Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Andy Nichols, Mar 22, 2021.
It seems a simple enough question, but I'm looking for some clarity...
I appreciate times like these @Andy Nichols , when you go "fishing"
ISO 9001 doesn't say too much about the actual term "opportunity(ies)" In fact, ISO 9000, does not give a definition for "opportunity(ies)". The standards do, however, commonly "link" risk with opportunity(ies).
9000 identifies risk as...
The effect of uncertainty
It's important at this time to reminder our viewers that there is a common theme throughout the standard...
1- Clause 4 Context of the organization, requires us to determine....
WHO are we
WHAT do we do
WHAT do they care about.
2- Clause 6 Planning, requires us to...
Consider what we determined as result of clause 4, and then PLAN (including consideration of RISK and OPPORTUNITY)
3- Clause 9.3 Management Review, then requires us to...
Compare our results to our plans and respond accordingly ...
RISK and OPPORTUNTY are anything that could subvert our PLANNING back in clause 6, and, therefore, should be considered continually/frequently, even AFTER our plans are made. Remember, risk or opportunity can both be either "GOOD" or "BAD".
One example I often use to describe OPPORTUITY is as follows...
* If a customer suddenly and with no warning, increases orders volumes by 300%, the Sales team may see this as an opportunity. That opportunity, however, can cause significant risk to production, supply chain, logistics, etc..etc..etc...
Hope this helps.
I did some digging, @John C. Abnet and discovered this document (someone pointed me at it) https://www.iso.org/files/live/sites/isoorg/files/standards/docs/en/terminology-ISO9000-family.pdf and it does, indeed, define the term "opportunity" but not "risk". I'm not certain of the context of this glossary or if it's even mentioned in ISO 901:2015 or ISO 9000:2015. As was pointed out in the discussion, the addition of the words "risk and" before the term opportunity creates "risk and chance". If we also add the definition of risk, we get "the effect of uncertainty and chance" (or the risk of uncertainty on objectives and chance", which makes little grammatical sense (to me)). My head hurts. What worries me most is that without a clear definition of terms, what the heck is a) an organization to do in a practical sense and b) what have auditors been auditing?
Wow @Andy Nichols . How is it possible ive never seen this? (and of course, WHY did the ISO team decided to add a separate "glossary" to clarify the "glossary" ???!?)
Regardless, thanks for digging this up and sharing it.
Although I don't have an ISO text book answer I am going to take a stab at defining the intent of "Opportunity." At a quick glance opportunity is defined by a Google search as "a set of circumstances that makes it possible to do something." Doing something is how progress is made. Sitting idle does not move a QMS ahead. Seize the the chance to correct grammatical or spelling errors found on a current document while you are updating it for some other reason is an opportunity to fix errors that were not fixed before. It may be small but it improves the QMS. Reviewing processes on a regular basis or in the event of a customer issue is a chance not only improve the process you are working on but others that are similar (Yokoten). Its the circumstance of what makes it possible at the time. An opportunity (circumstances that makes it possible to do something) whether good or bad can only be taken advantage of by doing something.
Wow, thanks TWhite - doesn't THAT make sense! It seems that, and I've read similar discussion points elsewhere, the ISO 9001 folks have - perhaps - caused a conundrum by making the requirement "risk and opportunities" when possibly it should be "opportunities and associated/applicable risks"? Just thinking aloud here...
Good day, @Andy Nichols. Long time no act. Hope, the quotations below make the issue clear.
It should be «The organization shall determine the risk associated with threats and opportunities» (ISO DIS 14001:2015 cl. 6.1.4 Risk associated with threats and opportunities). http://parsetraining.com/wp-content/uploads/2018/11/ISO_DIS-14001-2015.pdf Unfortunately this did not happen and organizations have to determine risks (associated in fact with threats and opportunities) and again (!) opportunities.
«Opportunities can arise as a result of a situation favorable to achieving an intended result» (ISO 9001:2015 cl.0.3.3).
«The understanding that risk can have positive or negative consequences is a central and vital concept to be understood by management. Risk can expose the organization to either an opportunity, a threat or both» (ISO/TR 31004:2013 cl.A2).
«Risk - effect of uncertainty on objectives. An effect is a deviation from the expected. It can be positive, negative or both, and can address, create or result in opportunities and threats» (ISO 31000:2018 cl.3.1).
«In all types of undertaking, there is the potential for events and consequences that constitute opportunities for benefit (upside) or threats to success (downside) (Federation of European Risk Management Association (FERMA). A risk management standard, 2013).
@Leonid: I note that none of your references are from the ISO 9000 Normative reference. While all your cited references may in their own way be valid, it's an leap of faith to believe that's what the ISO/TC 176 people mean.
If by "doing something" will lead to chance, and chance is "opportunity", and opportunity is "circumstances which makes it possible to do something", then it follows that: "Doing something will lead to circumstances that will make it possible to do something"
@Tony: These are two different "sometings". Doing the QMS makes it posible to improve it.
Favorable cirumstances often occur in the external context. Our competitor has bankropted. Market demand for our products has increased. Tender conditions are published. A new ISO standard is issued (opportunity for consultants, trainers and CB). You occasionally had a cup of cofee with a person who then becomes your customer. Participation the the forum is also the opportunity for participants to improve operations of their QMS.
It seems a simple enough question, but I'm looking for some clarity...
Good Day Mr.Andy
An opportunity is a set of circumstances which makes it possible to do something.
Taking or not taking an opportunity then presents different levels of risk.
An example explaine by ISO Org. further explains this
Crossing the road directly gives me an opportunity to reach the other side quickly, but if I take that opportunity there is an increased risk of injury from moving cars.
Risk-based thinking considers both the current situation and the possibilities for change.
Analysis of this situation shows opportunities for improvement:
• a subway leading directly under the road
• pedestrian traffic lights, or
• diverting the road so that the area has no traffic
In my perception:
Opportunities are doors that open in the direction of achieving a goal.
Behind the door, we assume the presence of "surprises". They can be GOOD or BAD. Each "surprise" is determined by the likelihood of occurrence and the significance of the consequences - the risk.
When choosing a door, we are guided by a set of risks associated with it.
Separate names with a comma.