Tools for Risk - ISO 9001:2015 - Suggestions

[QAMTY]

Hello everyone

Please advise on the next point.

Im trying to comply with 6.1 in 9001 2015 (risks) and I´m trying to use
ISO 31010 as a reference.
Additionally I have seen information on the web, where it is mentioned that for complying to the risk assessment for 9001, it could be used a fishbone tool (cause and effect analysis) for it.

However in table A-1, page 22, the level of risk, probability, consequence and risk evaluation , is stated that cause and effect analysis is not Applicable N/A. Compared against SWIFT, where everything apply (S/A).

In your opinion, and complying with 9001 2015, what tool is it recommended?

My business is a print shop, really no big risks around me

Please feedback on this matter.

Thanks

 

[DRAMMAN]

If you are already ISO901:2008 certified try talking to your auditor or CB to see if they have any recommendations. or what they are seeing at other clients.

FMEA's are great tools. Try researching project risk analysis for other ideas.

Obviously, we all want to pass the audit buy try not to make that your sole focus. I am sure documenting potential risks and how you are managing that risk will make you a better company by simply going through the process.

My assumption is that auditors can not reject any documentation as not good enough since they offer no requirement beyond documented information. As along as you can demonstrate you use RBT in managing your business and have some documented information to support that then you are golden.

Questions may arise if your risk analysis is very weak or not very relevant to the QMS. As an example, lets say your only identified risks are very minor details such as the risk of your garbage bags breaking. A better example of risk based thinking would be as follows.

Risk: My sole ink supplier goes out of business leaving me unable to deliver orders.

Counter measure: We identified 2 back up supplier, verified their offerings meet our needs, and give them some business so a relationship is established.

There is no requirement to rank risks or use more elaborate methods.

Then as part of your RBT process your team reviews the risk list and countermeasures every year.

 

[QAMTY]

Thanks DRAMMAN for your comments.

 

[DRAMMAN]

There are several RBT books and classes available now if you really want to learn more. I am sure the consultants are hard at work as I speak creating more.

 

[dsanabria]

... Im trying to comply with 6.1 in 9001 2015 (risks) and I´m trying to use
ISO 31010 as a reference.
Additionally I have seen information on the web, where it is mentioned that for complying to the risk assessment for 9001, it could be used a fishbone tool (cause and effect analysis) for it.

However in table A-1, page 22, the level of risk, probability, consequence and risk evaluation , is stated that cause and effect analysis is not Applicable N/A. Compared against SWIFT, where everything apply (S/A).

In your opinion, and complying with 9001 2015, what tool is it recommended?

My business is a print shop, really no big risks around me

Please feedback on this matter. ...

This is what the aerospace uses as guidance - hope it helps.
.