Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Risk based thinking

10,449 views

Published on

What is requirement of Risk based Thinking in ISO 9001:2015 & ISO 14001:2015 ?
What is Risk? How to identify? How to assess and control?
How to incorporate Risk based thinking in to QMS & EMS?

Published in: Leadership & Management

Risk based thinking

  1. 1. ISO 9001:2015 & ISO 14001:2015 Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  2. 2. ISO 9001 REQUIREMENTClause No Requirement 4.4.1 (f) Quality management system and its processes shall Address the risks and opportunities as determined in accordance with the requirements of 6.1. 5.1.1 (d) Leadership shall Promote the use of the process approach and risk-based thinking 5.1.2 Customer Focus -Ensure the risks and opportunities that can affect conformity of products and services and the ability to enhance customer satisfaction are determined and addressed 6.1.1 While planning determine the risks and opportunities that need to be addressed to: a) give assurance that the quality management system can achieve its intended result(s); b) enhance desirable effects; c) prevent, or reduce, undesired effects; d) achieve improvement. 6.1.2 The organization shall plan: a) actions to address these risks and opportunities; b) how to: 1) integrate and implement the actions into its quality management system processes (see 4.4); 2) evaluate the effectiveness of these actions. 9.1.3 Analysis and evaluate the effectiveness of actions taken to address risks and opportunities; 9.3.2 Discuss the effectiveness of actions taken to address risks and opportunities in MRM. 10.2.1 e) update risks and opportunities determined during planning, whenever NC arises Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  3. 3. ISO 14001 REQUIREMENT Clause No Requirement 6.1.1 The organization shall determine the risks and opportunities, related to its environmental aspects (see 6.1.2), compliance obligations (see 6.1.3) and other issues and requirements, identified in 4.1 and 4.2, that need to be addressed to: - give assurance that the environmental management system can achieve its intended outcomes; -prevent or reduce undesired effects, including the potential for external environmental conditions to affect the organization; -achieve continual improvement. 6.1.1 The organization shall maintain documented information of its risks and opportunities that need to be addressed and process(es) needed in 6.1.1 to 6.1.4, to the extent necessary to have confidence they are carried out as planned 6.2.1 The organization shall establish environmental objectives at relevant functions and levels, taking into account the organization’s significant environmental aspects and associated compliance obligations, and considering its risks and opportunities. Review changes in risks and opportunities in MRM Note: 6.1.2 Significant environmental aspects can result in risks and opportunities associated with either adverse environmental impacts (threats) or beneficial environmental impacts (opportunities). Note: 6.1.3 Compliance obligations can result in risks and opportunities to the organization. Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  4. 4. What is Risk?  effect of uncertainty on an expected result.  deviation from the expected, either positive or negative. Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  5. 5. How to Identify Risk & Opportunities?  SWOT Analysis  PESTLE Analysis  Brainstorming  Surveys  Interviews  Historical data on Failures  Organization's Records  Professional Expertise  On-Site Investigations Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  6. 6. SWOT ANALYSIS Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  7. 7. PESTLE ANALYSIS Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  8. 8. PESTLE ANALYSIS Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  9. 9. SWOT ANALYSIS-ORGANIZATION Strengths Weaknesses Monopoly in market Attrition Wide market presence High Rejection Opportunities Threats New product introduction Arrival of competitors Change in design Change in technology Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  10. 10. SWOT ANALYSIS-QC/QA PROCESS Strengths Weaknesses time saving in production More paper work and high consumption of paper Less chances of defects Spend More time searching documents clarity for Quality control process No succession planning improving productivity Shortage of multi skilled QC engineers Inter departmental Communication Manual communication -release of test result/Material acceptance Hand injuries while cable cutting Opportunities Threats On time delivery Delay in delivery customer satisfaction customer dissatisfaction Energy saving E&OSH incidents Conservation of resources More Resource Consumption Zero incidentents Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  11. 