Now that the entire world seems to be in a state of lock-down, governments start to think on how to get to the normal state again. This will have to be based on risk evaluation and a total risk assessment process.
Risk management has a dedicated international standard: ISO 31000. But also in ISO 9001:2015, risk (and opportunity) based thinking was introduced and considered essential for achieving an effective quality management system. It is also included at the bottom of our Management Review template: risks and opportunities.
But what is risk management? The purpose of risk management is to identify hazards with the potential to cause risk to products, processes, customers, people, environment… and to develop a system to control these risks. Controlling these risks is either eliminating them or reduce them to an acceptable level.
Risk management consists of the following 5 steps:
You can see the Deming circle n this: Plan (1 and 2) – Do (3) – Check (4) – Act (5), and here is the clear link with quality. Note that for opportunities you will have to replace a few words: hazard and risk become opportunity, harm by profit and risk assessment by opportunity assessment.
There are different risk assessment methods like brainstorming, FMEA and HACCP (food specific, but the approach is general). There are other risk assessment and risk analysis tools, but let’s focus on these 3.
Brainstorming can help to identify the potential hazards and triggers the next step in the risk management process. This is more a technique than a method as it doesn’t cover all 5 steps. So if this is used, remember that brainstorming itself will not help you to mitigate the risk.
FMEA or Failure Mode and Effect Analysis is a method which facilitates the identification of potential problems in the design or the process.
2, 3 and 5 make the Risk Priority Number (RPN).
Based on this information, additional actions are defined and the residual RPN calculated: only the probability and detectability can be influenced, not the severity!
HACCP or Hazard Analysis Critical Control Points is mainly used in the food industry, but can be applied in other industries as well.
The approach is also to identify potential hazards and the determination of their severity and probability of occurrence. This gives the risk rating of the potential hazard. Next thing to do is to define the critical limits: from which moment on, the risk comes to an unacceptable level. And the last step is saying what has to be done when that critical limit is surpassed, to make sure the process is back under control and to eliminate the risk or to bring it back to the acceptable level.
Going back to the COVID-19 situation we’re in, it is best to use the FMEA method: keeping the RPN to an acceptable level, there must be more controls in place (increase detectivity) when the control measures are loosened (probability goes up).
You want to have your risk assessment and risk management process reviewed? Than send an e-mail to email@example.com and we’ll see what we can do for you within our Call-an-Expert program.