The TOM Magaz·ne

Quality and risk management:

what are the key issues?
Roger Williams
Erasmus University Rotterdam, Rotterdam, The Netherlands
Boudewijn Bertsch
Erasmus University Rotterdam, Rotterdam, The Netherlands
Barrie Dale
University of Manchester, Manchester, UK
Ton van der Wiele
Erasmus University Rotterdam, Rotterdam, The Netherlands
Jos van lwaarden
Erasmus University Rotterdam, Rotterdam, The Netherlands
Mark Smith
Accenture pie, London, UK
Rolf Visser
KNSF, Amsterdam, The Netherlands

The TQM Magazine, Vol. 18 No. 1, 2006,

© Emerald Group Publishing Lim ited, 0954-478X
 This journal is also available online at:
The TQM Magazine aims to bring ideas, tase studies,
reviews and techniques to primarilywor1dng managers Journal information
and the scholars and researchers who serve them in www.emeraldinsight.com/ tqm.htm
helping organizations manage and Improve quality.
The TQM Magazine seeks to add value for subscribers by Table of contents
acting as a gateway to the best of other material www .emeraldlnsight.com/ 0954-478X.htm
published in quality management and by providing an
expanding information source using available media Internet services available worldwide
Including the Internet. at www.emeraldlnsight.com
Emerald Group Publishing Limited
60/ 62 Toller Lane, Bradford
ISSN 0954-478X BOB 9BY, United Kingdom
Tel +44 (o) 1274 777700 ll\"VESTOR PEOPLE
© 2006 Emerald Group Publishing Limited Fax +44 (o) 1274 785200
C'(

E-mail lnformation@emeraldinslght.com

CONSULTING EDITOR Regional offices:

Professor Mohamed Zairi for North Amerlta
E-mail: M.Zairi@bradford .ac.uk Emerald, 875 Massachusetts Avenue. 71h Floor,
Cambridge, MA 02139, USA
EDITOR Tel Toll free +1888 622 0075; Fax +1 617 354 6875
E-mail amerlca@emeraldlnslght.com
Dr Alex Douglas
for Japan
Liverpool John Moores University, UK Emerald, 3-22-7 Oowada, lchikawa-shi, Chiba,
BOOK REVIEW EDITOR 272-0025. lapan
Tel +81 47 393 7322; Fax +81 47 393 7323
K. Narasimhan E-mail Japan@emeraldlnslghLcom
The University of Bolton, UK for Asia Pacific
Emerald, 7-2, 7th Floor, Menara KLH, Bandar Puchong lava.
RESEARCH REVIEW EDITOR 47100 Puchong, Selangor, Malaysia
Professor LC. Koo Tel +60 3 8076 6009; Fax +60 3 8076 6007
E-mail aslapaclfic@emeraldlnslght.com
Asia International Open University
(MACAU), China For China
Emerald, 12th Floor, Beijing Modern Palace Building No.
MANAGING EDITOR 20, Dongsanhuan Nanlu, Chaoyang District, Beijing
100022, China
Rosie Knowles Tel +86 (o) 10 6776 2231; Fax +86 (o) 10 6779 9806
E-mail chlna@emeraldlnslght.com

Customer helpdesk:
Tel +44 (o) 1274 785278; Fax +44 (o) 1274 785204;
E-mail support@emeraldinsight.com
Web www.emeraldinsight.com/ customert:harter

Orders, subscription and missing claims enquiries:

E-mail subscrlptlons@emeraldlnsight.com
Tel •44 (o) 1274 m100; Fax +44 (o) 1274 785200

Missing issue claims will be fulfilled if claimed within four

months of date of despatch. Maximum of one claim per
issue.
Reprints service:
Tel +44 (o) 1274 785135
E-mail reprinls@emeraldlnslght.com
Awarded in recognition of Web www.emeraldlnslght.com/ reprints
Emerald's production Permissions service:
department's adherence to Tel +44 (o) 1274 785139
quality systems and E-mail permissions@emeraldinslght.com
processes when preparing Web www.emeraldlnsight.com/ permlsslons
No part of this journal may b' r' productd, stored in a retrieval
scholarly journals for print system. transmitted in any form or by any muns electronic.
mechanical photocopying, recording or otherwise without either the
prior written ptrmission of the publisher or a licence permitting
restricted copying issued in the UK by The Copyright licensing Agency
The TQM Magazine and In th• USA by Th• Copyright Cltaranct Ctnttr. No ruponslblllty
is indexed and abstracted in: is accepted for the accuracy of information contained in the tut,
Cabell's Dictionary of Publishing Opportunities In illustrations or advertisements. The opinions u pressed In the
Management and Marketing articles art not ntc~sarily those of the Editor or the publisher.
Emerald Reviews (formerly Anbar) Emerald is a trading name of Emerald Group
Management & Marketing Abstracts
Publishing Limited
Researt:h Trends In Advanced Manufacturing
Scopus Printed by Printhaus Group Ltd, Scirocco Closo,
Technical Education and Training Abstracts Moulton Parlt, Northampton NN3 6HE
 ~ The current issue and full text archive of this journal is available at
~ www.em eraldinsight.com/0954-4 78X.htm

Quality and risk

Quality and risk management: management
what are the key issues?
Roger Williams and Boudewijn Bertsch
Erasmus University Rotterdam, Rotterdam, The Netherlands 67
Barrie Dale
University of Manchester, Manchester, UK
Ton van der Wiele and Jos van Iwaarden
Erasmus University Rotterdam,, Rotterdam, The Netherkmds
Mark Smith
Accenture plc, London, UK, and
Rolf Visser
KNSF, Anislerdam, The Netherlands
A b stract
P urpose - The purpose of this paper is to examine the field of risk management in relation to the
connection to quality management. It poses and attempts to answer three questions. What can quality
teach risk management? What can risk management teach quality? What must both risk and quality
management still learn? This is an area which has so far not been explored by the quality management
fraternity.
Design/methodology/approach - The examination is built on more than 20 years' experience in
the area of quality management and extensive involvement in recent developments around risk
management (e.g. the Australian/New Zealand standard for risk management - AS/NZ4360, the
development of a risk management model by the European Foundation for Quality Management, and
the launch of risk-based instruments by a number of private companies),
Findings - Amongst the major findings are that there are three types of risks: predictable risks that
organisations know they face; the risks which an organisation knows it might run but which are
caused by chance; and the risks which organisations do not know they are running.
Pract ical imp lications - It is pointed out that in the past the challenge for quality management
professionals was to support process and design improvements, but the challenge of the furure is to
improve relationships in order to reduce and manage the most important risks.
Originality/value - The paper outlines how the quality management discipline can help with the
management of these types of risks.
Keywords Risk management, Quality management
P aper type Conceptual paper

What is risk management?

