Organizations have been treating quality as a siloed function -- amputated from core business operations. In order to build a risk-based quality culture, organizations need to have access to potential or existing risks, along with its impact and severity ratings, and leverage it to design the quality management plan.Download an Insight
The year 2015 experienced numerous incidents and quality misses, calling for a foolproof quality management program. Automotive giants like Volkswagen, Honda, Ford and Nissan have had to recall their cars due to certain hardware and software errors, major life sciences organizations have been fined heavily by the FDA over unauthorized drugs and medical device manufacturing, and manufacturing organizations were forced to recall products when high levels of lead was discovered in children’s toys and beds.
For that matter, even the food and beverages industry has been grilled due to poor quality products, leading to product recalls with manufacturing and sales coming to a halt. The retail industry has also been scarred with several issues like the Nike labor malpractice incident as a result of several supply chain and internal quality risks going unchecked. The issues related to lack of quality encompass not only the organization and its customers, but also extend to the supply chain. Risks that have not been mitigated in time can snowball into bigger quality issues, affecting consumers and organizations considerably.
For years, organizations have treated quality as a siloed function - amputated from core business operations. However, with new trends in the way business is being done, organizations are recognizing that quality and risk go hand-in-hand to help establish a sustainable business environment.
The perception of risk has always been fluid and perceived by each organization, industry, and entity differently - in terms of frequency, impact, and severity. Keeping in mind the effects of neglecting areas of risk and the cost of bearing the burden of poor quality, emphasizing on risk to elevate quality has become imperative.
Using risk management to raise the bar on quality yields much higher results: better compliance, diligent quality assurance, and enhanced decision-making. This approach helps organizations tweak their operations, tactics, and strategy to increase their efficiency, while inculcating a culture of proactive improvement and quality of goods and services.
Imbibing Risk-based Thinking into the Overall Quality Framework
Rigorous challenges in an era of innovation and rapid transformation have put acute pressure on organizations as well as their supply chains to deliver competitive products within stringent timelines. Quite often, in an effort to bring products to the market quickly, quality tend to be compromised, pushing organizations into a difficult situation with a depleted bottom line, tarnished brand image, and a flurry of legal notices.
To avoid this, organizations could tackle quality issues from an internal and external risk perspective, and adopt a systematic approach toward aggregating all the risks and managing them from a holistic point-of-view. This will enable organizations to identify acceptable and unacceptable risks, and adequately plan next steps to manage these risks.
Risk Assessment and Rating
Performing risk assessments diligently can help assess the risk profile of the organization, and define the scope and priority of identified risks. Using various factors, such as severity of risk identified, areas of impact, criticality of a risk, and the likelihood of occurrence, organizations can determine the strength of each risk. This will help formulate a riskrating algorithm, depending on the risk appetite of a business. Appropriate methodologies for assigning a risk priority number (product of severity, occurrence, and detection) to each risk can be leveraged.
Existing and potential risks can be captured by compiling various observations, trends, and other information, including performing regular surveys and self-assessments. Analytics can then be used to deliver the risk intelligence required to infuse riskbased thinking into the overall quality management plan, reducing undesired effects and promoting continual improvement. Organizations can leverage this intelligence to define the policies, procedures, and SOPs, which can bind overall goals and promote a riskaware environment. Training programs can also be designed for employees, as well as suppliers, focusing on how to handle the risks associated with specific products or LOBs.
Risk Impact and Action Plan
Risk and opportunity are directly related, varying on the impact and feasibility of taking an opportunity or neglecting a risk. Action plans to minimize the effects of taking a risk should be defined and checked for effectiveness. There exists a gamut of risks within an organization which may hold different relevance for every process. Hence, organizations need to be able to deal with the same risk in different ways, depending on the business process. Keeping in mind the aforesaid factors, to proactively mitigate these risks and increase the probability of delivering a quality product or service, appropriate action plans can be formulated to include the course of action, resources involved and their responsibilities, timelines for completion, and the evaluation of results. This plan can be periodically revisited and appropriately updated, based on recently identified risks or during the course of management reviews.
