It is understood asRisk Management, the set of coordinated activities to direct and control an organization with respect to the risk or effect of uncertainty, in the execution of the objectives defined by an organization.
Although the formal definition of risk management reports to the duality of the effects of risk (whether negative or positive), on a day-to-day basis, the most common concern is to avoid or minimize the potential negative consequences. However, risks can be seen as opportunities when situations, conjunctures or circumstances arise that become favorable for an organization.
Risk Management according to ISO 9001:2015
The risks and opportunities associated with the intended results of the Quality Management System are those that influence the ability to provide compliant products and services and increase customer satisfaction.
The risks and opportunities to be determined and addressed are those that:
a) May affect the ability to achieve the results intended by the Quality Management System;
b) They potentiate desirable effects;
c) They have the potential to cause unwanted effects and must be prevented or reduced;
d) Allow for improvements;
- Prioritize the activities and processes of the quality management system according to their potential impact on the intended results and take advantage of the opportunities presented to organizations.
- According to 9001:2015, the organization is required to determine the Risks and Opportunities considering the information resulting from the analysis of the organization, its context, the needs and expectations of the interested parties.
- The Standard does not mention the need for the organization to develop formal risk management methods or a documented risk management process.
Ambidata® software has a specific area for Risk Management (QMS - Quality Management System), the system being dynamic and capable of enhancing the organization's continuous improvement.
• Definition of the Risk Assessment Matrix
• Definition of the Opportunity Matrix
• Qualitative Classification of the Level of Risk and Opportunities
• Risk identification
• Risk analysis
• Risk assessment
• Risk treatment
• Preparation and implementation of risk treatment plans
• Monitoring and Review