Checklist for businesses seeking ISO 9001 certification. Includes a description of documents that a SME must possess as well as procedures that should be in place.
Checklist for businesses seeking ISO 9001 certification. Includes a description of documents that a SME must possess as well as procedures that should be in place.Full description
Checklist fo gap analysis - ISO9001:2015
Performance requirements for the assessment, control, monitoring and reporting of material risks that could impact Our Purpose and business plans.
Descripción: iso 9001
Risk managementDeskripsi lengkap
risk management
ISO 9001:2015 Audit Checklist
Descripción: risk management probability exam p exam 1
This document is a practical guide to risk management. The intended audience is project managers and others who are attempting to effectively manage project risks.Full description
TUV Middle TUV Midd le East Member of TÜV NORD Group ISO ISO 9001 9001:2015 :2015 & Risk Ris k Based B ased Think Thi nkin ing g (based on ISO DIS 9001:2015) By: Shibu Shibu Davie Daviess – GM
Content
ISO 9001:2015 9001:2015 – elements elements addressing addressing risk management management Risk based thinking Reason for risk based thinking (as per ISO) Risk definition Types of risk Risk management frame work Risk evaluation matrix Risk register Risk reporting / communication Risk monitoring / review
TUV ME │ ISO 9001:2015
ISO 9001:2015 9001:2015 – ELE ELEMENT MENTS S ADDRE ADDRESSIN SSING G RISK MANAGEMENT
0.1 General – QMS is influenced by the context of the organization, organization, (b) particularly with
respect to “the risks associated associ ated with its context and objectives”
0.3 0.3 Proc Proc ess appro ach – Management of the processes and the the system as a whole can
be achieved using a PDCA methodology with an overall focus on “risk based thinking aimed at preventing undesirable outcomes”
0.5 0.5 Risk Risk based based thi nking – full clause is about risk, key statement – “this international
standard makes risk-based thinking more explicit and incorporates it in requirements for the establishment, implementation, maintenance and continual improvement of the QMS”
0.6 0.6 Compatibil Compatibil ity wi th other management management system standards:
- “Processes for planning and consideration of risks and opportunities (Clause 6)” - However, However, this International Standard enables an organization to use the process approach, coupled with the PDCA methodology methodology and “risk-based thinking” to align or integrate its QMS with the requirements of other management system standards as it sees fit TUV ME │ ISO 9001:2015
ISO 9001:2015 9001:2015 – ELE ELEMENT MENTS S ADDRE ADDRESSIN SSING G RISK MANAGEMENT
3.09 3.09 – ris k (various (various terms and defini defini tions r elated elated to ris k)
4.4 4.4 – QMS QMS and and its processes – for planning the organization shall determine (f) the
“risks and opportunities” in accordance with the requirements of 6.1, and plan and implement the appropriate actions to address them
5.1. 5.1.2 2 Cust Customer omer focus foc us – Top management shall demonstrate leadership and
commitment with respect to customer focus by ensuring that (b) “the risks and opportunities” that can affect conformity of products and services and the ability to enhance customer satisfaction are determined and addressed
6.1 6.1 Action to address ris ks and opportu niti es – this full clause is about risk –
including PDCA elements elements of risk r isk management
8.5.5 Post-delivery activities - In determining the extent of post-delivery activities activities that
are required, the organization shall consider (a) the “risks “risk s associated with the products and services”
9.3 Management review – The management review shall be planned and carried out
taking into consideration (d) the effectiveness of actions taken to address risks and opportunities (see clause 6.1) TUV ME │ ISO 9001:2015
RISK BASED THINKING !!! risk management is an integral part of any organization's strategic management. It is the process whereby organizations methodically address the risks attaching to their activities with the goal of achieving sustained benefit within each activity and across the portfolio of all activities !!!
TUV ME │ ISO 9001:2015
identify and treat risks objective of risk management is sustainability risk management should be an ongoing process better to define and document
this is everyone's responsibility
risk can be internal or external integrate risk management in to the culture responsibility shall be assigned this is a preventive measure
REASON FOR RISK BASED THINKING (AS PER ISO)
Reason
TUV ME │ ISO 9001:2015
• Improv Improve e custo customer mer satis satisfac factio tion n and and confidence • Ass Assure ure consis consisten tency cy of of quali quality ty of of the product • Establish Establish pro-activ pro-active e cultur culture e of preventio prevention n and improvement • Succes Successfu sfull compan companies ies intui intuitiv tively ely take take a risk-based approach
RISK DEFINITION Risk Effect of uncertainty on an expected result Note 1: An effect is deviation deviation from expected – positive or negative Note 2: Uncertainty is the state, even partial, of deficiency of information related to, understanding or knowledge of, an event, its consequence, or likelihood Note 3: Risk is often expressed in terms of a combination c ombination of the consequences of an event and the associated likelihood occurrence Ref.: ISO DIS 9000:2014
TUV ME │ ISO 9001:2015
TYPES OF RISK
!!! focus shou ld be on product f o r ISO 9001:2015 9001:2015 !!!
TUV ME │ ISO 9001:2015
RISK MANAGEMENT FRAMEWORK
!!! organization can adapt adapt the th e framework !!!
TUV ME │ ISO 9001:2015
RISK EV EVALUA ALUATIO TION N MA M ATRIX
!!! organization can adapt adapt the th e risk evaluation matrix !!!
TUV ME │ ISO 9001:2015
RISK REGISTER Re f. #
Pr o c e ss
Ri sk
Rating P ro ro .
!!! organization can adapt the ris k register !! ! Rating can be done based on 3X3 matrix or 5X5 matrix or any suitable methods Product related TUV ME │ ISO 9001:2015
Mi t i g a t i o n
Co n t i g e n c y
S ev ev . Si Si g .
Res.. Risk Ratin g Res Pr o .
Se v .
Responsibility
Si g .
a. Avoi Avoidi ding ng risk risk b. Taking risk risk in order order to pursue pursue an opportunity c. Elimin Eliminati ating ng the risk risk source source d. Changing Changing the the likelihood likelihood or or consequences consequences e. Sharin Sharing g the risk risk f. Retain Retaining ing risk by by informe informed d decisi decision on
This will be the risk rating after the implementation implementation of mitigation & contingency plan
RISK REPORTING / COMMUNICATION
Internal reporting / communication
• • • • •
Share holde lders Boar Board d of of dir direc ecto tors rs Top mana manage geme ment nt Midd Middle le mana manage geme ment nt Other staff
External reporting / communication
• Regulators • Associatio tions • Othe Otherr sta stake ke hold holder erss
!!! organization organization can adapt adapt according to t he nature nature of b usiness !! ! TUV ME │ ISO 9001:2015
RISK MONITORING / REVIEW
Monitoring / review
TUV ME │ ISO 9001:2015
• Did the intend intended ed result result achie achieved ved • Did the the mitig mitigati ation on and and conti conting ngenc encyy plan plan appropriate