Why Risk Is Critical to Quality Management: 3 Functional Ways

How does risk become a critical component of Quality Management? Paul Leavoy explains.

thomasnet, quality management, riskLike many things in life, enterprise quality management approaches are not static. Certainly there are timeless elements of quality management strategies that have been applied for decades and will continue to be applied. But advances in computers and Web-based systems have brought specific quality management tactics to the next level. We are now witnessing an unprecedented level of access and visibility into quality management metrics and performance – in real time in some cases.

This is part of a natural progression most organizations experience when it comes to quality management. Strategies and technologies that once worked — and, indeed, continue to function as a bare minimum — need to be updated or sometimes overhauled or replaced in order to improve performance and accelerate competitiveness. This is particularly true when it comes to risk management, which, as global manufacturing leaders know, needs to be embedded into quality management approaches.

Implicit Versus Explicit Risk Management
Another factor that plays into this whole equation is that we tend to have two different but ultimately overlapping risk management approaches, which could be described as implicit and explicit.

Implicit Risk Management: This approach might involve evaluating existing quality processes, for example, prioritizing corrective and preventive actions (CAPAs) based on how they will impact an organization’s risk profile, or auditing suppliers and facilities on a case-by-case basis based on risk factors. It can be thought of as more of a tactical approach, and differs from a more strategic one.

For more stories like this visit Industry Market Trends 

Explicit Risk Management: With this approach, an organization assesses all areas of the enterprise proactively and builds a clear, bottoms-up risk framework replete with a comprehensive risk register that accounts for the robustness, or lack thereof, in quality processes. The company then proceeds to apply it strategically across the entire organization.

Although lots of companies evaluate risk solely along the lines of processes, it helps to marry tactical (implicit) risk management approaches to strategic (explicit) approaches to fully round out the operational risk management (ORM) framework.

With that, there is, increasingly, a closely knit relationship between quality and risk that manifests itself in three key functional areas.

1. Corrective and Preventive Actions (CAPA)

CAPAs are a fundamental component of quality management processes. The identification stage of CAPA processes, of course, precedes the investigation stage, but should also connect to how we assess operational risk, as well as to control mechanisms that feed into the CAPA identification process, from a good manufacturing practices (GMP) perspective.

When operational risk management is linked with or embedded into enterprise quality management systems (EQMS), the risk assessment approach benefits from accumulated information generated through the identification of hazards and adverse events, which, in turn, improves capabilities when it comes to quantifying, prioritizing, and migrating risk.

When EQMS and ORM systems intertwine, we can eventually begin to prioritize our workflow based on CAPAs. For example, risk matrices can be informed by the number of open CAPAs, which point to areas of business activity that become “riskier” by virtue of the fact that they are associated with open CAPAs. As these two elements — EQMS and ORM — begin to “speak” to one another, we ultimately make risk management and quality management more effective.

2. Audit Management

Just as risk assessment ought to be linked to identification of events and hazards from CAPA processes, there’s a two-way feedback loop that ought to be established between risk assessment and the initial phases of audit management. As we establish audit criteria, we can leverage data acquired in historical and ongoing risk assessments. And risk assessments, likewise, are also informed by the criteria we have established to conduct audits.

And as discussed with CAPAs, we see how a risk matrix can be informed by metrics associated with audit performance, audits complete/incomplete, as well as audit frequency, just as risk factors can feed back into audit management, inviting us to, perhaps, audit certain performance factors on a higher-frequency, more-intensive basis based on risk and others on a lower-frequency, less-rigorous basis.

3. Supplier Quality Management

It’s one thing to roll out risk management across the enterprise. It is quite another to apply the quality, risk, and, indeed, sustainability management requirements that have been established internally to across the supply chain and vendor base.

Nowadays, quality, risk, and sustainability need to be more tightly integrated across the enterprise and its entire supply chain. Functionally, this asks manufacturing leaders to boost their ability to evaluate and monitor suppliers on an ongoing basis according to quality, supply chain, and operational risk factors.

Organizations need the ability to rank both supplier quality management and supplier relationship management according to — above and beyond quality — risk-based metrics that can actually be accumulated through the right analytical tools. However, this means linking these interrelated tools across the enterprise.

LNS Research Interconnecting Quality Processes chart

There’s really no rocket science behind the factors discussed above, and the fundamental message is that when we embed risk management into quality processes, quality performance can improve courtesy of being linked to risk information. Closing the continuous feedback loop, quality process data can be fed back into risk management processes to improve our capacity to analyze risk.

Quality management data is too valuable to be left in silos, especially in the manufacturing environment, and, in turn, risk management data is too valuable to be isolated from quality management frameworks. Only the right processes and technology — supported by an organizational culture that views quality and risk as pervasive corporate matters — will enable an organization to manage quality effectively from a risk-based perspective.

Read More at  ThomasNet 

This article was originally published on ThomasNet News Industry Market Trends  and is reprinted in its entirety with permission from Thomas Industrial Network.  For more stories like this please visit Industry Market Trends.