Adding value

Making sure systems, products and processes are doing the job in the most efficient way, needs a co-ordinated approach and independent scrutiny.

Creating things is exciting. The process of engineering new systems, putting new infrastructure in place and developing new services for rail users provides real job satisfaction. Many of us joined the railway industry to bring about exactly those types of changes. Surely checking that other people have done this properly doesn’t have the same level of excitement – or does it? Where is the creativity in second guessing what others have done? Where is the value?

Independent assurance is an approach which checks what others have done, are doing and what they plan to do. When this is performed well, it makes a major contribution to the creation of new assets and major changes to systems and processes.

There are many historical examples of failures in engineering projects or system deployments. The Tay Railway Bridge disaster in Scotland in 1879 resulted in the loss of 75 lives in a strong storm which led to the collapse of a section of the bridge. It is perhaps an extreme example. Who knows if independent assurance against the standards of the day would have detected flaws in design and construction that resulted in the disaster? Quite possibly, but this is speculation. With examples like this and other less dramatic examples such as delays in major projects, cost overruns and significant asset system faults, the benefits of an independent review of systems, products and processes is key to the protection of life and property, to strong business performance and to overall corporate risk management.

Assurance can be described as the process used to confirm that a business is satisfying its obligations, requirements and aspirations towards its stakeholders. The stakeholder group can be wide, but would certainly include the organisation’s customers, its shareholders and its employees. Crucially, this group also includes government and regulators – and of course the general public.

For the assurance to be ‘independent’, it requires the use of a third party – someone other than the organisation carrying out the work. There are many reasons for bringing in this ‘independent’ aspect. In some cases it is a legal requirement, such as in the case of the requirement to obtain ‘Notified Body’₁ approval for certain systems used on high speed railway routes in Europe. A significant reason though is to make sure the analysis is done completely objectively and critically, by a body with no commercial interest in the outcome of the project or system development.

It is often said that photographers are the worst editors of their own photographs. They have invested too much in the process to be objective. The selection of the best images for use in a publication, and the feedback to the photographer about what needs improving or changing, is a different skill set. Reviewing anything else is no different in principle – the most useful advice comes from a fresh pair of eyes without any bias.

This is one of the important tenets of the notified body regime. In the case of railway interoperability, these tenets include a need for independence, impartiality and freedom from incentive. Clearly the body needs to be competent, equipped with adequate resources and hold relevant insurance, but it also needs to uphold the highest levels of confidentiality. This is key. Independent assurance requires complete openness and trust if it is to be effective.

Assurance approach

Independent assurance services are often complementary and some have overlapping objectives. There are two dimensions which characterise the services, as shown in Figure 1 on page 83. One dimension is the degree to which the approach is risk or compliance based, whilst the other dimension is the degree to which the approach is inspection or process based. All have their merits – the key is to understand which to select for the task in hand, and to make sure they are applied efficiently. Several services may be applied together as a holistic solution to the needs of different stakeholders. This avoids multiple data collection activities, which is essential if full benefit is to be obtained from the suite of activities. Selecting the right services to apply is a significant skill – requiring an understanding of the impact that risk, compliance, inspection and process based approaches have on costs, timescales and legal compliance. There is the potential that too little assurance activity is undertaken, resulting in unacceptable levels of legal, safety or commercial risk. Conversely, there is the potential for too much assurance activity to be undertaken, resulting in inefficient use of funds and resources which could be better spent elsewhere.

The underlying processes associated with several types of assurance service are often very similar and there is clear advantage in having these carried out in a coordinated manner. Applying data gathering, assessment and evaluation activities once, deriving results to satisfy a number of output requirements (such as certification against specific standards or directives) gives a critical advantage.

Independent assurance services have evolved over the last decade and many more regimes now apply a risk focused approach to critical processes and assets, as these have the benefit of targeting the systems that affect an organisation’s business most, rather than blindly checking non-critical elements at unnecessary cost.

