Author: Ing. Jan Stoker MSc. MEng.   Follow Jan Stoker

1. Introduction

This chapter explains why organisations need a Strategic Maintenance Policy (SMP) and how it anchors value creation—defined by ISO 55000—in day-to-day maintenance governance. It places the SMP within the A&MM lemniscate and clarifies its relationship to the SAMP/AMP chain. It also shows how one computable decision language—the P–C–R trefoil gate—connects people, processes, finance, information, and risk.

The SMP is a top-level maintenance policy that translates SAMP intent into operational rules for strategy and delivery. It defines principles for maintenance as a strategic function and publishes thresholds that constrain choices (e.g., P_min, R_max/ALARP, C_cap/TCO). It assigns roles and accountabilities for making and assuring decisions and maps those decisions onto a clear process architecture. It also specifies the information and evidence required at each gate.

The SMP applies across the portfolio—programmes and sites—and remains technology-agnostic. At the same time, it explicitly accommodates digital twins, predictive analytics, and AI so that decisions are explainable, traceable, and auditable over time.

1.1 Value orientation: why P–C–R belongs in one system

ISO 55000 frames Asset Management as the coordinated activity to realise value from assets. Value emerges when Performance (P) is delivered, Costs (C) are managed over the life cycle, and Risk (R) is controlled within appetite and obligations. In practice these dimensions are inseparable: actions that lift availability may alter cost and risk; cost reductions can move risk or degrade service; new barriers can affect performance and spend. The SMP therefore treats P–C–R as one integrated system, implemented through the trefoil gate so that—at each decision—priority is declared (P-over, C-over, or R-over), thresholds are applied, and evidence is recorded. This is how “balancing” becomes defensible value creation.

1.2 Position in the A&MM lemniscate

The lemniscate (∞) depicts a continuous loop: Asset Management on the left (purpose, value, risk appetite, SAMP/AMP, governance), Maintenance on the right (policy, processes, work, evidence, improvement). The SMP occupies the centre as the governance gate that every significant translation must pass: intent → execution, and execution → assurance. By fixing a single point where priorities, thresholds, and evidence are made explicit, the SMP prevents drift between strategic promises and operational reality.

1.3 Relationship to the SAMP, AMP, and other policies

The Strategic Maintenance Policy (SMP) lives in the middle of the governance chain and translates enterprise intent into executable rules. Think of the flow as SAMP → SMP → AMP → work/evidence → assurance/improvement. Each link has a distinct purpose; together they create the single line-of-sight that ISO 55000 expects between value intent and operational reality.

SAMP — enterprise intent and value logic.
The Strategic Asset Management Plan (SAMP) sets the organisation’s direction: what value means for stakeholders, which service outcomes are sought, the risk appetite (including ALARP expectations), and the high-level portfolio choices that follow. It defines the why and the what: target performance ranges, tolerance for risk excursions, lifecycle budget envelopes, and the principles for trade-offs across the asset base. The SAMP also specifies the governance context—who is accountable for value, how reviews occur, and which assurance evidence is required.

SMP — policy hinge and executable rules.
The Strategic Maintenance Policy (SMP) is the operational extension of the SAMP. It answers the how by installing one computable decision language—the P–C–R trefoil gate—and fixing the thresholds P_min⁡, R_max⁡/ALARP,  C_cap/TCO, dominance conventions (when P-over/C-over/R-over applies), roles and accountabilities (RASCI), and the information/evidence that must be recorded at every gate. It maps these rules onto the Maintenance Landscape (EN 17007 processes and EN 17485 policy layer) so that every preventive, corrective, optimisation, or improvement decision is taken the same way, documented the same way, and can be audited the same way. In short, the SMP turns SAMP intent into enforceable, day-to-day governance.

AMP — instantiation for portfolios and systems.
Asset/Portfolio Management Plans (AMPs) take the SMP’s rules and instantiate them for specific asset classes, networks, plants, or sites. AMPs answer where, when, and how much: the chosen maintenance concepts per asset family, intervention mixes and intervals, resource and spares strategies, shutdown windows, budget profiles, and KPIs. AMPs also define the gate cadence (strategic, tactical, operational) and the local references needed to compute normalised indices $p,c,r$. Because the SMP is stable across the organisation, AMPs remain comparable over time and across locations, even as local contexts differ.

Interfaces to other corporate policies and systems.
The SMP explicitly references and aligns with adjacent governance artefacts so maintenance remains part of a single Asset Management System:

• Finance & planning (ISO/TS 55010): reconciliation between trefoil decisions and budgeting/valuation rules.

• People & competence (ISO 55012; EN 15628/EN 17948): role profiles, competency expectations, and involvement in gate decisions.

• Information & data (ISO 55013): data stewardship, quality, lineage, and retention for P–C–R evidence in CMMS/EAM and analytics.

• Risk & assurance (ISO 55001/55002; BowTie): traceability from threats–barriers–consequences to gate choices and acceptance criteria.

• HSE, quality, procurement, and design: the SMP sets the maintenance-specific rules these functions must honour (e.g., maintainability requirements, contractor gate records, quality checks), ensuring one coherent line-of-sight rather than parallel policy islands.

Change control and learning.
Finally, the SMP defines how thresholds, weightings, and default dominance patterns can be changed (authority, rationale, effective date) and how evidence flows back to SAMP reviews. That way, strategic promises are not only executed but also tested and refined using the same language that governed the original decisions.

1.4 Alignment with the ISO 55000 series and CEN/TC 319

The SMP is part of the Asset Management System required by ISO 55001 and guided by ISO 55002. It embeds finance–non-finance alignment per ISO/TS 55010, situates decisions within the public-policy environment where relevant (ISO 55011), formalises people involvement and competence (ISO 55012), and sets expectations for information and data stewardship (ISO 55013).

On the maintenance side it binds to the CEN/TC 319 landscape: EN 17485 (maintenance as part of Physical Asset Management), EN 17007 (core processes and indicators), EN 17948 (management & functions), and EN 13306 (terminology). The SMP connects these strands through one gate language so requirements are coherent, traceable, and auditable.

