The Cove Business Standards Discussion Forums More Free Files Forum Discussion Thread Post Attachments Listing Cove Discussion Forums Main Page
Risk Management Implementation for ISO 9001:2015
UL - Underwriters Laboratories - Health Sciences
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >
Forum Username

Elsmar Cove Forum Visitor Notice(s)

Wooden Line

Risk Management Implementation for ISO 9001:2015 - Page 6


Elsmar XML RSS Feed
Elsmar Cove Forum RSS Feed

Monitor the Elsmar Forum
Sponsor Links




Courtesy Quick Links


Links Elsmar Cove visitors will find useful in the quest for knowledge and support:

Jennifer Kirley's
Conway Business Services


Howard's
International Quality Services


Marcelo Antunes'
SQR Consulting, and
Medical Devices Expert Forum


Bob Doering
Bob Doering's Blogs and,
Correct SPC - Precision Machining


Ajit Basrur
Claritas Consulting, LLC



International Standards Bodies - World Wide Standards Bodies

ASQ - American Society for Quality

International Organization for Standardization - ISO Standards and Information

NIST's Engineering Statistics Handbook

IRCA - International Register of Certified Auditors

SAE - Society of Automotive Engineers

Quality Digest

IEST - Institute of Environmental Sciences and Technology


Some Related Topic Tags
iso 9001 - quality management systems, iso 9001:2015, organizational knowledge, risk management and analysis
Reply
 
Thread Tools Search this Thread Rate Thread Content Display Modes
  Post Number #41  
Old 15th April 2017, 01:36 AM
tony s's Avatar
tony s

 
 
Total Posts: 129
Re: Risk Management Implementation for ISO 9001:2015

In auditing RBT, I would have the following expectations:
  • For clauses 6.1.1 and 6.1.2a: RBT were considered during QMS planning (e.g. SWOT or equivalent might have been utilized during strategic planning; for operational planning, tools like FMEA, Risk Matrices or Registries, etc. might be used to determine process risks/opportunities that need to be addressed). RBT can also be demonstrated to manage changes on QMS processes, products and services;
  • For clauses 6.1.2b.1 and 4.4.1f: Controls are established on determined risks/opportunities. Controls can be physically present and/or specified in documented information such as control plans, procedures and instructions;
  • For clauses 6.1.2b.2 and 9.1.3e: Effectiveness of the actions were evaluated, typically, through internal audits or evaluations of the set performance indicators. I'd like to see whether internal auditors look into the actions to address risks/opportunities;
  • For clause 9.3.2e: One of the topics discussed in the management review was the result of the evaluation of the effectiveness of the actions taken to address risks/opportunities. The organization's lead internal auditor may have some sort of a summarized report on the audited actions on risks/opportunities;
  • For clause 10.2.1e: I'll check whether reported NCs and implementation of CAs triggered the updating of the record of identified risks/opportunities, including actions.
Thanks to tony s for your informative Post and/or Attachment!

Sponsored Links
  Post Number #42  
Old 15th April 2017, 03:04 AM
Big Jim

 
 
Total Posts: 2,803
Re: Risk Management Implementation for ISO 9001:2015

Quote:
In Reply to Parent Post by tony s View Post

In auditing RBT, I would have the following expectations:
  • For clauses 6.1.1 and 6.1.2a: RBT were considered during QMS planning (e.g. SWOT or equivalent might have been utilized during strategic planning; for operational planning, tools like FMEA, Risk Matrices or Registries, etc. might be used to determine process risks/opportunities that need to be addressed). RBT can also be demonstrated to manage changes on QMS processes, products and services;
  • For clauses 6.1.2b.1 and 4.4.1f: Controls are established on determined risks/opportunities. Controls can be physically present and/or specified in documented information such as control plans, procedures and instructions;
  • For clauses 6.1.2b.2 and 9.1.3e: Effectiveness of the actions were evaluated, typically, through internal audits or evaluations of the set performance indicators. I'd like to see whether internal auditors look into the actions to address risks/opportunities;
  • For clause 9.3.2e: One of the topics discussed in the management review was the result of the evaluation of the effectiveness of the actions taken to address risks/opportunities. The organization's lead internal auditor may have some sort of a summarized report on the audited actions on risks/opportunities;
  • For clause 10.2.1e: I'll check whether reported NCs and implementation of CAs triggered the updating of the record of identified risks/opportunities, including actions.
I'm glad that your expectations are expressed in "mights". None of those require a record that reflects risk based thinking.

So the question comes up of how do you gather objective evidence when documents or records are not required? By interview and observation.

So if you don't see documented evidence of risked based thinking, ask them how they do it.
Thanks to Big Jim for your informative Post and/or Attachment!
Sponsored Links

  Post Number #43  
Old 15th April 2017, 04:07 AM
John Broomfield's Avatar
John Broomfield

 
 
Total Posts: 2,461
Re: Auditing ISO 9001 RBT (aka Risk Management) Compliance

First focus on how the organization creates and takes up opportunities to fulfill its mission (reason for its existence).

Then work with top management to listen and look for evidence of risks being considered and dealt with (via their organizational management system) for:

1. Existing services and products for existing customers
2. Existing services and products for new customers
3. New services and products for existing customers
4. New services and products for new customers

You'd expect to see different controls so query when the controls seem the same.

Seek evidence of the risks being known (including the unknown risks being acknowledged) and how the organizational management system responds to changes (agility).

Much as we did before ISO 9001 specified RBT.

