ISO Clause 4.1/4.2 & 6.1

A

ASDriven

Starting to get Involved
Our company has a separate spreadsheet for 4.1/4.2 regarding the organization's context with the needs/expectations, risks, opportunities and actions of ext. and int. issues and interested parties.

We also have a process risk assessment matrix (addresses 6.1 but listed under Clause 4 in our QMS) that addresses risks like product quality, OTD, resources, CoQ, etc. when evaluating each of our QMS Processes (Sales, Purchasing, Production) & Support Functions (QMS Planning, Monitoring, Improvement). It was created in a way that makes it difficult to understand rather than using an SEP matrix.

With our parent company moving into our facility, many of their customers have asked me to provide a risk analysis of the move. Since we are not AS9100 certified, our risk analysis is not a documented process. A company relocation risk analysis is new to me so I'm not 100% sure what I can/should use to accomplish the requested task.

1) I would use the Org. Profile (as mentioned above) to address the risk & opportunities along with their actions.
2) However, am I obligated to use the Process Risk Assessment Matrix we have even though the scope of its use is outside of it?
- Could I deviate and use an SEP matrix or should I just reword the existing Matrix?
 
Tagin

Tagin

Trusted Information Resource
Since your risk analysis is not a documented process, it seems you would be free to use any suitable method.

If this move is outside the scope of your 'Process Risk Assessment Matrix', then I would be concerned that your current approach to addressing risk in 6.1 may be wanting and could use revision. That is, risks to existing processes due to potential disruptions, resource changes, etc. that might result from the move should be able to fit into your Process Risk Assessment Matrix.
 
A

AMIT BALLAL

Super Moderator
The customers might be asking for risk assessment with respect to the changes. Not 4.1 / 4.2 / 6.1.

Check how you are managing changes mainly as per clause 6.3 (QMS) & 8.5.6 (Production & service provision).
 
A

ASDriven

Starting to get Involved
@Tagin @AMIT BALLAL - I am so sorry but I realized I had forgotten to mention that the parent company has a different QMS (which will eventually be merged in to a single master QMS) and will remain its own legal entity. I don't know if that might have invoked a different response. I agree that the Matrix could use a bit of upgrading. It seems like 6.3 & 8.5.6 all circle back around to 6.1?
 
Tagin

Tagin

Trusted Information Resource
ASDriven said:
@Tagin @AMIT BALLAL - I am so sorry but I realized I had forgotten to mention that the parent company has a different QMS (which will eventually be merged in to a single master QMS) and will remain its own legal entity. I don't know if that might have invoked a different response. I agree that the Matrix could use a bit of upgrading. It seems like 6.3 & 8.5.6 all circle back around to 6.1?
Click to expand...

Hmm, the parent co is under a different QMS, yet you said "many of their customers have asked me to provide a risk analysis". This seems quite strange, unless 'their' customers are also your customers. If not, then I would think the responsibility for the risk analysis provided to those customers is the parent company's responsibility.

Or, are these customers asking you for a risk analysis in addition to a risk analysis being provided to them by the parent co?
 
A

ASDriven

Starting to get Involved
Tagin said:
Hmm, the parent co is under a different QMS, yet you said "many of their customers have asked me to provide a risk analysis". This seems quite strange, unless 'their' customers are also your customers. If not, then I would think the responsibility for the risk analysis provided to those customers is the parent company's responsibility.

Or, are these customers asking you for a risk analysis in addition to a risk analysis being provided to them by the parent co?
Click to expand...

It's a legal issue that's more complicated than I'm paid to know but the parent company is to move in by the end of the year to one of our less occupied buildings with us to take over operations as they are essentially dissolving. I will be a single QM overseeing 2 Quality systems working to merge the two together until the merger happens.

So, it's their customers asking me to provide a risk analysis...
 
Johnnymo62

Johnnymo62

Haste Makes Waste
As a customer, I would be worried about receiving incorrect transfer parts from your plant that would impact my production schedule.

In automotive, there is a lot of planning to move processes to new locations so the customer is not impacted by delivery or part quality issues.

I would use the 6.1 type of risk analysis for the different categories (injection molding, blow molding, metal stamping, metal forming, etc.) of new parts being transferred into your plant to start with.

The QMS changes can then be planned in accordance with the lessons learned from the launch period of the transfer parts.
 
A

ASDriven

Starting to get Involved
Johnnymo62 said:
As a customer, I would be worried about receiving incorrect transfer parts from your plant that would impact my production schedule.

In automotive, there is a lot of planning to move processes to new locations so the customer is not impacted by delivery or part quality issues.

I would use the 6.1 type of risk analysis for the different categories (injection molding, blow molding, metal stamping, metal forming, etc.) of new parts being transferred into your plant to start with.

The QMS changes can then be planned in accordance with the lessons learned from the launch period of the transfer parts.
Click to expand...

This is a great idea to incorporate! I keep getting caught up on whether or not the controlled risk assessment matrix could be revised like that as the changes and impact to our QMS would be somewhat minimal since we do CNC work rather than sheet metal work (which would be outsourced). The main risks that we're seeing as being introduced is retention, overall product quality and OTD all stemming back from the retention of skilled labor.
 
A

ASDriven

Starting to get Involved
The risk assessment and analysis was completed utilizing incoming Company B's format. Since both businesses are relatively small, I am likely going to be managing both quality systems.

Those employees with Company B & its QMS will stay the same. So, my question is would any training have to be completed under Company A's QMS?
 
A

AMIT BALLAL

Super Moderator
If you are going to keep the QMS of both companies separate, the training won't be required.

But since you'll be managing systems of both companies, better to develop a single QMS which would work for both of these companies. This system development can then include training and implementation.
 
You must log in or register to reply here.

Similar threads

F
Confused about Non conformace from internal audit
2 3
Replies
22
Views
961
qualitymanagerTT
Q
Richard Regalado
6.1 Actions to address risks and opportunities to the ISMS
Replies
0
Views
655
Richard Regalado
Richard Regalado
O
Difference between Poka-Yoke and Red Rabbit
Replies
3
Views
912
OnurSeref
O
W
Reconciling FMEA RPN ratings with Risk Acceptability
2 3
Replies
22
Views
2K
Tidge
T
W
Looking for IATF 16949 (and ISO 17025) QMS software Suggestions
Replies
8
Views
2K
anneliesehuss
anneliesehuss
Top Bottom