Risk Management I – A proactive approach to resolve future root causes and their potential consequences.

Risk Management gives the visibility on the future root causes, their consequences and ways to reduce the impact of the potential negative effects of these future root causes.  The underlined words “Future” and “potential” here indicate, it is a futuristic strategy of the organization. Risk Management can be applied at all levels of the organization. It can be applied at project, level, unit level or at organization level.
Risk Management is not a mandatory process required for ISO 9001. However, this is a Mandatory process as per AS 9100 and, a Maturity level 2 (ML2) process area for CMMI. Even though the requirements of both AS 9100 and CMMI are similar, there are subtle differences between these two.

To discuss more on the Risk Management (RSKM) we will start with few definitions.

What is Risk?
Risk is an undesirable situation or circumstance that has both a likelihood of occurring and a potentially negative consequence.
This is possible at every stage of Production or Service Provision, right from the contract development stage till Post Sales. The potential negative consequence chiefly rely on the Quality, Schedule or Cost. Whatever effort you put in, the process at every stage has some possible slippage (Remember Murphy). The Organization shall look at identifying and mitigating the effects of these likely slippage, at all Levels.

What is risk management?. Why is it needed?
Risk Management is an iterative process to identify, assess, reduce, accept, and control risks in a systematic, proactive, comprehensive and cost-effective way, taking into account the business, costs, technical, quality and schedule programmatic constraints.
Risk Management is needed to reduce the chances of potential negative result of a likely event on the business. This involves a focus on the risks to meeting customer requirements, and preventing product non conformance escapes.   The absence of a Risk Management program can result in known, unknown, and unknowable /unforeseen problems for the Customer and Stakeholders about the cost, schedule, and technical performance of programs and about the quality and on-delivery performance of products and services.

In the Second Part, we will discuss the benefits of a Risk management program.
Please share this on Facebook. if you like this blog, like us on https://www.facebook.com/excellencementor

Originally posted 2013-10-13 05:22:00.

CMMI Service Model – Process Areas by Maturity Levels

There are a total of 24 process areas to defined in the CMMI Service Model. This model is also called as CMMI-SVC. These are divided into 4 groups by Maturity Level. Even though there are 5 Maturity levels, there is none defined for Level 1. The maturity levels Start only from Level 2. For an organization to achieve a specific maturity level, it must be practicing all the practices defined for each of the process area defined for the specific Level.  Level 4 & 5 are called as High Maturity Process Areas. I will discuss each of the process areas in my later posts. As the Maturity Level increases, the practices required to be implemented increases. Please note that a higher level includes all the process areas listed in the Previous level.

Now Let us list the process areas, along with their common acronym Used.

Level 1 – Initial
Level -2 – Managed

  1. Configuration Management (CM) 
  2. Measurement and Analysis (MA)
  3. Process and Product Quality Assurance (PPQA)
  4. Requirements Management (REQM)
  5. Supplier Agreement Management (SAM) – This PA is optional
  6. Service Delivery (SD)
  7. Work Monitoring and Control (WMC)
  8. Work Planning (WP)
Level -3 -Defined
  1. Capacity and Availability Management (CAM)
  2. Decision Analysis and Resolution (DAR)
  3. Incident Resolution and Prevention (IRP)
  4. Integrated Work Management (IWM)
  5. Organizational Process Definition (OPD)
  6. Organizational Process Focus (OPF
  7. Organizational Training (OT)
  8. Risk Management (RSKM)
  9. Service Continuity (SCON)
  10. Service System Development (SSD)
  11. Service System Transition (SST)
  12. Strategic Service Management (STSM)
Level – 4- Quantitatively Managed
  1. Organizational Process Performance (OPP)
  2. Quantitative Work Management (QWM)
Level – 5 Optimizing
  1. Causal Analysis and Resolution (CAR)
  2. Organizational Performance Management (OPM)
We will discuss various components subsequently
Please share this on facebook. if you like this blog, like us on https://www.facebook.com/excellencementor

Originally posted 2013-08-25 20:13:00.

Capability and Maturity Model (CMMI) – Levels

Capability and Maturity Model is initially developed for department of Defense. The main focus of CMMI is to make sure that constant integration of Systems and Software. According to Software Engineering Institute, there are 5 levels of maturity in the Capability and Maturity Model. There is a clear distinction between the Capability and Maturity. the method of assessment differs for Capability assessment and Maturity assessment
The Maturity levels are
1. initial – Process Ineffective, Poorly controlled and Highly Reactive.
2. Managed – Process Characterized for Projects and often Reactive
3. Defined – Process Characterized for organization and is proactive. (Projects tailor the organizational process to the project needs)
4. Quantitatively Managed – Process Measured and Controlled.
5. Optimizing – Focus on Process Improvement.
From Maturity Level 2 and above, there are a set of process Areas which the organization is expected to carry out. we will discuss these in the subsequent posts.

Level 4 and 5 are called as High maturity processes where data based decision-making plays a vital role

Please share this on Facebook. if you like this blog, like us on https://www.facebook.com/excellencementor

Originally posted 2013-08-24 03:45:00.

Industry Specific international Standards

There are many industry specific international standards other than ISO 9000 family. ISO 9000 family is the most widely used Quality Management System across the world. This is not specific to any Industry or Group of Industries. The requirements specified in ISO 9001 are generic and can be applied to a grocery shop to a Large OEM. However, some of the Industries have felt the need for inclusion of specific Requirements based on the industry conditions. These are further included in the ISO family of standards with a distinct identification. Generally these are built upon ISO 9001 Quality Management System, with additional requirements. Whenever the ISO 9001 Standard changes, these industry specific standards are also changed.
I have put together the list of standards which are applicable for different industries. Although there is a huge list, we have added few things which are adopted by major industries.
Standard Industry Standard Prepared by and controlled by
ISO 9001:2008 General ISO
ISO/TS16949:2009 Automotive International Automotive Task Force (IATF)
ISO/IEC 17025 Laboratory ISO
ISO/AS 9100 Rev C Aerospace IAQG
ISO 22000 : 2012 Food Industry ISO
ISO/TS 29001:2010 Petroleum, petrochemical and natural gas industries ISO

In addition to these there are many other international standards which are industry specific, which are not listed above. However, these are not so popular as the ones listed above.

The OEMs in these industries insist that the suppliers be certified to or at least complaint to the industry specific standards. This will help reduce the pressure on these companies for supplier inspections rigor. This will also help the suppliers to reduce the number of audits faced. This way the cost of audit on both the supplier and the OEM are reduced.

Please share this on Facebook. if you like this blog, like us on Facebook page

Originally posted 2012-09-27 04:49:00.