RISK CATEGORISATION OF PRODUCTS USED FOR THE CONSTRUCTION OF ELECTRICITY DISTRIBUTION ASSETS

The balance between risk and reward is the very essence of business, and companies take risks in order to generate returns. Eskom, the electricity utility in South Africa, endeavors to construct networks that are reliable and safe for its employees as well as the public. To ensure that product reliability requirements align with company goals, products should be categorised according to the risk they pose to the business. Mitigating strategies can therefore be reviewed for high risk items. A 3x3 risk matrix was derived to identify the risk category for products. The application of the process should result in an improvement in product profitability, either directly through a reduction in purchasing cost, or indirectly through avoiding the various consequential costs associated with poor risk management.


INTRODUCTION
Over the last 80 years Eskom has established itself as a world leader in electricity provision, supplying over 95% of South Africa's electricity needs and over 50% of the electricity needs on the African continent.During this time, it has demonstrated an ability to provide the world's lowest cost electricity to its customers while making superior technological innovations, bringing increased reliability to the transmission system.Current demand for electricity, forced Eskom to revise its strategy and to plan for increasing supply, manage demand and optimise its structures.The distribution part of Eskom is in the process of being unbundled into six independent Regional Electricity Distributors (REDs).The separation of operations influences several systems, processes and procedures currently common to distribution.One such process is the supply chain for products to construct network infrastructure such as substations, lines, and electrification.A sub-process of the supply chain is the establishment of an approved product list with multiple manufacturers per product.

Weakness of the current supply chain
Network failures experienced by Eskom's Distribution Division are due to three main factors:

•
Quality of material (products not meeting specifications) • Quality of workmanship (poor or incorrect techniques applied)

•
Natural occurrences (severe weather conditions, etc.) The material problem relates directly to the supply chain.Owing to government regulation, Eskom purchases products from a multiplicity of manufacturers.Because of this open market policy, around 5,523 product manufacturers are used.
The current supply chain principles do not take into account the function of the product or the consequences if a failure occurs.Purchasing is purely based on specifications and the lowest tendered price, in conjunction with Eskom's black empowerment policies.
Many of the products used are low cost items and are manufactured in high volumes.
The consequences of their failure might, however, be catastrophic -for example:

Reason for risk categorisation of products
Eskom endeavours to construct networks that are reliable and safe for its employees as well as the public.The reliability of a network is directly proportional to the reliability of the products used.
To ensure that product reliability requirements align with company goals, products should be categorised according to the risk they pose to the business.Mitigating strategies can therefore be reviewed for high risk items.This will ensure that reliability and durability are designed into the products via stricter standards and quality system requirements that align with manufacturing complexity.The objective of the study was to apply risk management principles, and to propose an effective model of product risk categorisation that can consistently be applied by technical persons to acquire safe and reliable products.

DEFINITION OF RISK AND RISK MANAGEMENT
In a world of increasing complexity and uncertainty, companies must manage risk more rigorously than ever.According to Reuvid 0 it is an essential aspect of good corporate governance.One key distinction between risk management in general and technical risk management is the reduced dependence of the latter on insurance as a risk mitigation measure.Technical risk management is therefore a function of controlling hazards and risks of a technical nature.

Definition of risk
To understand the concept of risk management, the concept of risk must be defined.According to Engert and Lansdowne [2]: "Risk is a measure of a project's inability to achieve system life cycle objectives.It comprises two components: the probability of failing to achieve particular system life cycle objectives, and the consequences of failing to achieve those objectives." According to Smith [3], risk can be defined generically as a measure of the likelihood and consequence of a particular occurrence.He defined product component risk as a measure of the potential for a particular component to have a negative impact upon the end product, system, or sub-system.

Definition of risk management
According to Engert and Lansdowne [2], "Risk management is the act or practice of controlling risk.This process includes identifying and tracking risk areas, developing risk mitigation plans as part of risk handling, monitoring risks and performing risk assessments to determine how risks have changed."

Product risk management
For the purpose of this paper, the objective of product risk management is to present practical information to supply chain managers so that they understand the different types of product component risks.A methodology must be derived for quantifying, tracking, reducing, or containing each type of risk, and suggesting tools for implementing the risk management process.

