Visualising Risk-Based Thinking in a Quality Management System

 Risk based thinking in a quality management system (1)If you’ve been focused on improving your company’s Quality Management System it’s likely you will have encountered the concept of ‘Risk-Based Thinking’ (RBT). In this blog post we explore how ‘visualising risk’ can change all your business processes for the better.

Why focus on quality?

There are many reasons why Quality might have become a hot topic for your business: 

  • You may be experiencing rapid growth and looking at ways to maintain quality in your end products
  • You may have won a contract which requires ISO 9001 certification
  • You may have failed a quality audit and be looking to fix specific issues with your approach.

If you’ve already started looking at ISO 9001:2015 you may be wondering what’s the quickest and most efficient way of implementing RBT and reaping its rewards.

But for anyone in the high tech sector looking to maintain and improve the quality of their output, adopting a risk-based approach to their processes can have a dramatic effect on efficiency and productivity.

Risk in Quality Management

But first, a reminder of our previous definition of the purpose of a QMS and how it relates to the idea of risk.

‘The central purpose of a quality management system (QMS) is to provide confidence in an organisation’s ability to consistently provide customers with conforming goods and services. The concept of “risk” in the context of ISO 9001:2015 relates to the uncertainty in achieving these objectives”.

Risk-based thinking, therefore, requires companies to constantly evaluate the risk of non-conformity when establishing processes, controls and improvements in their Quality Management System.

It should be noted that ISO does not specify any risk management measures that need to be taken to mitigate the risk. Instead, it requires a risk-based approach (proportional to the level of hazard posed by it) to be ‘built in’ to your business planning, processes and operations.

ISO 9001: 2015 6.1

And that is the whole point.

RBT is not just intended to prevent non-conformance, it is supposed to permeate your organisation’s thinking and maximise opportunities for improvement.

That’s why clause 6.1 of ISO 9001 states that when planning your quality management system you should:

Determine the risks and opportunities that need to be addressed to:

a) give assurance that the Quality Management System can achieve its intended result(s);

b) prevent, or reduce, undesired effects;

c) achieve continual improvement.

So, if you’re reviewing whether your existing QMS is fit for purpose, or building one from scratch to comply with ISO 9001, it’s worth taking the time to audit all your business processes. That way you can really begin to understand the way they affect the quality of your end product and start thinking about how they can be optimised.

A closer look at Document Control for ISO9001

How to audit your business processes

Luckily, even in the high tech sector an internal audit of your processes can begin in a low tech way.

Get a pen and a flip chart, then map them out.

A flow diagram will suffice for each. Work together with all the people responsible for carrying out each task and get them to specify exactly how those tasks should be done.

Start by defining what each task needs to achieve, showing the various steps involved in carrying out the task and what the final output of that task should be.

In reality, you will discover there are several ways of doing each task and people may be doing it in different ways. But this is the point at which you need to decide THE single way your business will do it in the future.

By defining these business processes together you will also have identified the risks and opportunities associated with each one - optimising them as you’ve done so.

You should also have teased out: 

  • The risks involved if a specific task is not carried out properly
  • The dependencies involved in fulfilling the task
  • The most efficient way of carrying out the task

It should be the case that if all the processes outlined in these flow diagrams are followed - all of their outputs should be of a consistent quality.

In other words, you will have reached a shared understanding of quality standards and best practice for everything you do in the future.

Using Business Process Mapping Tools as part of a QMS

Your next task will be turning these diagrams into the structured collection of documents that will form part of your QMS.

In the past, these processes would have been written up, indexed and bound together in a series of folders. Together, they would have constituted your real-world operational bible. A point of reference for employees, regulators and certifying bodies alike. But consulting and updating them could prove difficult and time consuming.

Now, that operational bible can exist online in the form of an Electronic Quality Management System (eQMS). A virtual system that can open up whole new streamlining possibilities for your business.

Creating an eQMS

Using business process management tools that incorporate graphical notation (BPMN) you can create a searchable eQMS, capable of being dynamically updated and audited quickly and efficiently. It will be more accessible and user friendly than a paper version and will allow you to better satisfy the requirements of ISO 9001.

Graphical tools can create interactive versions of the process diagrams you have created with pen and paper. They can capture the individual steps of every task, allowing you to track backwards and forwards from key points in the process as and when you need to.

With graphical process mapping the objects in your diagrams can dynamically link to all supporting documentation - for example, relevant regulations, instruction manuals and the like.

In this way, your business can build a Quality Management System that contains within it all the information required to eliminate uncertainty or confusion about the objectives, actions and required outcomes of every process it describes.

At the same time, an eQMS is able to provide a clear and instant visualisation of each one of these processes, making it easier for stakeholders to pinpoint inefficiencies and opportunities for optimisation.

Visualising Risk-Based Thinking as part of your eQMS

This approach to Business Process Mapping, therefore, helps you visualise risk and opportunity across your business.

In doing so it can help to satisfy the requirements for ‘Risk Based Thinking’ outlined by ISO 9001: 2016.

1.Leadership

ISO 9001 requires that your company’s management commits to addressing risks and opportunities that could affect product quality

The method of auditing and documenting business processes outlined above will demonstrate a firm commitment to meeting quality standards across your business.

2. Operations

ISO 9001 requires you to implement and control the actions identified during your planning

A dynamic eQMS incorporating Business Mapping tools can help you share and constantly review these standards as a company after they have been established. With the right software, changes can be subject to approval or the multiple approval of key stakeholders before going live. 

3. Performance evaluation

ISO 9001 requires that you track and analyse the risks and opportunities identified.

With the right eQMS, documented processes can be subject to automatic, periodic review ensuring they are always fit for purpose.

Business Process Mapping can help you implement risk-based thinking across your business and demonstrate how it is implemented to regulators and certifying bodies.

Above all it, can create and contribute to a culture of conformity, compliance and continuous improvement across your organisation.

Tags: Product Management, New Product Development

Joe Byrne

Written by Joe Byrne

Joe Byrne is the CEO of Cognidox. With a career spanning medical device start-ups and fortune 500 companies, Joe has over 25 years of experience in the medical device and high-tech product development industries. With extensive experience in scaling businesses, process improvement, quality, medical devices and product development, Joe is a regular contributor to the Cognidox DMS Insights blog where he shares expertise on scaling and streamlining the entire product development cycle, empowering enterprises to achieve governance, compliance, and rigour.

Related Posts

Pros and cons of a phase gate process in new product development

Will a phase gate process hold back or enhance your new product development? What are the pros and ...

How's your Quality Management? Ad hoc, analytical or chaordic?

How can you help your business evolve its mindset to achieve the most instinctive, frictionless and ...

How Lean Documentation Creates Customer Value In The Development Cycle

In a Lean approach to product development, customer value is defined as ‘everything the customer is ...

8 tips for documenting your SOPs (Standard Operating Procedures)

There are many reasons why organisations need to document their SOPs. From ensuring uniformity in ...

Pros and cons of a phase gate process in new product development

Will a phase gate process hold back or enhance your new product development? What are the pros and ...

The evolution of a Quality Management System

A focus on a quality management system shouldn’t just mean a ‘box ticking’ exercise for an ...