Desktop version

Home arrow Management

FAILURE MODE, EFFECTS, AND CRITICALITY ANALYSIS

[1]

While failure mode, effects, and criticality analysis (FMECA) was originally developed to consider engineering process risks, it can also be applied to any form of process – even if the process deals exclusively with intangible or people-based risks. Before we consider how to apply this technique to a so-called soft process, it is perhaps most useful to look at an example that comes from a traditional engineering context so that we can understand the analytical process.

FMECA Example 1: Engineering Process

[2]

A large milk factory has a unit that is designed to pasteurize milk prior to bottling. Pasteurization is a process that heats milk to a specific temperature (typically 71.7°C/161°F) for a period of approximately 15 to 30 seconds. It is used to reduce the level of contamination from microorganisms that naturally occur in raw milk products. This process enables milk to be stored for a period of several weeks without spoiling if it is adequately refrigerated. The basic process sees raw milk forced between a series of heated plates, with the heat from the plates being transferred into the milk at a specific rate to achieve the desired pasteurization temperature. The plates themselves are heated either by forcing heated water or steam through the interior of the plates, or by running heated liquids through a parallel path that runs counter to the flow of the milk.

Step 1: Identify Failure Modes

The first step is to identify the potential ways that the system could fail. These are typically described very simply by identifying the way that the failure could occur. While this can be done directly, it may also include inputs from other types of analysis, such as HAZOP or fault tree analysis (not discussed in this chapter). For our milk pasteurization example, some of the potential failure modes are identified in the second column of Exhibit 21.2.

Step 2: Identify the Potential Effects

Once we have identified our potential modes of failure, we can identify the effects of those failures. These can be both local failures as well as systemwide impacts. As part of this analysis, we also need to consider the potential causes of the failure. For our milk pasteurization example, we might identify the effects for our failure modes from step 1, as shown in Exhibit 21.3.

Exhibit 21.2 Failure Modes – Example 1

Part: Heat transfer unit

Function: Transfer of heat to milk products in order to achieve pasteurization

Item

Failure Mode

Local Effect

System Effect

Potential Cause

Current Control

O

S

D

RPN

Recommended Action

1

Heating water too cold

2

Heating water too hot

3

No heating water flow

4

Heating water in milk flow

5

Structural

rupture

Part: Heat transfer unit

Function: Transfer of heat to milk products in order to achieve pasteurization

Item

Failure Mode

Local Effect

System Effect

Potential Cause

Current Control

O

S

D

RPN

Recommended Action

1

Heating water too cold

Plates do not get hot enough

Pasteurization is not achieved

Heating unit temperature controls inoperable

2

Heating water too hot

Plates get too hot

Milk is spoiled when protein is denatured

Heating unit temperature controls inoperable

3

No heating water flow

Plates do not heat at all

Pasteurization is not achieved

Water pump is inoperable

4

Heating water in milk flow

Milk flow is contaminated

Milk product has to be dumped

Leak in seals between plates

5

Structural

rupture

Loss of milk product and heating water

Milk product is lost /has to be dumped

Heating plates are not strong enough

Step 3: Identify the Criticality of the Failure

Once we have identified our potential modes of failure and the effects these might have on our process, we need to consider how critical these effects might be to our objective (in this case, the pasteurization of milk). This step provides us with a good understanding not only of our risks, but also of those risks we may want to address first. To complete this step, we need to consider what existing controls we already have in place, as well as:

• The likelihood of occurrence (O) of the effect

• The severity (S) of the effect if it were to occur

• The probability of detection (D) – how likely we are to know that the effect has occurred

Each of these factors is usually given a score from 1 to 10 (or any other relevant scale), with the higher scores representing greater levels of risk. Once each element is scored, they are summed to produce an overall risk score, which is represented by the risk priority number (RPN). While the absolute number produced is less important than the difference between the numbers for each effect, it can also be a useful way of aligning your risk treatment plan with your organizational risk appetite or tolerance levels. Once the RPN analysis is completed, the final step is to identify what corrective actions you might need to take to address the risk.

For our milk pasteurization example, we might make an assessment based on our failure modes and effects from the first two steps, as shown in Exhibit 21.4.

We can see from our example that if the milk gets too hot the factory will have to dump it as unfit for consumption. We can probably address this risk relatively easily by installing a centrally monitored temperature gauge (rather than relying on periodic physical checks), which will also let us monitor the high temperature condition.

The engineering example has shown how we would apply this technique to a hard or physical process. Now we will look at how we can apply the same technique to a soft process encountered in the law enforcement environment.

  • [1] For further detail on failure mode, effects, and criticality analysis, see page 46 (B13) of IEC/ISO 31010, "Risk Management – Risk Assessment Techniques."
  • [2] It is not necessary to be an engineer to follow this example – it is sufficient to understand the way the FMECA process is applied, and accept that the answers provided are accurate.
 
< Prev   CONTENTS   Next >

Related topics