There is a traditional and well-established role in the construction world of the Clerk of Works. The role, to this day, is based on the impartiality of the clerk of works in ensuring that value for money for the client – rather than the contractor- is achieved, through a rigorous and detailed inspection of materials and workmanship throughout the building process. In many cases, the traditional title has been discarded to fit with modern trends, such as Site Inspector, Architectural Inspector or quality inspector, but the requirement for the role remains unchanged since the origins of the title in the Thirteenth Century.
The clerk of works is a very isolated profession on site. HE/She is the person that must ensure quality of both materials and workmanship and, to this end must be absolutely impartial and independent in decisions and judgements. He/She cannot, normally by virtue of the assurance role, be employed by the contractor – only by the client, or by the architect on behalf of the client. His/Her role is not to judge, but simply to report all occurrences that are relevant to the role.
If we look at the work required to assure operational technology and industrial control systems to meet the needs of the HSE, NIS or other regulators, and to achieve an authority to operate for a building or facility, the tasking for an individual should be very similar to the above description, but with a Cyber rather than general construction perspective.
With this in mind I suggest the follow role description for a Cyber Clerk of Works Team:
The Cyber Clerk of works team are either on site all the time or make regular visits – this is not a remote job and they are expected to be out on site in Hi-Viz, not with the carpets drinking tea. It will always be a team and not an individual to cover the range and depth of knowledge required for a typical site. They must be vigilant in their inspections of a large range of technical aspects of the work:
- Making sure that work is carried out to the client’s standards, specification, correct materials, controls, workmanship and schedule.
- Becoming familiar with all relevant drawings, configurations and written instructions, checking them and using them as a reference when inspecting work.
- Making visual inspections and planning formal security testing.
- Taking measurements and samples on site to make sure that the work and equipment installed meet the specifications and security standards.
- Being familiar with legal, regulatory and security requirements that apply to the site and build; checking that the work complies with them.
- Having a working knowledge of cyber health and safety legislation or guidance and bringing any shortfalls to the attention of the resident engineer or technical authority.
- Advising the contractor about certain aspects of the work, particularly when something has gone wrong, but this advice should not be interpreted as an instruction.
- Help reduce risk by early engagement – no point starting this activity six month from the end of a ten year build. If we work the IET Cyber in the Built Environment Code of Practice, the team should be there for all of the RIBA stages.
- Cover both the SCIDA and Cyber elements of security, while working closely with the physical and personnel teams.
A competent Cyber Clerk of Works shall have:
- A good general understanding of the specific cyber inspection process as it relates to construction, particularly as it relates to materials and configurations.
- An understanding of the obligations of all parties (requirements and boundaries)
- An understanding of the RIBA stages and lifecycle of a building
- Foresight: i.e. identification of issues/potential issues and the ability to suggest alternative methods or mitigation techniques.
- A focus on quality; promoting right first-time initiatives, reducing rework, deferred works or double handling.
- A focus on avoiding immediate obsolescence on building handover and a drive to design for whole life use.
- They are impartial, with a fair, considered and independent approach to ensuring value for money for the client, while maintaining security.
- They have knowledge and an awareness of acceptable standards, benchmarking and identifying non-conformance.
- The ability to produce concise recordings of their findings.
- They will have a professional opinion and make recommendations to alternative approaches and corrective actions.
- Knowledge of operational technology and control systems used around the construction of a facility, including their use, limitations and possible alternatives.
- An understanding and knowledge of the practical and legal aspects of health and safety, in particular around construction sites.
- The professional qualifications to be recognised as SQEP (Suitably qualified and experienced person) for the role.
- Knowledge and experience of relevant industry codes of practice.
- Relationships with the wider client business to understand the requirements and needs for the facility being built.