SEARCH

Today's business climate is very competitive and there are demands coming from everywhere and everyone. There is constant and unrelenting pressure to improve: performance, sustainability, and innovation. These improvements are at the heart of Operational Excellence and are vital for companies to compete and succeed. However, the pursuit of operational excellence can end up becoming a means to itself. What a company focuses on often decides what kinds of outcomes happen. If you want to improve quality then adopting ISO 9000 may help you get there. However, if you adopt ISO 9000, by itself, it will not likely improve your quality. The same is true for operational excellence. The drive for operational excellence can end up becoming a series of projects to be completed while losing sight of the overall outcomes for the company. A casualty of this approach are the workers who are responsible to make improvements happen. And out of this group, the ones that feel most responsible are the ones that are most affected. Workers who feel responsible are often the most loyal to the organization and are the key supporters of improvement initiatives. They are the ones who understand how changes may impact those they work with. They understand not only how a change will impact what a person does, but as importantly, how it affects how they think and feel about the work they are doing. They are the ones who bring empathy into the discussion. Unfortunately, too often, people who show these kinds of insights are dismissed as projects soldier on towards completing the next improvement initiative. To make improvements stick it is important to not lose sight of the fact that people are responsible to make them happen. LEAN talks about this in terms of having respect for people. Design thinking calls this as the need to "Empathize". In fact, it suggests that empathy is the starting point for innovation which is exactly what companies need to improve operational excellence. Tim Cook, CEO at Apple, made the following statement at the 2017 commencement address at MIT: "When you keep people at the center of what you do, it can impact." The pursuit of operational excellence is crucial to organizations. To achieve better outcomes for both productivity and safety, companies must innovate. This will require change and not only once but on-going. Let's remember that at the center of these changes are people and they are the ones that make each improvement a reality. Plan -Do-Check-Act Questions: In what ways does your operational excellence program respect people? What would it look like if people were the center of improvement initiatives? How can empathy be incorporated more in how you approach continuous improvement? What step can you take to improve your approach to operational excellence? #OperationalExcellence #Empathy

Compliance programs depend on up to date technical information to support each process. This information includes such things as: process safety information, drawings, operating limits, set points, performance standards, equipment data, permits, quality records, procedures, calculations, risk analysis, and collected measurements. When this information is difficult to find, not available, or out of date this can lead to wrong decisions that impact the safe operations of the facility or at a minimum, create waste. Technical information is needed by many roles within an organization including: operators , to understand how to safely operate the facility asset owners , to determine if changes are replacement in kind or not maintenance, to know how to properly maintain equipment engineers , to understand how best to replace or improve processes safety specialists, to identify risk management , to assess compliance and performance Even with the importance that technical information has, it is not unusual to find that a significant amount of this information is not readily available and sometimes not available at all. The reasons for why this is case varies from company to company. However, there are some common themes as to why technical information is not easily found: It takes too long to find the information Knowledge of where information is stored resides with people that have left the company Information is stored in silos and not easily discovered or accessed Every system has its own way storing and finding information Information management processes and practices are inadequate Information systems have become unsustainable and cannot keep up There is no single role in the organization that is accountable for the management and use of technical information. These issues pose a significant challenge not only to the safe operations of facilities, but also to maintaining and operating processes as efficiently as possible. There is a lot of wasted time spent looking for information that is not necessary. Some analysts report that this can be as much as 20% of a person's day. The good news is that it is possible to improve how technical information is managed through relatively small improvements often using the technologies that are already in place within organizations. Conducting an information and systems audit is the first place to start. When making improvements, it is necessary to know the condition of your current processes and systems. An important outcome of an audit is the identification of what information is critical. This will help prioritize what improvements should happen first. Another important step is to understand the architecture and flow of information across the organization. Technical information has a particular flow and it is important that the right system is being used at the right place in the value chain. At a basic level, information is created during the execution of capital or maintenance projects, and then released to maintenance and operations. The following diagram can help visualize the flow of information across key systems and processes: The transition between each stage in the information flow can be a point of weakness in the overall system. So focusing on the system boundaries may help to significantly reduce information loss and improve reliable access to technical information. Improving the management of technical information is crucial and should be part of every operational excellence program. With knowledge and expertise walking out the door, as an aging workforce retires and the workforce is reduced, companies can no longer lean on the assumption that someone will know where the information is and that the information is up to date. Instead, companies need to improve their technical information management systems and processes to ensure that compliance and operating decisions are made with the right information, in a format that is understood, and at the time it is needed. Plan -Do-Check-Act Questions: What ways would your compliance programs improve if information was more readily available? What issues have you observed that hinder access to safety-critical information? Is the original design basis for process and equipment available to make replacement in kind determinations? If not then how can this be improved? What is your next target condition that you can begin taking steps towards? #TechnicalInformationManagement #Design #ProjectManagement