1.5 Governance Logic and Applicability 

The SMP rests on two complementary governance logics. The trefoil gate is the decision icon: one continuous loop (integration) forming three lobes—Performance (P), Costs (C), Risk (R)—with over/under crossings marking which pillar is temporarily dominant for a given context. The Borromean rings are the assurance icon: remove any pillar and the whole system loses integrity.

In practice, the SMP requires both: declare priority under thresholds at each gate (trefoil) and prove completeness of consideration in reviews and audits (Borromean). This policy language is designed for all key roles—executives and Asset Managers (governance and value), Maintenance Managers (policy into plans and contracts), Reliability Engineers (analysis and optimisation), Finance (budget control and valuation), HSE/Compliance (risk acceptance), and Engineers/Technicians (execution and evidence capture)—and applies across linear infrastructure, plants, facilities, and fleets. Tailoring occurs at AMP level; the SMP’s principles remain intact.

1.6 Terms, Conventions and Boundaries 

For clarity and consistency, the SMP uses a defined vocabulary: a gate is any decision point that must record dominance, thresholds, and evidence; dominance is the explicit choice P-over / C-over / R-over; the indices $p,c,r$ are normalised measures against agreed references; and policy limits are expressed as P_min⁡, R_max⁡ (ALARP), and C_cap/TCO.

Chapter 4 (work-in-progress) formalises the computation (additive score and Trefoil Balance Index) and the minimum gate record, while later chapters show how these rules bind to processes, roles, information, and assurance. The SMP is not a catalogue of maintenance tasks nor a replacement for technical standards, contracts, or safety cases; it provides the governance, thresholds, and information rules that these artefacts must honour, ensuring every downstream document speaks the same value-oriented language.

2. What the SMP is: the lemniscate and the two landscapes

This chapter lays the structural backbone of the Strategic Maintenance Policy. It explains how the A&MM lemniscate provides one continuous management loop, how the Asset Management landscape (ISO/IAM) and the Maintenance Landscape (CEN/TC 319) inhabit its two halves, and how the BowTie and Industry 5.0 perspectives act as design constraints rather than decorative add-ons. The aim is practical clarity: a reader should be able to see where policy lives, where decisions are made and evidenced, and how information, people, finance and risk stay connected across the lifecycle.

2.1 The A&MM lemniscate (one loop, two halves)

The A&MM lemniscate is more than a picture; it is a management discipline for keeping intent and execution on the same track. The left half represents Asset Management—purpose, value, stakeholder context, risk appetite, and objectives expressed through SAMP/AMP and supported by governance, information, and assurance. The right half represents Maintenance—policy, processes, resources, job planning and execution, evidence capture, and improvement. Both halves are compulsorily connected at the centre by a governance gate.

At this trefoil gate, decision-makers declare which pillar is temporarily dominant (P-over, C-over, or R-over) for the context at hand, apply agreed thresholds (e.g., P_min⁡​, R_max⁡/ALARP, C_cap/TCO), and record evidence (analyses, data lineage, approvals). The same gate governs the return flow: actual performance, actual cost (and forecast updates), and realised risk outcomes loop back to the left for assurance and continual improvement.

Over time, the gate records form a learning archive in which patterns of dominance, threshold usage, and results become visible and comparable across assets, sites, and years—preventing the drift where strategy is stated in one room and execution is decided in another. The lemniscate allows exceptions only as documented exceptions: when thresholds must be exceeded (e.g., urgent continuity risk), the gate record must state why, for how long, and who authorised it. This preserves proportionality (crucial for ALARP), while keeping the system auditable and resilient.

2.2 The Asset Management landscape (IAM/ISO)

The Asset Management landscape defines the capabilities that enable value realisation—leadership and governance, strategy and planning, decision-making, information, risk management, performance and improvement—and, within the lemniscate, it forms the left loop that sets the operating conditions for the trefoil gate. Here, the Asset Management System (AMS) specified by ISO 55001 and explained by ISO 55002 clarifies what value means, which objectives are pursued, the risk appetite (including ALARP expectations), and the criteria for judging decisions and outcomes.

The SAMP/AMP chain converts that intent into portfolio and system plans, while the SMP inherits these commitments and translates them into maintenance-specific rules that the right loop must execute. Because maintenance choices have financial consequences, the left loop also requires that trefoil outcomes reconcile with budgeting, valuation and internal control per ISO/TS 55010, avoiding the classic split where technical decisions and finance language diverge. In public or regulated settings, ISO 55011 situates these choices in an enabling environment—policy instruments, stakeholder roles and societal value—so the gate record makes proportionality, equity and acceptance criteria explicit.

People and competence are treated as first-class requirements through ISO 55012: strategic, tactical and operational capabilities (and involvement rules) are defined so gate decisions are understood, owned and repeatable; where formal role profiles are incomplete (e.g., reliability engineering), the SMP makes accountabilities explicit via RASCI and competence matrices. Finally, decisions are only as strong as their information backbone: ISO 55013 governs data stewardship—canonical sources for P, C and R; quality and confidence tags; provenance and retention—so that gate records are durable information assets, not ad-hoc notes, ensuring traceability from intent to evidence and back.

2.3 The Maintenance Landscape: CEN/TC 319

The Maintenance Landscape Model

3. Why every organisation needs an Strategic Maintenance Policy

This chapter deepens the case for the Strategic Maintenance Policy (SMP). It explains how the SMP turns ISO 55000’s value concept into day-to-day governance, why the P–C–R trefoil gate is the right decision language, and how Industry 5.0 and the Maintenance Landscape are embedded as constraints rather than add-ons. The goal is practical clarity: decisions that are explainable to people, traceable in systems, and auditable across portfolios and years.

3.1 Value creation in the ISO sense (from principle to practice)

ISO 55000 defines Asset Management as the coordinated activity to realise value from assets. Value is not a single KPI; it emerges when Performance (P) is delivered, Costs (C) are managed over the lifecycle, and Risk (R) remains within appetite and obligations. The SMP operationalises this by stating, up-front and in one place, (i) the thresholds that must hold P_min⁡​, R_max⁡/ALARP, C_cap/TCO ; (ii) the decision language—the trefoil gate—by which local priority is declared (P-over, C-over, or R-over) without breaking system integrity; and (iii) the evidence rules that make choices reconstructable. Put simply: the SMP transforms “we balanced P–C–R” into defensible, repeatable selections made under explicit limits with a standard record of proof.

