Risk Management Compliance - Implementing AS9100:2009

[Koala]

I am in the process of implementing AS9100:2009. (We are already registered to rev B). I have tried to stay as current as possible with this forums' discussion of what is to come so I knew risk management was coming. I have searched the forum for other threads on risk management and have read them, but they all seem to apply to medical devices- not ISO 9001 or AS9100. Can someone please offer some advice on what I can do to meet this requirement.

We do not perform design. But I can still implement FMEA's. Would that be of benefit? Please give other ideas because I am at a loss as to how to meet this requirement.

Thank you,
Koala

 

[Koivisto - 2009]

Re: Risk Management - Please Help

From what I have read and heard, it will take a year for the auditors to train to rev C so you'll have to wait. If anyone has heard different please let me know. For risk mgmt I understand is how you manage risk at each stage from start to finish. There are lots of good lines on this site.

 

[Mahesan]

Re: Risk Management - Please Help

Hi

Besides the risk mgt standard for medical devices, there is a draft standard ie ISO 31000 available. It is slated for official release in June 2009 if I am not mistaken. There is quite a lot of information on this standard on the net (Google search etc) . In fact, you can even download the draft standard from certain web links

I have personally used the Australian / New Zealand standard AS/NZS 4360:2004 published by Standards Australia & have foundd it to be helpful.

Both the above standards are quite similar and are generic enough to be applied in any industry or project etc. They adopt the same approach in risk management practices.

I have have personally used it in aerospace related projects as well as in organizational level risk & crisis management planning across the board.

Hope this helps.

Regards

Mahesan

 

[Koala]

Re: Risk Management - Please Help

I will check out that draft standard and see if it offers me the help I need. Thank you.

 

[Jeff Frost]

Re: Risk Management - Please Help

If you still have a copy of Boeing’s Advanced Quality Systems Tools document D1-9000-1 there is a section on risk analysis and I believe I saw at one that DCMA had a training module about risk management.

 

[Sidney Vianna]

The Boeing D1-9000-1 document, section 1.7.2 talks about risk analysis, but, it focus on product risk. The requirement for risk management from AS9100 Rev.C, however, is much broader than hardware risk.

I suspect that Risk Management and Project Management will be serious areas for contention between auditees and auditors in the years to come.

 

[Koala]

Sidney,
I agree with you that this will be a most interesting area to understand, implement, and be audited to. That is why I came here for help. I appreciate anything you have to offer on this subject.
I will check out the ISO 31000 draft and I have already been perusing the Boeing D1-9000 document. I will keep at it and keep checking back here to see if anyone else has anything to offer.
Thank you very much for your time.

Koala.

 

[Sidney Vianna]

I will check out the ISO 31000 draft and I have already been perusing the Boeing D1-9000 document.

I believe that ISO 31000, Enterprise Risk Management is way too broad for the task a hand. A suggestion for you: check SAE ARP9134, Supply Chain Risk Management Guideline and apply the guidance contained therein for your own organization.

 

[Mahesan]

You can get a draft copy of ISO 31000 at : rmia.org.au. It is modeled very much on the ASNZS 4360:2004

Although it describes the process of identifying, controlling, managing & mitigating risks, it doesn't provide any templates etc. In practise, the tables are very similar to those used in the FMEA process. (Impact = Consequence x Likelihood)

Have attached a downloaded file from the net which might provide further insght to the RM process.

 

[Jeff Frost]

I believe that ISO 31000, Enterprise Risk Management is way too broad for the task a hand. A suggestion for you: check SAE ARP9134, Supply Chain Risk Management Guideline and apply the guidance contained therein for your own organization.

Sidney

I remember at one point the DIS version of AS9100 contained a reference to ISO 17666 Space systems – Risk management Standard. Would this Standard be a better starting point for developing an organizations risk management process?

Jeff