Difference between RCM2 and RCM3

The popular RCM2 methodology has been around since '90s. It was what professionals call a consequence-based approach. RCM2 is still the most used RCM methodology worldwide.

Aladon developed RCM3™ as an enhanced version of RCM2™. RCM3™ does not replace RCM2™. Everything we’ve learned over many years of researching and testing Reliability Centered Maintenance – has gone into improving and enhancing our methodology and RCM3™.

Since the release of ISO 31000 and ISO 55000 Standands, Aladon developed RCM3, which fully aligns with these ISO Standards.

RCM3™ also fully complies and exceeds the requirements of SAE JA1011 Standard.

RCM3™ represents a more modern thinking, with emphasis on a risk-based methodology. The result is a more holistic, integrated, and rigorous way for developing asset care and risk-mitigating strategies for phycical assets.

RCM3™ is especially useful and essential for high risk environments and will be offered parallel to RCM2 for our clients who request it.


Brief History

The development of RCM3 started back in 1998. The original concepts have been fully developed before John Moubray passed away and further tested over a period of almost 10 years through Aladon Network Members with many world-class facilities. The results of their pioneering work have been groundbreaking and has been implemented successfully in many Blue Chip Companies with results that exceed the expectation of most.


RCM2 Approach

The Duty / Standby Pump arrangement


We will discuss two scenarios.

In the first scenario, based on the example above, the failure of the duty pump will not matter (provided no consequential damage occurred), and therefore the RCM review team may recommend “run-to-failure” for the duty pump. This could be the most effective and economical form of maintenance for the duty pump – therefore the decision may be the correct one. In the example we assume low or no consequences for the multiple failure. The multiple failure (when both pumps fail simultaneously) would have a consequence (let’s assume an operational consequence i.e. downtime, production loss, etc.).

The probability of the multiple failure could be managed (reduced) by increasing the availability of the standby pump. The availability of the protective device is “increased” (or the probability of the multiple failure is decreased) by performing a “functional check” on the standby pump. The task is done at a frequency which depends on the reliability of the protected function (duty pump) and the availability needed from the protective device (standby pump). The last being related to the associated risk of the multiple failure.

To summarize, for the two pumps we could end up with a “run-to-failure” recommendation for the duty pump and a “functional check” for the standby pump.


In the second scenario, if the pumps in the above example provide cooling water to a nuclear reactor, failure of the duty pump may result in an unacceptable risk to the owners (although the failure on its own still does not matter). Losing the redundancy may increase the risk to an intolerable level. However, the function to cool is still preserved by the standby pump taking over the function from the duty pump that has failed. If traditional RCM is applied correctly, the answer to the question whether this failure mode (on its own) could cause a loss of function or other damage which could injure or kill someone or breach any known environmental standard or regulation, will be NO!

Based on the increase in risk, it would be required to increase the availability of the standby pump (reduce the probability of a multiple failure) by increasing the frequency of the functional checks. In other words, in order to reduce the probability of a catastrophic failure, the RCM review group may still rely primarily on the availability and integrity of the protective device. Only essential maintenance may be performed on the duty pump i.e. lubrication.


RCM3 Approach

The new RCM3 process decision logic splits Hidden Consequences in two categories, multiple failures that affect “Safety and the Environment” and the ones that affect “Operations”. This is especially useful and essential for high risk environments as described above. Furthermore, RCM3 places the focus on the protected function first and foremost.

The RCM3 process addresses the reliability of the duty pump first through applying suitable proactive failure management strategies to the protected function. In doing so, the probability of the functional failure is reduced and therefore less likely to rely on the protective device to take over the function which failed. The result is a more reliable system and less “functional checks” (testing) of the protective device or standby pump will be required. Overall, it reduces risk, improves reliability and reduces the cost of maintenance.

RCM3 does so in asking the question described above differently; “Could the effect of this failure mode on its own (in the absence of any OR due to failure of existing protective devices) result in an intolerable risk to people?”. The answer to this question is now YES!

From this, the review group will focus on the protected function (duty pump) first, and develop a proactive failure management strategy for the same. The revised risk (based on the new maintenance strategy) will be assessed and if the risk is still intolerable, the protective device and its availability requirement will be addressed. The following question will now be considered; “Could the effect of the multiple failure result in an intolerable physical risk to people or result in an intolerable risk of breaching any environmental standards or regulations?

If the answer is YES, the RCM review group will seek a suitable failure finding task (to reduce the risk of the multiple failure to a tolerable level) and if a suitable failure finding task cannot be found, a redesign will be compulsory.


RCM3 Additional Benefits

RCM3 exceeds SAE standards and broadens RCM2 capability to align with more recent and international accepted ISO Management Systems (ISO 55000 and ISO 31000). The analysis results are even more robust and defensible (especially for high risk industries). And, everything we keep learning with each passing milestone makes RCM3 even better. Additionally, RCM3 is fully integrated with other Business Risk Management Systems like RBI and HAZOP.