# Configuring Assessments (QMS)

Use the guidelines in this article to configure Assessments to fit your process needs. These configurations present users with clear views of the necessary information as well as efficient data input and analysis. Refer to the <a href="/en/gr/55069/">Risk Management</a> article for guidelines on performing a pFMEA risk assessment within Vault.



<div class="note-border alert-info">
  <div class="alert alert-info" role="alert">
    <div><i class="far fa-info-circle"></i></div>
    <div class="alert-text">
      <p><strong>Note</strong>: This article details configuration steps to make an existing QMS Vault capable of Process FMEA (pFMEA) risk assessments. QMS Vaults created after the 20R2 release have many of these recommendations already configured. Other <a href="/en/gr/62746/#assessment-types">risk assessment type</a> configurations will differ, but the basic configuration principles suggested in this article apply to them as well.</p>
    </div>
  </div>
</div>



## Configuration Overview {#configuration-overview}

While all of these configuration steps are optional, we recommend performing the following in your QMS Vault to make it ready for pFMEA risk assessments:

  * [Configure pFMEA objects][1], including page layouts and field options. Note that careful application of reference constraints and field defaulting can ensure a simple experience for users filling out FMEAs. For example, by inheriting the _Risk Matrix_ selected for the assessment into every _Risk Event_. This kind of configuration consideration can ensure consistent scoring between events of a _pFMEA Risk Assessment_.
  * [Configure pFMEA object lifecycles][2] and workflows to suit your processes.
  * [Configure][3] the _Copy FMEA Risk Assessment_ record action.
  * [Configure][5] the _Rebalance Risk Matrix_ record action, if necessary.
  * Create [_Template Risk_][4] records.
  * <a href="/en/gr/54508/">Configure Quality Teams</a> for the _Risk Assessment_, _Assessment Risk_, and _Mitigation Action Set_ objects.
  * Optional: [Configure][6] the _Probability of Hazardous Situation (P1)_, _Probability of Harm (P2)_, _Occurrence_, and _Assessment Risk_ objects for the Hazard - Harm identification process.

## Process FMEA Objects {#process-fmea-objects}

Each object involved in pFMEA risk assessments should be configured to more easily gather and display the needed information. See each object section below for configuration recommendations. We recommend that you configure the <a href="/en/gr/30986/">system-managed object record names</a> option to suit your processes for the following objects: _FMEA Process Steps_, _FMEA Mitigation Action Set_, _Risk Assessment_, and _Assessment Risk_ objects.

### About the Business Process Object {#about-the-business-process-object}

This object identifies which process the pFMEA risk assessment assesses. Optionally, you may add a <a href="/en/gr/23516/">custom tab</a> to the Vault for the _Business Process_ object to allow users easier access.

### Configuring the Risk Assessment (pFMEA) Object {#configuring-the-fmea-risk-assessment-object}

Add a <a href="/en/gr/23516/">custom tab</a> to the Vault for the _Risk Assessment (pFMEA)_ object to allow users easier access.

Make the following general adjustments to the _Risk Assessment (pFMEA)_ object type page layout:

  * Place the _Workflow Timeline_ section at the top of the page.
  * Remove unnecessary fields from the _Details_ section, leaving enough information to identify and begin your assessment for a process, such as: _Name_, _FMEA Risk Assessment Type_, _Business Process_, _Process Flow Document_, _Description_, _Assessment Scoring Matrix_, _Original FMEA Risk Assessment_, and _Lifecycle_.

Add _FMEA Process Steps_ as a related object section to the page layout of the _Risk Assessment (pFMEA)_ object type:

  * Place as the next section under _Details_, as this must be completed before beginning any risk event identification.
  * Select the _Create record in pop-up dialog_ option.
  * Select _Show in default lists and hovercards_ for the _Step Order_ field so that Vault displays the order when selecting a _Process Step_ while creating an _Assessment Risk_ record.

Add the special _Assessment Risks_ application control section to the page layout of _Risk Assessment_ (_pFMEA_).

  - This section displays _FMEA Risk Events_ and field data as set up in the _FMEA Risk Event_'s list layout.
  - The section allows users access to the <a href="/en/gr/54469201/">Risk Builder tool</a> for easy data input.
  - The edit dialog for this section allows you to change the default column order displayed to users in the Risk Builder tool. Select **Allow users to override columns** to allow users access to the **Edit Columns** action.

