The Cove Business Standards Discussion Forums More Free Files Forum Discussion Thread Post Attachments Listing Cove Discussion Forums Main Page
UL - Underwriters Laboratories - Health Sciences
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > National and International Business System Standards > ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards
Forum Username

Elsmar Cove Forum Visitor Notice(s)

Wooden Line

Risk Management (and Risk Based Thinking) in ISO 9001:2015 - Page 2


Elsmar XML RSS Feed
Elsmar Cove Forum RSS Feed

Monitor the Elsmar Forum
Sponsor Links




Courtesy Quick Links


Links that Cove visitors will find useful in your quest for knowledge:

International Standards Bodies - World Wide Standards Bodies

ASQ - American Society for Quality

International Standards Organization - ISO Standards and Information

Howard's
International Quality Services


Marcelo Antunes'
SQR Consulting, and
Medical Devices Expert Forum


Bob Doering
Bob Doering's Blogs and,
Correct SPC - Precision Machining


Ajit Basrur
Claritas Consulting, LLC


NIST's Engineering Statistics Handbook

IRCA - International Register of Certified Auditors

SAE - Society of Automotive Engineers

Quality Digest

IEST - Institute of Environmental Sciences and Technology


Related Topic Tags
iso 9001:2015, risk based thinking (rbt), risk management and analysis
Reply
 
Thread Tools Search this Thread Rate Thread Content Display Modes
  Post Number #9  
Old 20th January 2015, 09:58 PM
Helmut Jilling

 
 
Total Posts: 4,357
Re: Risk Management in ISO 9001:2015

Quote:
In Reply to Parent Post by aburaggi View Post

thanks John
of course risk always is considered that?s why we always add control measures in each and every process we do,,,, and i think incorporating it with the QMS should give a greater value. since the risk will be identified and evaluated. Frequency x Severity = Risk

i just need to see few samples -if exist- to start identifying and categorizing those risks
just to be clear, many companies do not adequately evaluate and control risks.
Thanks to Helmut Jilling for your informative Post and/or Attachment!

Sponsored Links
  Post Number #10  
Old 21st January 2015, 01:09 AM
somashekar's Avatar
somashekar

 
 
Total Posts: 5,171
Re: Risk Management in ISO 9001:2015

Quote:
In Reply to Parent Post by Helmut Jilling View Post

just to be clear, many companies do not adequately evaluate and control risks.
Yes, very true.
They do not anticipate, they do not learn from past experiences.
They get surprises, shocks,
They firefight, they become busy, they get tired, then they also get appreciated, and a false sense of achievement is felt. They take pride in it, they get rewarded too for all the fire fighting.
Each process and process interaction must be assessed from two elements.
1. What is the Goal.
2. What are the prospects and consequences in the actions we plan towards meeting the goal.
Does the prospects weigh good, so we decide to go from Plan to Do, with all the available resources, and planned monitoring.
Are there any consequences likely to come up for which we have to make a Plan 2 as a backup...

How you want to document this is your freedom.
Thank You to somashekar for your informative Post and/or Attachment!
Sponsored Links

  Post Number #11  
Old 21st January 2015, 02:18 AM
John Broomfield's Avatar
John Broomfield

 
 
Total Posts: 2,456
Yin Yang Re: Risk Management in ISO 9001:2015

Quote:
In Reply to Parent Post by LUV-d-4UM View Post

I am taking a big risk by posting the Quality Policy statement for the ISO9001:2015 management system. I welcome everyone to critique this quality policy. Thank you.

"We the employees of XYZ company are committed to deliver quality in every product and service which we provide to all our customers. To meet this commitment we will:

Supply products and services which meet customer expectations and requirements surpassing or equalizing the competition

Develop and introduce innovative products and services to meet emerging expectations and requirements

Maintain an environment which encourages us to continuously strive to improve the quality of work, both individual and as a team.

