Presentation is loading. Please wait.

Presentation is loading. Please wait.

Risky Business Standalone ISO9001:2015 Risk-Based Thinking and Integration of Risk Management with ISO9001:2015.

Similar presentations

Presentation on theme: "Risky Business Standalone ISO9001:2015 Risk-Based Thinking and Integration of Risk Management with ISO9001:2015."— Presentation transcript:

1 Risky Business Standalone ISO9001:2015 Risk-Based Thinking and Integration of Risk Management with ISO9001:2015

2 Presenters Clark Leiphart Senior Quality Engineer, Modular Mining
Christina Cook, J.D. Manager, Global Commercial Operations, Modular Mining.

3 Outline Definitions Simple Method for using risk with ISO9001
More Comprehensive Method for using ISO31000 risk principles Tools and further research

4 Risk –Definitions PMI: An uncertain event that, if it occurs, has a positive or negative effect on a project’s objectives. ISO9000: risk: effect of uncertainty Note 1 to entry: An effect is a deviation from the expected — positive or negative. Note 2 to entry: Uncertainty is the state, even partial, of deficiency of information (3.8.2) related to, understanding, or knowledge of, an event, its consequence, or likelihood. Note 3 to entry: Risk is often characterized by reference to potential events (as defined in ISO Guide 73:2009, ) and consequences (as defined in ISO Guide 73:2009, ), or a combination of these. Note 4 to entry: Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood (as defined in ISO Guide 73:2009, ) of occurrence. Note 5 to entry: The word “risk” is sometimes used when there is the possibility of only negative consequences.

5 Risk –Definitions and Assumptions
ISO9001 Assumptions: The concept of risk has always been a component of ISO 9001 and ISO 14001, by requiring the organization to plan its processes and manage its business to avoid undesirable results. Organizations have typically done this by putting greater emphasis on planning and controlling processes that have the biggest impact on the quality of the products and services they provide. The way in which organizations manage risk varies depending on their business context (e.g. the criticality of the products and services being provided, complexity of the processes, and the potential consequences of failure)

6 Risk –Definitions and Assumptions
ISO31000 Assumptions: Risk management is a central part of the strategic management of any organization. It is the process whereby organizations methodically address the risks attached to their activities. This is a process-based approach: 9001 Nomenclature Nomenclature Plan Design Do Implement Check Monitor Act Improve

7 9001:2015 Risky Excerpts Context of the Organizations
Clause 4.4 f) - QMS and its processes - determine the risks and opportunities in accordance with the requirements of (see below) and plan and implement the appropriate actions to address them Leadership Clause 5.1.1d) promoting the use of the process approach and risk based thinking Clause b) Customer Focus - the risks and opportunities that can affect conformity of products and services…..

8 9001:2015 Risky Excerpts Planning
Clause & Actions to address risk and opportunities.. proportionate to the potential impact….. Operation 8.1 Operational planning and control - review the consequences of unintended changes taking action to mitigate any adverse effects, as necessary

9 9001:2015 Example Combining Management Review, Auditing and Corrective/Preventive Action Systematically As a part of Management Review, we deal with opportunities and problems on the basis of a simple model: Risk / Consequence High Med Low Vote

10 9001:2015 Example Management Review – Within each area of the agenda, order items on the basis of risk, and assure adequate assignment of resources. ISO 9001 Customer Feedback (ticket surveys, escalations, customer visits, and field campaigns) ISO 9001 Process and Product Conformity(risk based) ISO 9001 Audit Planning and Results-(risk based) ISO 9001 Update on status of Corrective and Preventive Actions(risk based) ISO 9001 Risk Assessment and Management based on results of 1-4(prioritized) Changes to the ISO9001 quality management system and recommendations for QMS improvement Review/Follow Up on Prioritized Action Items

11 9001:2015 Example Auditing

12 9001:2015 Example CAPAs

13 31000 Risky Excerpts Establishing the context Risk Identification
Risk Analysis Risk Evaluation Risk Treatment Periodic Monitoring and Review

14 31000 Risk Template

15 31000 Risk Template

16 9001:2015 and 31000 Examples Concluding Thoughts
Even though 9001:2015 does not REQUIRE a formal risk management methodology, there is an opportunity to consistently use risk management throughout a company, on products and services offered to customers, as well as on internal operational processes. The integration and management of risk across the organization should yield an increase in operational efficiency and a common internal vocabulary to pursue opportunities and reduce unintended consequences.

17 Links and References To be added before uploading to ASQ0707

Download ppt "Risky Business Standalone ISO9001:2015 Risk-Based Thinking and Integration of Risk Management with ISO9001:2015."

Similar presentations

Ads by Google