by Duke Okes
Implementation of a quality management system (QMS) provides standardized processes that reduce variation and risk. Although some problems will still occur, if corrective actions are effective, the organization will learn and implement changes to make its processes more robust. Auditors can contribute to the improvement of the corrective action process by identifying issues that keep it from being more effective—in essence, by auditing corrective action. Following are some of the barriers often found:
- No guidance or training is provided on how to perform an investigation. Although corrective action procedures provide a high-level description of what to do when problems occur, they seldom include advice for how to logically approach the diagnostic process that will provide data to support actual causes. Personnel often rely on brainstorming and voting, which can be significantly affected by personal biases and political power. Note that ISO 9001 and its derivative standards require competence. Root cause analysis is one competency every organization needs.
- Data to support actual causes are not required. For many organizations simply revising the corrective action form to include a field titled “Evidence to Support” after the field that includes the “Identified Cause(s)” would be a big step. If investigators can’t support the identified cause(s) with specific evidence (which may include that other possibilities were ruled out and how), then it’s likely they’re just guessing.
- The appropriate depth for each investigation isn’t consciously decided. For any problem, there is a nearly infinite level of causes that goes all the way back to the beginning of time. Of course, that’s a bit of overkill, but organizations often stop at a physical cause level (of which there can again be many sequentially). Whether to go to a deeper level to include the root cause often isn’t discussed and isn’t based on research of previous occurrences of the same or similar problem or cause.
- Personnel involved in investigation, solution generation, and implementation don’t support good change-management practices. In far too many organizations, it’s expected that one individual will perform the investigation and provide solution recommendation. This means that a lot of knowledge is being ignored and those who must implement the solution have no investment in it.
- Solutions are designed to detect, not prevent, the problem in the future. There are times, such as in a high-risk environment or when a preventive solution is impossible or not economically viable, when adding another check step may be necessary. However, this adds another step (and associated resources, time, and cost) to the process, and doesn’t really address what caused the problem in the first place. Efforts should focus on prevention first and detection only when absolutely necessary.
- Incorrect terminology is used to describe solution actions. It’s no wonder it’s difficult to implement good preventive action (i.e., risk management) practices when they think they’re doing so when problems occur. Although action taken to resolve an existing problem is intended to prevent recurrence, it’s not preventive action; it’s corrective action. Real preventive action prevents problems from occurring.
- Potential secondary effects of solutions aren’t considered. When a solution is implemented, it’s intended to improve the performance of some output variable. However, most processes are multivariate and interact with other processes. This means that the solution that fixes one problem may in fact cause another.
- The culture of the organization is punitive. In this environment, people won’t want to be involved, and if they are involved, they won’t be open and honest if corrective actions are seen as indicating “someone messed up.” W. Edwards Deming modified the “check” step in Walter Shewhart’s plan-do-check-act cycle to “study,” indicating that its purpose is to learn. Implemented processes are based on what is currently known by the organization. Corrective actions give them the opportunity to close some of the gaps in that knowledge.
Auditors are systems thinkers who have the advantage of assessing and reassessing the same processes over time. When a process is continually ineffective, auditors should think deeper about organizational issues that might be causing the problem, regardless of whether those issues are addressed as a requirement in external standards or internal policies and procedures.
About the author
Duke Okes is a knowledge architect who provides guidance for management system design, assessment of those systems through metrics and audits, and the use of root cause analysis to address performance issues. He’s an ASQ fellow and author of Root Cause Analysis: The Core of Problem Solving and Corrective Action (ASQ Quality Press, 2009). He can be reached at www.aplomet.com.
Tags: auditing corrective action.