PDCA: full cycle of risk management

First introduced by American engineer and business theorist William Edwards Deming, the Plan-Do-Check-Act (PDCA) cycle is a four-step management method used for the control and continual improvement of processes and products. Since its first introduction, the method has been widely adopted by organisations when it comes to implementing a management system compliant with a best-practice standard.  

What is the Plan-Do-Check-Act Cycle?

The PDCA cycle is not a one-time process but is instead intended to act as a continuous loop of planning, doing, checking and acting. 

The general steps in the PDCA cylce are Plan, Do, Check and Act. The first step involves being able identify a purpose and define the metrics used to measure its success. The next steps involve putting a plan into action, thereafter followed by an analysis of data to determine whether the initial goal was achieved.  

The final steps of the cycle involve making any necessary adjustments or improvements based on findings discovered during the ‘check’ phase. 

The Plan-Do-Check-Act model is widely adopted by organisations seeking a systematic approach to risk management and aiming to implement a management system that meets ISO or other recognised best-practice standards.

When to use the PDCA Model?

The PDCA cycle can be applied in a number of scenarios, including quality control, process improvement, and change implementation. The model is particularly useful and valuable in situations where an iterative approach to problem-solving is required. This makes it an ideal tool for organisations that are developing and maintaining a compliant management system, where continual improvement is considered a core principle. 

The PDCA four steps

Breaking the process down into stages helps clarify the requirements of each step in the PDCA cycle when developing and implementing management systems. This approach is particularly valuable for companies and organisations that are committed to continual improvement and are seeking certification to a recognised standard by a third-party certification body. In these cases, the requirements are defined by the chosen management system standard standard - for example,  ISO 9001 for quality or ISO 14001 for environmental management.

Plan

The first step in the PDCA cycle is the planning phase. This involves setting objectives based on the organisation's policies, conducting risk assessments, and determining the various processes needed to achieve the desired outcomes. These steps are outlined in the requirements of the ISO standards. For example, in a quality management system (QMS), a planning phase should include:

1. Understanding the Context of the Organisation: Identify internal and external factors that can impact the QMS’s objectives and outcomes.
2. Determining the Needs and Expectations of Interested Parties: Recognise who the interested parties are and what their needs and expectations are.
3. Determining the Scope of the QMS: Define the boundaries and applicability of the QMS to establish its scope.
4. Planning the QMS: Establish quality objectives and plan how to achieve them, considering risks and opportunities.
5. Quality Objectives and Planning to Achieve Them: Set measurable quality objectives and plan the actions needed to achieve them.
6. Planning of Changes: Plan changes to the QMS in a controlled manner. It is almost always the most complex part of the cycle as it requires a thorough understanding of what systems may already be in place and what is the ultimate aim.  

Do

The doing phase focuses on implementing the plan, executing the processes, making the product, and collecting data for the subsequent ‘checking’ and ‘acting’ phases.  

This phase should become part an organisation’s routine operations, while remaining flexible enough to accommodate unforeseen circumstance. Ideally, a contingency plan should be in place to address any unusual situations that may arise.   

Check

The penultimate phase of the PDCA cycle is the ‘check’ phase. This stage focuses on monitoring and evaluating the performance of the management system. For a Quality Management System (QMS), this should include: 

1. Monitoring, Measurement, Analysis, and Evaluation: Organisations must determine what needs to be monitored and measured, the methods for monitoring, measurement, analysis, and evaluation, and when these should be carried out. 
2. Internal Audit: Conduct internal audits at planned intervals to provide information on whether the QMS conforms to the organisation’s own requirements and the ISO 9001 standard, and is effectively implemented and maintained. 
3. Management Review: Top management must review the organisation’s QMS at planned intervals to ensure its continuing suitability, adequacy, effectiveness, and alignment with the strategic direction of the organisation. 

These requirements ensure the QMS operates as intended and provide a foundation for identifying opportunities for improvement. 

Act

The final phase of the PDCA cycle is the ‘act’ phase, where the organisation implements the changes needed to maintain compliance with the standard and drive continual improvement. This may involve adjusting the plan and restarting the cycle. 

Activities such as audits, management reviews, and monitoring key indicators help identify areas for improvement and may result in non-compliance (or non-conformance) reports being raised. For example, a weakness in a process may need to be revised. These issues must be addressed within a specified timeframe to close the non-conformity, particularly if identified during an external audit by the certification body.

Example of a PDCA

The PDCA cycle is the cornerstone of any quality or management system a company or organisation seeks to implement. It provides a clear, structured framework for managing change and driving continual improvement within an organisation. Moreover, it is a highly versatile tool that can be applied to almost any situation where improvement is desired.