Many companies subscribe to the thought process that simply completing compliance documentation identified by IEC 61511 is the end goal. Anything more than that is deemed too tedious and represents a substantial cost center. Unfortunately, documentation is just one aspect of the lifecycle, and one that isn’t substantially making your assets safer from one day to the next. We believe the essence of the standard is to not only generate documentation, but to monitor the performance of protections layers vs. assumptions made in the front of the lifecycle. As poor assumptions are identified, companies can sustain their business by eliminating the root cause, therefore removing the previously invisible risk.
In this paper, we advocate that one should generate compliance documentation as efficiently as possible, but really focus on the impact of bad assumptions and putting a financial basis behind its meaning. This information can then be benchmarked on a monthly basis to set company targets, monitor improvement, and understand the impacts financially.