ISO 9001:2015 Clause 6.1 is titled "Actions to Address Risks and Opportunities." This clause emphasizes the need for organizations to proactively identify and address risks and opportunities that could affect the conformity of products and services and the performance of the quality management system.
Here's what Clause 6.1 means
This clause encourages a proactive approach to risk management and opportunity realization, as it is essential for achieving the desired quality outcomes and ensuring the effectiveness of the quality management system.
Risks and Opportunities
Risk can be managed in a number of ways, such as avoiding it altogether, taking it on in order to seize an opportunity, removing the source of the risk, altering the likelihood or consequences, sharing the risk, or keeping it by making an educated choice.
Opportunities can result in the adoption of novel procedures, the introduction of novel goods, the creation of fresh markets, the interaction with novel clients, the formation of alliances, the application of novel technologies, and other appealing and feasible options to meet the demands of the company or its clients.
Actions to Address Risks and Opportunities
Key points within Clause 6.1 include:
Understanding the Organization and Its Context: In ISO 9001 Clause 4.1 organizations must understand their internal and external context, including the needs and expectations of relevant interested parties, to identify potential risks and opportunities.
Understanding the Needs and Expectations of Interested Parties: ISO 9001 Clause 4.2 a company must identify the needs and expectations of customers, suppliers, regulatory bodies, and other stakeholders, which is used in recognizing both risks and opportunities.
Risk-Based Thinking: Organizations should adopt a risk-based thinking approach throughout the quality management system. This involves considering potential risks at all levels and in all processes.
Integration with QMS Processes: Identifying risks and opportunities should be integrated into various QMS processes (identified in ISO 9001 clause 4.4.1), including planning, setting quality objectives, and conducting management reviews.
Proportional Response: Organizations should determine the actions needed to address risks and opportunities. These actions should be proportionate to the potential impact on the conformity of products and services and the effectiveness of the QMS.
Monitoring and Review: Organizations should continually monitor and review the effectiveness of actions taken to address risks and opportunities and make adjustments as necessary.
Integration with Improvement Processes: The actions to address risks and opportunities should be integrated with processes for continual improvement to enhance the organization's ability to prevent or reduce undesired effects and promote continual improvement.
Evaluate the Effectiveness of Actions Taken: Organizations should assess the impact and outcomes of the actions implemented to address risks, opportunities, and quality objectives within its quality management system (QMS). In the context of risk, the assessment often includes a change in the probability (risk is synonymous with probability of occurrence).
Example of ISO 9001:2015 Clause 6.1
Implemented within a fictional manufacturing company: XYZ Manufacturing Company - Actions to Address Risks and Opportunities
Understanding the Organization and Its Context
The company conducts a comprehensive analysis of its internal and external context. This includes identifying internal strengths and weaknesses and external opportunities and threats.
The company recognizes that a changing regulatory environment presents both risks (potential non-compliance) and opportunities (new market segments).
Understanding the Needs and Expectations of Interested Parties
The company regularly engages with customers through surveys and feedback to understand their changing needs and expectations.
The company tracks changes in industry standards and regulatory requirements to stay ahead of potential compliance risks and identify new market opportunities.
During the product design phase, the company conducts Failure Mode and Effects Analysis (FMEA) to identify and mitigate potential risks in the design and manufacturing processes.
In the supply chain, the company uses risk-based criteria to evaluate and select suppliers, considering factors like financial stability, quality performance, and geopolitical stability.
Integration with QMS Processes
Risk assessments are integrated into the process of setting quality objectives. For example, if the risk assessment identifies a potential issue in meeting a specific quality target, corrective actions are defined to address it.
Risks and opportunities are discussed during management review meetings, and actions are assigned to relevant personnel or departments to address them.
For a high-risk product launch, the company conducts rigorous testing and validation procedures to minimize the risk of defects reaching customers.
For lower-risk routine production processes, monitoring and sampling procedures are in place to ensure compliance.
Monitoring and Review
The company regularly reviews the effectiveness of actions taken to address identified risks and opportunities, especially during management review meetings.
If a risk materializes or an opportunity is missed, corrective actions are initiated to prevent recurrence.
Integration with Improvement Processes
Risks and opportunities are linked to the corrective and preventive action process, ensuring that the organization learns from experiences and continually improves.
The company sees a process deviation as an opportunity for process improvement and uses it as a trigger to initiate actions for process optimization.
This example demonstrates how a manufacturing company incorporates ISO 9001:2015 Clause 6.1 into its quality management system, addressing both risks and opportunities to enhance product quality and organizational performance.
ISO 9001:2015 Clause 6.1 Actions to Address Risks and Opportunities
In essence, ISO 9001:2015 Clause 6.1 encourages organizations to take a proactive approach to identifying and addressing risks and opportunities throughout their quality management system. This approach helps in preventing quality issues and taking advantage of opportunities for improvement.