Search
  • Norine Cruse

What is 'Risk Thinking' in the context of the updated ISO 9001: 20015 QMS & ISO 14001: 2


Risk-based thinking requires consideration and evaluation of risks and opportunities relative to the organisation’s context when planning and establishing processes, controls and improvements.

Specific areas within the standards that dictate risk thinking include:

Organisational context

Identify and evaluate the risks and opportunities associated with the context of the organisation’s objectives.

Examples risks and/or opportunities could be:

  • the business location/s in relation to the marketplace

  • regulatory compliance issues related to workplace and other stakeholders

  • productivity and equipment resources investment

  • public risk/liabilities for service industries

  • product liability for manufactured or imported goods

  • cost of being competitive

  • reliance on other parties or partnership arrangements

Evaluation of the risk/opportunity could include:

  • estimating the overall impact on the business

  • putting a measure against each item to quantify and prioritise

  • options for mitigation that would reduce risk

  • options for converting a risk to an opportunity.

Leadership

Management needs to understand and have a documented process in place for managing the risk-thinking concept. This needs to be addressed on an ongoing basis in order to contain risk and leverage opportunities. Although the ISO standards don’t require the risk assessment process to be documented, unless it is formalised and structured its effectiveness can be lost.

Planning

Plans need to be put in place to manage risk and opportunities. Such plans may be detailed or simple, depending on the nature of how they are intended to be addressed and who actually addresses them.

Operations

Wherever plans are in place there will need to be actions to enact such planning. These are operational policies, processes and various tools.

Performance measurement & evaluation

Risks and opportunities identified, planned, operationally delivered then need to be monitored, measured, analysed and evaluated for effectiveness.

Improvement

Continuous improvement should be based on risk thinking

How does technology support risk based thinking?

From a technical perspective, risk based tools are a simple solution.

Lucidity Software examples:

  • Risk Register

  • Centralised space and process driven software to identify, assess, plan, develop, monitor and measure risk controls.

  • Flexible tools that build in risk thinking

  • Build in risk assessment processes into electronic forms

  • Incident Reporting and Investigation software

  • Build risk assessment into investigation processes and assists in causal analysis


Contact

34 Fennell Street

Port Melbourne VIC 3207

info@luciditysoftware.com.au

 

+ 61 3 9686 3481

Privacy Policy

ISO 27001 Compliance

Information Security Policy

  • Facebook - Grey Circle
  • Twitter - Grey Circle
  • YouTube - Grey Circle
  • Instagram - Grey Circle
  • LinkedIn - Grey Circle

Lucidity Software

We're an Australian-based company that provides comprehensive WHS and OHS software solutions to businesses.

Lucidity Logo