Quality Basics: PDCA & Risk Management


Quality Management Basics Image

All good quality management efforts, including those following and/or in compliance with the ISO 9001 Quality Management Systems Standard, include an emphasis on risk management and the Plan-Do-Check-Act (PDCA) cycle for continuous improvement.

In this article, we give a brief introduction to risk management and the PDCA cycle and their relation to quality assurance and quality management.

And don't leave without downloading the free PDCA Cycle infographic from the bottom of this article!

Risk Management and PDCA/Continuous Improvement Are at the Heart of Quality Management Systems

Here's how the ASQ/ANSI/ISO 9001:2015 Quality Management Systems-Requirements standard explains the influence of risk management and the PDCA cycle for continuous improvement in quality management:

This international standard employs the process approach, which incorporates the Plan-Do-Check-Act (PDCA) cycle and risk-based thinking.

The process approach enables an organization to plan its processes and their interactions.

The PDCA cycle enables an organization to ensure that its processes are adequately resourced and managed, and that opportunities for improvement are determined and acted on.

Risk-based thinking enables an organization to determine the factors that could cause its processes and its quality management system to deviate from the planned results, to put in place preventive controls to minimize negative effects and to make maximum use of opportunities as they arise...

Source: 9001: 2015, Introduction, 0.1 General

So to help you with your quality management efforts, let's look at brief overviews of risk-based thinking and the PDCA cycle.

Risk, Risk-Based Thinking, and Risk Management

Before we talk about risk-based thinking and risk management, it helps to know what we mean by risk. For that, let's turn to the ISO 31000-2018 Risk Management-Guidelines standard, which defines risk this way:

Risk is risk as the “effect of uncertainty on objectives” and notes that “(a)n effect is a deviation from the expected.”

So you see that by this definition, risk has both positive and negative connotations since it's all about uncertainty as we pursue our objectives and changes from what's expected. A change can be good, or a change can be bad. Changes can present hazards, threats, and costs, but changes can also present opportunities, benefits, and rewards.

We cover this issue more in our Risk Management Basics: What Is Risk? article.

Once you've got a handle on what risk is, you can begin thinking of risk management. Again according to ISO 31000, risk management involves risk assessment--which itself can be broken down into risk identification, risk analysis, and risk evaluation--risk treatment, and monitoring and review.

Risk management can be applied to quality but to any other part of your organization as well--finance, supply chain, human resources, safety, and more.

The Plan-Do-Check-Act Cycle

The Plan-Do-Check-Act (PDCA) cycle is associated with Shewhart and Deming (there's a long story there...download our free PDCA cycle infographic below for the story) and it's a four-step process for carrying out and evaluating the effects of change. It's frequently used in quality management, lean manufacturing, project management, and other fields.

The four steps of the PDCA cycle are:

  1. Plan-Identify the opportunity for change and create a plan to carry out that change, including determining the desired objectives of the change.
  2. Do-Put your plan into action in small-scale tests to determine the results.
  3. Check-Collect and then analyze data from your small-scale test to determine if your plan was successful.
  4. Act-If your analysis showed that the plan led to beneficial results, roll it out on a larger scale. If your analysis showed that the plan didn't lead to beneficial results, go back to the drawing board and create a new plan and go through the PDCA cycle again.

The PDCA cycle is designed to be used in an iterative manner, meaning you do it again and again to create a virtuous cycle of continuous improvement.

Conclusion: Risk-Based Thinking and the PDCA Cycle Are Foundations of Effective Quality Management

We hope you enjoyed this article on the importance of risk-based thinking and the PDCA cycle for change and continuous improvement informative and we invite you to check out and keep up with other articles, past and forthcoming, in our ongoing Quality Management Basics series.

Feel free to let us know if you need some help with training for quality and quality management, including (but not limited to) training solutions for the food and beverage industries and cGMP.

Want to Know More?

Reach out and a Vector Solutions representative will respond back to help answer any questions you might have.