2018-LMS-Top-Banner-ad 2018-LMS-Top-Banner-ad 2018-LMS-Top-Banner-ad

Does Relying on Criticality Put Your Organization at Risk? Part 1

Does Relying on Criticality Put Your Organization at Risk? Part 1
 by Grahame Fogel and Petrus Swart

Does Relying on Criticality Put Your Organization at Risk? Part 1

Grahame Fogel and Petrus Swart

This article is Part 1 of a series focusing on risk as an enabler for asset management. It argues the case for moving away from criticality to an ISO31000 risk-based approach. Part 2 will address how to effectively model asset risk in complex systems.

The role of asset management (AM) as a strategic enabler contributing to the current competitive business landscape is rapidly evolving. The emergence of the AM professional has transitioned the maintenance engineer from a role whose primary responsibility is repair to that of a strategic value enhancer. This means AM professionals are now tasked with delivering strategic asset value contributions in alignment with their organization’s overall business objectives.

On a weekly basis, these AM professionals are confronted with complex questions that require swift decision-making, followed by appropriate action.

Typical issues include:

Effective decision-making requires both clarity and a structured approach

These are all real-life issues that carry both strategic and tactical implications. Unfortunately, it is still prevalent today to see AM professionals devoid of any decision-making methodology that is aligned to asset value contribution and the achievement of organizational objectives. In other words, they do not have a standardized approach or framework from which to make effective AM decisions that will address these complex issues.

Effective decision-making requires both clarity and a structured approach. The goal of AM is to provide a clear set of principles that will guide the decision-making of AM professionals and organizations toward the achievement of their organizationalobjectives. ISO550001, the international standard for AM, recognizes risk as a cornerstone in creating an approach or framework to address AM related issues. It states that: “AM translates the organization’s objectives into asset-related decisions, plans and activities using a risk-based approach.

In this regard, a more incisive understanding of risk, as opposed to traditional criticality, and the application of a risk-based approach advocated by ISO55000 are key enablers for AM professionals to make more effective AM decisions.

Criticality is a non-normalized approach and often a vaguely defined concept that can mean different things to different AM professionals and organizations. Traditionally, it is a process that has been applied within the maintenance and engineering departments in isolation from organizational risk management frameworks. Criticality usually serves the function of maintenance prioritization, but is often ill-suited for providing the decision-making input to operational and strategic challenges where significant asset value can be unlocked.

Instead, an asset risk approach can be used by AM professionals to make more effective AM decisions. This approach is aligned to ISO310002, the international standard for risk management, and ISO55000. It contains the current best thinking around the topic of risk management and can assist AM professionals to better structure their operational and strategic AM decision-making efforts.

Effective risk management is a clear value enhancer for asset intensive organizations. This has been demonstrated by multiple published research articles by the Aberdeen Group3. Table 1 provides a summary of three of its research findings, demonstrating the clear value benefits of risk management programs at asset intensive organizations.

Table 1 – Value Benefit of Top Risk Performers
Definition of Maturity Class Mean Class Performance
Best in Class: Top 20% of aggregate performance scores 1.5% Unscheduled Asset Downtime
92% Overall Equipment Effectiveness (OEE)
99% Production Compliance
3% of Revenue in Financial Loss in Past 12 Months
Industry Average: Middle 50% of aggregate performance scores 6.6% Unscheduled Asset Downtime
83% Overall Equipment Effectiveness (OEE)
97% Production Compliance
12% of Revenue in Financial Loss in Past 12 Months
Laggard: Bottom 30% of aggregate performance scores 14.8% Unscheduled Asset Downtime
74% Overall Equipment Effectiveness (OEE)
85% Production Compliance
18% of Revenue in Financial Loss in Past 12 Months

Combined from Shah & Littlefield4, Hatch & Jutras5 and Aberdeen Group

Moving Away from Criticality

It needs to be stated up-front that traditional criticality is not inherently bad or incorrect. Nor is its intentions flawed or completely misguided. Like most new ideas or schools of thought, traditional criticality experienced a few growing pains. Its synonymous growth with the field of AM has led to numerous individuals and institutions creating their own versions of criticality. Reviewing the published literature reveals several terms, such as risk-based criticality analysis6, multi-state component criticality analysis7, analytic hierarchy process-based criticality analysis8, etc. This is not a negative issue as it shows the necessary thinking, development and refinement that has gone into criticality in recent years.

Similarly, prior to 2014, literature often referred to AM as physical asset management9, engineering asset management10, etc. The release of the ISO55000 suite of AM standards in 2014 has helped streamline the thinking behind AM. No longer do AM professionals fret over their version of the name, but rather focus on making AM a legitimate profession backed by a less disjointed and fractured body of knowledge (BOK). One glaring issue in the current AM BOK, however, is the use and continued misuse of criticality.