We recommend the following field configurations:

  * _Business Process_: Check _Allow create new reference record for reference fields_, so that authorized users may create new _Business Process_ records as needed. In your configuration, per your organization's policies, this right may be restricted to most users.
  * _Original FMEA Risk Assessment_: This field displays the source assessment upon using the [**Copy FMEA Risk Assessment**][3] action. Set this, and all similar fields on the _Risk Assessment (pFMEA)_, _Assessment Risk_, and _FMEA Mitigation Action Set_ objects to read-only; they should only be set by Vault as part of the copy operation.

### Configuring the Assessment Risk Object {#configuring-the-fmea-risk-event-object}

The Assessment Risk object page layout should contain several sections to support your process:

  * A standard _Details_ section, including fields such as: _Name_, _Parent Risk Assessment_, _Original Assessment Risk_, _Lifecycle State_, _Scoring Matrix_, and _Process Step_.
  * A _Details_ section labeled _Risk Identification,_ including fields such as: _FMEA Failure Mode_, _FMEA Failure Effect_, _FMEA Failure Cause_, and _FMEA Failure Controls_.
  * A related object section for _FMEA Risk Category_ to report or trend on risk events across one or multiple assessments in your organization.
  * A _Details_ section labeled _Initial RPN,_ including the following fields: _Initial Severity_, _Initial Occurrence_, _Initial Detectability_, _Initial RPN (Qualitative)_, _Initial RPN (Quantitative)_, and _Initial RPN_.
  * A _Details_ section labeled _Risk Response,_ including fields such as: _Risk Response_ and _Mitigation Action Set_.
  * A _Details_ section labeled _Final/Post-Mitigation Action RPN,_ including fields such as: _Final Severity_, _Final Occurrence_, _Final Detectability_, _Final RPN (Qualitative)_, _Final RPN (Quantitative)_, and _Final RPN_.

In addition, we recommend using the following options for the _Assessment Risk_ object:

  * Select the _Allow create new reference record_ on the _Mitigation Action Set_ object reference field.
  * Configure <a href="/en/gr/51632/">Layout Rules</a> where section visibility is based on lifecycle state. For example, the _Final/Post-Mitigation Action RPN_ section should not be visible until after the user has performed the associated mitigation action. You may similarly wish to hide the _Initial RPN_ and _Final RPN_ fields until the related _Severity_, _Occurrence,_ and _Detectability_ fields are populated to help guide users.
  * Configure the <a href="/en/gr/30986/">system-managed object record names</a> option to suit your processes for the _Assessment Risk_ object.
  * Ensure that the _Final RPN_ field calculation formula includes an appropriate calculation for _Severity_, _Occurrence_, and _Detectability_.
  * Configure the <a href="/en/gr/15057/#order-fields">List Layout field column order</a> to best fit your organization's processes. Vault displays the columns in this order in the <a href="/en/gr/54469201/">Risk Builder tool</a>. In order to display the _Assessment Risk Mitigations_ column in the Risk Builder, the _Assessment Risk Mitigation Action_ object must be in an _Active_ status in your Vault.

### Configuring the FMEA Mitigation Action Set Object {#configuring-the-fmea-mitigation-action-set-object}

Remove non-pertinent fields from the page layout _Details_ section for the _FMEA Mitigation Action Set_ object, and add a related object section for _Derived FMEA Mitigation Action Sets_.

## Configuring Process FMEA Object Lifecycles {#about-process-fmea-object-lifecycles}

While lifecycle and workflow setup for process FMEA risk assessments will vary widely from organization to organization, we recommend including the below configuration steps for ease of use, as well as configuring <a href="/en/gr/52053/">lifecycle stages</a> for these lifecycles to help users more easily track the progress of the pFMEA risk assessment.

### FMEA Risk Assessment Lifecycle & Workflow {#fmea-risk-assessment-lifecycle-and-workflow}

The _FMEA Risk Assessment Lifecycle_ comes with standard lifecycle states pre-configured. It is up to your organization to choose to leverage these states or define your own. A pFMEA risk assessment using these pre-configured states may use the _Draft_ state for any activities prior to the start of the assessment, change to the _In Progress_ state while adding _Assessment Risks_, responses, and analyses, and finally moving into the _In Approval_ and _Approved_ states as the assessment is reviewed and signed.

Configure workflows according to your process to move _Risk Assessment_ records through the _FMEA Risk Assessment Lifecycle_. Configure the _FMEA Risk Assessment Lifecycle_ and workflow steps that first prompt for _FMEA Process Steps_, and then only in a subsequent lifecycle state allows for the identification/addition of Assessment Risks.

Add the **Create Risks from Template** user action to the _Risk Assessment_ object lifecycle to allow users to automate creation of _Assessment Risks_ based on data in a pre-configured template.

