Risk management challenges #2: Implementing risk-based thinking in quality management systems
As a risk management coach I see first hand some of the challenges organisations have when it comes to risk management. Many of the challenges are recurring and seem to be present regardless of times and trends. Other challenges come with changes in standards and expectations from stakeholders.
A challenge that came with the ISO 9001:2015 was the implementation of risk-based thinking in quality management. When the 2015 version first came out there was a lot of upheaval about the term risk-based thinking and the stronger focus on risk management in the standard, and still quality managers are looking for answers on how to comply with the risk requirements in the standard.
In my opinion, risk management has always been an important part of quality management, and the term risk-based thinking does not really introduce new angles to quality management. Firstly, quality management focuses on producing reliable results and establishing methods to weed out any non-conformances in the end product as early as possible. I am sure you’ve seen the graph that shows how the costs of non-conformances increases the further into the production line we go, on many occasions: Identifying a flawed design during production of drawings cost significantly less than identifying a flawed design in a nearly finished construction. This is risk management with the objective to deliver conforming products at the lowest possible cost.
A second, important aspect of risk management in quality management, is found in ISO 9001:2015’s requirement to evaluate context and stakeholders. As I see it, these activities are mainly representatives for the 7th quality management principle: Managing relations. We can to a certain degree control how we are affected by our context, how we are able to navigate our context and how we can communicate with different stakeholders to increase predictability in their actions and their attitudes towards our activities. By focusing on our relations and how they function we may decrease the uncertainty they represent, and establish a higher certainty with regards to reaching our own objectives. That is risk management!
The third aspect that I want to highlight is the ISO 9001:2015 requirement to assess risks affecting the management systems output requirements. Very often this means that organisations should evaluate their processes, identify areas of risk in their processes and then improve their processes by changing the level of risk they find.
I experience that these three aspects challenge many quality managers and leaders. They seem to think that it is necessary to establish extensive risk management processes to conform with the ISO 9001:2015, yet they don’t really have a system for identifying risk in their processes, and they aren’t comfortable with how to choose the right level of attention. They ask questions such as: How good is good enough? What do we need to do that we didn’t do before? What are we already doing that qualifies as risk-based thinking? How will we be audited on this aspect?
I am sure you can recognise the three challenges I have highlighted with regards to implementing risk-based thinking into quality management systemes, yet you may have different perspectives. My focus points are based on the experiences I have, and the organisations I’ve been part of, as well as my own personal preferences. Your perspective has equally been developed during your years of experience in the field, your background and the cultures you have been working in. Imagine that you could use your peers to establish a better understanding of the concept, and pick their brains on how they solved such problems. Wouldn’t that be great?
For about a year now, I have been wanting to do something different from my classroom courses, and you are hereby invited to participate in my Mastermind session Risk-based thinking, for quality and risk management professionals, in Alicante from 22nd to 25th of May! The Mastermind will be a space where we can meet and openly discuss specific challenges we have in our day-to-day work related to risk management, and pick each others brains on ways to improve and better approach our individual challenges.
Each participant will bring one specific challenge they have to the table, and during the four days we will work hard to collectively infuse our peers with new thoughts, support their current approaches and/or give them alternative methods to solve their challenges. The goal is that each participant can go home with a well proven plan for handling challenges they’ve brought to the table during the Mastermind session. The expected bonus is that we all end up with a widened perspective on how we conduct our work and how we can improve our value for our organisations.
I will be creating a few posts about the Mastermind: Risk-based thinking, for quality and risk management professionals in the coming weeks. Each post will discuss different challenges I experience that my peers have in their work with risk management, and in each post I will reward anyone who comments with a 10% discount on the Mastermind, or on any of my risk management coaching services. The offer is valid until 31st of March 2018. If you’re not comfortable with commenting here, please feel free to send the comment to my e-mail.