Contact

Toward the disappearance of corporate information silos effects

Toward the disappearance of corporate information silos effects

Jan 29th, 2015

Disappearance of corporate information silos effects

In 2014 we stressed in various posts how risk management has to encompass asset management. That’s a concept embraced by ISO 31000 and ISO 55000.

Toward the disappearance of corporate information silos effects

It seems that ISO is also finally recognizing that QMS (Quality Management Systems) and information silos are incompatible. Moreover certainly not independently from Risk Management. Therefore ISO puts clear emphasis on Risk-based management. It should help to

  • consider issues,
  • determine risks and opportunities,
  • define actions to address the risks, and finally
  • etc.

It appears that the ISO 9001 2015 draft (to be published in September 2015) includes in the “Understanding the organization and its context” section a requirement to certify companies. The idea is to determine external and internal issues relevant to its purpose and that affect its ability to achieve the intended outcomes of its QMS (i.e. risks).

In other words a company requiring ISO 9001 certification should be clear on its organizational structure and its context. Then the company should perform a risk management approach to determine what could go wrong that could prevent quality standards as intended by the QMS.

Toward the disappearance of corporate information silos effects

ISO stresses a “process approach”. That means  understanding the anatomy and the physiology of the system under consideration. That of course includes upstream (suppliers, logistic) and downstream (clients, logistic) entities and related processes.

The Draft also stresses that top management must demonstrate leadership and commitment with respect to customer focus. We discussed this another aspect in a recent post, showing how this goal intertwines with risk management.

The transition and implementation schedule show a start at end 2015.

  • The first step, after learning about the new requirements will be to evaluate impacts on clients’ organizations. A quick methodology like ORAPR will help your organization to breeze through this first step. In particular it will help you guide your efforts in an efficient and concrete way.
  • Then your risk assessments needs to be explicit, up­datable and transparent.
  • At the end of the path ORE implementation will cover all the risk management needs

 

Tagged with: , , , ,

Category: Consequences, Hazard, Mitigations, Optimum Risk Estimates, Risk analysis, Risk management, Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *

Riskope Blog

  • LATEST BLOG POST
  • Integrated and convergent risk approaches need some discussion. Are they so different? And what about the good old Enterprise Risk…
  • Read More

More Info

  • Get in Touch
  • Learn more about our services by contacting us today
  • t +1 604-341-4485
  • +39 347-700-7420

Vancouver Digital Creative Agency Ballistic Arts Media Studios.