In the era of increasing volatility, uncertainty, complexity, and ambiguity, companies experience instability and a tendency towards risk, which can surprise virtually every organization globally.
Despite clear concepts and common understanding of the importance of risk management in the automotive market, this process is becoming increasingly critical. The daily characterization associated with the concept of risk, combined with the statistical nature of all the processes we deal with, has led to the recognition of risk management as a valuable element of business management.
Why is Risk Assessment so important today?
Production facilities must identify and manage all risks associated with their business, including strategic, market, financial, operational, compliance, IT, and social, ethical, and environmental risks. Managing these risks is essential to keep them at an acceptable level.
It is no longer acceptable for organizations to find themselves in situations where unexpected events cause financial loss, disruption to normal operations, damage to reputation, and loss of market presence. External and internal stakeholders expect companies to fully consider the risks.
These risks may result in non-compliance with statutory obligations, disruption and inefficiency of manufacturing operations, delays in project delivery, or failure to deliver on a promised strategy.
Effective risk management should lead to better and more informed decisions, giving stakeholders and the business community greater confidence in the organization’s ability to cope with potential risks, reflecting the perceived value and sustainability of that business.
Start by choosing the right Risk Management tools
Companies manage many types of risk. Therefore, they need tools that will allow for appropriate classification and rational decision-making regarding the associated costs.
Risk identification is the first “trap” that is easy to fall into. The point of this stage is to be inventive, predictive, and innovative. Managers should regularly perform risk identification. This usually takes the form of more or less formalized checklists. This is the simplest but also the least valuable way to identify risks.
It does not allow one to go beyond existing beliefs, hinders group work, and does not allow for the free identification of new threats. It is worth considering more extensive tools, such as:
- Process mapping
- Flow charts
- HAZOP (Hazard and Operability Studies)
- HAZID (Hazard Identification Study)
- Fault Tree Analysis
- Root Cause Analysis
- PESTEL analysis (a framework to assess political, economic, social, technological, environmental, and legal factors)
Thorough reviews of the flows and concentration of the company’s resources in geographical and logical terms will also be helpful. Talks and workshops conducted with managers and lower operational level leaders are invaluable. Often, they are much better aware of the risks that threaten the company than the management board.
The role of the ISO 31000 norm in the Risk Management process
The ISO 31000 norm is a set of basic principles, frameworks, and guidelines for risk management. It allows for more efficient and effective implementation of tasks and business goals by adopting appropriate actions in designing, implementing, maintaining, and improving the risk management process in the organization.
Like any modern management system, the creators built the ISO 31000 norm on the basis of the Deming cycle, which further facilitates its implementation in a company of any profile. The implementation of the international ISO 31000 norm enables the introduction of high standards for identifying, assessing, and minimizing risks and teaches how to respond to them.
Effective risk management in four steps
It is a mistake for companies to limit themselves only to the assessment of a selected area, which they have marked as high, medium, or low risk. They then adjust their hedging decisions accordingly. Other organizations use advanced quantitative or qualitative methods to understand and assess risk.
The risk management process should start with a proper search and description of the encountered risk (risk identification). This will consequently be of fundamental importance in determining the nature of the risk and determining its level (risk analysis).
Knowing the type and nature of the risk, the results of the risk analysis can be compared with the risk criteria to determine whether the risk and/or its magnitude is acceptable or tolerable (risk evaluation).
Ultimately, the organization faces the choice and implementation of risk-modifying actions or its complete elimination (risk treatment).
Risk analysis of your suppliers is also key
Reaching a common understanding of how to apply risk management among stakeholders in a given process is very difficult. Why? Because each stakeholder perceives potential harms differently and attributes different probabilities and different degrees of severity to each potential risk.
Given the diversity of stakeholders, protecting production processes and products through objective compliance management should be considered paramount. An effectively structured approach to risk management can ensure the quality of processes along the supply chain.
We can’t forget the final quality of the product for the customer, as it provides the means to identify and control potential quality hazards in the development and production phases.
In addition, when crisis management is required, quality risk management can optimize the decision-making process. This approach is used, for example, by Stellantis (formerly FCA) as part of risk management. Its use results from the Customer Specific Requirements, which can be found on the IATF website.
Automotive Risk management – summary
All activities undertaken as part of the risk management strategy aim at the production of a product or service, the use of which will fully satisfy the ordering party and, above all, end users and clients. Customer satisfaction is a guarantee of success and is related to the continuous development of the company.
How can it be achieved?
By obtaining increased revenues and reducing the fear of taking risks in terms of incurring additional costs.
Companies making various decisions on a daily basis must consider risks. On one hand, they are perceived as a threat, and on the other hand, they may be a prerequisite for success. Only companies that can handle risk better than their competitors can gain an advantage over them.
Literature:
1. Collective authors, Risk Management Handbook for Suppliers FCA, 3rd Edition, May30th 2020.
2. Paul Hopkin, Fundamentals of Risk Management: Understanding, Evaluating and Implementing
Effective Risk Management, Kogan Page Publishers, 2018.
3. ISO/IEC 31000:2018 norm
