One of the major changes in the 2015 revision is to apply a systematic approach to risk. Thus, it requires applying a risk-based thinking. Although in the previous editions of ISO 9001 standards, a clause preventive action was always there, however now the planning and addressing risks and opportunities are part of the quality management system as a proactive approach. By applying a risk-based thinking in the system, an organization becomes proactive rather than reactive.
Clause 6 of ISO 9001:2015 QMS standard requires an organization to (i) determine risks and opportunities, (ii) plan actions to address risks and opportunities, and (iii) ensure actions taken (to address risks and opportunities) must be in proportionate to the potential impact on product/service conformity. In this connection the organization needs to plan: (i) ways to integrate and implement actions (to address risks and opportunities) into its quality management system, and (ii) methodology to evaluate the effectiveness of the actions taken.
So, planning of proposed actions should be adequate. Before planning processes that address risks and opportunities, you need to analyze the relative importance of risks and opportunities in your quality management system. Risks and opportunities should be evaluated using appropriate tools and techniques. When risk levels are high, appropriate risks reduction actions should be implemented and integrated into the quality management system. Risk reduction action should be proportionate to the potential impact on the conformity of product/service.
Some of the suggested actions may be:
- Regular (not one time) determination and analysis of internal and external issues
- Periodic analysis and review of QMS processes and resources
- Improvement of procedures and methodologies
- Analysis of all possible consequences of changes
- Improvement of leadership skills
- Determining required frequency of internal audits and management reviews
- Control of decisions implementation
- Monitoring of information on internal and external issues
- Monitoring of information on interested parties and their needs and expectations
- Monitoring of maintenance / repair schedule and its revision
- Improvement of people's competence and skills
Organizations can use risk assessment tools and techniques. In this training handbook, you will find overview of risk assessment tools and techniques, details of a few tools and techniques (such as, Brainstorming, Check-lists, FEMA, Delphi). A simple method to determine risks and opportunities is mentioned as well as a format is designed for this.
In short, determine and understand what your risks (and opportunities) are, plan actions to address your risks (and opportunities), so that you may avoid and eliminate your risks.
- Keshav Ram Singhal
Organizations may contact for conducting in-house training program on (i) 'ISO 9001:2015 QMS Awareness', and (ii) 'Applying risk-based thinking.'
No comments:
Post a Comment