Featured Product
This Week in Quality Digest Live
Risk Management Features
Claudine Mangen
If you have the energy to try and address organizational overwork, start small
Jill Roberts
Another way to know what’s too old to eat
Huw Thomas
A long-awaited expansion of workers’ rights
Gleb Tsipursky
Quality professionals should test their intuitions before deploying internal and external quality initiatives
Patricia Santos-Serrao
Four pharma quality trends

More Features

Risk Management News
Aug. 25, 2022, at 3:00 p.m. Eastern
Now is not the time to skip critical factory audits and supply chain assessments
Extends focus on data-driven explainability and adds customizability
Google Docs collaboration, more efficient management of quality deviations
Major ERP projects take six months longer than companies were told
Three webinars to increase participation and understanding within the world of quality assurance
Partnership bolsters defense against growing cybersecurity risks
It is a smart way to eliminate waste and maximize value

More News

Jeff Dewar

Risk Management

Quality Planning Includes Asteroids

But catastrophic events aren’t the only things that need some risk analysis

Published: Thursday, March 15, 2018 - 12:03

On Feb. 25, 2018, an asteroid 30 ft in diameter flew past the Earth, closer than the moon is to us. The newly discovered asteroid, named “2018 DU,” is the 17th known asteroid to fly past Earth within one lunar distance (the distance between the Earth and the Moon, approximately 250,000 miles) since the beginning of the year, and the eighth one in February alone.

Sixteen days prior to the 2018 DU asteroid event, on Feb. 9, 2018, one day after it was discovered, asteroid 2018 CN2 flew past the Earth at a distance of one-sixth the distance of the moon from the earth (43,000 miles). It was an estimated 60 ft in diameter—the size of a house.

Asteroid 2018 DU is in the center of the photo. The telescope tracked the motion of the asteroid, which made the stars look like streaks of light.

As of this writing, there are 17,739 known near-Earth asteroids (NEAs), which are asteroids within 120 million miles. Roughly 2,000 of these are considered potentially hazardous asteroids (PHAs) based on their size and trajectory.

In 2013, over Chelyabinsk, Russia, a meteor (an asteroid, or part of one, that enters our atmosphere) that was about the same size as 2018 CN2 and weighing 14,000 tons, which is heavier than the Eiffel Tower, entered Earth’s atmosphere and produced an explosion of about 500 kilotons at a height of 19 miles. The explosion was 30 times stronger than the atomic bomb the United States dropped on Hiroshima; the blast injured more than 1,500 people, mainly from broken glass when the shock wave arrived. More than 7,000 buildings were damaged across the region. It was undetected before its entry into our atmosphere:

The reality is that small asteroids fly by the Earth all the time and have been doing so for billions of years. We’re just hearing so much more about them since astronomers now have the telescopes and computational power to discover and track them much more efficiently.

Nevertheless, even though scientists have done the math about probabilities, common sense and recent history suggest it’s not a wild fantasy that we could be hit tomorrow by an undetected and larger asteroid. Not a planet killer, but something that could damage infrastructure severely, similar to what the 2011 earthquake and tsunami did to the Fukashima area of Japan, leaving thousands dead, hundreds of billions of dollars in damage, and untold lost productivity.

‘As simple as possible, but not simpler’

It’s not that we’re faced with the unknown in terms of the effects of an “event”; we can often estimate that pretty well. In business, if we lose a key customer, we can reasonably calculate the effect it will have on our company; to what degree it will affect our operations, budget, and staffing; and how soon. If a natural disaster wipes out a plant like the Fukashima tsunami did to many companies in the region, we can calculate how soon we could be back in operation, how much it would cost based on factors like the severity of the event and type of damage. Risk management experts argue that you should calculate orders of magnitude (i.e., 10, 100, 1,000) for a first-pass estimate of a disaster. In other words, will it take a few hours to get back online, a few days, a month, or an entire year?

The problem is that we typically don’t even give a thought to how we will handle an adverse situation, except for the most likely serious events. We worry about bad things happening, but there’s something magical that happens when you exert the discipline to put pen to paper and actually write out how something would be observed, managed, and mitigated.

Even harder to do is to invest the time to include risk when designing a new process, product, or service. I couldn’t believe my own ears when I heard one manager say this about launching a new service: “Well, that’s why we have kaizen; we’ll just keep improving it after we launch it.” Kaizen devotees are screeching in horror right now because they know that thinking about potential problems in design is deeply embedded in kaizen thinking.

ISO 9001:2015, with its additional focus on risk, offers enormous flexibility about how it can be incorporated into a QMS. Detailed risk assessment or risk management projects aren’t required by the new standard, only that risk is taken into account in your quality processes. This is where so many companies struggle to see how simple it can be to incorporate risk. It’s not without merit to channel a bit of Einstein, with his alleged quote: “Everything should be made as simple as possible, but not simpler.”

Think ahead

Yes, of course failure mode and effects analysis (FMEA), developed by reliability engineers back in the 1950s, is a superb method for identifying and evaluating how you will respond to and mitigate failure. It’s simple, well established, and extremely flexible. It can be used even for small potential problems. For instance, I’ve seen training departments use it to evaluate potential shortcomings in their training courses, or how to handle a customer if one or more trainers get sick or quit prior to delivery of an important training program.

In the greater scope of things, having a customer training program blow up unexpectedly is not an asteroid impact, but why does something have to be catastrophic to need some risk analysis? It’s not as though evaluating your training programs for risk will take more than three or four hours. And when that pesky auditor comes by to interview your staff about how they’re complying with some clause of ISO 9001, it will be fun to startle them with an answer that includes some obvious thinking about risk with a simple FMEA form as proof of your quality procedures.

But it can be even simpler than that. At its most basic, it’s an “if/then” analysis. If X happens, then we’ll do Y. If A happens, we’ll do B. And so on. I’ve seen a room full of flip-chart sheets posted on the wall that dealt with every department’s risk issues in an if/then format for any event that would affect the company by $100,000 or more. It was a process that was so simple that everyone could do it and understand it. And it helped the CEO sleep at night.

The key is that it was done ahead of time, mitigation activities were specified so that resources were “pre-allotted,” and the plan was reviewed annually by enough people so that there was a sufficiently wide base of shared understanding. A strength of the FMEA process is that you can identify multiple levels for failure modes. Systemic failures, materials failures, people failures, even customer-perception failures (for those of you rigidly tied to your FMEA forms, take a moment and think more abstractly and look at the fundamental concept behind the tool).

Although your business will most likely survive an asteroid impact or even a less devastating event, it will be so much more reassuring to know, how, in advance.

“It does not do to leave a live dragon out of your calculations, if you live near him.”
― J.R.R. Tolkien, The Hobbit


About The Author

Jeff Dewar’s picture

Jeff Dewar

Jeff Dewar is CEO of Millennium 360 Inc., Quality Digest’s parent company. During his career he has presented quality-related topics to thousands of people on six continents, all but Antarctica.


The Risk IN Risk Analysis

The big risk in risk analysis is honesty... Unfortunately, for reasons likely not directly associated, some people either ignore a risk or minimize it's potential impact. The Challenger disaster immediately comes to mind.

"The truth is out there, the lies are in your mind." - Terry Pratchett