Risk and opportunity assessment are a welcome addition in the author’s view as it makes 9001: 2015 more business focussed. It helps address the issues facing the organisation.
In the previous Standard preventive action used to appear. The new ISO9001: 2015 does away with this clause and asks the organisation to consider business risk at both a strategic and operational level.
This is positive as most CEO’s and management teams will be used to some risk framework for planning and fulfilling the strategic aims of the business.
A good place to start when considering risk is a review of the external and internal factors facing the business together with the interested parties that it aims to serve.
Each of these areas will indeed have possible risks associated with them. There might be contractual penalty clauses for late deliveries, volumes of product to be created. The organisation might rely on only one customer for its business.
Most senior managers will be aware of these risks. The Standard simply requires them to be identified and treated.
The author has found that many businesses see enhanced benefit from collectively agreeing the external and internal risks and taking a team approach to threat reduction.
There is additional merit in having such a framework readily available within the organisation for employees to review.
In addition, opportunities should be identified and managed, possibly setting some corporate objectives around them can be beneficial.
For further information and to book your ISO9001 survey please contact: Marcus J Allen at Thamer James Ltd. Email: firstname.lastname@example.org
Marcus has twenty years’ experience in delivering Governance, Risk and Compliance solutions to over two hundred organisations within the UK. Including over one hundred ISO9001 programmes.
Marcus holds a BSI ISO9001 lead auditor qualification and is registered on the BSI Associate Consultant Programme.
Marcus holds the respected Diploma in Governance, Risk and Compliance from the International Compliance Association and holds a master’s degree in Management Learning & Change from the University of Bristol. Marcus is a Fellow of the Institute of Consultants and Fellow of the Chartered Management Institute.