X Close

UCLse Blog


Thoughts from the staff of the UCL Centre for Systems Engineering


Archive for the 'Risk' Category

Engineering, Ethics & Risk

By Ian Raper, on 30 September 2015

The recent issue with emissions testing has highlighted a few issues which are very important within the field of systems engineering, and indeed engineering in general.

The first is ethics, and is one that is considered important by the various professional bodies representing the engineering professions. For example, to quote from the Institute of Engineering and Technology (IET), “Being a professional engineer means that the wider public trust you to be competent and to adhere to certain ethical standards”.

We have to question therefore how the ‘cheat device’ software was able to be present in and used in operations of those vehicles. There is various speculation in the press about these matters and it is not the purpose of this article to comment on such media reporting. It can be presumed though that engineers either chose to, or were coerced into, making use of the functionality of the software designed to aid with factory testing beyond this design intent.

The second issue relates to the risk culture of the organisation. Did anyone in the organisation make the association between the inappropriate use of this software and the potential impact of it being discovered. In risk management terms this event would probably be hoped to have a very low likelihood (i.e. they hoped they wouldn’t be found out) but the consequence was always going to be huge ($billions wiped off market value, massive lost of trust in the brand). Was this assessment of the risk ever made, was it captured, and if so how far up the organisation did the risk review go?

Organisations are complex systems in their own right, and the culture of the organisation is an emergent property of the interactions of the various parts (management, departments, employees, suppliers, etc.). Culture can also be affected by a reinforcing feedback loop, i.e. behaviour begets the same kind of behaviour. So any review of the organisation needs to recognise these factors.

This is just a very brief highlight of the complexity of two of the issues that surround this situation. It will be interesting over the coming weeks, months and even years to see whether the true root causes are identified and addressed. It is a useful wake up call to all organisations that ethics are important and that appropriate risk management might help avoid making the worst decisions.

Exploring risk management

By Michael Emes, on 21 January 2015

At UCLse we are interested in managing risk in complex projects. It’s a topic that we cover in many of our courses in Systems Engineering, Technology Management and Project Management. But we are also interested on a practical level since we are part of the Mullard Space Science Laboratory (MSSL), responsible for the design and manufacture of instrumentation for scientific spacecraft for the world’s major space agencies.

This week I’ve been in the Netherlands with Prof Alan Smith delivering a training course to European Space Agency project managers. We ask the trainees to ‘imagine there’s a bear sitting on your shoulder reminding you to think about risk’.

Many people think that risk management revolves around the practice of producing risk logs or risk registers. At its worst, this view of risk management assumes that once a basic list of risks is compiled at the start of a project, risk management has been completed.

Done properly, though, risk registers can effectively summarise the range of risk events that might affect a project’s objectives, together with the probability and impact of the events, the ownership of the risks, the actions taken to mitigate the risks and the cost and effectiveness of the mitigation (how much risk will remain – the residual risk – after mitigation).

The risk register is a vehicle for communicating risk exposure within and outside the project team. But even here, the risk register is merely a window onto the risk management process. Risk events cannot really be represented by simple point estimates of probability and impact. Risks events are by definition uncertain and are best described by a range of possible outcomes, each with an associated likelihood. The risk register has a place as a simple summary for ease of communication, but does not tell the whole story.

One of our PhD students, Zakari Tsiga, is exploring the relationship between risk management and project success. The first part of his research is a survey of the critical success factors of projects.

If you’re interested in taking part in the survey, please follow this link: