Adding Malicious Operator to FMEA?

Q

questioner

#1
If you have a poke-a-yoke system to prevent a failure from occurring, but can be over-rode by a malicious employee, do you need to add to your FMEA?

My example is a drilling machine with an automatic drill bit size detector. The machine will stop working if the drill bit inserted is not the correct size. It has been found that an ingenious employee learned how to turn this feature off, resulting in nonconforming product. Unfortunately there is no way to physically prevent employee from doing again.

Failure mode: incorrect hole size
Cause: malicious employee
Prevention: training

My thoughts were that this could apply to any process. If an employee willfully and knowingly does not perform per procedures, do you need to have in FMEA?
 
Elsmar Forum Sponsor
1

12stones

#2
First, if an employee found a way to turn this feature off, is there a way to prevent that besides the use of policy and procedure? If you're trying to poke yoke it, then that would be my first reaction. How do you make it so that feature can't be turned off?

Now, as far as having to include willful disregard of procedures in the FMEA, I'd say that that is not what FMEAs are designed for, but you can include it if you want just to show that it's been thought of. In my opinion, though, training wouldn't be the prevention. Mine would look more like:

Failure mode: incorrect hole size
Cause: employee disregard for procedure
Prevention: Progressive employee corrective action - written warning or termination of employee

This is a personnel accountability issue in my book, not a training issue.

If it were me, I don't put things like that in my FMEAs. Anyone can purposefully not follow a procedure and the procedure is always one of the controls so that can put you into a neverending loop.
 
G

George Weiss

#3
Training might not be viewed as a solution to intentional malicious actions.
Employee Termination is a common course. Malicious being key here.
Employee training and evaluations can be tools.
This could go into a Risk matrix of higher risk, and relatively low likelyhood.
This issue is likely a lightning strike event, and planning for it would be same.
 
G

Groo3

#4
Failure mode: incorrect hole size
Cause: employee disregard for procedure
Prevention: Progressive employee corrective action - written warning or termination of employee

This is a personnel accountability issue in my book, not a training issue.
Um, in the USA, you can get sent away for life (or worse) if you terminate an employee... you may just wish to terminate their employment instead?

Seriously though... It does appear to be a personal accountability issue, or rather lack of personal accountability. Willful and gross negligance is seldom tolerated for very long unless it's an all in the family type of business. The condition of employment should be to do the right thing, follow the procedures, or correct the procedures should the procedures be wrong, and to try and improve the process...

When you try to idiot proof the process, sometimes you just get smarter idiots...
 

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#5
If you have a poke-a-yoke system to prevent a failure from occurring, but can be over-rode by a malicious employee, do you need to add to your FMEA?

My example is a drilling machine with an automatic drill bit size detector. The machine will stop working if the drill bit inserted is not the correct size. It has been found that an ingenious employee learned how to turn this feature off, resulting in nonconforming product. Unfortunately there is no way to physically prevent employee from doing again.

Failure mode: incorrect hole size
Cause: malicious employee
Prevention: training

My thoughts were that this could apply to any process. If an employee willfully and knowingly does not perform per procedures, do you need to have in FMEA?
Welcome to the Cove! :bigwave: Your question about employee malice made me remember the saying Don't Feed the Hog. This kind of problem isn't addressed through the FMEA, which is about what happens with the process outside of human intervention.
 

Jim Wynne

Staff member
Admin
#6
If you have a poke-a-yoke system to prevent a failure from occurring, but can be over-rode by a malicious employee, do you need to add to your FMEA?

My example is a drilling machine with an automatic drill bit size detector. The machine will stop working if the drill bit inserted is not the correct size. It has been found that an ingenious employee learned how to turn this feature off, resulting in nonconforming product. Unfortunately there is no way to physically prevent employee from doing again.

Failure mode: incorrect hole size
Cause: malicious employee
Prevention: training

My thoughts were that this could apply to any process. If an employee willfully and knowingly does not perform per procedures, do you need to have in FMEA?
Welcome to the Cove. :D

A few thoughts:

  • It ain't mistake-proofed if the mistake-proofing can be circumvented.
  • Describing the person as "malicious" indicates not that he merely overrode the controls, but did it on purpose so that something bad would happen. Is this the case?
  • Because you now know that this can happen, and the possibility apparently wasn't considered in the original PFMEA, now would be the time to add it. Where are the risks? What's the likelihood of it happening? Is it worth augmenting detection controls?
 

