ASQ Clinic On Risk 09

© JD Consulting, 2009

Practical Applications

of Risk Management

ASQ – Orange Empire

by: Jack Dhuwalia,

President,

J D Consulting

November 10, 2009

© JD Consulting, 2009 2

Attendee Notes:

From this presentation, what do I want to have answered/clarified?

________________________________________________

_________________________________________________________________

_______________________________Ideas that I can apply:

_________________________________________________________________________________

_________________________________________________________________

_________________________________________________________________

_________________________________________________________________

_________________________________________________________________

_________________________________________________________________

__________________________________________


Welcome!

• Phones

• Interactive – please share

• Relaxed approach

• Write questions and “Aha!” moments/ideas on the summary sheet provided


• Familiarity with Risk Management

• Industry: Medical, Aerospace, IT, Service and other

• Questions you’d like to have answered – lets hear them

Background of the audience


My plan

• Risk is part of every day life

• Introduce simple concepts

• Apply them to Supplier/Material risk

• Ideas on risk reduction/management

• Have a fun, learning experience for all

• Handout have more stuff than we’ll cover


Risk Analysis – complicated?

• Common sense

• We do it every day

– Look both ways before crossing …

– Getting the brakes fixed before …

• Purpose: Manage risk to an acceptable level – “zero” risk?

• Write “Aha!” moments/ideas


What do you think of the impact?

• Personal life?

• Impact on family life - security

• Business now and future

• Does it shake up consumer confidence?

• Competitive advantage?

– Market place

– Regulatory

• Quality of life


That’s why managing risk makes

sense at many levels!


ISO 14971-2007

• Medical devices – Application of risk management to medical devices

• Significant to EU

• Accepted by FDA - expectations

• Application to drugs/biologics - recent ICH Q9 includes risk management

• Transfers to other industries as well as service groups


Definitions

• Harm – Physical injury or damage to health, property or environment

• Hazard – Potential source of harm

• Hazardous situation – Circumstances in which people, property or the environment are exposed to one or more hazards (see Mr. Jaws!)


• Risk – Combination of probability of occurrence of harm and severity of that harm

• Risk estimation – Process used to assign values of the probability of occurrence of harm and severity of that harm

Definitions (contd.)


Definitions (contd.)

• Risk evaluation – process of comparing risk against given risk criteria to determine the acceptability of the risk


Hazard

15


Shark

• Harm – Getting bitten or eaten

• Hazard – Shark


Calculations

• P1 is the probability of hazardous situation occurring

• P2 is the probability of “it” leading to harm

• P1 x P2 is the probability of occurrence of harm


Calculations for Shark-bite

• P1 is when I might be in open ocean – 20 dives x 0.75 hr/dive / (365 days x 24 hr/day) = 0.0017

• P2 is “it” leading to harm –

• From Mr. Jaws – near zero since I only dive in warm waters

• From other sharks – estimate 5/20 = 0.25

• P1 x P2 = 0.0017 x 0.25 = 0.0004, or 4/10,000 dives – Probability of occurrence of harm


From ISO 14971

• Schematic representation of the process

• Flow chart


Teamwork


Human Nature

• Denial

• “It” won’t happen to me

• No one is “that stupid” to do…

• Blind spots

• They can’t “see” the problem

• Likely to miss potential risks

The same mind that creates a given

problem simply cannot fix the problem.


for better results!

Invite an Outside Expert


Risk Assessment Summary

O-5 ALARP NAC NAC NAC NAC

O-4ALARP

ALARP NAC NAC NAC

O-3ALARP

ALARPNAC NAC

Occ O-2ALARP

ALARPNAC

O-1ALARP

S-1 S-2 S-3 S-4 S-5

Severity


Risk Assessment

• Vendor/Supplier/Material risk

• Design risk

• Manufacturing process risk

• User risk (idiot-proofing)

• Risk assessments are mostly subjective since hard data is seldom available in many situations


Risk analysis techniques

• FMEA is bottoms-up

– Excellent for production/process risk

– Some use for design risk

– Creates “blind-spots”

• FTA is top-down

– Excellent for user risk

– Helps complete the picture – eliminates “blind spots”


FMEA

#

Proce

ss

step/FUNCTIO

N

Potential

Failure

Mode

POTENTIA

L EFFECTS

OF

FAILURE

Potential

Causes

of

Failure

CURRENT

PROCESS

CONTROLS

Before

MitigationAfter Mitigation

O

c

c

u

r

r

e

n

c

e

S

e

v

e

ri

t

y

D

e

t

e

c

ti

o

n

R

P

N

Mitigations

O

c

c

u

r

r

e

n

c

e

S

e

v

e

ri

t

y

D

e

t

e

c

t

i

o

n

R

P

N


What is FTA?

