Managing Risk IGMA Winter Conference Tucson, Arizona Feb 1, 2018 - - PDF document

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 1

this workshop was brought to you by www.human.ca

Managing Risk

IGMA Winter Conference Tucson, Arizona Feb 1, 2018

1

this presentation was brought to you by www.human.ca

What is Risk and why should we be interested in it?

2

Risk refers to the uncertainty that surrounds future events and

• utcomes (negative or positive).

Risk is the expression of the likelihood and impact of an event with the potential to influence (negatively or positively) organizational

• bjectives.

6.1 Actions to address risks and opportunities

6.1.1 When planning for the quality management system, the organization shall consider the issues referred to in 4.1 and the requirements referred to in 4.2 and determine the risks and opportunities that need to be addressed...

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 2

this presentation was brought to you by www.human.ca

Difference Between Risk and Opportunity

3

A risk is a potential for a loss. An opportunity is a potential for a gain. Most strategies and plans entail both risk and opportunity. As such, both play a role in decision making, strategy formation and management. We want to avoid risks and exploit opportunities.

“Opportunity is not the positive side of risk. An opportunity is a set of circumstances which makes it possible to do something. Taking or not taking an opportunity then presents different levels of risk.”

(ISO paper RISK‐BASED THINKING IN ISO 9001:2015)

this presentation was brought to you by www.human.ca

ISO 9001:2015 Requirements

4.1 Understanding the organization and its context

The organization shall determine external and internal issues that are relevant to its purpose and its strategic direction and that affect its ability to achieve the intended result(s) of its quality management system.

4

4.2 Understanding the needs and expectations

• f interested parties

Due to their effect or potential effect on the

• rganization’s ability to consistently provide products

and services that meet customer and applicable statutory and regulatory requirements, the organization shall determine: a) the interested parties that are relevant to the quality management system; b) the requirements of these interested parties that are relevant to the quality management system.

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 3

this presentation was brought to you by www.human.ca

ISO 9001:2015 Requirements ‐ continued

4.4 Quality management system and its processes f) address the risks and opportunities as determined in accordance with the requirements of 6.1; 5.1 Leadership and commitment d) promoting the use of the process approach and risk‐based thinking; 5.1.2 Customer focus b) the risks and opportunities that can affect conformity of products and services and the ability to enhance customer satisfaction are determined and addressed; 9.1.3 Analysis and evaluation e) the effectiveness of actions taken to address risks and

• pportunities;

9.3.2 Management review inputs e) the effectiveness of actions taken to address risks and

• pportunities (see 6.1);

5

10.2 Nonconformity and corrective action e) update risks and opportunities determined during planning, if necessary; A.4 Risk‐based thinking This International Standard specifies requirements for the

• rganization to understand its context (see 4.1) and

determine risks as a basis for planning (see 6.1). Although 6.1 specifies that the organization shall plan actions to address risks, there is no requirement for formal methods for risk management or a documented risk management process. A.8 Control of externally provided processes, products and services The organization can apply risk‐based thinking to determine the type and extent of controls appropriate to particular external providers and externally provided processes, products and services.;

this presentation was brought to you by www.human.ca

Where can we use risk‐based thinking?

6

Here are some examples where you can use risk (and opportunity) based thinking throughout your organization:

a) Strategic planning b) Launching new products c) Opening new markets d) Building partnerships and joint ventures e) Using new technology f) Project management g) Improving products and services h) Improving processes

Over the next hour we’ll take a look at 3 risk‐based thinking tools.

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 4

this workshop was brought to you by www.human.ca

7

Failure Mode & Effects Analysis

Here’s a risk‐based thinking tool to improve processes

1

this presentation was brought to you by www.human.ca

What is an Failure Mode and Effects Analysis?

8

Failure modes and effects analysis (FMEA) is a step-by-step approach for identifying potential risk of failure in the design, creation and/or delivery of a product or service. It then assists in implementing plans to prevent the most likely causes of failure.

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 5

this presentation was brought to you by www.human.ca

A Three Dimensional Risk Assessment

9

FMEAs evaluate three key dimensions of process failure; severity, occurrence and detection on a scale of 1 to 10 (1 lowest, 10 highest).

• 1. Severity is a measure of how damaging a failure would be.
• 2. Occurrence tells us how often this type of failure might occur.
• 3. Detection is an estimate of how likely it is that you will detect the failure prior

to its having a harmful effect.

this presentation was brought to you by www.human.ca

Failure Mode and Effects Analysis Template

10

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 6

this presentation was brought to you by www.human.ca

Step 1 – Define the Process Steps

A Failure Mode and Effects Analysis (FMEA) begins by specifying the process to be

• studied. You should have a

process flow diagram (PFD) of the process or at the very least have identified the steps. Record the process or product name and process owner in the top left of the FMEA template. Then record the key process steps in Column 1 of the FMEA template.

