Transcript Slide 1

Risk Management
Presented By:
Daniel J. Brown, CQA
Copyright 2010 DB Performance Solutions, LLC
Risk Impact Examples
Risk Analysis & Mitigation Matters
 Risk Impacts Everyone
 Reduce the Probability of Lawsuits
 Reduce Liability Insurance Costs
 Improve Customer Relationships
 Improve Supplier Relationships
 Reduce Direct and Indirect Costs
What is Risk?
 A risk is a potential future event that could result
in adverse and unplanned consequences
 A risk is NOT a problem, an issue or a crisis!
 Risk is also a measure of the potential inability to
achieve overall program objectives within defined
cost, schedule and technical constraints*
 *Reference: Risk Mgt Guide for DoD Acquisition,
4th Edition, June 2003
Risk and Standards
 Many standards require risk management:
 AS 9100
 ISO 13485
 ISO 22000 & SQF
 TS 16949
 ISO 9001
 ISO 9004 (guidance)
ISO 9001:2008
 0.1 General
– The adoption of a quality management
system should be a strategic decision of an
organization
– The design and implementation of an
organization’s quality management system is
influenced by:
• Its organizational environment, changes
in that environment, and the risks
associated with that environment
ISO 9004:2009

4.2 Sustained Success…to achieve sustained
success top management should
 Identify associated short and long-term
risks and deploy an overall strategy…to
mitigate them
ISO 9004:2009 Continued
 Also referenced at:
4.3 Organizational Environment
5.3.1 Strategy
6.1 Resource Management
6.5 Infrastructure
6.7.4 Technology
7.2 Process Planning and Control
8.3.1 Measurement
8.3.3 Internal Audit
8.4 Analysis
8.5 Information Review
9.3.5 Innovation Risks
Where to Look for Risk
Consider
Change
Control
Process
Products
 Product Meets Requirements
 Reliability program requirements
 Critical items control & management
 Mission/Product Assurance
 Processing induced hazards
Processes
 Program plans
 Structured Independence Processes
 Mission Assurance Plan (MAP)
 Defining of risk controls
 Equipment
Behaviors
 Risk Identification
 Analysis & Prioritization
 Elevation of risk (communication)
 Mitigation Decision Making
 Human factors skill / training
 Defined Competency
Standards & Regulations
 Realization Process Risk Planning
 Contracts
 Design
 Procurement
 Manufacturing
 Inspection
 Approvals
Risk Management (per ISO 31000)
 Create value
 Be an integral part of organizational
processes
 Be part of decision making
 Explicitly address uncertainty
 Be systematic and structured
 Be based on the best available information
Risk Management (per ISO 31000)





Be tailored
Take into account human factors
Be transparent and inclusive
Be dynamic, iterative and responsive to change
Be capable of continual improvement and
enhancement
Copyright 2010 DB Performance Solutions, LLC
7/6/2015
Risk Management
Risk Management encompasses:
Identification
Prioritization
Measurement
& Feedback
Mitigation
Each applies equally to PROCESS and PRODUCT associated risks!
FEEDBACK MECHANISMS
Make certain that RISK IDENTIFICATION includes past
experience from related products:
Things Gone Wrong/Things Gone Right
Corrective Actions
Adverse Event Reports
Previous Complaints
Customer Feedback
Common Risk Identification Tools
 FMEA
 HACCP
 Cause/Effect Diagram
 5 Whys
 Preliminary Hazard Analysis
 Fault Tree Analysis
Common Risk Prioritization Tools
 FMEA
 HACCP
 Impact/Effort Matrix
 Severity / Frequency Matrix
 Pareto Analysis
Common Risk Mitigation Tools
 Strategic Planning
 Guarding/E-stops/Seals
 Control Plans
 On Site Supplier Audits
 Team Based Problem  Design for:
Solving (8-D)
 Reliability
 Error-Proofing
 Maintainability
 Training/Awareness
 Manufacturability
Risk Considerations
 Consider how risk responsibilities vary?
– Program: Cost, schedule, technical
– Sales & Contracts: Understanding of user
needs/ requirements, comparison of user
needs to organizational capabilities
– Production Planning: Applying
“appropriate” methods
 Consider how risk increases between processes?
– Potential failure while “baton” is passed
Risk vs. Company Size
Varying Applicability to Different Functions
Risk Processes…..appropriate to the product
and the organization
Risk vs. Company Size Continued…
 Engineering: Design, technology capability
 Supplier Management: Supplier capability,
interface, etc.
 Purchasing: Vendor capability, risk/criticality
communication, others
 Manufacturing: Applying “appropriate” methods
 Inspection: Independent verification
 Individuals: Application of risk to option decisions
Product and Technical Risk Considerations
 Complexity of design
 Criticality of product for end use
 New or unproven process or technology
 Organizational capability to design or build
 New or unproven process to organization
 New technology to company
 New or unproved subcontractor
 Items or requirements that have potential risk
Personnel Risk Considerations (Human Factors)
 Risk Behaviors (Employees, Customers)
 Knowledge of identified risks
 Knowledge of process options
 Application of identified risk topics to
process options
 Risk Considerations
 Preventing deliberate actions
 Preventing accidental actions
Risk Management & Preventive Action
 Many companies struggle with
Preventive Actions
 ALL ACTIONS TAKEN AS A RESULT OF
RISK ANALYSIS QUALIFY AS
PREVENTIVE ACTION!
 Improves the client’s bottom line,
compliance, and corporate liability
Evaluating Risk Effectiveness
 CAPA System
 Internal Audit
 Returns/Warranties/Complaints
 Internal Failures
Risk & Management Review
 [Management] review shall include assessing
opportunities for improvement and the need
for changes to the quality management
system…
 Does this not meet the expectations of Risk
Management as well?
 With this understanding, we can change the
context of the review to become a “Risk
Management Review”
Risk Management Review
 What are the results of the Key Metrics?
 What risks does this bring?
 What risks have been reduced due to Internal
Audits?
 What risks were identified in External Audits?
 What risks were detected by our CAPA
System?
Risk Management Review
 What risks escaped detection and caused
complaints/rework/warranty?
 Have the risk management plans been
updated accordingly?
 What external changes can impact our risk?
 What additional or transferred resources are
required to minimize risks?
Risk Management Reduces Liability
 Share (elements of) the Risk Management
Plans with those who share your liability:
 Bank(s)
 Insurers
 Shareholders
 Key Customers
 Liability costs should go down since overall
liability is reduced
Questions?
Contact
Dan Brown
DB Performance Solutions, LLC
312-615-3530
www.dbpsllc.us
[email protected]