ISO 9001: 2015 – Focus on Risk Management

Are you ready for risk?

Senior management must be able to demonstrate an understanding of business risks and how they could impact on the ability to meet customer requirements. In my opinion, an effective risk management process will be critical for successful certification to the new version of ISO 9001. It must ensure the management system can achieve its intended outcomes and achieve continual improvement. Clause 6.1 ‘Actions to address risks and opportunities’, is where this is covered and it addresses the ‘what, who, how and when of risk management.

The organisation should plan actions to address these risks and opportunities, how to integrate and implement the actions into its management system processes and evaluate the effectiveness of these actions.

Risk replaces preventive action. You will need to identify where risk arises and ensure controls are in place to manage it. Remember that risk is defined as ‘the effect of uncertainty on an expected result’ and the new standard makes risk-based thinking more explicit throughout.

Now are you ready for risk?

Back to Blog