6.1 Address Risk & Opportunity

ISO Navigator Pro

ISO Navigator Pro™ is a free tool that provides practical, expert guidance for businesses wishing to interpret the fundamentals of ISO 9000:2015 to help understand, and better implement, the requirements of ISO 9001:2015, ISO 14001:2015 and OHSAS 18001:2007. The ISO Navigator Pro™ database divides the requirements into four sequential stages; Plan, Do, Check and Act.

If you're looking for integrated ISO 9001:2015 and ISO 14001:2015 EQMS documentation, please click here.

Plan

Step 3Plan: Planning. Planning for the management system. Define objectives and plan for the effects of and change. Assess impacts, hazards and risks. Deploy and monitor plans that adapt to changing circumstances.

Planning

6.1 Actions to Address Risks & Opportunities

The risks and opportunities should be relevant to the context of your organization (Clause 4.1), as well as, any interested parties (Clause 4.2). You should ensure that your organization has applied this risk identification methodology consistently and effectively. What process has been developed to identify risks and opportunities? In the absence of documented processes or procedures, you may need to use observations and interviews (and a review of the process output, which may contain documented evidence) to assess the processes that determine whether or not undocumented processes are being carried out as planned.

External and internal issues, and relevant needs and expectations of relevant interested parties may be sources of risks. Objective evidence may be in the form of a dedicated risk matrix, risks added to other forms such as an aspect register, corrective/preventive action log and forms, etc. All of the processes of a QMS do not represent the same level of risk in terms of your organization’s ability to meet its objectives. Due to this reason, the consequences of failures or non-conformities in relation to processes, systems, products and/or services will not be the same for all organizations.

Demonstrating compliance

You should seek and record evidence that your organization has taken a planned approach to addressing risks and accomplishing opportunities to the benefit of the quality management sytem and the organization. Check that any actions taken to address the risks and opportunities are recorded, and ensure that the effectiveness of each action was effective at addressing the issue, and that the action taken was proportionate to the risk or opportunity. Objective evidence could be in the following various forms:

  1. Meeting minutes;
  2. SWOT analysis;
  3. Reports on customer feedback;
  4. Competitor analysis;
  5. Quality manual;
  6. Brain-storming activities;
  7. Planning, analysis and evaluation activities;
  8. Strategic planning documents;
  9. Design and development reviews;
  10. Marketing and sales data;
  11. Production inspections and service reviews;
  12. Corrective actions;
  13. Non-conformance reports;
  14. Management review minutes;
  15. Risk determination or evaluation records.

Management system templates

Our range of ISO 9001 quality manual templates and integrated manual templates offer an easy way to document and communicate risk management policies and targets to ensure effective implementation of risk and opportunity management principles. The quality and integrated manual templates include the 'Control of Risks & Opportunities' procedure that defines the risk management process, and a 'Risk & Opportunity Register' that captures and records decisions relating risk and opportunity management.

More

6.2 System Objectives & Planning
6.3 Planning for Change
 

Free internal audit checklists

Check out our free internal audit checklists. The audit checklist is just one of the many tools which are available from the auditor’s toolbox that help ensure your audits address the necessary requirements.

Client list

Over 8,000 companies and globally recognized brands have relied on our templates to provide a path to improve, collaborate, and to enhance their operations to achieve certification, please see our client list for more information.