3.2 Visible governance (thresholds, dominance, evidence)

Without an SMP, important maintenance choices get dispersed across contracts, teams, and spreadsheets, producing inconsistent outcomes and slow, opinion-heavy reviews. The SMP replaces dispersion with visible governance.

Every significant choice passes a single trefoil gate where decision-makers (a) declare the dominant lobe for the current context; (b) apply policy thresholds; and (c) attach the evidence pack (analyses, data lineage, approvals). The same fields appear in plans, work orders, and management reviews, so the chain from proposal → decision → execution → assurance can be reconstructed. Organisations that map these gate rules to the EN 17007 building blocks (PRV, COR, OPT, IMP, RES, HSE, DTA, DOC, SPP, BUD, IST, SER, MAN, MRQ, ACT, TOL) see faster approvals and fewer “policy islands,” because everyone is reading and writing the same governance grammar. 

3.3 Industry 5.0 as a constraint, not a slogan

Human-centricity, sustainability, and resilience are no longer optional ambitions; they are operating constraints. The SMP encodes them where decisions actually happen—at the trefoil gate. Human-centricity appears as explainability and maintainability requirements in job plans and changes (MoCs); sustainability appears in lifecycle cost and risk thresholds that include environmental and societal effects; resilience appears as a priority rotation over time (e.g., R-over during incident containment, C-over during recovery optimisation, P-over at restart/commissioning) while preserving one integrated value loop. Treating Industry 5.0 this way prevents “green-on-slides” and makes priorities visible, proportionate, and auditable in the same record that governs technical and financial choices.

3.4 Line-of-sight, finance alignment, and auditability

The SMP binds the BowTie logic (threats–barriers–consequences) to maintenance decisions by requiring each gate to state which barriers are affected and under which acceptance criteria the choice is made. It also ensures the trefoil output reconciles with finance—budgeting, valuation, and internal control—so that the same decision is true in technical and financial language (CAPEX/OPEX boundaries, LCC/NPV, impairment triggers). Information quality is treated as a first-class requirement: canonical sources for P, C, and R, confidence tags, provenance, and retention, so that analytics, digital twins, and AI strengthen rather than obscure decisions.

When these elements are combined with an EN 17007 process mapping and a clear competence model for roles and RASCI, review cycles compress and audits move from format to substance—“Which pillar led, under which limits, with what evidence, and with what outcome?”—because the answers are captured the same way everywhere.

Strategic Maintenance Policy PP…

3.5 Standards cross-walk (what the SMP anchors, where) and typical objections-resloved

The SMP is the operational meeting point of the ISO 55000 family and the CEN/TC 319 maintenance landscape. ISO 55001/55002 define the Asset Management System and how to apply it; within that system, the SMP is the maintenance policy artefact that specifies how decisions are made, evidenced, and reviewed. ISO/TS 55010 ensures trefoil outputs reconcile with budgeting, valuation, and internal control, so a decision is true in both technical and financial language.

ISO 55011 places policy in its public or regulated context, clarifying the enabling environment, stakeholder roles, and societal value. ISO 55012 frames people involvement and competence, which the SMP ties to gate accountabilities via RASCI, including reliability-engineering duties even when job titles differ. ISO 55013 governs data stewardship—canonical sources for P–C–R, quality, provenance, and retention—so decisions remain traceable. On the CEN side, EN 17485/EN 17007/EN 17948/EN 13306 position maintenance within Physical Asset Management, provide the 16-block process architecture, define functions and roles, and fix terminology; the SMP maps these clauses into day-to-day governance. Common objections are addressed within this structure. “A single score oversimplifies reality.”

The SMP disciplines judgement: thresholds protect non-negotiables, explicit dominance (P-over/C-over/R-over) makes priority visible, and a short rationale preserves context. “Every asset is different.” The SMP fixes the language (fields, thresholds, evidence) while allowing parameters and dominance to vary by context. “This will slow us down.” Standard gate fields accelerate approvals by making choices transparent. “Finance will disagree.” Trefoil outputs are reconciled with finance (CAPEX/OPEX, LCC/TCO, NPV, control), eliminating the dual-ledger problem.

3.7 What “good” looks like (signals you can measure)

Organisations that run a living SMP exhibit a few consistent signals: (i) a high completion rate for gate records; (ii) shorter decision cycle times and fewer escalations; (iii) stable thresholds with transparent, versioned changes; (iv) audit findings that focus on assumptions and evidence, not missing fields; and (v) a growing ability to show correlation between the trefoil balance (additive or multiplicative) and realised outcomes (service achieved, lifecycle spend adherence, risk excursions avoided). These are the hallmarks of ISO-aligned value realisation made operational.

4. How an SMP is structured

This chapter sets out a practical, standards-aligned structure for the Strategic Maintenance Policy (SMP). The aim is to turn SAMP intent into clear, enforceable rules that govern decisions, data, roles, and processes across the entire Maintenance Landscape. Each subsection below explains what the SMP must contain and why, and—where helpful—draws on lessons from a recent internal SMP draft used as an exemplar of structure and flow (without naming the organisation).

4.1 Policy purpose, scope, and authority

An SMP begins by stating its purpose: how maintenance will realise and protect value in the ISO 55000 sense by coordinating Performance, Costs, and Risk over the lifecycle. The scope makes boundaries explicit—assets and systems covered; interfaces to design, procurement, operations, decommissioning; and the relationship to SAMP/AMP and subsidiary standards and procedures. The authority clause assigns ownership (policy sponsor and steward), review cadence (e.g., annual management review), and change control (who may alter thresholds, templates, or decision rules, and how such changes are versioned and communicated).
A well-formed SMP also names the governance forums in which it lives: portfolio boards, programme reviews, and operational planning meetings. That way, a single policy language (the trefoil gate fields and evidence) appears consistently in documents, dashboards, and audits. The exemplar SMP shows how high-level policy ownership and an explicit link to the process architecture make execution predictable and comparable.

