Risk-based thinking is a central theme which is newly introduced in ISO 9001:2015. The authors of this standard intended to replace the old ‘Preventive Action’ clause from ISO 9001:2008 with this simpler and more practical feature. Their intent was not to include the entire gamut of Risk Management such as can be found in the ISO 31000 Risk Management Standard, but something that may be viewed as “Risk-Management-Light”.
Risk-based thinking means that you should be proactively engaged in thinking about the uncertainties that your organization faces, what effects these uncertainties may have on your organization and how they may affect your objectives.
Where Does ISO 31000 fit into the ISO 9001 picture?
While not required for ISO 9001 certification, the ISO 31000 standard provides principles, a framework and a detailed process for managing risk. Many of these components can prove useful to an organization beginning to use risk-based thinking which is required in the current ISO 9001 standard. There is a second commonality between the two standards called ‘establishing the context’ or ‘understanding the context’. This too, is required by the latest 9001 standard, Although it is only described briefly in ISO 9001, it is explained in far greater detail in ISO 31000.
To Learn More about how the ISO 31000 Risk Management Standard can be helpful in implementing the new 9001 requirements , visit ERM 31000 Training. and see an excellent descriptive video.