The Cove Business Standards Discussion Forums More Free Files Forum Discussion Thread Post Attachments Listing Cove Discussion Forums Main Page
Risk Management Implementation for ISO 9001:2015
UL - Underwriters Laboratories - Health Sciences
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Risk Management Implementation for ISO 9001:2015
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >
Forum Username

Elsmar Cove Forum Visitor Notice(s)

Wooden Line

Risk Management Implementation for ISO 9001:2015


Elsmar XML RSS Feed
Elsmar Cove Forum RSS Feed

Monitor the Elsmar Forum
Sponsor Links




Courtesy Quick Links


Links Elsmar Cove visitors will find useful in the quest for knowledge and support:

Jennifer Kirley's
Conway Business Services


Howard's
International Quality Services


Marcelo Antunes'
SQR Consulting, and
Medical Devices Expert Forum


Bob Doering
Bob Doering's Blogs and,
Correct SPC - Precision Machining


Ajit Basrur
Claritas Consulting, LLC



International Standards Bodies - World Wide Standards Bodies

ASQ - American Society for Quality

International Organization for Standardization - ISO Standards and Information

NIST's Engineering Statistics Handbook

IRCA - International Register of Certified Auditors

SAE - Society of Automotive Engineers

Quality Digest

IEST - Institute of Environmental Sciences and Technology


Some Related Topic Tags
iso 9001 - quality management systems, iso 9001:2015, organizational knowledge, risk management and analysis
Reply
 
Thread Tools Search this Thread Rate Thread Content Display Modes
  Post Number #1  
Old 19th May 2015, 05:32 PM
SystemsQualityGuy

 
 
Total Posts: 6
Please Help! Risk Management Implementation for ISO 9001:2015

The new ISO 9001 2015 standards place much emphasis on risk based thinking and risk management See below:

4.4.2 - Process approach
?The organization shall:
d) determine the risks to conformity of goods and services and customer satisfaction if unintended outputs are delivered or process interaction is ineffective;?

5.1.2 - Leadership and commitment with respect to the needs and expectations of customers
?Top management shall demonstrate leadership and commitment with respect to customer focus by ensuring that:
a) the risks which can affect conformity of goods and services and customer satisfaction are identified and addressed;

Right now I am concerned with operational changes my organization will have to implement be compliant with the new standards. From what I understand our company will essentially have to draft a Process Failure Modes and Effect Analysis for all of our processes.

We will have three years to get our organization up to date. I have never gone through an ISO revision process before. I am interested to find out from more experienced quality people what new types of procedures/policies will be necessary to meet the new risk management requirements. Any input would be a great help.
Thanks to SystemsQualityGuy for your informative Post and/or Attachment!

Sponsored Links
  Post Number #2  
Old 19th May 2015, 07:37 PM
dsheaffe

 
 
Total Posts: 44
Re: Risk Management Implementation for ISO 9001 2015 Standards.

You will no doubt get vastly different opinions, but based on the discussions that I have had with our external auditor (and the feedback from an information session run by our CB on the draft version), they are not expecting that we implement a full Risk Assessment program based on ISO 31000 or FMEA.

Their only expectation is that we can demonstrate that we have considered/addressed risks. So this may be as simple as eg, showing that when implementing a new process (or changing an existing process) that have identified what risks are involved in the change and addressing those that we consider appropriate.

Of course different CB's may have different expectations so start the conversation with your auditor/CB to see what they are expecting.
Thank You to dsheaffe for your informative Post and/or Attachment!
Sponsored Links

  Post Number #3  
Old 19th May 2015, 10:17 PM
Jen Kirley's Avatar
Jen Kirley

 
 
Total Posts: 6,021
Re: Risk Management Implementation for ISO 9001:2015

I agree with dsheaffe.

There with certainly be confusion among CB auditors about what is acceptable evidence. We can't even agree on which documents need to be controlled and which can be just tools.

I can offer that my training thus far has stressed that FMEAs will not be required for all the processes, and an expectation there will be no defined required format for exhibiting risk based thinking.

The six required documented procedures will no longer be required. The new version of ISO 9001 will require documented procedures for process controls so as to ensure product and service conform to customer requirements, which you are probably doing now. The standard will also ask us to measure and monitor so as to know if we are succeeding, which you may also already be doing. The new idea may be making controls to avoid other undesired outcomes that might include the business interests, maybe even employee turnover if your intellectual capital is critical to your organization.

Last edited by Jen Kirley; 19th May 2015 at 10:25 PM. Reason: Adding some clarity
Thank You to Jen Kirley for your informative Post and/or Attachment!
  Post Number #4  
Old 19th May 2015, 11:16 PM
Big Jim

 
 
Total Posts: 2,803
Re: Risk Management Implementation for ISO 9001:2015

Quote:
In Reply to Parent Post by SystemsQualityGuy View Post

The new ISO 9001 2015 standards place much emphasis on risk based thinking and risk management See below:

4.4.2 - Process approach
?The organization shall:
d) determine the risks to conformity of goods and services and customer satisfaction if unintended outputs are delivered or process interaction is ineffective;?

