Guest Post by James Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)
The title may sound strange given the Baldrige’s origin as the U.S. National Quality Award. Yet, its migration to a Performance Excellence Criteria and the addition of Cyber Security, Innovation, and Enterprise Risk Management (ERM) does pose challenges to the quality profession. This is particularly true since the many of the Baldrige examiners are quality professionals.
Cyber Security is obviously technically and professionally distinct from the quality profession. Unless the quality professional has a computer/cyber background, the determination of the adequacy of the organization’s cyber security poses a challenge. The same can be said for Innovation and ERM, although the challenges are slightly different and the areas not as professionally or technically distinct.
Innovation is no longer viewed as the sole purview of research and development. It must now be an integral part of all organizational activities. Baldrige defines Innovation as “making meaningful change to improve your organization’s products, services, programs, processes, operation and business model, with the purpose of creating new value for stakeholders.” In addition, “it builds on the accumulated knowledge of your organization and its people. Therefore, the ability to rapidly disseminate and capitalize on this knowledge is critical to driving organizational innovation.” (Baldrige 2013.40)
The need to add innovation to the criteria and the difficulty associated with it can be seen in two examples. The first occurred at an Oregon American Society of Quality dinner. H. James Harrington was the presenter. Mr. Harrington is the last of the first generation of quality gurus. His topic was innovation. In it he discussed the measures his research identified as indicating an organization’s innovativeness. There were over sixty measures. These measures represented those most frequently used by consultants in the field.
After the presentation I asked him why he migrated from quality to innovation. He indicated that quality was ubiquitous, and that companies now needed to focus on innovation.
I could not agree more. In fact, my dissertation topic, which is the second example, looked at a narrow aspect of innovation; the criteria which help academics obtain National Institute of Health Funding. (NIH) NIH is the chief funding source for scientific research. As such, it underpins scientific innovation. To identify the key criteria, a Tobit regression model with thirty-seven variables was used. The results indicate that obtaining NIH funds depends on a combination of factors. Among them are: the number of recent articles and citations, the specific field, whether the university has a medical school and whether the academic has both a PhD and MD. Merely being a “Highly Cited” academic does not necessarily result in substantive NIH funding. This is because funding is based more on current than career publications.
The point is that adding innovation to the “Baldrige Excellence Framework” was necessary. However, as the above indicate, the issue is complex. Moreover, there is not a single formula for innovation. This can be seen by typing “business innovation” into the Amazon website. When I did this, among the titles on the first page were: Innovation Tools, Business Innovation in the 21st Century and The 50 Ideas That Shaped Business Today. Amazon lists 100 pages of books it associates with business innovation. Consequently, the Baldrige’s non prescript nature is a good approach. However, it becomes difficult for an examiner with strictly a quality or Statistical Process Control background, to have the knowledge base or skill set to adequately judge whether an organization is in fact being innovative.
Enterprise Risk Management
Where measurement of an organization’s innovative capacity has no real standard, the opposite is true of ERM. There is an internationally established methodology in ISO 31000.
While Baldrige references ISO 31000, its non-proscriptive approach runs counter to the international standards approach. Further, and specific to the quality profession, the revision of ISO 9001:2015 introduced “Risk Based Thinking” to the certification process. Even though ISO 9001:2015 does not specify a risk assessment methodology, the fact that it is ISO means certifying bodies will gravitate towards ISO 31000. This methodology comes out of the finance, insurance and auditing sectors of the organization. As such, it has a vocabulary and measurement approach differ from that associated with Statistical Process Control and Quality Assurance. Ultimately, ISO 9001:2015 certifying bodies, in order to stay competitive, will require auditors to be familiar with ISO 31000, perhaps even be ERM certified. Since many of the ISO certifiers are quality professionals, they will be required to become ERM familiar, if not certified.
The inclusion of Cyber Security, Innovation and ERM, in the Baldrige Criteria, was necessary. However, these items create challenges for the quality profession. None are areas quality professionals have specific training in. Further, in the case of Innovation, there is no standard methodology for determining how innovative an organization is. For ERM it is the opposite. ISO 31000 provides an internationally recognized standard. In addition, with ISO 9001:2015 now requiring “Risk Based Thinking”, certifying bodies will ultimately require auditors to be familiar with ISO 31000 and probably ERM certified.
Baldrige Excellence Framework, 2015-2016, www.nist.gov/baldrige
Star Academics: Do They Garner Increasing Returns?, James J. Kline, 2016, Portland State University, Portland Oregon.
James Kline is a Senior Member of ASQ, a Six Sigma Green Belt, a Manager of Quality/Organizational Excellence and a Certified Enterprise Risk Manager. He has over ten year’s supervisory and managerial experience. He has consulted on economic, quality and workforce development issues. He has also published numerous articles related to quality in government and risk analysis.