Risk management has many definitions, most of which are in broad te1ms. For
example, the Committee of Sponsoring Organisations of the Treadway Commission in
the USA define it as follows (Committee of Sponsoring Organisations, 2004, p. 6): The TQyl ~1agazine
Vol JS No, J, 2006
Enterprise Risk Management (ERJ\1) is a process, affected by an entities [sic] board of pp. 6i ·86
C Emerald Group Publishing Limited
d irectors, management and other personnel, applied in strategy setting and across the <Yil54478X
enterprise, designed to identify potential events that may affect the entity, and manage risk to DOI JO.I JOl'I095-14i&l6J0637703
TQM be within its risk appetite, to provide reasonable assurance regarding the achievement of
entity objectives.
18,1
The European Foundation for Quality Management (2005) are somewhat less verbose.
They define it as:
The systematic use of organisation-wide processes to identify, assess, manage, and
68 monitor risks - such that aggregated information can be used to protect, release, and
create value.
Put simply, risk management aims to provide decision makers with a systematic
approach to coping with risk and uncertainty.
Managing risks is of course nothing new. Typically, risks have been managed
mainly by intuition, experience and gut feel. What is new in the aforementioned
definitions is the systematic approach. The push was triggered by financial problems
at the end of the last century v.~th the dot.com boom and bust and the legal actions
taken against various top managers in the USA and Europe. The consequence has been
major multiplication of legislation and governance body recommendations, especially
in the financial field where Basel 1 (Bank for International Settlements) has quickly
been followed by Basel 2. And in a more general vein, the Sarbanes Oxley Act of 2002
has forced all companies quoted on the US stock exchange to spend considerable sums
of money in order to have their control systems ready for the January 2005 deadline.
In non-financial companies, interest has not been so driven by external bodies but
rather by the realisation that for many of them the risks involved in doing business
have multiplied in recent times. This has been because of the increased uncertainty in
the environments in which they have to operate. For many companies, a stable outside
environment has ceased to exist, ~th it becoming much more volatile and far less
controllable for many closely inte1Telated reasons. Amongst the changes which have
OCCUITed are:
• the financial markets have become totally global and their increasing volatility
has put pressure on organisations to compete for available monies;
• the major expansion of low-wage areas, especially China and India, has increased
the complexity of competition and logistics and supply with a subsequent
increase in volatility;
• the volatility of price in many items has grown - growth in internet usage has
meant increasing price transparency in many markets;
• the volatility of customers has meant an increase in demands for innovation and
for continuously improving price/performance ratios;
• the proliferation of media sources \·ia the internet, TV, p1int, mobile telephones,
etc. has meant that communicating with customers has become more
complicated.
• the concentration of buying power in a few hands, plus the automation of
bar-coded information, has brought major shifts of power between many
suppliers and a few major customers: this has increased uncertainty for
suppliers;
• the volatility of governments and their demands on organisations has grown;
and
 • volatility of technological breakthroughs: in many industries all possible simple Quality and risk
technological advances have now been completed, with only technological
management
breakthroughs remaining, which, by definition, result in major disruptions and
volatility.

Many Western organisations have reacted to this new environment by downsizing,

outsourcing and forging new alliances. They have attempted to reduce their risk levels 69
by contracting out much of what they previously did themselves. And in many cases it - - - - - - - -
is not just relatively unimportant support activities that have been contracted out but
also more central parts of their former activities. Interdependence has therefore grown.
T here is more interconnectedness between organisations, which means that the power
is now distributed around a network rather than being concentrated in one pair of
hands. And by so doing, organisations have of course reduced their O\Vn power to
influence the situation, thus only increasing the uncertainty and unpredictability of
their business environments.
Given these trends, it is perhaps hardly surprising that the importance of risk
management is beginning to be recognised by regulators and investors inside as well
as outside the financial field.

How to manage risk? - the models

In their attempts to manage risks, most organisations will differentiate between three
main types. First, there are risks which must be managed; that is to say regulatory
bodies and/or governments demand this of operators in a particular field, and most
often the quality of management is also externally assessed. Many environmental risks
come into this category. Second, there are the classic risks of internal and external
fraud and theft inherent in any business dealing with money. These risks are different
because in general they are not so well externally policed. However, they are inherent
in financial institutions and so departments such as internal audit have had time to
develop and form systems to manage them. The third type of risks are those where
there is no clear external body forcing compliance with some projected method of
management and there is no clear self-preservation reason for the organisation to by
and manage them. These are optional risks. An organisation can choose whether to
manage them or not - and to what degree, along with their risk profile. It is these kinds
of risk that the risk management models target. There are many popular models for
managing risk but most are based on the original pioneering work undertaken in
Ausn·alia and New Zealand and are to be found in the AUNZ standard number 4360
first published in 1999, updated in 2004. Between this and other models such as the
ERM framework prepared by the Committee of Sponsoring Organisations (COSO) of
the T readway Commission, strong similarities can be found. The AUNZ standard
framework is taken as the p1imary model in this paper (Standards Australia and
Standards New Zealand, 2004a, b).
There is a wide range of possibilities ranging from "do nothing at all" to attempting
to nullify the effect of each and every identified risk. This decision, like so many
management problems, will be a trade-off based on comparing the cost/likelihood of
insurance with the cost/likelihood of risk. In order to manage these optional risks, the
models suggest that three steps are necessary:
TQM (1) risk recognition;
18,1 (2) risk prioritisation; and
(3) risk management.

The three phases and the s teps in the process are presented in Figure l.
With respect to the first risk, the assessment task is to understand what is at risk
70 and what events could potentially cause harm or benefits. The risk recognition phase
has two parts:
(1) context establishment, which defines what is at risk; and
(2) risk identification, which covers the identification within the established
context of uncertain events that could cause harm or benefits, their
associated causes and their potential consequences.

Once the risks have been identified, the next stage is to understand the nature and level
of the risks, so that they can be managed in an appropriate manner. This risk
prioritisation phase has two parts. This first is risk analysis, which is based on
likelihood and consequence. Likelihood depends on the probability of occuiTence and
the frequency of activity. The consequence can be measmed in many ways, such as
effects on results or on the enablers of results. The second is risk evaluation. After an
analysis has been undertaken, risks· are evaluated against an appropriate
risk-acceptance criterion to give a ranking, for example "low" (tolerable), "medium"
(which should be as low as reasonably practicable), and "high" (intolerable). Risk
assessment is then made and can take place either quantitatively or qualitatively using
techniques such as the facilitated workshop.
Once a risk assessment has been completed, the risk profile of an organisation can
be determined. This shows the scale and complexity of risks faced and depicts the
number of risks for each level. It is a representation of the risk exposure of the
organisation, which ideally equates to the risk capacity (the maximum resource that

Eslllblish the Context

R"k}
recognition
Identify Risks
:;
"'c0 Analyse Risks
0
~
u Likelihood Consequences :::!.
Risk
-0
c Q
= Level of Risk "'c..
::;

.§"
prioritisation
:::::
=
E Evaluate Risks
(')
<
;;·
E :;:
0
Figure L u yes
Risk assessment process
(Standards Australia and
Standards l\ew Zealand,
R;,k}
management no
2004a, b) Treat Risks
the organisation is willing to put at risk) and risk appetite (the amount of risk the Quality and risk
organisation is willing to take).
The next stage in the process of risk management is the management of the
management
risks which have been identified and prioritised. The way risks are managed can
again be categorised in different ways. Perhaps the simplest of these is the "four
Ts" (European Foundation for Quality Management, 2005), shown in Figure 2.
The "four Ts" model sets out four ways of dealing with unacceptable risks: 71
• tenninate - cease activities related to the risk (e.g. giving up smoking avoids
associated health risks);
• treat - add control measures or contingency plans to manage the likelihood and
consequence of events (e.g. wearing a hard hat reduces the consequences of being
hit by a falling object): additional control measures or contingency plans become
pa1t of the management system.
• tolerate - accept the risk; and
• transfer - move the impact of risks to another entity (e.g. insurance).
A fifth approach to managing risk (i.e. a fifth "T", we might call "trade-off''), which is
often used by the financial sector, is risk neutralisation. This is the offsetting of 1isks
against each other, so they cancel each other out (e.g. pooling and hedging are both 1isk
neutralisation methods).
The EFQM, true to its more quality-orientated background, stresses two final stages
which are passed over somewhat faster in some other models (e.g. the Treadwell
Commission (Committee of Sponsoring Organisations, 2004) and the AUNZ standard
(Standards Australia and Standards New Zealand, 2004a, b)). These stages are the
review and learning and improvement stages. They involve comprehensive monitoring
so that the review system is based on facts and reviews the entire system to draw out
the learning points and to drive continuous improvement. Most approaches also
emphasise that the risk management system should be linked to punishment and
reward systems (e.g. transgressors should be punished strongly).
This whole process has been developed by the European Foundation for Quality
Management (2005) into what they describe as a risk assurance management system.
They argue that this is needed to ensure that planned Iisk management activities are
implemented as intended and that lessons learned drive fmther improvements. Risk
assurance management systems are, in general, constructed around a continuous
improvement loop. An example of a generic risk assurance management system as
suggested by the European Foundation for Quality Management (2005) is given in
Figure 3.

