Concept of CRM
National Aeronautics and Space Administration (NASA) applies a Continuous Risk Management (CRM) to manage qualitative risk processes since the 1990s. According to CRM used by NASA, risk is composed by the following triplet: the scenario of “degraded performance” (for example, fatality, cost overruns, and others), the likelihood of the scenario, and the consequences expressed in the severity of results (NASA risk management handbook, 2011, p. 4). At that, CRM aims at the attainment of established performance requirements. This method can be applied at any level of NASA following the requirements identified on this particular level. Also, CRM processes “are applicable to formulation activities, such as technology development, involving the achievement of specific objectives within defined cost and schedule constraints” (NASA risk management handbook, 2011, p. 6). Furthermore, CRM controls all the stages of the requirements’ implementation to ensure high-quality performance. CRM is also to show the inefficiency of some processes or expectations, if required.
It is important to note that CRM could have the potential deficiencies. For example, uncertainty factor that always exists in risk management can be quite difficult to evaluate. It can involve uniqueness or cross-cutting culture, for instance. The human factor is another issue that can be regarded as a potential deficiency. In particular, team communication and collaboration failure can be a serious obstacle in managing CRM.
Four Key Areas of NASA Risk Management
Speaking of applicability of NASA risk management, one might distinguish the following key areas: determination of top-level objectives, the flowdown of the above objectives expressed in requirements, decision-making related to the selection of the best approach to meet requirements, and implementation of the chosen approach. At that, all the areas are performed in the context of systems engineering framework. The principal goal of these areas is to meet the core requirements and objectives stated by the units of the organization.
Safety, technical equipment, schedule, and cost are the paramount domains NASA takes into account when doing risk management. The first domain of safety embraces such issues as management of professional safety and health, information security, and others. The technical equipment domain is covered in the context of NASA Systems Engineering Process and Requirements. It is also essential for NASA to focus on cost requirements providing cost-effective decisions. In turn, schedule domain refers to the timely implementation of the suggested risk procedures. According to Smith and Merritt (2002), time component is “associated with every project risk is a time when it no longer exists, either you have suffered the loss or the risk has been resolved to the point that you are comfortable” (p. 7). This clearly shows that schedule is an integral part of the risk processes. Thus, all the mentioned domains are embraced by NASA risk management to meet the stakeholders’ expectations.
RM / RIDM and CRM
Risk Management (RM) involves Risk-Informed Decision Making (RIDM) and CRM that are directly connected due to NASA Procedural Requirements (NPR) document NPR 8000.4A. In particular, this document supposes the integration of the two key components of the mentioned processes. RIDM provides a risk-informed choice of decisions to guarantee effective performance and achievement of goals set by the organization. It focuses on reallocation, design, source selection, and several other procurements as well as processes. RIDM can be used at any stage and level of the organization presenting high applicability within NASA systems engineering. As a rule, RIDM includes one or more characteristics enumerated below: complexity, high stakes, multiple attributes, uncertainty, and diversity of stakeholders. These factors require detailed analysis and extra attention to select the proper decision. However, it should be stressed that the implementation of this characteristics is not a condition for using RIDM. Nevertheless, the increase of these points enhances the need for RIDM.
In turn, CRM, as it was stated before, is responsible for the implementation of the chosen alternatives. It should be emphasized that “each organizational unit within NASA negotiates with the unit(s) at the subsequent lower level in the organizational hierarchy about a set of objectives, resources, and schedules” (NASA risk management handbook, 2011, p. 3). This helps to clearly and specifically identify objectives to be performed by units. After that, each unit applies CRM to evaluate risks against the established requirements reporting to the higher levels of the organization. The described flowdown of performance requirements recognized by NASA promotes close correspondence to its strategic goals. The integrated use of CRM and RIDM ensures the fact that risk solutions are appropriately informed by their influence on goals at every level of NASA.
Cost Effective Method to Implement Risk Management
The cost-effective manner used to institute NASA risk management means that it is essential to take into account a range of financial issues while introducing a cost to a project or a program. With this in mind, it is necessary to conduct a thorough analysis of costs to optimize the processes. As a result, the organization would accomplish considerable savings achieved due to the resolution of risks at their initial stage, in particular, before they become a serious problem. Moreover, risks should not exceed the cost of the project implementation in the context of the cost-effective manner.
References
NASA risk management handbook. (2011). Washington, D.C.: National Aeronautics and Space Administration.
Smith, P. G., & Merritt, G. M. (2002). Proactive risk management. New York, NY: Productivity Press.