1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Hello and Welcome to The Quality Forum Online...Continuing in the spirit of People Helping People !
    Dismiss Notice
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Risk Management Process

Discussion in 'ISO 31000:2009 - Risk Management' started by Dilek, Dec 14, 2015.

  1. Dilek

    Dilek New Member

    Joined:
    Dec 14, 2015
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    How do you define a Risk Management Process? What are the inputs and outputs?
     
  2. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    598
    Likes Received:
    178
    Trophy Points:
    42
    Did you google Risk Management Process? Inputs are associated with 4.1= internal and external issues affecting the QMS and the strategy. Outputs are mitigation to minimize risk
     
  3. Dilek

    Dilek New Member

    Joined:
    Dec 14, 2015
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I prefer to express more clear... Such as incidents, new assets, changing policy/objectives etc. Do you want to add more data?
     
  4. Padym

    Padym Active Member

    Joined:
    Oct 19, 2015
    Messages:
    55
    Likes Received:
    8
    Trophy Points:
    7
    I think If we read the guidance document itself - it is pretty much clear on the approach. Do not fall into the various methods of risk - there are many of them (31000 being one of them) . This is where we get confused and our focus gets deviated from the core concepts of Risk Management. Therefore I suggest to prepare your mind, pick 1 or 2 good books,ensure complete reading, do not google out much (cause of frustration/lack of focus), jot down key points in your note book. I think that's enough to get you started.

    Another thing I want to mention is 31000:2009 is the High-level guidance document for organization to have Enterprise level Risk Management process. It requires you to adjust to meet requirements for specific standards like for ISO27001, ISO9001:2015. However the standards itself doesnt have requirement to follow this method except a note as a reference / guidance document.
     
    Raymond@1 likes this.
  5. David Sanabria

    David Sanabria Active Member

    Joined:
    Jan 2, 2016
    Messages:
    50
    Likes Received:
    3
    Trophy Points:
    7
  6. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    598
    Likes Received:
    178
    Trophy Points:
    42
    I am sorry for moving a little fast without even thinking that maybe you need guidance. Somewhere in this forum there is a Risk Based Planner based on ISO3100. I am using it and it is saving me a lot of work. I got this template from the Resource section of this forum. I hope it will help you.
     

    Attached Files: 1. Scan for viruses before using. 2. Report any 'bad' files by reporting this post. 3. Use at your Own Risk:

Share This Page