Our company has a separate spreadsheet for 4.1/4.2 regarding the organization's context with the needs/expectations, risks, opportunities and actions of ext. and int. issues and interested parties.
We also have a process risk assessment matrix (addresses 6.1 but listed under Clause 4 in our QMS) that addresses risks like product quality, OTD, resources, CoQ, etc. when evaluating each of our QMS Processes (Sales, Purchasing, Production) & Support Functions (QMS Planning, Monitoring, Improvement). It was created in a way that makes it difficult to understand rather than using an SEP matrix.
With our parent company moving into our facility, many of their customers have asked me to provide a risk analysis of the move. Since we are not AS9100 certified, our risk analysis is not a documented process. A company relocation risk analysis is new to me so I'm not 100% sure what I can/should use to accomplish the requested task.
1) I would use the Org. Profile (as mentioned above) to address the risk & opportunities along with their actions.
2) However, am I obligated to use the Process Risk Assessment Matrix we have even though the scope of its use is outside of it?
- Could I deviate and use an SEP matrix or should I just reword the existing Matrix?
We also have a process risk assessment matrix (addresses 6.1 but listed under Clause 4 in our QMS) that addresses risks like product quality, OTD, resources, CoQ, etc. when evaluating each of our QMS Processes (Sales, Purchasing, Production) & Support Functions (QMS Planning, Monitoring, Improvement). It was created in a way that makes it difficult to understand rather than using an SEP matrix.
With our parent company moving into our facility, many of their customers have asked me to provide a risk analysis of the move. Since we are not AS9100 certified, our risk analysis is not a documented process. A company relocation risk analysis is new to me so I'm not 100% sure what I can/should use to accomplish the requested task.
1) I would use the Org. Profile (as mentioned above) to address the risk & opportunities along with their actions.
2) However, am I obligated to use the Process Risk Assessment Matrix we have even though the scope of its use is outside of it?
- Could I deviate and use an SEP matrix or should I just reword the existing Matrix?