Wes Bucey

Prophet of Profit
#7
Welcome to the Cove. :D

A few thoughts:

  • It ain't mistake-proofed if the mistake-proofing can be circumvented.
  • Describing the person as "malicious" indicates not that he merely overrode the controls, but did it on purpose so that something bad would happen. Is this the case?
  • Because you now know that this can happen, and the possibility apparently wasn't considered in the original PFMEA, now would be the time to add it. Where are the risks? What's the likelihood of it happening? Is it worth augmenting detection controls?
Similar questions to Jim's also occurred to me.

It seems you are characterizing "sabotage." You could have all the mistake proofing in the world, but can't protect against a crazed employee doing something no FMEA could reasonably expect to predict. The word "sabotage" comes from the French word for shoe - sabot. Disaffected workers used to drop a shoe (often made of wood when the industrial age was getting its start) into the machinery to jam it. Any employee could willfully contravene a work process to create small or large havoc. Something as simple as dropping pebbles in wheel covers used to give workers on automotive production lines something to talk about in the saloon after a shift. Omit a lock washer on a nut and bolt fastener and vibration might take weeks to loosen the nut and create a crash. The more subtle the sabotage, the higher lkelihood finished assemblies could get through to endanger life, health, and/or safety.

Some safeguards might include

  • more in-process inspection where each operator assures product coming to his station meets all requirements for that stage of production. ( way for each employee to do a redundant check on the employee head of him in the production chain.)
  • machine inspection of parts

Unaddressed yet is the method of selecting employees to perform tasks and how their competence to perform the task is assessed. In some environments and for certain tasks, that might mean a psychological assessment.
 

Jim Wynne

Staff member
Admin
#8
The word "sabotage" comes from the French word for shoe - sabot. Disaffected workers used to drop a shoe (often made of wood when the industrial age was getting its start) into the machinery to jam it.
:topic: Almost. The French for "shoe" is chaussure; sabot means "hoof" but is apparently also used idiomatically in French for "wooden shoe." The etymology is a bit murky, but the shoe-in-the-machine idea is regarded as very unlikely: http://www.etymonline.com/index.php?term=sabotage

I was surprised to learn that the word didn't appear in written English until the early 20th century.
 
G

George Weiss

#9
Um, in the USA, you can get sent away for life (or worse) if you terminate an employee.....
.
I have not been placed in the situation to have to choose, but sometimes removing a malicious employee, regardless of the cost is the best course.
The term "Malicious" does strike a nerve, and does not seem to slip into the common "gee if they had trained me better" defense.
There is a social conforming want to fix all things broken, but "Malicious" is right up there with criminal intent.
I am biased, and maybe I should be more forgiving, and allow it to happen again. Nope!:cool:
 
Last edited by a moderator:

Wes Bucey

Prophet of Profit
#10
:topic: Almost. The French for "shoe" is chaussure; sabot means "hoof" but is apparently also used idiomatically in French for "wooden shoe." The etymology is a bit murky, but the shoe-in-the-machine idea is regarded as very unlikely: http://www.etymonline.com/index.php?term=sabotage

I was surprised to learn that the word didn't appear in written English until the early 20th century.
The curse of using internet translators. In my print edition of Larousse French - English dictionary, the primary definition for sabot is "clog" (a type of slip-on shoe.) I am aware of French chefs who wear sabots in commercial kitchens. Wiki also picks this up (http://en.wikipedia.org/wiki/Sabot_(disambiguation))

I agree the etymology (word origin) of sabotage is murky. WIKI says
Etymology

Claimed explanations include:

  • That it derives from the Netherlands in the 15th century when workers would throw their sabots (wooden shoes) into the wooden gears of the textile looms to break the cogs, feeling the automated machines would render the human workers obsolete.[1] However, there is no contemporary source verifying either this behaviour or a source verifying the word being used in this sense before the 19th century.
  • That it derives from the French sabot (a wooden shoe or clog) via its derivative saboter (to knock with the foot, or work carelessly).[2]
  • That it derives from the late 19th-century French slang use of the word sabot to describe an unskilled worker, so called due to their wooden clogs or sabots; sabotage was used to describe the poor quality work which such workers turned out.[3]
Bottom line:
Everyone agrees "sabotage" means screwing the work up, usually on purpose..
 