11

this presentation was brought to you by www.human.ca

Step 2 – Identify Potential Failure Modes

Identify significant failure mode(s) for each process step and document them in Column 2 on the FMEA form. You can repeat this process for different failure modes.

12

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 7

this presentation was brought to you by www.human.ca

Step 3 – Potential Effects of the Failure Modes

Write down the effects that would happen if the potential failure were a real failure. How would the failure impact your company? Your suppliers? Your customers? What would be the worst possible

• utcomes?

13

this presentation was brought to you by www.human.ca

Step 4– Severity of the Failure Mode

14

9 - 10: With potential safety risk or legal problems - potential loss of life or major dissatisfaction 7 - 8: High potential customer dissatisfaction - serious injury or significant mission disruption 5 - 6: Medium potential customer dissatisfaction - potential small injury, mission inconvenience, or delay 3 - 4: The customer may notice the potential failure and may be a little dissatisfied - annoyance 1 - 2: The customer will probably not detect the failure - undetectable The Severity Rate (S) is the "best guess" of how serious it would be to the customers, the product, or the service if the failure really

• ccurred.

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 8

this presentation was brought to you by www.human.ca

Step 5 – Potential Causes of the Failure

For the failure mode listed in Step 2, write down all factors the team can think of that could cause the failure to occur.

15

this presentation was brought to you by www.human.ca

Step 6 – Occurrence of the Failure Mode

16

9 - 10: Very high probability of occurrence 7 - 8: High probability of occurrence 5 - 6: Moderate probability of occurrence 3 - 4: Low probability of occurrence 1 - 2: Remote probability of occurrence The Occurrence Rate (O) is an estimate of how often the failure happens due to each specific cause listed in Step 5.

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 9

this presentation was brought to you by www.human.ca

Step 7 – Current Controls

For each of the failure mode causes in Step 5, write down the current controls that are in place to prevent the causes from occurring.

17

this presentation was brought to you by www.human.ca

Step 8 – Detection of the Failure Mode

18

9 - 10: Zero probability of detecting the potential failure cause 7 - 8: Close to zero probability of detecting potential failure cause 5 - 6: Not likely to detect potential failure cause 3 - 4: Good chance of detecting potential failure cause 1 - 2: Almost certain to identify potential failure cause The Detection Rate (D) is an estimate of how difficult it is to detect the failure before the customer sees it.

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 10

this presentation was brought to you by www.human.ca

Step 9 – Risk Priority Number (RPN)

Multiply the Severity times the Occurrence times the Detection for each cause to get an initial Risk Priority Number (RPN).

19

S x O x D = RPN

this presentation was brought to you by www.human.ca

When should we take action on a Risk Priority Number?

20

While no defined rules apply for a minimum acceptable RPN number, practitioners

• ften refer to the following:

RPN < 125 – no action necessary 125 > RPN – take actions to reduce the RPN to <125 Note: every possible option should be explored to reduce Severity ratings of 9 or 10, regardless of the Occurrence or Detection levels.

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 11

this presentation was brought to you by www.human.ca

IGMA uses FMEA’s to review their critical processes

21

Here’s an example of how IGMA used an FMEA to identify risks to their Conference Planning Process.

this workshop was brought to you by www.human.ca

22

Here’s a risk‐based thinking tool to use with Strategic Planning

Your IGMA leadership used this approach during their 2017/18 strategic planning cycle.

2

Risk Register

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 12

this presentation was brought to you by www.human.ca

Steps to Strategic Planning 1 2 3 4 5 6 7 8 9

Gather Facts SWOT Analysis Assess Risks Create Objectives Measurement Method Determine Baseline Determine Target Plan Actions Monitor Results Approve Budget Previous Fiscal Year New Fiscal Year

23

this presentation was brought to you by www.human.ca

The Balanced Scorecard

• The Balanced Scorecard is a

strategic planning

• methodology. It’s a way of

looking at your organization holistically and long term.

• It also provides focus areas to

help determine where the

• rganization should improve

to ultimately help the bottom line.

Financial

Profitability

Customer

Customer Loyalty

Learning & Growth

Employee & Volunteer Skills & Attitude

Internal Business Process

Quality Products Quality Services

24

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 13

this presentation was brought to you by www.human.ca

Environmental Scan (gather data)

1. About IGMA (organizational chart) 2. Guiding Policy Statements 3. Strategic Initiatives Statement 4. What if IGMA was Created Today 5. Interested Parties, Their Needs and Expectations 6. Financial Data 7. IGMA Meeting Data 8. Membership Data 9. Knowledge Management Risks

• 10. Other Considerations
• 11. 2016/17 Strategic Objectives and Their Status

7.1.6 Organizational knowledge

25

this presentation was brought to you by www.human.ca

Interested Parties (Key Stakeholders)

• Members
• Volunteers
• Employees
• Contract Employees
• Sister Organizations
• Standard Development

Organizations (SDO’s)

• Federal Trade Association (FTC)

26

4.2 Understanding the needs and expectations of interested parties

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 14

this presentation was brought to you by www.human.ca

SWOT Analysis

27

SWOT analysis is an acronym for strengths, weaknesses, opportunities, and threats. It is a structured planning method that evaluates those four elements of an organization, project or business venture.