11. SWOT ANALYSIS-PRODUCT Strengths Weaknesses New and innovative product High start up and R & D Cost Customized product line Opportunities Threats Increase Lift Height Color fades in extreme conditions Reduce total weight Hydraulic cylinder failure Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  12. 12. RISK ASSESMENT Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  13. 13. RISK=IMPACT * LIKELIHOOD Impact 5 Catastrophic 4 Significant 3 Moderate 2 Minor 1 Insignificance Likelihood 5 Probable 4 Possible 3 Unlikely 2 Rare 1 Negligible Risk Rating >11 High 6 to 10 Medium <6 Low RISK ASSESMENT Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  14. 14. RISK ASSESMENT Reference No Category Description Risk Owner Impact likelihood Risk Score 1 Quality More paper work and high consumption of paper Manager-QC 4 5 20 2 Quality Spend More time searching documents Manager-QC 3 5 15 3 Quality No succession planning,Shortage of multiskilled QC engineers Manager-QC 4 3 12 4 Quality Manual communication -release of test result/Material acceptance Manager-QC 4 3 12 5 Quality Hand injuries while cable cutting Manager-QC 2 3 6 Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  15. 15. RISK MANAGEMENT Actions to address risks/opportunities can include • Avoiding Risk • Taking Risk in order to pursue an opportunity • Eliminating the Risk source • Changing the likelihood or consequences • Sharing the Risk • Retaining Risk by informed decision Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  16. 16. RISK MANAGEMENT Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  17. 17. RISK MANAGEMENT Mitigation 1 Mitigation 2 Mitigation 3 Monitor the consumption of paper, set bench marking for paper consumption, Reduce, reuse and recycle paper Implement ERP/SAP for eliminate paper usage Identify and Organize relevant documents. start implementing 2S of 5S immediately Implement ERP/SAP for automation of documentation Develop second line person for all designees Organize trainings to develop multi skilled employees Reward and recognize for multi skilled / top performers Effective use of mail/mobile communication Implement ERP/SAP for automation of documentation Provide Hand gloves and enforce workers Provide display of Pictorial representation/s afe working procedures Train the operators on safe working practices Reference No Category Description Risk Owner Impac t likelihoo d Risk Score 1Quality More paper work and high consumption of paper Manager- QC 4 5 20 2Quality Spend More time searching documents Manager- QC 3 5 15 3Quality No succession planning,Shortage of multiskilled QC engineers Manager- QC 4 3 12 4Quality Manual communication - release of test result/Material acceptance Manager- QC 4 3 12 5Quality Hand injuries while cable cutting Manager- QC 2 3 6 Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  18. 18. Where to Start? Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598 4.1 & 4.2 Needs & Expectation of Interested parties  List down all interested parties(Internal, external, Legal & regulatory bodies)  Find all need and expectations of all interested parties  Assess Risk and opportunities in meeting them.
  19. 19. Where to Start? Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598 5.1.2 Customer Focus  Find all requirement for the products & services(customer, Legal & your own)  List down all the processes for Meeting the requirements  Assess Risk and opportunities in converting the inputs in to outputs
  20. 20. What is Next? Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598 6.1 Action to address Risk & Opportunity  Incorporate Mitigation action in to your process/procedure wherever required.  Consider Risk mitigation as objectives wherever required.  Monitor the Risk on regular basis.
  21. 21. What is Next? Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598 9.1.3 Analysis and evaluation  Monitor the Risk on regular basis.  Analyze the effectiveness of the mitigation plan put in place.
  22. 22. What is Next? Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598 9.3.2 Management Review  Discuss the effectiveness of the mitigation plan put in place.
  23. 23. What is Next? Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598 10.2 Non conformity & Corrective action  Whenever Non conformity arises, check whether the particular NC addressed in Risk Register?  If yes, investigate what went wrong with the mitigation plan ?  If not include it with mitigation plan.
