Upload
vuongnguyet
View
217
Download
0
Embed Size (px)
Citation preview
FOR
SUCCESSFUL
BUSINESS
MANAGEMENT
SYSTEMS
ISO 9001:2015 and ISO 14001:2015
Seminar & Expert Panel Discussion
Seminar Agenda
ISO 9001:2015 – A Guide to the Changes
Quality Principles
Step by
Step
Guide to
the
Transition
ISO 9001:2015
Clauses
Annex SL
ISO 9001:2015
An Overview
Risk
Based
Thinking
ISO9001:
2015
Case
Study
Introduction
Agenda
ISO 9001:2015 – A Guide to the Changes
Introduction
A changing world - background to the revision ISO 9001 & 14001
What are the key changes for ISO 9001 & 14001
What you need to do
ISO 9001:2015 – A Guide to the Changes
Introduction
The International Organization for
Standardization (ISO) normally
reviews standards every seven
years
A changing World
ISO 9001:2015 – A Guide to the Changes
Quality
Principles
A Brief History of ISO 9001
ISO 9001:2015 – A Guide to the Changes
Introduction
Concepts Driving the Changes
ISO 9001:2015 – A Guide to the Changes
• There is a greater emphasis for senior managers to be involved in the strategic alignment of the management systemLeadership
• An effective risk management process will be critical for successful certification to the new versionRisk
• Relevant needs of interested parties are a new focusContext of
Organization
• New management system format
• The standard has been written in accordance with the new high level structure with a more holistic approach
Annex SL
Introduction ISO 9001 Key Changes
Annex SL
ISO 9001:2008 ISO DIS 9001:2014
0 Introduction 0 Introduction
1 Scope 1 Scope
2 Normative references 2 Normative references
3 Terms and definitions 3 Terms and definitions
4 Quality system 4 Context of the organization New requirement
5 Management responsibility 5 Leadership
Enhanced requirements
6 Resource management 6 PlanningSignificant changeEnhanced requirements
7 Product realization 7 Support Enhanced requirementNew requirement
8 Measurement, analysis and improvement
8 Operation
New requirementEnhanced requirementSimplified requirementEnhanced requirement
9 Performance evaluation New requirement
10 Improvement More structured approach
ISO 14001:2015 – A Guide to the Changes
ISO/DIS 14001:2015Analysis and Transition
ISO 14001:2015 – A Guide to the Changes
ISO 14001:2015
Explaining the Key Changes
The working group revising the international environmental management systems standard ISO 14001 has finalised the technical requirements of the new standard.
Following a final edit and translation, a ballot of ISO members will be conducted in July and August, with the new ISO 14001:2015 standard set for publication in September/October 2015.
ISO 14001:2015 – A Guide to the Changes
ISO 14001 – Key changes
• Integration of environmental aspects and impacts into strategic risk management and core business processes
Environmental Importance
• There is a greater emphasis for senior managers to be involved in the strategic alignment of the management systemLeadership
• Evaluate risks and opportunities, both to the environment and the organization
• This will be critical for successful certification to the new versionRisk
• Understand the strategic context of the organization
• Understand the relevant needs of interested parties are a new focusContext of Organization
• The standard has been written in accordance with the new high level structure with a more holistic approachAnnex SL
ISO 14001:2015 – A Guide to the Changes
ISO 14001 – Key changes
• An organisation will be required to look at their products and services from the beginning to the end of its life cycleLife cycle perspective
• extent control and influence through supply chains and design processesSuppliers and Outsourcing
• Significant additional emphasis is given to continual improvement of environmental performance
Environmental Performance
• Organisations will have to determine the scope of the management system and maintain this as documented informationScope and applicability
• The nature and type of documented information that an organisation needs to maintain or retain is dependent on the context and the operating environment.
