How Corrective and Preventative Action, Root Cause Analysis and Risk Analysis Work Together for Strong Businesses

You’ve heard it many times. A child of about age 5 will perpetually ask “Why? Why? Why?” again and again. It’s kind of cute to observe and kind of annoying to be asked. Next thing you know, a question that started off as “Why is your cellphone making that noise?” either ends up in an exasperated “just because!” or an overly complicated explanation of spread-spectrum multiplexing.

Regardless of your organizational structure, industry, or people, you’ve got problems and potential problems. The world of manufacturing is no stranger to the formalized Corrective and Preventative Action (CAPA) process, but we’re finding more and more that smaller Mom & Pop stores, consulting companies, summer camps, and really every organization could use a step-by-step approach to addressing current issues or mitigating probable hazards. This is a “lite” overview of how most manufacturers go about dealing with systemic problems to serve as a primer for smaller business and non-manufacturers.

Fixing and preventing issues always starts with a good understanding of the problem. You might be surprised how often our clients chase down a problem but not the problem in their CAPA processes. To do it right, start with the 4W/2H/1C method. That means asking the following questions and documenting the answers.

  • What was negatively affected?
  • Where did the problem take place?
  • When was the problem discovered?
  • Who discovered the problem?
  • How much was affected?
  • How often has the problem occurred?
  • What are the consequences?

Once you’ve written a good description, move on to Root Cause Analysis – a process that identifies the first reason in what is normally a long chain of causes.

When you’re trying to solve your organization’s problems, it’s easy to leap to conclusions, or even just act like you understand the nature of a problem to save face. Be like a child. Simply ask “Why?” repetitively. Jenne Ketola and Kathy Roberts in Correct, Prevent, Improve suggest that one should ask “Why?” at least 5 times to get far enough into the cause(s).

There are likely many problems in your business, popping up like weeds. Until you 1) identify the most pressing, nutrient sucking ones and B) actually get down into the weeds and pull them up by the roots, you’re going to keep having them. Go as far down as possible and remove the root cause, or, just like a weed, it’ll probably grow back.

Once the real taproot has been identified, the problem solving part could go many ways. It’s really just a matter of brainstorming solutions, identifying the most reasonable one, and, importantly, monitoring and controlling the solution. That means 1) checking in to make sure the solution actually solves the problem and 2) ensuring that the solution is documented and enforced. The importance of documentation, and easy access to it, cannot be stressed enough. Many times a Corrective Action will be forgotten.

Preventative Action, in contrast, is far more efficient than correcting an existing problem. Here’s another gardening analogy: If you put plastic down around the plants you want to grow so there’s no sunlight for weeds, you won’t be dealing with very many unwanted plants.

Prevention usually starts with Risk Analysis, which should include elements of trend analysis, market analysis, organizational health analysis, SWOT analysis, etc. As we’re fond of saying, it’s not a matter of whether or not you have risk. You do. The question is: have you effectively mitigated the risk?

Risk comes in many forms. For a baker, it could be the risk of having e-coli in an ingredient, or an oven starting a fire. Risk mitigation (also known as Preventative Action), then, might look like having a search engine alert set for “e-coli” and a 6 month checkup on the fire extinguisher and smoke detector.

The riskiest factor may or may not have been something that occurred, so most analysts weight a risk’s significance off of several factors. In your rubric, you might include: Past or probable frequency, severity of cost or other factors, probability of detection, and many more, depending on your organization’s type of risk.

One of the most helpful things you can do is have an independent set of trained eyes come in and audit your business to audit and brainstorm with you about your problems and hazards. The Kafferlin Strategies team can tailor a session with you depending on your budgetary constraints, industry, location, number and severity of issues to address, and so forth. Contact us today if you’re interested.