Writing Risk Management procedure for small manufacturing and we don't know where to start.

N

Newb2Quality

Starting to get Involved
I would like to discuss what was your approach to risk management from the start of incorporating this process. What questions do you ask and is there a format for defining risk where Management does not have input but wants output? Basically what should be asked to start this process
 
T

Tidge

Trusted Information Resource
Newb2Quality said:
What questions do you ask and is there a format for defining risk where Management does not have input but wants output? Basically what should be asked to start this process
Click to expand...

The meta questions to be answered are:
  • What (documentation) artifacts will you generate to distinguish between acceptable and unacceptable risks?
  • What will you do to periodically assess the state of risk acceptability?
There are many practical approaches to implementing answers to both questions, but I think those are the first two questions to seek answers for.
 
qualprod

qualprod

Trusted Information Resource
Newb2Quality said:
I would like to discuss what was your approach to risk management from the start of incorporating this process. What questions do you ask and is there a format for defining risk where Management does not have input but wants output? Basically what should be asked to start this process
Click to expand...
The standard, doesn´t require a procedure to manage risks.
Is up to you, how to manage thus stuff in your system.
I have seen different approaches and most of them comply the standard.
Starting from some of them , where they say, Risks are everywhere, and actions to minimize them are already into my procedures, e.g.
why I perform Supplier evaluation? in this case, I detect a risk in delivering materiales, why I perform audits, because I detect a risk
if my processes are not woking well, and so... I dont have the need to have anything documented regarding the risk.
I have seen other systems, where they have a simple procedure and form, ,where risk is detected, is evaluated its value by
using the formulae Risk values is =PxI, (probability x impact) based on this actions plans are needed to lower the value of the
risk, after plans have finished, residual risk is evaluated, if is less than initial, is closed.
Again, ISO does not require a procedure nor a standard to be followed.

As a reference, you can take a look at the ISO 30000 which is a standard for the risk treatment so that can have a general idea.

Regards
 
Quality Specialist

Quality Specialist

Involved In Discussions
Newb2Quality said:
Tidge

I´ll explore what you suggest.

Thank you so much.
Click to expand...
Hi Newb2Quality,
I know that the standard doesn't require a procedure for this but I recently created a Risk Management procedure that I don't mind sharing - minus our company name and any other proprietary information. It's just a simple one and easy to adjust it to your company perhaps.
 

Attachments

  • QA-072 Risk Management Procedure.docx
    42.8 KB · Views: 515
F

Funboi

On Holiday
Risk, is supposed to be viewed at a strategic level in ISO 9001. A simple SWOT is sufficient. Take a look at ISO/TS 9002. Anything else, particularly when framed in a heavyweight “procedure” is inappropriate, in my experience.
 
You must log in or register to reply here.

Similar threads

D
Help with Agile in MedTech
Replies
4
Views
222
drm71
D
B
How to integrate risk assessment of a medical device to a SOP for ISO 14155:2020
Replies
1
Views
302
Enternationalist
Enternationalist
D
QMS Overload
2 3 4
Replies
37
Views
1K
Sidney Vianna
Sidney Vianna
M
Risk Management Plan
2
Replies
13
Views
2K
d_addams
D
timbro
Class 1 medtech start up and regulatory decisions
Replies
4
Views
290
timbro
timbro
Top Bottom