Quality Management and Risk Management: Top Questions Answered

Quality Management and Risk Management

Cority recently hosted a webinar with Quality Digest on the topic of how Quality Management and Risk Management work together to deliver product quality within the facility and across the value chain. Below we provide answers to some of the great questions from audience members we didn’t get a chance to cover during the webinar. 

What is the Cost of Poor Quality (COPQ)? 

When manufacturers don’t take the necessary steps to incorporate risk analyses into their shop floor processes, they can end up paying the price with product that is out of specification, contaminated or a consumer safety risk. The resolution process ends up costing the organization time, resources and money to resolve, otherwise known as the Cost of Poor Quality (COPQ).

Many organizations only think of the direct costs, which includes scrap, rework, testing, recalls and customer returns, however, that’s only the tip of the COPQ iceberg:

Quality Management and Risk Management graphic

Indirect costs include excessive overtime, inventory shortages, planning delays, lost sales and a number of other unforeseen costs. According to Six Sigma calculations, total COPQ can cost organizations 15% to 40% of sales revenue. So, for every million dollars in sales, a company can waste up to $400,000 based on product quality issues. 

In order to create better visibility in their processes and procedures, many manufacturers are looking to automate their quality processes with a Quality Management System (QMS) that integrates with enterprise IT systems and shop floor equipment. And by connecting it to their risk management program, they end up with a more predictive system that can help them identify and manage hazards and risks more proactively to avoid poor quality output.

In the world of Quality Management, what would be the life cycle of a risk?

When we talk about Quality Management, we have to think of the two stages of quality. The first step is Quality Assurance (QA) where rules and standards are set to achieve product quality. This is usually in the pre-production phase and is a proactive way of managing product, ensuring the repeatability of product specifications, and identifying risks. The second step is Quality Control (QC) which usually done during work-in-process (WIP) or post-production to inspect and test the product against those pre-set rules and standards.

To ensure consistent product quality, it’s important to include a risk management program in the QA stage of your process to identify risk in pre-production. By monitoring and managing these risks you can reduce issues from occurring or proactively identify when deviations occur to minimize the impact earlier and contain costs.

You need to identify the product risk, such as high-risk ingredients or parts that make up the product, and the level and severity of each so you can test for consistency and safety before it is used in production. The same risk measures can be tied to the process steps of developing a product. You want to determine where your critical and high-risk control points are in the process so you can monitor and manage those risks effectively to reduce the impact on the finished product.

The Quality Control stage is a great time to verify your risk management program. By tying it into your quality management program, you can develop questionnaires and audits to ensure the product and process risks are managed and monitored on a regular basis and any new risks are identified and added to the risk management program.

Should action only consider high RPN values, or should it also consider severity impact (i.e. safety aspects?) 

The Risk Priority Number (RPN) is a numeric assessment of risk assigned to a process, or steps in a process, as part of Failure Modes and Effects Analysis (FMEA). The risk management team assigns each failure mode numeric values that quantify the likelihood of occurrence, the likelihood of detection, and severity of impact. All variables are important in evaluating the risk of the process or the product. While some RPNs may indicate an issue may occur that could impact a small percentage of finished products, others can identify high-risk safety impacts that may justify a redesign to the product itself. For example, if an automobile manufacturer is testing the brake system design, they can record the function, the failure mode, effect and severity to determine the risk of the final product. After further analysis, they determine that the brake pad is not large enough for the weight of the vehicle so they can go back to the product design to upgrade the brake pad to ensure product safety and consistency, thus lowering the risk level on the brake design and consumer safety. It’s not just about determining the risk to one component but the entire product itself and the impact on end users. That’s why companies are trying to use FMEA and Quality Management together to see how they can bring excellence back to their product portfolio.

What would be a good way to measure the success of your risk management programs? 

Risk management programs are often created in spreadsheets that are difficult to keep updated and share across the facility and the enterprise. That’s why capturing risk information in Failure Modes and Effects Analysis (FMEA) software creates a centralized, digitized repository of product and process risk analysis for easy reference. It should also integrate with the enterprise quality management solution (EQMS) to ensure product quality at a greater level to reduce the cost of rework, scrap and product recalls.  And whether you’re part of a small department or a global risk management team, automating your risk management program in FMEA software helps streamline and prioritize risks for greater visibility and better business decisions.

However, without comprehensive metrics, it would be difficult to determine the success of any program. The best way to start is to identify the Key Risk Indicators (KRIs), which are defined as measurements used by an organization to manage current or potential risk, including operational, financial, compliance and strategic risks. The KRIs will vary based on a department’s focus. While QA might focus on product specifications and safety, the Production team would be concerned with first-time through (FTT) yield or percentage decrease in scrap and rework costs. When combined with Key Performance Indicators (KPIs) that measures the strategic goals of the organization, you can begin to see how successful your risk and performance goals are being met and adjust as needed.  

By analyzing KRIs and KPIs in parallel over a period of time, you will be able to show actual or possible deviations from the expected goal. With these risk metrics, you can improve your company’s understanding of just how likely achieving its strategic objectives is going to be. It will also help prioritize resources so they can focus on higher risks that need more attention rather than wasting time on low-risk areas. Make sure you use a FMEA solution that has a dashboard and reporting tool that helps you analyze the data that is important to you and flexible enough to support other departments report on their KRIs.

Learn More

While quality management provides the 360° visibility throughout the product development process – raw materials through finished product – risk management provides an additional layer of protection at the beginning of the process to identify and monitor hazards before production even begins.