SlideShare a Scribd company logo

Iso9001 risk based thinking tailieu

Download as DOCX, PDF
TranDung company
TranDung company

Iso9001 risk based thinking tailieu

Technology
1 of 5
ISO/TC 176/SC2/N1269 www.iso.org/tc176/sc02/public International Organization for Standardization BIBC II, Chemin de Blandonnet 8 , CP 401, 1214 Vernier, Geneva , Switzerland Tel: +41 22 749 01 11, Web: www.iso.org RISK-BASED THINKING IN ISO 9001:2015 Purpose of this paper • to explain risk-based thinking in ISO 9001 • to address perceptions and concerns that risk-based thinking replaces the process approach • to address the concern that preventive action has been removed from ISO 9001 • to explain in simple terms each component of risk-based thinking What is risk-based thinking? One of the key changes in the 2015 revision of ISO 9001 is to establish a systematic approach to considering risk, rather than treating “prevention” as a separate component of a quality management system. Risk is inherent (vốn có, thuộc về) in all aspects (các khía cạnh ) of a quality management system. There are risks in all systems, processes and functions. Risk-based thinking ensures these risks are identified, considered and controlled throughout the design and use of the quality management system. In previous editions of ISO 9001, a clause on preventive action was separated from the whole. By using risk-based thinking the consideration of risk is integral. It becomes proactive rather than reactive in preventing or reducing undesired effects through early identification and action. Preventive action is built-in when a management system is risk-based. Risk-based thinking is something we all do automatically in everyday life. Example: If I wish to cross a road I look for traffic before I begin. I will not step in front of a moving car. Risk-based thinking has always been in ISO 9001 – this revision builds it into the whole management system. In ISO 9001:2015 risk-based thinking needs to be considered from the beginning and throughout the system, making preventive action inherenttoplanning, operation, analysisand evaluation activities. Risk-based thinking is already part of the process approach.
ISO/TC 176/SC2/N1269 www.iso.org/tc176/sc02/public Not all the processes of a quality management systemrepresent the same level of risk in terms of the organization’s ability to meet its objectives. Some need more careful and formal planning and controls than others. Example: To cross the road I may go directly or I may use a nearby footbridge. Which process I choose will be determined by considering the risks. Risk is commonly understood to have only negative consequences; however the effects of risk can be either negative or positive. In ISO 9001:2015 risks and opportunities are often cited together. Opportunity is not the positive side of risk. An opportunity is a set of circumstances which makes it possible to do something. Taking or not taking an opportunity then presents different levels of risk. Example: Crossing the road directly gives me an opportunity to reach the other side quickly, but if I take that opportunity there is an increased risk of injury from moving cars. Risk-based thinking considers both the current situation and the possibilities for change. Analysis of this situation shows opportunities for improvement: • a subway leading directly under the road • pedestrian traffic lights, or • diverting the road so that the area has no traffic Where is risk addressed inISO 9001:2015? The concept of risk-based thinking is explained in the introduction of ISO 9001:2015 as an integral part of the process approach. ISO 9001:2015 uses risk-based thinking in the following way: Introduction - the concept of risk-based thinking is explained Clause 4 - organization is required to address the risks and opportunities associated with its QMS processes Clause 5 – top management is required to  Promote awareness of risk-based thinking  Determine and address risks and opportunities that can affect product /service conformity Clause 6 - organization is required to identify risks and opportunities related to QMS performance and take appropriate actions to address them Clause 7 – organization is required to determine and provide necessary resources (risk is implicit whenever “suitable” or “appropriate” is mentioned)