4.2 Principles and thresholds (the trefoil rules)

At the heart of the SMP are the principles that fix how decisions are taken and evidenced:

• One system, three pillars. P–C–R are treated as one value system. At each gate, a temporary dominance is declared—P-over, C-over, or R-over—without “breaking the loop.”

• Policy thresholds. The SMP publishes the limits within which options must fall: P_min​ (assured service), R_max⁡​ with ALARP reasoning (safety/compliance), and C_cap​/TCO (lifecycle affordability).

• Accepted computations. The SMP permits a transparent additive score (useful for audit) and an interaction-aware Trefoil Balance Index (useful when proportional changes and interactions matter). Both use normalised indices $p,c,r$ against references P_ref,C_ref,R_ref.

• Priority encoding. Dominance can be encoded lexicographically (first satisfy the dominant pillar’s constraint, then optimise the rest) or by emphasis (temporary weights/exponents). The SMP explains when to use which (e.g., R-over for safety-critical PRV; C-over for OPT; P-over for critical COR).

• Evidence rules. Each gate produces a minimal, consistent record: dominance, thresholds applied, indices/score, decision and rationale, evidence list (datasets, analyses, approvals), approver, and review date.

The policy then calibrates references and thresholds by asset class (and sometimes by context/state), and states how finance alignment is ensured so that trefoil decisions reconcile with budgeting, valuation, and internal control (ISO/TS 55010). These principles convert “we balanced it” into defensible, reconstructable choices. The internal SMP draft that informed this structure links policy statements directly to execution artefacts, which is key to making thresholds real in day-to-day work.

4.2.1 Gate protocol (minimum fields).
Every SMP should include a one-page gate template to embed in reviews, plans, and work orders. Recommended fields: Gate ID; asset/system; date; dominance (P/C/R); thresholds applied; normalised indices $p,c,r$; score (additive and/or TBI); decision; rationale; evidence list (data lineage, analyses, approvals); approver; review date. This “small form” is the backbone of governance.

4.2.2 Calibrating references.
The SMP explains how to set Pref, C_ref, R_ref  (e.g., historic baselines, regulatory minima, portfolio targets) and how often to revisit them. It also defines confidence tags (A/B/C) to signal data quality and required caution in interpretation.

4.3 Process architecture (EN 17007; EN 17485)

An SMP becomes usable when its rules are mapped to processes. EN 17007’s 16 building blocks provide the normative backbone: PRV, COR, OPT, IMP, RES, HSE, DTA, DOC, SPP, BUD, IST, SER, MAN, MRQ, ACT, TOL. The policy states where gates occur, what evidence is mandatory in each process, and how decisions propagate into task lists, inspection scope, spares, contracts, and tolerances. EN 17485 anchors the strategic framing so that the policy sits inside Physical Asset Management rather than beside it. The internal SMP exemplar shows exactly this mapping and the benefit of using one process language across the organisation.

4.3.1 Typical dominance patterns.

• PRV often runs R-over (safety/compliance are hard constraints; among feasible options, select best value).

• OPT typically runs C-over (seek lifecycle-cost minima subject to P and R thresholds).

• COR on critical functions often runs P-over (restore continuity first, within R and C limits).
  Supporting processes (SPP, BUD, RES, DTA, DOC, HSE, SER, MAN, MRQ, ACT, TOL) adopt the same gate record, ensuring consistency from proposal to work order to assurance. The exemplar SMP demonstrates how this yields predictability and accountability across teams and sites.

4.4 Roles and competencies (ISO 55012; EN 15628; EN 17948)

The SMP must make accountability visible. It defines the maintenance function and clarifies who sponsors the policy, who decides at gates, who assures, and who executes. Role profiles reference ISO 55012 for people involvement/competence and EN 15628/EN 17948 for maintenance roles and functions. Where standards do not explicitly name a Reliability Engineer, the SMP still assigns reliability accountabilities (RCM, Weibull, FMECA, PdM analytics, assurance of assumptions) via RASCI, ensuring that the trefoil gate has a clear analytical owner. The internal SMP draft that informed this work illustrates how senior ownership, explicit role descriptions, and competence references stabilise the function and reduce ambiguity in decision-making.

Note on competence coverage (EN 15628): the standard’s current formulations may not define a full “Reliability Engineer” profile. The SMP resolves this by making reliability accountabilities explicit—linked to gate decisions and evidence—even if job titles differ. This is consistent with EN 17948’s functions view and ISO 55012’s competence emphasis.

4.5 Information and evidence (ISO 55013; ISO 55001/55002)

Decisions are only as strong as their information backbone. The SMP therefore names canonical data sources for P, C, and R; sets quality rules (validation, timeliness, completeness); and treats the gate record as a durable information asset. It specifies provenance (where data came from), model governance for analytics/digital twins (model version, training data, assumptions, confidence), and retention policies so that decisions remain reconstructable through audits and reviews. The internal SMP exemplar demonstrates how adopting one data/record grammar across processes dramatically improves comparability and assurance readiness.

4.5.1 BowTie linkage.
The SMP also requires that each gate record references the BowTie elements affected—threats, barriers, consequences—and records risk acceptance under EN 16991. This creates bidirectional traceability: risk reviews see the decisions that changed barrier posture, and gate decisions carry the acceptance logic they rely on.

4.5.2 Finance alignment (ISO/TS 55010).
Finally, the SMP states how trefoil outputs are reconciled with budgeting, valuation, and internal control (CAPEX/OPEX boundaries, LCC/TCO, NPV, impairment triggers). The point is to make the same decision true in technical and financial language, avoiding the classic dual-ledger problem.

4.6 Public-policy, KPI’s, Assurance & Change control

In public or regulated environments, the SMP includes an ISO 55011–aligned clause that situates maintenance policy within the enabling environment—making stakeholder roles, public-value objectives, and policy instruments explicit in thresholds, evidence, and assurance—while transparent gate records support proportionality and equity claims.

To demonstrate value realisation under ISO 55001/55002, the SMP defines a compact, operational KPI set (service delivered vs P_min, lifecycle cost variance vs C_cap/TCO, and risk exceedances vs R_max/ALARP) with clear owners, calculation rules, and visualisation in routine dashboards. Process measures (e.g., percentage of decisions with complete gate records; proposal-to-decision cycle time) and learning measures (stability of thresholds/weights; audit findings closed on first pass) track governance health and drive targeted improvement.

