Max. shear stress theory-Maximum Shear Stress Theory Maximum Distortional ...
cue presentation.pptx
1. Pawel Nowicki, PhD
The Department of Quality Management
Cracow University of Economics, Poland
RISK MANAGEMENT IN QUALITY
MANAGEMENT - METHODOLOGY
2. INTRODUCTION
An essential element in the strategy of any organization
is to minimize business risk to a level that ensures the
security market.
To ensure efficiency and competitiveness, it is required
from the organization to:
implement a system and a comprehensive approach
to risk management and therefore
to identify effective methods for identifying,
analyzing, monitoring and mitigation of risk.
TEMPUS MEETING KRAGUJEVAC 2015
3. INTRODUCTION
System management and its improvement should
lead to a comprehensive minimizing of the risk of
adverse events.
A number of rules and standards supports this
objective of minimizing risk.
TEMPUS MEETING KRAGUJEVAC 2015
4. INTRODUCTION
Universally known solutions relates to:
corporate risk management,
environmental risk,
the risk for accidents,
sickness,
biological risk or
loss of reputation due to the poor quality of the
product.
TEMPUS MEETING KRAGUJEVAC 2015
5. INTRODUCTION
Risk is defined in the ISO 31000 standard as
"the effect of uncertainty on objectives".
At the same time it is shown that the uncertainty causes
a deviation from the expectations - positive and/or
negative.
Risk is often expressed as a combination of the
consequences of an event (including changes in
circumstances) and the associated probability of
occurrence.
TEMPUS MEETING KRAGUJEVAC 2015
6. THE RISK IN THE
STANDARDIZED MANAGEMENT
SYSTEMS
The objective of each standardized management
system is a systematic approach to supervise activities
in the organizations, focusing on the prevention of non-
compliance.
Standardized management systems meet the
requirements of different standards, and are a tools of
profiled risk management within the organization.
TEMPUS MEETING KRAGUJEVAC 2015
7. Combining the effects of the events of the likelihood of its
occurrence is the most common component of the definition of
risk.
Risk management is defined as the coordinated
efforts of directing and supervising the
organization's risk.
This definition is similar to the definition of the management of the different
standards but a different element is always a major problem for the standard.
In the ISO 31000 standard this applies to risk, and in the ISO 9001:2015 (draft
version) it relates to quality.
TEMPUS MEETING KRAGUJEVAC 2015
8. METHODOLOGY OF RISK
MANAGEMENT
1. Risk identification (strategic and operational)
2. Risk analysis (strategic and operational)
3. Spot risk assesment
4. Hierarchisation of risk
5. Risk registration
TEMPUS MEETING KRAGUJEVAC 2015
9. RISK IDENTIFICATION (STRATEGIC
AND OPERATIONAL)
Risk identification may be carried out:
top-down - head of the unit or the other senior
executives identify risk in the organization;
bottom up - mid-level managers and employees
identify the risks associated with their
department and with the tasks performed.
TEMPUS MEETING KRAGUJEVAC 2015
10. RISK IDENTIFICATION (STRATEGIC
AND OPERATIONAL)
Requirements concerning the risk identification:
Identification of risk requires the institution to
understand the nature and objectives of the
services provided. In this way, the institution can
cope with the identification of risks to which it is
exposed.
Then, specify the measures necessary to provide
each service, based on knowledge of the functioning
of the services and the risk of appearing at every
stage of the business.
TEMPUS MEETING KRAGUJEVAC 2015
11. RISK IDENTIFICATION (STRATEGIC
AND OPERATIONAL)
Example:
Service - Education
Objectives - the safety of students, good results in exams
Requirements - employment of qualified staff, maintenance
of buildings and equipment, ensuring cash.
Identified risk:
inability to maintain or improve the quality of teaching;
lack of opportunities to optimize the contribution of all staff;
changes in government policies affecting the curriculum;
insufficient financial means to wealth creation;
inadequate maintenance plan assets;
serious violations of the legislation;
failure to detect fraud; and
inability to maintain the financial viability of the organization.
