Assessing risks should be standard

The explosion was so powerful that the British Geological Survey might have registered it as a small earthquake. The column of acrid black smoke that followed the blast could be seen hundreds of miles away. This was no bombing raid from the Blitz, but rather the most cacophonous explosion on British soil since the end of the Second World War.

In December 2005, petrol vapour escaped from storage tanks at the oil storage depot in Buncefield, Hertfordshire. The white cloud that formed was ignited, triggering a series of explosions. One of the blasts, described later by investigators as being of “massive proportions”, measured 2.4 on the Richter scale.

A huge fire soon engulfed most of the site, sending a plume of black smoke high into the sky. After a three-year inquiry, the Major Incident Investigation Board found that fundamental safety management failings were at the root of the disaster. The total cost of Buncefield was nearly £1 billion.

“There was an element, like in most disasters, of a convergence of a number of problems,” says Andrew Sharp, an infrastructure specialist at AMCL, the asset management consultancy. “Like problems with the design and maintenance regimes at the site. The most obvious manifestation of the convergence of such problems is where things go wrong. Those are the things that will hit the headlines, like with Buncefield.”

With any asset – an oil depot or power plant, a water pipeline or sewage treatment works, a motorway or an airport – there are myriad risks to assess throughout its lifespan. Will the other half of a maintenance deal be able to live up to their contractual obligations? What major natural or political events could have an impact? Will anyone want to buy the asset in the future?

Each risk to an asset will have a different weighting depending on the priorities of the business

“There’s a huge amount of interaction between risks,” says Mr Sharp. “Asset management is by definition a process of integrating things, including risk management.” That a number of failings at Buncefield should have converged to create catastrophe, highlights the importance of a co-ordinated approach to managing risks throughout a business.

These risks must, of course, be considered in isolation. Each risk to an asset will have a different weighting depending on the priorities of the business that owns and operates them.

Scottish Water collects and treats more than 864 million litres of water for 2.4 million households and 123,000 businesses in Scotland every day. The publicly owned company must maintain 30,000 miles of water pipes, 30,000 miles of sewer pipes, 1,800 wastewater treatment works and 280 water treatment plants.

When it comes to prioritising risks, Karen Whitehall, an asset investment manager at Scottish Water, is adamant about one thing: “We’re very much customer-first. Customers don’t want to see sewage on bathing beaches, let alone have sewage in their house. That would be our worst nightmare,” she says.

When modelling asset risks – for example, for its huge Balmore water treatment plant just outside Glasgow – Scottish Water, like many other utilities, uses computer-based algorithms. Individual risks, which are given different weightings – heavier on the customer, in Scottish Water’s case – are inputted individually to help paint a picture of the whole risk to the business. Of course, computer modelling has its limits. “They’re useful tools,” says Ms Whitehall, “but the ultimate decision has to be human.”

Integrated risk management is commonplace in most big companies, especially those that own critical physical infrastructure assets. But approaches to assessing risks and then painting the whole business picture will, quite naturally, vary. This creates problems: external auditors, for example, will find it hard to assess risk in a company if they are not au fait with the idiosyncrasies in its asset manager’s approach.

Having a consistent way of evaluating risks across a diverse spectrum will give a better knowledge of where best to spend money and get a better return overall

There is, therefore, a cross-border campaign to improve and harmonise approaches to asset management and analysing risks therein.

It all began in Britain. In 2008, the British Standards Institution (BSI), the UK’s national standards body, unveiled a new standard, PAS 55. The standard combines 28 different requirements for establishing an integrated system of management for physical assets, from the point of acquisition or creation of the asset to the point of disposal or renewal.

By following the PAS 55 standard, an asset manager can attain a stamp of approval for demonstrating competent governance of their assets. It also brings other benefits; for example, making it easier to compare performance against other industries and allowing for better external audit. The standard took six years to develop with the involvement of 50 organisations, spanning ten countries and fifteen industries.

This British standard might soon become an international one. Development of the International Organization for Standardization (ISO) management system standard for asset management, or ISO 55000, is well under way. It is based on the BSI’s PAS 55.

The Institute of Asset Management has thrown its weight behind the development of the international standard, which has the aim of increasing “the degree of international and cross-sector participation in the development of asset management good practice and application in many more parts of the world”. At a recent meeting in Calgary, Canada, the final draft of the new international standard was agreed.

“Having a consistent way of evaluating risks across a diverse spectrum will give a better knowledge of where best to spend money and get a better return overall,” says AMCL’s Mr Sharp. “If you’re a board that has responsibilities towards government assets and risks, then the ISO standard will give you the mechanisms for putting those processes and structures in place.”

Good asset management governance, he explains, means having “effective line of sight” from corporate objectives at the top, down through the organisation to all aspects of asset management on the ground. The British and international standards, he says, specify all the necessary requirements that allow funders and stakeholders to achieve this clarity of vision.

Take, for example, Network Rail. It has to effectively split its £33-billion budget across a huge number of assets, such as track, signals and overhead electric cables. Each asset has a different life cycle; each carries its own risks. They could each be managed separately, but with such a huge portfolio of infrastructure assets and a multi-billion-pound maintenance and investment budget, oversight of all risks on a corporate level is essential.

Network Rail’s executives need to understand where they should spend their money in order to mitigate the overall risk to the country’s rail network. The ISO and PAS 55 standards, says Mr Sharp, help achieve this.

To further develop the best integrated risk practices across industrial borders, there is also the SALVO project, a collaborative three-year effort to bring about better asset management strategies. London Underground, Scottish Water, Cambridge University, Scottish Power and Centrica, the owner of British Gas, are involved, among others. The project will provide case studies, guidance, training programmes, and modelling and decision tools.

The UK government plans to invest £310 billion in 550 infrastructure projects over the next decade. Despite the current lack of clarity about these projects and regardless of whether an airport is built in the Thames Estuary or two more runways are laid at Heathrow, the government’s intention is clear: it wants to invest heavily. When the time comes to push on with these bold plans, an integrated approach to risk management, harmonised across industries, would be a worthy goal.