Risk Based Thinking (and the ISO Standards)
The International Organization for Standardization (ISO) provides guidelines and procedures that ensure that products and materials perform and are created safely within the perimeters set up by the ISO. ISO Standards also list requirements for quality control, safety and environmental controls. The ISO standards set the optimal performance for everything from textiles to automobiles. It also sets quality controls. ISO Standard 9001 provides information, guidance and requirements for quality management systems.Preventative Action Stop Gap Measures
Preventative actions are those actions that address a weakness in the process or system before it malfunctions. These are often called “stop gap measures” because they rarely address risks as opportunities. Instead preventative actions are utilized to deter a negative response or head off a disastrous situation.Preventative actions can also be used to improve a product or service due to customer complaints or suggestions.Risk-Based thinking: Systematic approach to risk
In the recently enacted ISO Standard 9001:2015 the preventative action approach is only part of the solution to either embracing or avoiding risk. Risk-based thinking involves the whole company in managing risks effectively to achieve company objectives in quality control.
Timothy Lozier in his article, “What is Risk-Based Thinking?” describes that businesses need to first:
1. Identify the risks-These can be operational risks, material defects or workflow issues
2. List and categorize hazards-Evaluate potential risk factors
3. Formulate options to eliminate or avoid risks-Work on solutions
4. Document the process-Understand rules and instructions thoroughly
The systematic approach to risk often provides individuals with key opportunities to effect change and garners more support from the top tier of the organization. Top tier employees are quite often not involved in the preventative actions but dictate what must be done. This new systematic approach allows the free interaction between upper and lower management to improve customer service and create a better and more consistent customer experience.
What’s the difference-Preventative Actions vs Systematic Risk Planning?
The biggest difference is that information flows from top to bottom and back. This means that everyone in the company is equally involved in managing risk. There has been some resistance to this systematic approach to risk. Leaders are now required to allow their employees more autonomy in providing solutions and thinking “outside the box” about how to improve operations.
Leaders have the opportunity to get “hands-on” experience with all aspects of their company’s operations. Systematic risk planning often provides and empowers business owners with the tools they need to manage risk within their company. More importantly it allows for all employees to manage risk effectively.
President, Ledge Inc.
Adam is a Penn State engineer that has served as a Data Analyst and Engineer at St. Onge Company for 5 years, prior to establishing Ledge Inc. While maintaining a focus on simple solutions, Ledge Inc. has provided quality system implementation, process design, database development, quality tools, quality training, and data analysis to over 35 companies in South Central Pennsylvania and throughout the country. Adam currently serves as the sitting Chair for American Society for Quality Harrisburg Section 503 and as a member of the board for The Manufacturers’ Associations of South Central PA.