3 min read

Clause 6.1 “actions to address risks and opportunities” of ISO 9001:2015 replaces the ‘’preventative actions’’ implicitly incorporated in the previous standard to mitigate and avoid risk.

The term ‘’risk’’ as used in the standard is a deviation from the expected. This deviation can be positive or negative. This positive deviation can safely create a path to a new opportunity. Hence, addressing risk could result to pursuing a new opportunity. Effective risk management definitely results to effective preparation for uncertainties.

Opportunities can include such things as: 

  • Adoption of new customers,
  • Manufacture of new products,
  • Implementation of new technology or practices.


Click Here to Download Readymade Editable Toolkits & Templates on Quality Assurance/Quality Control, Lean Six Sigma, Lean Manufacturing, Six Sigma, ISO 9001, ISO 14001, ISO 22000, ISO 45001, FSSC 22000, HSSE, Project Management etc.

The following are some specific areas where risk appears and are mandatory in the new standard: 

  • Organizational context: Specifically, clause 4.4 ‘’quality management system and its processes’’ mandating the overall quality management system (QMS) to consider both risks and opportunities as part of its core planning processes.
  • Leadership: Specifically, clause 5.1 ‘’leadership and commitment’’, mandating those leading the organization to promote risk-based thinking. And, clause 5.1.2 ‘’customer focus’’, ensuring that risks and opportunities that affect customers are determined and addressed.
  • Planning: Specifically, clause 6.1 ‘’actions to address risks and opportunities’’ mandating determining and addressing risks and opportunities when planning for the QMS.
  • Performance evaluation: Specifically, clause 9.1.3 ‘’analysis and evaluation’’ mandating evaluation of the effectiveness of actions taken to address risks and opportunities.
  • Improvement: Specifically, clause 10.2 ‘’nonconformity and corrective action’’ mandating update of risks and opportunities determined during planning, if necessary.


Methods of Identifying and Addressing Risk 

They include: 

Click Here to Join the Over 200 Students Taking our Highly Rated Courses on Quality Assurance/Quality Control, Lean Six Sigma, Lean Manufacturing, Six Sigma, ISO 9001, ISO 14001, ISO 22000, ISO 45001, FSSC 22000, Product Development etc. on UDEMY.

Steps to Address Risks and Opportunities

Two metrics are needed to effectively evaluate risk and opportunities, they: 

  • Probability: The possibility that the risk would occur.
  • Severity: The seriousness of the risk if it occurs.

 Consider the following steps when addressing risks and opportunities:

  • Determine the type and source of risk and opportunity: Does it originate from context, process and products/ services.
  • Determine Risk Category: What category is the risk classified?
  • Determine Risk Impact and Probability: Define the impact and the probability of the risk occurring.
  • Determine Risk Treatment and Action: Determine how the organization will treat the risk and create a predefined list of treatments. Also, determine acceptable action to treat the risk.
  • Review and Documentation: Regularly review risks and opportunities and ensure proper documentation at each stage of the process as evidence of actions taken.


Click Here to Download Readymade Editable Toolkits & Templates on Quality Assurance/Quality Control, Lean Six Sigma, Lean Manufacturing, Six Sigma, ISO 9001, ISO 14001, ISO 22000, ISO 45001, FSSC 22000, HSSE, Project Management etc.


About the Author

Adebayo is a thought leader in continuous process improvement and manufacturing excellence. He is a Certified Six Sigma Master Black Belt (CSSMBB), Digital Manufacturing Professional and Management Systems Lead Auditor (ISO 9001, 45001 & ISO 22000) with strong experience leading various continuous improvement initiative in top manufacturing organizations. 

You can reach him here.

Comments
* The email will not be published on the website.