Risk Assessment 6.1.2.1

Does anyone have any advice on the best way to show evidence of a risk assessment or an example of a template please?

 

Hi Daniel,

We struggled with this as well, and we decided to incorporate this into our Change Request/Engineering Change Notice form. We actually ask if a risk assessment was completed (giving examples of risk) and if the response is 'No', we require an explanation. Another example would be a SWOT document that addresses your Strengths, Weaknesses, Opportunities and Threats. Hope this helps and welcome to the group!

 

Good point, but PFMEAs aren't all inclusive. It just pertains to the process but risk analysis can be performed in various areas of the quality management system.

 

Good day @Daniel Attwater ;
You have received some good council. Allow me to add a consideration to ensure your risk analysis is not "static"...i.e. "one and done".

Here is a paraphrase of a response I provided to a similar question elsewhere on this site....
Risk and Opportunity....... change regularly. For example, fuel prices are currently extremely low. In part because of the fussing between Russia and Saudi Arabia, but also because of the current health crisis. This "risk" or "opportunity" (if you are a US shale producer, huge RISK, if a logistics company, huge OPPORTUNITY). was likely not on the radar (or a matrix) of the industries in my example six months ago.

Risks and opportunities are very dynamic. Regardless of what the standard requires, your organization would likely benefit from frequent (e.g. monthly? ) reviews of risks and opportunities that present themselves.

I assure you, USA shale producer company's Top Management did not wait month(s) to take action when per/barrel prices of oil started this recent significant drop.

Hopefully from my ramblings you can see why a fixed "matrix" of risks and opportunities might not benefit your organization. ALWAYS do what helps your organization...NOT what simply pleases an auditor.

Hope this helps.
Be well.

 

Hi Andy, thanks for the advice. Yes we have FMEA's which will cover a lot of it. However, in a previous employment we had to conduct risk assessments for scrap products, risk of them getting to black market etc.
"The organization shall include in its risk analysis, at a minimum, lessons learned from product recalls, product audits, field returns and repairs, complaints, scrap, and rework. The organization shall retain documented information as evidence of the results of risk analysis" What is it asking for a risk analysis on in terms of scrap, complaints and rework etc? The risk or producing scrap is obviously quite large given the nature of automotive production, Sure they dont want every part of the process risk analysised?

 

Hi Thanks for the advice, the IATF manual states "
The organization shall include in its risk analysis, at a minimum, lessons learned from product recalls, product audits, field returns and repairs, complaints, scrap, and rework.The organization shall retain documented information as evidence of the results of risk analysis" How would you show evidence of a risk assessment for the items mentioned in the statement?

 

Management Review Meeting minutes can be a good tool to document this information. It should already be on your agenda and that's where you can usually capture all areas of risk analysis.

 

Hi Andy,

Sorry it's taken me so long to reply. So if I have understood correctly, FMEA's and Control plan would be sufficient tools to show that as a business we have analyzed certain risks associated with the product? For warranty returns etc an 8D or fishbone document providing its documented and stored would be fine?