
Management Experience •Resources and Commitment •Overall Program Staffing •Personnel Experience •Turnover Rate •Personnel Morale •Subcontractor Management •Supplier Management
External •Funding •Regulatory •Legal •Labor Market •Customer Experience •Customer Interaction
9
Program Risk ID
Program Risk ID Risk Identification Dramatically Enhanced Via Program Risk ID
A web-based software tool For One Program – trending through time
Across Many Programs -
compare risk levels across programs
www.programriskid.com
10