ISO/TC 176/SC2/N1269 www.iso.org/tc176/sc02/public Clause 8 - organization is required to manage its operational processes (risk is implicit whenever “suitable” or “appropriate” is mentioned) Clause 9 - organization is required to monitor, measure, analyse and evaluate effectiveness of actions taken to address the risks and opportunities Clause 10 - organization is required to correct, prevent or reduce undesired effects and improve the QMS and update risks and opportunities Why use risk-based thinking? By considering risk throughout the system and all processes the likelihood of achieving stated objectives is improved, output is more consistent and customers can be confident that they will receive the expected product or service. Risk-based thinking: • improves governance • builds a strong knowledge base • establishes a proactive culture of improvement • assists with statutory and regulatory compliance • assures consistency of quality of products and services • improves customer confidence and satisfaction Successful companies intuitively incorporate risk-based thinking. How do I do it? Use risk-based thinking in building your management systemand processes. Identify what your risks are – it depends on context Example: If I cross a busy road with many fast-moving cars the risks are not the same as if the road is small with very few moving cars. It is also necessary to consider such things as weather, visibility, personal mobility and specific personal objectives. Understand your risks What is acceptable, what is unacceptable? What advantages or disadvantages are there to one process over another? Example: Objective: I need to safely cross a road to reach a meeting at a given time. • It is UNACCEPTABLE to be injured.
ISO/TC 176/SC2/N1269 www.iso.org/tc176/sc02/public • It is UNACCEPTABLE to be late. Reaching my goal more quickly must be balanced against the likelihood of injury. It is more important that I reach my meeting uninjured than it is for me to reach my meeting on time. It may be ACCEPTABLE to delay arriving at the other side of the road by using a footbridge if the likelihood of being injured by crossing the road directly is high. I analyse the situation. The footbridge is 200 metres away and will add time to my journey. The weather is good, the visibility is good and I can see that the road does not have many cars at this time. I decide that walking directly across the road carries an acceptably low level of risk of injury and will help me reach my meeting on time. Plan actions to address the risks How can I avoid or eliminate the risk? How can I mitigate risks? Example: I could eliminate risk of injury caused by being hit by a vehicle if I use the footbridge but I have already decided that the risk involved in crossing the road is acceptable. Now I plan how to reduce either the likelihood or the impact of injury. I cannot reasonably expect to control the impact of a car hitting me. I can reduce the probability of being hit by a car. I plan to cross at a time when there are no cars moving near me and so reduce the likelihood of an accident. I also plan to cross the road at a place where I have good visibility. Implement the plan – take action Example: I move to the side of the road, check there are no barriers to crossing. I check there are no cars coming. I continue to look for cars whilst crossing the road. Check the effectiveness of the action – does it work? Example: I arrive at the other side of the road unharmed and on time: this plan worked and undesired effects have been avoided. Learn from experience – improve Example: I repeat the plan over several days, at different times and in different weather conditions. This gives me data to understand that changing context (time, weather, quantity of cars) directly affects the effectiveness of the plan and increases the probability that I will not achieve my objectives (being on time and avoiding injury).
ISO/TC 176/SC2/N1269 www.iso.org/tc176/sc02/public Experience teaches me that crossing the road at certain times of day is very difficult because there are too many cars. To limit the risk I revise and improve my process by using the footbridge at these times. I continue to analyse the effectiveness of the processes and revise them when the context changes. I also continue to consider innovative opportunities: • can I move the meeting place so that the road does not have to be crossed? • can I change the time of the meeting so that I cross the road when it is quiet? • can we meet electronically? Conclusion Risk-based thinking: • is not new • is something you do already • is continuous • ensures greater knowledge of risks and improves preparedness • increases the probability of reaching objectives • reduces the probability of negative results • makes prevention a habit Other useful documents ISO 31000:2009 Risk Management – Principles and guidelines PD ISO/TR 31004:2013 Risk management - Guidance for the implementation of ISO 31000 ISO 9001:2015 Risk-based thinking - power point presentation ISO 31010:2010 Risk management - Risk assessment techniques