  24. 24. What is Next? Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598 6.3 & 8.5.6 Changes in Risk & Opportunity Asses Risk & Opportunities Whenever changes happening in  Need & expectation of interested parties (4.0)  Leadership, policy, roles & responsibilities (5.0)  Objectives (6.0)  Resources(7.0)  Process /Operations(8.0) & Update Risk mitigation plan.
  25. 25. What is Next? Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598 Ensure your Risk Management plan is a dynamic one. So you can achieve Continual Improvement….
  26. 26. ISO 9001 REQUIREMENT Clause No Requirement 4.4.1 (f) Quality management system and its processes shall Address the risks and opportunities as determined in accordance with the requirements of 6.1. 5.1.1 (d) Leadership shall Promote the use of the process approach and risk-based thinking 5.1.2 Customer Focus -Ensure the risks and opportunities that can affect conformity of products and services and the ability to enhance customer satisfaction are determined and addressed 6.1.1 While planning determine the risks and opportunities that need to be addressed to: a) give assurance that the quality management system can achieve its intended result(s); b) enhance desirable effects; c) prevent, or reduce, undesired effects; d) achieve improvement. 6.1.2 The organization shall plan: a) actions to address these risks and opportunities; b) how to: 1) integrate and implement the actions into its quality management system processes (see 4.4); 2) evaluate the effectiveness of these actions. 9.1.3 Analysis and evaluate the effectiveness of actions taken to address risks and opportunities; 9.3.2 Discuss the effectiveness of actions taken to address risks and opportunities in MRM. 10.2.1 e) update risks and opportunities determined during planning, whenever NC arises Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  27. 27. ISO 14001 REQUIREMENT Clause No Requirement 6.1.1 The organization shall determine the risks and opportunities, related to its environmental aspects (see 6.1.2), compliance obligations (see 6.1.3) and other issues and requirements, identified in 4.1 and 4.2, that need to be addressed to: - give assurance that the environmental management system can achieve its intended outcomes; -prevent or reduce undesired effects, including the potential for external environmental conditions to affect the organization; -achieve continual improvement. 6.1.1 The organization shall maintain documented information of its risks and opportunities that need to be addressed and process(es) needed in 6.1.1 to 6.1.4, to the extent necessary to have confidence they are carried out as planned 6.2.1 The organization shall establish environmental objectives at relevant functions and levels, taking into account the organization’s significant environmental aspects and associated compliance obligations, and considering its risks and opportunities. Review changes in risks and opportunities in MRM Note: 6.1.2 Significant environmental aspects can result in risks and opportunities associated with either adverse environmental impacts (threats) or beneficial environmental impacts (opportunities). Note: 6.1.3 Compliance obligations can result in risks and opportunities to the organization. Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  28. 28. ? Questions ! Suggestions Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  29. 29. To know more: Contact:  Ramasubramanian.s  E.Mail id:ramasubramanian.s@outlook.in  Mobile No:+919952229598/+919042006101 Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  30. 30. Contact For  Implementation of Management systems like ISO 9001,14001,22000,22716,OSHAS 18001,BRC Food,BRC IOP,USFDA/CGMP Complaince management,Social compliance management like SEDEX,WRAP,SA8000,Sustainability management,Legal complaince management Projects and Certifications.  Training on various topics included ISO 9001,22000,14001,18001,BRC Food ,BRC IOP,TS 16949 awareness training, Internal auditor training,HACCP,HIRA,Aspect & Impact,ccGMP,USFDA Compliance management,5S,TPM,TQM,7QC tools,Industrial safety,safety audit,EHS compliance management,Industry specific Safety trainings etc.  Internal audits,supplier audits,certification audits for ISO 9001,TS16949,ISO 22000,18001,14001,SA 8000,SEDEX,BRC Food and BRC IOP,SEDEX,etc. Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598
  31. 31. THANK YOU Ramasubramanian.s Management system consultant/Trainer/Auditor+919952229598

×