One of the key changes in the 2015 revision of ISO 9001 is to establish a systematic approach to risk, rather than treating it as a single component of a quality management system. In previous editions of ISO 9001, a clause on preventive action was separated from the whole. Now risk is considered and included throughout the standard. By taking a risk-based approach, an organization becomes proactive rather than purely reactive, preventing or reducing undesired effects and promoting continual improvement. Preventive action is automatic when a management system is risk-based.Risk-based thinking is something we all do automatically and often sub-consciously. for e.g if I wish to cross a road I look for traffic before I begin. I will not step in front of a moving car. The concept of risk has always been implicit in ISO 9001 – this revision makes it more explicit and builds it into the whole management system. The risk is considered from the beginning and throughout the standard, making preventive action part of strategic planning as well as operation and review. Risk-based thinking is already part of the process approach. For e.g to cross the road I may go directly or I may use a nearby footbridge. Which process I choose will be determined by considering the risks. Risk-based thinking makes preventive action part of the routine. Risk is often thought of only in the negative sense. Risk-based thinking can also help to identify opportunities. This can be considered to be the positive side of risk. Crossing the road directly gives me an opportunity to reach the other side quickly, but there is an increased risk of injury from moving cars. The risk of using a footbridge is that I may be delayed. The opportunity of using a footbridge is that there is less chance of being injured by a car.Opportunity is not always directly related to risk but it is always related to the objectives. By considering a situation it may be possible to identify opportunities to improve.The opportunities for improvement: a subway leading directly under the road, pedestrian traffic lights, or diverting the road so that the area has no traffic. It is necessary to analyse the opportunities and consider which can or should be acted on. Both the impact and the feasibility of taking an opportunity must be considered. Whatever action is taken will change the context and the risks and these must then be reconsidered.
The Main Objectives Of ISO 9001 to provide confidence in the organization’s ability to consistently provide customers with conforming goods and services and to enhance customer satisfaction. The concept of “risk” in the context of ISO 9001 relates to the uncertainty in achieving these objectives.