THE RISK MANAGEMENT PROCESS
Various approaches to the process of risk management have been identified in the literature.Most of the processes complement each other.For example, the approach of the Australian Capital Territory Insurance Authority (ACTIA) [4] is to use Risk Management Standards (AS/NZS 4360:2004) as a basis for a risk management process.The research was extended with contributions from other literature.The process follows the following steps: 1.
Establishing goals and context (the risk environment): The first step in the risk management process is to establish the environment and the goals for the environment.It is against these goals that the risk assessment is undertaken.According to National Minerals Industry [5], the success of a risk assessment exercise is mainly determined by the integrity of its fundamental design, sometimes called the 'scope'.

2.
Identifying risks: Risk identification is "the process of determining what can happen, why and how [4]".The quality of a risk assessment greatly depends on identifying and understanding the hazards and unwanted events, and assessing the specific risks.The purpose of this stage is to identify the risks that are likely to affect the achievement of the goals of the established environment.

3.
Analyzing the identified risks: This step in the risk assessment process requires that, for each risk, the current controls and their effectiveness must be identified.The risk level must also be established by using a risk matrix that is specific to the company.4.
Evaluating the risks: This step of the risk assessment process requires one to assess the level of risk that is acceptable (risk is sufficiently low, and treatment is not considered cost-effective) or unacceptable (risk requires treatment).The categorisation of the risk according to the risk rating should guide this decision.

5.
Treating the risks: The objective of this stage of the risk assessment process is to develop cost-effective options for treating the risks.Treatment options are driven by outcomes that include avoiding, reducing, transferring, or retaining the risk.6.
Monitoring the risk environment regularly: Risks and their priorities do not remain constant.Risk needs to be regularly monitored, and new risks and their impact need to be included in the risk management plan of the business.7.
Continuously communicating: Channels must be established in the business to communicate areas of high risk to internal and external stakeholders.Processes must also be implemented that will escalate risks from the field to the risk coordinator.This will ensure that the risk categorisation criteria are revised on a regular basis to portray the real risks.

DEVELOPING A RISK CATEGORISATION MODEL
A risk matrix specific to Eskom was derived following the risk management process of ACTIA [4].

Establish goals context (The risk environment)
The environment: The business environment is Eskom.All the goals, strategic intent, and business principles therefore apply.Secondary environments are product manufacturing processes, plant, and equipment, as well as the physical environments where the products are installed.
Goals for the environment: These are Eskom's goals.A set of goals for the environment are implied in the Eskom Distribution Strategic intent: "Eskom Distribution will lead in the provision of electricity services and customer satisfaction through empowered, sustainable regional businesses, for the benefit of our country." Manufacturing goals: Typical goals for the manufacturing plant include the optimal use of resources, maximizing material usage, consistently manufacturing a quality product, and meeting product specifications.
Customer goals: Customer goals include reliability of supply, safety, and an affordable product.

Summary of key goals for the environment:
The following key goals were identified from different environments: • Safety (Ensure safety to public and personnel) The goals were grouped and rated by a technical and management panel.The three most important goals that were used for the impact assessment were safety, customer satisfaction, and financial viability.

Identifying the risks
For the purpose of identifying the risks, only risks associated with the products to be used for the construction of Eskom networks were identified.Four risk areas were identified: 1.
Design risk: The risk associated with incorrect decisions -e.g.incorrect tolerances, incorrect specification.

2.
Manufacturing risk: The risk associated with a product that does not meet the specification.
• Obtain the risk rating by mapping the consequence as well as the likelihood of failure on the Risk Matrix.

•
Define a risk treatment option for the specific product.Although not shown in this paper, the results from and semi-skilled technical people were very similar.Evaluation took an average of three minutes per product.This is an indication that this simple model is easy to understand and use.Some products were also identified that required more stringent control, contrary to previous manufacturing and purchasing methods.
The company is currently in the process of categorising all the products used to construct electrical networks.An improvement in quality and reduced nonconformance will only be seen over time, after the implementation of risk treatment methods.
A slight increase in product prices can be expected initially, owing to the implementation of more stringent quality management systems in the manufacturing process.Auditing methods will also have to be identified to deal with products manufactured overseas.The model is not completely quantitative, and perceptions and historical knowledge can cause variations to affect the outcome.
In future slight adjustments to the questionnaire will be implemented to improve the model.Owing to the large quantity of products, the initial evaluation of the products is time-consuming, and the possibility of grouping products will be investigated.