The Cove Business Standards Discussion Forums More Free Files Forum Discussion Thread Post Attachments Listing Cove Discussion Forums Main Page
Risk Management Implementation for ISO 9001:2015
UL - Underwriters Laboratories - Health Sciences
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >
Forum Username

Elsmar Cove Forum Visitor Notice(s)

Wooden Line

Risk Management Implementation for ISO 9001:2015 - Page 3


Elsmar XML RSS Feed
Elsmar Cove Forum RSS Feed

Monitor the Elsmar Forum
Sponsor Links




Courtesy Quick Links


Links Elsmar Cove visitors will find useful in the quest for knowledge and support:

Jennifer Kirley's
Conway Business Services


Howard's
International Quality Services


Marcelo Antunes'
SQR Consulting, and
Medical Devices Expert Forum


Bob Doering
Bob Doering's Blogs and,
Correct SPC - Precision Machining


Ajit Basrur
Claritas Consulting, LLC



International Standards Bodies - World Wide Standards Bodies

ASQ - American Society for Quality

International Organization for Standardization - ISO Standards and Information

NIST's Engineering Statistics Handbook

IRCA - International Register of Certified Auditors

SAE - Society of Automotive Engineers

Quality Digest

IEST - Institute of Environmental Sciences and Technology


Some Related Topic Tags
iso 9001 - quality management systems, iso 9001:2015, organizational knowledge, risk management and analysis
Reply
 
Thread Tools Search this Thread Rate Thread Content Display Modes
  Post Number #17  
Old 13th May 2016, 03:36 PM
Zearl

 
 
Total Posts: 10
Re: Risk Management Implementation for ISO 9001 2015 Standards.

Quote:
In Reply to Parent Post by dsheaffe View Post

You will no doubt get vastly different opinions, but based on the discussions that I have had with our external auditor (and the feedback from an information session run by our CB on the draft version), they are not expecting that we implement a full Risk Assessment program based on ISO 31000 or FMEA.

Their only expectation is that we can demonstrate that we have considered/addressed risks. So this may be as simple as eg, showing that when implementing a new process (or changing an existing process) that have identified what risks are involved in the change and addressing those that we consider appropriate.

Of course different CB's may have different expectations so start the conversation with your auditor/CB to see what they are expecting.
My initial thoughts on demonstrating consideration of risks were to compare with the
environmental aspects list in ISO 14001. A similar approach could be used for risk in
QMS processes. Show the risks, rate the risks, show the controls. Re-evaluate periodically.
Any comments?
Thanks to Zearl for your informative Post and/or Attachment!

Sponsored Links
  Post Number #18  
Old 24th May 2016, 10:28 AM
chasf

 
 
Total Posts: 76
Re: Risk Management Implementation for ISO 9001:2015

In discussion with the auditor from our registrar we talked about risk management. He said what we used to call preventive action is very much the idea behind risk management and that it does not require the FMEA type approach. In one example he said that the documentation could be in the form of meeting notes. How to document this is where it will take some creative thinking.
Thank You to chasf for your informative Post and/or Attachment!
Sponsored Links

  Post Number #19  
Old 26th May 2016, 03:18 AM
in_cr_ove

 
 
Total Posts: 26
Re: Risk Management Implementation for ISO 9001:2015

Quote:
In Reply to Parent Post by SystemsQualityGuy View Post

The new ISO 9001 2015 standards place much emphasis on risk based thinking and risk management See below:

4.4.2 - Process approach
?The organization shall:
d) determine the risks to conformity of goods and services and customer satisfaction if unintended outputs are delivered or process interaction is ineffective;?

5.1.2 - Leadership and commitment with respect to the needs and expectations of customers
?Top management shall demonstrate leadership and commitment with respect to customer focus by ensuring that:
a) the risks which can affect conformity of goods and services and customer satisfaction are identified and addressed;

Right now I am concerned with operational changes my organization will have to implement be compliant with the new standards. From what I understand our company will essentially have to draft a Process Failure Modes and Effect Analysis for all of our processes.

