the Six Sigma quality measurement system help during the business
continuity management process? Paul Kirvan, FBCI, CBCP, CISSP, explores.
Business continuity, security and emergency
management are all process-driven activities. As such, it makes
sense to ensure that those processes are constantly being reviewed
and improved. Six Sigma is a process that ought to be considered
for these disciplines, as it deals with process improvement. This
article describes Six Sigma and makes the case for considering its
use in the business continuity, security and emergency management
What is Six Sigma?
By definition, the term Six Sigma defines an ideal measurement of
quality, known as 3.4 defects per one million occurrences. The mathematical
term sigma (Greek letter "s") defines a measure of variation,
such as the amount of variance around the average value of a process.
The sigma value, or standard deviation, indicates how well a process
is performing. From a measurement perspective, a higher value denotes
fewer defects per million opportunities.
In practice, Six Sigma can be defined as the
disciplined application of statistical problem-solving tools that
indicates wasteful costs and recommends specific steps for improvement.
Think of Six Sigma as the peak of quality - the virtual elimination
of defects from every product or process in an organisation.
This is an excellent position to aim for in
business continuity, security and emergency management.
Granted, the "unknowns" associated
with these three disciplines raise the question as to how many "defects"
can really be eliminated. Done properly, Six Sigma ensures that
internal processes are running at optimum efficiency. Zero defects
in business continuity, security and emergency management represent
a reasonable goal. It also makes good business sense.
Some of the reasons businesses implement Six Sigma include increased
earnings and profitability, improved customer satisfaction, a better
educated and productive workforce, improved employee problem solving
skills, and reduced capital spending. It appears we could also include
keeping business and government in business as one of those reasons.
Background on Six Sigma
While the mathematical history of standard deviation goes back to
18th century, Six Sigma as a measurement standard dates to the 1920's
when Walter Shewhart showed that three sigma from the mean is the
point where a process requires correction. Credit for coining the
term "Six Sigma" goes to a Motorola engineer named Bill
Smith. Six Sigma is a trademark of Motorola. Back in the 1980s,
Motorola believed quality measurement levels were not granular enough.
The company wanted a way to measure defects per million opportunities.
Motorola developed the Six Sigma standard and the methodology associated
with it. The company has documented over $16 billion in savings
through Six Sigma. Hundreds of companies worldwide have adopted
Financial issues with Six Sigma
Successful implementation of Six Sigma typically requires a company-wide
cultural adjustment. Like business continuity, investments are needed
to launch a Six Sigma activity. Implementing Six Sigma requires
training, organisational infrastructure and cultural evolution.
But what is the payoff? Although Six Sigma is typically associated
with large firms, with proper planning and follow-through it can
be adapted to small to medium enterprises. An examination of the
results of Six Sigma with some very large firms showed that savings
as a percentage of revenue vary from 1.2 percent to 4.5 percent.
However, the investment could be as much as 10-15 percent of revenues.
As might be imagined, the number of years needed to achieve these
results varies with each company.
How Six Sigma works
Different methodologies are used with Six Sigma. The primary version
is Define, Measure, Analyze, Improve, Control (DMAIC); the leading
alternate approach is Design For Six Sigma (DFSS).
DMAIC includes the following elements:
. Define the project goals and customer (internal and external)
. Measure the process to determine current performance
. Analyse and determine the root cause(s) of the defects
. Improve the process by eliminating defect root causes
. Control future process performance
DFSS means Design For Six Sigma, and contrasts
with DMAIC in that the phases or steps of DFSS are not universally
recognised or defined. It is more an approach than a methodology.
It is typically used to design or re-design a product or service
from the beginning. Several proposals for DFSS have been developed.
One example is DMADV, which includes the following elements:
. Define the project goals and customer (internal and external)
. Measure and determine customer needs and specifications; benchmark
competitors and industry
. Analyse the process options to meet the customer needs
. Design (detailed) the process to meet the customer needs
. Verify the design performance and ability to meet customer needs
The best way to differentiate between DMAIC and DFSS is to use the
former for improving existing products and services, and the latter
for new products and services.
Translating Six Sigma to business continuity, security,
and emergency management
So what is needed to use Six Sigma methodologies for improving business
continuity? First, it’s important to remember that Six Sigma
is a customer-focused process improvement methodology. By contrast,
the information technology (IT) environment tends to be service-oriented
and an enabling function. This differentiates it from core processes,
e.g., manufacturing, although IT is often a principal enabler of
Begin by recognising that:
1) Business continuity is a process;
2) It is customer-focused; and
3) Its customers may need that process. Break down business continuity
into its component processes from start to finish. Depending on
the level of detail, you may identify numerous sub-processes, such
as "develop emergency team" or "conduct plan exercise".
For these kinds of processes, ask your customers (of that particular
process) what it is they want.
Next, have the project team measure the activity as a process performance.
Let's look at a customer service centre as an example:
Customer requirements might be the following:
1) Availability (answer when called);
2) Response (do something when receiving a call);
3) Knowledgeable staff (address the situation during the call);
4) Safety (don't make the situation worse); and
5) Follow-through (ensure satisfaction; collect payments).
The measurable performance criteria for this
process might then be:
1) Availability: answer all calls between 0800
and 1800 within 30 seconds;
2) Response: log request and complete initial research for solution
within one minute, take action within 10-30 minutes depending on
the nature of the call;
3) Knowledge of staff: no returned calls needed, 98 percent of calls
satisfied on first attempt; and
5) Follow-through: all post-call activities completed within 5 minutes.
The principles of Six Sigma say that you should
not have calls coming in to Customer Service. Instead, you should
determine proactively why people are calling, and fix the root cause
so they don't have to call in the first place!
What we all want, for example, is a computer
that works all the time, is easy to use, does not fail, does what
we expect, and when things go wrong, someone is there quickly to
fix the problem. With some creative effort, it is possible to use
the Six Sigma methodology with business continuity.
Getting certified in Six Sigma
While there are several well-known certification bodies in BC, security,
and emergency management, no single body provides Six Sigma certification.
By contrast, virtually all of the firms providing Six Sigma training
and consulting also provide certification. This occurs because individuals
and companies spend a great deal of money - sometimes in excess
of $30,000 per individual - to become trained. Hence, certification
is a popular add-on service for consulting companies because it
lets them differentiate among skills levels, as well as charge additional
Six Sigma certification includes learning the appropriate subject
matter, passing a written proficiency test, and displaying competency
in a hands-on environment. Materials can be purchased from almost
any Six Sigma training and consulting company, but almost always
come bundled with classroom training.
Purchase a training session, which has different
bodies of knowledge and time frames for each Six Sigma level (green
belt, black belt, master black belt, sponsor, etc.). The training
company or the business hiring the training company may give the
written proficiency test. Typically, companies new to Six Sigma
defer to the training firm's proficiency test, while companies with
in-house Six Sigma training (e.g. Motorola, GE) manage their own
written proficiency tests.
After initial training, candidates must complete one or two quality
projects and display competency in applying the concepts learned
in the classroom. Certification requirements differ across the board.
Further, there is no standard for what passes and what fails to
display an individual's competency. And yet, the popularity of Six
Sigma continues to grow.
Six Sigma has been described as a critical business tool for the
21st century. Many books, articles, conferences, and web sites exist
to support Six Sigma. Could the business continuity, security and
emergency management professions benefit from Six Sigma?
MAKE A COMMENT
This article was first published in CPM Magazine
PRINT FRIENDLY VERSION (pdf)
1st October 2004 •Region: World •Type:
Article •Topic: BC
Rate this article or
make a comment - click