I copied the above over from another thread for discussion here of "Risk" in the upcoming standard.
The focus shift to "Processes" in 2000 wasn't too big a hurdle. How do you envision "Risk" in terms of ISO 9001:2015?
4.4.2 - Process approach
“The organization shall:
d) determine the risks to conformity of goods and services and customer satisfaction if unintended outputs are delivered or process interaction is ineffective;”
5.1.2 - Leadership and commitment with respect to the needs and expectations of customers
“Top management shall demonstrate leadership and commitment with respect to customer focus by ensuring that:
a) the risks which can affect conformity of goods and services and customer satisfaction are identified and addressed;”
6.1 - Actions to address risks and opportunities
“When planning for the quality management system, the organization shall consider the issues referred to in 4.1 and the requirements referred to in 4.2 (4.2 Understanding the needs and expectations of interested parties) and determine the risks and opportunities that need to be addressed to:
a) assure the quality management system can achieve its intended outcome(s)
b) assure that the organization can consistently achieve conformity of goods and services and customer satisfaction
c) prevent, or reduce, undesired effects, and
d) achieve continual improvement.”
Also notice opportunities in 6.1 a)
“The organization shall plan:
a) actions to address these risks and opportunities, and
b) how to:
1) integrate and implement the actions into its quality management system processes (see 4.4), and
2) evaluate the effectiveness of these actions.
Any actions taken to address risks and opportunities shall be proportionate to the potential effects on conformity of goods and services and customer satisfaction.”
8.3 - Operational planning process
“In preparing for the realization of goods and services, the organization shall implement a process to determine the following, as appropriate:
b) actions to identify and address risks related to achieving conformity of goods and services to requirements;”
8.5.1 - Development processes
“In determining the stages and controls for the development processes, the organization shall take account of:
e) the determined risks and opportunities associated with the development activities with respect to
1) the nature of the goods and services to be developed and potential consequences of failure
2) the level of control expected of the development process by customers and other relevant interested parties, and
3) the potential impact on the organization’s ability to consistently meet customer requirements and enhance customer satisfaction.”
8.6.5 - Post delivery activities
“The extent of post delivery activities that are required shall take account of:
a) the risks associated with the goods and services”
More "Risks" noted in:
9.1 - Monitoring, measurement, analysis and evaluation
9.2 - Internal audit
10.2 - Improvement
****************************
Your thoughts?