• A top-down approach which assumes the safety hazard and then analyzes the possible causes.

• Starts with a postulated undesired consequence and looks for possible causes or fault modes at the lower system or component level.

• Used for COMPLEX SYSTEMS.


Supplier Risk

• Common to most companies

• Common to every day life such as

– Auto recalls

– Electrical safety - toaster


Supplier Risk Reduction –

sterile packaging service

• Potential problem of losing sterility due to poor package seals

– Verified material specs

– Discovered that manufacturing process didn’t have an alarm or a shut down if malfunction resulting in poor seal segment

– Worked with the supplier to create a more robust out-going inspection and audit

– Reduced the probability of occurrence into “ALARP” or “green” zone


Supplier Risk Reduction

Example - Component

• Example: Injection molded connector with parts cracking – failure in red

– High probability of occurrence

– To bring it to below “red” zone

– Work with supplier to implement process validation

– Adding in-process testing to stress the part to failure, then operating much below

– Same test at incoming inspection until resolution




• Potential problem of losing sterility due to poor package seals

– Verified material specs

– Discovered that materials in past lots didn’t have sufficient adhesive

– Worked with the supplier to create a more robust in-coming inspection and audit





• Potential problem of running an incorrect load configuration

– Supplier must follow the exact load configuration for Gamma Irradiation

– Incorrect load places the risk factors in “red” zone

– Working with production and quality and systems in place to assure compliance




finished product – tubing set

• Again, the risk analysis placed it in the “red” zone

• Working with supplier to discover that residual solvent stays inside the tubing

• Solvent bubbles into blood being circulated causing potential embolism in patient

• Supplier changed the solvent which completely evaporates ahead of time


Supplier Risk

• Look for business risk, process risk, quality system risk, production planning risk, resources risk, ability to solve problems - quickly and effectively …


Supplier Risk (contd.)

• Treat it as if it a part of your quality and management system

– Because it affects you and your risk

– Per ISO 9001, ISO 13485, FDA – QSR, the manufacturer is fully responsible for the finished product, regardless whether the supplier provides a component or the entire product or provides a service regardless of Supplier’s ISO certification



• Know the risk the supplier product/service affects to your product

• This means a risk assessment has been made and is “driving” the supplier assessment



• Main areas of concern

– Business and operational capability

– Technological capability

– Ethics, values (what is important to them?)

– Can they supply the necessary• Quality

• Safety

• Performance

• Reliability



• Operational capability such as:

– Ability and willingness to respond to performance indicators such as:

• Lead times

• On-time delivery

• Response time

• Past performance, experience and human resources (quality and quantity) all play into it



• Controls such as:

– Change control

– Control of their suppliers (incl. audits)

– Quality System (ISO, etc.)

– Process capability

– Process validations

– Complaint handling and responsiveness

– Corrective and preventive actions


http://www.sparesomechange.com/funny/


Learnings from the experience

• Please look at your notes on the summary sheet provided

• Share ideas to take-home

• Share ideas that make sense to me


My plan – we covered

• Risk is part of every day life

• Introduce simple concepts

• Apply them to Supplier/Material risk

• Ideas on risk reduction/management

• Have a fun, learning experience for all


Gratitude

• ASQ Orange Empire Section 0701

• Dave Nagy

• Audience for your participation


Other information

• To contact Jack Dhuwalia– Email: [email protected]

– Phone:949-854-4534

– www.jdconsultingsite.com

• FDA

– www.fda.gov/cdrh devices

• GHTF– www.ghtf.org/documents

50

http://www.jdconsultingsite.com/

http://www.fda.gov/cdrh


Practical Applications

of Risk Management

ASQ – Orange Empire

by: Jack Dhuwalia,

President,

J D Consulting

November 10, 2009

ASQ Clinic On Risk 09

Economy & Finance

Transcript of ASQ Clinic On Risk 09