How to manage risk effectively according to ISO 9001 requirement? For example, Company have 5 teams (HR, Operation, Production, R&D, QA). So each team must manage risk & opportunities in their team. Is that correct?
Can you advise me some training course or material in advisera to manage risk?
Context interacting with interested parties (clause 6.1)
Products and services (clause 5.1.2 b))
Processes (clause 4.4.1)
Your organization is a set of interrelated processes. Each process is a set of activities that transform inputs into desired outputs.
ISO 9000:2015 defines risk as to the effect of uncertainty. Because there is uncertainty, sometimes we don’t have the expected:
For example, what is a non-conformity? We don’t design processes to deliver non-conformities. So, when a non-conformity happens, we have the manifestation of risk. Non-conformities are potential risks that have materialized. Same for complaints.
Seen in this way, the risk-based approach is a very effective methodology for developing a plan to control a process, its quality, and its results. The control will materialize, for example, in operations of control, verification, improvements in the process, in work instructions, in improvements in monitoring, in increasing the competence of the participants.