DIAGNOSIS OF REQUIREMENT OF RISK BASE THINKING IN ISO 9001:2015 AND IATF 16949:2016
We can find lots of literature on the risk base thinking, risk management and many other related to risk, but here we diagnose and understand requirement , related and interrelated clause of risk base thinking with respect to ISO 9001:2015 and IATF16949:2016
in simplified and lucid way
What is Risk?
Risk is, Effect of uncertainty on the objective.
Regarding the risk base thinking as in ISO9001:2015 its starts from 0.3.3, where we get the answer for,
Why risk base thinking is essential?
— Risk base thinking is essential for achieving an effective quality management system, and this concept use as “Preventive Action” in earlier version for eliminating nonconformities.
This also refers to clause A.4 (part of Annex A, informative) for details of risk base thinking, here we can see explanation how it is in connection to:
Clause 4.1: Understanding the organization and its context
Clause 4.4: Quality Management system and its processes and
Clause 6.1: Action to address risk and opportunity.
So as per, Clause 4.4: Quality Management system and its processes
The organization shall determine the processes needed for the quality management system and their application throughout the organization, and shall:
THE TAKE AWAY IS,
- f) Address the risk and opportunity as determined in accordance with the requirement of 6.1
How to determine the processes needed for the QMS?
The answer is “Process Approach” as mentioned in 0.3.1 which highlight as
“The process approach involves the systematic definition and management of processes, and their interaction, so as to achieve the intended results in accordance with the quality policy and strategic direction of the organization”.
So, to determine the processes needed, adopt the process approach with use of tools/ methodology like
Turtle Diagram and SIPOC
Author recommended the turtle diagram methodology for each processes and their interaction.
After listing all the processes and their interaction refer clause 6.1 as address in clause 4.4 (f)
- To address the risk and opportunity we have to determine the processes needed for the QMS.
Clause 6.1 Actions to address the risk and opportunity also 6.1.2 (a)
So, for each processes needed for quality management system, actions are required to address the risk and opportunity.
Additionally for IATF 16949:20016 refers the,
Clause 188.8.131.52 Risk analysis
Besides risk address and action taken for each processes as mentioned above, following shall include to address the risk analysis, they are
Now question is “what are the options to address the risk”?
The answer to above question is very beautifully explain in NOTE 1 of clause 6.1.2, I feel without this requirement of risk base thinking cannot be completed,
The list if options to address the risk are:
- Lesson learn from product recall
- Product audits
- Field returns and repairs
- Scrap and
- Avoiding risk
- Taking risk in order to pursue an opportunity
- Eliminating the risk source
- Changing the likelihood or consequences
- Sharing the risk
- Retaining the risk by informed decision.
Risk is effect of uncertainty on the objective and any such uncertainty can have positive and negative effects.
So to address, negative effect use the Preventive action, refer clause 184.108.40.206
“The organization shall establish a process to lessen the impact of “NEGATIVE EFFECT” of risk including the following”………….
Here, use FMEA methodology to support preventive action, as FMEA consider only the negative risk.
For positive risk, we can use SWOT ANALYSIS, as a positive deviation from a risk can provide opportunity and if not the SWOT analysis, simply gathers the opportunities.
Now, question is why SWOT analysis and if not the SWOT analysis, simply gathers the opportunities.
We can find answer in NOTE 2 under clause 6.1.2 which state that, opportunity can leads to,
THE GIST and sequence to follow are to address the risk base thinking are:
- The adoption of new practices.
- Launching new products.
- Opening new market.
- Addressing new customers.
- Building partnership.
- Using new technology.
- List down the processes needed for quality management system (4.4).
- Use process approach – turtle diagram for processes and their interaction(0.3.1)
- Address the risk and opportunity for each processes (4.4,f).
- Action to address these risk and opportunity (6.1.2(a)).
- See what are the options to address these risk and opportunity( Take help of NOTE 1 of 6.1.2)
- Also , carryout risk analysis as per requirement of 220.127.116.11
- If required, use methodology FMEA and SWOT analysis.
- Look for the opportunity ( Take help of NOTE 2 of 6.1.2)
On the basis of above GIST make table as suitable as per QMS requirement and fill that suitably.
PS: If you are going for ISO9001:2015 leave the clauses of IATF16949:2016 and for IATF 16949:2016 follow all above.