Addressing risk and opportunities
After highlighting the external and internal issues and the requirements of interested parties in ‘Context of organization’, your organisation now needs to address the risks and opportunities it may face.
Planning plays an integral role when addressing risks and opportunities and will focus on how your organisation can prevent, or reduce undesired effects, making sure your organisation still achieves its set objectives.
Don’t forget the need to look at the positive aspect or opportunities for the business and how to optimise them.
Through determining the risks and opportunities which need to be addressed, actions can be taken and then your organisation should evaluate the effectiveness of these actions. Ultimately, this should reduce the need for corrective action at a later date.
The risks and opportunities identiﬁed will lead to setting quality objectives, which have been made more detailed in the 2015 standard. Your organisation should set quality objectives that are established for processes that are relevant to your quality management system.
The quality objectives must be consistent with your organisation’s quality policy and be in line with the products and services you provide. They should be measured and monitored in order to determine whether the requirements of interested parties are being met. They should also be communicated throughout your organisation and updated when appropriate.
This clause puts a greater emphasis on your organisation’s quality planning which is integral to your business. You must undertake planning in order to determine how your organisation’s quality objectives will be achieved.
Planning for change
ISO 9001:2015 has evolved to enable organisations to adapt to changing environments or circumstances, which relate directly to your external and internal issues.
When your organisation decides there is a need to change, changes must be planned and then acted upon and should include a review of the risks in relation to these changes.
You must be clear as to what it is you are attempting your organisation to achieve.
Key change from ISO 9001:2008
With the 2015 standard evolving, the main difference is how organisations include change into their quality management system and how they approach change management.
Planning brings risk to the forefront by establishing the review of risk as a process for reducing, eliminating or controlling potential issues (possibly those previously outlined in the identiﬁcation of your organisation’s external and internal issues). There is also a stronger focus on planning to achieve performance objectives.
Read Next: ISO 9001 Requirements - Support