Introduction to Risk Management.
Information & Training. | Risk Management.All activity creates risk. In all organizations it is important to understand the potential risks that can arise, and the potential impacts such risks can create for the organization. In large organizations many 1000’s of potential risks could be identified, even in small organizations the potential for a risk arising could generate 100’s of possibilities. Therefore in order to effectively manage all such risks, a process needs to be established which will:
i) Identify the potential risks.
ii) Identify the root causes associated with the risks.
iii) Identify potential actions to address.
iv) Ensure effective implementation of the identified actions.
v) Provide confirmation that the actions implemented were effective.
vi) Continually monitor identified risks and controls implemented.
vii) Continually check for new risks, or changing risks levels.
viii) Report on the level of risk inherent within the organization.
The focus of Risk Management.Where risks are identified, the focus needs to be on those risks which can result in the greatest impacts, i.e. risks with the highest potential severity. The potential severity associated with each potential risk identified will need to be assessed. Where the severity is relatively minor, then the level of monitoring and control need itself only be minor, where the severity is high / catastrophic, then the level of monitoring and control will need to be high. In this latter situation, significant efforts and resources may need to be applied to ensure the potential high level risks cannot ever arise. Note: No risk can be 100% eliminated, however, the controls implemented can be such so as to make the possibility of severe risks so unlikely, that effectively they are eliminated.
Risk as part of a Quality Assurance program:Customers will have expected product designers and manufacturers to have assessed product and process risks and have minimized (or eliminated) risks to an acceptable level, compared to the expected customer benefits.
Internally employees when performing daily tasks will expect any potential risks to have been identified and addressed.
People living in the local community will not tolerate risks which outweigh benefits to the community.
In fact, all stakeholders of an organization will expect risks to be addressed to an ALARP level (As Low As Reasonably Possible) so that the benefits to the organization and all its stakeholders outweigh the potential risks of an unforeseen event arising.
The risk management process will identify and prioritize risks. As a result of this prioritization, product and process changes will be implemented. Controls will then be established. All the steps in the risk management process will be performed in accordance with the quality management system.
There will be defined and documented risk management procedures. The steps to be followed to implement product and process revisions will again be defined, documented and performed in accordance with the quality management system.
On-going monitoring of the risk points will be a requirement of the quality system and will be reported upon as part of the quality system.
The effectiveness of the risk management process, in identifying, minimizing and addressing risks will be clearly seen via the output of the quality management system.
Information & Training.
- Risk Identification. Risk Evaluation. Risk Mitigation. Risk Control. Etc..
- Risk Processes. Risk Planning. Risk Reporting.
- Requirements. Standards. Current best practices.
- Information & Training presentation >>>