Recommended

Iso9001 2015 and_risk
Iso9001 2015 and_riskIso9001 2015 and_risk
Iso9001 2015 and_riskAdel Younis
 
Pendekatan Resiko dalam ISO 9001:2015 Terbaru
Pendekatan Resiko dalam ISO 9001:2015 TerbaruPendekatan Resiko dalam ISO 9001:2015 Terbaru
Pendekatan Resiko dalam ISO 9001:2015 TerbaruShobrie Hardhi, SE, CFA, CLA, CPHR, CPTr.
 
Risk Management Lifecycle PowerPoint Presentation Slides
Risk Management Lifecycle PowerPoint Presentation Slides Risk Management Lifecycle PowerPoint Presentation Slides
Risk Management Lifecycle PowerPoint Presentation Slides SlideTeam
 
Risk based thinking in iso 90012015
Risk based thinking in iso 90012015Risk based thinking in iso 90012015
Risk based thinking in iso 90012015Bijan Abdolmaleki
 
Iso tc176-sc2 n1222-n1222_-_risk_in_iso_9001_2014-07
Iso tc176-sc2 n1222-n1222_-_risk_in_iso_9001_2014-07Iso tc176-sc2 n1222-n1222_-_risk_in_iso_9001_2014-07
Iso tc176-sc2 n1222-n1222_-_risk_in_iso_9001_2014-07Darwin93
 
Risk based thinking ppt mal
Risk based thinking ppt malRisk based thinking ppt mal
Risk based thinking ppt malmichaelnano79
 
9001-2015
9001-20159001-2015
9001-2015Dennis J Morgan
 
Risk based thinking in ms iso 9001 2015
Risk based thinking in ms iso 9001 2015Risk based thinking in ms iso 9001 2015
Risk based thinking in ms iso 9001 2015Muhamad Bustaman Abdul Manaf
 

Recommended

Iso9001 2015 and_risk
Iso9001 2015 and_riskIso9001 2015 and_risk
Iso9001 2015 and_riskAdel Younis
 
Pendekatan Resiko dalam ISO 9001:2015 Terbaru
Pendekatan Resiko dalam ISO 9001:2015 TerbaruPendekatan Resiko dalam ISO 9001:2015 Terbaru
Pendekatan Resiko dalam ISO 9001:2015 TerbaruShobrie Hardhi, SE, CFA, CLA, CPHR, CPTr.
 
Risk Management Lifecycle PowerPoint Presentation Slides
Risk Management Lifecycle PowerPoint Presentation Slides Risk Management Lifecycle PowerPoint Presentation Slides
Risk Management Lifecycle PowerPoint Presentation Slides SlideTeam
 
Risk based thinking in iso 90012015
Risk based thinking in iso 90012015Risk based thinking in iso 90012015
Risk based thinking in iso 90012015Bijan Abdolmaleki
 
Iso tc176-sc2 n1222-n1222_-_risk_in_iso_9001_2014-07
Iso tc176-sc2 n1222-n1222_-_risk_in_iso_9001_2014-07Iso tc176-sc2 n1222-n1222_-_risk_in_iso_9001_2014-07
Iso tc176-sc2 n1222-n1222_-_risk_in_iso_9001_2014-07Darwin93
 
Risk based thinking ppt mal
Risk based thinking ppt malRisk based thinking ppt mal
Risk based thinking ppt malmichaelnano79
 
9001-2015
9001-20159001-2015
9001-2015Dennis J Morgan
 
Risk based thinking in ms iso 9001 2015
Risk based thinking in ms iso 9001 2015Risk based thinking in ms iso 9001 2015
Risk based thinking in ms iso 9001 2015Muhamad Bustaman Abdul Manaf
 
PECB Webinar: Corrective Action or Preventative Action - The new risk based m...
PECB Webinar: Corrective Action or Preventative Action - The new risk based m...PECB Webinar: Corrective Action or Preventative Action - The new risk based m...
PECB Webinar: Corrective Action or Preventative Action - The new risk based m...PECB
 
Enterprise 360 degree risk management
Enterprise 360 degree risk managementEnterprise 360 degree risk management
Enterprise 360 degree risk managementInfosys
 
QMS Risk Workshop.pptx
QMS Risk Workshop.pptxQMS Risk Workshop.pptx
QMS Risk Workshop.pptxSITTIEBADRIADATUDACU1
 
ASIS - Training #4 - Social innovation risk management
ASIS - Training #4 - Social innovation risk managementASIS - Training #4 - Social innovation risk management
ASIS - Training #4 - Social innovation risk managementarmelleguillermet
 
Asis social innovation risk management_004_02.07.2020
Asis social innovation risk management_004_02.07.2020Asis social innovation risk management_004_02.07.2020
Asis social innovation risk management_004_02.07.2020armelleguillermet
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...PECB
 
Entrepreneur risk management pup feb_19_2022
Entrepreneur risk management pup feb_19_2022Entrepreneur risk management pup feb_19_2022
Entrepreneur risk management pup feb_19_2022michaelnano79
 
