I work at a small engineering firm that is planning our transition from ISO 9001:2008 to 9001:2015. We're having a little trouble identifying what actions we need to take to update our QMS, as the changes seem very abstract. Could you suggest some resources we might use to give us practical suggestions for how to begin our transition? For example, it seems that ISO 9001:2015 is asking us to frame our QMS in risk management. I understand what that means (I think), but I don't really know what implication that would have for our existing systems.
When it comes to risks and opportunities, the standard doesn't require full scale risk management that includes documented procedure, criteria for evaluation, etc. It only requires organization to determine risks and opportunities and take actions to address them. This can be done by arranging brainstorming session with relevant peo ple in the company and talking about risks and opportunities or using some tools like SWOT or PEST analysis. For more information, see: How to address risks and opportunities in ISO 9001 https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/