The word “risk” is repeated in 43 places throughout the ISO9001: 2015. Risk is defined as “effect of uncertainty on objectives” where “effect = deviation from the expected”, and “uncertainty = the state of deficiency of information”. Risk management is considered one of the most challenging requirements of ISO 9001.
All business activities involve some kind and some degree of risk, and all organizations manage risk by anticipating and addressing identified challenges. Larger organizations are usually better equipped and structured to deal with risk. Smaller organizations, although more exposed to the negative aspects of risks often can address risk-related concerns more effectively taking an advantage from their simplicity and flexibility. The auditors are expected to interpret objectively the risk management-related requirements, while the consultants tend to exaggerate their complexity, but often recommend off-shelf, generic solutions.
Based on over 30 years of professional experience Arc’s presentation will review the risk management-related requirements defined in ISO 9001: 2015, discuss the most common risk factors, and present examples of practical solutions which ensure that risk is identified and addressed effectively, and in compliance with regulatory and contractual requirements. The presentation will be followed by the the 15-min Q&A session.