Featured Product
This Week in Quality Digest Live
Management Features
Bruce Hamilton
The health of the stockroom says a lot about overall flow of value to the customer
Jon Speer
Modern methods of documentation compliance
Bryan Christiansen
Theory and steps
Jim Benson
Don’t just set and forget KPIs or other metrics. Understand the true narrative of the work you do.
John Baldoni
John Baldoni interviews Garry Ridge about clarity and hope amid crisis

More Features

Management News
Siemens introduces PCBflow, a secure, cloud-based solution for accelerating design-to-manufacturing handoff for printed circuit boards
Includes global overview and new additive manufacturing section
Tech aggravation can lead to issues with employee engagement, customer experience, and business results
Harnessing the forces that drive your organizations success
Free education source for global medical device community
New standard for safe generator use created by the industry’s own PGMA with the assistance of industry experts
Provides synchronization, compliance, traceability, and transparency within processes
Galileo’s Telescope describes how to measure success at the top of the organization, translate down to every level of supervision
Too often process enhancements occur in silos where there is little positive impact on the big picture

More News

Paul Foster


Risk Management for Automotive Suppliers

Four critical things to focus on

Published: Tuesday, April 30, 2019 - 12:02

When you look at standards like IATF 16949 or ISO 9001, the requirements boil down to two essential elements: improving customer satisfaction and reducing risk.

They go hand in hand because effective risk management means safer products and happier customers—and fewer problems for their suppliers.

To help automotive suppliers proactively avoid quality and safety issues, we’re looking at four important places to focus on for improving risk management and reducing costs.

What is risk management?

The concept of risk is often misunderstood, as is risk management.

A risk is not the same thing as a hazard. Risk is defined as probability x impact of a given hazard, causing an unwanted event. Risk takes into account how likely an event is to occur as well as potential consequences:

Risk = Probability x Impact

Risk management is not the same as finding hazards or conducting a risk assessment. Risk management is a cyclical process involving:

1. Hazard identification: Spotting problems

If you’re not effectively identifying problems, it’s only a matter of time before you have a quality issue escape. And if we’re talking about a quality problem that causes downtime for the OEM, you could be looking at charges of $10,000 per minute or more.

What can automotive suppliers do to improve hazard identification?
Create structured systems for observation and capturing issues, such as with high-frequency audits and safety walk-throughs
Look upstream at processes, instead of just focusing on rear-facing product inspections
Bring fresh eyes to hazard identification, drawing on management expertise with tools like gemba walks and layered process audits (LPAs)
Proactively analyze data as you collect them, rather than allowing weeks to pass before crunching spreadsheet data
Periodically review lessons learned from issues like audits, recalls, and complaints—a requirement of standards like IATF 16949

Hazard identification is crucial because risk management isn’t just about reacting to existing problems. It’s about identifying potential problems before they occur, so you can take preventive action.

2. Risk assessment: Prioritizing follow-up

It’s not uncommon for suppliers to have a long list of hazards but only limited resources with which to address them. Which ones can you fix immediately, and which ones require deeper investigation? How do you decide when to implement new controls? This is where risk assessment comes in, focusing on probability and severity.

Some tools like FMEAs will give you a quantitative method for making decisions, allowing  you to calculate a risk priority number (RPN) based on severity (S), occurrence (O), and detection (D):

RPN = S x O x D

Other situations may involve a less formal approach to risk-based thinking. For example, when you identify a nonconformance during an audit, you have two options:
• Correct the problem on the spot with a mitigation
• Open a corrective action for full root cause analysis and further problem-solving (such as with the 8D method)
The choice you make should be based on risk, also taking into account that you don’t want minor, easily fixed items obscuring high-risk problems in your corrective action system.

3. Corrective Action: Closing the loop

One place where manufacturers frequently struggle is creating a closed-loop corrective action process. Corrective actions should include elements such as:
• Links to the original nonconformance, such as within the audit record
• Action items and deadlines
• Who’s responsible for each item and reviewing progress
• Escalations to notify management if employees don’t complete tasks

Many manufacturers use software to track corrective actions, which is especially helpful when tied to systems like a mobile audit platform. Linking the two allows you to improve visibility, from hazard identification to follow-up.

4. Verification: Holding the gains

The final critical step in the risk management process is continued monitoring and adjustment. This is where you check that your process is working and ensure that you’re holding the gains of corrective action.

Going back to our auditing example, you’ll want to make sure that you add new audit questions based on corrective actions and previous nonconformances. Only then can you see whether your corrective actions have solved the problem and are held in place, or whether you need to start the process over again.

And that’s the most important thing to remember: Risk management is a process, not a one-off activity. Follow the plan-do-check-act (PDCA) cycle in your risk management activities, and you’ll see a big improvement in the effectiveness of your work.

First published April 9, 2019, on the Beacon Quality blog.


About The Author

Paul Foster’s picture

Paul Foster

Paul Foster is Product Manager at Ease, where he designs products and provides customer onboarding and support. A veteran of the Air Force, he served on the data integrity team and supported technical inspections on B52 bombers and F16 fighter jets. Paul holds a B.A. in Physics from Cal Poly - San Luis Obispo and an MBA from Oklahoma State University. Foster has a passion for coding and builds Android apps in his spare time.