When fix-on-failure is not an option
There are projects in which some, maybe even most, of the possible outcomes are so threatening that their occurrence cannot be tolerated. Should something go wrong–should it not go to plan–there is no mitigation available. If you are driving a car and the engine malfunctions, it can be annoying, even frightening, but it’ll be a whole lot more final if the engine malfunctioning is in a spacecraft!
There are degrees of criticality, ranging from safety-critical performance in a nuclear power station to life-and-death rescue missions, to correct compliance to regulations set out in legislation–and in each case project failure always incurs severe penalties.
In these projects, the avoidance of risk drives the planning. This forces a modification to the usual planning process. The focus is to avoid the possibility of events occurring that cannot be managed; it is on the use of processes where the known performance indicates very high levels of reliability with no surprises.