Skip to content
EMS handbook

4.3 Risk management for EMS projects

In hardware manufacturing, relying solely on optimism is an operational risk. A successful engineering manager systematically identifies and mitigates failure modes long before they manifest on the factory floor. Risk management is not a bureaucratic paperwork exercise for project managers; it is the fundamental engineering discipline of predicting the future. When identified early, a technical or supply risk is a manageable variable. When ignored, it becomes a crisis that halts production.

The following framework maps the six distinct territories where hardware projects universally encounter challenges. This should be treated as a mandatory scan pattern for every design review.

1. Supply chain risk (the components)

Section titled “1. Supply chain risk (the components)”

The Risk: The inability to build a product due to missing raw materials.

The most frequent cause of a “line-down” crisis is often a generic $0.05 ceramic capacitor that is suddenly out of stock globally.

  • The Detection: Rigorously scrub the Bill of Materials (BOM) against live market databases (e.g. SiliconExpert, IHS) to verify the “Lifecycle Status” and “Global Inventory” of every line item.
  • The Threat: When a critical power IC is “Sole Source” (manufactured by only one vendor in the world), project success is tied to the factory stability of that single vendor.
  • The Mitigation:
    • Design Phase: Validate and approve at least two alternate part numbers for every single passive component on the board.
    • Procurement Phase: Purchase “Safety Stock” for high-risk, high-lead-time silicon immediately upon architectural design approval—even before the PCB routing is finalized.

2. Design risk (the margins)

Section titled “2. Design risk (the margins)”

The Risk: The product works perfectly on the lab bench but suffers massive fallout in the factory.

Lab benches use stable power supplies, climate-controlled air, and hand-tuned “golden” prototypes. Factories use statistical distributions of component tolerance.

  • The Detection: Require Monte Carlo simulations and Worst Case Circuit Analysis (WCCA) during the schematic phase.
  • The Threat: When an analog circuit requires a resistor to remain within a 1% tolerance across all temperatures to function correctly, normal manufacturing variation will dynamically lead to failures on the line.
  • The Mitigation: Circuit tolerances should be relaxed. Design robust architectures that seamlessly function even when the underlying component parameters drift by 5% over time.

3. Process risk (the assembly)

Section titled “3. Process risk (the assembly)”

The Risk: The physical geometry of the design exceeds the mechanical capability of the chosen factory equipment.

  • The Detection: Run a DFM Report and request the factory’s historical Process Capability Index (Cₚₖ) analysis for similar footprints.
  • The Threat: Placing a massive BGA processor with an ultra-tight 0.3mm pitch on an SMT line that is only calibrated for 0.5mm standard pitch will cause first-pass yield (FPY) to crash due to massive solder bridging under the chip.
  • The Mitigation: Jumping straight to mass production must be avoided. Force a Pilot Build (e.g. 50 units) specifically designed to mathematically measure the factory’s Cₚₖ on your exact board layout before committing vast resources to mass volume.

4. Test risk (the blind spot)

Section titled “4. Test risk (the blind spot)”

The Risk: Shipping defective units to paying customers simply because the test fixture could not see the defect.

  • The Detection: Perform a rigorous Test Coverage Analysis. Map every single physical net on the schematic to a specific, automated test verification method.
  • The Threat: When a critical hardware feature is deemed “Untestable” (because there are no physical copper test points and no firmware diagnostic commands), that feature is shipped without verification.
  • The Mitigation: Extract value from physical copper test points for ICT (In-Circuit Testing) during layout. Implement “Boundary Scan” (JTAG) for massively complex digital chips to logically verify microscopic solder joints without requiring physical probe access.
Section titled “5. Compliance risk (the legal wall)”

The Risk: The finished product is seized by international customs or legally banned from sale by federal regulators.

  • The Detection: Early regulatory architectural review targeting FCC, CE, UL, and RoHS directives.
  • The Threat: Placing a pre-certified WiFi module adjacent to an unshielded switching power supply can cause the final system to fail radiated emissions testing, forcing an expensive PCB re-spin and delaying the launch by months.
  • The Mitigation: Perform early “pre-scans” at a certified compliance lab during the prototyping phase. Do not wait for the final “Golden Unit” injection-molded plastics to check for Electromagnetic Interference (EMI).

6. Logistics risk (the physical journey)

Section titled “6. Logistics risk (the physical journey)”

The Risk: The hardware survives the factory but is destroyed during transit to the customer.

  • The Detection: Aggressive drop testing and simulated vibration profiles on the fully packaged product.
  • The Threat: Shipping a product designed for bulk pallet transport via an automated courier (“UPS”/FedEx) can result in damage from standard 1-meter conveyor belt drops, shattering internal LCDs.
  • The Mitigation: Pay an external lab to perform ISTA-2A shipping transit tests on the final packaged unit. Utilize single-use “Shock Watch” indicator stickers on outer master cartons to detect severe drops by logistics carriers.

Final Checkout: Risk management for EMS projects

Section titled “Final Checkout: Risk management for EMS projects”
Risk TerritoryThe Ultimate “Red Flag”The Mandatory Engineering Action
Supply ChainA critical component is Single SourceBuy buffer safety stock or redesign the schematic for alternates.
Circuit DesignThe board historically requires “Hand Tuning” to passRedesign the underlying physics for a wider component tolerance.
Factory ProcessThe Pilot Build / NPI Yield is < 95%Stop the line. Find and permanently fix the root physical cause before Mass Production.
Test Coverage”Don’t worry, we’ll figure out how to test that later”Delay PCB Gerber release until 100% test coverage is defined.
ComplianceSkipping the EMC Pre-scan to save $2,000Pre-allocate $20,000 in the budget and 8 weeks in the schedule for the inevitable board re-spin.
LogisticsDeploying a completely untested packaging designShip a dummy, unpowered unit via standard ground shipping to verify survival.