How do you Assess Quality Risk?

Managing Quality Risk

By Jack T. Bogle, Managing Partner | Click here to request the full article and FMEA examples as a Microsoft Excel and Word files.

In ISO 9001:2015, Preventive Actions appear to be giving way to Risk Assessment and Management, similar to what we have learned in AS9100, ISO 13485, ISO 14001, and 19001 among others.

I am exploring ways to us Failure Mode Effects Analysis methods to assess quality risks. Ultimately, I intend to add a working module for assessing risk into QMSCAPA, our quality management software (single-users may have a free license). The functional level of usability that I hope to achieve is to provide support for the evaluation of ISO 14001 Significant Environmental Aspects, and risk assessments associated with medical devices and aerospace components.

In FMEA, failures are prioritized according to how serious their consequences are, how frequently they occur and how easily they can be detected. An FMEA also documents current knowledge and actions about the risks of failures for use in continual improvement. FMEA is used during design, planning and production stages with an aim to avoid future failures and sometimes called preventive actions. Very often it is used for process control, before and during ongoing operation of the process. Ideally, FMEA begins during the earliest conceptual stages of design and continues throughout product or service realization.

The outcomes of an FMEA development are actions to prevent or reduce the severity or likelihood of failures, starting with the highest-priority ones. Also, it may be used to evaluate risk, develop priorities for risk management and mitigating known threat vulnerabilities. Lastly, FMEA helps determine the appropriate selection for remedial actions that reduce cumulative impacts of life-cycle consequences (risks) from a systems failure (fault).

Let me know your thoughts and ideas for assessing risk in quality management systems.

Advantages for Using FMEAs

  • Improve the quality, reliability and safety of a product/process
  • Improve company image and competitiveness
  • Increase user satisfaction
  • Reduce system development time and cost
  • Collect information to reduce future failures, capture knowledge for lower risk
  • Reduce the potential for rework, warranty and product return concerns
  • Early identification and elimination of potential failure modes
  • Emphasize problem or failure prevention
  • Minimize late changes and associated cost
  • Promotes collaboration for teamwork and idea exchange between functions
  • Accentuates preventive action, which reduces the possibility of same kind of failure in future
  • Reduce impact on company profit margin
  • Improve production yield

The example Failure Mode Effects Analysis (FMEA) table shown below or on the following page is designed to multiply the ratings for DS * POF * CD, which equals the Priority Risk Number (RPN).

Failure Mode Effects Analysis (FMEA) for Risk Assessments

Note: The Risk Priority Number (RPN) Column contains a formula to multiply P * S * D = RPN

Row #

Activity or Factor






What can happen if …



The wrong ingredients or components are used, or



The wrong package is used, or



The wrong size is made or shipped, or



The wrong color is shipped, or



The wrong label is on the product, or



The delivery is not on-time, or



The product is damaged in delivery, or



The product is lost during shipping, or



You know Murphy, what can go wrong will eventually go wrong in preventive measures are not designed into to your QMS


  1. Probability  (P) of occurrence description and impact rating (1 lowest & 10 highest);
  2. Degree of Severity (S) description and impact rating (1 lowest & 10 highest);
  3. Certainty of Detection (D) description; ability to detect from inspection or use and impact rating (1 lowest & 10 highest);
  4. RPN = Risk Priority Number.