TERMINATE TREAT TOLERATE TRANSFER

Avoid or Risk and Acceptable Insurance
eliminate and/or Loss and/or level and/or or
the loss Control of Non- Figw-e 2.
exposure Activities risk Insurance The four Ts
TQM
18,1

72

Figure 3.
Generic risk assurance
management system
Source: EFQM (2005)

This generic system has five main phases:

(1) Policy - a statement of intent for risk management. It states why risk
management is being carried out and what success will look like.
(2) Planning - outlines the strategy for achieving that success.
(3) Implementation - all the activities for managing risks set out in the plan.
"Control mechanisms" encompasses a v.ride range of activities, including
training.
(4) Monitoring - the monitoring of the system, so that the review phase is based on
fact.
(5) Review - reviews the entire system to draw out learning points, and drives
continuous improvement.

Based on this analysis, it is concluded that risk management is clearly in1portant for
many organisations. To help them, a number of comprehensive risk management
models, systems and procedures have been developed. However, there are other ways
in which quality management experience and expertise might be able to assist. T hese
are now examined.

What can risk management learn from quality management?

We feel that there are three major ways in which quality management e>.'Perience and
expertise can assist the risk management world. They are:
(1) in distinguishing between risks which can, and which cannot, be treated
statistically;
 (2) through knowledge and experience in managing key processes; and Quality and risk
(3) in implementing major organisational and cultural change. management
Building databases and using statistics
Th~re is a strong tendency, especially in the financial area, to use advanced statistical
techniques and model building in order to estimate risks. But such model building is
only possible if relevant databases can be constructed which advanced statistics and 73
multiple criteria decision making can then examine. If the causes of risk are so diverse
and idiosyncratic that no reliable database can be made, then such statistics can no
longer be used.
The problem is similar to one which is well known in quality management
(Shewhart, 1931; Juran and Blanton Godfrey, 1998; Deming, 1986). Shewhart (1931)
outlined this very clearly. He was concerned, of course, with sources of variation rather
than with accurate prediction of any specific risk factor, but the essence of his findings
is still relevant. Shewhart pointed out that in all forms of prediction there is an element
of chance. If the influence of any particular chance cause is very small, and if the
number of chance causes of variation are very large and relatively constant, then there
is a situation where the variation is predictable within limits. However, not all
phenomena arise from constant systems of chance causes. At times, the variation is
caused by a source of variation that is not part of the constant system. Shewhart (1931)
called these sources of variation assignable causes. Experience indicates that these
assignable causes of variation, through the application of statistical tools, can usually
be found without undue difficulty, leading to a process with less variation. The
importance of differentiating between chance and special causes is basic in quality
management, and yet it seems strangely unemphasised in much risk management.
A similar point has been made by Chenhall (2003), who differentiates between what
he calls "uncertainty" or "unpredictability" and risk. Risk is concerned with situations
in which relevant databases can be built up and thus probabilities attached to
particular events occurring. Such risks as capital credit and physical security fall into
this category. This opens the way to advanced statistical techniques and model
building and gives clear indications for parameter estimation. This means that risks
can be managed by a depa1tment of statisticians and risk specialists reporting to top
management.
In contrast to risk, uncertainty describes situations in which probabilities cannot be
attached and where elements of the environment may not be predictable. Some risks
are low-certainty, one-off events, and where there is little or no history to work on. So,
no databases can be built up or models easily developed. In such situations where the
data is Jacking and there is still a need for prediction, the normal recourse has been to
"expert" estimations. Experts can be composed of facilitated workgroups of the
persons most involved, or even specialist outsiders, but the results have not been very
satisfactory (e.g. Newton et al., 2004). This is hardly surprising given what we know
about the individual psychology of perception. The problems have been well
summarised by Bazerman and Watkins (2004) and have to do with well-recognised
biases in the way people think, such as self-serving illusions and over-commitment, as
well as the tendency to stick with the status quo and to discount the future. People
apparently exist in a state of denial that leads them to undervalue 1isks. In addition,
they overly discount the future, reducing their willingness to invest in the present to
TQM prevent some disaster that may be quite distant. People also try to maintain the status
18,1 quo, creating a barrier to the dramatic changes that may be needed in order to perceive
some potential risks. Finally, many are more willing to run the risk of incuning a large
but small-probability Joss in the future, rather than to accept a smaller yet certain loss
now (Bazerman and Watkins, 2004). People in general do not want to invest in
preventing a problem that they have not e:Kperienced and can hardly bear to imagine.
74 Thus, far too often, they only address problems after the Joss or mistake has actually
occurred.
All of these biases share something in common: people tend to see the world as they
would like it to be, rather than as it truly is - not a very suitable approach for
recognising and estimating risks! If relevant databases cannot be built up, and
objective statistical tools used to estimate risk, then any reliance on individuals,
whether experts or practitioners, can clearly be fraught with danger.

Managing key processes

Operational risk is for many organisations the most common form of risk, and is often
regarded as the most dangerous. Yet it is precisely this kind of risk that we feel quality
management experience and expe1tise is best equipped to handle.
Operational risk is clearly very common since it is "the risk of loss resulting from
inadequate or failed internal processes, people, and systems or from external events"
(Basel Committee on Banking Supervision, 2003). It is therefore very broad, covering
clients, products and business practices, business disruption and system failures, and
execution delivery as well as fraud. It is often regarded as perhaps the most dangerous
type of risk for three main reasons:
(1) Because the lisks falling into this category are often idiosyncratic and vary
widely depending on the company and its market situation. So, there can be no
standard procedures. And the problems involved in defining what data are
relevant to operational risk and its management are therefore very complex (e.g.
Power, 2003).
(2) Operational lisks are interrelated in complex ways, and, as a consequence, they
can be very difficult to manage. In an uncertain environment, measures taken to
reduce one operational risk may have the unfortunate effect of increasing risk in
other areas. For example, because of global competition, many organisations
over the last ten years have had to implement more flexible, faster innovation to
achieve more profitable sales. But this has meant increased operational risk
because it involves and depends upon key suppliers and leads to shorter
product life with consequent rises in the costs of stocks of finished products. In
addition, global competition for funds has meant this innovation drive has been
accompanied by a cost-cutting initiative in terms of stocks of raw materials and
components as well as of finished stocks. This has increased the pressure on
suppliers and thus the operational risk that the supply chain will fail. But these
two attempts at reducing risks are contradictory; the organisation is
increasingly reliant on suppliers for innovation, but at the same time, it has
to squeeze them on p1ice and delivery to cut costs.
(3) Operating risks can have major impact on other risks (e.g. Mittelstaedt, 2005).
For example, the substantial losses that brought down Barings Bank in 1995
 are seen as largely caused by operational rather than any other type of risk Quality and risk
(Geiger, 2000). The cause was a grossly negligent breach of recognised internal
control procedures - a clear operational risk. But the effect was a totally
management
unexpected loss of market value - which is market risk. This impact on other
risks has been highlighted by a recent review study of some 350 operational
risk events in financial institutions since 1990 (Dunnett et al., 2005). This
showed dearly that, in the finance world, the market value of a company can 75
deteriorate to a much greater extent because of perceived damage to trust than - - - - - - - -
the actual financial loss incurred.

It is therefore hardly surprising that operational risks have long been seen as
dangerous in non-financial circles, but recent events have shown that their power has
also been realised in the financial world. For example, the banking supervisors
assumed in 1999 on the basis of surveys that no less than 25 percent of current
regulatory capital was needed to allow for operational risk (Basel Committee on
Banking Supervision, 1996). However, not every operational loss should be seen as a
risk; only the unexpected ones - and the unacceptable ones. Only those losses are
designated as risks, which exceed the expected losses that have already been factored
into the price. If an organisation accepts the risk of a new supplier it does so on the
proviso that the new supplier is providing goods or services at lower costs. The added
risk that comes from lack of experience of the supplier should be covered by the
savings in the cost of supply.
Similarly, an organisation may accept that because of its style of hire and fire it may
run a high risk of minor theft. This reflects its capacity to take on risks and its attitude
to risk. But it may find it totally unacceptable that such a policy leads to a higher risk
of leakage of confidential information to competitors.
So, operational risks are common and can be dangerous. T he reason why quality
management experience and e>..'J)ertise may be useful is because, in contrast to many
other types of risk, the causes of operational 1isk are seen to lie largely vvithin the
organisation - and therefore within the organisation's own power to eliminate (Geiger,
2000). These risks are often the results of poor management of key processes by the
organisation and its staff. Quality management has spent many years developing tools
and techniques to manage processes and therefore can play a key role in helping to
manage these 1isks. Examples of tools and techniques are:
• making processes more transparent (e.g. by service blueprinting or service
mapping; Shostack, 1987);
• identification of critical points in processes; and
• development of measurements in relation to those critical points.

