Wednesday, July 27, 2016

Important steps to start implementing Risk management in the QMS



What are the important steps to start implementing Risk management in the QMS?

It is important to accept that the main task of the initial implementation of risk management in the QMS - making actions to address risks and opportunities an integral part of management decision-making at all levels

Then the keyword is "simplicity".
Implementation of risk management into the QMS processes (ISO 9001:2015 cl.4.4.1.f, cl.6.1 and step "Do" - ISO 31000) consists of four phases:

  • Risk identification,
  • Risk analysis,
  • Risk evaluation,
  • Risk treatment.
1) Risk identification consists of finding, recognizing and describing the risk. The ultimate objective of risk identification is to draft a comprehensive Risk list.
At this phase, the following is important:
      A common approach to risk wording for all processes. A good practice is to word the risks through the "Event" category - an adverse event that may occur with some likelihood.
      Adding all possible risks to the Risk list, including the risks with negligible likelihood.

2) At the Risk analysis phase it is important to:
      Use a simple method of risk level (R) determination, which is clear and can be easily accessible to a broad range of employees. A good practice is to use a ratio:
R = CL
where 

C – consequences,

L – likelihood.

      Commonly use an expert evaluation in determining the components of level of risk, as well as in determining risk criteria at the Risk evaluation phase. At the same time, evaluate the consequences on the extent of the potential adverse impact on the user (external or internal).


3) At the Risk evaluation phase (risk ranking, matching the level of risk and risk criteria as well as the allocation of risk in relation to which it is necessary to carry out risk treatment), the following is important:
  • The level of risk criteria (the maximum allowable level of risk, below which risk treatment is required) should not be set very high. This allows to process the greater amount of risk and avoid possible initial stage errors.

4) At the Risk treatment phase, which is conducted in order to prevent, or reduce, undesired effects and to enhance desirable effects at the process level, it is important to:
      Start with the application of quality management tools, which the team already possess. In reality, the use of cause and effect diagrams in conjunction with "brainstorming" can already give the desirable effect.


ISO 9001:2015 Risk Management resources:

Free Downloads
Posted by Centauri Business Group QPRC at 9:00 AM 0 comments
Labels: , , ,

Monday, July 25, 2016

Control of nonconformities in provision of services

Control of nonconformities in provision of services often causes additional questions.
 
The new documented procedure QSP 8.7-02 regulates the execution of ‘Control of nonconformities in provision of services’ process in relation to the QMS of Organizations that specialize in the provision of services.
 
The Procedure describes the implementation of ISO 9001:2015 requirements, which often cause issues when applied to the services:
  • ensuring the identification of nonconformities,
  • conducting correction, including the possibility of suspension of the service provision,
  • communicating the nonconformity to the customer,
  • follow-up, including the analysis.
 
The diagram of ‘Control of Nonconformities in Provision of Services’ process is shown below:
Inputs
1 - Nonconformity
Outputs
2 - Nonconformity protocol
3 - Information about a nonconformity when providing services
4 - Informational report about a nonconformity when providing services
6 -  Process budget; - Personnel involved in service provision
 
In the ‘Control of Nonconformities in Provision of Services’ process the key categories are nonconformity, correction, corrective action, and acceptance under concession.
 
 
Posted by Centauri Business Group QPRC at 11:20 AM 0 comments
Labels: , , , ,

Friday, July 22, 2016

Employees' Awareness (ISO 9001:2015 Cl. 7.3)

The organization shall ensure that relevant persons doing work under the organization’s control are aware of:
c) their contribution to the effectiveness of the quality management system, including the benefits of improved performance;
ISO 9001:2015 Cl.7.3.c

I am looking for ideas on how to implement the requirements referenced above. 
How do you communicate to your employees that their efforts contribute to the success of the company in a way that everyone will understand?

A good practice is to form quality objectives at the subdivision level based on the principle of expanding the strategy and policy chain:
The quality objectives of the subdivision consists of two components:
1) Subdivision objectives to implement Annual organization development program;
2) Objectives to develop and improve subdivision activities.
In this case, the analysis of subdivision quality objectives fulfillment means the analysis of the subdivision employees’ contribution to the effectiveness of the quality management system, including the benefits of improved performance (fulfillment of the requirements of Clause 7.3.c).

The organization shall ensure that relevant persons doing work under the organization’s control are aware of:
d) the implications of not conforming with the quality management system requirements;
ISO 9001:2015 Cl.7.3.d

How do you communicate that a lack of attention and effort impairs the company's success without diminishing positive attitudes?

This could be done via awareness of employees in the implications of not conforming with the quality management system requirements as part of the actions to address risks and opportunities.

A good practice is to develop a procedure QSP 6.1-01 ‘Addressing risks and opportunities’ and (or) methodology MM 6.1-01-01 ‘Risks management in QMS process Methodical Manual’.

Other ISO 9001:2015 Documents and Templates
Posted by Centauri Business Group QPRC at 8:00 AM 2 comments
Labels: , , , ,
Subscribe to: Posts (Atom)