This commitment to quality is a responsibility accepted by all XYZ Company employees to maintain the loyalty and trust of our customers."
LUV-d-4UM,

I hope you don't mind me rewriting your policy statement:

"We the employees of XYZ company remain committed to deliver quality services and products to all our customers.

To fulfill this commitment we use and improve our management system to:

A. Supply services and products which meet customer requirements;

B. Determine emerging customer needs and develop the knowledge, skills, abilities and innovative services and products to fulfill these needs; and

C. Recognize the inherent opportunities and risks and take action to prevent failures to fulfill requirements.

We share this commitment to quality and improvement in everything we do to earn and maintain the loyalty and trust of our customers."


Please note that services always are experienced before products and that opportunities are recognized before risks. It is also worthwhile mentioning the management system that should help the employees to fulfill the policy.

It needs several further rewrites to be as readable as the Wall Street Journal.

It best be true and from the hearts of top management.

John
Thank You to John Broomfield for your informative Post and/or Attachment!
  Post Number #12  
Old 21st January 2015, 05:30 AM
Marc's Avatar
Marc

 
 
Total Posts: 25,418
Re: Risk Management in ISO 9001:2015

Quote:
In Reply to Parent Post by Helmut Jilling View Post

just to be clear, many companies do not adequately evaluate and control risks.
I agree to some degree, however most of the companies which I have done work for have done, and do, appropriate risk analysis/use "risk based thinking" but many times it is not always formalized and documented, nor is the phrase "risk based thinking" used. In companies where it is formalized and documented, the company usually has high risk aspects (such as death) for end users such as in aviation, medical, pharma, marine and automotive, etc.

RBS is rehashing old stuff (I worked in risk assessment back in the 1980's in aerospace electronics but no one ever used the phrase "risk based thinking") and making "risk based thinking" into an ISO 9001 requirement will just be adding to confusion and complexity. I even remember working in a grocery when I was in high school around 1966-67, and while it wasn't called "risk based thinking", they went through a risk analysis to the point of training us that bagging groceries such as all canned (and other "hard") goods go into separate bags, "soft" items like bread were set aside and bagged last (and point out to customer which bag their bread was in). People don't like squashed bread or cans piled upon a bag of potato chips. Another aspect back then in grocery stores was how high objects must be stacked (and shelf height was figured into how shelving was set up in stores). Etc.Etc.

Philip Scalise did a good quick write up recently on a Linkedin group in which he spoke about "risk" in every day life. Each of us does a risk analysis every day in everything we do. We don't typically think of it as "risk based thinking", but everything we do is a risk assessment/risk based thinking to one degree or another. I was thinking about "risk based thinking" the other day when it was very cold here. My GF said to me, as I was leaving to go to the grocery store, "You better take your cell phone in case your car won't start". Tracey's "risk based thinking" was on and working. Another example: Every time I have bought a house since ground fault outlets have been available, I replaced EVERY outlet in the house with a ground fault outlet before I moved in.

The only good thing (on my end) I see coming out of this is more money for consultants, book writers and such. As they make ISO 9001 more and more prescriptive and complex, it makes ISO 9001 less appropriate and less useful - Especially to "Mom & Pop" businesses.

What matters will be the end ISO 9001:2015 document and the many ways it will be interpreted as each sentence is parsed.

But being a "consultant" this is, of course, good for us financially. To many of my clients, however, formalizing/documenting it is not typically value added (most are already doing it but this will make it more "formal" thus more costly). It is one more (increasing) cost of doing business.

In 2000 the buzz phrase was "The Process Approach" which is still not understood by many. This time around it's "Risk Based Thinking". I don't think this will become a significant issue, since most companies are already evaluating risks appropriately. I think the thing will be to get the phrase "risk based thinking" into their vocabulary.