Other tools that have been developed are, for example, poka yolle systems, robust
designs of products and processes, failure mode and effects analysis, fault tree
analysis, process decision program charts, etc.

Managing major 01ganisational and cultural change

The rapid spread of government legislation and the demands of governance bodies in
the area of 1isk management have forced many organisations, especially in the financial
field, to spend large amounts of time and effort ensuring they comply with all that is
TQM required of them. Compliance can all too easily give rise to complacency, the feeling that
18,l if the organisation has complied with all demands made upon it, usually through the use
by specialised professionals of sophisticated modelling techniques, then it is safe from
risk. However, much of the risk that organisations face does not lend itself to being
managed in this way. The aim of most risk management systems might well be accuracy
- accuracy in identifying, prioritising and then managing risks. But in an uncertain
76 business environment, and for the types of risk that do not allow the building up of
databases, accuracy of risk and loss predictions is likely to be very weak.
So, risk management cannot be a one-off stand-alone task that can be managed by
top management and implemented by a few specialists. Many risks, such as
operational risks, are unpredictable and can arise any time anywhere in the
organisation, and this means that all personnel must be aware and committed. Only if
all key people are involved and committed to risk management will they be aware of
the possible importance of any weak danger signals they might encounter. Risk
management needs systems which are implemented interactively, with people at all
levels and of all statuses able to discuss openly without fear of retribution. Only then
can they become involved and committed.
So the objective of the models, in this context, should not be to strive for accuracy,
which is impossible, but rather to aim for total involvement and commitment from all
staff: the aim should be a change in attitude and attention from all management and
personnel. That is, a cultural shift from a focus on controls to an atmosphere in which the
possible dangers live for all and there is a willingness, and ability, to act if necessary.
If the aim of the risk management models is to foster such a major organisational
change, then many possible problems arise. First, the models must encourage, as we
have suggested, the involvement and commitment not just of top management but also
of all relevant managers and personnel. Given the psychological vulnerabilities, this is
hardly likely to be easy. Risk, like quality, has a negative connotation. No one likes to
work with negatives (Bazerman and Watkins, 2004). If all managers and employees are
to be involved, the concept has to be changed to a positive. In the quality area the
negative impact of the word "quality" (which is strongly related to non-quality) has
been changed by focusing on improvements and addressing the deltas from one year to
another (Conti, 1997).
Second, the approaches must succeed in overcoming the normal problems of
implementing large-scale change in any organisation. For example, how will they
tackle any organisational sb-uctural change that might be needed to accommodate any
new systems? Organisational vulnerabilities arise because of structural baniers to the
effective collection, processing, and dissemination of information, such as the division
of organisations into independently operating silos and the filtering of information as it
passes up through the hierarchies. Again political vulnerabilities can cause major
problems for any organisational change process when a small number of individuals
and organisations are able to "capture" the political system or organisation for their
own benefit (Bazerman and Watkins, 2004).
The question therefore is how successful will the approaches be in overcoming the
organisational and political problems that always go hand in hand with any major
organisational change process?
This can be a long and weary path but it is one which quality management has also
had to travel. The quality gurus, such as Deming (1986) with his 14 points and Juran
(1989) with his ten steps to quality improvement, clearly showed that nothing less than Quality and risk
major organisational change was involved in the implementation of quality management
management. Yet, early on in the history of quality management, many
organisations still considered that quality could be left to the quality professionals
to manage. And as long as they achieved compliance v.rith the demands posed by
external monitoring bodies such as the International Organisation for Standardisation
(ISO) in reference to the ISO 9000 series of quality management system standards 77
(International Organisation for Standardisation, 2000), then it was felt that all would be
well. It soon became obvious that this was but a first step on a long journey and that
total quality management did indeed, as the gurus said, mean total involvement of all
concerned within the organisation. The development of the Malcolm Baldrige National
Quality Award (2005) model and the European Foundation for Quality Management
(2004) model have been a major step in this direction. The knowledge and experience
that quality professionals have built up in this area of how to involve all key personnel
in the whole process of managing quality can undoubtedly be of great use to help those
working in the field of risk management to help overcome these same problems.
An example of tools developed from the quality management area around 1979 in
Japan are the seven new tools for management - activity network diagram, affinity
diagram, relationship diagram, prioritisation matrix, matrix design, process decision
program chart - especially supporting situations for which only qualitative data are
available (Senge, 1999). These tools focus on how managers think and interact. They
emphasise better communication and better understanding of complex issues and in
turn relate that understanding to operational planning. The message of the seven new
tools is increasing organisational capabilities - how we think and interact around
complex potentially conflicting issues. In the new organisation, levernge ultimately lies
in improving people and not just in improving the work process. The causes of
variation in new circumstances lie more in people, or certainly as much in people as in
processes. Therefore different kinds of tools are needed, and quality management
provides them.

