March 28, 2014

Recorded Webinar and Q&A: Improve Your Risk Management with Two Fundamental Practices

Thanks to everyone who participated in the “Improve Your Risk Management with Two Fundamental Practices” webinar. The webinar recording is now available if you weren’t able to attend or if you would like to watch it again. Transcript from the webinar Q & A follows. During this recorded webinar, Anthony Washington of Seapine Software explains how to:
  • Collect and document the information necessary to carry out effective risk management
  • Conduct failure mode and effects analysis (FMEA) to mitigate risks during design
  • Use root cause analysis (RCA) to close the loop with preventive action


Can you expand on the various acronyms and abbreviations used throughout the webinar?

  • RCA: Root Cause Analysis
  • FMEA: Failure Mode Effects Analysis
  • FTA: Fault Tree Analysis
  • PHA: Preliminary Hazard Analysis
  • RPN: Risk Priority Number
  • SEV: Severity
  • OCC: Occurrence
  • DET: Detection

How are severity, occurrence, and detection figures derived?

Subject matter experts generally determine the severity as well as the likelihood of a risk occurring. SMEs can also let you know if there are any methods built into the tool that can help detect severity, occurrence, and detection figures.

How is the increased cost of a 24 hr. battery (for example) factored into product design decisions?

You have the ability to add custom fields that can include a cost factor, and make that a part of the process or decision about how you might mitigate a risk or address it.

When performing FMEA, I understand that you need an SME as part of your team. Should the business stakeholders also be involved in at least one of the FMEA sessions to identify business process initiated risks versus technical risks?

Yes, you usually want a cross-functional team. When forming the team you want to pick people who can provide needed information about the specific risk you are identifying. Because stakeholders have some direct involvement in the product itself, it would be appropriate for them to be involved in at least the initial meetings.

Do you support other risk management practices?

Yes, we support anything from FTAs to a basic risk management process where you just rank requirements. TestTrack is highly configurable and can be adapted to support most any risk management process.

Is there a sample database that is already configured with what you have shown?

You can contact Sales via email or our web site to request a product demonstration and/or evaluation. As part of that process, we can set up some examples to help you get started conducting risk management and analysis with TestTrack.

Does TestTrack automatically generate ID numbers for requirements, FMEA line items, RCA line items, issue/defect numbers, etc.? Can the IDs be customized with prefixes?

Yes, ID numbers are used for tracking. You can set prefixes and suffixes for various types of artifacts and work items.

How are sign-offs and approvals handled?

TestTrack includes sign-offs and approvals, so they’re a regular part of the work process. This saves time and ensures they’re done properly.

What if you have multiple controls for a particular potential cause in the FMEA? Do you lump them together to derive the detection level for the field or do you separate the controls to have individual detection levels?

You could do it either way. If kept separate, different fields can be used to define some type of aggregate to determine what the detection figures should be. Or lump them together and have the team working on the FMEA come up with a composite number and manage it that way.

How is the software licensed?

TestTrack is a client-server application available in the cloud or hosted on your server, and is licensed on a per-user basis. You can review our licensing information to learn more.

Can TestTrack calculate an RPN score?

Yes, an RPN score can be calculated using built-in calculated fields. Here’s a blog post that goes into more details on how that’s done with TestTrack.

Do you have an enterprise Risk Management Plan? If so, does it follow a specific standard?

We do not currently have an Enterprise Risk Management Plan. In working with customers over the years, we have discovered each company manages risk differently.  TestTrack is highly configurable and can support most Risk Management Plans used by our customers.

How do you capture risks that are not related to a product or process failure, but come from normal use conditions?

SMEs use their collective knowledge and experience to determine what risks may affect a product. Although we concentrated on process and product failures, you are correct that there could be a risk from normal use conditions. The example of the Home Version of the WysiPump actually looked at a risk based on normal use conditions. By marketing the same device for home use as was marketed to hospitals, a risk was created based on normal use of the product because the amount of training and complexity of the system could be a problem for home users. This prompted a re-design to eliminate the risk by reducing the products complexity.

Do you first identify risks through FMEA and then assign them to the requirement or do you use Test Track to do the risk identification?

Potential risks are identified throughout the development process, so it really depends. A business analyst who generates a requirement that they feel may pose some sort of risk may identify a risk. Or, a design engineer working on a more detailed set of requirements while assessing the design could also identify a risk. In these cases, an FMEA will need to be created. In TestTrack that need would be caught based on an initial assessment that an item potentially posed either a high or medium risk.  This could prompt a review by an SME to determine the merits of the risk and follow up with an FMEA.  This entire process can be automated in TestTrack to ensure the appropriate people are automatically notified when items are set to have a high or medium risk, or some other threshold you set based on your project.

Does TestTrack offer a working mode for PHA preliminary hazard analysis with a 2D risk graph (no detection)?

TestTrack offers a working mode for PHA using folders.  This mode also provides graphing support.

Does TestTrack have templates for setting up an FMEA process and/or RCA?

While TestTrack doesn’t include these templates by default, you can create templates for setting up both FMEA and RCA processes. This is something you can do on your own or the Seapine Services team can create as part of implementation.

Is this system completely auditable from a regulatory standpoint?

TestTrack provides a complete audit trail and history of each entry and edit that happens in the system. You can also validate audit trail records to ensure changes were made using TestTrack, versus other means such as editing an item directly in a database table.

Does TestTrack handle revision control and baselines of FMEAs or is it continually being updated?

Yes, there is complete historical information kept for all information in TestTrack. Baselines are taken as FMEAs are grouped into TestTrack documents on an as-needed basis, automatically based on your process, or a combination of both.

Could you recommend a good general reference on FMEA methodology and execution?

Sure. ASQ provides a general overview of FMEA on their web site: