Determining if Configuration Management and Change Control are Under Management Control – Part 1
Categories: CMsights, CMstat, Configuration Management
Questions A&D Managers Should Ask Their Organization:
In a recent CMsights post we explored how to get managers to care about and invest in configuration management (CM), especially before some product failure or customer crisis makes them care too much.
One hurdle a reader reminded us of is that when the CM processes of an organization are working well, the economic value is measured in risks avoided and costs evaded. But it’s hard to calculate a tangible return-on-investment (ROI) from the unquantifiable or unknowable. Yet, when CM is missing, the costs are often all too real to the business. We can only wish that financial analysts used a Risk Avoidance Quotient (RAQ) calculation as important as the ROI when approving budgets.
Unfortunately, the surest way for A&D managers to become interested in CM is when production halts because of a missed change order, a supplier ships to an old rev level, logistics can’t source replacement parts, field service starts submitting warranty claims, and a customer calls to report a product performance anomaly. Or worse yet, when executives first hear about a product failure in social media or on the news because it bore catastrophic consequences.
One such example of the latter scenario was the configuration of a particular B-1B Lancer bomber used for close air support in the Afghanistan war. As reported in the press, during a nighttime mission in June 2014 the B-1B’s flight crew believed that the high-definition targeting pod configured for that mission, hanging on the belly of the fuselage, was capable of sensing the infrared strobes of American combat troops on the ground operating near the enemy. It was not, and the worst friendly-fire incident of the war occurred with the deaths of five service men who were accidentally bombed by their own side. Adding to the confusion, the flight crew apparently was never trained with that combination of sensing equipment, weapons, and mission profile to have known any better.
The official DoD report cited numerous contributing factors to the accident. It is likely, however, that CM professionals would argue that the management of the as-deployed configuration consisting of a mission-dependent mixture of aircraft, equipment, weapons, ground communication capability, crew training, and engagement rules was also an exercise in modern-era configuration management. This incident illustrates why effective CM of all the physical assets, system variables, and operating permutations of the real-world as-deployed configuration is so critical to perform. This expanding role of CM is also more complex to implement, especially when compared to the limited CM capabilities of design-centric PDM software used in product engineering.
Thankfully, most of routine use cases of CM don’t have that level of risk or visibility when things go wrong. Yet, even when there is a relatively minor product failure, all the configuration elements that a CM group manages on a day-to-day basis without much attention or recognition are now in the spotlight. Management starts demanding immediate answers to questions such as:
How did the wrong parts get installed? Or what parts failed and why? Where else are these parts used? Were any changes made to those parts by us or the customer in after-service repairs? Who authorized the changes? Where is the documentation? Do we have an auditable trail of change notices? Who is ultimately responsible? What do we do differently in the future?
Sometimes the responses to these question come quickly, but more often than not it is an excruciating process to conduct a forensic analysis. For many A&D contractors it starts by exhuming the remains of old spreadsheets, homegrown CM tools, and legacy PDM vaulted files. That is followed by resurrecting all the data, supporting documentation like ECOs, and email chains that fed into these applications.
As the drama unfolds, everyone drops what they are doing to become part of the configuration management team. This can include staff members from any one of a number of groups including: requirements, product development, project management, engineering services, system engineering, manufacturing, quality assurance, procurement, logistics, regulatory compliance, tech pubs, training, field sustainment, and customer service. Each of these groups has their own use for and manipulation of configuration data. They also have their own hidden trapdoors where things can go missing or awry. It is no surprise that different answers start to emerge from each of the process stakeholders which further obfuscates the most important questions for management to ask.
In CMstat’s consulting work with new customers, we endeavor to help managers select and understand the questions they should be asking their organizations, before the next crisis erupts, to assess if configuration management and change control are truly under their management control. Formulating the right questions to ask is at the onset more crucial than coming up with the right answers to the wrong questions.
In Part 2 of this 3-part CMsights series we will share the top questions that A&D managers should expect their organizations to be able to answer without excessive research or deliberation. In the final segment we will unpack a few of the more important questions with example answers and insights from CMstat’s work within the A&D industry. To follow this series be sure to subscribe to CMsights.