An assurance cadence—management reviews, second-line checks, internal audits, and deep-dive studies—focuses on patterns of dominance and threshold use, not only on outcomes, ensuring lessons flow back into plans and policies. Finally, to prevent policy drift, the SMP specifies version-controlled change control for thresholds, references, and default dominance patterns (authority, rationale, effective date, communication) and a controlled path for documented exceptions (e.g., urgent continuity risk) with time limits, sunset dates, and retrospective review; together these provisions preserve proportionality (especially under ALARP) and keep the system auditable, resilient, and explainable.

Chapter outcome.
With purpose/scope/authority established; trefoil principles and thresholds codified; EN 17007/EN 17485 process mapping in place; roles and competence anchored (ISO 55012; EN 15628/EN 17948); information and evidence governed (ISO 55013; BowTie; finance alignment); and clear indicators/change control defined, the SMP moves from concept to operational governance. It becomes the stable hinge between SAMP intent and maintenance execution—producing decisions that are explainable, comparable, and auditable across assets, sites, and years.

5. The SMP as an extension of the SAMP

This chapter explains how the Strategic Maintenance Policy (SMP) operationalises the Strategic Asset Management Plan (SAMP) inside the A&MM lemniscate. It shows how value intent (left loop) becomes enforceable rules at the trefoil gate and how those rules flow into plans, work, evidence, and assurance (right loop). The aim is coherence: one policy chain, one decision language, and one record of proof that stands up technically, financially, and in governance reviews.

5.1 From value statements to gate thresholds

The SAMP articulates value in the ISO 55000 sense—service performance to be achieved, risk appetite including ALARP expectations, and lifecycle affordability. The SMP turns these statements into operational constraints and conventions: minimum service levels (P_min⁡​, risk limits (R_max⁡​/ALARP), and affordability caps (C_cap/TCO) , all calibrated by asset class and context. At the trefoil gate these thresholds become the hard edges of decision-making: whichever lobe is temporarily dominant (P-over, C-over, or R-over), the other pillars remain bounded. In practice this prevents silent erosion of value—no decision crosses from intent to execution without a documented check against the SAMP-derived limits.

5.2 The A&MM lemniscate as the conduit (SAMP → SMP → AMP)

Within the lemniscate, the SMP occupies the centre. SAMP objectives are translated at the gate into rules that Asset/Portfolio Management Plans (AMPs) can instantiate for networks, plants, fleets, or sites. The translation is two-way. On the forward pass, planning and work inherit the same trefoil fields (dominance, thresholds, evidence). On the return pass, realised performance, cost, and risk feed back through the same gate as evidence, closing the loop for assurance and continual improvement. Over time, this produces a learning archive: a traceable history of which priorities were chosen in which contexts and what outcomes followed—vital input for refreshing both SAMP and SMP.

5.3 Finance integration: making decisions true in both languages

Because maintenance decisions have material financial impacts, the SAMP–SMP chain must reconcile with budgeting, valuation, and internal control. The SMP specifies how trefoil outputs are expressed in the finance language used for budgets and reports (CAPEX/OPEX criteria, LCC/TCO, NPV/discounting, impairment triggers). This prevents the “dual-ledger” problem where a choice appears optimal technically but incoherent financially. When thresholds and dominance are financially legible, the same decision can be defended in management reviews, audits, and regulatory dialogues, and AMPs can schedule spend profiles without re-litigating the underlying policy logic.

5.4 Risk Traceability, Change Control, and Health of the SAMP–SMP Chain  

The SAMP sets risk appetite; the SMP makes risk acceptance at the trefoil gate both proportionate and reconstructable by linking each decision explicitly to the BowTie (which threats are controlled, which barriers added or strengthened, which consequences mitigated) and by recording the acceptance basis. In safety-critical or compliance contexts, R-over typically governs—feasibility against R_max/ALARP is established first, and only then is value optimised among safe options—while in P-over or C-over cases the same acceptance limits still apply and are logged alongside the value case.

As contexts shift (new regulation, ageing, technology refresh, budget shocks, emerging failure modes), the SMP preserves coherence through controlled change: it specifies who may alter thresholds or default dominance patterns, on what evidence, with what effective date, and how changes cascade into AMPs and work management; temporary departures (e.g., emergency continuity risk) are documented with deviation, rationale, time limit, and a retrospective review point. Healthy chains show consistent trefoil fields across board papers, AMPs, job plans, and reviews; comparability via normalised and versioned gate records; review efficiency as cycle times shorten; and a rising learning rate as patterns of dominance correlate with outcomes, refining both SAMP objectives and SMP thresholds.

Typical tensions are addressed by design: local optimisation vs portfolio value (held to SAMP-derived thresholds and explicit rationales), technical vs financial narratives (trefoil outputs reconciled with budgeting, valuation, and control), and evidence asymmetry (confidence tags, minimum evidence standards, and conservative treatment of uncertainty), ensuring a single, auditable line-of-sight from risk logic to maintenance action even as conditions change.

5.5 The SMP’s cadence in the Asset Management System

Finally, the SAMP–SMP chain sits within the broader cadence of the Asset Management System. Strategy and planning cycles establish or refresh objectives and thresholds; programme and portfolio reviews apply the gate at decision points; operations encode gate fields in plans and work orders; assurance and audits reconstruct decisions from gate records; and improvement updates the SAMP and SMP based on evidence. The strength of the chain lies in its repeatability: the same concepts, fields, and acceptance logic appear at every level, making value creation not only possible but provable across the lifecycle.

6. Competence, culture, and Industry 5.0

This chapter develops the human and organisational foundations that make a Strategic Maintenance Policy (SMP) live in practice. Policies and formulas are necessary but insufficient: sustained performance requires competent people, a shared decision language, and trustworthy information—all embedded in a culture that reflects Industry 5.0 principles (human-centricity, sustainability, resilience). We therefore connect competence frameworks (ISO 55012; EN 15628; EN 17948) with the P–C–R trefoil gate, show how explainability and maintainability are operationalised, and set out the data stewardship needed to keep line-of-sight intact from intent to evidence.

