FMEA — Failure Mode and Effects Analysis

How FMEA actually works (and why it often doesn’t)
DFMEA vs PFMEA (why timing matters)

FMEA is not one thing — it depends on when you do it.

DFMEA (Design FMEA) happens early, when:
• the product is still being designed
• drawings can change
• materials, tolerances, and functions are still negotiable

DFMEA asks:
• What can fail in the design itself?
• What happens if this feature doesn’t work as intended?
• What assumptions are we making that could bite us later?

This is where FMEA has the highest leverage.
Fixes are cheap. Changes are possible.

PFMEA (Process FMEA) happens later, when:
• the product is already defined
• the design is “frozen”
• production has to make it work

PFMEA asks:
• Where can the process fail while building this?
• Where are we relying on people, setup, or tribal knowledge?
• What happens when reality hits the line?

PFMEA doesn’t fix bad design.
It tries to survive it.

That’s why many people (like you) mostly experience PFMEA — and why it often feels reactive.

What an FMEA actually looks at (step by step)

A real FMEA is not “brainstorming risks”.
It’s a structured way to walk through how things are supposed to work — and imagine how they won’t.

A typical FMEA flow:

1. Define the scope
• Design function (DFMEA) or
• Process step (PFMEA)

2. Describe the intended function
• What is this step / feature supposed to do?
• Under what conditions?

3. Identify failure modes
• How could this fail?
• Not why yet — just how

4. Identify effects
• What happens if it fails?
• To the customer, the next process, safety, compliance?

5. Identify causes
• Why would this failure happen?
• Wear, variation, human factors, assumptions, environment?

6. List current controls
• How do we prevent this?
• How do we detect it if prevention fails?

7. Evaluate risk
• Severity (how bad)
• Occurrence (how often)
• Detection (how likely we catch it)

8. Decide actions
• Improve design?
• Improve process?
• Add controls?
• Accept the risk?

That’s it.
No magic — just uncomfortable honesty.

A simple PFMEA example (real-world)

• Process step: Manual assembly of a critical bolt
• Failure mode: Bolt not torqued correctly
• Effect: Component loosens in use → failure in field
• Cause: Operator forgets step / tool out of calibration
• Current controls: Visual check
• Severity: High
• Occurrence: Medium
• Detection: Low

A paper FMEA stops here.

A useful FMEA asks:

• Why is this manual?
• Why is detection visual?
• What happens under time pressure?

That discussion might lead to:

• torque-controlled tool
• poka-yoke
• error-proofed sequence
• training update
• Control Plan update

What FMEA is supposed to lead to
A finished FMEA is not the goal.

A good FMEA feeds directly into:

• Control Plans (what we actually monitor and how)
• Work instructions
• Process changes
• Design changes (if done early enough)
• Training and audit focus

If your FMEA doesn’t change:

• how work is done
• how risk is controlled
• or what gets checked

…it didn’t do its job.

What is RPN (Risk Priority Number)?
RPN is a simple way to rank risks inside an FMEA.

It’s calculated by multiplying three factors:

• Severity – how bad the failure would be
• Occurrence – how likely it is to happen
• Detection – how likely you are to catch it before it causes harm

RPN = Severity × Occurrence × Detection

The idea is not to predict the future —
it’s to compare risks against each other and decide where attention should go first.

Used correctly, RPN helps teams focus.
Used blindly, it replaces judgment with math.

useful, dangerous, overrated

RPN exists to compare, not decide.

Classic mistakes:

• chasing high RPN while ignoring high severity
• averaging scores to look “acceptable”
• changing numbers instead of fixing problems

Low RPN does not mean safe.
High RPN does not mean urgent.

Judgment still matters — which is why FMEA fails in low-trust cultures.

Why FMEA usually fails in practice
Not because people don’t understand the method.

But because:

• it’s done too late (after design freeze)
• the wrong people are in the room
• risks are politically inconvenient
• actions have no owner
• the document exists to satisfy an audit, not reality

In those cases, the FMEA becomes:

proof that no one expected the failure

Which is exactly what reality ignores.

Many FMEAs look correct on paper and still fail in reality.

This book focuses on what separates FMEAs that exist from FMEAs that actually reduce risk.Effective FMEAs: Achieving Safe, Reliable, and Economical Products and Processes using Failure Mode and Effects AnalysisOutlines the correct procedures for doing FMEAs and how to successfully apply them in design, development, manufacturing, and service applicationsRecommended (affiliate)

When FMEA actually works
FMEA is powerful when:

• it’s done early (especially DFMEA)
• cross-functional voices are present
• uncomfortable scenarios are allowed
• trade-offs are acknowledged
• actions are followed up

At that point, it stops being a spreadsheet —
and becomes a shared understanding of fragility.

The uncomfortable truth
FMEA doesn’t prevent failure.
It exposes which failures you’re choosing to live with.

That’s why organizations either:

• take it seriously
• or neuter it quietly

There’s very little middle ground.

Want to go beyond understanding FMEA — and actually execute it well?

This is one of the few books that focuses on doing FMEA in real organizations, not just explaining the theory.Failure Mode and Effect Analysis: FMEA From Theory to ExecutionThis is one of the most comprehensive guides to FMEA and is excellent for professionals with any level of understanding.!Recommended (affiliate)