Thread starter Similar threads Forum Replies Date
U Adding another Subcontractor EU Medical Device Regulations 3
N Adding unclassified product to the medical device registration US Food and Drug Administration (FDA) 1
S Complexity Rating - CB adding another audit day for "high complexity" AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
E Adding models to an approved Russian Registration Certificate Other Medical Device Regulations World-Wide 1
gunnyshore Adding a new facility - do I need to submit an amendment to the MDL or MDEL, or both? Canada Medical Device Regulations 3
D Adding a Class I to a sample box Canada Medical Device Regulations 5
K Adding the Notified Body Number CE Marking (Conformité Européene) / CB Scheme 2
O Adding ISO 13485 to an AS9100 QMS ISO 13485:2016 - Medical Device Quality Management Systems 13
P Adding "new" medical device to existing CER - under MDD CE Marking (Conformité Européene) / CB Scheme 1
F Adding a medical device in another medical device package EU Medical Device Regulations 2
K Relabeling or Not Relabeling - Adding our internal Part Number barcode label 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
A Adding Remote Site to Current IATF 16949 Certification IATF 16949 - Automotive Quality Systems Standard 2
S Adding Value prior to signing EASA Form 1 EASA and JAA Aviation Standards and Requirements 5
D Adding a new site to 13485 Certification ISO 13485:2016 - Medical Device Quality Management Systems 4
S Adding claims on medical device labelling 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
J Adding a UDI Compliant Label to previously manufactured devices 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 0
P Adding an additional distributor to a current Mexico Medical Device Registration Other Medical Device Regulations World-Wide 0
4 Adding a new Company - ISO 9001 Design Exclusion Design and Development of Products and Processes 1
L IATF 16949: Adding a Remote Location between certifications IATF 16949 - Automotive Quality Systems Standard 2
T Adding an adapter to a Torque Meter to change the Range Capability, Accuracy and Stability - Processes, Machines, etc. 6
R Coexisting Investigational Use and CE-Mark - Adding a new Indication EU Medical Device Regulations 4
K Adding a New Site to Our ISO 13485 Certification ISO 13485:2016 - Medical Device Quality Management Systems 9
C Adding information to Labels - Class II Medical Devices US Food and Drug Administration (FDA) 1
K Medical device procedure tray - Adding products in Custom packs Other Medical Device and Orthopedic Related Topics 3
D Adding an extra Label on an Ethylene Oxide Sterilized Box ISO 13485:2016 - Medical Device Quality Management Systems 3
E Adding a "Scope Statement " to my Quality Policy ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
W Quality for value adding or certification? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 23
somashekar Adding an other process into the system - Authorised Economic Operator (AEO) Scheme ISO 13485:2016 - Medical Device Quality Management Systems 4
Z Adding 1% error to data in a column in Minitab Using Minitab Software 3
M Is 510k Required for Adding a section on use of Disinfectants to Product Manual? US Food and Drug Administration (FDA) 3
D Adding PPAP forms to the ISO procedures Document Control Systems, Procedures, Forms and Templates 2
S FDA CDRH Premarket Review Submission Cover Sheet - adding more products 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
B What to do when adding new Proprietary name under same 510(k) Other US Medical Device Regulations 2
M PPAP requirements when adding Part Transfer Robots between Machines APQP and PPAP 1
M Adding AS9100C Lead Auditor Certification to an IRCA ISO 9001 LA Certification AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
B Need help in adding second location to FDA Registration Other US Medical Device Regulations 4
K Adding a Disclaimer on an FMEA FMEA and Control Plans 4
M Adding Bizminer's Industry Financial data to my Peer Company Comparison Manufacturing and Related Processes 0
D Rounding Numbers - Adding numbers in Excel - I want the average Excel .xls Spreadsheet Templates and Tools 3
F Implementing ISO 11135 - Facilities Conditions - Adding ETO Sterilization Other Medical Device Related Standards 4
Q Adding to our A2LA Scope of Accreditation General Measurement Device and Calibration Topics 2
A ISO 9001 company now adding Welding to the Scope - What needs to change? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
marmotte Adding a Funct. Earth. to a class II / BF device...retest needed? IEC 60601 - Medical Electrical Equipment Safety Standards Series 4
M Document Changes not affecting the process - Adding Logos, etc. Document Control Systems, Procedures, Forms and Templates 8
V Option for adding date-time to the copies printed from Adobe Acrobat (pdf) Quality Assurance and Compliance Software Tools and Solutions 1
V What are the Value Adding Quality Assurance Processes and how to measure them? Quality Tools, Improvement and Analysis 3
P Can 'adding a new service' be a Quality Objective? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
K Quality System Manual question - Adding Satellite Facility ISO 13485:2016 - Medical Device Quality Management Systems 2
F Adding a New Office Location to an ISO 9001 Certificate (Scope of Registration) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
Q Adding ISO13485 to existing AS9100 QMS - Summary of the differences ISO 13485:2016 - Medical Device Quality Management Systems 9

Similar threads

Top Bottom