Toward the disappearance of corporate information silos effects
Jan 29th, 2015
Disappearance of corporate information silos effects
In 2014 we stressed in various posts how risk management has to encompass asset management. That’s a concept embraced by ISO 31000 and ISO 55000.

It seems that ISO is also finally recognizing that QMS (Quality Management Systems) and information silos are incompatible. Moreover certainly not independently from Risk Management. Therefore ISO puts clear emphasis on Risk-based management. It should help to
- consider issues,
- determine risks and opportunities,
- define actions to address the risks, and finally
- etc.
It appears that the ISO 9001 2015 draft (to be published in September 2015) includes in the “Understanding the organization and its context” section a requirement to certify companies. The idea is to determine external and internal issues relevant to its purpose and that affect its ability to achieve the intended outcomes of its QMS (i.e. risks).
In other words a company requiring ISO 9001 certification should be clear on its organizational structure and its context. Then the company should perform a risk management approach to determine what could go wrong that could prevent quality standards as intended by the QMS.
Toward the disappearance of corporate information silos effects
ISO stresses a “process approach”. That means understanding the anatomy and the physiology of the system under consideration. That of course includes upstream (suppliers, logistic) and downstream (clients, logistic) entities and related processes.
The Draft also stresses that top management must demonstrate leadership and commitment with respect to customer focus. We discussed this another aspect in a recent post, showing how this goal intertwines with risk management.
The transition and implementation schedule show a start at end 2015.
- The first step, after learning about the new requirements will be to evaluate impacts on clients’ organizations. A quick methodology like ORAPR will help your organization to breeze through this first step. In particular it will help you guide your efforts in an efficient and concrete way.
- Then your risk assessments needs to be explicit, updatable and transparent.
- At the end of the path ORE implementation will cover all the risk management needs
Tagged with: ISO 31000, ISO 55000, ISO 9001, QMS (Quality Management Systems), Risk-Based Management
Category: Consequences, Hazard, Mitigations, Optimum Risk Estimates, Risk analysis, Risk management, Uncategorized
Leave a Reply