Documented Information
ISO 9001:2015 – A Guide to the Changes
ISO 9001:2015
What do you need to do
I. Monitor the ISO 9001/14001 2015 Revisions LinkedIn Page for updates II. Purchase the new ISO standard (s)III. Set up a project teamIV. Identify organisational gaps which need to be addressed to meet new ISO requirements.V. Develop an implementation plan to implement the new requirements on leadership, risk management and understanding of context of the organizationVI. Provide appropriate training and awareness VII. Update the existing management system and make changes to your documentation to
reflect the new structure (as necessary) VIII. VIII.Highlight the changes as opportunities for improvementIX. Conduct an internal audit X. Where applicable, liaise with your Certification Body for transition arrangements.
Quality Principles
Annex SL
– What is it
– Headlines
– What will it mean
ISO9001:2015 - Overview
– Wording
– Exclusions
– Risk Based Thinking
ISO9001:2015 - Clauses
– Clause 4 - Context of the organisation
– Clause 5 - Leadership
– Clause 6 - Planning
– Clause 7 - Support
– Clause 8 - Operation
– Clause 9 - Performance evaluation
– Clause 10 – Improvement
Step by Step Guide to the Transition
ISO 9001:2015 – A Guide to the Changes
ISO 9001:2015 Agenda
ISO 9001:2015 – A Guide to the Changes
1. Customer Focus
2. Leadership
3. Involvement of People
4. Process Approach
5. System Approach to
Management
6. Continual Improvement
7. Factual Approach to
Decision Making
8. Mutually Beneficial
Supplier Relationships
1. Customer Focus
2. Leadership
3. Engagement of People
4. Process Approach
5. Improvement
6. Evidence-based Decision
Making
7. Relationship
Management
Quality
Principles
ISO 9001:2015 – A Guide to the Changes
Quality
Principles
EXISTING NEW - Principle NEW - Rationale
Organizations depend on their
customers and therefore should
understand current and future
customer needs, should meet
customer requirements and strive to
exceed customer expectations
The primary focus of quality
management is to meet customer
requirements and to strive to exceed
customer expectations. Every
aspect of customer interaction
provides an opportunity to create
more value for the customer.
Understanding current and future
needs of customers and other
interested parties can contribute to
sustained success of an organization
Sustained success is achieved when
an organization attracts and retains
the confidence of customers and
other interested parties on whom it
depends.
Customer Focus
ISO 9001:2015 – A Guide to the Changes
Quality
Principles
EXISTING NEW - Principle NEW - Rationale
Leaders establish unity of purpose
and direction of the organization.
They should create and maintain the
internal environment in which
people can become fully involved in
achieving the organization's
objectives.
Leaders at all levels establish unity of
purpose and direction and create
conditions in which people are
engaged in achieving the quality
objectives of the organization.
Creation of unity of purpose,
direction and engagement enable
an organization to align its strategies,
policies, processes and resources to
achieve its objectives.
Leadership
ISO 9001:2015 – A Guide to the Changes
Quality
Principles
EXISTING NEW - Principle NEW - Rationale
People at all levels are the essence
of an organization and their full
involvement enables their abilities to
be used for the organization's
benefit.
Competent and engaged people at
all levels who are empowered to
take initiatives to deliver value to an
organization and its customers are
the essence of the organization.
In order to manage an organization
effectively and efficiently, it is
important to involve all people in the
organization, to strive to enhance
their knowledge, skills and
engagement, and to respect them
as individuals.
Engagement of People
ISO 9001:2015 – A Guide to the Changes
Quality
Principles
EXISTING NEW - Principle NEW -Rationale
Process approach
A desired result is achieved more
efficiently when activities and
related resources are managed as a
process.
System approach
Identifying, understanding and
managing interrelated processes as
a system contributes to the
organization's effectiveness and
efficiency in achieving its objectives.
Desired outcomes are achieved
more effectively and efficiently when
activities are managed as
interrelated processes functioning as
a coherent system.
The quality management system is
composed of interrelated processes.