Topic 1 - Risk Auditing 1-17.pdf
Topic 1 - Risk Auditing 1-17.pdfTopic 1 - Risk Auditing 1-17.pdf
Topic 1 - Risk Auditing 1-17.pdfJavier138365
 
#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahiSN Panigrahi, PMP
 
Everything you need to know about Risk Management
Everything you need to know about Risk ManagementEverything you need to know about Risk Management
Everything you need to know about Risk ManagementITM Platform
 
ISO 9001-2015: New Risk Requirements
ISO 9001-2015: New Risk RequirementsISO 9001-2015: New Risk Requirements
ISO 9001-2015: New Risk RequirementsMasterControl
 
breakthrough performance with Six Sigma In Hse
breakthrough performance with Six Sigma In Hsebreakthrough performance with Six Sigma In Hse
breakthrough performance with Six Sigma In HseAli Irfan Kh. (LION)
 
Dealing with Auditors: Helping Them Understand Agile
Dealing with Auditors: Helping Them Understand AgileDealing with Auditors: Helping Them Understand Agile
Dealing with Auditors: Helping Them Understand AgileTechWell
 
ISO9001_2015_Risk_Based_Thinking.pptx
ISO9001_2015_Risk_Based_Thinking.pptxISO9001_2015_Risk_Based_Thinking.pptx
ISO9001_2015_Risk_Based_Thinking.pptxibr1722011
 
Risk Based Thinking ISO 9001 Presentation.pdf
Risk Based Thinking ISO 9001 Presentation.pdfRisk Based Thinking ISO 9001 Presentation.pdf
Risk Based Thinking ISO 9001 Presentation.pdfHimanshuMishra203021
 
Implementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet Surti
Implementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet SurtiImplementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet Surti
Implementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet SurtiPraneet Surti
 
Asis social innovation risk management
Asis social innovation risk managementAsis social innovation risk management
Asis social innovation risk managementarmelleguillermet
 
ASIS - social innovation risk management
ASIS - social innovation risk managementASIS - social innovation risk management
ASIS - social innovation risk managementarmelleguillermet
 
Nvq5 Health And Safety
Nvq5 Health And SafetyNvq5 Health And Safety
Nvq5 Health And SafetyBeth Hall
 
Vrm global overview march 2015 global
Vrm global overview march 2015 globalVrm global overview march 2015 global
Vrm global overview march 2015 globalVM Fleet(PTY)Ltd
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 

More Related Content

Similar to Iso9001 risk based thinking tailieu

PECB Webinar: Corrective Action or Preventative Action - The new risk based m...
PECB Webinar: Corrective Action or Preventative Action - The new risk based m...PECB Webinar: Corrective Action or Preventative Action - The new risk based m...
PECB Webinar: Corrective Action or Preventative Action - The new risk based m...PECB
 
Enterprise 360 degree risk management
Enterprise 360 degree risk managementEnterprise 360 degree risk management
Enterprise 360 degree risk managementInfosys
 
ASIS - Training #4 - Social innovation risk management
ASIS - Training #4 - Social innovation risk managementASIS - Training #4 - Social innovation risk management
ASIS - Training #4 - Social innovation risk managementarmelleguillermet
 
Asis social innovation risk management_004_02.07.2020
Asis social innovation risk management_004_02.07.2020Asis social innovation risk management_004_02.07.2020
Asis social innovation risk management_004_02.07.2020armelleguillermet
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...PECB
 
Entrepreneur risk management pup feb_19_2022
Entrepreneur risk management pup feb_19_2022Entrepreneur risk management pup feb_19_2022
Entrepreneur risk management pup feb_19_2022michaelnano79
 
Topic 1 - Risk Auditing 1-17.pdf
Topic 1 - Risk Auditing 1-17.pdfTopic 1 - Risk Auditing 1-17.pdf
Topic 1 - Risk Auditing 1-17.pdfJavier138365
 
#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahiSN Panigrahi, PMP
 
Everything you need to know about Risk Management
Everything you need to know about Risk ManagementEverything you need to know about Risk Management
Everything you need to know about Risk ManagementITM Platform
 
ISO 9001-2015: New Risk Requirements
ISO 9001-2015: New Risk RequirementsISO 9001-2015: New Risk Requirements
ISO 9001-2015: New Risk RequirementsMasterControl
 
breakthrough performance with Six Sigma In Hse
breakthrough performance with Six Sigma In Hsebreakthrough performance with Six Sigma In Hse
breakthrough performance with Six Sigma In HseAli Irfan Kh. (LION)
 
