IoT governance in oil & gas: A smart approach to smart equipment
IoT governance in oil & gas: A smart approach to smart equipment

IoT governance in oil & gas: A smart approach to smart equipment

Upstream to downstream, the Internet of Things (IoT) is critical to accelerating transformation in oil & gas operations.

By embedding internet-connected sensors into industrial equipment like wells, rigs and pumps, oil & gas companies can access deep, real-time data insights, allowing them to spot trends, pinpoint issues and improve operational performance. Given the massive potential business benefits, it’s little wonder the IoT market in oil & gas is expected to exceed $30 billion by 2026[1].

In the near future, I’m convinced smart machines will be instrumental to the success of oil & gas operations. But there’s a catch.

Oil & gas companies need to be thoughtful and strategic about how they deploy connected equipment.

Many companies aren’t. A recent KPMG survey found that 46 percent of companies adopt IoT technologies without assessing the associated risk[2].

This approach is shortsighted, problematic and potentially dangerous. After all, the IoT ecosystem is incredibly vast and complex. There are many vendors that play key roles in developing and managing the connected devices deployed on oil & gas equipment. To deliver value, integration, coordination, oversight, transparency and accountability are crucial.

When oil & gas companies rush full steam ahead with largely unplanned IoT deployments, they risk a great deal.

Without proper coordination and oversight, smart machines threaten oil & gas companies with a host of serious problems, ranging from financial loss, to business disruption, data loss, and health and safety.

Consider, for example, if a cyber-attacker—preying on weaknesses in a technology supplier’s cyber defenses—penetrates an oil operator’s IoT-connected pump station. The best result the operator might hope for is the attack temporarily stopping production and affecting short-term profit. A more damaging outcome might be the exposure of valuable data or intellectual property. A worst case scenario—a cyber-attacker manipulating pump pressure and threatening workers, the public and the environment—is hardest to swallow (and for the business to recover from).

How do oil & gas companies use IoT solutions responsibly, so they can tap to into the tremendous opportunities?

For oil & gas companies to leverage IoT technology to enhance operational performance, it is to crucial to integrate risk considerations throughout the IoT program.

Establishing an IoT governance function is one tried-and-tested way to help ensure connected solutions are reliable and secure.

As IoT solutions are planned, built, deployed and scaled, the IoT governance function operates guardrails to anticipate and manage risk along the way. Its express purpose is to formalize how risks are managed across the full lifecycle of the connected solution—from setting the strategy, to deploying the IoT technology, to operating smart machines in the field.

We’ve found that successful IoT governance functions share some similar characteristics.


  • Are strategic, with a core focus on aligning IoT investments with the needs of the business
  • Empower collaboration between stakeholders
  • Drive consistency through process standardization
  • Provide guidance through best practice sharing
  • Mitigate risk through effective countermeasures, metrics and monitoring
  • Accelerate innovation and change through timely and risk-informed decision-making

Is your oil & gas organization thinking about how to manage the risks of smart equipment?

Learn more about how a robust, agile and responsible IoT governance function can help you capitalize on your IoT investments with our recent paper: Realizing the power of smart equipment.


[1]Global Internet of Things (IoT) in Oil & Gas (O&G) Market Analysis and Forecast 2017-2026 (BiS Research, 2017)
[2]Disruption is the new norm: Emerging tech risk survey report (KPMG LLP, 2017)