ISO 9001:2015Risk-basedthinking
1
To explain the concept of risk-based thinking in ISO 9001:2015
Purpose ofthis presentation
2
This presentation
Developed by the ISO subcommittee responsible for ISO 9001Available for unrestricted public use
3
Whatisrisk-based thinking?
Risk-based thinking is something we all do automatically and often sub-consciously to get the best resultThe concept of risk has always been implicit in ISO 9001 – this edition makes it more explicit and buildsit into the whole managementsystemRisk-based thinking ensures risk is considered from the beginning and throughoutRisk-basedthinking makes preventive action part ofstrategic and operational planning
4
Where is risk addressed inISO 9001:2015?
5
Introduction - the concept of risk-based thinking is explainedClause4- organizationis required todetermine its QMS processesand address its risks and opportunitiesClause5 – top management is requiredtoPromoteawareness ofrisk-based thinkingDetermine and address risks and opportunities that can affect product /service conformityClause 6 - organization is required to identify risks and opportunities related to QMS performance and take appropriate actions to address them
6
Risk-based thinking is in:
Risk-based thinking is in:
Clause 7 – organization is required to determine and provide necessary resourcesClause 8 - organization is required to manage its operational processesClause 9 -organization is required to monitor, measure, analyse and evaluate the effectiveness of actions taken to address risks and opportunitiesClause 10 - organization is required to correct, prevent or reduce undesired effects and improve the QMS and update risks and opportunitiesNote, risk is implicit whenever suitable or appropriate is mentioned (clause 7 and 8)
7
Why use risk-based thinking?
Successful organizations intuitively applyrisk-basedthinking because it brings benefits that:improve governanceestablisha proactive cultureofimprovementassist with complianceassureconsistency of quality ofproductsandservicesimprove customer confidence and satisfaction
8
How do I do it?
Identifywhat your risks are – it depends on contextUse risk-based thinking to prioritize the way you manage your processesISO9001:2015 does not requireformalriskmanagementISO31000Riskmanagement — Principlesand guidelinesmay be a useful reference for organizations that want or need a more formal approach to risk (but its use is not obligatory)
9
How do I do it?
Balance risks and opportunitiesAnalyseand prioritizeyour riskswhatis acceptable?whatis unacceptable?Plan actions to address the riskshow can I avoid, eliminate or mitigate risks?Implement the plan;take actionCheck the effectiveness of the action;does it work?Learn from experience;improve
10
Conclusions
Risk-based thinking:is not newis something you probably do alreadyis ongoingensures greater knowledge of risks and improves preparednessincreases the probability of reaching objectivesreduces the probability of negative resultsmakes prevention a habit
11
0
Embed
Upload