Literature on criticality is plentiful, diverse and oftentimes confusing. However, a particularly good read is “Criticality Analysis Made Simple” by Tacoma Zach11. Here, criticality is defined as: “a measure of the relative importance of something, usually a tangible system or asset, to the corporate mission, objectives and values of your organization.” The criticality of a system or an asset is determined by a criticality analysis, which is defined as: “a way to determine which systems and assets are most essential in order to set priorities for further reliability initiatives and deeper analysis.” These two definitions are clear with regard to the aspirations of criticality in general and what constitutes a criticality analysis. However, these definitions also unintentionally cause significant confusion for AM practitioners in the field and during robust online discussions.12

With criticality, confusion and common misconceptions rear their ugly heads on several issues. Most of these issues are adequately addressed in Zach’s book. For example, it is made clear that an asset or system in critical condition (i.e., poor condition) does not correlate with its criticality to the function or mission of the system. However, the biggest source of confusion remains in the interchangeable use of the word criticality (or asset criticality) and other terms, such as risk and consequences. This is encountered habitually when speaking to AM practitioners in the field and is widespread throughout literature.

Take, for example, critical assets. A typical definition would be: “those assets with a high consequence of failure.13 Here, the emphasis on what constitutes a critical asset is the magnitude of adverse effects that would proceed asset failure. This makes logical sense, however, the issue arises when one looks at the majority of criticality equations found in literature. Most sources mathematically express criticality as follows:

Criticality = Likelihood × Impact, or Criticality = Probability × Consequences

Here, the criticality of an asset or system is simply the product of its probability of failure (PoF) and the consequences of failure (CoF). A highly critical asset or system, therefore, is one with a high PoF and high CoF, and vice versa, of course. The confusion, however, comes when one looks at established risk literature. Take, for example, ISO31000. Here, risk is expressed as: “a combination of the consequences of an event and the associated likelihood of occurrence.” In other words, according to ISO31000, risk is also mathematically expressed as:

Risk = Probability × Consequences

The inference here is that criticality and risk are the same thing, however, this is incorrect. A highly critical asset or system does not necessarily mean it is also a high-risk item, and vice versa. High voltage transformers are a popular example used to explain this point. Nowadays, most organizations rely on electricity to function, hence, the transformer providing the electricity is critical to that organization and the achievement of its objectives. However, transformers are generally very reliable, so they are not a major risk to the functioning of the organization and the achievement of its objectives.

It is this confusion with the word criticality, which is often glossed over or swept under the rug in AM literature, that necessitates the adoption of a risk-based approach that aligns to contemporary literature and the best thinking surrounding risk and risk management.

Adopting a Risk-Based AM Approach

Adopting a risk-based AM approach requires AM professionals and organizations to clearly understand the complexities of risk and its appropriate vocabulary. Furthermore, the difference between asset risk and business risk needs to be clearly defined and how asset risk supports AM needs to be crystallized. Finally, the adopted approach must align to ISO31000 and its structured risk management system.

Understanding the language of risk

All disciplines have their own vocabulary, so it is important for AM professionals to be conversant with the language of risk. This will facilitate cross functional understanding, discussions, learning and knowledge transfer between various departments internal to the organization, as well as with similar and different departments in other organizations.

ISO31000 defines risk as "the effect of uncertainty on objectives"

ISO31000 defines risk as “the effect of uncertainty on objectives.” Unpacking this broad definition reveals three essential words that need further clarification.

The first word is effect, which, from a risk sense, means a deviation from what one is expecting. It can be positive or negative. For example, a safety risk is almost always negative, whereas a financial risk may be positive when an asset operates long past its predicted end of life. Defining risk clearly is foundational to an organization’s strategic criteria. This helps create an aligned risk framework from which risk-based decisions can be made in line with the organization’s risk appetite. Once the framework is defined, both the positive and negative effects can be modeled.

The second word is uncertainty. In the real world, everyone lives with risk since the myriad of actions they participate in are bounded by uncertainty. It is brought about by the lack of information or knowledge concerning an event, its consequences and/or its likelihood of happening. With available knowledge or resources, any risk framework can clearly define the bounds of uncertainty and review actions that narrow these bounds in order to provide improved certainty in targeted areas.

Finally, organizations have both formal and informal objectives. Risk management aligns with and supports the achievement of these organizational objectives. This takes one from the operational to the strategic domain and is much larger than a maintenance priority listing. It is imperative to align the risk framework to these organizational objectives. The risk framework then can be applied to decision-making at a strategic, transactional, or project-based level, with clear transparency as to how those decisions are made.

What is asset risk and how does it support AM?

For asset intensive organizations, risk can be broadly categorized as either business risk or asset risk. Maintenance engineering expert Keith Mobley provides a good description of the differences between these two risk categories. In short, business risks refer to political shocks, market losses, business continuity, etc. On the other hand, asset risks refer to those surrounding the installed asset base or asset portfolio of the organization.14 The focus of this article is on the latter risk category.

Risk forms an integral part of AM. The ISO55000 suite of AM standards contains many references as to why risk and a risk-based approach are important and necessary. This is exemplified in Section 6.1: Actions to address risks and opportunities for the asset management system in both ISO5500115 and ISO5500216, which are dedicated to the topic of risk.

