The words “risk” or “risks” have been sprinkled throughout the 2015 revision of ISO 9001, the quality management system standard from the International Organization for Standardization (ISO).
Although some “requirements” will be easy to satisfy using well-established process monitoring or capability techniques, other references to risk are so vaguely stated they’re open to myriad interpretations and may become meaningless. Having read and reread the current references to risk throughout several paragraphs, I wonder if it would not have been better to address risk in one paragraph at the beginning of the standard. I have copied and pasted most of the current references to risk and included brief comments.
ISO 9001:2015 subclause 4.4.2—Process approach
“The organization shall:
d) determine the risks to conformity of goods and services and customer satisfaction if unintended outputs are delivered or process interaction is ineffective;”
…
Comments
A Risk Horror Picture Show?
Reviewing my comments on CERM e-magazine, I cannot but underline my agreement with Mr. Lamprecht's analysis: there is a basic weakness in risk assessment, prediction and prevention, and that is extreme subjectivity. While with quality we all were more or less well off, having to work according to product drawings or specifications, risk is instead an extremely volatile matter. Just writing these few lines, I'm doing my best to stay on the specified topic road, but I still run the risk that somebody reading them will disagree. We are undergoing an abrupt change from strict, monolithical management systems to all too flexible ones: that's a real risk.
Add new comment