Using FMEA to Manage Risk Under ISO 9001:2015
Using Failure Mode Engineering Analysis (FMEA) is a great way to manage risks addressed in ISO 9001. FMEA risk has gained new prominence with the adoption of the latest revision of standards using the Annex L structure. ISO 9001:2015 calls for instituting “risk-based thinking” throughout the standard as part of its quality management requirements. This means first identifying operational risks and then dealing with them.
Jump to Section:
What is FMEA?
FMEA is the abbreviation for Failure Mode Engineering Analysis. FMEA is a type of risk assessment that uses a step-by-step approach to identify potential failures in a design, process or a product or service. This identification allows for analysis to prevent or reduce future failures. “Failure modes” refers to the ways in which something can fail. “Effects analysis” refers to the scrutinizing of the consequences of each of those failures. FMEA for 9001 is a preventative action, meant to be implemented before a process or product is designed, modified or applied in a new way. It’s also wise to use FMEA periodically throughout the life of a product, process or service.
What Does FMEA Accomplish?
FMEA for ISO 9001 helps companies accomplish several things including: identify and prioritize failures according to how serious their consequences are, their frequency, and the ease with which they can be detected. The purpose of conducting an FMEA is to take action to reduce or eliminate each potential failure. FMEA documents existing knowledge and actions companies are already using in their continuous improvement process and can be used to prevent potential failures with future processes and products. The results of a risk analysis are documented in an ISO 9001 FMEA worksheet where they are used to help plan preventative measures, resulting in the production of safer, less failure-prone manufacturing, distribution and services systems.
Resources for interpreting and documenting risks:
The implementation of ISO 9001 FMEA could have a dramatic impact on many industries ranging from the prevention of fatalities to more efficient improvement of products, services and processes.
Where FMEA Can be Applied.
FMEA can be applied to other specific areas such as testing/evaluating concepts, improving in-field reliability, software functioning and security, hazard analysis, human factors and service-based analysis, business processes and more.
(See FMEA courses available for only $69 for full 8-hour course)
There are three major types of FMEAs:
Source: Effective FMEAs by Carl Carlson, John Wiley and Sons, publisher.
Similarly, the effects of this type of analysis is used to anticipate the effect of a given failure. Here’s an example using a component of a construction tool, in this case A pile driver which a typically large scale-device used to force support shafts/girders/poles into the ground, often as a foundational support for buildings, highways, bridges or similar structures.
|Pile driver main plunger|
|To provide vertical force to insert the desired object into soil at the desired depth and angle with the desired positional retention over time.|
|Main plunger contact facing with driven element cracks or fractures.|
|The plunger shaft no longer contacts the driven element correctly causing damage to the element or the plunger shaft|
|Plunger shaft jams and can no longer provide vertical movement|
|No elements (poles/girders/support shafts) can be driven into the ground|
|The driven element is deflected from the desired angle.|
FMEA is a living document that can be constructed, adapted and modified in a variety of different ways. Below is a summary of the steps included in an FMEA analysis:
- Select a process to analyze.
- Identify individuals from all departments with specific knowledge of processes, products and client needs to brainstorm potential failure modes.
- Describe the process and/or product in detail.
- Identify all potential failures. This includes all of the components, systems, processes and functions that could potentially fail to meet the quality or reliability standard and the potential causes.
- Identify all the potential consequences of each failure.
- Assign a severity rating (S) to each failure according to the significance of the impact it has. Severity is often ranked on a scale from 1 to 10, one being insignificant and 10 being catastrophic.
- Identify all possible root causes of each failure. Some companies use cause analysis tools in addition to the knowledge and experience of their staff.
- Assign each cause an occurrence rating (O). This is often rated on a scale of 1 to 10, with 1 being rare and 10 being inevitable.
- For each cause, identify current process controls that are in place to prevent these failures from impacting customers.
- For each control, assign a detection rating (D) to determine how well the controls are able to detect the cause or failure mode once they have occurred, but before a customer is affected. This is typically rated on a scale of 1 to 10, with 1 meaning the problem will be detected with absolute certainty and 10 meaning the control will most likely never detect the problem.
- Determine a risk priority number (RPN) based on the rankings (SxOxD) for each potential failure and rank them.
- Plan and implement changes to address the failures based on the RPN identifications.
- Measure and document the success of each process change.
Continuous improvement is a key element of the FMEA process in recording observed data and results regarding the potential for, and actual, failures. This process can be used as an input for the continuous improvement mandated by ISO 9001.