Risk Management Process | Risk related to IATF 16949, ISO 9001, ISO 14001, and ISO 45001& download sample template

Risk Management :

Risk Management related to IATF 16949, 9001, 14001, and 45001 will be discussed here. And also will discuss how to address Risks and its mitigation plan.

Download Risk Register Template.

Risk Definition: Effects of Uncertainty is called Risk. An effect has two properties, Positive and Negative.
Negative effects are also called Risk and Positive Effects are called Opportunity.

All the latest business standards like IATF 16949:2016, ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 are based on risk-based thinking. To comply with the standard requirement we have to identify the Risks and opportunities and need to do the mitigation plan for those that have the significant effects.

Risk Management Process:

  • Step-1 : Identification of Risks
  • Step-2 : Analysis of Risks
  • Step-3 : Evaluation of Risks
  • Step-4 : Treatment of Risk
  • Step-5 : Monitoring, Review, and Control
risk management
Identification of Risks:
Risk Related to ISO 9001:2015 and IATF 16949:2016:

During the identification of Risks, we shall consider the [1] Internal and external issues, [2] Needs and Expectations of Interested Parties, [3] Significant effects of QMS Intended Results like Significant Objectives, Process related Significant Effects, warranty, Field Failure, lacking of technology, Bossiness Competition, market value,  Shortage of Raw materials, outsource Process Effects to Organization, etc.

Apart from the above, we shall also include in its risk analysis at a minimum lessons learned from Product recalls, Product audits, Field Returns, and Repairs, Scrap and rework, etc.

Examples of Risks: High Warranty Percentage, Lack of Technology, High Scrap, High B/D, Less Selling Value, etc.

Identified risks are generally represented in the Risk register.

 Risk Related to ISO 14001:2015 and ISO 45001:2018:

While Identifying the risks related to ISO 14001, we have to consider the [1] Internal and external issues, [2] Needs and Expectations of Interested Parties, [3] Significant environmental Impacts [4] Compliance Obligations.

When determining the risks related to ISO 45001, we have to address the risk by accounting for [1] hazards [2] OHS risks, [3] Legal and other requirements, [4] Internal and external issues, [5] Needs and Expectations of Interested Parties.

Examples of Risks: High Noise, Water Pollution, Discharge of untreated Water, Solid Waste Spilled at the outside boundary of the factory, etc.

Analysis of Risks:

The main goal of Risk Analysis is to calculate the risk score/ rank and categorize the different types of Risk. In this method, we have to collect the data for the Probability and Impact score.

Example:

[1] High Noise at XYZ Area, let probability is 3 out of 10 scales and Impact is 5 out of 10 scales.

Risk Score = 15

51-100 High Risk
25-50 Medium Risk
<25 Low risk

In the above example, High noise falls under the Low Risk.

Evaluation of Risks:

The Organization will decide on the Significant Risks Cut-off Value. Let us decide here 51 to 100 is the Cut-off value, then we can surely say the above Risk [High noise] does not come under the Significant Risk.

Here we just need to evaluate the Risk whether significant or insignificant.

Treatment of the Risks:

A mitigation plan has to be taken to bring down the significant Score to an Insignificant Score

Monitoring, Review, and Control:

After the implementation of the Action plan, the Effectiveness of Risk needs to be done by regular monitoring of data. 

You Could also like to read these Articles:

More on Techiequality

Thank You for reading……. Keep visiting Techiequality.Com

Popular Post:

Add a Comment

Your email address will not be published. Required fields are marked *

error: Content is protected !!