5.1.2 - Leadership and commitment with respect to the needs and expectations of customers
?Top management shall demonstrate leadership and commitment with respect to customer focus by ensuring that:
a) the risks which can affect conformity of goods and services and customer satisfaction are identified and addressed;

Right now I am concerned with operational changes my organization will have to implement be compliant with the new standards. From what I understand our company will essentially have to draft a Process Failure Modes and Effect Analysis for all of our processes.

We will have three years to get our organization up to date. I have never gone through an ISO revision process before. I am interested to find out from more experienced quality people what new types of procedures/policies will be necessary to meet the new risk management requirements. Any input would be a great help.
I can't find 4.4.2 in my copy of the DIS for ISO 9001:2015. Can you tell me where you found it? Have they published the FDIS and I missed it? I understood it would be out in June or July.
  Post Number #5  
Old 19th May 2015, 11:34 PM
Big Jim

 
 
Total Posts: 2,803
Re: Risk Management Implementation for ISO 9001:2015

Quote:
In Reply to Parent Post by Jennifer Kirley View Post

I agree with dsheaffe.

There with certainly be confusion among CB auditors about what is acceptable evidence. We can't even agree on which documents need to be controlled and which can be just tools.

I can offer that my training thus far has stressed that FMEAs will not be required for all the processes, and an expectation there will be no defined required format for exhibiting risk based thinking.

The six required documented procedures will no longer be required. The new version of ISO 9001 will require documented procedures for process controls so as to ensure product and service conform to customer requirements, which you are probably doing now. The standard will also ask us to measure and monitor so as to know if we are succeeding, which you may also already be doing. The new idea may be making controls to avoid other undesired outcomes that might include the business interests, maybe even employee turnover if your intellectual capital is critical to your organization.
I agree that the concept of involving risk is not nearly as daunting as some seem to fear. Most companies have always practiced some level of risk mitigation anyway. The ultimate risk mitigation is to no bid a project that a company is not comfortable with.

I do question your thought that there is a requirement for a procedure for process controls. From the last paragraph of 4.4 in the DIS:

"The organization shall maintain documented information to the extent necessary to support the operation of processes and retain documented information to the extent necessary to have confidence that the processes are being carried out as planned."

Documented information is defined in Section 3 of the DIS.

Documented information controls are detailed in 7.5 of the DIS.

In my search of all of this I cannot find where any written procedures are required. Every place that documented information is mentioned appear to require keeping what we now know as records. It appears that documented information may include what we now know as procedures, but at the organizations discretion.

As I see it, 4.4 certainly does not require a written procedure.
Thank You to Big Jim for your informative Post and/or Attachment!
  Post Number #6  
Old 20th May 2015, 04:39 AM
AndyN's Avatar
AndyN

 
 
Total Posts: 8,459
Question Re: Risk Management Implementation for ISO 9001:2015

Good comments so far. How did you get the understanding that an FMEA was needed for all processes?
  Post Number #7  
Old 20th May 2015, 08:57 AM
John Broomfield's Avatar
John Broomfield

 
 
Total Posts: 2,461
Yin Yang Re: Risk Management Implementation for ISO 9001:2015

This is the problem:

"The organization shall maintain documented information to the extent necessary to support the operation of processes and retain documented information to the extent necessary to have confidence that the processes are being carried out as planned."

Whose confidence? The auditor's?

This rephrasing of:

ISO 9001:2008's clause 4.2.1d "to the extent necessary for effective planning, operation and control" had the benefit of being objective.

Effectiveness is verifiable, confidence is not.
Thank You to John Broomfield for your informative Post and/or Attachment!
  Post Number #8  
Old 20th May 2015, 09:28 AM
SystemsQualityGuy

 
 
Total Posts: 6
Re: Risk Management Implementation for ISO 9001:2015

That is a good question. I can't find it in clause 4 either. I have seen this text referred to in other threads and on the Certified Enterprise Risk Manager Academy website. In any case, risk will still be a major part of ISO 9001 2015.
Reply

Lower Navigation Bar
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >

Bookmarks



Visitors Currently Viewing this Thread: 1 (0 Registered Visitors (Members) and 1 Unregistered Guest Visitors)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Forum Search
Display Modes Rate Thread Content
Rate Thread Content:

Forum Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Emoticons are On
[IMG] code is On
HTML code is Off


Similar Discussion Threads
Discussion Thread Title Thread Starter Forum Replies Last Post or Poll Vote
Risk Management (and Risk Based Thinking) in ISO 9001:2015 aburaggi ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 28 9th July 2017 12:56 AM
Do we need a Risk Register for ISO 9001:2015 zoolieu ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11 5th March 2017 10:49 AM
Risk Management - Additional Process in ISO 9001:2015? QAMTY ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3 7th February 2017 08:58 PM
Risk Impact - Risk Assessment Sample/Method per ISO 9001:2015 QAMTY ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1 19th January 2017 07:45 AM
All the risk assessments - ISO 9001:2015 requirements Moncia ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5 14th September 2016 11:40 AM



The time now is 01:44 AM. All times are GMT -4.
Your time zone can be changed in your UserCP --> Options.


 
 
 


NOTE: This forum uses "Cookies"