6.1 Competence model and involvement (who decides, with what skills, and how we know)

A living SMP begins with a clear RASCI at the trefoil gate: who proposes, who decides, who assures, who is consulted, and who executes. Competence requirements should be explicit for each role and level (strategic, tactical, operational), drawing on ISO 55012 for people involvement and EN 15628/EN 17948 for maintenance functions. In practice:

• The Asset Manager owns value definition and risk appetite, sponsors the gate, and ensures thresholds (P_min, R_max/ALARP, C_cap/TCO) remain aligned with objectives.

• The Maintenance Manager translates gate outcomes into policy, plans, contracts, and schedules, and is accountable for delivery and evidence capture.

• The Reliability Engineer provides analyses (RCM, Weibull, FMECA, condition/predictive models), runs sensitivity checks on the indices/score, and validates assumptions; where EN 15628 lacks a formal profile, the SMP makes reliability accountabilities explicit in the RASCI.

• Finance and HSE/Compliance verify that acceptance criteria and financial consequences are coherent with policy and regulation.

• Engineers, Planners, and Technicians embed the gate fields into task plans and capture the evidence required for assurance and learning.

Competence should be demonstrated, not assumed: role curricula include the trefoil gate method (dominance, thresholds, evidence), basic decision analysis (MAUT/log-based scoring), uncertainty handling, and data literacy (reading confidence tags, lineage). A light, periodic capability review tracks which teams can operate gates unaided and where mentoring is needed. The outcome is a workforce that not only does the right tasks, but also shows why the chosen priority was proportionate and value-consistent.

6.2 Human-centric execution (Industry 5.0 made operational)

Human-centricity is not a slogan; it is a design constraint that reduces error and increases recoverability. The SMP operationalises this in four ways:

1. Explainability at the point of work. Job plans and MoCs carry the same gate fields seen in governance papers: declared dominance (P/C/R), thresholds applied, and a short rationale. This reduces ambiguity at shift handover and enables safe stop-the-job decisions when conditions drift.

2. Maintainability designed-in. Access, tooling, standard times, and verification steps are tied to thresholds (e.g., restore performance ≥ P_min while staying within R_max). Commissioning checklists explicitly validate that maintainability assumptions used at the gate hold in practice.

3. Cognitive ergonomics. Visual standards (icons for trefoil/ Borromean), concise forms, and “one-page gate” templates keep cognitive load low. Neurodiversity-aware communication—clear headings, structured lists, and short rationales—improves reliability in high-pressure contexts.

4. Proportionality and dignity. When R-over is declared, the SMP ensures protective measures are feasible and non-punitive in execution; when C-over leads, productivity gains must not create unsafe shortcuts; when P-over leads, recovery speed cannot bypass acceptance criteria. Human-centric constraints are thus visible as policy thresholds, not as afterthoughts.

6.3 Digital line-of-sight and data stewardship (ISO 55013 in action)

Decisions are only as good as their information backbone. The SMP treats the trefoil gate record as a first-class information asset governed by ISO 55013 principles:

• Canonical sources and models. For P, C, and R, the SMP names authoritative datasets (EAM/CMMS for history and plans; ERP for cost actuals and commitments; risk registers; condition and PdM feeds) and how they reconcile.

• Quality and confidence. Each input carries a confidence tag (e.g., A/B/C) and timestamp/version. Where predictive models are used, model governance documents version, training data, assumptions, and validation results so that recommendations are traceable and auditable.

• Lineage and immutability. Gate records capture where each datum came from and freeze the evidence set used for the decision; later updates do not rewrite history but trigger a new gate if material.

• Minimal viable dataset. The SMP defines a lean but sufficient field set (dominance, thresholds, p/c/r indices, score, decision, rationale, evidence list, approver, review date). This keeps adoption affordable while ensuring reconstructability.

The practical test is simple: can an auditor or new engineer replay the decision months later using the stored record, and do those fields appear consistently in dashboards, plans, and work orders?

6.4 Contractor ecosystem and supply chain (alignment beyond the fence line)

Large portions of maintenance are executed by external partners. The SMP extends the trefoil logic into the contracting model:

• Contracts require suppliers to adopt the gate record, provide data in interoperable formats, and reference acceptance criteria (e.g., ALARP bases).

• Competence clauses specify the gate-relevant skills (analysis literacy, evidence capture) and how they will be demonstrated (credentials, pilot gates, joint reviews).

• KPIs mirror policy thresholds (service vs. P_min, cost vs. C_cap/TCO, risk vs. R_max), with incentives that do not reward one pillar at the expense of the others.

• Data ownership and retention are defined so evidence remains available for assurance and improvement after contract end.

This prevents “policy islands” in the supply chain and ensures that performance, cost, and risk are managed as one system across organisational boundaries.

6.5 Learning system and knowledge management (turning gates into improvement)

A mature SMP converts decisions into lessons. Gate records feed structured learning loops:

• After-action reviews on major gates compare expected vs. realised P, C, R and examine whether dominance and thresholds were proportionate.

• FRACAS/RCA outputs are linked to future gate rationales so that failure physics and organisational factors travel into new decisions.

• Communities of Practice curate examples of good gate practice, parameter ranges by asset class, and visual aids that reduce ambiguity at the point of work.

• Curricula and micro-learning keep competence current (e.g., short modules on uncertainty, ALARP argumentation, or reading model confidence).

The goal is a living archive in which similar contexts lead to similar priorities and better outcomes over time—ISO’s continual-improvement principle made concrete.

6.6 Metrics and maturity roadmap (what to measure, how to grow)

The SMP defines a compact, meaningful metric set that reflects value realisation and governance health:

• Outcome metrics: achieved service vs. P_min; lifecycle cost variance vs. C_cap/TCO; risk exceedances vs. R_max/ALARP.

• Process metrics: percentage of decisions with complete gate records; cycle time from proposal to decision; rate of early detection of threshold breaches.

• Learning/assurance metrics: stability of thresholds/weights (fewer ad-hoc overrides); audit findings closed on first pass; correlation between trefoil balance and realised outcomes.

Maturity grows through stages: Defined (policies/fields exist), Managed (consistent adoption across processes and partners), Optimised (parameters calibrated by evidence; uncertainty treated explicitly; digital twins integrated with governance). A light annual review recalibrates thresholds and weight ranges, ensuring settings track risk appetite and context rather than drift.

