One of the key changes in the 2015 revision of ISO 9001 is to establish a systematic approach to risk, rather than treating it as a single component of a quality management system. By taking a risk-based approach, an organization becomes proactive rather than purely reactive, preventing or reducing undesired effects and promoting continual improvement. Preventive action is automatic when a management system is risk-based.
ISO 9001:2015 defines risk as “the effect of uncertainty on an expected result.” The term “uncertainty” is clarified as a lack of information or knowledge about an event that can be expressed in terms of consequences the likelihood of occurrence.
- An effect is a deviation from the expected – positive or negative
- What could happen and what the effect of this happening might be
- Also considers how likely it is
The objectives of inserting more risk management into ISO 9001 are aimed at addressing a variety of management needs such as:
- Moving to more of a data-driven decision process that increases objectivity (not just going on a hunch)
- Being able to more accurately prioritize risks and allocate resources to mitigating them more successfully (optimize business effectiveness)
- Capturing, retaining and transferring organizational knowledge regarding risk mitigation as employees and managers change (removing tribal knowledge)
- Broadening the knowledge base regarding risk and creating communication and trust among those who are involved (more companywide commitment and ownership)
Designed to support optimization of operational management strategies and remove Risk factors, the VISIBILITY.net ERP software solution consists of integrated modules that enable effective management of customer relationships, quotes, projects, costs, material and resource planning, product engineering and manufacturing, business performance, finance and global issues, where supply chain collaboration is key to your success.
Check out this powerpoint presentation from ISO on Risk-Based Thinking by clicking here.