To achieve consistent and
predictable outcomes, it is necessary
to understand how outcomes are to
be generated by the system and to
manage its processes.
Process Approach
ISO 9001:2015 – A Guide to the Changes
Quality
Principles
EXISTING NEW - Principle NEW - Rationale
Continual improvement of the
organization's overall performance
should be a permanent objective of
the organization.
Improvement is a permanent
practice of a successful
organization. Improvement projects
include process analysis, prioritization
and implementation of value adding
changes and evaluating their
effectiveness.
Active application of an
improvement strategy is essential for
an organization to sustain long term
success.
Improvement
ISO 9001:2015 – A Guide to the Changes
Quality
Principles
EXISTING NEW - Principle NEW - Rationale
Effective decisions are based on the
analysis of data and information
Decisions based on the analysis and
evaluation of data and information
will result in a higher likelihood that
desired outcomes will be achieved.
.
An evidence-based and systematic
approach is necessary condition for
determining objectives, identifying
means to achieve objectives and
understanding causal relationships.
Evidence Based
Decision Making
ISO 9001:2015 – A Guide to the Changes
Quality
Principles
EXISTING NEW - Principle NEW - Rationale
An organization and its suppliers are
interdependent and a mutually
beneficial relationship enhances the
ability of both to create value
Effective engagement of interested
parties who can impact the
performance and reputation of an
organization, such as suppliers, is vital
to its sustained success.
Sustained success is more likely to be
achieved where an organization is
able to manage relationships with its
interested parties so as to provide its
customers with value. An
organization’s relationship
management within its supplier and
partner network is important.
Relationship Management
Agenda
ISO 9001:2015 – A Guide to the Changes
Annex SL
ISO 9001:2015 – A Guide to the Changes
Annex SL
What is it? Headlines What will it mean?
Common structure for management
systems
Also called “the high level text”, “the
high level structure (HLS)”
No change allowed unless justified
Has to be on the basis that the text
will not work in the particular context
(not that the committee has a
preference for something else
4: Context of the organisation
5: Leadership
6: Planning for the QMS
7: Support
8: Operation
9: Performance evaluation
10: Improvement
Planning
Preventative Action
Context
Quality Manual
Management Representative
Objectives
Organisational Knowledge
Communication
Purchasing > External Suppliers
Documented Information
No need to change you
management structure
Don’t throw out the Quality Manual
You have 3 years to make the
change
Single Process
ISO 9001:2015 – A Guide to the Changes
Process Based QMS System
ISO 9001:2015 – A Guide to the Changes
Agenda
ISO 9001:2015 – A Guide to the Changes
ISO 9001:2015 An Overview
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
An
Overview
New Terms What’s in a word? Continued
Products and Services
Replaces Products
Documented Information
Replaces Documents and Records
External Providers
Replaces Outsourcing /
Purchasing
Determine
Investigate and establish / do
something
Replaces “identify” in some cases
Assure
To give confidence
Ensure
To make sure
Responsibility but not
accountability can be delegated
TRANSLATIONOutput (Sp. Salidas)
Result of process
Outcome (Sp. Salidas)
Not used (Spanish don’t have a
separate word)
Result (Sp. Resultas)
The impact of an output
Retain or Maintain (e.g. documents)
Maintain: documentation to support
process
Retain: documentation to support
records
Establish
Put in place with continuity
Implement
Do it
Each or All
Each – singular / All -
encompassing
Wording
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
An
Overview
What’s in word cntd… Cntd… Cntd…
Take account of / Take into account
Not used
Like “consider” but can not be
rejected
Consider
Think about (but can be rejected)
Describe
Not used
Identify
Only used with “Identification/
traceability”
As appropriate
suitable or proper in the
circumstances
Some degree of freedom
As relevant
closely connected or appropriate
to the matter in hand:
As applicable
As relevant or possible to apply
If it can be done, it should be done
Data
Raw information
Information
Processed data with meaning
Continuous
Duration without interruption
Continual
Duration over a period of time but
with intervals of interruption
Continual used with “improvement”
Wording
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
An
Overview
Clause 4.3
If a requirement CAN be applied, it
SHALL be applied
If a requirement CAN NOT be
applied
Document “why not”
No certification granted if something
which could be applied is not.
Exclusions
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
An
Overview
We do it everydayWhat makes it different
in ISO 9001:2015
Whether to
Take an umbrella
Overtake the car in front
Go to the doctor
Take out travel insurance
Eat food over its “best before
date”
Leave the children with baby sitter
Does not have to be systematic ….
(But it helps, I think)
But not 31000
ISO 31010 may be useful
Driven by (inputs)
Strategic direction / Objectives
Context (4.1 / 4.2)
Scope of operations (4.3)
Risk Based Thinking
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
4.1 Understanding the Organisation and its context
4.2 Understanding the
needs and expectations
of interested parties
The organization shall determine:
external and internal issues, that
are
relevant to its purpose and
its strategic direction and that
affect its ability to achieve the
intended result(s) of its quality
management system.
SWOT Analysis
Internal / External
Challenges
Strategic Direction
Where the business is going
Vision / Mission / Objectives /
Targets
Link to Risk Based Thinking
Relevant interested parties
Requirements, needs and
expectations of interested parties
(potential) Impact on the
organisation’s ability to meet
customer expectations and
legal/regulatory requirements –
link to risk
Clause 4: Context of the
Organisation
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
Relevant requirements of relevant interested parties
Clause 4: Context of the
Organisation
INTERESTED PARTIES
RELEVANT INTERESTED PARTIESREQUIREMENTS
RELEVANT REQUIREMENTS, NEEDS AND EXPECTATIONS(OF RELEVANT INTERESTED PARTIES)
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
4.3 Determining the
scope of the QMS
4.4 QMS and Process
Approach
4.4.2 Documented
InformationDetermine the:
boundaries and
applicability of the QMS
Use outputs of 4.1 and 4.2
Exclusion definition
Scope to be documented
The old clause 4.1
Emphasis on “inputs” and “outputs”
Minor changes
Responsibilities
Continuous improvement
Risks
Change management
MAINTAIN Documented Information
to support operation of processes
RETAIN Documented Information to
have confidence that the processes
are being carried out as planned
Clause 4: Context of the
Organisation
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
Rule 1 - Do it where it says soRule 2 – Do it where it’s
neededMaintain
4.3 (scope)
5.2.1 (Quality Policy)
6.2.1 (objectives)
8.1 e (processes)
8.5.1 a (production)
Retain
7.1.5.1 (M&M General)
7.1.5.2 a (basis of calibration)
7.2 d (competence)
7.5.3.2 (retained DI)
8.1 e (processes)
8.2.3.2 (contract review)
8.3.2 j (D&D Planning)
8.3.3 (D&D Inputs)
8.3.4 (D&D Controls)
8.3.6 (D&D changes)
8.4.1 (general – Externally
provided)
8.5.3 (customer property)
8.5.6 (control of changes)
8.6 (release of products)
8.7.2 (NCP)
9.1.1 (monitoring and
measurement – general)
9.2.2 f (internal audit)
9.3.2 (management review)
10.2.2 (corrective actions)
Where you need to demonstrate that
you’ve done something that’s
planned
Documented Information
RULE 1 & 2
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
5.1.1 Commitment5.1.2 Leadership and 5.2
Quality Policy
5.3 Organisation Roles
and ResponsibilitiesClear definition of what this means
Old 5.1 etc. plus
Accountability for effectiveness of
QMS
Ensuring achievement of intended
results
Integration with business systems
Engaging and supporting people
involved with QMS
Leadership
Determination of risks and
opportunities
Statutory and regulatory
requirements
Customer focus
(enhancing/meeting)
As old 5.1 and 5.2
Quality Policy
No real change
Available to interested parties
Available as documented
information
Framework for setting objectives
No real change
Processes to deliver intended
outputs
Reporting on need for innovation
Ensuring integrity of QMS during
change
Management Representative
replaced by responsibilities for
similar areas
Clause 5:
Leadership
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
6.1 Risks and
Opportunities6.2 Quality Objectives
6.3 Planning for
Changes1. Actions needed to address these
risks
2. Opportunities how to integrate
and implement the actions
3. Evaluate the effectiveness of
these actions.
4. Actions taken to address risks
and
1. Take into account applicable
requirements;
2. Be relevant to conformity of
products and services and
3. The enhancement of customer
satisfaction;
4. Be monitored;
5. Be communicated; and
6. Be updated as appropriate.
1. What will be done,
2. What resources will be required;
3. Who will be responsible;
4. When it will be completed; and
5. How the results will be evaluated
6. Changes to improve
performance
7. Undertake in planned way
8. Need to consider:
I. Purpose
II. Integrity of QMS
III. Resources
IV. Responsibilities and
authorities
Clause 6:
Planning
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
Clause 7:
SupportNo Changes
7.1.6 Organisational
Knowledge1. 7.1.2 – People
2. 7.1.3 – Infrastructure
3. 7.1.4 – Environment of Operating
Processes
- psychological and physical
environments
1. 7.2 – Competence
MUST CONSIDER
1. Capabilities and constraints
2. External providers
1. Moved to SUPPORT
2. Focus on capability
3. Provide and maintain suitable
M&M systems
4. Can be used for SERVICES
5. No specific requirements for
software.
1. Determine and Maintain
2. Consider when making changes
3. External and internal sources
7.1.1 – General
7.1.5 – Monitoring and
measuring processes7.1.6 Organisational
Knowledge
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
Clause 7:
Support7.5 – Documented
information7.3 – Awareness
1. No Quality Manual needed
2. “obsolete documents” replaced
by “improper use”
3. “Documented information”
1. The quality policy;
2. Relevant quality objectives;
3. Their contribution to the
effectiveness of the QMS
including the benefits of
improved quality performance;
and
4. The implications of not
conforming with the QMS
requirements
7.4 - Communication
1. On what it will communicate;
2. When to communicate;
3. With whom to communicate;
4. How to communicate; and
5. Who communicates.
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
8.1 – General 8.2.1 –customer communication
1. Criteria for acceptance
2. Reference to outsourced
processes
1. Information on products and
services
2. Enquiries, contracts or order
handling, including charges
3. Obtaining customer views and
perceptions, including customer
complaints;
4. The handling of customer
property
5. The specific requirements for
contingency actions, where
relevant..
8.2.2 – Requirements related to
Products & Services
• Similar to 7.2.2
8.2.3 – Review of customer
requirements
• Similar to 7.2.1
Clause 8:
Operation
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
8.3 – Design and
Development8.4 – Control of external provision of products and services
1. Process should recognise the
nature, duration and complexity
of the design and development
activities;
2. Need to involve customer and
user groups
3. Consequences of failure
4. Interested parties
5. Standards and Codes of Practice
6. Inputs v outputs (verification /
validation)
7. Identify and control changes
1. Where supplying directly from
external provided incl.
outsourcing
2. Focus on risk rather than 7.4.2 list
3. Deals with outsourcing
4. Types and extent of control /
information for external providers
1. The products and services
2. Approval methods;
3. Competence / qualification;
4. Their interactions with the QMS
5. The control and monitoring; and
6. Verification
7. Adequacy of specified
requirements prior to
communication to external
provider
Clause 8:
Operation
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
8.5 – Realisation and provision of products and services
8.6 – Release of products
and services
8.7 – Nonconforming
products and services1. Competence
2. Validation clause shortened
3. Focus on post delivery activities
4. Control of changes
1. Clearer requirements
2. KEY: Evidence of conformity and
traceability to authorisation for
release
1. Added “informing the customer”
Clause 8:
Operation
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
9.1.1 – General9.1.2 – Customer
Satisfaction9.1.3 – Analysis of Data
1. Determine requirements 1. Monitoring customer perception 1. Demonstrate conformity
2. Enhanced customer satisfaction;
3. Ensure QMS conformity and
effectiveness
4. Planning successfully
implemented;
5. The performance of processes;
6. The performance of external
provider(s);
7. Determine opportunities for
improvements
Clause 9:
Performance Evaluation
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
9.2- Internal Audit9.3 – Management
Review9.1.3 – Analysis of Data
1. Results to be reported to
management
2. Specific mention of follow-up
actions deleted
1. nonconformities and corrective
actions;
2. monitoring and measurement
results;
3. audit results; customer
satisfaction;
4. issues concerning external
providers and other relevant
parties;
5. adequacy of resources
6. process performance and
product conformity of products
and services;
7. the effectiveness of actions taken
to address risks and opportunities
(see clause 6.1);
1. Demonstrate conformity
2. Enhanced customer satisfaction;
3. Ensure QMS conformity and
effectiveness
4. Planning successfully
implemented;
5. The performance of processes;
6. The performance of external
provider(s);
7. Determine opportunities for
improvements
Clause 9:
Performance Evaluation
ISO 9001:2015 – A Guide to the Changes
ISO
9001:2015
Clauses
10.1 – General10.2 – Nonconformity
and corrective action
10.3 – Continual
Improvement1. Improving processes to prevent
non-conformances;
2. Improving products and services
to meet known and predicted
requirements; and
3. Improving quality management
system results
1. Look at similar occurrences
2. Make changes as necessary
1. Link to management review
2. Reference to tools
Clause 10:
Improvement
Agenda
ISO 9001:2015 – A Guide to the Changes
Quality Principles
Step by Step
Guide to the
Transition
ISO 9001:2015
Clauses
Annex SL
ISO 9001:2015
An Overview
ISO 9001:2015 – A Guide to the Changes
Step by Step
Guide to
Transition
Step 1:
QMS Health
Check
Step 2:
Context of
the
Organisation
Step 3:
Risk Based
Thinking
Step 4:
Applies /
Does Not
Apply
Step 5:
Organisation
Knowledge
Step 6:
Change
Management
Step 7: The Small Stuff
Seminar Agenda
ISO 9001:2015 – A Guide to the Changes
Quality Principles
Step by Step
Guide to the
Transition
ISO 9001:2015
Clauses
Annex SL
ISO 9001:2015
An Overview
Risk Based
Thinking
Introduction
ISO 9001:2015 – A Guide to the Changes
Risk Based
Thinking
Risk – an event that has not yet occurred
Do automatically
Consider Opportunities
Positive side of risk
Replace the requirements for Preventive Action
Makes preventive action part of the routine
Opportunities as well as risks
Agree a Process to follow
Apply the Risk Process
Business based - Business Plan may be starting point
Risk Based Thinking
ISO 9001:2015 – A Guide to the Changes
Risk Process
Step 1:
Identify Risks &
Opportunities
Step 2:
Analyse
Step 3:
Plan
Approach
Step 4:
Track
Step 5:
Control
Continuous Monitoring
ISO 9001:2015 – A Guide to the Changes
Risk Based
Thinking
Conduct Risk Identification Workshops
Involvement of all relevant stakeholders
Use Risk Categories
• To focus thinking on risk areas
• To ensure clarity of analysis
SWOT Analysis
Identify and record all relevant risks
Consider Risk Register to record information
Identify Risks/Opportunities
ISO 9001:2015 – A Guide to the Changes
Risk Based
Thinking
Categories Examples Examples
Strategic RisksFinancial Risks
Product RisksEnvironmental RisksHealth & Safety RisksLegal/Compliance RisksQuality RisksProject Management RisksConstruction Risks
Organisational RisksPerformance RisksInformation Technology Risks
Unsafe site for workers
Unidentified hazardous waste
Unanticipated noise impacts
Vehicle breakdown
Computer virus
Project not fully funded
Estimating and/or scheduling errors
Lack of coordination and
communication
Reliance on external contractors
Inadequate project scoping and
scope creep
Experience of staff
Risk Categories
ISO 9001:2015 – A Guide to the Changes
Risk Based
Thinking
Analyse Risks with Respect to two Attributes:
• Probability
• Impact
Probability
• Low: less than once a year
• Medium: monthly
• High: once or twice a week
Analyse
If You Think that Probability is “around 50/50”
• Mark Value of Medium
If the Probability is Significantly Higher than Above
• Mark Value of High
If the Probability is Significantly Lower than Above
• Mark Value of Low
ISO 9001:2015 – A Guide to the Changes
Risk Based
Thinking
Impact - Customer
• Low: No loss of customer but valid complaint
• Medium: Customer looks to competitors but is retained
• High: Customer walks and goes public
Impact - Costs
• Low: Consumption of some budget contingency
• Medium: Budget overrun >30%
• High: Budget overrun >50%
Analyse
Impact - Schedule
• Low: Consumption of some slack – not on critical path
• Medium: Delay >30%
• High: Delay >50%
• Scoring performed by each stakeholder
• Discuss only those with variances
• Reach consensus
• Determine the appropriate RAG status
Example
Likelihood
HIGH
MEDIUM
LOW
Impact LOW MEDIUM HIGH
ISO 9001:2015 57
Example
ISO 9001:2015 58
Pro
ba
bil
ity
Impact
Sample Risk Bubble Chart
GREEN
AMBER
RED
ISO 9001:2015 – A Guide to the Changes
Risk Based
Thinking
Assign responsibility for each risk
Identify necessary controls
• All Risks
• High and Medium Risks
• Low Risks
Current Controls and Future/Additional Controls
PlanResponses - PRACT
Prevention – Eliminate the risk - stop the problem or prevent it from impacting
Reduction – Control the risk so that it is less likely to occur or the impact is limited to acceptable levels
Acceptance – Tolerate the risk by deeming its occurrence to be acceptable
Contingency – Plan actions that will be taken only if the risk becomes a reality – track as an issue
Transference – Pass the risk elsewhere such to another party – still needs to be monitored and tracked!
ISO 9001:2015 – A Guide to the Changes
Risk Based
Thinking
• Implement the plan – take action
• Check the effectiveness of the actions
• does it work?
• are having desired effect?
• Update scoring/status as necessary
• Invoke mitigation actions as required
• Summary and Exception Reporting
Track and Control
• Continuously asses risks
• Not a once of activity
• Learn from experience
• Continual Improvement
ISO 9001:2015 – A Guide to the Changes
Risk Based
Thinking
• Results are not acted upon
• Over controlling of risks – cost benefit analysis
• Risk become stale – provide same results each time
• Integrate into business processes
Challenges
ISO 9001:2015 – A Guide to the Changes
Risk Based
Thinking
• Risk based thinking is not new
• Is continuous
• Makes prevention a habit
• Reduces the probability of unplanned results
• Assists to identify “quick wins” and longer-term improvement opportunities
Conclusion
Seminar Agenda
ISO 9001:2015 – A Guide to the Changes
Quality Principles
Step by
Step
Guide to
the
Transition
ISO 9001:2015
Clauses
Annex SL
ISO 9001:2015
An Overview
Risk
Based
Thinking
ISO9001:
2015
Case
Study
Introduction
Kandoy House, 2 Fairview Strand, Fairview, Dublin 3
Phone: 01 902 3961 Mobile: +353 (0)87 698 7161 Email: [email protected]
www.cgbusinessconsulting.com