ISACA COBIT 5 – Measure (BOK V) Part 16

  • By
  • January 27, 2023
0 Comment

52. Process performance vs. specification (BOK V.F.6)

In this section we will be talking about process performance matrix. What are the metrics which can help us in finding out how our process or a set of processes are doing? That’s where we need process process performance Matrix the simplest example of that is percent defective. So if you are producing something, how many percent of the product which you are producing are defective? That’s the easiest one. We will talk about that on the next slide. And then we have few other metrics like Ppm parts per million, DPMO defects per million opportunities, DPU defects per unit and rolled through yield or RT y. Let’s look at these one by one on next few slides starting with percent defectives. So as we talked earlier, the first metric is percent defectives. How many percent of pieces which you are producing are defectives? And remember that that each piece which is defective might have more than one defect. It can have one defect or more than one defect.

So let’s say if you are talking about a weld, if you do a welding each weld might have one defect which will make that joint defective or this can have multiple defects in the same weld. So here we are looking at the pieces, not the defects. So how many pieces are defective? So when we say 2% defective, that means two pieces per 100 pieces are defective. And the next matrix is parts per million. So earlier we said percent defective, percent defectives were part per 100. So when we said 2% defective then there were two pieces per 100 pieces which were defective.

Now instead of 100 pieces, if we are looking at per million pieces, that will give us parts per million. So 2% if I have to convert two parts per million, this will be two pieces per 100 will be equal to 0. 22 divided by 100. And if I multiply that by 1 million, this gives me 20,000 Ppm parts per million. And this is same as this is similar to 2% defective. And here also we are talking of pieces, not the number of defects, pieces only. So earlier when we talked about percent defectives and parts per million we were talking about the pieces, how many pieces are defective. But as we earlier said that each piece might have more than one defect. So that’s where you need to understand the difference between defect and defective. So if you have one piece which has let’s say three defects.

So if you have a one weld, you have one pipe, you have another pipe and you do the welding here. And if this welding is defective so this will be one defective. But one defective might have three defects. A defect here, a defect here and defect here. So this might have three defects. And this is the difference which you need to understand between defect and defective. Now coming to defect opportunities, how many ways you can have defects on a product? Let’s say if you are doing a welding, then that welding can have crack, can have porosity, can have undercut or many other things. You need to define that what is the thing which will cause the failure or which will cause the client dissatisfaction or which will cause not to meet code requirement.

All these things are defect opportunities. So if you take a water bottle, a water bottle might have a crack, a water bottle might have a scratch, a water bottle might be underfilled. All these are opportunities which can happen on a water bottle. So let’s say on a water bottle, let’s say there are three possible ways things can go wrong or there are three opportunities for defect on a water bottle. So that’s what it says here. Defect opportunities are circumstances in which critical to quality can fail to meet the customer requirement and as things become complex, these opportunities increase. So when we took an example of water bottle, water bottle might have three opportunities for failure. But let’s say once you are talking of a missile launch that might have thousands and thousands of opportunities where things can go wrong.

So if the unit is complex, this will have more defect opportunities. If a thing is simple that will have less number of defect opportunities. So let’s take an example where we have a unit which has five parts and each part there are three defect opportunities. Then the defect opportunities for the whole unit which is consisting of five parts is five multiplied by three, which is 15 opportunities are there in the unit. 15 defect opportunities are there in the unit. So that’s defect opportunities. So earlier we talked about defect opportunities. Defect opportunities were hypothetical how many possible defects are there? Those were defect opportunities but there would be actual defects as well. So let’s take the same example when there were 15 defect opportunities and if I take ten of those units and each unit had five parts, each part had three opportunities. So based on five parts and three opportunities, we came to this 15 defect opportunities in each unit.

And if I take ten of these units and those have actually two defects in that and these defects are actual defects, these are not opportunities, then defects per opportunity DPO will be two defects divided by how many opportunities are there. So if you divide that, this gives us zero point 13 three. So earlier on the previous slide we calculated DPO defects per opportunity and which was 0. 133. This was one which we calculated if I multiply this DPO with 1 million and that’s what I have done here, this gives me DPMO defects per million opportunities. And in the previous example, if I multiply by 1 million, this gives me 13,333 defects per million opportunities. So that’s what it says DPO multiply by 1 million. And that’s the example, old example we took, this gave us 13,333 DPMO. There is a direct relationship between DPMO and the sigma level when we say six sigma, six sigma performance is equal to 3. 4 DPMO defects per million opportunities. So that’s a six sigma.

So for any DPMO defects per million opportunities you can find an equivalent sigma level. So for 13,333 the equivalent sigma level is 3. 7 sigma and these values are with a long term shift of 1. 5 sigma. Long term shift. Another metric which you can use for seeing whether your process is behaving right or wrong is defects per unit. Earlier, if you remember we talked about percent defectives, how many pieces are defective, 2% pieces are defective. Here we are looking at defects per unit and this is represented by number of defects and divided by number of units. So here we are looking at number of defects, not the units, not the number of defectives. So that’s the difference between what we talked earlier and defects per unit. So if you have 3000 welds which were observed and you found ten cracks, 15 porosity and five undercuts, probably these might have happened on just let’s say 20 joints.