Add the **Push Risks to Register** user action to the _Risk Assessment_ object lifecycle to allow users to automate population of a _Risk Register_ record with _Risks_ derived from the data in the _Risk Assessment_. Vault will automatically transfer data in fields which have identical names and field types from the _Assessment Risks_ to the newly created _Risk_ records.

### Assessment Risk Lifecycle {#fmea-risk-event-lifecycle}

The _Assessment Risk Lifecycle_ comes pre-configured with several states used in a typical pFMEA process, to guide your configuration. It is up to your organization to choose to leverage these states or define your own. The intent of each state is:

  * _Risk Identification_: Used to capture key information about the risk prior to initial scoring.
  * _Risk Analysis_: Used to perform actions needed to arrive at a root cause for the risk.
  * _Risk Evaluation_: Used to capture the _Initial RPN_ scoring for the risk.
  * _Risk Treatment_: Used to capture the disposition and treatment plan for the risk based on initial scoring. _Mitigation Action Set_ operations may take place in this state.
  * _Residual Risk_: Used to capture the _Final RPN_ scoring for the risk.
  * _Approved_: Might be considered as 'accepted', this is the final state of the risk, indicating that the risk is acknowledged, scored, and mitigated to your organization's satisfaction.

## Copy FMEA Risk Assessment Action {#copy-fmea-risk-assessment-action}

Configure the **Copy FMEA Risk Assessment** record action to the _Risk Assessment (pFMEA)_ object and to the appropriate terminal _FMEA Risk Assessment Lifecycle_ states.

## Rebalance Risk Matrix Action {#rebalance-risk-matrix-action}

Organizations using QRM prior to 22R2 may have _Risk Assessments_ that do not populate _Initial_ and _Residual Risk Scores_ fields from the associated _Risk Matrix_. Additionally, _Assessments_ created before the 23R3 release do not populate _Criticality Scores_ and _Levels_ defined in the _Risk Matrix_. Risk assessment heatmaps rely on these field values.

To address this issue and allow users to populate these values with an automated job, add the _Rebalance Risk Matrix_ <a href="/en/gr/43127/">record action</a> to the _Risk Matrix_ object and <a href="/en/gr/59885/">add it as a user action</a> in the _Risk Matrix_ lifecycle in an appropriate state.

## Template Risks {#template-risks}

A _Template Risk_ is an object record which can be used as the source of data for automating _Assessment Risk_ record creation with the **Create Risks from Template** action. By default, a template stores the following fields for transfer to the new risk:

*   _FMEA Failure Cause_ (`failure_cause__v`)
*   _FMEA Failure Controls_ (`failure_controls__v`)
*   _FMEA Failure Effect_ (`failure_effect__v`)
*   _FMEA Failure Mode_ (`failure_mode__v`)
*   _Process Step_ (`template_process_step__v`)
*   _Risk Matrix_ (`risk_matrix__v`)

Your processes may require additional fields. Vault will automatically transfer data in fields which have identical names and field types from the _Template Risk_ to the new _Assessment Risk_. Create _Template Risk_ records as needed to support your processes.

## Configuring Probability Support for Hazard & Harm Risk Analysis {#probability-support}

Vault stores the records of the risk matrices you create and categorizes them by _Severity_, _Occurrence_, _Detectability_, and _Risk Level_. Vault also supports categorizing risk by _Probability of Hazardous Situation (P1)_ and _Probability of Harm (P2)_.

To configure this functionality:

1. Configure the _Probability of Hazardous Situation (P1)_ and _Probability of Harm (P2)_ objects.
2. Ensure that the _P1_ and _P2_ values are available on the _Dimensions_ picklist on the _Risk Matrix_ object.
3. Ensure that the _Maximum Probability Threshold Value_ field is enabled on the _Occurrence_ object to define the conversion between _Probability of Hazardous Situation (P1)_ and _Probability of Harm (P2)_ records and the _Occurrence_ score. <a href="/en/gr/54469201/">Risk Builder</a> will automatically compute and populate the _Occurrence_ score based on the selected _P1_ and _P2_ values and the threshold value.
4. Ensure that the following fields are enabled on the _Assessment Risk_ object:
   1. _Initial Probability of Hazardous Situation_
   2. _Residual Probability of Hazardous Situation_
   3. _Initial Probability of Harm_
   4. _Residual Probability of Harm_

 [1]: #process-fmea-objects
 [2]: #about-process-fmea-object-lifecycles
 [3]: #copy-fmea-risk-assessment-action
 [4]: #template-risks
 [5]: #rebalance-risk-matrix-action
 [6]: #probability-support