Professional Documents
Culture Documents
June 2015
Center for Quality, Faculty of Engineering, University of Kragujevac
Sawomir Wawak1)
1) Cracow University of
Economics, Poland
1. INTRODUCTION
ISO 9001 standard introduces new approach to preventive actions and continual
improvement. Risk management is intended to
be more integrated with QMS than former
process and to supply range of new methods
that accelerate improvement in the company.
The aim of the paper is to discuss the
changes related to preventive actions in the new
standard and their rationale, describe the impact
on the enterprises and show necessary changes
in quality management systems.
The publication was financed from the resources allocated to the Management Faculty of
Cracow University of Economics, under the
grant for the maintenance of the research potential.
Context determination,
S. Wawak
o Risk identification,
o Risk analysis,
o Risk evaluation,
Risk treatment,
identify hazards,
assess hazards,
implement controls,
supervise.
When the time is critical, even shorter
methodology can be used [3]:
do and debrief.
In case of improvement planning in quality
management systems, the full process should be
used if possible, as it enables finding best solutions.
Two main indicators of risk level are probability of occurrence and consequences of the
event. Probability can be determined qualitatively or quantitatively. In case of mass production or frequent occurrence of analyzed phenomena it is possible to assess probability
based on figures. However in most cases this
method can lead to wrong interpretation due to
limitation of the analysis to numerical data
only. The good example is flood caused by high
rainfall. Statisticians can determine probability
of such disaster based on data from previous
years, however they are unable to predict climate changes in future. Therefore risk analysis
should not be limited only to figures that are
readily available. Quantitative estimation refers
to understanding of situation and descriptive
determination of probability level. This method
is less precise and is less resistant to bias.
costs,
durability,
politics,
social responsibility,
financial impact,
organization integrity,
employees,
environment,
regulations,
reputation.
They are usually evaluated on 5-level scale
of impact, where first level means almost no
effect, and fifth catastrophic results. The
product of probability and consequences gives
composite risk index, which can be used to rank
the risks.
CRIi Pi Ci ,
where:
CRIi composite risk index,
Pi probability of risk i,
Ci aggregated consequences of risk i.
Organization trying to mitigate risk, should
implement solutions that will reduce consequences or probability. There are several ways
to achieve this:
reduction organization changes its processes in such a way that consequences are
minimized,
risk rankings,
CPI analysis,
risk maps,
gain/loss curves,
risk adjustment,
statistical methods,
financial methods,
brainstorming,
interviews,
self-assessment,
facilitated workshops,
SWOT analysis,
PEST analysis,
scenario analysis.
S. Wawak
assets identification,
identification of threats,
identification of vulnerabilities,
will add much work to managers and will create unnecessary bureaucracy.
S. Wawak
The risk management process should consider risks as well as opportunities, which stem
from internal and external context of the organization and requirements of interested parties.
The aim is to assure achievement of intended
results, prevent or reduce undesired effects and
achieve continual improvement. The key part of
the process is risk assessment, which includes
identification, analysis and evaluation. All risks
and opportunities should be assessed to determine their impact on the organization and its
products. According to specificity of the factors, organization should apply the treatment. It
can include i.e.: refusing to carry out the activity, taking opportunity, removing risk source,
sharing risk. Each action should be proportionate to the potential impact on the conformity of
products and services. Organization should be
able to explain why certain amount of resources
was assigned to risk management actions.
Organization should evaluate the effectiveness of the planned actions. The evaluation
should compare objectives with results. The
standard doesn't require evaluation of economics of those actions unless it is clearly stated in
the objectives.
The risk management process in medium
and large companies should be decentralized, as
the standard requires integration on the level of
quality management system processes. Centralized process can significantly increase bureaucracy and managers' work load. Decentralization, however, requires more training. Only
establishing context and monitoring activities
should be centralized and managed by quality
manager (top management representative). In
small companies risk management process can
be centralized and limited to top management.
The new requirements entail both benefits
and costs to the organizations. Top management receives tool for prevention and continual
improvement that can do its job. It can be much
more effective than preventive actions when
properly implemented. Requirement to evaluate
the effectiveness of the risk management actions will deliver information about improvement and economical effects. This can encourage top management to extend risk management process and invest in improvements.
Finally it can lead to better quality management
system. The costs are related to required changes and designing and implementation of the
new process. At least all the managers should
be trained in risk management process which is
related to further costs. The big change is required in approach to continual improvement,
6. CONCLUSION
The new requirements of ISO 9001 standard are important changes, however they won't
revolutionize the system. The old preventive
actions didn't worked well because the methodology related to them never was developed
enough. The risk management has own developed methodology which is ready to use.
REFERENCES:
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
Acknowledgment: The publication was financed from the resources allocated to the Management Faculty
of Cracow University of Economics, under the grant for the maintenance of the research potential.
10
S. Wawak