Actions to address risks and opportunities: Planning

How are actions to address risks and opportunities planned ? 

There are two approaches to the planning of actions to address risks and opportunities.
The choice depends of

• the size of the company, 
• the informal importance of risk management, when wrong decisions could cause substantial consequences (material losses, market losses, traumatism, etc.), 
• the level of personnel training. 

 1. Develop and implement a risk management system considering (or even in compliance with) ISO 31000. Such system fits in well with the requirements of ISO 9001:2015.
An example of this decision in a concise form, when risk management activation are described in the form of a quality procedure can be found in QSP 6.1-01 Actions to address risks and opportunities.

2. Confine to staff training and a methodology of risk management that is easy to implement and that fully covers the requirements of ISO 9001: 2015.
An example of such decision is described in Methodical Manual MM 6.1-01-01 Actions to address risks and opportunities in QMS processes

Which ISO 9001 revision applies during transition from 2008 to 2015 versions

When a company is transitioning from the 2008 version of ISO 9001 to the 2015, which version must the company comply with?
For example:
A company has an existing ISO 9001:2008 certification.
From now, to when a 2015 based certification will be obtained (in several months’ time, after an audit) - does the company have to comply with ...
the 2008 version?
the 2015 version?
or both ?!
There are two deadlines when transitioning to the new version of ISO 9001:2015:
1) September 2018 – 3 years since ISO 9001:2015 was released. During this time, ISO 9001:2008 QMS certification is valid.
2) Organization’s recertification date (closest certification audit).
A date that comes first is considered to be the deadline.
Before the deadline, the organization should:

• Train the personnel on the new version of ISO 9001;
• Design and implement the missing processes;
• Adopt new documented information structure (by the decision of the Organization);
• Develop the missing documented information;
• Conduct internal QMS audit for compliance with ISO 9001:2015.

It is advisable to do the transition gradually and implement in process of readiness (start actions to address risks and opportunities in each QMS process, gather context of the organization information and consider it during the management review, form and control the organizational knowledge, etc.).

This approach is possible because ISO 9001:2015 does not contain the requirements compliance with which will contradict the ISO 9001:2008 activities.
Free Downloads:

The Program of QMS Development, Implementation, and ISO 9001:2015 Certification Preparation



Other ISO 9001:2015 documents and templates

Organizational Knowledge ISO 9001:2015 § 7.1.6

We are stuck on getting 'Organizational Knowledge' element off the ground. We know what is required and have the intellectual resources to do it. Any ideas on where to start?

I've got the assignment to lead the project "Organizational Knowledge" and I would like to develop an effective concept, as simple and as smart as possible, without overloading the organization unnecessarily. Any suggestions on how to determine the NECESSARY Knowledge to be maintained and be made available? 

We have a positive experience in the implementation of the following approach. The key is the category of “Organization's Knowledge Bank” - the database structured by the intellectual asset groups, taking into account the organization's strategic development directions, and arranged on the organization server.

‘Control of organizational knowledge’ process includes four stages:

• definition of the necessary knowledge - via forming the knowledge bank structure;
• creation of the organization's knowledge bank - collection of data from different sources;
• maintaining and providing access to knowledge - through “Organization’s knowledge bank section moderators”, competent in the given field of knowledge, among the QMS process owners and third-party experts, including university professors;
• QMS processes improvement through acquired knowledge - is carried out in two ways: 

1. Via the personnel access to the Organization’s knowledge of the organization. 
2. Via personnel training. 

More details can be found here: “QSP 7.1-04 Control of organizational knowledge”


Other ISO 9001:2015 Documents and Templates