The need to comply with regulations and standards is a necessary part of every business. In fact, companies need to comply with several regulations and standards at the same time. How this is done can often lead to a duplication of effort and resources all of which contribute to waste. Within each organization there is often a different role for each compliance program. There is one for: quality, process safety, occupational health and safety, environmental, and so on. This structure often reflects the way accountability for safety is assigned. A benefit of this approach is that it allows each program to advance in maturity at different rates. At the same time, this can and often leads to separate systems each with their own procedures, practices, and supporting technologies. Without having a plan to leverage capabilities the overall compliance program can suffer from: a duplication of effort, inconsistent practices, and a slow down in advancement of overall compliance competencies. To counter this, companies can take common capabilities that are needed across the various compliance programs, and combine them to benefit from best practices, standard procedures, and shared tools and techniques. To illustrate this, the following chart highlights the elements that require the same or similar capabilities across ISO 9001, OSHA 1910 Process Safety, OHSAS 18001, and ISO 140001 standards: Compliance capabilities that are in common include: risk management, change management, document management, measurement and monitoring capabilities, and continuous improvement. A next step for companies could be to establish a common document management system, for example, and build out standard processes across their entire compliance program. By taking a capabilities view to compliance systems, companies can: Better understand what is needed to achieve compliance Leverage common capabilities to improve compliance outcomes Reduce waste in getting there Plan -Do-Check-Act Questions: What examples exist within your organization of using different systems to manage similar compliance elements? What practices are duplicated that could be standardized? What capabilities are lacking or inconsistent that if improved would significantly improve your compliance program outcomes? What step can you take to advance those improvements? #CompliancePrograms #ComplianceInitiatives