John
Thank You to John Broomfield for your informative Post and/or Attachment!
  Post Number #44  
Old 15th April 2017, 04:39 AM
Big Jim

 
 
Total Posts: 2,803
Re: Auditing ISO 9001 RBT (aka Risk Management) Compliance

Quote:
In Reply to Parent Post by John Broomfield View Post

First focus on how the organization creates and takes up opportunities to fulfill its mission (reason for its existence).

Then work with top management to listen and look for evidence of risks being considered and dealt with (via their organizational management system) for:

1. Existing services and products for existing customers
2. Existing services and products for new customers
3. New services and products for existing customers
4. New services and products for new customers

You'd expect to see different controls so query when the controls seem the same.

Seek evidence of the risks being known (including the unknown risks being acknowledged) and how the organizational management system responds to changes (agility).

Much as we did before ISO 9001 specified RBT.

John
That's an excellent point. Most every if not every company has practiced risk identification and mitigation forever. The new standard seeks us to have greater awareness of it, but it really isn't anything new.
Thanks to Big Jim for your informative Post and/or Attachment!
  Post Number #45  
Old 15th April 2017, 10:07 AM
Crusader's Avatar
Crusader

 
 
Total Posts: 812
Re: Risk Management Implementation for ISO 9001:2015

Thanks for chiming in above! We wrote new/revised old procedures and included the RBT in all except a couple. But since we just implemented it within the last 2 - 3 months, I wonder how we will do in the Stage 1....we'll all find out very soon (Monday 17th). I wasn't even sure how to audit it since it is so new. Everything written is what we do since it's newly written in text and not tribal knowledge. It's like everyone says, we've all been doing it but not realizing it and it was never outlined/written down until now.

Thank You to Crusader for your informative Post and/or Attachment!
  Post Number #46  
Old 15th April 2017, 03:41 PM
anders.kemper

 
 
Total Posts: 4
Re: Risk Management Implementation for ISO 9001:2015

In My opinion you have to explain in QMS how you you did you business plan. You have you business goals you make A SWAT for the business goals and you have you plan to handle risks and oputonities. (I just had My audit for 2015)


Skickat från min iPhone med Tapatalk
Thanks to anders.kemper for your informative Post and/or Attachment!
  Post Number #47  
Old 15th April 2017, 04:28 PM
Big Jim

 
 
Total Posts: 2,803
Re: Risk Management Implementation for ISO 9001:2015

Quote:
In Reply to Parent Post by anders.kemper View Post

In My opinion you have to explain in QMS how you you did you business plan. You have you business goals you make A SWAT for the business goals and you have you plan to handle risks and oputonities. (I just had My audit for 2015)


Skickat från min iPhone med Tapatalk
Wow. That sounds like an over reach of the requirements of the standard. Business plan isn't mentioned in the standard, and I don't think you have to have a business plan to explain strategic direction (which is in the standard).

Personally, I think a business plan makes sense. The first time I read the new standard I commented on how 4.1 through 4.4 looked a lot like the logical steps to create a business plan and have speculated that TC-176 dusted off an old textbook from management 101 or business 101 and opened it to the chapter on writing a business plan.

That said, having business plan IS NOT a requirement of the standard and I would question an auditor or a CB that tries to tell you otherwise.
Thanks to Big Jim for your informative Post and/or Attachment!
  Post Number #48  
Old 15th April 2017, 05:38 PM
anders.kemper

 
 
Total Posts: 4
Re: Risk Management Implementation for ISO 9001:2015

Quote:
In Reply to Parent Post by Big Jim View Post

Wow. That sounds like an over reach of the requirements of the standard. Business plan isn't mentioned in the standard, and I don't think you have to have a business plan to explain strategic direction (which is in the standard).



Personally, I think a business plan makes sense. The first time I read the new standard I commented on how 4.1 through 4.4 looked a lot like the logical steps to create a business plan and have speculated that TC-176 dusted off an old textbook from management 101 or business 101 and opened it to the chapter on writing a business plan.



That said, having business plan IS NOT a requirement of the standard and I would question an auditor or a CB that tries to tell you otherwise.


I was surprised during the audit that 75% of the time we were Talking about our business plan.
In My opinion most of the companies have some kind of strategic planing in the form of A business plan.but it's not implemented in the QMS.
My tip is to use this and conect it to the QMS and you Will have A soft transision.
What I think is the hardest thing is to do is to engage the management in the QMS. If you can't show the engagement of the management the audit will fail.


Skickat från min iPhone med Tapatalk
Thanks to anders.kemper for your informative Post and/or Attachment!
Reply

Lower Navigation Bar
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >

Bookmarks



Visitors Currently Viewing this Thread: 1 (0 Registered Visitors (Members) and 1 Unregistered Guest Visitors)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Forum Search
Display Modes Rate Thread Content
Rate Thread Content:

Forum Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Emoticons are On
[IMG] code is On
HTML code is Off


Similar Discussion Threads
Discussion Thread Title Thread Starter Forum Replies Last Post or Poll Vote
Risk Management (and Risk Based Thinking) in ISO 9001:2015 aburaggi ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 28 9th July 2017 12:56 AM
Do we need a Risk Register for ISO 9001:2015 zoolieu ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11 5th March 2017 10:49 AM
Risk Management - Additional Process in ISO 9001:2015? QAMTY ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3 7th February 2017 08:58 PM
Risk Impact - Risk Assessment Sample/Method per ISO 9001:2015 QAMTY ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1 19th January 2017 07:45 AM
All the risk assessments - ISO 9001:2015 requirements Moncia ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5 14th September 2016 11:40 AM



The time now is 11:48 AM. All times are GMT -4.
Your time zone can be changed in your UserCP --> Options.


 
 
 


NOTE: This forum uses "Cookies"