What risk managem ent can teach quality

A key aspect of risk management is the prioritisation of risks. Risks are p1ioritised on
the basis of their ljkely occurrence and effects. If quality depa1tments took a similar
approach and prioritised quality risks, then it is our expectation that many would find
they are spending too much time and effort on traditional quality problems and too
little on some key new ones such as networking, e-business, brand image, etc.
Traditionally, the focus of quality management was on solving the problem of too
much inspection and waste. This was reduced by analysing faults and eliminating
causes through improved product and process design. The aim of classic quality
management was thus to reduce variation in routine situations, v.rithin a single
stand-alone business/legal entity. This is still, in many organisations, of great
importance. But new, fast-spreading types of manufacturing have given rise to other
pressing quality issues. Roberts (2004) has outlined what he describes as the
characteristic features of modern manufactu1ing, which he says are supplanting mass
production in many industries. The characteristics are:
• flexible machines with low set-up costs;
• short production runs;
TQM • frequent product improvements;
18,l • broad product lines;
• targeted markets;
• highly skilled cross-trained workers;
• worker initiative;
78 • local information and self-regulation;
• horizontal communication;
• cross-functional development teams;
• continuous improvement;
• accent on cost and quality;
• low inventories;
• demand management;
• make to order, extensive communication \Vith customers;
• long-term trust-based relationships; and
• reliance on outside suppliers.
The logic behind this form of manufacturing is increased flexibility, increased speed of
reactions, increased economies of scope and concentration on core competencies. It is
spreading fast because, as Roberts (2004) also comments, it is being driven by
increasing competitive pressures, pressures for results from the money markets, and
shrinkage of buying points in many markets leading to constant pressure on price,
petiormance and innovation. The advantages may be clear, but so also are the dangers.
Time is of the essence in the new manufacturing system, and this means that there are
three potentially weak areas.
(1) The innovation process: innovation is continuous but it is against tight
deadlines to ensure timely appearance in the market place. Delays can mean
missing a key window of opportunity and thus reducing the chance of any
financial success.
(2) Poor quality has to be prevented: cure is too expensive. Competition is so
widespread and the power of fewer purchasing points so strong that brand
image is becoming all-impo1tant. No producer can afford to have poor quality
damage in either brand image or company reputation in the market place. But
curing quality after the event is out of the question. There is no time or money
available for comprehensive end-of-line inspections, nor for the large buffer
stocks of parts and components which would enable line improvements to take
place. And many of the products are so complex and the production process so
spread out over so many suppliers that once faults occur any causes are likely to
be multiple and difficult to trace. So any after the event rectification will take too
much time and expense. Poor quality has to be prevented.
(3) Mistakes will always happen and it is essential that they be cured fast. The
whole supply chain, up to and including the customer, runs on a just-in-time
basis and so is very susceptible to disruptions. Products must not just meet
 customers' expectations in performance terms, but they must also arrive on Quality and risk
time and budget. There are few second chances. management
Disruptions and delays due to inadequate quality are therefore major operational risks
which go hand in hand with this new fonn of lean manufacturing (e.g. George, 2002).
The way to manage these risks is twofold: first through careful prevention to avoid
their occu1Tence in the first place, and second through very fast emergency reactions if 79
and when mistakes do occur.
Successful prevention and emergency response to crises will probably require major
changes in relationships. In tenns of prevention, then increasing speed and accuracy of
innovation means that, inside the organisation, more decision-making power and
autonomy has to be delegated downwards and more cooperation is required
ho1izontally between functions. Externally, because of the grov.rth of outsourcing, the
consequent major increase in reliance on outside suppliers means that close
co-operation both with and between them is essential if later production and market
problems are to be avoided.
When mistakes do occur, then there is no time for legal niceties such as whose fault
it may be, or who should pay for the damage according to the contract. In this
environment, successful rapid reactions are crucial. And this again will involve not just
the end manufacturer but also representatives of all relevant suppliers in diagnosis and
immediate improvement actions. It therefore also requires full and immediate
co-operation rather than just condemnation.
Improving the quality of relationships so that co-operation rather than conflict
results will not be easy. But some possible guide can be found in the work that has been
carried out on the relationships within virtual organisations when they are facing
crises. The relationship between an organisation and its supply chain, which lie at the
heart of these new quality problems, can be likened to relationships within a virtual
organisation (see Grabowski and Roberts, 1999). A virtual organisation, in their
definition, consists of multiple distributed members temporarily linked together for
competitive advantage, very similar to a supply chain. And the most stress is put on
relationships when things go wrong and there is a crisis. So much can possibly be
learnt on how to improve product quality within lean manufacturing from studying
what is necessary to ensure an effective response to crisis within a virtual organisation.
Grabowski and Roberts (1999) suggest that four things are necessary to ensure
effective response to a c1isis in a virtual organisation:
(1) fluidity in organisational structure;
(2) communication;
(3) willingness to learn; and
(4) trust.
All these characteristics are that are very difficult to develop within virtual
organisations and supply chains.
First, fluidity in organisational structure is important. If a crisis occurs, Grabowski
and Roberts (1999) state that response teams with representatives from all relevant
bodies need to be set up fast. A structure has to be agreed which empowers the
personnel involved and which enables rapid and accurate information flow from the
TQM response team or teams to the coordinating centre. The focus is all on solving the
18,1 problem.
Second, communication is key. Communication provides opportunities for
clarification, for making sense of what is happening and for people to discuss
improvements to the organisation and the impacts of different risk mitigation
strategies. And communication at the interfaces between organisations or between
80 functions is particularly important to risk mitigation, as that is where the culture is
transmitted.
T hird, in any situation where co-operation is important to solve crises, then a
culture of willingness to learn from mistakes and to exchange best practice is key. But
a supply chain consists of many different organisations and cultures and so developing
any such single culture is very difficult. Grabowski and Roberts (1999) suggest that a
start to this impossible task can be made by establishing safe and slack areas within
the chain where imp01tant issues such as incentives and control systems can be
discussed.
Finally, the importance of trust between the paities both within the organisation
and within the supply chain is sb·essed. Trust can be defined as:
... the willingness of a party to be vulnerable to the actions of another patty based on the
e>.'Pectation that the other will perfmm a paiticular action important to the trnstor,
irrespective of the ability to monitor or control that other paity (Mayer et al., 1995, p. 712).
Trust among organisational members is critical for virtual organisations. Without
trust, commitment can waver, as members perceive the alliance as weak or
disintegrating, fractured by misunderstanding or mistrust (e.g. McAllister, 1995).
Trust is pa1ticular ly important in virtual organisations that require constant and close
attention to shared commitments to safety and quality, as well as a shared willingness
to learn and adapt (e.g. Davidow and Malone, 1992; Coyle and Schnarr, 1995).
If geographically dispersed organisations are truly to dampen their risk
propensities, the relationships among their members must more closely resemble
alliances of collective responsibilities than hierarchies of reporting relationships. If one
member of the chain dominates, then trust is unlikely to develop. Although Toyota
could easily have dominated its supply chain pa1tners, it has for years carefully
avoided this role, in order to build trust. T his is in contras t with the approach of a
major competitor, General Motors. The latter, in the late 1980s, attempted to establish
sin1ilar long-term relationships with a select group of suppliers. It sought to get them to
shai·e cost infom1ation that they would normally have kept completely confidential and
to work co-operatively to create value. Then when GM got into financial trouble in
1992, part of its response was to use the cost info1mation gained from suppliers to force
large p1ice cuts. T his breach of b-ust soured relations with suppliers for years
afterwai·ds. T rust among organisational members is important since organisations are
reluctant to adopt alliance-like organisational structures that may make them
vulnerable to the uncertainties of the environment, and to the impact of other
organisations, without there being some assurances of shared vulnerability
(McAllister, 1995). Developing trust in virtual organisations is a complex task. It
requires fairly constant, small group activities among members, because it is difficult
to trust people you do not know well, whom you have not observed in action over time,
and who ai·e not committed to the same goals (e.g. Frey and Schlosser, 1993).
 So, if quality departments working within lean manufacturing style organisations Quality and risk
were to take a risk management approach and to prioritise their quality risks more management
carefully, then they might conclude that their approach is not concerned so much with
gradually reducing routine variation within their own organisation. Instead their new
p1iority must be to ensure that both the organisation's internal and external
relationships are such that mistakes, wherever possible, are prevented and if they
appear, are very rapidly cured. 81
The most important causes of poor quality have changed. They used to lie in poor - - - - - - - -
processes and poor design. The quality department therefore first developed reliable
measures of these and then devised tools and techniques to aid improvement. Now, for
many, the important causes of poor quality lie in weak internal and external
relationships with key personnel and partners. Again the first stage, if quality is to
reduce these risks, must be to develop adequate measures, and then the second ·will be
to develop tools and techniques to improve them. But these areas are not easy to
measure. The Japanese have been able to form long-lasting co-operative relationships
both within their own organisations and externally with key suppliers because their
whole society after the Second World War encouraged this kind of behaviour; with
keiretsu-type relationships amongst suppliers and customers, lifetime employment
pacifying internal relationships, and financing which was not subject to the vagaries of
the global market place. They did not need clear measures of relationship quality in
order to manage these relationships, because society managed it for them. But if the
West is trying to emulate the Japanese, at least as far as the quality of relationships is
concerned, then our societies do not naturally suppo1t such systems. We need
measures related to relationships. If they cannot be measW"ed, then they are difficult to
manage.

What must both ris k and quality management still learn?

