- 3 October 2018
Aerospace and Defense (A&D) manufacturers know how crucial it is to keep up with the latest in quality and safety standards; if you don’t stay compliant, you risk losing your standing in the industry. The new ISO 9001:2015 and AS9100 Revision D are all about improving the management of risk in A&D corporations by implementing risk-based thinking into manufacturing processes.
As part of the new revisions, your manufacturing company must show that you’re using risk-based thinking in your strategies for quality management. Risk-based thinking isn’t just about managing negative consequences. It’s also about recognizing opportunities with acceptable risk levels. Capitalizing on these opportunities can push the industry forward and help companies meet customer demands for better products and service.
It is quite likely that you’re already using risk-based thinking as part of your quality management strategy, but it may not be formalized or provable to an auditor. You might also be lacking technologies that can improve your quality management processes. Here are some ways you can formally implement risk-based thinking into your quality management strategy to stay compliant.
1. Use ERP for Predictive Analytics
Risk assessment begins with gathering data from your processes and resources. Enterprise Resource Planning (ERP) software allows you to collect all of your company’s data in one place for analysis, so you can generate a more accurate risk profile. Most companies know that without accurate and complete data, you cannot make useful predictions or strategies — yet research shows that only 3% of companies meet basic data quality standards. Leveraging an ERP solution is the best way for manufacturers to gather accurate data from all departments, and use it to make strategic decisions.
Beyond the use of ERP as a data warehouse, modern ERP systems can use predictive analytics to forecast risks when data is shifting in unexpected ways. An advanced ERP solution can even suggest plans for mitigating those risks. To get the full power of this combination, you need to have a clear understanding of what data is needed for risk identification and how you will capture it in your ERP system.
2. Build Risk Registers
A risk register is a living document that records identified risks, information on the severity of the risks, and how to mitigate those risks should they arise. These registers can be company-wide or per-project. There are many ways to build one, but all risk registers should have the following:
- Date the risk was identified or modified
- Description of the risk
- Likelihood of the risk occurring
- How severe the consequences would be if the risk happened
- How the company will deal with the risk (prevention, reduction, transfer, contingency plans, etc.)
- Who is responsible for implementing these countermeasures
- The status of the risk (Can it still affect the project? Are there countermeasures yet?)
For each new order, spend time with your development and operations teams brainstorming possible risks that could arise and how you plan to handle them. Once you’ve set up a risk register for one project, you can use it as a template for future projects. Showing documented risk registers for your company’s projects is a concrete way to display your risk-based thinking during an audit.
3. Identify And Remove Risky Silos
Departmental separation does help teams to focus, but it also opens up opportunities for risk. A small defect at one end of the process chain that slips through may never get checked again. While it is unreasonable for teams down the chain to double-check everything done by the teams before, there must be an easy way for cross-team communication to happen if something is discovered.
This could be as simple as storing company policies, risk registers, and data for each project digitally in your ERP system, so the information is accessible to each team that works on the project. If something is discovered or there is a question, any team member can view the project details in the ERP system and see who to contact to address the problem. This is similar to how version control software works in information technology. ERP centralizes and stores your project data, so it can serve as a record of responsibility and give employees guidance on how to fix problems.
Using Risk-Based Thinking Keeps You One Step Ahead
If your company is not up to date with ISO 9001 and AS9100 compliance, your ability to stay competitive in a fast-moving industry is at risk. The standards don’t require any specific risk management tools, so it’s up to you and your leadership team to determine what constitutes a strong assessment of risk at your facility. The above strategies are just a few ways to help you increase the level of risk-based thinking in your business.
Remember, risk assessment must rest on a foundation of good data. A modern ERP solution will collect your company data and organize it to help keep you compliant with the tightest of industry standards. If you need help getting the data you need to predict and plan for risks in your quality management strategy, speak with Cre8tive Technology and Design about our advanced ERP solutions.