TEMPUS MEETING KRAGUJEVAC 2015
12. RISK IDENTIFICATION (STRATEGIC
AND OPERATIONAL)
STRATEGIC RISK
RISK CATEGORY Risk Description The objectives which involve risk
Political
Economical
Social
Technological
Legislative
Environmental
TEMPUS MEETING KRAGUJEVAC 2015
OPERATIONAL RISK
RISK CATEGORY Risk Description The objectives which involve risk
Financial
Legislative
Vocational
Physical
Contractual
Technological
13. RISK IDENTIFICATION (STRATEGIC
AND OPERATIONAL)
To effectively carry out the process of risk identification
(manual):
In preparation for the session, managers and
employees should have the opportunity to consider
the impact of risk on the organization or the services
provided by the unit.
Template should be drawn up to identify risks and
give it to each participant prior to the session.
The execution of the contract there shall be
determined the time necessary to discuss the risks,
its causes and consequences. Therefore, it is
necessary to understand the causes of risk.
TEMPUS MEETING KRAGUJEVAC 2015
14. RISK IDENTIFICATION (STRATEGIC
AND OPERATIONAL)
Provide incentives for starting and controlling the
debate, stimulate discussion, maintaining a session
within the set hourly and the results recorded session.
Each session participant can ask questions / identify risk
without fear of any repercussions.
Sessions should be an open forum where employees
can safely discuss the identified risks.
The results of the session should be saved and
transmitted to verify and examine the participants of
the session, which will enable clarification or extension
of risk descriptions.
TEMPUS MEETING KRAGUJEVAC 2015
15. RISK ANALYSIS – STRATEGIC
/OPERATIONAL
How can you make a risk analysis?
After identifying the risk, it should be subjected to analysis. The
necessity of risk analysis results from the need to better
understand the nature of the identified risks faced by the
organization.
Risk analysis includes:
determine the cause and effect of identified risks;
risk of cross-checking (duplication and escalation of risk);
separation of the low risk from the significant risk;
evaluate the nature and risk category; and
the risk connection with the objectives of the organization.
TEMPUS MEETING KRAGUJEVAC 2015
16. RISK ANALYSIS – STRATEGIC
/OPERATIONAL
Causes and effects of risk
In order to risk identification showed its results and to
allow the definition of the future risk management
method, for each identified risk should be followed :
The causes of risks (strikes, shortages of relevant
stocks, natural phenomena) and
The impact of risk on the organization when they
occur.
TEMPUS MEETING KRAGUJEVAC 2015
17. RISK ANALYSIS – STRATEGIC
/OPERATIONAL
Questions that will enable the determination of impact:
whether the organization will work in breach of the
law?
if the organization violates its duty to protect
people - whether people will die? Do people get
injured or get sick?
whether the risks would lead to financial losses?
whether the risks would lead to a loss of image or
reputation of the organization?
whether service users will notice any difference?
TEMPUS MEETING KRAGUJEVAC 2015
18. RISK ANALYSIS – STRATEGIC
/OPERATIONAL
Separation of small and significant risk. The risk is divided
considering:
its impact on the organization in the event;
probability of risk; and
existing risk control mechanisms.
This procedure allows the assessment of the level of risk,
and whether action can be taken to control risks.
TEMPUS MEETING KRAGUJEVAC 2015
19. RISK ANALYSIS – STRATEGIC
/OPERATIONAL
Effects/Impacts
These are possible outcomes, effects or consequences for
organizations such as losses, injuries, adverse events, cost
or delay.
Probability/Likelihood
This is the estimated probability or possibility of the event.
Risk control mechanisms
The existence and functioning of policies, standards,
procedures and physical measures to prevent whose
objective is to minimize the negative effects of risk for the
organization.
