Wednesday, August 17, 2016

Quality Risk Assessment - definition of 'high', 'moderate' and 'slight' risk.


Q: I'm putting together a quality risk register for our business and looking for some examples other people have used for their definitions of 'high', 'moderate' and 'slight' risk. 
For example, 'high' risk could be: 
  • major financial loss to business, 
  • major loss of company reputation, 
  • complete break-down of management system, 
  • loss of accreditation. 
 A: The examples above refer to the high consequences wording.
At Risk analysis and Risk evaluation phases, it is necessary to take into account likelihood, a mandatory risk component.
Major financial loss to business, major loss of company reputation, complete break-down of management system, loss of accreditation – all these examples could be attributed to the 'slight' level of risk when likelihood is close to 0.

Based on our experience, the risks in the Risk list should be worded in terms of an ‘event’ – an adverse event that may occur with a certain likelihood.
Further, consequences and likelihood are determined, for example, via expert evaluation.

In such a way, risk ranking can be easily implemented.


Q: Risk management tools - what do you use to track risks and controls? 

How do you record and track risk assessment and management for your QMS/organization? 

Do you use any specific tools, databases or other systems to track risk management? 

 A: There are many risk management methodologies. IEC 31010:2009 ‘Risk management -- Risk assessment techniques’ provides a lot of details on the subject.

Based on our experience, for the enterprise-wide application of actions to address risks and opportunities (in compliance with ISO 9001:2015) it is necessary to offer simple tools and simple form of records.

ММ 6.1-01-01 "Risks management in QMS process Methodical Manual" provide examples of such methodologies and techniques.

More on Risk Based thinking.


Free downloads:

No comments:

Post a Comment