#71 – HOW A QUALITY PRO LEARNED ABOUT RISK – BILL WALKER

Bill WalkerWOW!  I thought that I knew a lot about RISK MANAGEMENT and boy was I wrong.  I was in a five day BOOT CAMP taught by Greg Hutchins and Ed Perkins.

There are many tools and definitions that must be identified, learned and then used to reduce RISK and CONTROL variation.  Eliminate uncertainty in your entire organization is a MUST DO.

LOTS OF QUESTIONS
Do I need to know and understand ISO 31000 which is Risk Management – Principles and guidelines?  Is this document going to appear on a PO from my customers?  What does being a “guideline” mean?

What is a HEAT MAP?  Is a HEAT MAP a better method of doing a RISK ASSESSMENT then an FMEA?

What is RISK TOLERANCE?  Is it the same as Risk Appetite?  What level of risk is your organization willing to accept?  How does an organization determine what is acceptable risk?  How does your organization control this risk?

What drives Risk Appetite?  Is it the PO, the Customer, government regulations or what?  What is not only your management willing to accept but also your customers?

When we guarantee a performance MTBF for our products is there RISK that we may have not designed our products with the proper components and calculated the MTBF correctly?  Of course there is some RISK associated with the component selection and the calculations.  Are there steps we can take to ensure that we meet the MTBF?  We can use high reliability components and subject the products to SHAKE and BAKE which is a controlled temperature burn-in with some vibration.  The vibration is to simulate actual conditions that the product will experience during its life cycle.  This SHAKE and BAKE is accomplished with electrical power to the product and recording outcomes.  Any failures are analyzed with corrective action that could result in further design changes.

WHO SHOULD USE RISK MANAGEMENT?
What is a BLACK SWAN EVENT?  Can it happen in my organization and has it happened?

Should law enforcement organizations be doing Risk Management?   What we have seen lately on TV and heard on our radios is that Police organizations are very concerned about their relationship with the public.  The public is concerned about excessive force that the police have been doing.   Have we not seen evidence of this on the TV News?  What is excessive force?  Has this been defined?  Does the State Police, County Police force, Metro Police, Military Police, Home Land Security and other law enforcement agencies all have the same definition for FORCE?  Is there a need for definitions like “excessive force, protective force, deadly force, preventive force, live saving force, necessary force, risk force, Taser force, rubber bullet force, choke hold force, unnecessary force and other force definitions?

No matter what industry or business we work in that industry or business has terminology and definitions that are similar or exactly the same.  So we can talk to each other and we understand what we each are talking about.  We need to be careful because there are the same words in different languages that mean different things.  This is why we need to FULLY UNDERSTAND our contract with ALL our customers and be careful when we have a contract that we must convert into AMERICAN ENGLISH.  Maybe this is why the organizations Quality Manual for AS9100 must be in English.

Once we have identified words and their meaning we can now do a PARETO CHART over a specific time to determine which force type, happens the most.  Then we can work on Corrective Action to reduce these issues to an acceptable level after we determine and agree what is an acceptable level or GOAL.  This is all about risk.

Now it is time for the various agencies and in different USA states, to team up together, share data and corrective actions.  We can now do this and not have to travel and can communicate by using our PC, Lap Top, cell phones, E-mails or other means.  How do you communicate within your organization?  Is it working or needs improvement?

QUALITY STORY ABOUT RISK
There is a true story about a CEO that was away from the office and needed to contact a person at the office but in order to do this the CEO had to talk to the operator at the office in order to be transferred to this person.  The CEO had to wait to talk to the operator as the operator’s line was busy.   When the CEO finally was connected, after several minutes with no indication that he/she was still on HOLD as there was no music or reminder that the call was still on HOLD,  to the operator the operator was not the regular operator as the regular operator was on break.  The sit in operator did not know how to transfer the CEO’s call and was not trained on how to use the switch board because the usual operator sub was on vacation.  The smart CEO determined that if he/she was having the difficulty experienced what about their customers?

Were there some changes in the training of the people who answered the office phone when the CEO returned to the office?  You can bet there was.  Have you lately tried to call in to your office and had problems?  What have you done to improve this service?  Is there a RISK of losing business, both old and new, because of the issues with the operators who answer the incoming calls?  Have all your employees been trained on how to answer calls and know how to transfer a call from their extension to another extension?

I don’t know about you but I really become pissed when people don’t know how to correctly use the phone system at their company.  If they can’t work a simple phone system it makes me wonder if they are doing all the requirements of mine and their customers purchase orders.  Are they doing contract review?  Do they know what DPAS is and how it effects their organization?

RISK IN QUALITY STANDARDS
Have you and your organization reviewed ISO 9001-2015 and determined what must be done?  This ISO document revision will be released in September 2015 and contains  RISK MANAGEMENT clauses which mean new requirements.  The new clauses in ISO 9001-2015 will be added to AS9100 (Aerospace), TS16949 (Automotive), ISO 13485 (Medical) and other global standards.  How about review and effect of ISO 19011 and ISO 31000 on my organization?

Are the RISK MANAGEMENT clauses in the above standards the only RISK concerns that your organization needs to be concerned about?  I hope that your answer is NO.  Organizations still must fully understand ALL the contract requirements and do what is required.

Your customer contract says to paint the part green but the engineering drawing says to paint the part blue.  What color do you paint the part?  What is the RISK and costs if you paint the part the incorrect color?

Do you belong to an organization that does RISK MANAGEMENT correctly?  Don’t let the title “RISK MANAGEMENT” fool you as RISK is everyone’s job in an organization.  RISK MANAGEMENT training is just not for management but for ALL employees.  It is smart to start with training of management at all levels and then those that work for these members of management because the workers will ask their management person questions which they will be able to answer because they already have had the training.

What is your organization doing about RISK MANAGEMENT because there are changes coming that must be met?  Do you know the answers to the new terminology that I have mentioned above?  If the answer is NO then it is time to learn.

Is the CERM Bootcamp the only way to go.  No.  You can buy lots of risk books and standards.  What I DO know is that you’re going to address risks and risk management.  Start learning now before you’re job’s in jeopardy.

Bio:

Bill Walker is a quality consultant and writer in Everett, Washington, USA.  Are there some questions for me?  You can contact me at billwalkerrm@gmail.com.  My goal is to answer your questions within 5 business days or sooner.

Leave a Reply

Your email address will not be published. Required fields are marked *