Once risks are identified with the help of a good observation (assessment) approach, risk mitigations are put into place via actions ranging from major system mods to minor process fixes. The following is an introduction to the “mitigate” part of the Observe – Identify – Mitigate model.
The large programmatic actions taken to avert future risks will be seen by most as the obvious action taken at the right time. Millions of dollars spent on multi-year major modifications to the system will garner all the attention and all the praise. Program managers will advance their careers and chief engineers will make a name for themselves.
Few will note the myriad and many other, smaller actions taken to tweak maintenance procedures, replace support equipment, re-write software, deploy new media, and scores of other risk mitigations. Yet without these, the big and flashy modifications would be moot, lack context, and represent a massive waste of resources.
Within the complex system sustainment management model, all risk mitigations, all fixes, all mods, are treated the same. Because they are the same, different only in resources required.
Simple changes to maintenance processes can have the same complexity as big dollar system modifications, for instance, because the entire complexity of the system may need to be considered in the simplest of depot tweaks. Top experts may need to be consulted both in massive subsystem upgrades and in low cost epoxy replacements. Management oversight is required for all changes to the system to ensure full integration is achieved at affordable prices.
Managers must ensure that excellent observations enable well-understood risks to be identified with enough time to avoid damage to the mission. Hundreds of people must see their role as sustainers. That is, they must have the courage to speak when something needs saying. Disciplined processes must be followed and improved. IT teams must work to the schedule of the process improvements and not to other sub-optimal goals.
Seen in this light, as hundreds of equally-important on-going fixes, what are the key elements of a risk mitigation activity?
- Mitigations identified and described with sufficient clarity to request funding.
- Decision-makers kept informed of the complete spectrum of current and future fixes
- Funding of the right type doled out in proper amounts over the proper times
- Program execution and modification deployment fully integrated in a single schedule
- Compromises made across programs to ensure optimum use of funds