Organisations are fairly good at managing the risks they know they are taking. And it
is this area that the regulators and most risk management models are covering. But it
is the 1isks that organisations do not know they are taking that cause the problems,
and because of the greater uncertainty in the world and pace of change, this area is
increasing rapidly. Because this area is unpredictable, this is why organisations need
to be flexible and resilient (see, for example, Antonovsky, 1987).
To date, Western organisations have been led and motivated through an emphasis
on achieving success. In an environment that changed seldom and slowly, the usual
routine of step-by-step change and innovation would be more likely to lead to success
than failure. But the more rapid the pace of change, the more likely failures and
mistakes are to occur. So a final issue which neither the current risk management nor
quality management approaches seem to consider in any depth is that with increasing
risk and the impossibility of always predicting the future accurately comes an
increasing likelihood of mistakes being made and failure occurring. How successful
will the risk and quality management approaches be at helping organisations cope
with the increasing occurrence of negative events? What is needed if organisations and
individuals are to survive in a climate where there will probably be more failure than
success?
Organisations that are serious about risk and quality management, and that feel
themselves to be in a highly uncertain environment, need to seek out employees who
TQM can withstand the failure and mistakes which will inevitably come. Their selection and
18,1 training problems can be helped by studying the body of research covering the
characteristics of individuals who can indeed withstand major calamities and
disadvantages in their lives and yet continue to function in a socially acceptable
manner. The characteristics are called a variety of names - locus of control,
self-efficacy, hardiness, potency, and learned resourcefulness - but luckily research
82 results (e.g. Viviers and Cilliers, 1999) indicate high inter-correlations between them all.
In this paper we will discuss the one we feel is most relevant for our purposes,
Antonovsky's (1987) "sense of coherence", which incorporates the most important
aspects of all those previously mentioned.
Antonovsky (1987) studied individuals who appeared to survive and cope
remarkably well with trauma. People in his sample were known to have undergone
severe trauma with inescapable major consequence for their life (i.e. severe disability,
sudden unexpected loss of a loved person, difficult economic conditions, and
concentration camp internment). Yet the people sampled vvere thought by expert
referees to be functioning remarkably well. Antonovsky (1987) considered that what
enabled people to cope with the sb·ongly negative situations they faced was what he
called a "sense of coherence". This had three components:
(1) comprehensibility;
(2) manageability; and
(3) meaningfulness.

These components can be crystallised in three questions:

(1) Does one think that one can understand?
(2) Does one think that one can manage?
(3) Does one wish to manage?

The components can be described as follows:

• Comprehensibility refers to the extent to which the stimuli deriving from one's
internal and external environments in the course of living are felt to be
structured, explicable and consistent.
• Manageabllity considers the extent to which resources are perceived to be
available to meet the demands posed by these stimuli. "Underlying the flexible
employment of appropriate resources is the belief that one indeed has such
resources at one's disposal. (Note, at one's disposal, not in one's control)"
(Antonovsky, 1993).
• Meaningfulness refers to the extent to which these demands are challenges
worthy of pa1ticipation and individual invesbnent.

Antonovsky (1987, p. 19) suggests the three components are intertwined but separate
and build into a way of viewing how the patterning of life experiences may affect
responses. He believes the most significant feature of a strong "sense of coherence" is
the variety and number of coping sb·ategies available. The "sense of coherence" is not a
specific style of coping. It works because it enables one to select that mode of coping, or
those resources, which seem to be approp1iate to the particular stressors that one faces.
Behaviow- itself cannot be predicted, although the quality of behaviour can. Quality and risk
Antonovsky's (1987) measure of sense of coherence has proved its predictive value, management
having been used by nearly 150 researchers around the world. It has been used to
investigate a wide variety of stressful situations, such as responses to natural disasters
(Kaiser et al., 1996), coping with a partner's dementia (Baro et al, 1996), adaptation of
army families to relocation (Bowen et al., 2003), and the Joss of a family member
Larsson et al(l994). This "sense of coherence" concept brings some predictability to the 83
way individuals meet unpredictable negative circumstances. This acceptance of such - - - - - - - -
circumstances means it could be a useful instrument to enable organisations to select
and develop individuals who will not be overwhelmed by the possibly strongly
negative outcomes of the continually changing, unpredictable business environments
desc1ibed above.

Conclusions
Risk management is a cunent business buzzword. There are widely accepted and
acceptable models and approaches to help executives manage this area. The key steps
have been outlined in this paper - risks must be recognised, prioritised and then
managed.
But, despite all the hype, no one pretends that risk management is easy. In this
context this paper asks and attempts to answer three questions.
(1) What can quality teach risk management?
(2) What can r isk management teach quality?
(3) What must both risk and quality management still learn?

We answer these questions by looking at the three types of risks that have been
identified.
The first type are the predictable risks that organisations !mow they face. These are
probably the most straightforward types of risk to manage, but the whole process
depends on a clear distinction being made between risks caused by pure chance and
risks which have, in quality tenns, special causes. This is often not easy, but it has
been a fundamental first step in the quality approach since Shewhart's original work in
the 1930s (Shewhati, 1931). The distinction is important, since only for those risks not
caused by chance can databases and statistical models be built which can then be used
to enable organisations to decide the size of risk they are willing to accept.
The second type of risks are more difficult to manage. They are the risks that an
organisation knows it might run, but whose causes are essentially idiosyncratic and
caused by chance and thus do not lend themselves to a fonnal statistical approach.
Many important risks, patiicularly in the operations area, fall into this category. We
have suggested that quali ty can help manage this type of 1isk in two major ways. First,
the risks may be unpredictable but past experience suggests that they are often likely
to be related to the weak management of key processes. And quality management has
much knowledge of how to manage such processes effectively. Second, since such r isks
can and do occur anywhere and at any time in an organisation, their management
cannot just be left to top management and a few specialists. Rather, awareness of the
possible importance of risks, and commitment to their management, needs to be
widespread throughout the organisation. This, in most organisations, would require
TQM major organisational and cultural change. And here again, quality management has
18,l years of experience in implementing similar major organisational change processes.
In relation to this second type of 1isks, risk management can teach quality the
importance of clear p1ioritisation. A fundamental part of risk management is initial
careful prioritisation of the risks the organisation faces. Time and effort can then be
concentrated where the need and the payoff will be highest. We would suggest that
84 quality can learn much from such an approach. Quality should be far more careful in
prioritising where it spends its resources. It needs to concentrate on the quality risks
that really matter to the organisation. The incTeasing unpredictability of the business
environment, and the subsequent spreading of the lean manufacturing and lean service
approach, have dangers as well as advantages. The big danger is the importance of
time and the subsequent susceptibility of the organisation to disruptions and delays.
Time is key in three areas:
(1) in the innovation process;
(2) in the prevention of poor quality; and
(3) in the rapid solution of any problems that do occur.