We will have three years to get our organization up to date. I have never gone through an ISO revision process before. I am interested to find out from more experienced quality people what new types of procedures/policies will be necessary to meet the new risk management requirements. Any input would be a great help.
The standard does not suggest to use a specific Risk management method, in the spirit of providing more flexibility to an organisation.
Logically the following choices exist:
1. analyse risk on case to case basis
since we are talking about standardised work processes, this choice goes against the basic tenets of the standard
2. devise your own method
will need expertise in-house and will need validation before being put to use
3. use a proven method like FMEA
common sense dictates this to be a good choice.
FMEA has evolved to address risks in all type of business processes. It not only identifies the risk, it analyses, prioritises, helps find the right action & check effectiveness of action.
FMEA is a proven method & it offers flexibility for customisation, thereby a good choice.
  Post Number #20  
Old 26th May 2016, 09:29 AM
Mike S.

 
 
Total Posts: 2,143
Re: Risk Management Implementation for ISO 9001:2015

Quote:
In Reply to Parent Post by in_cr_ove View Post

The standard does not suggest to use a specific Risk management method, in the spirit of providing more flexibility to an organisation.
Logically the following choices exist:
1. analyse risk on case to case basis
since we are talking about standardised work processes, this choice goes against the basic tenets of the standard
2. devise your own method
will need expertise in-house and will need validation before being put to use
3. use a proven method like FMEA
common sense dictates this to be a good choice.
FMEA has evolved to address risks in all type of business processes. It not only identifies the risk, it analyses, prioritises, helps find the right action & check effectiveness of action.
FMEA is a proven method & it offers flexibility for customisation, thereby a good choice.
I respectfully disagree.

FMEA is a great tool in some cases, in other cases it is like using a sledgehammer when a claw hammer, or a screwdriver, is the better tool for the job.

Case-by-case risk analysis does not go against the basic tenants of the standard. As the IAQG says, risk-based thinking is not always a formal analysis, sometimes it is “something that we all do automatically and often sub-consciously” and “continuously”. Those words are certainly not describing FMEA or other formal risk analysis methods.

JMO.
Thank You to Mike S. for your informative Post and/or Attachment!
  Post Number #21  
Old 26th May 2016, 10:11 AM
dsanabria

 
 
Total Posts: 1,175
Re: Risk Management Implementation for ISO 9001:2015

Quote:
In Reply to Parent Post by SystemsQualityGuy View Post

The new ISO 9001 2015 standards place much emphasis on risk based thinking and risk management See below:

4.4.2 - Process approach
?The organization shall:
d) determine the risks to conformity of goods and services and customer satisfaction if unintended outputs are delivered or process interaction is ineffective;?

5.1.2 - Leadership and commitment with respect to the needs and expectations of customers
?Top management shall demonstrate leadership and commitment with respect to customer focus by ensuring that:
a) the risks which can affect conformity of goods and services and customer satisfaction are identified and addressed;

Right now I am concerned with operational changes my organization will have to implement be compliant with the new standards. From what I understand our company will essentially have to draft a Process Failure Modes and Effect Analysis for all of our processes.

We will have three years to get our organization up to date. I have never gone through an ISO revision process before. I am interested to find out from more experienced quality people what new types of procedures/policies will be necessary to meet the new risk management requirements. Any input would be a great help.
Before you begin and create an empire of documents and beuricracy - FMEA is one out of many tools that you can use.

For additional information ofn this subject follow the link and incorporate what works for your processes and it is effective - use the KISS principle.

https://www.sae.org/servlets/registr...um=224&scmhs=1
.
Attached Files: 1. Scan for viruses before opening, 2. Please report any 'bad' files by Reporting this post, 3. Use at your Own Risk.
File Type: pdf 7.3.2_Risk_Management_Storyboard_Content_01_APR_2014.pdf (1.25 MB, 949 views)
Thank You to dsanabria for your informative Post and/or Attachment!
  Post Number #22  
Old 8th June 2016, 11:47 AM
Zearl

 
 
Total Posts: 10
Re: Risk Management Implementation for ISO 9001:2015

Agree.
In our current system, we have documented "turtle diagrams" which basically detail each process in our system....production, maintenance, purchasing, etc. We are
planning at this point to document risk assessment by simply tabulating Risk/Results/Controls for areas of concern. These areas of concern already, naturally, have controls to prevent unintended results, thus mitigating associated risks.

