A Risk Management Primer

Getting started with risk in ISO 9001:2015

Wed, 09/23/2015 - 15:42

Sponsored Content

We’ve all heard it before: Change is the only constant. This isn’t just cliché but a truth that all companies will come to recognize. Change is the driving force behind improvement. And all of the changes that take place within an organization, whether to products, processes, or regulations, aren’t isolated. Each has an impact on the other.

ADVERTISEMENT

When combined, these factors result in a complex process—a delicate balance that must be handled carefully and deliberately to bring about a successful process. An organization also must ensure that quality and compliance are met when rolling out new products and processes. This, combined with the rapid pace of product life cycles, means that you must move at warp speed to keep up.

That’s where automated risk management tools come in to streamline the process.

A high-level look at risk management

The risk management process starts with identifying risk. You must look at your business operations and determine hazards and the risk that those hazards will occur. A risk team is critical in identifying these risks throughout an organization.

 …

Want to continue?
Log in or create a FREE account.
By logging in you agree to receive communication from Quality Digest. Privacy Policy.

Comments

Submitted by ChrisParis on Sun, 10/25/2015 - 16:51

ISO 9001:2015 -- as well as TC 176 -- have specifically tried to tell people that risk-based thinking does not require "risk management." The standard, from Appendix A.4 is explicit on this point:

"Although 6.1 specifies that the organization shall plan actions to address risks, there is no requirement for formal methods for risk management or a documented risk management process. Organizations can decide whether or not to develop a more extensive risk management methodology than is required by this International Standard, e.g. through the application of other guidance or standards."

I'm not sure how these articles keep getting published, while those pointing out the facts of risk-based thinking can't get a whisper. Companies will spend tens of thousands of dollars implementing wasteful, costly and time-sucking risk management programs to comply with ISO 9001, which clearly says they didn't need to do a bit of it.

Add new comment