1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Risk Register

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Rory W., Mar 15, 2018.

  1. Rory W.

    Rory W. New Member

    Joined:
    Mar 15, 2018
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Hello all, Glad to meet you all
    I'm new to ISO 2015
    I'm look for a template of how people/companies are tracking internal risk.
    Thanks
     
  2. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    732
    Likes Received:
    361
    Trophy Points:
    62
    We use FMEA. You can google for forms and such online.
     
  3. NattyG

    NattyG Member

    Joined:
    Mar 13, 2018
    Messages:
    19
    Likes Received:
    3
    Trophy Points:
    2
    There's a risk register on here under resources.

    I'm unfamiliar if ISO: 9001: 2015 requires a risk register or FEMA?

    Whats the difference @Golfman25?
     
  4. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    732
    Likes Received:
    361
    Trophy Points:
    62
    You don't need a risk register -- ie; a list of risks. We basically look at two types of risks -- global business risks and process risks. The global risks we use a SWOT analysis. The process risks we use process FMEAs -- basically where can we mess up.
     
    jaltangerel likes this.
  5. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    4,210
    Likes Received:
    2,116
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    You don't need anything like a risk register or an FMEA and certainly not a templet. It's much simpler than that. The place to document your risks and opportunities is in your management review records.
     
    FatSquirrel and jaltangerel like this.
  6. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,249
    Likes Received:
    944
    Trophy Points:
    112
    Location:
    Laguna Philippines
    My approach is: I determine risks and/or opportunities for every process then determine actions to address them. The results of actions are reviewed during our monthly management meeting. We treat our tool as a "living document" and should be updated whenever we identify new risks/opportunities, nonconformity, new internal/external issues or new requirements. Updating of this tool may trigger revision of our documented procedures. See my sample template below:
    upload_2018-3-28_14-0-31.png
     
    jaltangerel likes this.
  7. Qualmx

    Qualmx Well-Known Member

    Joined:
    Oct 7, 2015
    Messages:
    443
    Likes Received:
    58
    Trophy Points:
    27
    Location:
    Mexico
    Tony's Would you find useful to use like a technical sheet to evaluate risks.
    To use one sheet for each risk, having such document controlled?
    In This way if a change ocurrs in the risk , is a controlled change, compared to have a live excel document, in which is not easy to have control.
    Thanks
     
  8. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,249
    Likes Received:
    944
    Trophy Points:
    112
    Location:
    Laguna Philippines
    A spreadsheet like MS Excel is okay for documenting risks/opportunities and the actions to address them.
    Use of one sheet per risk might be impractical.
    Should you use an excel spreadsheet, put a date on when each risk/opportunity and action is entered into the spreadsheet rows. So every time you update the list (e.g. new risk is identified), you only need to indicate the date of the latest entry. See sample of my old template below:
    upload_2018-3-28_16-1-36.png
     
    jaltangerel likes this.
  9. Qualmx

    Qualmx Well-Known Member

    Joined:
    Oct 7, 2015
    Messages:
    443
    Likes Received:
    58
    Trophy Points:
    27
    Location:
    Mexico
    Thanks
    But I refer when a risk is changed or actions, in an individual sheet you can have control of that change, while in a spreadsheet (because is live document) is not possible to have control of changes.
    Would it be convenient such management?
     
  10. cablon

    cablon New Member

    Joined:
    Apr 17, 2018
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Nice Sir Tony!

    lodi petmalu
     
  11. Qualmx

    Qualmx Well-Known Member

    Joined:
    Oct 7, 2015
    Messages:
    443
    Likes Received:
    58
    Trophy Points:
    27
    Location:
    Mexico
    Dear Tony s

    Just lasts questions

    I´ll try to implement an approach like yours for the RBT, for that
    just want to make questions.

    1. Do you manage the residual risk? and how
    2-What is your criteria to close out a risk?
    3- What do you do if actions of risks were not effective?
    4- You say that in MR meetings effectiveness of actions are reviewed, for this
    is enough that in MR records, after asked to managers, to state " yes or Not", or evidences are required to be shown?
    e.g. a production record, records of training, corrective action closeout?
    5- Only to confirm, I know you dont rank risks, nor use probability and impact
    you only do an approximate feeling of the risk, without using formulas or special equations, and you dont have a written procedure
    to manage the risks.

    Hope my questions are clear.
    I really appreciate your help
     

Share This Page