Informational Is Identification of Risks and Opportunities required for QMS Processes?

Qualygirl

Involved In Discussions
Hallo John,
leider nein. Deswegen der Weg zu ELSMAR.
Was ich erkennen kann ,wird vom risikoorientierten Denken in Folgen 9001 Kap. gesprochen
KAP: 03, 4.4, 4.4.1, 4.2, 5.1.1, 5.1.2, 6.1, 6.1.1, 6.1.2, 7.2.1, 8.5.5, 9.3, 9.1.3, 9.3.2, 10.2 0,1,

in ISO 14001: 9.3,9.3.3,6.1.4,6.2.1,6.1.3,6.1.2,6.1.1,

sicher ist Auch hier Schlauen Menschen sterben das vervollständigen Können.

L.G Qualygirl

Translation:
eider-no. Therefore the way to ELSMAR.
What I can see is followed by risk-oriented thinking in 9001 chap. spoken
CAPE: 03, 4.4, 4.4.1, 4.2, 5.1.1, 5.1.2, 6.1, 6.1.1, 6.1.2, 7.2.1, 8.5.5, 9.3, 9.1.3, 9.3.2, 10.2 0,1,

in ISO 14001: 9.3,9.3.3,6.1.4,6.2.1,6.1.3,6.1.2,6.1.1,

surely here too smart people die can complete that.
 
Last edited by a moderator:

Qualygirl

Involved In Discussions
da sind viele Fehler drin. hoffe das führt nicht zu Unklarheiten

Translation: there are many mistakes in it. hope this does not lead to ambiguities
 
Last edited by a moderator:

Zearl

Starting to get Involved
Hello Qualygirl,
For the ISO 9001:2015 standard, take a look at 0.3.3 at the beginning (page ix) and be sure and look at A.4 (page 22).

If your process is working as it should and controls are in place, your business has at some point considered
associated risks. You have already identified them!. These risks are addressed in your procedures, checklists, etc. Perhaps they could be listed in process descriptions or something, as well as the very high level ones for context of your organization. New ones are typically addressed
in nonconformity and corrective action activities.

Both standards do not require formal risk management. The ISO 9001:2015 standard does not even specifically require documented information
regarding risks associated with your process. However, it would be awkward to try and demonstrate consideration of risks without
something besides interviews.

The ISO 14001:2015 standard, on the other hand, does require documented information of the risks and opportunities that need to be addressed.
Many of these come up in review of environmental aspects and compliance obligations. To evaluate significant aspects, some type of risk
assessment should be performed, like frequency of occurrence, magnitude of environmental impact, compliance, etc.

So for both standards, identification of risks & opportunities are needed. If not, the business will not be as effective as it could.

Anyway, I've droned on enough and I know there will be many different opinions forthcoming, so step in Cove!
 

Qualygirl

Involved In Discussions
Translate about Google

Hello John,
Unfortunately, no. Therefore the way to ELSMAR.
What I can see is from risk-oriented thinking in consequences 9001 chap. spoken
KAP: 03, 4.4, 4.4.1, 4.2, 5.1.1, 5.1.2, 6.1, 6.1.1, 6.1.2, 7.2.1, 8.5.5, 9.3, 9.1.3, 9.3.2, 10.2 0 ,1,

in ISO 14001: 9.3,9.3.3,6.1.4,6.2.1,6.1.3,6.1.2,6.1.1,

It is certain that smart people die here as wel
 

Jen Kirley

Quality and Auditing Expert
Leader
Admin
It is important to understand why the ISO 9001 Technical Committee did not direct how risks are to be considered and addressed. The needs of organizations can be unique, with unique risks (that your team must identify) at the same time as common risks that most of us face (such as pandemics).

The Harvard Business Review article is long, but informative. Mind Tools gives a shorter explanation, including tools such as SWOT Analysis and Scenario Analysis, as methods for managers to keep track and identify new needs and opportunities.

I hope this helps!

I have no affiliation with Harvard or Emerald Works.
 

LukasLosigkeit

Starting to get Involved
Thanks! I am familiar with all of this ISO guides. No suitable advices have been found there.

But I would like to return to initial question of this discussion thread: Shall organization identify risks and opportunities for every identified QMS process?

Your opinion, please!

In my experience, opportunities and risks do not have to be considered for each individual process.
This has already been accepted in several ISO 9001 audits.
 

QAguy

Involved In Discussions
Your organization’s management system is meant to help the people working for the organization to fulfill its mission; generalized as “converting the needs of stakeholders into cash in the bank”. Right here you have an axample of risk-based thinking that is focused on winning and exploiting opportunities to serve.

When you develop your organization’s process-based management system (from scratch, to improve performance or to bring about project success) you and your colleagues focus on those processes that are essential to the success of the organization; this is an example of risk-based thinking but you may have glossed over that fact because it is so obvious.

Having determined the cross-functional processes essential for organizational or project success you and your colleagues will name the most knowledgeable person as the owner of each process. Again this is RBT.

Working with each process owner you’ll determine the objectives of each process; again this is RBT. You’ll then capture (perhaps in a deployment flowchart linked to any instructions and forms) who are involved and what they actually do to plan the work, do the work and check the work while making corrections and improvements as necessary.

The process owner will then walk this partially documented procedure across the functions or departments responsible so the process team can ensure it is accurate. Some new processes may be necessary so the documented procedures defining the design of these processes would be reviewed by the process team members for their feasibility.

As you can see, when developing the system, quality planning or designing processes you’ll see lots of evidence of risk-based thinking quite naturally.

Going beyond such practical thinking may confuse others or yourself.

John
Excellent reply and posting. I really like your outlook on the risk requirement.
 
Top Bottom