Assurance that is performed competently makes use of both obligatory (legal requirement) assessments and a suite of tools based on the key risks which may prevent the introduction or safe operation of the asset or services concerned. Checking everything is rarely the correct route to successful assurance and invariably the regime adopted will lie somewhere between the outer extremities of the two assurance dimensions.

When applied to a project, it is important to build assurance activities into the delivery of the project rather than ‘bolting them on’ later. It allows the activities to be executed in a planned fashion – making sure feedback isavailable for the project when it is needed, minimising cost and risk. It also makes sure that the requirements are built into the transfer to operations right from the start. In other words, good assurance is a whole-life activity.

It may appear counter-intuitive to bring the assurance organisation into the ‘project’ as early as possible. Independence does not mean that the assessment team should be in an ivory tower, protected and isolated. Independent assurance works best when there is a spirit of partnership, proactively giving input to the project (for example, giving examples of good industry practice for the project team to consider), being flexible in the tools applied and providing critical, qualified feedback throughout. It requires open communication in a coordinated team.

Independent does not mean confrontational. It means objective, without conflict of interest, and without gaining commercially from the output of the project itself. Independence is maintained by the nature of the assurance body itself, through the application of strong ethics and strict controls.

Adding value

Assurance is not about getting ticks in boxes and pieces of paper framed on the boardroom wall. It is about business improvement. How is this so? We train hard for competition, we revise for exams and we put the extra effort into that board presentation to secure the project funding required. Why? – because we know that the scrutiny matters and we want to do well. Certain assurance is of course obligatory, for example in high-speed interoperability, but the feedback and improvements identified in assessment also make a positive contribution to sharpening the performance on the project concerned, or improving the development of systems. The output can save money, improve safety and increase efficiency.

So what are the specific benefits that result from a properly applied independent assurance approach?

Problems are identified early – and more importantly, decisions can be taken on avoidance or minimisation of the effects. For example, the early identification of safety risks on major railway projects can result in suitable mitigation being implemented, which in turn reduces the possibility of accidents and system down-time caused by in-service failure.

Methods are challenged and improved – bringing an organisation-wide benefit through the application of good industry practice.

Systems are created in a robust manner, fit for purpose and with a safety level acceptable to the organisation and jurisdiction concerned.

These benefits are more likely to materialise where the advice is given without quarter – from people not embroiled in the politics of the organisation, nor determined to impose a particular solution. The right solution is the one that manages the organisation’s risk in the right way – meeting the risk appetite of the business, meeting corporate objectives and the law of the land.

Is it an expensive service? The cost of independent assurance should be much less than 1% of the project sum. In most cases, the independent scrutiny pays for itself by enhancing project delivery (reductions in rework, improvements in efficiency) and reducing the risk of failure. The issue is not so much about whether independent assurance can be afforded, but rather whether you can afford to accept the potential consequences of failure to employ it.

Indeed, the overall contribution to the management of corporate risk should not be underestimated. The mitigation of many risks is a key element central to boardroom thinking; including safety, performance, reliability and costs. All of these risks can impact customer satisfaction, public perception and ultimately, shareholder value.

References

1. A Notified Body is a body notified by a Member State to the European Commission and the other Member States – essentially an organisation authorised to assess and confirm conformity of defined systems to the requirements of certain European Directives.

About the author

Paul Seller

Paul began working in various businesses such as Trainload Freight and Trainload Coal. Paul joined WS Atkins in 1994, before moving to MHA Systems. He joined Lloyd’s Register Rail as Operations Director, rising to Managing Director. He is currently the Director of Technical Sales, Transportation. Paul has a degree in Mechanical Engineering.

Chris Knowles

Chris held a number of roles within British Rail and Railtrack, including Zone Telecommunications Engineer for Railtrack North West, before joining United Utilities as Head of the Planning and Design Department. In 2003, he joined Lloyd’s Register Rail and is Director of Marketing, Transportation. Chris has a degree in Electronic Engineering and a Certified Diploma in Accounting and Finance.