Risk Management and the Smaller Manufacturer – Part 3

Risk Management and the Coming ISO 9001:2015 Standard

This is the third of a three post series on risk management. Part 1 of this series provides an overview of risk management. [1] Part 2 of the series provides specific risk management suggestions for smaller manufacturers, especially the use of Failure Modes Effects Analysis (FMEA). [2] This post, part 3, focuses on the risk management aspects of the new ISO 9001:2015 Standard for Quality Management Systems.

The ISO 9001:2015 Standard

ISO 9001 GraphicISO, the International Organization for Standardization, organizes the creation of thousands of voluntary; consensus based global standards for business, commerce and technology. The ISO 9001 Standard for Quality Management Systems is likely the most widely known of those standards. Over a million firms and organizations in 170 nations have been certified as compliant with the ISO 9001 Standard.

ISO policy requires that existing ISO standards be reviewed and revised periodically. The current version of the ISO 9001 Standard was issued in 2008, hence is referred to as ISO 9001:2008. A new version has been under development for several years. It is expected to be released as ISO 9001:2015 later this year. The million-odd firms and organizations now certified to ISO 9001:2008 will have three years following the release of ISO 9001:2015 to revise their quality management systems and have them recertified to the new version of the Standard. [3]

Opportunity – The Flip Side of Risk

There are several significant changes in the new ISO 9001:2015 version. Perhaps the most obvious is a broad emphasis on risk management. The current version, ISO 9001:2008, requires that compliant quality management systems include a documented process for Preventive Actions – pre-emptive actions to reduce the risk of future product non-conformities. The new version drops the requirement for a documented Preventive Actions process. Instead, the ISO committee tasked with developing the ISO 9001:2015 version holds that risk management has been implicit in earlier versions. [4] The new version makes risk assessment and risk management explicit throughout the standard.

The same ISO committee points out that opportunity is the flip side of risk. Analysis and assessment of risk may well suggest opportunities for improvements. Consider this:

Objectives > Operating processes > Results

The organization’s objectives are realized as results by means of the operating processes that the ISO 9001 Standard describes. “Improvement” should be thought of as improvement in results relative to those objectives. “Opportunity is not always directly related to risk, but it is always related to objectives. By considering a situation, it may be possible to identify opportunities to improve.”

Practically speaking, it appears to me that the Failure Mode Effects Analysis (FEMA) discussed in a previous essay can provide a ready structure for complying with much of the risk assessment, opportunities identification, follow – through and documentation activity required by ISO 9001:2015. [5]

Some Food for Thought

Should your firm embrace ISO 9001:2015? If you are currently certified to ISO 9001:2008, a moderate amount of rework will be required to bring your existing quality management system into compliance. You will have three years in which to implement the necessary changes. Prior to undertaking that work, you may wish to evaluate your experience to date with ISO 9001 and its role in the accomplishment of your firm’s objectives.

Discipline and Sustainability: ISO 9001 is intended to promote disciplined operations. Disciplined operations promote uniformity in outputs, including product uniformity and throughput rate consistency. Uniform outputs improve competitiveness by improving customer satisfaction and by reducing wastes, hence costs. Competitiveness – the ability to persist financially in a globalized economy – is a prerequisite for Sustainability by any rational definition of that term.

Chuck - Vancouver Thoughtful comments and experience reports are always appreciated.

…  Chuck Harrington


P.S: Contact me when your organization is serious about pursuing Sustainability … CH

This blog and associated website (www.JeraSustainableDevelopment.com) are intended as a resource for smaller manufacturers in the pursuit of Sustainability. While editorial focus is on smaller manufacturers, all interested readers are welcome. New blog posts are published on weekly.

ISO 9001 Graphic from www.dreamstime.com

[1] See: http://jerasustainabledevelopment.com/2015/04/11/risk-management-and-the-smaller-manufacturer-part-1/

[2] See:  http://jerasustainabledevelopment.com/2015/04/18/risk-management-and-the-smaller-manufacturer-part-2/

[3] For more on ISO and the ISO 9001 Standard, see ISO’s website at www.iso.org. ISO also offers a publication entitled ISO 9001 for Smaller Businesses, available for sale at:  http://www.iso.org/iso/home/store/publication_item.htm?pid=PUB100313

[4] The ISO committee mentioned is Technical Committee 176, subcommittee 2. The references to risk management are from ISO/TC 176/SC2 Document N1222 (July 2014)

[5] Again, :  http://jerasustainabledevelopment.com/2015/04/18/risk-management-and-the-smaller-manufacturer-part-2/