STRENGTHS

this presentation was brought to you by www.human.ca

We completed a SWOT Analysis

Strengths

Identify organizational Strengths, Weaknesses, Opportunities and Threats on the different flipcharts available. Add checkmarks  to ones already there that you agree with

Weaknesses Opportunities

Threats

28

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 15

this presentation was brought to you by www.human.ca

Risk and Opportunity Rating Matrices

29

A Rating Matrix is a tool that is used to assess the various levels of risk or opportunities for the organization.

The Risk Rating Matrix looks at the likelihood

• f risks occurring and the impact on the
• rganization if they did occur.

The Opportunity Rating Matrix looks at the ease of implementation of opportunities and the impact on the organization if they were taken advantage of. this presentation was brought to you by www.human.ca

Risk and Opportunity Register

30

NEW RISK Rating Only # R/O Category Description Rating Treatment Owner Due Date Date Complete Likeli hood Impact Rating Creating and maintaining a risk and opportunity register protects the assets of a business. ... To be effective, an organization's risk management plan requires the development and maintenance of an ongoing process that enables the identification, analysis, evaluation, and treatment of risks and opportunities that may impact the organization.

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 16

this presentation was brought to you by www.human.ca

Risk and Opportunity Treatments Treatments are the different strategies that can be put in place to reduce the risk or increase the opportunity.

31

Increase

(in cases of opportunity)

Remove Source Change Likelihood Change Impact Share

this presentation was brought to you by www.human.ca

32

Here’s a risk‐based thinking tool to use with any change initiative Force Field Analysis

3

Based on an article by www.mindtools.com Force Field Analysis ‐ Analyzing the Pressures For and Against Change

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 17

this presentation was brought to you by www.human.ca

Force Field Analysis

33

Force Field Analysis was created by Kurt Lewin in the 1940s. Lewin

• riginally used it in his work as a social psychologist. Today, however, it

is also used in business, for making and communicating go/no‐go decisions. The idea behind Force Field Analysis is that situations are maintained by an equilibrium between forces that drive change and others that resist change. For change to happen, the driving forces must be strengthened or the resisting forces weakened.

this presentation was brought to you by www.human.ca

34

Step 1: Describe Your Plan or Proposal for Change Define your goal or vision for change, and write it down in a box in the middle of the page. Step 2: Identify Forces For Change Think about the kinds of forces that are driving

• change. These can be internal and external.

Step 3: Identify Forces Against Change Now brainstorm the forces that resist or are unfavorable to change. Step 4: Assign Scores Next, score each force, from, say, one (weak) to five (strong), according to the degree of influence each

• ne has on the plan, and then add up the scores for

each side (for and against).

Customers want new products Reduced training time Loss of staff

• vertime

Staff fearful of new technology Cost Impact on environment Disruption Low maintenance costs Improved production speed

To carry out a Force Field Analysis, use a blank sheet

• f paper or a whiteboard, and follow these five steps.

IGMA 2017/18 Strategic Planning Workshop July 31, 2017 Montreal, Quebec Summer Conference 18

this presentation was brought to you by www.human.ca Step 5: Analyze and Apply Now that you've done your Force Field Analysis, you can use it in two ways:

• 1. Decide whether or not to move forward with the

decision.

• 2. Think about which supportive forces you can

strengthen and which opposing or resisting forces you can weaken, and how to make the change more successful.

For instance, you could:

• Train staff to minimize their fear of technology. The

cost of training increases "Cost" to 4 but the benefits reduce "Staff fearful of new technology" to 1.

• Introduce employee empowerment and innovation

teams, along with single minute exchange of dies (SMED). This could reduce loss of staff overtime to 2, increase production speed to 3, and increase low maintenance/downtime costs to 3.

• Introduce “on the job training”. This could increase

reduced training time to 4.

Forces for Change Forces against Change

Customers want new products Reduced training time Loss of staff

• vertime

Cost Disruption Low maintenance costs Improved production speed Impact on environment Staff fearful of new technology

Total: 14 Total: 9

These changes would swing the balance from 11:10 (against the plan), to 14:9 (in favor of the plan). this presentation was brought to you by www.human.ca

We hope you enjoyed this Managing Risk presentation

LIKES WISHES

1. Common sense 2. Good examples: clean and crisp 3. Good overview

• 1. Would like to see data to back up

use of specific tool

• 2. Which tools are used the most

across organizations and which are most successful

• 3. Would have like it to be interactive

36