Q
QAMTY
Hi everybody
I´m somewhat confused regarding what to implement as risk in ISO 9001 2015.
It is not an obligation to use ISO 31000/31010, according to 9001 2015 requirements, but some people recommend to use it.
My point is, if we take as a reference the 31000 we also have to consider all the next:
While , if you want to take it easy, you just identify the risk by a brainstorming method, then you do the analysis (a simple analysis, not using the tools explained in 31010), then is evaluated in a qualitative way assigning them low, medium, and high level, then apply treatment and monitoring.
Considering that my business is a print shop, (not risky), I don´t consider to use 31000/31010, I´ll follow the easy way.
what do you think about this?
thanks for your feedback
I´m somewhat confused regarding what to implement as risk in ISO 9001 2015.
It is not an obligation to use ISO 31000/31010, according to 9001 2015 requirements, but some people recommend to use it.
My point is, if we take as a reference the 31000 we also have to consider all the next:
Establishing the context
For me. I think is too much work to do.Risk identification
Risk analysis
Risk evaluation
Risk treatment
Risk monitoring
additionally to establish a policy Risk analysis
Risk evaluation
Risk treatment
Risk monitoring
While , if you want to take it easy, you just identify the risk by a brainstorming method, then you do the analysis (a simple analysis, not using the tools explained in 31010), then is evaluated in a qualitative way assigning them low, medium, and high level, then apply treatment and monitoring.
Considering that my business is a print shop, (not risky), I don´t consider to use 31000/31010, I´ll follow the easy way.
what do you think about this?
thanks for your feedback