Welcome to February 2016 edition of Carnival of Quality Management Articles and Blogs.

We commenced the familiarizing ourselves with the changes in the Revision of ISO 9001 (:2015) with the December, 2015 episode of our blog carnival. Then, in the January 2016 episode, we took up Process Approach in the 2015 revision of the standard, as our first topic.

Now, in this month’s episode we will look up as to how Risk-Based Thinking has been addressed in the 2015 revision of the standard.

We first take up the what the Standard itself states in Clause A.4, sub clause 0.3.3 of this concept –

Risk-based thinking is essential for achieving an effective quality management system. The concept of risk-based thinking has been implicit in previous editions of this International Standard including, for example, carrying out preventive action to eliminate potential nonconformities, analyzing any nonconformities that do occur, and taking action to prevent recurrence that is appropriate for the effects of the nonconformity.

To conform to the requirements of this International Standard, an organization needs to plan and implement actions to address risks and opportunities. Addressing both risks and opportunities establishes a basis for increasing the effectiveness of the quality management system, achieving improved results and preventing negative effects.

Opportunities can arise as a result of a situation favourable to achieving an intended result, for example, a set of circumstances that allow the organization to attract customers, develop new products and services, reduce waste or improve productivity. Actions to address opportunities can also include consideration of associated risks. Risk is the effect of uncertainty and any such uncertainty can have positive or negative effects. A positive deviation arising from a risk can provide an opportunity, but not all positive effects of risk result in opportunities.

Risk Management is the foundation of ISO 9001_2015

As its continuing initiative, to explain the new concepts in the revision of the Standard, ISO/TC 176/SC2 has presented on its site –

In the revised standard, ISO 9001: 2015,

  • in Clause 4.1 the organization is required to determine the risks which can affect its ability to meet these objectives
  • in Clause 1.2 top management are required to commit to ensuring Clause 4 is followed
  • in Clause 1 the organization is required to take action to identify risks and opportunities
  • Clause 8 – the organization is required to implement processes to address risk
  • Clause 1.3 and 9.3.2 the organization is required to monitor, measure, analyze and evaluate the risks and opportunities
  • In Clause 10 the organization is required to improve by responding to changes in risk

ISO 9001:2015 – Risk based thinking – Declan Cahill – Risk Based thinking is now present in so many standards….Examples include – ISO 14971, OHSAS 18001, ISO 14001 and ISO 31000. For most organizations, it is a mind-set that many are comfortable communicating and operating with on a daily basis.  By alignment with these standards, the ISO 9001 standard itself is being continually improved in order to minimize the work involved where requirements of various standards are integrated…..Where there are risks and the enterprise has put in actions or fixes to prevent or minimize the occurrence of these specific risks, every enterprise should be careful to consider how strong these fixes are and what these fixes are dependent on, i.e. human behavior, infrastructure & utilities.

Risk 4.1

“Risk Based” vs. “Threat Based” Thinking – Risk based thinking is entrenched in historical facts. It examines the past for clues to the future. Risk based thinking operates under the premise that if it has not happened in the past then it is not likely to happen in the future…..Threat based thinking is formed when it is understood that just because an event has not occurred in the past, that does not rule out the potential for it to occur in the future.

Risk - Lewis2005

A risk-based-thinking-model for ISO 9001: 2015 – Bob Deysher states that the concept of “risk” in the context of international standards relates to uncertainty in achieving the core objectives of the standards, viz. to provide confidence in the organizations’ consistent ability to provide customers with conforming goods and services and to enhance customer satisfaction. The risks and opportunities have to be identified in the context of the organization.

