- LATEST BLOG POST
- echo $post_date ?>
- Integrated and convergent risk approaches need some discussion. Are they so different? And what about the good old Enterprise Risk…
- Read More
In 2014 we stressed in various posts how risk management has to encompass asset management. That’s a concept embraced by ISO 31000 and ISO 55000.
It seems that ISO is also finally recognizing that QMS (Quality Management Systems) and information silos are incompatible. Moreover certainly not independently from Risk Management. Therefore ISO puts clear emphasis on Risk-based management. It should help to
It appears that the ISO 9001 2015 draft (to be published in September 2015) includes in the “Understanding the organization and its context” section a requirement to certify companies. The idea is to determine external and internal issues relevant to its purpose and that affect its ability to achieve the intended outcomes of its QMS (i.e. risks).
In other words a company requiring ISO 9001 certification should be clear on its organizational structure and its context. Then the company should perform a risk management approach to determine what could go wrong that could prevent quality standards as intended by the QMS.
ISO stresses a “process approach”. That means understanding the anatomy and the physiology of the system under consideration. That of course includes upstream (suppliers, logistic) and downstream (clients, logistic) entities and related processes.
The Draft also stresses that top management must demonstrate leadership and commitment with respect to customer focus. We discussed this another aspect in a recent post, showing how this goal intertwines with risk management.
The transition and implementation schedule show a start at end 2015.