Search the Elsmar Cove!
**Search ALL of** with DuckDuckGo Especially for content not in the forum
Such as files in the Cove "Members" Directory

Informational Is Identification of Risks and Opportunities required for QMS Processes?

I'm one of those CB Auditor's that register companies to ISO 9001:2015. You know us as those guys concerned about document control, auditor qualifications, etc etc. As for 'Risks' I will say there are numerous differing opinions on risks.

Try thinking of your entire ISO QMS as a process and Risks as a sub-set of the QMS process. What primary controllable Risks can affect the QMS ? Once you identify say a maximum of 5 assign an owner to each for mitigation and have the owner report the status of each Risk & Mitigation monthly. For example:
Risk - aging workforce
Owner - HR
Mitigation - ???

Risk - changes to NAFTA
Owner - Purchasing and Sales
Mitigation - ???.

Just a few ideas for you. Hope it's helpful.

John Broomfield

Staff member
Super Moderator

My opinion:

The fact that you’ve determined what processes are essential to the effectiveness of your organization working as a system means you’ve already thought about the risks (positive and negative) that generally apply.

Within this system you will have planning processes to address specific risks arising from a new or changed situation or opportunity.

At the front of each process within your system you may have activities that address risks to prevent nonconformity and ineffectiveness.

So, you can see at least three ways in which your organization may address risk as necessary for your system to be effective.

It would be wrong to focus all your risk management opportunities in each individual process.

And all this may be achieved without once mentioning risk.

Best wishes,

Top Bottom