By Candy Benson, Total Quality Manager, Campus Computing
In spring 2010, a team was created within the Division of IT and given the following charge:
Meet regularly to review key defects IT has dealt with during the previous weeks, identify the root cause of the top key defects and determine what actions should be taken to prevent future occurrences.
What was the overall goal? Become PROACTIVE in addressing the top defects in an effort to reduce the overall number of incidents.
So what is root cause analysis? It is the fundamental breakdown or failure of a process which, when identified, resolved and corrected via a tested work-around or overall solution, prevents the recurrence of the problem. In some cases this can be quite a challenge as all problems can tell a story. You just have to be patient and keep asking the following questions until you find the “rest of the story”:
1. What is the problem?
2. Why did it happen? (Keep asking this question until you find the failure in the process.)
3. What will be done to resolve the main cause?
Whether we realize it or not, we use root cause analysis in our daily lives. For example, you leave for work and notice an oil stain underneath your vehicle. The oil was changed yesterday so you figure it is the little bit of oil spilled on the engine when the filter was changed. You back up the vehicle, clean up the oil stain and proceed to work. The next day you notice the stain again, but now it is bigger … time to take a closer look into the problem. Upon further investigation you determine the technician did not tighten down the oil filter. Now you have identified the root cause and proceed to take appropriate steps by addressing the cause instead of “applying a band-aid” (cleaning up the stain). If you had continued to ignore the problem the outcome would have been catastrophic.
The IT Root Cause Team has been in existence for almost a year. Have they been successful in their attempt to identify key defects? Yes! One of the biggest accomplishments of the team was the identification and realization of the number of computer malware infection (malicious software, virus and spyware) incidents logged by the different frontline units. The team asked the following questions:
- How were the computers infected?
- Why were we cleaning up a computer one day only to see it re-infected days later?
- Why were the antivirus programs not blocking the malware programs?
Unfortunately, websites have infected advertisements in addition to pop-ups that spread the pesky malware. With this information in hand the Root Cause Team presented its findings, along with a proposal, to the IT Leadership Council (ITLC), which resulted in the purchase of the Blue Coat web filtering device. This device filters and blocks malware from incoming and outgoing campus web traffic. The addition of this device has resulted in a 75% decrease in computer malware infections! Less infections lead to happier clients and IT staff can now spend more time on other tasks.
Not all root cause findings and resolutions are as high profile as the web-filtering device or as technical in nature. Findings and resolution can be in the form of new or additional staff training, increase or modification in communication within IT and with clients, or in the creation of new or modified processes and policies.
In conclusion, root cause analysis is performed after the defect is discovered and is reactive in nature. However, root cause analysis produces information that can lead to forecasting future events, which results in being PROACTIVE!