Dealing with Auditors: Helping Them Understand Agile
Dealing with Auditors: Helping Them Understand AgileDealing with Auditors: Helping Them Understand Agile
Dealing with Auditors: Helping Them Understand AgileTechWell
 
ISO9001_2015_Risk_Based_Thinking.pptx
ISO9001_2015_Risk_Based_Thinking.pptxISO9001_2015_Risk_Based_Thinking.pptx
ISO9001_2015_Risk_Based_Thinking.pptxibr1722011
 
Risk Based Thinking ISO 9001 Presentation.pdf
Risk Based Thinking ISO 9001 Presentation.pdfRisk Based Thinking ISO 9001 Presentation.pdf
Risk Based Thinking ISO 9001 Presentation.pdfHimanshuMishra203021
 
Implementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet Surti
Implementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet SurtiImplementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet Surti
Implementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet SurtiPraneet Surti
 
Asis social innovation risk management
Asis social innovation risk managementAsis social innovation risk management
Asis social innovation risk managementarmelleguillermet
 
ASIS - social innovation risk management
ASIS - social innovation risk managementASIS - social innovation risk management
ASIS - social innovation risk managementarmelleguillermet
 
Nvq5 Health And Safety
Nvq5 Health And SafetyNvq5 Health And Safety
Nvq5 Health And SafetyBeth Hall
 
Vrm global overview march 2015 global
Vrm global overview march 2015 globalVrm global overview march 2015 global
Vrm global overview march 2015 globalVM Fleet(PTY)Ltd
 

Similar to Iso9001 risk based thinking tailieu (20)

PECB Webinar: Corrective Action or Preventative Action - The new risk based m...
PECB Webinar: Corrective Action or Preventative Action - The new risk based m...PECB Webinar: Corrective Action or Preventative Action - The new risk based m...
PECB Webinar: Corrective Action or Preventative Action - The new risk based m...
 
Enterprise 360 degree risk management
Enterprise 360 degree risk managementEnterprise 360 degree risk management
Enterprise 360 degree risk management
 
QMS Risk Workshop.pptx
QMS Risk Workshop.pptxQMS Risk Workshop.pptx
QMS Risk Workshop.pptx
 
ASIS - Training #4 - Social innovation risk management
ASIS - Training #4 - Social innovation risk managementASIS - Training #4 - Social innovation risk management
ASIS - Training #4 - Social innovation risk management
 
Asis social innovation risk management_004_02.07.2020
Asis social innovation risk management_004_02.07.2020Asis social innovation risk management_004_02.07.2020
Asis social innovation risk management_004_02.07.2020
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
 
Entrepreneur risk management pup feb_19_2022
Entrepreneur risk management pup feb_19_2022Entrepreneur risk management pup feb_19_2022
Entrepreneur risk management pup feb_19_2022
 
Topic 1 - Risk Auditing 1-17.pdf
Topic 1 - Risk Auditing 1-17.pdfTopic 1 - Risk Auditing 1-17.pdf
Topic 1 - Risk Auditing 1-17.pdf
 
#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi
 
Everything you need to know about Risk Management
Everything you need to know about Risk ManagementEverything you need to know about Risk Management
Everything you need to know about Risk Management
 
ISO 9001-2015: New Risk Requirements
ISO 9001-2015: New Risk RequirementsISO 9001-2015: New Risk Requirements
ISO 9001-2015: New Risk Requirements
 
breakthrough performance with Six Sigma In Hse
breakthrough performance with Six Sigma In Hsebreakthrough performance with Six Sigma In Hse
breakthrough performance with Six Sigma In Hse
 
Dealing with Auditors: Helping Them Understand Agile
Dealing with Auditors: Helping Them Understand AgileDealing with Auditors: Helping Them Understand Agile
Dealing with Auditors: Helping Them Understand Agile
 
ISO9001_2015_Risk_Based_Thinking.pptx
ISO9001_2015_Risk_Based_Thinking.pptxISO9001_2015_Risk_Based_Thinking.pptx
ISO9001_2015_Risk_Based_Thinking.pptx
 
