Risky Business: Adopting Risk-based thinking

23 Jun, 2016

Why adopt Risk-based thinking?

Towards the end of 2015, the ISO 9001 and ISO 14001 standards saw fundamental upgrades to their management systems.

One of the biggest areas of focus was a change towards risk-based thinking. Taking a more pro-active stance on risk is now a big part towards complying to new versions of the standards.

It is not a new philosophy that businesses need to be aware of future opportunities and threats to their growth. Risk-based thinking analyses risk as a process approach, though this way of thinking is usually something that a good leader will do naturally.

Addressing risks and opportunities using risk-based thinking

The 2015 editions build risk into the management system, encouraging businesses to ask “what is the risk level in our processes, what are the risks to achieving our objectives, and producing quality products/services?”

The standards all require buy-in from top management and now require evidence that managers are involved in categorising and understanding risk.

Adopting risk-based thinking also means your business will be more proactive in terms of strategic planning and looking ahead.

But risk doesn’t always have to be negative.  Embracing risk-based thinking promotes a culture for continuous improvement and will further progress your management systems.

How can you evidence risk-based thinking?

While most companies will look at these risks automatically, ISO standards allow you to formalise this process and implement a structured approach to identifying risks.

Any threats need to be documented in both ISO 9001:2015 and ISO 14001:2015. An auditor will need to see evidence that you are identifying future risks to your business and prioritising them.

Using a document like our Risk-based Register will allow you to classify risks and look at the potential consequences. Using this method allows you to assess the probability of the risk occurring and then analyse the risk level.

Afterwards you should document what are you doing to best mitigate the risk through action planning. It is also good to see evidence that you are sharing risks with other parties in your supply chain.

If you have an ISO standard, risk-based thinking is most likely something you will already be striving to achieve. However, regardless of ISO, risk-based thinking is beneficial to helping your business achieve its objectives and analyse any threats to your ability to produce quality goods that meet your client’s needs.

ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.

Primarily working with clients throughout the whole of the UK and Ireland, ISO Quality Services Ltd also cover Europe and the UAE.

Do you want to get ahead of your competition? Win more tenders or save time and money on reoccurring issues? Contact us today!