Success in all three of these areas is heavily dependent upon relationships both within
the organisation and between the organisation and its key suppliers and customers.
Causes of poor quality used to lie in poor processes and poor design. Now for many
organisations the causes of inadequate quality lie in poor relationships. So the first
p1iority for their managers should be to develop measures of relationship quality and
then the tools and techniques to improve them. This is a challenge for the academic
quality management fraternity.
The third type of risk is the 1isks which organisations do not know they are
running. For many organisations this is probably the most dangerous form of risk.
And because of the increasing uncertainty and unpredictability in many business
environments, it is this type of risk that is probably increasing fastest. And
quality can be of little assistance here because it too must come to terms with this
newly emerging situation. Both risk and quality management need to accept that,
despite the best systems and procedures that can be devised, the essence of risk is
that in an unpredictable world, failw·es and mistakes are bound to occur. So, both
organisations and individuals need to be able to cope in such a situation. It is
suggested in this context that much can be learned from the study of individuals
who have successfully faced major crises in their lives. Ensuring that an
organisation possesses a critical mass of such individuals might make a major
difference in is ability to withstand the inevitable failure and mistakes that are to
come.
So, the overall conclusion is that quality can be of assistance in relation to managing
risks in at least two of the three types of risks that need managing, especially in
relation to predictable risks and operational risks. Quality will be of little assistance yet
towards managing risks that organisations do not know they are running. Quality can
also learn something from the risk management approaches, especially regarding the
impo1tance of clear prioritisation.
References Quality and risk
Antonovsky, A. (1987), Unravelling the Myste1y of Health: How People Manage Stress and Stay management
Well, Jossey-Bass, San Francisco, CA.
Antonovsky, A. (1993), "The structure and properties of the sense of coherence scale", Social
Science and Medicine, Vol. 36, pp. 725-33.
Baro, F., Haepers, K., Wagenfeld, M. and Gallagher, T. (1996), "Sense of coherence in caregivers
to demented elderly persons in Belgium", in Stefanis, C., Hippius, H. and Muller-Spahn, I.F. 85
(Eds), Neuropsychiat1J• in Old Age: An Update, Hogrefe and Hueber, Toronto, pp. 145-56. - - - - - - - -
Basel Committee on Banking Supervision (1996), "Update on work on a new capital adequacy
framework", Basel Committee on Banking Supervision, Basel.
Basel Committee on Banking Supervision (2003), "Advanced measurement approaches for
operational risk: supervisory expectations", Basel Committee on Banking Supervision,
Basel.
Bazerman, M.H. and Watkins, M.D. (2004), Predictable Smprises: The Disasters you Should Have
Seen Coming, Harvard Business School Press, Boston, MA.
Bowen, G.L., Mancini, ].A., Martin, ].A., Ware, W.B. and Nelson, J.P. (2003), "Promoting the
adaptation of militaiy families: an empirical test of a community practice model", Famib•
Relah:ons, Vol. 52 No. 1, p. 33.
Chenhall, R.H. (2003), "Management control systems design within its org context", Accounting
Orga11isatio11s and Society, Vol. 28, pp. 127-68.
Committee of Sponsoring Organisations (2004), "Enterp1ise risk management framework",
Committee of Sponsoring Organisations of the Treadway Commission, American Institute
of Certified Public Accountants, available at: www.aicpa.org
Conti, T. (1997), Organizational Self-Assessment, Chapman and Hall, London.
Coyle, ]. and Schnarr, N. (1995), "The soft-side challenges of the 'virtual corporation"', Human
Resource Planning, Vol. 18 No. 1, pp. 41-2.
Davidow, W. and Malone, M. (1992), "Virtual corporation", Forbes, pp. 102-7.
Deming, W.E. (1986), Out of the Crisis, MIT Centre for Advanced Engineering Study, Cambridge,
MA.
Dunnett, R.S., Levy, C.B. and Simoes, A.P. (2005), "Managing operational risk in banking",
McKinsey Quarte1·ly, No. 1.
European Foundation for Quality Management (2004), EFQM Excellence Model, Ew·opean
Foundation for Quality Management, Brussels.
European Foundation for Quality Management (2005), EFQM Framework for Risk Management,
Ew·opean Foundation for Quality Management, Brussels.
Frey, S.C. Jr and Schlosser, M.M. (1993), "ABB and Ford: creating value through cooperation",
Sloan Management Review, Vol. 35 No. 1, pp. 65-72.
Geiger, H. (2000), "Regulating and supervising operational risks for banks'', paper presented at
the Conference "Future of Financial Regulation", Tokyo, 17 October.
George, M.L. (2002). Lean Six Sigma: Combining Six Sigma Quality with Lean Produch"o11 Speed,
McGraw-Hill, New York, NY.
Grabowski, M. and Roberts, K. (1999), "Risk mitigation in virtual organisations", Orga11isatio11al
Science, Vol. 10 No. 6, pp. 704-22.
International Organisation for Standardisation (2000), ISO 9000:2000 Quality Ma11ageme11t
System Standm·d, International Organisation for Standardisation, Geneva.
TQM Juran, J.M. (1989), Juran 011 Leadership for Quality: An Executive Handbook, The Free Press,
New York, NY.
18,1 Juran, JM. and Blanton Godfrey, A. (1998), Juran 's Quality Ha11dbook, 5th ed., McGraw-Hill,
New York, NY.
Kaiser, C.F., Sattler, D.N., Bellack, D.R. and Dersin, ]. (1996), "A conser.-ation of resources
approach to a natural disaster: sense of coherence and psychological distress",Joumal of
86 Social Behavior and Personality, Vol. 11, pp. 459-76.
Larsson, G., Kallenberg, K., Setterlind, S. and Stanin, B. (1994), "Health and loss of a family
member: impact of sense of coherence", International Jounzal of Health Sciences, Vol. 5,
pp. 5-11.
McAllister, D.]. (1995), "Affect· and cognition-based trust as foundations for interpersonal
cooperation in organizations'', Academy of Management Jo1tmal, Vol. 38 o. 1, pp. 24-59.
Malcolm Baldrige National Quality Award (2005), Criteria for Perfonnance facelle11ce, American
Society for Quality, Milwaukee, Wl.
Mayer, R.C., Davis, j.H. and Schoorman, F.D. (1995), "An integration model of organizational
trust", Academy of Management Review, Vol. 20 No. 3, pp. 709-34.
Mittelstaedt, R.E. Jr (2005), Will Your Next Mistake be Fatal? Avoidi11g the Chain of Mistakes Thal
Ca11 Dest1·oy Your Organisation, Wharton School Publishing, Upper Saddle River, 1].
Newton, P., Paxson, D.A. and Widdicks, M. (2004), "Real R&D options'', biternalio11al Journal of
Ma11ageme11t Research, Vol. 5/6 No. 2, pp. 113-30.
Power, M. (2003), "The invention of operational 1isk", Discussion Paper >lo. 16, Centre for
Analysis of Risk and Regulation (ESRC), London School of Economics, London.
Roberts,]. (2004), The Modern Finn, University Press, Oxford.
Senge, P. (1999), "It's the learning: the real lesson of the quality movement", journal of Quality
and Participation, Vol. 22 >lo. 6, pp. 3440.
Shewhart, W.A. (1931). Economic umtrol of Quality of Manufactured Products, D. van >lostrand,
New York, '.\TY.
Shostack, G.L. (1987), "Service positioning through structura.1 change", Jo1tnwl of Marketing,
Vol. 51 No. 1, pp. 34-43.
Standards Australia and Standards New Zealand (2004a), ASINZS 4360: Australia and New
Zealand Standard 011 Risk Management, Standards Australia, Sydney/Standards
New Zealand, Auckland.
Standards Australia and Standards New Zealand (2004b), Australia New l,eala11d Ha11dbook:
Risk Ma11ageme11t Guidelines Companion to ASINZS 4360. Standards Australia,
Sydney/Standards New Zealand, Auckland.
Viviers, A.M. and Cilliers, F. (1999), "The relationship between salutogenesis and work
orientation'', Joumal of Industrial Psychology, Vol. 25 No. 1, pp. 27-32.

Corresponding author
Ton van der Wiele is the corresponding author and can be contacted at: vanderwiele@few.eur.nl

