Risk Exists; Therefore, Manage Risk
Every organization, business, and individual faces a relentless barrage of risk. Some risks are minor, while others may overwhelm.
We all deal with risk, manage risk, in our own way. For more than just yourself the management of risk is taking on a new level of organization and importance.
Risk exists whether or not we choose to plan, prepare, and mitigate.
The decisions concerning product reliability, and associated risks, require senior management (including the board of directors) engagement and commitment. While there is a wide array of business and societal risks the management team must address, the reliability performance of products and systems presents potentially catastrophic risks to any organization.
Strategic Nature of Reliability and Risk
It is a strategic decision to create a high reliable product within a market. An organization could choose to just meet minimum acceptable standards or position in the middle of the pack. The choice is a strategic one and a decision for the highest levels of management to decide.
Independent of the market positioning, the specter of product recalls due to an unforeseen safety issue presents a common, although rare risk. More common risks include:
- Higher than expected early life failures
- Early wear out impacting every product during the warranty period
- Supply chain or manufacturing changes adversely impacting reliability
- Changes in customer use patterns reducing reliability
Putting a product into a marketplace is a risk. The reliability performance, good or bad, is a significant element of the risk. Understanding the targets, positioning, and associated risks is a role of senior management.
All elements within an organization derive direction to create and maintain specific levels of product reliability and safety performance. Lacking clear direction and regular engagement, decisions at all levels may lead to an unacceptable increase in risks of product reliability problems.
Detecting and Fostering Management Commitment
A policy and maybe an official statement once a year is not risk management.
If the only time senior management discusses risk is after an adverse event occurs, that is a form of a rather ineffective risk management program.
ISO 31000 suggests the creation of a risk management framework with an emphasis on proactively managing, avoiding, or mitigating risks before events occur. Just as decisions concerning reliability require strategic and tactical planning and implementation, risk management in general does too.
Risk, and reliability, management require the establishment of reporting, monitoring based on the information require to make proactive decisions to advert or mitigate adverse risks. Many organization monitor warranty expenses, yet not the trends of specific failure mechanism. The ability to identify and address emerging significant reliability problems requires more than just watching the expenses.
A management team that asks questions concerning risks and reliability, ensures policies are embedded within tactical operations, and maintains clear communication paths, tends to address risks well.
Senior management support is critical to properly manage risk. It is more than acknowledgement or general support, it requires attention, resources, prioritization, and commitment over time. One gauge of senior management’s commitment to their risk management role is the frequency of events, meetings, discussions concerning risk on their weekly schedule.
How committed is your senior management to risk management? Is reliability a part of your risk management program? If not, why not?
Also published on Medium.