Risk Based Thinking ISO 9001 Presentation.pdf
Risk Based Thinking ISO 9001 Presentation.pdfRisk Based Thinking ISO 9001 Presentation.pdf
Risk Based Thinking ISO 9001 Presentation.pdf
 
Implementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet Surti
Implementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet SurtiImplementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet Surti
Implementing Risk Based Thinking in HLS OF ISO 9001:2015 - Praneet Surti
 
Asis social innovation risk management
Asis social innovation risk managementAsis social innovation risk management
Asis social innovation risk management
 
ASIS - social innovation risk management
ASIS - social innovation risk managementASIS - social innovation risk management
ASIS - social innovation risk management
 
Nvq5 Health And Safety
Nvq5 Health And SafetyNvq5 Health And Safety
Nvq5 Health And Safety
 
Vrm global overview march 2015 global
Vrm global overview march 2015 globalVrm global overview march 2015 global
Vrm global overview march 2015 global
 

Recently uploaded

[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 

Recently uploaded (20)

[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 

Iso9001 risk based thinking tailieu

  • 1. ISO/TC 176/SC2/N1269 www.iso.org/tc176/sc02/public International Organization for Standardization BIBC II, Chemin de Blandonnet 8 , CP 401, 1214 Vernier, Geneva , Switzerland Tel: +41 22 749 01 11, Web: www.iso.org RISK-BASED THINKING IN ISO 9001:2015 Purpose of this paper • to explain risk-based thinking in ISO 9001 • to address perceptions and concerns that risk-based thinking replaces the process approach • to address the concern that preventive action has been removed from ISO 9001 • to explain in simple terms each component of risk-based thinking What is risk-based thinking? One of the key changes in the 2015 revision of ISO 9001 is to establish a systematic approach to considering risk, rather than treating “prevention” as a separate component of a quality management system. Risk is inherent (vốn có, thuộc về) in all aspects (các khía cạnh ) of a quality management system. There are risks in all systems, processes and functions. Risk-based thinking ensures these risks are identified, considered and controlled throughout the design and use of the quality management system. In previous editions of ISO 9001, a clause on preventive action was separated from the whole. By using risk-based thinking the consideration of risk is integral. It becomes proactive rather than reactive in preventing or reducing undesired effects through early identification and action. Preventive action is built-in when a management system is risk-based. Risk-based thinking is something we all do automatically in everyday life. Example: If I wish to cross a road I look for traffic before I begin. I will not step in front of a moving car. Risk-based thinking has always been in ISO 9001 – this revision builds it into the whole management system. In ISO 9001:2015 risk-based thinking needs to be considered from the beginning and throughout the system, making preventive action inherenttoplanning, operation, analysisand evaluation activities. Risk-based thinking is already part of the process approach.
  • 2. ISO/TC 176/SC2/N1269 www.iso.org/tc176/sc02/public Not all the processes of a quality management systemrepresent the same level of risk in terms of the organization’s ability to meet its objectives. Some need more careful and formal planning and controls than others. Example: To cross the road I may go directly or I may use a nearby footbridge. Which process I choose will be determined by considering the risks. Risk is commonly understood to have only negative consequences; however the effects of risk can be either negative or positive. In ISO 9001:2015 risks and opportunities are often cited together. Opportunity is not the positive side of risk. An opportunity is a set of circumstances which makes it possible to do something. Taking or not taking an opportunity then presents different levels of risk. Example: Crossing the road directly gives me an opportunity to reach the other side quickly, but if I take that opportunity there is an increased risk of injury from moving cars. Risk-based thinking considers both the current situation and the possibilities for change. Analysis of this situation shows opportunities for improvement: • a subway leading directly under the road • pedestrian traffic lights, or • diverting the road so that the area has no traffic Where is risk addressed inISO 9001:2015? The concept of risk-based thinking is explained in the introduction of ISO 9001:2015 as an integral part of the process approach. ISO 9001:2015 uses risk-based thinking in the following way: Introduction - the concept of risk-based thinking is explained Clause 4 - organization is required to address the risks and opportunities associated with its QMS processes Clause 5 – top management is required to  Promote awareness of risk-based thinking  Determine and address risks and opportunities that can affect product /service conformity Clause 6 - organization is required to identify risks and opportunities related to QMS performance and take appropriate actions to address them Clause 7 – organization is required to determine and provide necessary resources (risk is implicit whenever “suitable” or “appropriate” is mentioned)
