What is the best way to approach risk management for our company?

I'm not

I'm not involved in the behind-the-scenes of ISO 9001:2015 RBT, but in medical devices RBT is a pretty old concept. ISO 14971 encourages considering ALL STAKEHOLDERS (not just clients), and that includes own employees, regulators, distributors, suppliers etc., and if done properly would cover all relevant needs/expectations as Somashekar has highlighted.

The video is very nice in itself, but it actually demonstrates a dysfunctional risk management process. There's no risk estimation and evaluation, and in the end the risk is taken even though it's unacceptable by face value. Taking the risk and seeing what happens is not normally an acceptable way of estimating the risk. The end result is less relevant because in real life we never know the end result by the time we analyse the risk (if we do, it's just planning rather than risk management).

 

Well that is one way of looking at risk. But if this video would heighten awareness of RBT, then I would certainly try anything to mitigate the risk. But it has to be as a team not just me. Thanks for your feedback.

 

That video is also an example that people who are certain of what risk exists will begin to get influenced by other carefree people who do not see it (or pretend to) , but keep themselves at distance and watch the fun. There are also people who come from nowhere and assert that no risk exists even when the risk impact has happened.

 

Hi,
I am implementing ISO9001:2015 in a small industry. Is it OK to document the Risk assessment as per the attached template?

 

Evening and greetings from Dublin Ireland. My first time on this forum.
I have been implementing Quality management systems since BS5750 back in 1983(OMG that long!!!!) I'm now beginning the process of implementing the revised standard 2015. The discussion so far on RISK is fascinating. This is the first time that I have to start looking at Risk, Opportunities, processes etc in ISO 9001. I agree with the previous comments as to what a company wants the certification for BUT as a consultant that my objective- certification for my client , continuous improvements come second. I go tomorrow to discuss with my client RISK, how it is defined assessed and controlled. After reading the previous postings I am not too clear on exactly is required, how to document it, how to assess it etc. It was my intention to examine the business risks associated with delivering quality product to the end customer through ultimate customer satisfaction. I was not going to examine each process, to date we have developed 14 process maps for the main operational processes that deliver customer satisfaction. So I need to do some homework prior to tomorrow.
Can somebody give me their opinions on "context" and "opportunities"

I would suggest that we feedback reports on CB audits and from this we will have a benchmark to work to.
Slan

 

My two cents for looking at risk.
When I look at a RFQ. I think can we do this,have I forgot anything, can I make money? (Risk based thinking)
Will the shop be overloaded, can we deliver on time, is all equipment performing to spec. How are we going to do this and deliver a on time and ensure its to customer specs. (Risk based thinking)
This is all that needed to show risk based thinking to the auditors. Its just your thought process
FMEAS, charts ect are not needed to show the auditors risk base thinking. They are a tools used to help build your product/process.

 

Hello,

My company has several quality management system certificates and one of them already requires risk management system implemented. We did a system like FMEA but we defined project risks in the document and we calculated effect x possibility points to analyse risks. Also there has to be actions or response system for all defined risks. According to project management mentality, the responses could be accepting, avoiding, transferring or control/mitigate the risk.

 

Here's my view of "context of the organization".

 

See screen capture
It covers all with one statement!