Engineering Procurement and Construction (EPC) projects are the pinnacle of the process industry. These projects are characterised by their technical complexity, with a range of interdisciplinary and intercultural teams working across multiple interfaces. They also entail a huge amount of time and cost pressure. Increasingly more companies are becoming aware of these challenges, however, they often fail to complete projects on time and budget. Why?
What is required for a successful EPC project?
Risk management is a key factor behind a successful EPC project. This means having the right structure and effective communication in place as well as establishing a robust risk policy.
Developing an effective risk management strategy has become much more difficult in recent years. This is because of changed market situations and the increasing complexity of investment projects. This makes it even more critical to carry out the right assessments. Risk management means dealing with a challenge or threat before it becomes a crisis. This makes it one of the most vital yet demanding tasks in project management.
What causes so many EPC projects to fail?
Risk management for large-scale, technical projects often lacks a holistic approach that aligns all the standardised processes and systems needed to manage them with the organisation, its risk culture and capabilities. "In a number of audits we have carried out during these projects, we have consistently found that technical projects fail because an integrative approach wasn’t taken," says Darko Peraic, project manager at consulting firm T.A. Cook Consultants. Here are the three common mistakes organisations make:
Risk management doesn’t have a fixed position within an organisation's strategy. Although there is a strong desire to optimise and learn from risk management, as an independent unit that ensures effective monitoring of risks throughout an organisation, it’s often missing. As a core competency, however, it should be clearly visible within an organisation’s structure.
In the banking and insurance industry, risk managers maintain an independent position. Yet, with technical projects, this task typically falls to the project manager. Due to the multitude of other tasks they have to contend with, however, a project manager is often overwhelmed, particularly on large projects. Monitoring and controlling risks is a full-time job in large investment projects and needs to be treated as such.
Yet, companies are reluctant to invest in risk management systems and the necessary structures or resources required. The longer term costs for projects that aren’t successfully completed, in terms of quality, time, budget, however, far exceed those initial investments. Only if risk management is embedded at the appropriate organisational, hierarchical and strategic level, can it be fully effective, and deliver the best outcomes and benefits.
In order to better assess and manage project risks, organisations need to understand what drives that risk. To achieve this, the first step should be to establish a communication channel on the topic, for example, holding risk management workshops for all the relevant departments. "In practice, we often see significant deficiencies when it comes to initiating discussion around the topic of risk, and related positive and negative experiences," says Peraic. "At the same time, much could be learned from this. This is where many companies miss out on great opportunities." Rather, organisations need to analyse past projects and what caused goals to be missed. These factors are often rudimentarily documented in a final report, but aren’t consistently examined in greater depth and improved upon for the next project.
In addition, mistakes are often only analysed internally. External stakeholders are rarely involved. Unfortunately, it’s the exception that partners strengthen and help each other to develop further. Errors are all too often not analysed objectively, but viewed from an emotional perspective, while certain areas are almost taboo. Rather than correcting the person who made the initial error, the mistake itself must be rectified. It’s also crucial to foster an open culture that is tolerant of errors.
When looking at typical risks for technical projects, the focus is
often on:
- Commercial conditions;
- Technical
requirements and their control;
- Time;
- Contract types,
including performance and contract design of contractors, their
systems and processes, as well as qualifications and procurement
(material and competent external companies);
- Political and
environmental risks or events due to force majeure
Each
contractor has its own DNA, with both strengths and weaknesses. When
identifying risks, it’s essential to critically analyse internal
organisational weaknesses too. Whether a capital-intensive and
complex technical project can achieve its goal also depends on the
corporate culture. This involves asking the following questions:
-
What is our core competency? What do we do well? And what don’t we
do well?
- Do we have the right people in place?
- To what
extent is independence encouraged?
- Who makes the key
decisions and how consistently are they made?
- How well do our
interfaces function?
The human factor, in particular, can
become a major risk. Project success is achieved not only with
mature processes, but, more importantly, with competent people to
carry it out. That's why organisations need to look closely at the
required skills for the positions that must be filled from within
its own ranks, such as the project manager and their staff.
"It
is astonishing how many companies delegate strategic projects to
project managers without making sure that they have the necessary
skills to do so. Many factors characterise a good project manager,
including team management, risk management, leadership, negotiation
skills and conflict management," says Peraic. "These are fundamental
building blocks for goal-oriented project implementation. So a
project manager must not only be a good engineer, but must also be
able to see beyond this area. He's the captain who gets the tanker
safely to its destination, navigating the storms, and the person the
crew looks up to."
