Reducing Risk

Through Quality
What the C-Suite
Needs to Know

In most enterprise organizations, risk management activities occur outside

the purview of quality assurance processes. However, a modern digital quality
management system (QMS) provides many applications for integrating
key strategic risk management and mitigation processes within a quality
management framework. This moves C-suite executives closer to understanding
the value of the connection between risk and quality. Using the language of risk
is a powerful way to shift the traditional viewpoint that quality management is
only crucial for compliance.
While quality inherently connects to activities across business divisions, many
internal stakeholders within the enterprise don’t understand quality beyond
immediate compliance requirements. However, risk management is a framework
that is far more compelling and influential.
Risk management is a significant focus of C-suite executives and is considered
a top 10 concern for executive leadership teams. Compliance and quality
management fall lower on the list of priorities for the C-suite. Therefore, by
incorporating the language of risk management, quality management teams
are better prepared to secure executive support for investments in quality
management solutions.
Quality standards like ISO:9001:2015, ISO:13485:2016, and IATF:16949:2016
move toward incorporating the language of risk. However, even when there’s no

www.etq.com
2 | Mitigating design risk: early detection at lowest cost www.etq.com

explicit mention of risk, the concept is invoked. Therefore, we

can say we base all modern quality management standards on
mitigating risks.

The core processes of risk management activities involve:

• Identifying the risk of different hazards through the design, supply chain,
production, and post-market phases

• Assessing the risk of hazards

• Building controls to reduce risk and mitigate its effects

• Review of controls by analyzing and

auditing critical quality data

Risk management is inherently data-

intensive. It benefits tremendously from
using a quality management system
that removes data silos and creates
a single source of truth connecting
risk management activities, quality
management teams, and other business
divisions across your organization’s
footprint.

Mitigating Design Risk: Early

Detection at Lowest Cost
Enterprise organizations need to identify
problems, risks, and quality issues as early as possible, to save costs on
scrap, rework or recalls. However, it’s very tough to identify risks early in the
design process due to a lack of evidence and business intelligence insights.
Thus, it becomes essential to estimate risk based on observing similar
products, industries, and outcomes in research.

It’s very tough to know the actual severity and incidence of risks at this
stage of the development process. Early on, it’s more likely that emergent
risks can be of high value regarding importance, and high difficulty
regarding the ease of mitigation. This stems from a lack of understanding of
what’s happening according to measurable and observable data points.

Your automated QMS platforms should provide a Failure Modes and Effects
3 | Addressing supply chain risk: managing external risks www.etq.com

Analysis (FMEA), safety analysis mode, and Hazard Analysis and

Critical Control Points mode (HACCP) that provide the detailed and
granular insights quality management teams need to mitigate risks
using strategic data connected to the design process. The result is the
ability to collect, interpret, and use complex and nuanced data points,
providing a more granular and holistic view of reducing risk.

Addressing Supply Chain Risk: Managing

External Risks
It’s very challenging for many enterprises to manage external supply
chain risks outside their organizational ecosystems. Supply chain
fragility and supplier quality issues can pose extremely severe hazards,
leading to measurable risks. Ideally,
you should be able to securely bring
external supply chain partners into a
quality management system to support
collaboration and data sharing without
creating unnecessary risks.

With secure and tightly controlled

access, external partners can only see
what they’re supposed to see and
nothing more. The ability to create
external user types to incorporate
external partners into the software’s
access control framework is vital to
bring external supply chain partners into
your QMS without creating additional
risks for your organization.

A modern QMS delivers tools to develop

a deeper understanding of your supply
chain by incorporating a supplier qualification system to onboard
suppliers and create a rating to identify how risky it could be to work
with them in the future. In this way, customers can conduct supplier
audits and provide a structure to understand the supplier’s risk level
according to actual measurable and observable data. QMS data also
drives the production part approval process (PPAP) to develop a deeper
understanding of supplier quality and use corrective and preventative
actions (CAPA) to mitigate supplier risks.
4 | Responding to production risks: focusing on the most critical issues www.etq.com

Nonconformance material reporting (NCMR), ensures the integrity of

incoming production materials. However, many enterprise organizations
haven’t started using this application system to reduce risk. This represents
a significant opportunity for mitigating supply chain risk by supporting the
creation of supplier corrective action requests (SCAR). That gives a risk
level rating to the SCAR and then evaluates that risk according to what has
been done while providing a ranking framework to
understand how well supplier quality risk has been
mitigated.

The result is creating supplier ratings, providing a

means to collect data about suppliers and report it
back to them from within a purpose-built dashboard
which allows suppliers to take advantage of a
quantitative assessment of their performance
using the language of risk and evidence culled from
observable data.