To purchase rep1ints of this article please e-mail: r eprints@emeraldinsight.com

Or visit our web site for further details: ww\v .emer aldinsight.com/r eprints

The TQM Magazine
Copyright
Articles submitted to the journal should be original and should not be under
consideration fo r any other publication at the same time. Authors submitting
articles for publication warrant that the work is not an infri ngement of any existing
copyright and will Indemnify the publisher against any breach of such warranty.
For ease of dissemination and to ensure proper policing of use, papers and
contri bution s become the l egal copyr ight of the publisher unless otherwise
agreed. Submi ssions should be sent in Word Format to TQM@emeraldinsight.com
Editorial objectives
To provide those Involved in research and practice in quality management with
Ideas. news, research fi ndings, case examples and discussion on quality
management and related fields.
Edltori1l scope
High quality submissions are sought from academics. researchers and practitioners
from around the world. Generally, contributions should cover the theo reti cal
development and the pract•cal application of both the 'hard"and 'oft"aspects of
TQM. Research, case studies and examples can be cited from the public and private
secrors of Industry and commerce, includi ng manufacturing, health, education,
local government and professional and other servi ce fi rms. Specifcally, contributors
can address any of the following areas:
• the quality gurus and the TQM philosophy;
leadership and management issues;
people Issues includin1 internal and external customer satisfaction;
the measure ment of quality;
costs of quality;
TQM /quallty/ excellence models;
quality management (and rel ated) systems;
tools and techniques for quality management an d improvement;
process management and improvement;
strategic, tactical and operational issues for TQM implementation and
maintenan ce.
Contributions should emphasise any practical impli cations of the research or fi ndings
as well as future research implications (including lessons from unsuccessful
initiatives).
The journal draws on insights and contributions worldwide. Contributors
should al ways spell out the practical implications of their work for those involved In
quality management.
Case study articles should normally specify:
background and content;
objectives, i.e. what we were trying to do;
the salient events;
the results. and how they were obtained;
the Implications for others involved in quality management.
Please keep to a minimum general discussions on the history of quality management
thought, and non-specific exhortations about 'being customer-focused" or letti ng
commitment from everyone'. Instead, focus on operational strategies and tactics on
how to make these things happen [Including lessons from unsuccessful initiatives).
The TQM Magazine only prints articl es wh ich have not been published
elsewhere in English. Th e Editor may consi der an article which has previously been
publi shed in another language. In such cases, the author must make this clear.
Valuabl e conference papers will also be considered.
The reviewing process
Each paper is reviewed by the Editor and if it is judged suitable for thi s publicat ion
it is then sent to two refere es for double blind peer revi ew. Based on their
recommendations the Editor then deci des whether th e paper should be accepted
as is, re vised (minor or major revision) or rejected. Following revis i on, ma jo r
revision papers return to the original reviewe rs for their decision.
The review process is a constructive one, aimed at making good contributions
better. The TQM Magazine ai ms, above all, for application to the world of quality
management, for working managers. As such, revi ewers look for:
(1) clari ty of expression and readability;
(2) implications and application s; what does it all mean?
(JJ con formance to editorial objectives, i.e. i s the anicle about quality, or of
interest to people interested in quality?
Manuscrfpt requln!ments
An electronic copy of the paper should be submitted in double line spacing with
wide margins to TQM@ e meraldinsight.com All authors should be shown and
authofs details must be on a separate page and the author should not be i dentified
anywhere else in the article.
As a guide, arti cles should be between 2,500 and 5,000 word s in length.
Shorter articles can be published as 'Comment"pieces; longer ones, particularly
those from acad emia, may be suitably published as research reports. A series of
articles on a particular th eme will be welcomed. Responses to papers which have
appeared In the journal, either as letters to the Editor or as response articles, will
be wel come. A title of not more th an eight words should be provided. A brief
Author
guidelines
autobiographical note should be supplied including full name, affiliation, e-mail
address and full international contact details. Authors must supply a structured
abstroct set out under 4-6 sub-headings: Purpo se; Methodol ogy/ Approach;
Findings; Research limitations/implicat ions (If applicable); Practical implications
(if applicabl e); and the Originality/value of paper. Maximum Is 250 words in total.
In addition provide up to six keywords which encapsulate the principal topics of
the paper and categorise your paper under on e of these classlftcatlons: Research
paper, Viewpoint, Techni cal paper, Conceptual paper, Ca se study, Literature review
or General review. For more information and guidance on structured abstracts
visit: www.emeraldinsight.com/structuredabstracts
Where there is a methodology, it should be clearly described under a separate
heading. Headings must be short, clearly defined and not numbered. Notes or
Endnotes should be used only if absolutely necessary and must be identified In the text
by consecutive numbers, enclosed In square brackets and listed at the end of the
article.
All Figures (charts, diagrams and line drawings) and Pl1tes (photographic
images) should be submitted in both electronk form and hard copy ori ginals.
Fi gures should be of clear quality, black and white and numbered consecutively
with arabic numerals.
Electronic figures should be either copied and pasted or saved and imported
from the origination software i nto a blank Microso ft Word document. Fi gures
created in MS Powerpoint are also acceptable. Acceptable standard image formats
are: .eps, .pdf, .ai and .wmf. If you are unable to supply graphics in these formats
then please ensure they are .tif, .jpeg, .bmp, .pcx, .pie, .gif or .pct at a resolution of
at least )Oodpi and at least 1ocm wide. To prepare screenshots simultaneous ly
press th e '1\l t"and 'Print screen"keys on the keyboard, open a blank Microsoft
Word document and simultaneously press 'Ctrl"and 'V"to paste the image.
(Capture all the contents/windows on the computer screen to paste into MS Word,
by simultaneously pressing 'Ctrl"and 'Print screen'.)
For photographi c images (plates) good quality original photographs should be
submitted. If supplied electronically they should be saved as .tif or .jpeg files at a
resolution of at least )OOdpi and at least 1ocm wide. Digital camera settings should
be set at the highest resolu tion/qua lity as possible.
In the text of the paper the pre ferred position of all figure s and plates should be
indicated by typing on a separate line the words ,.ake in Figure (No.)"or ,.ake in
Plate (N o.)~ Supply succinct and clear captions for all fi gures and plates.
Tables should be typed and included as part of the manuscript. They should
not be submitted as graphic elements.
References to other publlcations must bt i n Harvard style and carefully
chec ked for completeness, accuracy and consi stency. This i s very imponant in an
electronic environment because it enables your readers to exploit the Reference
linking facility on the database and link back to the works you have cited through
CrossRef. You should include all author names and initials and give any journal title
in full.
You should cite publications in th e text: (Adams, 1997) using the first named
authofs name. At the end of the paper a reference list in alphabetical order shoul d
be supplied:
For boo ks: surname, initia l s, (year), title af book, publisher, place of
publication, e.g. Fallbright, A. and Kh an, G. (2001), Competing Strat egies , Outhouse
Press. Rochester.
For book chapters : surname, initials, (year), thapte r title~ editor's surname,
initi als. title of book, publisher, place of publica tion. pages. e.g. Bessley, M. and
Wil son, P. (1999), 'Marketi ng for the production ma nage r~ in levi cki, J. (Ed.),
Taking the Blinkers off Managers, Broom Reim, London, pp.2 9-33.
Far journals: surna me, initials, (year), 1itle of articl e~ journal name, volume,
number, pages, e.g. Greenwald, E. (2000), 'l:mpowered to s erve~ Management
Decision, Vol.)) No. 5, pp. 6-lo.
For electronic sources: if available online the full URL should be supplied at the
end of the reference.
Final submission of the article
Once accepted for publication, the editor may re quest the final version as an
attached file to an e·mail or to be supplied on a CD· ROM labeled with author
name(s); title of article: journal title; file name.
Each article must be accompanied by a completed and signed Journal Article
Rtc:ord form available from the Editor or on www.tmeraldinsight.com/ JARform
The manuscript will be considered to be the definitive version of the article. The
author must ensure that it is complete, grammatkally correct and without spelling
or typographical errors.
The preferred file format i s Word. Other acceptable formats fo r technical/
maths content are Rich text format and TeX/LaTeX.
Techn i cal assistance i s available by contacting Mike Massey at Emerald.
E-mail: mmassey@emeraldinsight.com
 Authors' Charter
Your rights as a contributor
to an Emerald journa l
Emerald's copyright principles
Emerald* seeks to retain copyright of the articles it publishes, without the authors
giving up their rights to republish or reproduce their articles on paper or electronically,
subject to acknowledgment of first publication details.

Emerald's commitment to you

• An innovative publishing service which is timely, efficient, responsive and cou rteous

• Quality peer reviewed journals with editorial teams of distinction

• A named ind ividual to keep you informed of publication progress

• Complimentary journal copy plus reprints of your paper

• An editorial and production policy which encourages accuracy and reduces submission to
publication times

• On-line resources, fo rum s and confe rences to assist you with your research

• Responsible rights managemen t to promote and safeguard the i ntegrity of your work, encourage
citation and wider dissemination

• Liberal reprod uction rights and premium permissions servi ce for yourself and subscribing
organizations to serve th e interests and needs of the scholarly community

• Additiona l benefits of Literati Club membership

• Consideration for nomi nation of the Annua l Awards for Excellence to reward outstanding work

• Outstanding Doctoral Research Awards for our author community.

• Emerald • Electronic Management Research Library Database. Emerald is a trading name of MCB UP Ltd.

The full text of Emerald' s Authors' Charter can be found at

www.emeraldinsight.com / charter

To discuss any aspect of this charter please contact us by e-mail at

literaticlub@emeraldinsight.com
Tel +44(0) 1274 777700 Fax +44 (0) 12 74 785200
Literati Club, Emera ld, 60 / 62 Toller Lane, Bradford BD8 9BY, United Kingdom.

www.emeraldinsight.com/ charter information ideas insigh