Upload
astrid
View
36
Download
9
Embed Size (px)
DESCRIPTION
Risk Management Essential in Today’s Economy. Sandford Liebesman. Ph.D. Sandford Quality Consulting, LLC Chair of the Electronics & Communications Division 973-898-0082 [email protected] http://www.asq.org/communities/sox. Electronics & Communications Division. Five Technical Committees - PowerPoint PPT Presentation
Citation preview
Sandford Quality ConsultingSlide 110/16/06
Risk Management Essential in Today’s Economy
Sandford Liebesman. Ph.D.Sandford Quality Consulting, LLC
Chair of the Electronics & Communications Division973-898-0082
[email protected]://www.asq.org/communities/sox
Sandford Quality ConsultingSlide 210/16/06
Electronics & Communications Division
• Five Technical Committees– Sarbanes-Oxley (SOX)/Linking Management Systems
• Includes Risk Management– Nano Technology– Restriction of Hazardous Substances (RoHS)– Electronics– Communications
Sandford Quality ConsultingSlide 310/16/06
Risk ManagementOutline
• Introduction to Risk
• Operational Risks
• Risk Analysis Methodology
• Case Study
• Conclusions
Sandford Quality ConsultingSlide 410/16/06
Types of Risk
• Strategic– Achievement of high level goals
• Organizational– Entity Level
– Activity Level
• Compliance– Follow Legal and regulatory requirements
• Operational– Efficient use of resources
Sandford Quality ConsultingSlide 510/16/06
Risk ManagementOutline
• Introduction to Risk
• Operational Risks
• Risk Analysis Methodology
• Case Study
• Conclusions
Sandford Quality ConsultingSlide 610/16/06
Key Operational Risk Categories
• Risk of ineffective management systems • Customer Satisfaction Risks• Supply Chain Risks • Revenue Recognition Risks • Information Security Risks • Environmental Risks • Logistics Risks• Risk from Natural Disasters
Sandford Quality ConsultingSlide 710/16/06
Risk of ineffective management systems
• Poor Management Practices• Poor HR practices• Lack of effective management tools• Data Processing errors• Ineffective call centers• Poor Marketing Strategies• Poor contract administration• Customer communication issues• Design & Development Problems
Sandford Quality ConsultingSlide 810/16/06
Customer Satisfaction Risk
• Communication
• Delivery problems
• Product quality
• Design problems
• Repair problems
• Accurate Customer Feedback
Sandford Quality ConsultingSlide 910/16/06
Supply Chain Risk
• Communication• Outsourcing large portion of products• Ineffective Supplier Management• Sole supplier• Delivery Problems • Poor received quality• Over stocking the inventory• Under stocking the inventory• Design problems• Documentation errors
Sandford Quality ConsultingSlide 1010/16/06
Revenue Recognition Risks
• Accounts Payable problems
• Accounts Receivable problems
• Revenues recorded before delivery
• Quotation to cash errors
• Spreadsheet errors
• Out-of-date or Incomplete Pricing Information
Sandford Quality ConsultingSlide 1110/16/06
Information Security Risks
• Viruses
• Unsecured files
• Inaccurate financial records and reporting
• Poor change control
• Information retrieval errors
Sandford Quality ConsultingSlide 1210/16/06
Environmental Risks
• Significant environmental aspects (ISO 14001)
– And associated operations & activities
• Significant Risks– Toxic Liquid spills
– Gaseous emissions
– Solid waste • Monitor & Measurement
• Evaluation of Compliance using ISO 14001
Sandford Quality ConsultingSlide 1310/16/06
Logistics Risks
• Transportation of raw materials
• Transportation of completed products
• Damaged shipped products
• Under stocking of inventory
• Homeland security Logistics risks
Sandford Quality ConsultingSlide 1410/16/06
Risk from Natural Disasters
• Fires
• Floods
• Earthquakes
• Destructive Storms
• Contamination
• Epidemics
Sandford Quality ConsultingSlide 1510/16/06
Risk ManagementOutline
• Introduction to Risk
• Operational Risks
• Risk Analysis Methodology
• Case Study
• Conclusions
Sandford Quality ConsultingSlide 1610/16/06
Risk Analysis
• Effective Risk Analysis requires:– Identification of the Organization’s Risk Appetite &
Tolerance– Predefinition of objectives.– Compatibility of objectives.– Identification of risks to achieving objectives.– Judgment of which risks are critical.– Determination of actions to mitigate risks.
Sandford Quality ConsultingSlide 1710/16/06
Determine the Risk Appetite & Risk Tolerance
• Top Management and Board responsibility– Align risk appetite with the organization’s strategy
• Risk appetite is the amount of risk, on a broad level, an entity is willing to accept.