My opinion is this doesn't have to be a massive undertaking encompassing every risk
that can possibly be considered, since we just need to demonstrate we have considered risk.

For example, with respect to Raw Materials, one risk is Poor Quality Raw Material. Result, off-spec product, control, incoming inspection procedure requirements, etc.
With respect to production, one risk is off-specification product. Result, poor customer satisfaction/monetary losses. Control, final product analysis and inspection requirements.

At first I considered doing a risk assessment similar to environmental aspects in 14001, but on further reading of the standard and elsmar comments, I don't believe such a massive undertaking is warranted. I'll be checking with our auditor to see what
he/she expects.

What say you Elsmar?
Thanks to Zearl for your informative Post and/or Attachment!
  Post Number #23  
Old 8th June 2016, 12:10 PM
Sidney Vianna's Avatar
Sidney Vianna

 
 
Total Posts: 8,880
Re: Risk Management Implementation for ISO 9001:2015

Quote:
In Reply to Parent Post by Zearl View Post

I'll be checking with our auditor to see what he/she expects.
Be careful with designing and implementing a system based on "auditor's wishes" because they can be fickle and there is auditor rotation. Much wiser to implement something that is well thought out and make sense and is sustainable for the organization, instead of something that is a moving target, extrinsic to the company.

Quote:
In Reply to Parent Post by Zearl View Post

What say you Elsmar?
First thing I would say: there is NO REQUIREMENT in ISO 9001:2015 for Risk Management. Risk based thinking does not equate to formal risk management.

Risk based thinking is supposed to be a framework, a MINDSET to be deployed when confronted with decisions, challenges and dilemmas related to the organization's ability to deliver conforming product and enhancing customer satisfaction. I provided one example of solving a typical question along the lines of risk based thinking deployment in this thread.

Obviously, in more complex contexts (e.g. medical devices, aerospace, automotive, chemical sectors), formal (qualitative and quantitative) risk management processes and practices could be required.
Thank You to Sidney Vianna for your informative Post and/or Attachment!
  Post Number #24  
Old 8th June 2016, 12:29 PM
Zearl

 
 
Total Posts: 10
Re: Risk Management Implementation for ISO 9001:2015

Sidney,
Appreciate you comments and agree with the auditor statement. My intent is to explore what he/she has noted from talks with other auditors. But it is our system.

With regard to risk management, section 6.1 requires actions to address risks and opportunities. 6.1.2 states "the organization shall plan: a) actions to address these
risks and opportunities; b) how to: 1) integrate and implement the actions into its
QMS processes (4.4) and 2) evaluate the effectiveness of these actions."
So documenting risks associated with processes would seem to help accomplish 1) above. if we need to plan actions to address risk, isn't that managing risks? Not a
all out formal risk management matrix, but simply a means of documenting risks and actions which we have already considered in the first place.
Reply

Lower Navigation Bar
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >

Bookmarks



Visitors Currently Viewing this Thread: 1 (0 Registered Visitors (Members) and 1 Unregistered Guest Visitors)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Forum Search
Display Modes Rate Thread Content
Rate Thread Content:

Forum Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Emoticons are On
[IMG] code is On
HTML code is Off


Similar Discussion Threads
Discussion Thread Title Thread Starter Forum Replies Last Post or Poll Vote
Risk Management (and Risk Based Thinking) in ISO 9001:2015 aburaggi ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 28 9th July 2017 12:56 AM
Do we need a Risk Register for ISO 9001:2015 zoolieu ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11 5th March 2017 10:49 AM
Risk Management - Additional Process in ISO 9001:2015? QAMTY ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3 7th February 2017 08:58 PM
Risk Impact - Risk Assessment Sample/Method per ISO 9001:2015 QAMTY ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1 19th January 2017 07:45 AM
All the risk assessments - ISO 9001:2015 requirements Moncia ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5 14th September 2016 11:40 AM



The time now is 02:56 PM. All times are GMT -4.
Your time zone can be changed in your UserCP --> Options.


 
 
 


NOTE: This forum uses "Cookies"