Tuesday, April 18, 2017

Risk Management for QMS and EMS

Can we merge Risk Management for QMS and EMS? 

If yes what is the common criteria? 


Integration of Risk Management for QMS and EMS is highly advisable. 

 A unified methodology does not confuse employees, makes the organization's management system more "slender", etc.

International standards ISO 31000: 2009 and ISO 31010: 2009 are the common criteria.

There are two possible approaches:
  1. In full - risk management system is developed and implemented in accordance with ISO 31000:2009, as part of the organization's management system. A simple tried-and-tested option is to word Risk Management Manual in a single documented procedure
  2. At minimum - risk management methodology is developed that is uniform for all systems. A set of methods suitable for the organization's tasks should be taken from ISO 31010:2009. An example of a simple risk management technique can be found in ISO 9001:2015 Actions to Address Risks and Opportunities Methodical Manual

Examples of risk management description in the system manuals can be found:

No comments:

Post a Comment