Welcome

Welcome!
Thanks for visiting this blog. Please share information about this blog among your friends interested in ISO 9001:2015 QMS Awareness.
- Keshav Ram Singhal
krsinghal@rediffmail.com
keshavsinghalajmer@gmail.com
Blog on 'Quality Concepts and ISO 9001: 2008 Awareness' at http://iso9001-2008awareness.blogspot.in

Academic comments are invited. Please join this site. Reproduction of articles from this blog is encouraged, provided prior information is provided. Please give credit to the blog and the writer, and also send a copy of the published material to the editor of the blog.

Various information, quotes, data, figures used in this blog are the result of collection from various sources, such as newspapers, books, magazines, websites, authors, speakers, information from google search, ChatGPT (a large language model trained by OpenAI), Gemini Google, Bing Copilot and other AI tools etc. Unfortunately, sources are not always noted. The editor of this blog thanks all such sources.

Encouragement Support - Please become a member of NCQM - National Centre for Quality Management

People from following (more than 90) countries/economies have visited this blog: Albania, Algeria, Argentina, Australia, Austria, Azerbaijan, Bahamas, Bahrain, Bangladesh, Belgium, Bosnia and Herzegovina, Brazil, Bulgaria, Burundi, Cambodia, Canada, Chile, China, Colombia, Croatia, Denmark, Ecuador, Egypt, Estonia, Ethiopia, European Union, Finland, France, Georgia, Germany, Gibraltar, Greece, Hong Kong, Iceland, India, Indonesia, Ireland, Israel, Italy, Japan, Kenya, Luxembourg, Lebenon, Macedonia, Malawi, Malaysia, Malta, Mauritius, Mexico, Moldova, Monaco, Morocco, Myanmar, Namibia, Nepal, Netherlands, Nigeria, Oman, Pakistan, Peru, Philippines, Poland, Portugal, Qatar, Romania, Russia, Saudi Arabia, Serbia, Seychelles, Singapore, Slovakia, Slovenia, South Africa, South Korea, Spain, Sri Lanka, Sudan, Sweden, Taiwan, Tanzania, Thailand, Trinidad and Tobago, Tunisia, Turkey, Uganda, Ukraine, United Kingdom, United Arab Emirates, United States, Venezuela, Vietnam, Yemen, Zimbabwe.

Tuesday, March 3, 2020

Applying Risk-based Thinking - Overview of risk assessment tools and techniques


Overview of risk assessment tools and techniques

For understanding a formal risk management following standards may be useful for your reference:
- ISO 31000:2018, Risk management - Guidelines
- ISO/TR 31004:2013, Risk management - Guidance for the implementation of ISO 31000
- IEC 31010:2019, Risk management - Risk assessment techniques

Every organization, whether it is small, medium or large, private or public, manufacturing or service, faces various factors and influences that may be internal and external. Internal and external factors and influences in an organization lead to uncertainty with regard to achievement of organization’s objectives. The effect of uncertainty on the organization’s objectives is termed as risk. Thus risk is an effect of uncertainty on objectives. An effect is a deviation from the expected. The effect may be positive and/or negative. To manage risk, an organization needs to carry out coordinated activities. Risk management is a process that is underpinned by a set of principles. Also it needs to be supported by a structure that should be appropriate to the organization, its environment and context. International Organization for Standardization (ISO) in 2009 has published an International Standard ISO 31000 that describes Risk management – Principles and guidelines, which has been revised and published in 2018 as Risk management - Guidelines. ISO 31000:2018 standard targets the quality of an organization’s management and suggests risk management frameworks, processes and activities that should be followed to help organizations better meet their goals and objectives. ISO 31000:2018 standard describes an overall approach to risk management, not just risk analysis or risk assessment. ISO 31000:2018 standard takes a general approach that can be developed. ISO 31000:2018 standard helps organizations develop a risk management strategy to effectively identify and mitigate risks, thereby enhancing the likelihood of achieving their objectives and increasing the protection
of their assets. Its overarching goal is to develop a risk management culture where employees and stakeholders are aware of the importance of monitoring and managing risk.

You can get the copy of standards from the national standards body in your country that is a member of ISO. In India, Bureau of Indian Standards (Website - http://bis.org.in/) is the national standards body, where you can get copies of standards.

There are various tools and techniques mentioned in ISO 31010:2018 standard that can be used for risk assessment. List of such a few tools and techniques are as under:
(i) Brainstorming
(ii) Structured or semi-structured interviews
(iii) Delphi
(iv) Check-lists
(v) Primary hazard analysis
(vi) Hazard and operability studies (HAZOP)
(vii) Hazard Analysis and Critical Control Points (HACCP)
(viii) Environmental Risk Assessment
(ix) Structured 'What If' Technique (SWIFT)
(x) Scenario analysis
(xi) Business impact analysis
(xii) Root cause analysis
(xiii) Failure mode effect analysis (FMEA)
(xiv) Fault tree analysis (FTA)
(xv) Event free analysis
(xvi) Cause and consequence analysis
(xvii) Cause and effect analysis
(xviii) Layers of protection analysis (LOPA)
(xix) Decision tree analysis
(xx) Human reliability analysis
(xxi) Bow tie analysis
(xxii) Reliability centred maintenance
(xxiii) Sneak circuit analysis
(xxiv) Markov analysis
(xxv) Monte Carlo simulation
(xxvi) Bayesian statistics and Bayes Nets
(xxvii) FN curves
(xxviii) Risk indices
(xxix) Consequence/probability matrix
(xxx) Cost/benefit analysis
(xxxi) Multi-criteria decision analysis (MCDA)

In forthcoming chapters, we will focus on a few tools and techniques that an organization may implement for addressing risks and opportunities in the organization.

There is no requirement in ISO 9001:2015 QMS standard for a formal risk management or a documented risk management process. The concept of preventive action is expressed in ISO 9001:2015 QMS standard through the risk-based thinking. Risk-based thinking should be applied in the cyclic process that should include:
- Indentify risks,
- Determine the severity of consequences,
- Evaluate likelihood of occurrence,
- Determine policy and action plan to deal with it it happens,
- Monitor and review .... and so on.

We will focus on a few tools and techniques in the forthcoming articles.

- Keshav Ram Singhal

Organizations may contact for conducting in-house training program on (i) 'ISO 9001:2015 QMS Awareness', and (ii) 'Applying risk-based thinking.'


No comments:

Post a Comment