This chapter presents the results of the application of the Failure Mode and Effects Analysis methodology, within the scope of the Organisational Risk Management Plan, in the Municipal Division of Contract Works and Concessions of Oliveira de Azeméis City Council of the metropolitan area of Porto located in the north of Portugal with an area of approximately 164 Km2 and a few more than 20,000 inhabitants. The application of this methodology establishes a bridge between risk management and the Plan for Prevention of Risks of Corruption and Related Infractions, describing the application of this methodology and referring how the levels of severity, occurrence and detection of a specific failure, which are essential in the implementation process. Once the application of this methodology is understood, an example of its implementation for the management of risk in the contract works service of the Municipality of Oliveira de Azeméis is also provided.
TopIntroduction
The public organisations are subject to strong pressures due to the need for a constant updating, the growing complexity inherent to the introduction of new procedures and technologies, and due to a greater involvement of citizens. These pressures may cause failures in the internal control system, exposing organisations to a high number of risks, such as corruption and related infractions, which are unexpected, inopportune, and which can also reach large proportions. Thus, organisations should identify and assess the risks which threaten their activity in order to implement control mechanisms to mitigate them, without hindering the accomplishment of objectives and the sustainability of the organisation (Pinho, 2014).
The Portuguese municipalities have been focused on identifying and validating risks associated with corruption and related infractions, and have been developing adequate control mechanisms to prevent them, through the creation of the PPRCRI, recommended by the Council for Prevention of Corruption, through recommendation Nº. 1/2009 of 1st July. The creation of the Plan for Prevention of Risks of Corruption and Related Infractions (PPRCRI) should take into account that risk management, associated with any organisational activity, is essential to ensure its success, considering that an ineffective risk analysis can lead to non-detected failures which may have a considerable impact on the organisational performance and outcomes. However, the above recommendation does not include any guiding methodology, and thus, this task is left up to the team responsible for the creation of the PPRCRI. Having identified this failure, the authors propose, in this work, to adopt the methodology Failure Mode and Effects Analysis (FMEA) for risk management while developing the plan.
The authors will apply this methodology specifically to the contract works service of Oliveira de Azeméis City Council, a council of the metropolitan area of Porto located in the north of Portugal with an area of approximately 164 Km2 and a few more than 20,000 inhabitants. This service is usually integrated in the Municipal Division of Contract Works and Concessions and exists in all the remaining Portuguese municipalities, transferring considerable amounts of funds and affecting many and varied local interests. In this study, the effects, the causes of occurrence, and the risk priority numbers (RPN) will be identified, taking into account the risk management standard of the Federation of European Risk Management Associations (FERMA), FMEA methodology (Pinho, 2014), and the guide suggested by the Portuguese court of auditors (see Appendix 1).
The European Risk Management Standard - FERMA provides guidelines to identify risk which is always associated with any public or private organisational activity. Considering that this risk results from events which can produce either positive artefacts (opportunities for continuous improvement) or negative artefacts (threats to the good performance of the organisation), the authors can assume that the organisational risk profile is made up of two components: a component with positive risk profile and another with negative risk profile (FERMA, 2002; Santos, 2009).
The risk management (RM) should systematically assess or predict all risks inherent to past, present or future organisational activities as well as include the organisational culture of the organisation through adequate procedures and good practices established by the management bodies. From the organisation strategic vision the RM should also identify the tactical and operational objectives, thus promoting the efficiency of the operations regarding all organisational levels. So that the RM effectively contributes to mitigate the risk it is essential to use adequate methodologies and/or techniques. FERMA (2002) suggests some tools which can be adopted by the organisations for this purpose, mainly: the analysis of threats; fault tree and FMEA.
The FMEA methodology was developed in 1949 by the US Department of defence with the aim to assess the impact of failure occurrence on their systems/equipment. However, from 1988 onwards, it started to be used in several enterprises such as Chrysler, Ford and General Motors, among many others, as part of their quality assessment programmes in different projects and processes (Matos & Milan, 2009).