  • 3. ISO/TC 176/SC2/N1269 www.iso.org/tc176/sc02/public Clause 8 - organization is required to manage its operational processes (risk is implicit whenever “suitable” or “appropriate” is mentioned) Clause 9 - organization is required to monitor, measure, analyse and evaluate effectiveness of actions taken to address the risks and opportunities Clause 10 - organization is required to correct, prevent or reduce undesired effects and improve the QMS and update risks and opportunities Why use risk-based thinking? By considering risk throughout the system and all processes the likelihood of achieving stated objectives is improved, output is more consistent and customers can be confident that they will receive the expected product or service. Risk-based thinking: • improves governance • builds a strong knowledge base • establishes a proactive culture of improvement • assists with statutory and regulatory compliance • assures consistency of quality of products and services • improves customer confidence and satisfaction Successful companies intuitively incorporate risk-based thinking. How do I do it? Use risk-based thinking in building your management systemand processes. Identify what your risks are – it depends on context Example: If I cross a busy road with many fast-moving cars the risks are not the same as if the road is small with very few moving cars. It is also necessary to consider such things as weather, visibility, personal mobility and specific personal objectives. Understand your risks What is acceptable, what is unacceptable? What advantages or disadvantages are there to one process over another? Example: Objective: I need to safely cross a road to reach a meeting at a given time. • It is UNACCEPTABLE to be injured.
  • 4. ISO/TC 176/SC2/N1269 www.iso.org/tc176/sc02/public • It is UNACCEPTABLE to be late. Reaching my goal more quickly must be balanced against the likelihood of injury. It is more important that I reach my meeting uninjured than it is for me to reach my meeting on time. It may be ACCEPTABLE to delay arriving at the other side of the road by using a footbridge if the likelihood of being injured by crossing the road directly is high. I analyse the situation. The footbridge is 200 metres away and will add time to my journey. The weather is good, the visibility is good and I can see that the road does not have many cars at this time. I decide that walking directly across the road carries an acceptably low level of risk of injury and will help me reach my meeting on time. Plan actions to address the risks How can I avoid or eliminate the risk? How can I mitigate risks? Example: I could eliminate risk of injury caused by being hit by a vehicle if I use the footbridge but I have already decided that the risk involved in crossing the road is acceptable. Now I plan how to reduce either the likelihood or the impact of injury. I cannot reasonably expect to control the impact of a car hitting me. I can reduce the probability of being hit by a car. I plan to cross at a time when there are no cars moving near me and so reduce the likelihood of an accident. I also plan to cross the road at a place where I have good visibility. Implement the plan – take action Example: I move to the side of the road, check there are no barriers to crossing. I check there are no cars coming. I continue to look for cars whilst crossing the road. Check the effectiveness of the action – does it work? Example: I arrive at the other side of the road unharmed and on time: this plan worked and undesired effects have been avoided. Learn from experience – improve Example: I repeat the plan over several days, at different times and in different weather conditions. This gives me data to understand that changing context (time, weather, quantity of cars) directly affects the effectiveness of the plan and increases the probability that I will not achieve my objectives (being on time and avoiding injury).
  • 5. ISO/TC 176/SC2/N1269 www.iso.org/tc176/sc02/public Experience teaches me that crossing the road at certain times of day is very difficult because there are too many cars. To limit the risk I revise and improve my process by using the footbridge at these times. I continue to analyse the effectiveness of the processes and revise them when the context changes. I also continue to consider innovative opportunities: • can I move the meeting place so that the road does not have to be crossed? • can I change the time of the meeting so that I cross the road when it is quiet? • can we meet electronically? Conclusion Risk-based thinking: • is not new • is something you do already • is continuous • ensures greater knowledge of risks and improves preparedness • increases the probability of reaching objectives • reduces the probability of negative results • makes prevention a habit Other useful documents ISO 31000:2009 Risk Management – Principles and guidelines PD ISO/TR 31004:2013 Risk management - Guidance for the implementation of ISO 31000 ISO 9001:2015 Risk-based thinking - power point presentation ISO 31010:2010 Risk management - Risk assessment techniques