Responding to Production Risks:

Focusing on the Most Critical Issues
Though it’s preferable to catch quality issues through
the design and supply chain processes, problems
happen during production. Unless they’re mitigated,
those risks may enter the market and endanger your
organization’s success.

A digital QMS can uncover predictive non-conformances (near misses)

and allow your quality teams to track these issues to develop a better idea
of what could happen in the future. This data enables your organization
to better align quality control data from the shop floor with quality
management processes upstream in the manufacturing lifecycle to
proactively take action to mitigate different levels of risk.

Such a system also supercharges investigations like root cause analysis,

corrective and preventative actions, and risk-based incoming inspections.
These investigations allow quality teams to adjust these processes
according to defined and measurable risk in order to reduce costs.
Additionally, risk-based auditing will save time and boost organizational
efficiency.
5 | Post-market risk: creating a continuous improvement feedback loop www.etq.com

Post-Market Risk: Creating a Continuous

Improvement Feedback Loop
Responding to post-market risk is essential to delivering a culture of
continuous improvement by creating a dynamic
feedback loop connecting complaints and customer
feedback to better inform design, engineering,
supply chain management, and production
processes. Though a great deal of customer-facing
data is likely to be collected outside of the QMS
ecosystem, any QMS worth its salt should provide
the means to feed these pieces of data into the
system to create a more holistic picture of risk
challenges and opportunities for mitigation.

Focusing attention on post-market risk means:

• Using market performance data to adjust risk

controls and future processes to identify new and
emerging hazards

• Determining new acceptable risk levels according

to severity and occurrence rates to reduce risk as
much as possible or practical.

ETQ Delivers the Most Comprehensive Array of

Risk Management Applications Found in Any
QMS
Risk is the language of C-suite decision-makers and provides the
perfect foundation quality teams need to make a case for future
strategic investments and resource allocations to transfer quality
from a cost-burden to a fundamental driver of value across your
organizational ecosystem.

ETQ Reliance is the most comprehensive QMS software solution on

the market and allows your quality team to present quality challenges
and opportunities to the C-suite using the language of risk. With 40
applications on a common platform hosted in the cloud, Reliance
is effective out-of-the-box or easily configured to your enterprise
6 | Smart manufacturing and automated QMS in concert www.etq.com

organization’s specific needs. Reliance applications that support risk

assessment, management and mitigation include:

• Risk surveys • Complaints with risk assessment

• FMEA • Incidents with risk assessment

• HACCP • Safety data sheets with risk assessment

• PPAP • Risk register

• Suppliers, materials, chemicals • Change management

• Audits with risk assessment • Document control

• NCMR/NCR with risk assessment • Training management

• SCAR with risk assessment • Insights

• CAPA with risk assessment

Consult an expert today to learn how you can reduce risk at your
organization.

Consult an Expert

Risk and Quality FAQ

How does risk management and quality management work together?

Unfortunately, risk management and quality management processes don’t work

together or complement each other in many organizations. ETQ Reliance NXG
provides the means to integrate these processes better.

What is the relation between risk management and quality control?

Risk management is a dynamic, cross-functional, multi-disciplinary process,

whereas quality control focuses on maintaining and enhancing production
standards. Each of these processes represents opportunities for quality
management professionals.
7 | Risk and quality FAQ’s www.etq.com

Are there any overlaps and/or interrelationships between risk management

and quality management?

Yes, the language of risk management is the perfect foundation for

discussing quality management with executive leadership teams.
Both processes are essential for developing a culture of continuous
improvement by using evidence-based means to identify and respond to
emergent issues.

Why is it important to know the difference between risk and quality

management?

By incorporating risk management within a quality management

framework, organizations are better prepared to develop proactive
strategies for responding to emerging challenges and opportunities.
The result is a culture of continuous improvement that connects teams,
datasets, and business goals across your enterprise organization.

About ETQ: ETQ is the leading provider of quality, EHS and compliance management software, trusted by the world’s strongest
brands, like Kimberly-Clark, Jazz Pharmaceuticals, Herman Miller and Chobani. Global companies, spanning industries including
automotive, biotech, food and beverage, manufacturing and medical devices, use ETQ to secure positive brand reputations, deliver
higher levels of customer loyalty and enhance profitability. ETQ Reliance offers built-in best practices and powerful flexibility to drive
business excellence through quality. Only ETQ lets customers configure industry-proven quality processes to their unique needs and
business vision. ETQ was founded in 1992 and has main offices located in the U.S. and Europe. To learn more about ETQ and its product
offerings, visit www.ETQ.com.