Many organizations are considering moving some or all of their applications and systems to the "Cloud." This applies to both productivity and mission critical business processes including compliance programs specifically those that support Environment, Health, Safety and Security (EHSS). When the phrase, "moving to the cloud", is used it can mean different things. Often, it refers to moving existing applications and systems to a cloud provider to host them. The primary motivation and outcome for doing so is cost reduction. However, moving to the cloud can mean more than simply changing the location of servers. It can also mean using applications built specifically for the cloud and what is known as "Software As A Service" or SAAS. Using these services can change how applications are used, data ownership, and the ability to integrate to existing productivity and mission critical systems. All of these can impact EHSS outcomes. In general, SAAS offerings are designed to provide a set of capabilities for a single purpose that can be used by many users (subscribers). The offerings will tend to have the following characteristics: Used for a single purpose - does one thing well (best in class) Can be used by multiple subscribers (tenants) Uses a single code base that is continuously updated - no concept of versions Cannot be customized (i.e. you cannot change the software) Supports limited integration capabilities - integration is usually with other cloud based services if they exist at all. Integration with on-premise systems are usually not supported. Offers some configurability - since the software cannot be changed, configuration must be built into the application which is often traded off against new features. Data storage and partitioning is shared - your data may be stored in the same database as other subscribers, may reside in another country, or could be accessible and used by the service provider. While traditional enterprise software will tend to have these characteristics: Used for multiple purposes - can do many things and used in different ways Often supports customization Provides extensive configuration capabilities Provides integration or a framework for third parties to develop integrations with other enterprise solutions Data is stored locally and usually accessible directly or through published API's EHSS applications reside somewhere between productivity and mission-critical processes depending on how compliance is viewed. Using this distinction can help understand the impact moving to the cloud has on EHSS systems. First of all, mission-critical processes and systems will likely remain on premise due to the high levels of customization estimated as 60% of the software solutions deployed today. Keeping EHSS applications on-premise may be necessary to achieve greater data integration with other compliance and mission-critical systems. However, in many organizations EHSS applications tend to be independent applications and may not have deep integrations with other systems. In these cases, SAAS offerings, which demand a consistent approach, may be seen as a benefit from a regulator point of view. Moving to the cloud may help provide a standard user experience which could result in: a reduction in training, greater process adoption, and reduced variability in how compliance is followed. These benefits could also be achieved by implementing application suites from a single vendor or through better integration. Organizations are also looking to transfer some risk to the SAAS provider. However, regulations may limit how much of the safety risk can be transferred to third parties. Moving to the cloud will have implications for compliance data specifically related to data residency and ownership. Transferring control of compliance data may expose companies to unacceptable risk. Moving to the cloud can also serve as a catalyst for improvement and establishing a more effective compliance platform. A process improvement initiative could achieve the same benefits. There are other factors to consider such as: service level agreements, vendor lock in, hybrid architectures, and so on. Organizations will need to look carefully at how compliance outcomes change as a result of moving to the cloud. The first step, and one that could generate immediate benefits, is to start with improving your existing process first. Plan -Do-Check-Act Questions: How will your compliance process outcomes change by moving to the cloud? What ways do these improve or advance the compliance program? In what ways could compliance programs be simplified by moving to the cloud? Are data ownership and residency issues properly addressed? What steps can you take to better understand and prepare moving your compliance process to the cloud? #ComplianceSolutions #cloud #EHSS

Innovation is necessary for growth and often requires that risks are taken. However, a common sentiment is that compliance is getting in the way. Compliance is taking away our ability to innovate and to be profitable. This is not only heard for new business development but also when changes are made to existing operations. The pharmaceutical sector is one of the most regulated in industrialized countries. FDA has strict requirements for verification and validation of products and services. The risks to patients are many so it makes sense to scrutinize every aspect from design to delivery of new products. Changes made during the product life-cycle can lead to re-validation and conducting more clinical trials all of which introduce delays to the introduction of the new drug or medical device. In 2005, the Quality Risk Management program ICH-Q9 was introduced to bring a risk based approach to this industry. This was extended to the medical device sector through the ISO14971 Risk management standard. These were introduced partially to address the question of risk management and innovation and so were welcomed by the industry and FDA. This risk based approach leveraged the ICH-Q8 standard which introduced, among other things, the concept of design space. A design space establishes parameters that have been demonstrated to provide quality assurance. Once a design space is approved, movements within it are not considered a change from a regulatory point of view. This creates a space within the agreed boundaries for innovation to occur. Now, let's consider the process sector where we discover a similar notion referred to as, "Replacement in Kind" or RIK. Replacement in Kind uses the idea that when changes are made to the "design basis" a Management of Change (MOC) process must be followed to manage risk. Otherwise, the change is considered a "replacement" and not a change from a regulatory point of view. In many ways, RIK has the same effect that design space has in the Pharma/Med Device sectors. They both define boundaries that allow certain changes to occur that will produce the same design outcomes. Unfortunately, one notable difference between the two is how design basis is currently managed in the process sector. Design information tends not to be as controlled or managed as it in the Pharma/Med Device industry. In fact, it is common in older facilities to find that the design basis is no longer even known and engineers and maintenance crews default to the manufacturer's specifications for the equipment, parts, or material replacements. This has the effect of reducing the options and innovations that might otherwise be available. In a fashion, improving the management of design basis could allow for more innovation in the process sector. More changes could be considered as RIK without increasing risk. This would result in fewer MOCs and fewer resources being spent redoing hazard analysis, risk assessments and so on. Companies need to innovate and at the same time "play it safe" when it comes to workers, the people around them, and the environment. This is not easy but necessary. Re-imagining the design change process may be a good first step to support more innovation and staying compliant both at same time. Plan -Do-Check-Act Questions: How important is innovation to achieving the outcomes your business has targeted? What would it look like if more innovation could occur without increasing risk? In what ways has compliance hindered innovation in your organization? What steps could be taken to manage risk and increase innovation in operations and maintenance processes? #Compliance #Innovation #Design

