ISO 9001 Risk control method - What could be the better way to control risks?

qualprod

Trusted Information Resource
#1
Hi
For those fellows who already have managed risks.
What could be the better way to control risks?

E.g. to use a format where risk is identified, is assigned probability and impact, risk value is calculated, also mentioning causes and so on.
It could have a control of the document, like any other control of Changes, for example the control of the procedure of control the documents.
This way, if a change in a risk is nedeed (impact, probability, action plans), by using this format , the document changes in revision, and changes are tracked.

The other way could be a simple spreadsheet where risk are registered, all data related to the risk, is fed.
But... because this control is is "live" document, it could be very easy to change aspects of risk without having evidences, because is a dynamic document.

So, in the way you manage risks, which method you think is best and why?

Thank you for give some light.
 
Elsmar Forum Sponsor

John Broomfield

Staff member
Super Moderator
#2
qualprod,

Why not analyze how risks already are managed?

By respecting how your organization already works as a system to convert customer needs into cash you’ll learn a lot and establish a good working relationship with your colleagues.

Reading the standard and imposing new ways of managing risk are unlikely to win the support of your colleagues.

Listen well to the system of which you are part to see for yourself how risks are identified and dealt with so project and process teams are assured of fulfilling objectives and other requirements.

Focus on what they do to prevent failure and be assured of success starting with top management and then with the project managers and process owners.

When doing this your auditor-style “please show me” questions more readily prompt any necessary improvements.

John
 
J

Joe Cruse

#3
X2 for John.

We did not try to shoe-horn in a SWOT form, or charts, or some other, new/extra form to capture this activity in our QMS when going to 2015. Our organization does this ALL the time, and yours, in like manner, has been too, if it's been around for a while. You just need to take a look at how leadership and the core process (and sub-process) owners are communicating and discussing those risks and opportunities on a regular basis (daily,weekly, etc), and determine a way to capture evidence of that assessment/control activity. No need to have your managers change what they do, for this (unless, of course, it ISN'T happening, lol), just find a way to document it, that makes sense to your organization. And if a formal SWOT form makes sense for your organization, let your freak flag fly with it.

For example, our department heads meet with top mgt 2-3 days per week, and this group are the people responsible for either our QMS' core processes, or the sub-processes that support the core processes. In these meetings, there is TONS of risk/opportunity assessment, and as the person responsible for the QMS, I take notes in these meetings to document that activity, so that it is available for both us and any auditor. Then, when we perform Mgt Review, we look at these same things, in more of an upper level view, and that gets documented too, as part of the Mgt Review requirements of the 2015 revision. No charts or SWOT forms, but fully documented, nonetheless. And NEVER let an auditor TELL you that you MUST be using some SWOT form or other set of forms to document this activity; any method that documents this meets the requirements of the standard. Depending on how you document it, you may have to help an auditor understand it fully, but if it makes sense to you and your organization, that's #1, after meeting the standard's requirements.
 
Last edited by a moderator:

qualprod

Trusted Information Resource
#4
Thanks John and Joe for your advise
I understand, regarding that I dont have to worry about the way of documenting
risks.

It depends of the organization how to manage this stuff.

But Joe, as you said, people is very interested in the management of risks and you do
the documentation which is reviewed in the MRs.
The ways is being documented, it could be done very simple, (no forms for requirements, no swots, no format, no fishbones), but I think that at least you have a minimal points in control, for example:
Risk detected, process, risk value, actions for mitigations, responsibles of actions, due dates, residual risk evaluation, it isnt so?

Thanks
 
Thread starter Similar threads Forum Replies Date
S Internal Audit - Risk and Opportunity (ISO 9001:2015 ) Internal Auditing 1
Q Risk/Opportunity in a combined ISO 9001 & 14001 System ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
J Context SWOT tie to ISO 9001:2015 Cl. 6.1 Risk and Opportunities ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
Y Examples of Risk and Opportunities based on ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
Mikishots Definition Issue - "Issue" vs. "Risk" in ISO 9001:2015 and AS9100 Rev D (Definitions) Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 2
Q Opportunities only derived from Risks? Detecting Risk & Opportunities in ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Q Easy Way of "Implementing" Risk in ISO 9001 2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
Z Do we need a Risk Register for ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
Q Is it worth the effort to implement ISO 31000 Risk based on ISO 9001:2015? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
Q Including the Word "Risk" into the Quality Policy (ISO 9001:2015)? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
Q Risk Management - Additional Process in ISO 9001:2015? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
Q Tools for Risk - ISO 9001:2015 - Suggestions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
Q Risk Impact - Risk Assessment Sample/Method per ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Moncia All the risk assessments - ISO 9001:2015 requirements ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
S Informational Risk Management Implementation for ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 60
A Informational Risk Management (and Risk Based Thinking) in ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 56
WCHorn Informational How the addition of "Risk" will affect ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 103
B ISO 9001:2008 and Risk Management ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
A ISO 9001 Project Management and Risk Analysis Requirements - Construction ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
H ISO 9001: 2008, 01. General:..... or the risk associated with that environment. ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
H How do you see the "Risk Analysis" issue in the ISO 9001 context? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
G Compliance with ISO 9001-2015 for ISO 17025 Accredited Labs? ISO 17025 related Discussions 3
L Change Log in (controlled) Forms? (ISO 9001:2015) Document Control Systems, Procedures, Forms and Templates 6
K ISO 9001 Clause 8.3 & 8.6 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
S Transition training for Internal Auditor from ISO 9001: 2008 to the ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
H R&D Lab ISO 9001 certification ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
J ISO 9001:2015 Clause 8.5.1 Control of Production and service provision - Help with Work Instruction Access ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
M Does the scope of ISO 9001:2015 applies to tenders, pricing and sales department of a medical devices distributor? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
D Can an ISO 9001 Certificate have Remote Locations? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
D ISO 9001 - 8.4.1 Evaluate All Suppliers? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 66
Sidney Vianna ISO 9001 News ISO 9001 Quality Check - spinning facts in LinkedIn ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
A ISO 9001 Internal Audits - No production right now due to furloughs Internal Auditing 5
T Do we need an SOP for ISO 9001? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
K ISO 9001 Auditing in a Healthcare setting Process Audits and Layered Process Audits 15
C ISO 9001:2015 8.3.2. h) Design and Development Planning - What is required? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
B Employee Handbook in ISO 9001:2015 Section 7 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 19
Q ISO 9001/IATF 16949 Audit Finding Question - Document Retention IATF 16949 - Automotive Quality Systems Standard 11
Q Audit report template ISO 9001/14001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
Q Process matrix examples of ISO 9001 & 14001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
chris1price Archiving of paper records - ISO 9001 7.5.3.1b Records and Data - Quality, Legal and Other Evidence 4
D Common practices in ISO 9001 deployment ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
Q ISO 9001-2015 Internal audit finding Internal Auditing 14
P Audit check for IT company (ISO 9001) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
Q Do these certificates of calibration meet ISO 9001 requirements for traceability to NIST? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 23
C Requirement to link Quality Manual to ISO 9001 clause numbers? ISO 13485:2016 - Medical Device Quality Management Systems 13
W First time being audited (ISO 9001), asking for advice ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
Q ISO 9001 - Reseller Exclusions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
R AS9100D internal audit checklist or ISO 9001 2015 to AS9100 D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
N ISO 9001 - Training business with fewer than 5 employees ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
J Opportunity in ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 27

Similar threads

Top Bottom