• Risk tolerance relates to the entity’s specific objectives. It is the amount of variation relative to specific objectives that an entity is willing to accept.
Sandford Quality ConsultingSlide 1810/16/06
Tools for Managing Risk
• Risk Level Estimator Matrix
• ISO 9001 Improvement Process
• Failure Modes and Effects Analysis (FMEA)
• Controls
Sandford Quality ConsultingSlide 1910/16/06
Risk Level Estimator MatrixConsequences
HHMLLE (Rare)
EHMLLD (Unlikely)
EEHMLC (Possible)
EEHHMB (Likely)
EEEHHA (Almost certain)
54321Likelihood
CatastrophicMajorModerateMinorInsignificant
Low Risk – Manage by routine process → FileL
Moderate Risk – Manage by specific monitoring or response → EmailM
High Risk – Management responsibility should be specified →H
Extreme Risk – Immediate action; senior management involved →E
Sandford Quality ConsultingSlide 2010/16/06
ISO 9001 Improvement Process• Improve the effectiveness of the QMS Through use of the
Improvement loop– Quality Policy
– Quality management system planning
– Quality objectives
– Audit results
– Analysis of data
– Corrective and preventive actions
– Management review
• Repeat the “Loop” on a continual basis
Sandford Quality ConsultingSlide 2110/16/06
Failure mode and effects analysis• FMEA is a method that examines potential failures in products or
processes. • Helps select remedial actions that reduce risks from a systems failure• Starts with a description of the parts of a system• List the consequences if each part fails and evaluate
• Severity (S), • Likelihood of occurrence (O),• Inability of controls to detect failures (D)
• Identify actions which could eliminate or reduce the occurrence, or improve detectability,
• Track changes to processes and products which are incorporated to avoid potential failures.
Sandford Quality ConsultingSlide 2210/16/06
Financial Risks and Controls
• A control is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements
– Financial controls are prepared in accordance with general accepted accounting principles (GAAP)
– Assurance that transactions are recorded
– Accurate maintenance of records
– Prevention or timely detection of unauthorized acquisition or disposition of assets
– Quality Controls are built around quality records and decision points
Sandford Quality ConsultingSlide 2310/16/06
Risk ManagementOutline
• Introduction to Risk
• Operational Risks
• Risk Analysis Methodology
• Case Study
• Conclusions
Sandford Quality ConsultingSlide 2410/16/06
Case StudyRisk Management at a Teaching Hospital
• Provided by the Juran Institute
• Reducing Risk of Patient Harm from Falling
• Two Major Types of Risk– Operational Risk– Compliance Risk
Sandford Quality ConsultingSlide 2510/16/06
Operational Risk• Lack of Sufficient Protocols to prevent
unacceptable number of patient falls– Major contributor of patient length of stay (LOS)– Minimize LOS in order to control costs– Used the Morse Falls Scale to measure the risk of
patient falling
Sandford Quality ConsultingSlide 2610/16/06
Morse Fall ScaleVariables Numeric Values
Score
1. History of falling No 0Yes 25
_______
2. Secondary diagnosis No 0Yes 15
_______
3. Ambulatory aid None/bed rest/nurse assist Crutches/cane/walker Furniture
0 15 30
_______
4. IV or IV Access No 0Yes 20
_______
5. Gait Normal/bed rest/wheelchair Weak Impaired
0 10 20
_______
6. Mental status Oriented to own ability Overestimates or forgets limitations
0 15
_______
Sandford Quality ConsultingSlide 2710/16/06
Fall Risk Level Action Tool
Risk Level Morse Fall Scale Score
Action
Low Risk 0-24 Low Risk Prevention
Medium Risk 25-44 Medium Risk Prevention
High Risk 45 and Higher High Risk Prevention
Sandford Quality ConsultingSlide 2810/16/06
Compliance Risk
• Loss of Compliance to the JCAHO National Safety Goals for Hospital related Patient Falls– JCAHO: Joint Commission on Accreditation of
Healthcare Organizations
Sandford Quality ConsultingSlide 2910/16/06
Risk ManagementOutline
• Introduction to Risk
• Operational Risks
• Risk Analysis Methodology
• Case Study
• Conclusions
Sandford Quality ConsultingSlide 3010/16/06
Risk AssessmentConclusions/Actions Needed
• Risks are obstacles that impede progress toward achieving objectives
• Risk levels are measured by combining the likelihood of an event with its consequences
• Organizations need to determine their “risk appetite” and “risk tolerance”
• Controls should be selected using a “top down, risk based approach.”
Sandford Quality ConsultingSlide 3110/16/06
• Article in Quality Progress
– Sandford Liebesman, “How to Manage Risk in a Global Economy,” Quality Progress, March 2008, 58-60.
• Case Studies: I’m still looking for Risk based case studies for my book.