TEMPUS MEETING KRAGUJEVAC 2015
20. RISK ANALYSIS – STRATEGIC
/OPERATIONAL – AN EXAMPLE
Risk
Analysis:
Cause and effect
Analysis:
Operating risk
control mechanisms
Anlysis: The relationship
between the impact, probability
and control mechanisms
Risk of injury
to the
worker.
Cause:
· Lack of training in health
and safety of persons;
· Dangerous equipment.
The result:
· The claim related to
negligence;
· Interference in providing
services (as a result of the
absence of the employee);
· Damage to reputation.
· A comprehensive training
program;
· Evaluation each of the key
activity in terms of protection
of the health and safety of
persons;
· Ensuring in the budget more
resources for the health and
safety of people;
· The inspection and
maintenance of equipment;
· The budget for the service;
· The replacement of
equipment;
· The event reporting process
with the health and safety of
persons and
· The presence of the person
responsible for the health and
safety of people in every
department
Preliminary analysis suggests the
risk of placing risks in the upper
right corner of the chart, due to
the high probability of an accident
taking into account the number of
employees participating in their
activity or nature of the activity,
which can lead to an accident.
However, the functioning of risk
control reduces the likelihood of
injury or death in an accident.
Therefore, the risk moves from
right to left on an axis of
probability.
TEMPUS MEETING KRAGUJEVAC 2015
21. SPOT RISK ASSESMENT
How should you perform a spot/point risk assessment?
The risk should be assessed in two ways:
As if there were no control mechanisms; and
Taking into account existing control mechanisms.
This assessment is carried out in order to:
Demonstrate the effectiveness of internal control
mechanisms for reducing the risk; and
Highlight the serious risks that may be hidden, despite
operating controls.
TEMPUS MEETING KRAGUJEVAC 2015
22. SPOT RISK ASSESMENT
The organization must agree and implement a spot/point
risk assesment system including definitions for equal levels
of probability and impact of risk.
After making these arrangements, there should be used
risk management criteria in a uniform manner across the
organization.
TEMPUS MEETING KRAGUJEVAC 2015
23. SPOT RISK ASSESMENT
In this way:
identified risks are assessed according to their
impact on the entire organization,
(The risk to the greatest extent affecting the
organization's ability to achieve the objectives are those
risks which are assigned the highest priority from the
point of view of risk management);
reduces the subjectivity associated with risk
assessment point, and enhances transparency and
accountability in the process of scoring risk
assessment and prioritization.
TEMPUS MEETING KRAGUJEVAC 2015
24. SPOT RISK ASSESMENT
Points 1 2 3 4 5
Description Remote Unlikely Possible Probable
Highly
probable
Probability 0-20% 21-40% 41-60% 61-80% 81-100%
TEMPUS MEETING KRAGUJEVAC 2015
Table point of the probability of risk
25. SPOT RISK ASSESMENT
Points Description
Criteria
Financial Organisational
Protecting the
health and safety
of persons
Reputation
5
Extreme/Catastr
ophic
Financial loose
> 125.000 EURO
Failure to achieve key
objectives.
Life loose
Press reports
around the
country
4 Major
Financial loose
25.000 EURO <
125.000 EURO
Failure to achieve a key
objective.
Serious injuries
Some of the
information in
the national
media
3 Moderate
Financial loose
2500 EURO <
25000 EURO
Business disruption Some injuries
Some of the
information in
local or regional
media
2 Minor
Strata finansowa
25 EURO < 2500
EURO
Small business
disruption
Little injuries
Limited
information in
the local or
regional media
1 Insignificant
Financial loose
< 25 EURO
Short-term business
disruption
Little injuries
Poor information
in the local or
regional media
TEMPUS MEETING KRAGUJEVAC 2015
Table point of the impact of risk
26. SPOT RISK ASSESMENT
Impact
Catastrophic 5 10 15 20 25
Major 4 8 12 16 20
Moderate 3 6 9 12 15
Minor 2 4 6 8 10
Insignificant 1 2 3 4 5
Remote Unlikely Possible Probable
Highly
probable
Probability
TEMPUS MEETING KRAGUJEVAC 2015
Spot risk assessment matrix
27. HIERARCHISATION OF RISK
Spot risk assessment lets you organize your risks by their weight or dot
matrix criteria for risk assessment.