Just my
Thanks to Marc for your informative Post and/or Attachment!
  Post Number #13  
Old 21st January 2015, 07:16 AM
Paul Simpson

 
 
Total Posts: 1,765
Re: Risk Management in ISO 9001:2015

Msrc. I'd agree that there is little new about RBT in the Draft. I've snipped from the new clause 0.5 - here:
Quote:
This International Standard makes risk-based thinking more explicit and incorporates it in requirements for the establishment, implementation, maintenance and continual improvement of the quality management system.
Well my questions is where is RBT more explicit in the DIS? I guess the new clause 4.1 of organisational context requires organisations to look around and gather information about needs and expectations and 4.4 f requires organisations to consider risks and opportuniteis in process development and 6.1 requires determination of and planning for risks and opportunities. So perhaps more explicit but is it explained better? I'd be interested in the views here.

The approach is a bit more granular but does it really move RBT on from Preventive Action, the current 4.1 c and the capture of requirements in Clause 7 for what the product / service should do.

Like many others I have worked in quality for longer than ISO 9001 has been around and can remember day 1 in work was all about how quality was there to reduce the risk to the customer of product that doesn't meet his / her requirements.
Thanks to Paul Simpson for your informative Post and/or Attachment!
  Post Number #14  
Old 21st January 2015, 09:48 AM
Marc's Avatar
Marc

 
 
Total Posts: 25,418
Re: Risk Management in ISO 9001:2015

Quote:
In Reply to Parent Post by Paul Simpson View Post

<snip> Like many others I have worked in quality for longer than ISO 9001 has been around and can remember day 1 in work was all about how quality was there to reduce the risk to the customer of product that doesn't meet his / her requirements.
Yes, and going back to the late 1970's and the early 1980's the goal was to address across border (country to country) issues which was the genesis of what became ISO 9001 (and back then ISO 9002 and ISO 9003, for those that remember them) in 1987.

I do believe your post is correct as long as we consider both production (in-house) risks and end user use (and mis-use) risks.
  Post Number #15  
Old 21st January 2015, 09:50 AM
LUV-d-4UM

 
 
Total Posts: 715
Re: Risk Management in ISO 9001:2015

Thank you very much for your reply John.

At least I am taking the first step at proactively preparing the Top Management for a foretaste of the challenge ahead!
Thank You to LUV-d-4UM for your informative Post and/or Attachment!
  Post Number #16  
Old 21st January 2015, 09:53 AM
LUV-d-4UM

 
 
Total Posts: 715
Re: Risk Management in ISO 9001:2015

Thank you Paul.

Can you suggest a better way to "capture of requirements in Risk Analysis and Clause 7 for what the product / service should do?" That will surely enrich this policy statement.
Reply

Lower Navigation Bar
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > National and International Business System Standards > ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards

Bookmarks



Visitors Currently Viewing this Thread: 1 (0 Registered Visitors (Members) and 1 Unregistered Guest Visitors)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Forum Search
Display Modes Rate Thread Content
Rate Thread Content:

Forum Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Discussion Threads
Discussion Thread Title Thread Starter Forum Replies Last Post or Poll Vote
Risk Requirements to meet the explicit Risk Based Approach of ISO 13485:2016 Examples bmelissam ISO 13485:2016 - Medical Device Quality Management Systems 4 22nd December 2016 12:37 PM
All the risk assessments - ISO 9001:2015 requirements Moncia ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5 14th September 2016 11:40 AM
Risk Management Implementation for ISO 9001:2015 SystemsQualityGuy ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 37 20th June 2016 11:54 AM
Are the TC 176 Documents on Risk Based Thinking useful to you? Sidney Vianna ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11 23rd January 2015 05:06 PM
Risk Based Audits ocussing on those areas of identified risk eric abbott General Auditing Discussions 3 28th February 2001 06:17 AM



The time now is 03:36 PM. All times are GMT -4.
Your time zone can be changed in your UserCP --> Options.


 
 


NOTE: This forum uses "Cookies" - A Peachfarm Internet Property