On 20 weld joints you might have these because each defective could have more than one defect also. But now, here we are looking at number of defects. So number of defects, total number of defects divided by total number of units that gives you defects per unit. And coming to the next one which is rolled through yield. To understand this road through yield, let’s understand a process. So we have a process here and in this process p units enter in this process and this unit produces D number of defectives. If this produces D number of defectives, then that means it produces p minus D number of good pieces. So what is the yield of this process? So let’s say this is process number one. So yield one, which is the yield for the process one will be equal to whatever good units this is producing p minus D divided by p. Let’s understand with a simple example. Let’s say p is here is 100. So 100 units enter into this process and it produces one defective. That means it produces 99 good pieces. So yield will be 99 divided by 100 is equal to zero point 99.

So that means yield here is 99%. Once you have a chain of processes, let’s say you have a process one, you have a process two and you have a process three. Each process has a specific yield. So let’s say yield for the process one is y one, yield for the process two is y two and y three is for process number three. So if you need to find out the role through yield, roll through yield is the total yield of the whole chain of processes that will be rty is equal to multiplication of all these yields. So y one multiplied by y two multiplied by y three. And this is what we have done here. If y one is zero 99 y two is zero 95 y three is zero point 98. You multiply everything. Then the rolled through yield will be zero point 92. So what does this mean is if you put 100 pieces here, you are expecting 92 pieces good and eight pieces bad? That’s approximately so that’s rolled through yield.

53. Short-term and long-term capability (BOK V.F.7)

So let’s talk about short term and long term capabilities here. So your process could be in control in short term, but then as time moves, the process might be drifting. So let’s take an example here. This is your center line and you would see that your process is something like this, which is centered around the target line. But as time passes, you might see that your process starts drifting up. Maybe with more time goes up, with more time it goes up. So what you do here in this case is when you are calculating CP and CPK, these are for the short term. This is what you look at that and that is the reason we were looking at sigma within you were just looking at sigma within this set of data, this set of 2030 pieces.

But once you are looking at the long term and the long term has some sort of a random variation, also something which is out of control also here, that things are making it move towards upside, that’s a long term effect, long term capability. You need to allow for some drift, some variation, and that’s what we are doing here. So in long term you use PP and PPK and here you take sigma overall. Sigma overall means the overall sigma of the total things. And this has some sort of an inbuilt drift or inbuilt assignable cause as well as the tool wears out, there could be a shift in the mean. So that’s what gets included in PP and PPK. And that leads to sigma overall. In CP. And CPK we are looking at the short term thing. We are looking at standard division within that group. And for PP and PPK we are looking at longterm overall standard deviation. So this completes our discussion on process capability.

* The most recent comment are at the top

Interesting posts

CompTIA CYSA+ CS0-002 – Enumeration Tools Part 1

1. Enumeration Tools (OBJ 1.4) Enumeration tools. In this lesson, we’re going to talk about some of the enumeration tools that we’re going to experience as we’re trying to enumerate our networks. Now, what exactly is enumeration? Well, enumeration is the process to identify and scan network ranges and hosts that belong to the target… Read More »

CompTIA CYSA+ CS0-002 – Vulnerability Scanning Part 3

6. Scheduling and Constraints (OBJ 1.3) Scheduling and constraints. In this lesson, we’re going to talk about scheduling and constraints. So the first question I have for you is, how often should you scan? Well, this is going to be determined based on your internal risk management decisions of your organization. If you have a… Read More »

CompTIA CYSA+ CS0-002 – Vulnerability Scanning Part 2

4. Scanner Types (OBJ 1.3) Scanner types. In this lesson, we’re going to talk about the different ways you can configure your scanner. Now, different scanners have different capabilities. Some are going to be passive, some are going to be active, and some are going to be active with particular configurations that we’re going to… Read More »

CompTIA CYSA+ CS0-002 – Vulnerability Scanning Part 1

1. Identifying Vulnerabilities (OBJ 1.3) Identifying vulnerabilities. In this lesson, we’re going to talk about the importance of identifying vulnerabilities. And the way we do this is through a vulnerability assessment. Now, it is really important to identify vulnerabilities so that you can then mitigate those vulnerabilities. Remember, every vulnerability in your system represents a… Read More »

CompTIA CYSA+ CS0-002 – Mitigating Vulnerabilities Part 2

4. Hardening and Patching (OBJ 1.3) Hardening and patching. In this lesson we’re going to talk about two key terms. And I know I’ve used these words before, but we’ve never really defined them. These are hardening and patching. Now, when I talk about system hardening, this is the process by which a host or… Read More »

CompTIA CYSA+ CS0-002 – Mitigating Vulnerabilities Part 1

1. Mitigating Vulnerabilities (Introduction) In this section of the course, we’re going to cover how to analyze output from vulnerability scanners. We’re going to stay in domain one in this section of the course, but we are going to cover multiple objectives this time, including objective 1213 and one four. Now, objective one two states… Read More »