The Essential Link Between Risk Management and Quality Management

Risk management and quality management are critical parts of successful organizations (companies and projects). Each one supports the other and together they reduce company losses and streamline how the organization does business. With a new app that is available, TRM Advantage, risk management efficiency is significantly improved.

Risk management is all about identifying potential issues (risks), forecasting how likely they are to occur or reoccur, evaluating the potential consequences if they do occur, and taking appropriate steps to reduce their likelihood of occurring and the consequences if they do. Appropriate steps range from ‘do nothing’ for risks that are organizationally acceptable to planning/implementing actions that are taken to reduce the overall risk. Actions that reduce likelihood are designed to make the risk less likely to occur while actions that reduce consequence are intended to minimize problems if the risk does occur. Consequences are evaluated from four different perspectives: Safety, Health and Environment (SHE), Cost, Quality, and Corporate risk. If a risk is minimized from these different perspectives, it is unlikely to present a significant issue to the company or project.

Quality Management focuses on Quality Assurance (QA) and Quality Control (QC) where QA is concerned primarily with the processes used to generate an output and QC is focused on the inspection and testing of the output to verify that it meets customer requirements. QA looks at processes/procedures to make sure they are developed and implemented and is responsible for auditing them to ensure they are being followed. QC develops and implements the plans and checksheets used to verify that outputs from various processes/procedures are as they should be before they are sent to the customer. In quality terms, a customer is anyone that received a process output.

Although risk management is very different from quality management, neither should be implemented without the other. Risk management is used to evaluate the risk posed by a process and it’s output to determine if a written procedure is needed and how detailed it should be. If there is minimal risk, then there is likely no need to develop a formal process/procedure and involve QA/QC. If there is significant risk, even if the process is very straight forward, then a procedure is likely warranted, and QA/QC will be involved in monitoring the process execution and subsequent output. Similarly, if the quality team identifies an issue (non-conformance, etc.), the next question should be ‘Is it a big issue or a minor one’ – the answer being used to guide the response and ensure quality resources remain focused on larger issues that pose bigger threats to the company or project. Determining whether an issue is big or minor is done using the risk matrix and, if possible, a quality history that shows how likely the issue is to reoccur by seeing how often it has occurred in the past.

Another area where quality relies on risk management is a QA evaluation of process risk. In this, the various processes/procedures in use are analyzed to identify which areas of the process pose the largest risk to the output. An example of this would be in the IT system. Processes are checked for areas where there is potential for a hack into the system and then appropriate steps can be taken. It is also relevant in a manufacturing process where certain key steps in a process may be critical to end product quality, overall SHE, or output cost. When these steps are identified, they can be focused on to ensure the procedures properly address the risks and that workers are familiar with them.

Risk management relies on quality management to ensure that identified risks that have been addressed remain under control through the processes that have been put in place. Risk management closes the risk and the ball is passed to the quality team to ensure the processes are developed, relevant, implemented, and being followed. Without the quality team, processes tend to fall apart and people go back to doing what they always did or what seems easier.

The risk and quality teams can work together by setting risks that have been addressed to a special ‘monitor’ classification and following up with quality periodically to ensure that a QA check has been performed or that QC is ongoing. This verifies that the risk remains under control. Scheduling for quality audits should be guided by the level of risk posed. The quality management team can use the risk levels presented by the different processes to help set their audit schedule and forecast staffing and specialized contractor skills that will be needed when setting their budget.

Although risk management is often not seen as viable in small and medium sized companies and projects, implementation is critical. The major hurdle to implementation is managing the information that is part of risk management – especially if it is done in a spreadsheet or similar manner. This is where a sound risk management app changes a major time commitment to a simple yet critically valuable exercise.

Risk management apps – such as TRM Advantage – are designed to reduce the time spent managing risks. TRM Advantage makes entering new risks easy by enabling mobile devices (phones, tablets, etc.) to enter them from remote locations with cellular or wifi service. It also streamlines the risk evaluation and action planning process through its meeting-friendly design that supports working with groups of people. It tracks progress on the risk actions and closes them when they are deemed complete. TRM Advantage also provides summaries for each risk and generates reports for use when meeting with company leadership teams for progress updates. If you are planning on implementing or upgrading a risk management program, using a web-based app such as TRM Advantage that is designed and developed by risk professionals is highly recommended.

Leave a Reply