The importance of risk in the field of AM is reinforced by the Effective Asset Management Delivery Model (EAMDM)17, as shown in Figure 1. The EAMDM shows that risk is strategic and delivery focused, as well as foundational. This means the delivery of effective risk management activities needs to be guided by the organization’s objectives in order to facilitate the achievement of these strategic goals. At the same time, foundational enablers, such as good quality asset data configuration and information management, are pivotal in enabling a sound basis from which to make evidence-based, risk-driven decision-making. Lastly, risk is delivery focused, which means it should be thought about and executed daily as risk is dynamic and can rapidly turn for the worse.

EAMDM chartFigure 1: The Effective Asset Management Delivery Model (EAMDM)

ISO31000 risk management system

The relationship between the principles for managing risk, the framework in which it occurs and the risk management process described in ISO31000 are shown in Figure 2. Here, the principles provide the foundation and describe the qualities for effective risk management within an organization. They guide the creation of the risk management framework. In turn, this framework defines and manages the overall risk management process and its full integration into the organization. Lastly, the process for managing risk focuses on individual groups of risks, their identification, analysis, evaluation and treatment. The performance of the process is monitored and fed back into the framework, making the process a continuously improving and iterative cycle.

ISO31000 principles, framework and processFigure 2: ISO31000 risk management system

Key Takeaways for AM Professionals

The discipline of AM has evolved rapidly in the last few years. Unfortunately, some areas of the AM BOK have not kept up with this frenetic pace of change. A notable example is criticality and its continued use and misuse throughout literature. The confusion surrounding criticality is largely due to its synonymous use with risk, as well as the fact that both terms have an identical mathematical expression.

This article, Part 1, highlighted the confusion and calls for AM professionals to move away from criticality and to adopt a risk-based approach. Moreover, it establishes the importance of asset risk and how asset risk supports effective AM. This point was emphasized by two international AM standards, namely ISO55001 and ISO55002, which both have a section dedicated to the topic of risk. To avoid any unnecessary confusion with criticality and to align with the international standard for risk management, ISO31000, a risk-based approach to asset risk was proposed as a solution.

Part 2 will describe an approach to asset risk that can help AM professionals and asset intensive organizations make better risk-based AM decisions.


  1. International Organization for Standardization (ISO). ISO55000: 2014 Asset management – Overview, principles and terminology. https://www.iso.org/obp/ui/#iso:std:55088:en
  2. International Organization for Standardization (ISO). ISO31000: 2009 Risk management – Principles and guidelines. https://www.iso.org/standard/43170.html
  3. Aberdeen Group. Operational Risk Management: How Best-in-Class Manufacturers Improve Operating Performance with Proactive Risk Reduction.Waltham: Aberdeen Group, March, 2013.
  4. Shah, M. and Littlefield, M. Managing Risks in Asset Intensive Operations. Waltham: Aberdeen Group, March, 2009.
  5. Hatch, D. and Jutras, C. The Executive Risk Management (ERM) Agenda. Waltham: Aberdeen Group, September, 2010.
  6. Theoharidou, M., Kotzanikolaou, P. and Gritzalis, D. Risk-Based Criticality Analysis. Hanover: Springer, 2009.
  7. Ramirez-Marquez, J. and Coit, D. “Multi-state component criticality analysis for reliability improvement in multi-state systems.” Reliability Engineering & System Safety: December 2007, Vol. 92, Issue 12, pp. 1608-1619.
  8. Alvi, A. and Labib, A. “Selecting next-generation manufacturing paradigms – an analytic hierarchy process based criticality analysis.” Sage Journals: December 2001, pp. 1773-1786.
  9. Hastings, Nicholas. Physical Asset Management. London: Springer, 2010.
  10. Amadi-Echendu, J.E.; Willett, R.; Brown, K.; Hope, T.; Lee, J.; Mathew, J.; Vyas, N.; and Yang, B.S. What is engineering asset management? Definitions, concepts and scope of engineering asset management. London: Springer, 2010, pp. 3-16.
  11. Zach, Tacoma. Criticality Analysis Made Simple. Fort Myers:Reliabilityweb.com, 2014.
  12. Basson, Marius. Criticality, Consequence and Risk – what is the difference? November 26, 2015: https://www.linkedin.com/pulse/criticality-consequence-risk-what-difference-marius-basson
  13. NAMS Group. International Infrastructure Management Manual. Wellington: NAMS Group, 2006.
  14. Mobley, R. “What Is Risk Management.” Uptime Magazine: June/July 2011, pp 40-41.
  15. International Organization for Standardization (ISO). ISO55001: 2014 Asset management – Management systems – Requirements. https://www.iso.org/standard/55089.html
  16. International Organization for Standardization (ISO). ISO55002: 2014 Asset management – Management systems – Guidelines for the application of ISO55001. https://www.iso.org/standard/55090.html
  17. Fogel, G.; Stander, J.; and Griffin, D. “Creating an Effective Asset Management Delivery Model. Uptime Magazine: June/July 2017, pp 8-15.