6.7 Common anti-patterns—and how the SMP prevents them

Four failure modes recur in asset-intensive settings:

1. Priority drift. Dominance is chosen informally and never recorded. Countermeasure: a hard rule—no gate closes without explicit dominance, thresholds, and rationale.

2. Threshold inflation. Limits are moved to make numbers fit. Countermeasure: change control with authority, rationale, effective dates, and retrospective review.

3. Spreadsheet divergence. Multiple calculators create inconsistent answers. Countermeasure: a shared workbook or service with transparent formulas and a single source of truth for references.

4. Aesthetic over substance. Beautiful visuals, weak evidence. Countermeasure: every visual used in governance must reference its gate record and evidence set.

The SMP names these risks explicitly so leaders can spot and correct them early.

6.8 Change management and communication (making adoption stick)
Culture changes one conversation at a time. The SMP specifies micro-habits that embed the trefoil language in daily work: start reviews by stating dominance and thresholds; end with the evidence list and next review date; mark dashboards with trefoil (priority) and Borromean (completeness) icons; require that every major decision can be replayed from its gate record. Leaders model brevity and rigour—short rationales, clear acceptance criteria, visible versioning—so that teams experience the policy as enabling, not bureaucratic. Communications emphasise that the trefoil does not replace judgement; it disciplines it, making priorities explainable to people and traceable for systems.

Chapter outcome.
Competence, culture, and trustworthy information are what turn an SMP from a shelf document into an operational governance system. By aligning roles and skills with the trefoil gate, encoding human-centric constraints as thresholds, and stewarding data as an asset, organisations make P–C–R decisions explainable, comparable, and auditable—the very conditions under which Industry 5.0 ambitions translate into measurable value across the lifecycle.

7. Conclusion

This concluding chapter condenses the case for a Strategic Maintenance Policy (SMP) as the operational hinge between SAMP intent and maintenance execution. It unifies the A&MM lemniscate, the P–C–R trefoil gate, the CEN/TC 319 Maintenance Landscape, BowTie logic, and the ISO 55000 family into one practicable governance language.

7.1 What the SMP establishes—and why it matters

The SMP provides a single, computable decision language that treats Performance, Costs, and Risk as one value system. By placing the trefoil gate at the lemniscate’s centre, each significant decision declares a temporary priority (P-over/C-over/R-over), applies policy thresholds (P_min, R_max/ALARP, C_cap/TCO), and records the supporting evidence. This standard record links Asset Management intent (ISO 55001/55002) to Maintenance execution (EN 17485/EN 17007), ties risk acceptance to BowTie reasoning, and embeds people, finance, and data stewardship (ISO 55012/TS 55010/55013). The result is visible governance: priorities become explainable to people, traceable in systems, and auditable across assets, sites, and years.

7.2 What changes on day one—plus how to handle limits

Once adopted, reviews, AMPs, and job plans carry the same minimal gate fields, so approvals accelerate and debates shift from opinion to proportionate, evidenced choices. Asset and Maintenance Managers gain line-of-sight; Reliability Engineering has clear analytical ownership; Finance and HSE/Compliance see decisions reconciled with budgeting, valuation, and acceptance criteria. Known limits are managed explicitly: thresholds protect non-negotiables; transparent scoring (additive for auditability, multiplicative for interaction effects) is accompanied by a short written rationale; uncertainty is flagged with confidence tags and, where needed, conservative acceptance or chance constraints. The aim is disciplined judgement—never “numbers instead of thinking.”

7.3 How to adopt—signals of success and near-term outlook

Begin with a minimal viable rollout: embed the one-page gate template in portfolio reviews and pilot three contexts (PRV with R-over, OPT with C-over, critical COR with P-over). Calibrate references and thresholds by asset class, reconcile outputs with finance, and run after-action reviews comparing expected vs realised P, C, R. Success shows up as high completion of gate records, shorter proposal-to-decision cycle times, stable and versioned thresholds, audits focused on substance rather than missing fields, and a growing correlation between trefoil balance and realised outcomes (service ≥ P_min, lifecycle spend within C_cap/TCO, risk within R_max/ALARP). Next releases will add a clause-mapped SMP template pack and a starter computational workbook, alongside deeper guidance for uncertainty and tail-risk treatment—so organisations can scale with confidence while keeping the governance language consistent.

8. Appendix: Example SAMP Policy Document

Disclaimer — Fictitious Organization; For Illustrative Purposes Only

This sample document describes policies, processes, roles, and terminology within a fictitious organization (in this guide: Aurora Infrastructure Authority (AIA) and its units). It is intended solely for illustration and education. It has no legal, contractual, or governance status and must not be construed as tailored advice.

• Any resemblance is coincidental: Similarities to real organizations, persons, projects, locations, or systems are purely coincidental.

• Not professional advice: The content does not constitute legal, financial, technical, or other professional advice. Applying it in a real context requires your own analysis, decision-making, and—where appropriate—consultation with qualified experts (e.g., legal, finance, HSE, compliance).

• No liability: The author(s) accept no responsibility for errors, omissions, or consequences arising from use of this text. Use is at the reader’s own risk.

• Normative references are indicative: References to standards (e.g., ISO 55000:2024 series; EN 13306; EN 17007; EN 17485; EN 17666; EN 15628) are indicative only. Always consult the official publications for the current, authoritative text. Where discrepancies exist, the official standard prevails.

• Terminology and translations: Terms and translations used herein are non-official and may differ from normative definitions.

• Local context required: Any real-world implementation must account for organizational governance, risk appetite, applicable laws and regulations, contractual obligations, privacy/security requirements, and the specific context of the organization, and must document these accordingly.

• No endorsement implied: Mentions of standards bodies, methods, or frameworks do not imply endorsement by those organizations.

By using or adapting this example, you acknowledge and agree to treat it strictly as a fictitious, illustrative guide.

STATUS: CONCEPT!!

