Category Archives: iso9001:2015

Risk assessment done, now what?

Risk analysis has become a vital exercise for a lot of international standards. A large majority of certified companies are required to have a  risk assessment methodology and should be aware of the risks within their company and operations. Some companies have been creating this analysis with a lot of passion using all the knowledge they have. However, a lot of companies just perform the analysis for the certification and simply check it yearly or twice a year during an audit or management review. So how is it possible to make sure risks are really embedded in the company culture?

Risk Treatment Plan

A good way to start is by creating a Risk Treatment Plan. The purpose of a Risk Treatment Plan is to define exactly who is going to do what. You can also call this document an ‘Implementation Plan’ or ‘Action Plan’. It is crucial to get your management approval on the plan because it will take considerable time and effort (and money) to implement all of the actions. Furthermore, management approval also gives you the mandate to ensure things happen. Make sure you have clearly defined tasks for people to perform.

Issues

Next to the Plan, a great way to make the risk assessment more dynamic is by embedding it into the issue management or CAPA. When an issue has occurred, check the risk analysis and see if there is something mentioned about this specific issue. The issue could be a minor problem or a major problem, either way it is best to check the risk assessment. When the issue has some serious impact on the company, modify the risk assessment and add the risk. This way the company is able to use the risk analysis as a dynamic document that holds valuable lessons learned of the company.

Big Changes

When big changes happen within the company, you can use the risk assessment as guidance. Yes, companies should take risks to strive for a better future. But companies should make sure they take calculated risks. By embedding these big changes within the company’s risk assessment, the top management has a feeling of what could go wrong if no precautions are taken. This way, the top management can plan and prepare for the big change and manage it much better. The role of the quality manager is to ask the right questions for management.

Working environment

A big part of the risk assessment includes risks in the workplace. Of course the most obvious ones are included such as the risks with lifting machines and the other heavy-duty machinery, but the less obvious are the ones that can cause danger. The big risk comes when a routine of the work activity kicks in. When people are doing the same job every day and completely understand how to do it, less care is taken and something can be out of place. That is when the danger starts. Make sure that the employees that perform inherited dangerous tasks always perform a quick Risk assessment before they start to prevent any problems from happening. Having people sick at home is a great risk in and of itself. Next to the physical risks, psychological risks shouldn’t be neglected. The psychological risks of the stress heavy jobs should be monitored on a regular basis also.

Published by:

How to handle objectives in your management system.

Objectives are pretty vital to the Management System. With objectives you can measure how the company is doing against a benchmark set by the company itself. Of course the company can do much better or worse. But, setting clear objectives is crucial in creating this benchmark. In line with the objectives are of course the KPI’s which you should setup and track.

How to come up with objectives

Most of you have probably been on this trajectory. Goals come back every year and you try to rephrase them every time to make them look new. Especially for companies with low environmental impact, limited risks to employees, or excellent customer satisfaction, creating new objectives can be hard. Where do you find new inspiration?

Look at other companies/competitors for objectives. A lot of companies place some management system related documents open on the web as part of their CSR program. You can find quite some potential KPI’s in these documents.

Look closely at your organization and try to pinpoint the crucial mistakes that are made. Set goals to goals these parts of the organization.

Last but not least, don’t make it too hard on yourself. Often you think too hard and too deep and you just can’t think of anything at all. The longer you have to think about an objective, the more you will get stuck. Just answer a simple question: what do you want to achieve at the end of the year(s)?

SMART

Make sure your objectives are described SMART in order to manage them.

  • Specific – target a specific area for improvement.
  • Measurable – quantify or at least suggest an indicator of progress.
  • Assignable – specify who will do it.
  • Realistic – state what results can realistically be achieved, given available resources.
  • Time-related – specify when the result(s) can be achieved.

A clear description of the objectives is important in order to manage each objective. Also the assignability part is very important. When multiple people are responsible for an action, it can end up where nobody takes responsibility to complete the task and start to point towards each other.

Managing objectives

Try to not make the objectives an annual exercise. More often than not the data is just gathered at the end of the year and benchmarked against the goals. Please don’t apply this type of strategy. In order to really take advantage of goals you should manage them properly. This can be done by checking progress on a regular basis, every month for example. In order to set a good interval you should check the impact and the volatility of the data. For example, profits and revenues are measured on a monthly basis so calculating indicators based on this data on a daily basis isn’t very helpful.

Published by:

stakeholder analysis: ISO9001-2015

With the new ISO9001:2015 the stakeholder analysis has got a much more prominent position in the Quality management system. Of course, every company knows their most important stakeholders. However, not every stakeholder is always well understood or taken into consideration when major decisions are taken. A good stakeholder analysis gives the company an up to date list of all stakeholders and how to manage them.

Identify stakeholder

Identifying the most important stakeholders isn’t all that hard. Most companies have stakeholders like:

  • Customers
  • Suppliers
  • Employees
  • Government
  • Neighbors
  • Competitors
  • etc.

The list can get quite long depending on how specific you get.

Classification of stakeholders

The analysis becomes slightly harder when companies start to classify or order these stakeholders. It is important to give every stakeholder a type of ranking depending on how big the influence on the company is. Yes, customers are among the most important stakeholders but for example, what about the government? Companies that have a big impact on the environment have a different relationship with the government compared to a trading company. It is important to find out which stakeholders are most important. You can ask a question like “How easy is it for this stakeholder to close the doors of the company?”

Action plan

When the stakeholders are identified and classified, an action plan needs to be created on how to manage the different kind of stakeholders. The plan should include ways how the company will inform the stakeholders and regarding which activities every stakeholder is informed of. This can be structured in a communication plan, or very easily and straight forward in the analysis document. When some concrete actions need to be taken, make sure you always assign one single person as the owner of the task. This prevents people from pointing to each other when nothing is happening.

Published by: