ISO 9001 risk menagemnt

Risks can be about:

• Context and interested parties
• Products and services
• Processes 

Risks about products, services and processes can be monitored, evaluated and reported based on process performance indicators, and other indicators like customer complaints, customer satisfaction and returns. These indicators illustrate how well risks were determined, and effective actions were taken.

Risks about context and interested parties are more about trends in the external environment that can help or hinder performance. For example, in this picture from our webinar about Clause 4:

You can see how internal and external context collide with an interested party expectation to raise a risk. Management review can be used to evaluate these kinds of risks and determine actions. The effectiveness of those actions will be evaluated in the next management review meeting.

Consider also the following information:

• How to make Management Review more useful in the QMS - https://advisera.com/9001academy/blog/2014/01/21/make-management-review-useful-qms/
• How to Make Management Review More Practical - https://advisera.com/9001academy/blog/2013/12/10/make-management-review-practical/
• ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope -
• ISO 9001 document template: Procedure for Management Review - https://advisera.com/9001academy/documentation/procedure-management-review/
• How to determine interested parties and their requirements according to ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/11/10/how-to-determine-interested-parties-and-their-requirements-according-to-iso-90012015/
• Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/