But it's not just the culture and
personnel that are critical. In-house systems, processes and, above
all, organisation of the project, with its capabilities and
resources, are also subject to risk. Therefore, it’s vital to
regularly analyse and scrutinise each component.
Processes and methods
Some tools have been developed for risk management, but there’s often a lack of instruction and defined processes, which, in turn, means that often they aren’t adopted properly and don’t serve their purpose. Thus, there must be clearly defined guidelines for their use that should be adapted to new situations.
"Surprisingly, we experience time and again that risk processes are not recorded," says Peraic. "What is needed is a binding reference work that provides orientation for all employees involved and creates an equal understanding within the team."
As a result of lack of direction, the following stumbling blocks continually occur:
Successful risk management starts straight away. The more time spent observing and identifying risks, the more scope there is to successfully mitigate against them. Risks affect everyone within an organisation. Risk management often fails because of a lack of communication. Because the term risk has negative connotations, often organisations tend to avoid the topic. However, they need to be dealt with openly as part of the corporate culture. Employees must be actively involved in identifying risks and sensitised to the handling of those risks. Often, employees from within the operation have a completely different perspective on potential threats, so their experience is invaluable.
Creative techniques have proven their worth in identifying risks, as
they support new viewpoints and stimulate thought processes. With
the Delphi method, for example, experts are interviewed
independently of one another. Brainstorming without thinking about
barriers, i.e., giving free rein to ideas, can also produce
alternative, but equally key perspectives.
As a basic,
identified risks need to be described in a meaningful way and
clearly classified according to topic categories. A
self-explanatory description enables clear communication with
stakeholders, and countermeasures to be planned and put in place. An
identified risk’s description should also be clearly understood by
those members of the project team and stakeholders not present
during the risk analysis.
In addition to describing the risk and its impact, the causes should
also be clearly outlined. The more emphatically the impact is
detailed and, above all, quantified in figures, including project,
duration and costs, the more likely senior management are to take
notice and proactively address the risk. Even if, in practice,
evaluating the probability of occurrence and severity is done in the
form of a matrix, thought gathering shouldn’t stop, because
this process costs much time in the working group. Only after
determining the final risks, should this be done. When prioritising
and working through the risks, there is also often a danger of
getting bogged down in the minutiae of multiple identified risks.
It makes sense, as a first step, to focus on the internal risks that
can be directly influenced by the team. Then look at factors such as
the difficulty of implementation. This way, the risks can be put in
a sensible order so that they can be worked through more easily.
There is also often a lack of a clear strategy on how to manage
risks. Are they to be avoided, mitigated, transferred to third
parties or simply accepted? Therefore, a matrix of results needs to
be produced which makes subsequent reponses easy to understand and
action.
During the project’s lifecycle, a risk management process should be
continuously maintained. This means that identified risks and the
progress of defined measures should be routinely recorded and
evaluated. At the same time, new, additional risks must be
continually borne in mind and assessed according to defined
procedures.
New communication systems as the basis for effective risk management
Increasingly large, highly-technical megaprojects present a host of new project management challenges, especially in communication. EPC projects, with their various internal and external stakeholders, and subcontractors, are already considered extremely complex to implement and are, therefore, particularly demanding. Thus, communication is a key priority. Lack of communication is one of the main reasons for failed projects. If agility and flexibility are missing too, the chances of success also decrease considerably.
Communication using IT-enabled systems, both within the team and with partner companies, can often be significantly improved. Real-time communication is critical to project success, whether team members are in neighbouring offices or in different geographical areas.
"Communication is often linear," explains Peraic. "This, however, is often not enough in a digitally-networked world, where the key to success is functioning teamwork. Many companies have not given much importance to the topic of communication and co-operation, but this must change fundamentally in the agile working world." However, new forms and channels of communication are emerging. For example, the exchange of information is increasingly taking place in networks. Communication is also becoming more open and agile. Project risks can also be identified much earlier. "If you regularly ask those affected and involved in a project, you will become aware of problems much quicker and can react accordingly," says Peraic.
"Lack of communication is one of the main reasons for failed projects. If agility and flexibility are missing too, the chances of success also decrease considerably."
Conclusion: Risk policy is the key success factor
Effective risk management is one of management’s most important tasks in determining the success of technical projects. Risk management combines various actions, all of which must be considered equally important and integrative. More mature organisations have implemented a risk policy for dealing with risks. Their risk policy not only comprises a defined process toolbox, but also the organisation and its members, as characterised by an open risk culture and the appropriate framework.
