Risk Management In ISO 9000 Standard

Risk Management In ISO 9000 Standard

In each human endeavour there is an element of risk; personal, project or financial, or a combination of them all. The job of the responsible individual is to identify the risk and act accordingly. We all do these ‘risky’ things, almost daily, aware that we are taking a risk. Rather than staying away from the risk we become adept at identifying it and having a strategy for dealing with it if the risk materialises. This is what risk management is about, and is an ability that is important in virtually every endeavour.

The popular misconception that risk management is difficult or complicated stems from the bureaucratic methodology of some system-oriented organisations and managers. It is neither complicated or bureaucratic, and need not be. Risk management is basically a simple proposition with a complexity dictated by the nature of the situation to which it applies – usually a project, and the parties involved. In its basic form risk management involves:

1. Identifying risk – Looking for anything that threatens the successful completion of the project against the original requirement. Risks can be environmental, organisational, technical, legal, economic or commercial.

2. Counteracting risk – Taking action to remove or reduce the probability of a risk being realised. The response depends on the nature or seriousness of the risk.

3. Acting when the risk event occurs – Invoking whatever contingency measures were devised for the risk that has materialised.

And for this to happen needs:

4. Monitoring at all stages – This typically means documenting a risk assessment in a profile that identifies the risk, the probability of its occurrence, and the impact if it does materialise. Factors that score paramount are those that require the greatest attention and monitoring. A good risk manager will devise contingency plans that reduce either the probability or the impact of these occurrences, and so remove them from the scene.

Working within a formal structured management system similar to that defined by ISO 9000 requires the application of risk assessment practices to satisfy the requirements of the Standard. Auditors of such systems may not find specific references to risk management in these areas even though the identification of potential failure (8.5.3) is wholly concerned with a topic that is nothing less than risk management.

Well managed risk taking is an essential feature of any forward thinking enterprise, since risk is an element of any progression or advancement. It is the adoption of effective risk management in conjunction with the continuing need to drive forward from a comfortable position that leads to progress and advancement. Doing what we always do purely because the risks appear to be negligible or are well known is to be ‘risk averse’, and for progressive organisations cannot be acceptable. Neither is it acceptable to pursue new ideas without an understanding of their potential benefit, proper planning, a clear idea of the threats to these benefits being achieved , and a strategy for dealing with them should they materialise. We need to manage in a manner that is neither predictable or reckless. Risk assessment is an essential tool to support this strategy.

ISO 9000 Document Management Software System

ISO 9000 Document Management Software System

Today’s manufacturing companies that seek ISO 9001 compliance-(regardless of their motivation to do so) probably don’t find it that difficult to create intelligent documentation. After all, a few days with a good consultant or a quality manager can take care of document creation. The problem lies in the gap between what employees are doing and what employees are supposed to be doing (in terms of adhering to documentation) and the gap between the manner in which processes are being implemented and the manner in which they should be implemented ( in accordance with documentation). In other words, the problem lies in the way processes are strategized and applied and in the way employees commit to standards when compared against existing documentation. How can a company overcome these issues? The answers may be simpler than you think.

Automation is the Answer for ISO Control
If your underlying processes are poorly strategized then an automated document management software system won’t be of much use. However, once the processes have been effectively planned (and applied) a document management software system can speed process-to-process management by leaps and bounds. Companies that automate not only to comply with ISO standards but to generate more revenue by performing less administrative labor save weeks and even years worth of time just by automating their processes and documentation control with a document management software system.

Making Amends
The right document management software system and ISO document control would also allow companies to find deviations and nonconformance events faster and move those events to resolution phases in a small fraction of the time they were originally routed—if they were routed at all. Some ISO 9000 document management software systems may even be combined with a CAPA QMS solution. This is especially valuable when determining the root cause of major to minor deviations.

A Document Management Software System and Employee Training
ISO standards do not require any type of automation but ISO standards lend themselves to automation in a way that’s quite remarkable. Take for instance the following document management requirements from the official ISO 9001 International Standard.

ISO 9001 Section 4.2.3
ISO standards make it clear that ISO 9001 “approved” companies must define (i.e., document) how they will approve documentation, how they will identify documentation changes, how they will update/reapprove revised documentation, how external documentation will be managed and how assurance will be provided that documentation will be available when it is required. 1 And that’s only a shadow of things to come! A document management software system designed for strict compliance can automate the approval of documentation, the identification of document changes, updates and reapproval notifications, external documentation management and high-level document security. Some solutions also integrate training and online exams as well.

How Much Could You Save?
Chances are high that automation will save you thousands, tens of thousands or even hundreds of thousands of dollars annually depending on the size of your company. Just foregoing a typical document routing process (a manual process) can save many employees fruitless trips back and forth from one office to another. Who wouldn’t want to avoid those time consuming searches through 3-ring binders and lost documentation due to employee absence or neglect?

Conclusion
Regulation and control are the future for manufacturing. Gone are the days of free experimentation and a blind eye toward material waste. Today is the day of premeditated design, quality assurance and web-based automation. If your company plans to be, or already is, compliant with ISO 9001 standards why not consider automating those ISO 9001 controls with a document management software system.