In the early days of computing, companies would take "Commercial Off the Shelf (COTS)" products and create solutions to address specific problems found in operating their business. There was an important distinction made between products and solutions. Sometimes they were the same, although most often they were not. Products provided a set of core capabilities such as: a database, a document repository, or business logic often in the form of workflows. Solution providers would take these components and design applications to meet their customer's requirements. This approach was widely used for compliance processes for many years. Solutions required integration of data and capabilities that could address the entire scope of the problem. This often created the tension between choosing a "Best of Breed" and "Best Integrated" offering sometimes called product suites. "Best of Breed" products delivered best in class functionality at the expense of providing more comprehensive set of capabilities. "Best Integrated" products focused on delivering broader capabilities that where either well connected or could be connected together more easily. In today's world, the number of applications is numerous and the technologies mystifying. Deciding what apps to use or what services to subscribe to can be daunting. For those who use cloud services will know it is not ideal or even effective to have dozens of subscription services working in isolation and not working together. Choosing between products and solutions is still an important consideration today as it was in previous years. Instead, of choosing from among various COTS products, companies are choosing between "Killer Apps" and "Killer Platforms." In many ways, organizations are facing the same issues they did years ago although the vocabulary and technologies have changed. Plan -Do-Check-Act Questions: Does your company treat products and solutions as the same and what impact has this had on the effectiveness of the information technologies you use? In what ways has the implementation of partial solutions hindered your compliance processes? In what ways can the strategic use of "Killer Apps" help advance compliance? What opportunities do you see might improve the solutions you use each day? What is the next target condition for improving a solution you use most? #Solutions #ComplianceSolutions

Using up to date procedures and safe work practices is essential for maintaining safety of your workforce. Document management systems play an important role as part of a compliance platform to manage and deliver the correct documents so that appropriate procedures can be followed. It has been over 30 years since the introduction of digital document and record management technologies. So you might expect this to be a solved problem by now. In today's world of the internet no one should be spending time looking for or wondering if the procedure they have is the correct one or not. However, significant time is still spent searching for information that is needed to perform work. Source: Time Searching for Information. There are several factors that contribute to why this is the case that include using: system silos, out-of-date information, poorly executed or non existing management practices, and so on. I often find that companies may not even know what information needs to be managed. Identifying the documents, forms, and procedures needed by personnel in safety-critical roles is an important step towards improving timely access to procedures and safe-work practices. However, the most important factor may well be the mindset around document management. When you view something as a "solved problem" there tends to be no attention given to maintaining the process let alone improving it. Is it time for your company to take another look at document management and how documents can be maintained and delivered in a timely manner? Plan -Do-Check-Act Questions: What "solved problems" do you see in your workplace that need improvement? Which roles are most effected by information that is: incorrect, out-of-date, or not available? What do people do when they can't find the information they need and how does this impact safety risk? What is the next target condition to improve access to critical procedures and what is the first step towards that objective? #DocumentManagement #RecordKeeping #Procedures #SafetyCriticalRoles