How are You Addressing Risks and Opportunities?

riskI have spent considerable time of late reviewing the proposed changes to ISO 9001 for the 2015 update.

One interesting proposed change is the inclusion of a clause within the Planning section, titled ‘Actions to address risks and opportunities’.

There are 2 parts to this requirement:

  1. Consideration is to be given to external and internal issues relevant to the strategic direction of the organisation that affect the ability to achieve intended outcomes. The organisation is expected to determine the risks and opportunities that need to be addressed.
  2. The organisation shall plan actions to address these risks and opportunities, and how to integrate these actions into the management system and verify their effectiveness.

The inclusion of risk in the updated version of the standard, to me, is timely and welcomed. Any company that is seeking to meet the standard for quality management should be familiar with understanding their risks and mitigating them.

Solid risk management processes create value by generating methods to reduce the probability and potential impact that risks have on the business. Open the newspapers on most days and you can read sorry tales of businesses that simply ‘didn’t see it coming’.

ISO 31000 presents a best-practice approach for organisations seeking recognition in their supply chain or customer base that their identified (and those currently not identified) are managed. The result is business resilience.

How resilient is your business? Do you actively identify and mitigate risk to your business, its stakeholders and customers?


Back to Blog