Sal Lucido, VP Enterprise Solutions, AssurX
In Part I, Part II and Part III of this series we discussed the benefits of using a closed-loop process for managing regulatory compliance (pictured below). 
We discussed how setting up Key Performance Indicators (KPIs) that monitor performance to goals is a good way to Check that processes are working properly thus reducing the need to perform manual audits of a given operation. We also looked at how to collect and process problem information ensures that the right information is collected, the problem is contained and that the root cause is identified. This sets us up for the next step, which is to fix the problem by executing a Corrective Preventive Action (CAPA) project.
The primary goal of this step is to implement changes that correct (corrective action) the problems and prevent recurrence (preventive action). This is where we get our payoff; this is where we ‘close’ the loop. Remember the overall goal is to systematically and continuously improve regulatory compliance. The inputs we will need to execute the CAPA project are show in Figure 1 (below).
Corrective Action Inputs
Problem Scope: Determine the boundaries of the problem we are trying to solve. Trending helps determine the scope. If the scope is too narrow the project will not address all of the future potential issues. If the scope is too broad the project may be too time consuming and expensive.
Root Cause(s): In the previous step we determined the root cause or causes. Check that the corrective actions taken in the project address all of the causes.
Project Schedule: Determine how long this project is expected to take or how long you want to allow it to take. Time is money. This will guide your resource loading decisions.
Project Costs: Determine the overall project budget. Include all labor and material costs.
Determining the Root Cause or Causes is a crucial part of the process. Here are two effective methods for making this determination. The Eight Discipline workflow shown in Figure 2 is optimized for larger, multi-member team projects.
8 Discipline Workflow
The Five Why Methodology shown in Figure 3 is an effective technique for separating symptoms from causes. The example in the diagram illustrates this process.
5 Why Methodology Principle: Five or more iterations of asking why is generally sufficient to get to a root cause.
Once you have all of this information you can execute the CAPA project. The CAPA project outputs are shown in Figure 4.
Corrective Action Outputs
Action Items: Define and assign each task that needs to be completed. Unassigned tasks never get done.
Due Dates: Refer to your project schedule and consider the order of action item execution to set target due dates for each task. With team projects have each member report progress to due dates. Missing due dates is a symptom of a problem with the project (not enough resources, unclear tasks, etc.). Address these to keep the project on schedule and budget.
Document Changes: If you don’t change the ‘process’ and/or ‘product’, which are documented in your ‘procedures’ and/or ‘specifications’ – then you are not improving your operations. Remember what Einstein said: “Insanity is defined as doing the same thing over and over again and expecting different results.”
Notification and Training: If a tree falls in the forest and no one is around to hear it, does it make a sound? The same can be asked of CAPA projects. If process and products are change and no one is notified or trained on these changes, did we make an improvement? I know the answer to the second question, no.
Verification: Check to make sure the project solved the problem. This step usually takes place sometime after the project is completed. Set up the verification criteria and date before closing the project.
And there you have it – we have closed the loop. We have defined how a closed loop process defined by what I call the “Circle of Compliance” is used to automate a process that continuously “pulls” the operations toward meeting regulations. By replacing a manual ‘audit’ and ‘check’ routine with this process your company saves time and money while improving its ability to comply with industry regulations. This is the definition of a win-win situation.
Sal Lucido is Vice President, Enterprise Solutions at AssurX, Inc. You can follow him athttp://twitter.com/ComplianceTips
Risk management is one of those terms that is often used a bit too loosely, warns AssurX’s Sal Lucido. “People say ‘risk management’ but it can mean very different things to people working at different parts of a company.”
The other trend we are seeing is that companies are looking to move beyond just documenting risks and listing mitigation efforts. They are looking for 
In comments filed last month, the 
The 2009 Annual 
The CATSWeb Measurements feature makes it easy to track performance to goals, monitor trends and automatically send performance-based alerts. Measurements can be added to executive and corporate dashboards to provide important, easy to read, quality metrics information. Not only does this give you feedback about your performance to goal and trends, it also allows you to focus your resources on the areas of the business that need attention. Detailed information can be easily accessed by clicking on the metric of interest. All this is done within CATSWeb without relying on any third party tools or add-ons.
As we all know on August 8, 2005, President Bush signed into law the