How Healthy (Robust) is Your Ability to Manage Risk? Thoughts on - - PowerPoint PPT Presentation
How Healthy (Robust) is Your Ability to Manage Risk? Thoughts on Risk Based Thinking Requirements in ISO 9001:2015 Presented at the March 17, 2016 ASQ Delaware Section Dinner Meeting Ron Makar (ASQ) CBA, CHA, CQA, CQE, CMQ/OE Principal
Ron Makar (ASQ) CBA, CHA, CQA, CQE, CMQ/OE Principal Consultant Innovative Quality Consulting, LLC +1 302.494.5978 ron@iQualityConsulting.com www.iQualityConsulting.com www.linkedin.com/in/ronmakar Presented at the March 17, 2016 ASQ Delaware Section Dinner Meeting
concepts related to risk
is it different from risk management and what are the requirements in ISO 9001:2015
up against your peers? Tonight’s Objective: To get you to think differently about how you deal with risk
Who among you:
working knowledge of)?
by RBT (vs. risk management)?
Devices, pharma., requiring the application of a risk management program?
Risk based thinking is something that you do inherently (and automatically) in everyday life
Harry Callahan (Dirty Harry) 1971
Risk based thinking is something that you do inherently (and automatically) in everyday life
Go You intuitively know the consequences by not following (probability of occurrence X severity of harm) Stop Slow
Harm
Physical injury or damage to the health of people, or damage to property or the environment
Hazard
Potential source of harm
Hazardous Situation
Circumstances in which people, property, or the environment are exposed to one or more hazard(s)
Risk
Combination of the probability of occurrence of harm and the severity of that harm
Source: BS EN 14971:2012 Medical devices – Application of risk management to medical devices
This is a photo of a single car accident caused by TWD (texting while driving) Harm: Damage to property, injury/death to people Hazard: Inattentive driving (source of harm) Hazardous Situation: The act of texting while driving Risk: Probability of having an “accident” Severity of harm potentially fatal
situation
against given risk criteria to determine acceptability of the risk
reduction/elimination measures to acceptable levels
control measures implemented
e.g. storage, transportation, maintenance
Risk Analysis Risk Evaluation Risk Control Residual Risk Analysis Post Production Review Risk Assessment Risk Management
Source: BS EN 14971:2012 Medical devices – Application of risk management to medical devices
Potential hazards that can result in harm Probability of
http://www.murphys-laws.com/murphy/murphy-true.html Murphy’s Law: Risk oriented (occurrence vs. severity)
Bad Risk & Good Risk Negative Risk (think: Threats)
The likelihood that an unwanted outcome will occur resulting in negative consequences
Positive Risk (think: Opportunities)
The likelihood that a desired outcome will occur resulting in positive consequences
Enhance clarity and compatibility with other management system standards.
management system
whole system
terms
strategy of the organization
ISO 9001:2008 (and earlier) We tended to see how our organizations “fit” into the requirements of the standard. ISO 9001:2015 You are required to think more about your
perspective
Effect of uncertainty
Source: ASQ/ANSI/ISO 9000:2015 Quality management systems – Fundamentals and vocabulary
ISO 9001:2008 (and earlier)
ISO 9001:2015
rather than reactive in preventing or reducing undesired effects through early identification and action
management system is risk-based
We Know That:
enterprise level
functions RBT ensures that risks are identified, considered and controlled throughout the product development process
More Thoughts:
thinking about things that can go wrong (or right) every day!
risks and improves preparedness
Do What You Say – Say What You Do
By considering risk throughout the system and all processes, the likelihood of achieving desired
disciplined, structured, formal approach)
9001:2015
“prevention” separately
with context and objectives
processes or QMS to deviate from planned results
negative effects and maximize opportunities
Clause 4: QMS and its processes The organization is required to determine its QMS processes and to address opportunities Clause 5: Leadership and its commitment
approach and RBT
Clause 6: Actions to address risks and
The organization is required to plan and implement appropriate actions to address risks and opportunities and evaluate their effectiveness Clause 7: Resources The organization is required to determine and provide necessary resources
Clause 8: Management of operational processes The organization is required to manage its
Clause 9: Monitor, Measure, Analyze and Evaluate The organization is required to monitor, measure, analyze and evaluate the effectiveness of actions taken to address risks and opportunities
Clause 10: Nonconformity and corrective actions The organization is required to correct, prevent
nonconformities, customer complaints) and improve the QMS and updated risks and
Considerations
Use Process Approach Inputs Transformation Desired Outcomes
Considerations (continued):
can now identify
that can potentially prevent you from meeting
and what is unacceptable
You need to:
interested parties
Clause 3.2.2 Context of the organization Combination of internal and external issues that can have an effect on an organization’s approach to developing and achieving its
Interested Parties Clause 3.2.3 Interested party Stakeholder; person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity Examples: Customers, end users, partners, employees, suppliers, regulators, governments
Knowledge (e.g. capital, people, processes, technologies)
business objectives
Internal Issues: Examples
marketplace
company image
External Issues: Examples
Defining the Context (Step by Step)
their measureable requirements
review There is no prescribed method in ISO 9001:2015 for determining “context of the
Consider how to establish as a habit Build it into the culture
Process Model with Feedback
Transformation
Inputs
Inputs Outputs
Material Equipment Measurement People Environment Method Desired Undesired
Feedback (Action)
Monitor & Measure
Consider application of process model for internal & external issues
Plan – Do – Check – Act (PDCA)
Consider application of process model for internal & external issues
to Minimize/Reduce Risks
Review vs. Objectives
Limits
Act Plan Do Check
SWOT:
Potential factors that make a firm more competitive than its direct competitors;
Both potential limitations and defects ingrained in an organization and/or weak factors relative to direct competitors;
Future factors that allow the organization to improve its relative competitive position;
Future factors that reduce the firm's relative competitive position.
(context) where there are opportunities to apply RBT
integration of RBT in your systems so it is built-in and not thought of as an added activity?
that is relevant to you?
Hopefully, now you will have an understanding
risk in all aspects of your Quality/Business Management System
and deal with hazards and risk
you to think more about what is important
# Source/Reference
1 International Organization for Standardization BIBC II, Chemin de Blandonnet 8 , CP 401, 1214 Vernier, Geneva , Switzerland Tel: +41 22 749 01 11, Web: www.iso.org Implementation Guidance for ISO 9001:2015 2 ASQ/ANSI/ISO 9000:2015 Quality management systems – Fundamentals and vocabulary 3 Understanding the Risk-Based Thinking Requirements of ISO 98001:2015 Paton Professional Webinar – January 22, 2015 4 Presentation: Defining the Context, Author: George Hummel Int’l Conference on Quality Standards 2015 5 ISO 9001:2015 In Plain English, Patton Professional 2015 Author: Craig Cochran 6 ASQ/ANSI/ISO 9001:2015 Quality management systems - Requirements