ISO 9001:2015 – Risk Based ThinkingOne of the key changes in the 2015 revision of ISO 9001 is to establish a systematic approach to risk, rather than treating it as a single component of a quality management system. Risk-based thinking is something we all do automatically and often sub-consciously. e.g. if I wish to cross a road I look for traffic before I begin. I will not step in front of a moving car. Risk-based thinking is already part of the process approach. e.g. to cross the road I may go directly or I may use a nearby footbridge. Which process I choose will be determined by considering the risks. Risk-based thinking makes preventive action part of the routine. Risk is often thought of only in the negative sense. Risk-based thinking can also help to identify opportunities. This can be considered to be the positive side of risk. Crossing the road directly gives me an opportunity to reach the other side quickly, but there is an increased risk of injury from moving cars. The risk of using a footbridge is that I may be delayed. The opportunity of using a footbridge is that there is less chance of being injured by a car. Opportunity is not always directly related to risk but it is always related to the objectives.

Risk-Based Thinking and ISO 9001:2015Chad Kymal and R. Dan Reid – Definitions of risk vary, even within documents published by the International Organizations for Standardization (ISO)… SO 9001 focuses on “risk-based thinking,” although it stops short of actual “risk management.”…. In ISO 9000:2015, “Quality management systems—Fundamentals and vocabulary,” risk is defined as the “effect of uncertainty.” Notes in the definition further describe risk as a “deviation from the expected,” either positive or negative. The term “uncertainty” is clarified as a lack of information or knowledge about an event that can be expressed in terms of consequences the likelihood of occurrence. Lastly, ISO 9000 states that risk is related to potential events, and that it’s typically expressed as a result of the likelihood and consequence of such an event…..Risk appears in the normative parts of ISO 9001 eight times, and risk-based thinking appears once. Risk and risk-based thinking appear many times more when we study the informative portions of the standard.

Here is a video of the Interview with Chad Kymal: Risk-based thinking and ISO 9001:2015,

Some more videos on the subject:

Corrective or Preventative Action – The new risk based methodology for ISO 9001:2015?

The Process Approach and Risk-Based Thinking – posted by T. D. Nelson – this webinar provides a more general education about the process approach and risk-based thinking as well as their implications for quality management system definition, documentation, and assessment.

We have far more material than what can be accommodated in one post. So we will continue our discussion on the subject of Risk Based Thinking in ISO 9001: 2015 in the March, 2016 episode as well.

We will now turn to our regular sections:

ASQ CEO, Bill Troy in his ASQ’s Influential Voice blog-column, in Changing Company Culture: December Round Up, takes up Luciana Paulise’s views about what determines organizational culture and how factors define a company’s culture and sums up the reflections of Influential Bloggers on how culture is changed within an entire organization in response of Luciana’s ideas.

He also presents a guest post, Evolving Quality to Enable and Support a Global Digital Organization by Prem Ranganath, who blogs @ The Art of Quality. In Prem Rangnath’s experience, the top three trends that shaping the future of quality in IT, based on current and emerging customer expectations are:

  1. Quality has a strategic role in enabling successful digitization and digital product management
  2. Focusing on a Minimum Acceptable Product (MAP) is important for Minimum Viable Products (MVP) to succeed
  1. Expectations for quality are increasingly focused on collective experiences

We now watch the latest ASQ TV episode:

Advice for Quality CareersIn this episode, learn why quality can benefit anyone’s job, how to develop qualifications employers seek in quality professionals, and see why salary trends are looking up for jobs in quality…

In the third year of ASQ TV, please take a moment to complete this brief survey. Your feedback is vital to the ASQ TV continuous improvement plan. Take the survey

Whilst on the subject of Quality as a career, tips for others in the field, and how Michael Jordan relates to the quality profession, read Jim Gem’s “13 Steps to Get Ahead”

In Jim L. Smith’s Jim’s Gems for the month of January, 2016, we have.

Jim's Gems

  • Four Thoughts about Selling Ideas – “In my work with quality professionals, I am constantly amazed at how many lament that their wonderful ideas did not see the light of day because ‘short-sighted’ management didn’t endorse them.”
  • Choose to Make This Year Great – To have the best year you’ve ever had, live each of the coming days as the best person you’ve ever been.
  • Think Positively, Then Do It! – To achieve your dreams and aspirations, choose to put your time and energies into living and working toward your highest intentions.

I look forward to your active participation in enriching the blog carnival as we pursue our journey in exploring the happenings across quality management blogs…………