Strategic Maintenance Policy (SMP) — Aurora Infrastructure Authority (AIA)

Document control

• Document ID: AIA-SMP-PO-001

• Version: 1.0

• Owner: Director, Maintenance Delivery Division (MDD)

• Approver: Chief Asset Officer (CAO)

• Effective date: 2025-11-11

• Review cycle: Annual (or upon material change in risk, context, or standards)

• Applicability: All AIA business units, contractors, and delivery partners

1. Introduction

The increasing complexity of, and stringent performance expectations for, infrastructure maintenance require a strategic approach in which the Aurora Infrastructure Authority (AIA) assigns a core role to its maintenance function. AIA’s operating model comprises three business units: the Maintenance Delivery Division (MDD), Major Projects & Renewal (MPR), and Central Information & Digital (CID). Each unit contributes to the availability, reliability, and sustainability of vital assets such as transport corridors, navigable waterways, and operational information systems. As the societal impact of service disruptions grows, the need for a robust, future-oriented maintenance policy becomes correspondingly more urgent.

Within AIA’s integrated project teams (IPTs), a formal maintenance role is not yet consistently defined. Whereas this expertise historically resided with contractors under maintenance contracts, there is now a clear need for internal anchoring of capability and ownership. This policy document provides direction for organising maintenance within AIA and establishes the strategic framework for maintenance processes in alignment with the organisation’s asset management transformation programme. It explicitly conforms to the most recent international standards, including the ISO 55000:2024 series, and the European CEN/TC 319 standards—specifically EN 17485 (maintenance delivery), EN 17007 (processes and indicators), and EN 15628 (competences).

2. Strategic Asset & Maintenance Management Process (EN 17485)

2.1 Process nature and scope (not a SAMP)

The strategic Asset & Maintenance Management process—as specified in EN 17485—constitutes the methodological foundation of this policy. Contrary to the frequently cited Strategic Asset Management Plan (SAMP), EN 17485 prescribes a process: an iterative, cyclical, and multidisciplinary framework that translates corporate objectives into coherent asset and maintenance strategies. The process safeguards line-of-sight between organisational aims, asset performance, and maintenance interventions across the entire life cycle.

Within this process, maintenance is not a subordinate execution activity; it is a strategic function. Maintenance policy is integrated with design and engineering, acquisition, operations, renewal/rehabilitation, and end-of-life. The Asset & Maintenance Management Lemniscate conceptualises this as a dual value loop wherein Asset Management and Maintenance are structurally interlinked and mutually reinforcing.

2.2 Strategic Maintenance Policy — AIA (example positioning)

Within the Aurora Infrastructure Authority (AIA), maintenance is positioned as an integral, strategic component of the broader asset management process per EN 17485. Maintenance is approached as a policy-driven, systematised function that contributes—over the full asset life cycle—to value creation, risk control, and sustainability. Decision-making follows a cascade from corporate objectives to asset strategies, maintenance strategies, tactics, and executable work, with explicit balancing of Performance–Cost–Risk (PCR) in line with organisational risk appetite and stakeholder requirements.

2.3 Maintenance Landscape Model (EN 17948, Table A.1)

The design of the maintenance function follows the Maintenance Landscape Model, structured according to the Maintenance Framework described in EN 17948 (Table A.1). The framework provides an integrated perspective that groups maintenance capabilities into four interrelated domains:

1. Common Basis – shared principles, terminology, data foundations, governance, and assurance mechanisms that enable consistent, auditable practice.

2. Management – steering, planning, prioritisation, risk-based decision-making, budgeting, and performance management that connect maintenance to organisational value.

3. Methodologies – analytical and engineering methods (e.g., reliability engineering, criticality analysis, FMECA, condition monitoring, optimisation, degradation modelling) used to design and improve policies and tactics.

4. Resources – people, competence, tools, materials, spares, and enabling technologies (EAM/CMMS, APM analytics, IoT, digital twins) required for safe and effective execution.

This structure forms the foundation for consistent policy, role clarity, and performance control within AIA’s maintenance function.

2.4 Terminology and definitions (EN 13306)

To ensure clarity and testability in communication, AIA adopts the standardised terminology of EN 13306. Key terms—such as corrective maintenance, preventive maintenance, availability, and reliability—are used as defined in the standard. This common vocabulary aligns teams, delivery partners, and suppliers and supports objective assurance.

2.5 Maintenance function structure (per EN 17948)

The maintenance function is organised along three interdependent layers, consistent with EN 17948:

• Strategic maintenance management – policy, governance, risk appetite, life-cycle alignment, long-horizon planning, portfolio trade-offs (PCR), sustainability objectives, and assurance.

• Tactical maintenance management – asset/system strategy and plan development, programme optimisation, resource and outage planning, contractor/supplier orchestration, and performance management.

• Operational execution – work preparation, scheduling, field execution, condition monitoring, feedback/closure, learning capture, and near-term risk control.

This tri-level structure clarifies accountabilities, aligns competence profiles (with EN 15628 as the competence reference), and maintains end-to-end process coherence across the maintenance chain.

2.6 Maintenance processes and enterprise process architecture (EN 17007)

To structure processes consistently, AIA applies EN 17007, which describes sixteen maintenance processes grouped into three process families:

• Management processes – e.g., strategy setting, planning, budgeting, risk management, performance control.

• Realisation (delivery) processes – e.g., preventive/corrective work, condition-based tasks, improvement actions, shutdown/outage coordination.

• Support processes – e.g., data and documentation, materials/spares, tooling, competence/HSE, contracting and supplier management.

Adopting EN 17007 yields a unified and auditable process architecture that improves predictability, quality, and accountability. For modelling and deployment, AIA documents these processes within the enterprise process architecture (e.g., BPMN/ARIS), specifying for each process:

• Purpose and owner (single accountable role),

• Inputs/outputs and interfaces to adjacent processes,

• Performance indicators and targets (aligned to organisational KPIs),

• Information objects and records (traceability and assurance),

• Enablers and tools (EAM/CMMS, APM analytics, condition data pipelines),

• Risks and internal controls (including HSE and compliance controls),

• Learning loops for continual improvement (Plan–Do–Check–Act).

Through this EN 17485-centred process view, supported by EN 17948, EN 17007, EN 13306 and EN 15628, maintenance becomes a strategic, life-cycle-oriented function with clear line-of-sight from organisational objectives to executable work and measurable outcomes.