This method allows prioritization of actions taken to reduce the risk:
Risk located in the upper right corner (red) need urgent attention
of the organization;
risks contained inside the matrix (yellow) should be discussed and
monitored. In some cases, an organization may take further
action; and
Risk located in the lower left corner (green) is the lowest risk for
the organization.
TEMPUS MEETING KRAGUJEVAC 2015
Impact
Catastrophic 5 10 15 20 25
Major 4 8 12 16 20
Moderate 3 6 9 12 15
Minor 2 4 6 8 10
Insignificant 1 2 3 4 5
Remote Unlikely Possible
Probabl
e
Highly
probabl
e
Probability
28. HIERARCHISATION OF RISK
It should be noted that:
Immediate action required for certain high-risk
spot evaluation may not be possible at the
moment.
Some operations can be easily and quickly
undertaken to reduce medium and low risk.
TEMPUS MEETING KRAGUJEVAC 2015
29. RISK REGISTRATION
To understand the organization's risk profile, all
information about the risks can be introduced into "risk
register".
Risk register may be maintained in paper form,
spreadsheet, database, or in a specialized risk
management program. The Register should include all
types of identified risks.
Risk register which forms the basis a risk management
plan in the organization must be a "living document",
changing in order to reflect the dynamic nature of risk
and the risk management of the organization. There is
no specific format of the risk register.
TEMPUS MEETING KRAGUJEVAC 2015
30. RISK REGISTRATION - EXAMPLES OF THE
INFORMATION CONTAINED IN THE RISK
REGISTER
Risk Identification Number - a unique reference number for
each type of identified risks.
Risk description - The description of risks, possible time scale
of the risk and the possible impact on the organization.
The type / category of risk - the nature of the risk, ie. The
strategic, financial, operational, and so on.
Risk Management - Manager responsible for the risk
management.
Impact - Grading assigned to the consequences or effects of
the risk to the organization.
Probability (likelihood inherent) - Grading attributed to the
occurrence of risk in the absence of control mechanisms.
TEMPUS MEETING KRAGUJEVAC 2015
31. RISK REGISTRATION - EXAMPLES OF THE
INFORMATION CONTAINED IN THE RISK
REGISTER
The total points assessment of the risk (inherent).
Functioning control mechanisms - control mechanisms
currently operating in the organization, which reduce the
likelihood of risk.
Probability (likelihood residual) - Grading attributed to the
occurrence of risk, taking into account operating controls.
The total points assessment of the risk (residual).
Required action - concerted action to be taken to further
reduce the likelihood of risk. Such action should reduce the
residual risk assessment point.
Responsible for the operation and the date of implementation
- the person responsible for carrying out the action and the
date by which you must perform the operation.
TEMPUS MEETING KRAGUJEVAC 2015
32. CONCLUSION
Risk management is a term and practice that has been
known for a long time.
In conclusion it is important to underline that risk
management in the context of profiled management
systems is not substitutable but complementary in the
idea of minimizing risks for business operation.
Elements that influence the decision of choosing a
management system include type of business, size of the
organization and market conditions.
TEMPUS MEETING KRAGUJEVAC 2015
33. CONCLUSION
The application of effective mechanisms of risk management
allows an organization to:
identify threats quickly and respond to them better than the
competition
use appearing opportunities faster and better than the
competition
which translates into
achieving more than the average income and will
maintain a relatively high rate of development, which is one
of the conditions for lasting competitive advantage.
TEMPUS MEETING KRAGUJEVAC 2015
34. Thank You very much for
your attention
TEMPUS MEETING KRAGUJEVAC 2015