FMEA (Failure Mode and Effect Analysis) is a risk management tool that is widely used across all industries in three forms.

Failure mode and effect analysis is one of the most widely used risk management tool within and outside a six sigma project.

As the name suggests it is a tool used to identify the failure mode of process steps, their failure modes and the effect of the failure mode on the expected process outcomes. Subsequently one conducts analysis on the collected information and decides on risk treatment plan etc.

FMEA_FLow CHart

1.0 List down the process steps / inputs

A typical FMEA exercise will start with listing down the process steps or inputs to a process

1.1 Identify the failure mode to the identified process step

Identify all possible modes of failure mode of the process steps
1.2 QUANTIFY THE RISK (CALCULATE THE RPN)

Identified risk/risk event needs to be quantified using Severity, Occurrence & Detection.
1.2.1 Severity

How severe is the impact of this risk on the end desired result?

For every risk event we need to identify the impact the risk may have on the desired output
1.2.2 Occurrence

What are the chances of the identified risk event occurring?
1.2.3 Detection

What are your chances of detecting the risk event if and when it happens?

All the three need to be rated on a scale of 1 -10, where 1 would mean least & 10 most.

Failure mode and effect analysis is one of the most widely used risk management tool within and outside a six sigma project.

As the name suggests it is a tool used to identify the failure mode of process steps, their failure modes and the effect of the failure mode on the expected process outcomes. Subsequently one conducts analysis on the collected information and decides on risk treatment plan etc.

FMEA_FLow CHart

1.0 List down the process steps / inputs

A typical FMEA exercise will start with listing down the process steps or inputs to a process

1.1 Identify the failure mode to the identified process step

Identify all possible modes of failure mode of the process steps
1.2 QUANTIFY THE RISK (CALCULATE THE RPN)

Identified risk/risk event needs to be quantified using Severity, Occurrence & Detection.
1.2.1 Severity

How severe is the impact of this risk on the end desired result?

For every risk event we need to identify the impact the risk may have on the desired output
1.2.2 Occurrence

What are the chances of the identified risk event occurring?
1.2.3 Detection

What are your chances of detecting the risk event if and when it happens?

All the three need to be rated on a scale of 1 -10, where 1 would mean least & 10 most.

RPN (Risk Priority Number)

Multiply the S, O & D values to get a RPN (Risk Priority Number) value.

The Risk (RPN) may be classified as:

RPN

Classification

Greater than or equal to

Critical

Between   …….

High

Between …….

Medium

Between …….

Low

IDENTIFY CURRENT CONTROLS

Identify and document the current controls in place to prevent /or minimize the impact of each risk event.
IDENTIFY THE RESIDUAL RISK (Re – calculate RPN)

Once the current controls have been identified, one will need to revisit the Severity, Occurrence & Detection value, and ultimately the RPN value should also go down. This new RPN value is the value of residual risk.

DEVELOP THE RISK MANAGEMENT STRATEGY

As a part of the risk management strategy one out of the four options may be chosen to handle the risk

1)      Accept the risk

2)      Transfer the Risk

3)      Reduce the Risk

4)      Avoid the Risk
Accept the risk

Should be ideally done if the RPN value is in the non critical area and the organization decides to live with the risk. Exception from the above must be done under some risk acceptance guideline as created by the organization; absence of a system around risk acceptance will result in failure of the entire risk management exercise.
Transfer the risk

Risk can also be transferred to a third party (insurance company or a sub-contractor). Justification and the control mechanism for all such transfers will need to be suitably documented.

However it should always be kept in mind that if a risk is transferred in whole or in part, the organization may acquire a new risk, i.e. the risk that the organization to which the initial risk has been transferred may not manage the risk effectively.
Reduce the risk:

Risk can be reduced by putting effective controls in place.
Avoid the risk:

The organization may avoid the risk by deciding to stop, postpone, cancel, divert or discontinue with an activity that may be the cause for that risk.
Risk Treatment Plan

For all risks that have been classified as Critical & High, will necessarily have a risk treatment plan.

Once the Risk Treatment is ready, the implementation follows. One needs to build good rigor the same as great plans don’t guarantee great results. Results will be outcome of flawless implementation of the great plan.

Also the Risk Document created is not a onetime exercise, it will need to be revisited, redone once in a while as the “Newer” Control that one has setup may bring in more risks etc. Hence FMEA document is always treated as a live document.

During the six sigma project it can be used to :

A) Identify the root cause of the problem (people add a column of root cause right besides the column of possible failure mode of the process)

B) Build control plan for the sustenance of Y and X in the control phase

C) Build controls to ensure robust action items for Xs in the improve phase