The effectiveness of these risk mitigative action plans can be evaluated to assess if the risk has been completely eliminated or if it still exists, and if the effect or impact of the risk been minimized. Every time a non-conformity occurs, the risks and opportunities determined during planning can be updated. To verify the effectiveness of the action taken, various methods like Failure Mode Effects and Analysis (FMEA) and Fault Tree Analysis (FTA) can be used to measure the change in the RPN value. A risk-driven approach enables organizations to establish a well-informed business environment where risks can be holistically viewed and impact on quality can be proactively addressed.
Risk Management Tools and Techniques
Organizations can assess and manage risks with recognized risk management tools and internal procedures like DFMEA, Fault Tree Analysis (FTA), Failure Mode, Effects and Criticality Analysis (FMECA), Hazard Analysis and Critical Control Points (HACCP), Preliminary Hazard Analysis (PHA), and other supporting statistical tools like control charts, histograms, pareto charts, and more. Using these tools and procedures, organizations will be able to switch to a risk perspective, enabling them to respond to changes and protect their brand as they grow. It is important to stress on a culture where the leadership and top management is involved with promoting risk-based thinking within the organization. This helps in detecting and mitigating risks early on before they spiral into bigger quality issues.
Using the Right Solution to Manage Risk and Quality
In order to build a risk-based quality culture, organizations need to have access to potential or existing risks, along with its impact and severity ratings, from across different business functions. Aggregating all of this information on a single database can be a tedious, resource-intensive, and time-consuming task. Organizations can leverage technology which will help aggregate various risks in a common repository, offering a clear view into the whole spectrum of risks. This visibility will help elevate the quality of products and services, while driving continuous improvement. Additionally, technology can play a critical role in automating the end-to-end risk assessment process and design the quality management plan.
Infusing risk management in a modern quality management program gives an edge to further vet internal quality processes and suppliers, ensuring risks are picked up on in a systematic and timely manner. This involves establishing a risk universe, identifying and assessing risks, and taking actions to mitigate the risks or lower its impact. Tracking quality issues to closure can enable managers be aware of the progress and be well prepared with any information available at a click.
Technology can equip organizations with a strong knowledge base of risks prevalent across various functions and business units. A centralized view of and access to all the risks through roles and geographies in real time enables effective collaboration on deviations or non-conformances and ensures remediation measures are taken before the risks pose threat for the business
With technology, risk identification and assessment can be streamlined for every process, business unit, supplier, or product. Pre-defined surveys and checklists can be created to perform risk assessments and address high-risk areas on priority. To help management visualize high-risk areas, risk heat maps can be generated defining the severity of risks, their impact on the business, and the likelihood of their occurrence.
Additionally, all non-conformances can be addressed with corrective and preventive actions in a structured workflow, allowing stakeholders to be identified and tasks assigned for each step of the process. Technology enables organizations to perform quality audits and inspections based on the risk rating assigned for any product, process, facility, factory, or supplier.
Preparing for the Next Wave - New Age QMS
Imbibing risk-based thinking into every stage of quality management process can eliminate deviations, minimize cost of poor quality (CoPQ), ensure regulatory compliance, and elevate an organization’s brand. It is an opportunity for organizations to exhibit greater knowledge and preparedness, reducing the probability of quality misses or a high-risk impact.
A risk-driven approach to quality is not something new, and is already in practice among majority of the organizations. What is currently lacking is the idea of assimilating all the results with a unified perspective of collaboration and making prevention a habit. Organizations need to be more aware of the risks impacting the quality of their business by ensuring that they build a strong foundation of risk intelligence, perform continuous risk monitoring, leverage risk intel to drive insight and foresight for quality processes, and gain in-depth visibility into their supplier’s risk profile. With growing technological advancements and cutting edge competition, it is a make or break situation for organizations. Being aware of the threats and keeping in line with the quality parameters can keep an organization stable in the face of any ordeal. Quality is not perceived in the light of risk very often, but putting the two together can prove to be very advantageous for any organization.