After having followed and and also participated in the “ISO 9001:2015 Revision Discus
sion” on Linkedin, started by Sidney Vianna, I found it interesting to have a closer look at a particular issue
I started a new discussion in Linkedin named: “Shall it be a requirement to apply a process approach?” and this is what I learned from the consensus opinions. Continue reading
What exactly do we mean when we talk about prediction? Nobody ever seems to get it right. Does it have any relevance at all for management? The answer to that question is a resounding yes!
WHAT DO WE MEAN WHEN WE TALK ABOUT PREDICTION?
There is an ongoing discussion about the meaning we assign to the words “prediction” and “forecast” among economists and scientists. Their major concern seems to be our ability to “predict” extra-ordinary events. How do we define an extra-ordinary event? As it is extraordinary, we might assume that by its very nature it cannot be predicted. So why do we bother? Continue reading
In their book Billion Dollar Lessons, Carroll and Mui describe the most inexcusable business failures of the last twenty-five years. One of the failures, “Staying the Course” poses particular difficulties for Risk Analysts.
The difficulty is three fold. First, management believes if it stays the course everything will turn out fine. Absent any significant data to the contrary, it is difficult to change managerial, let alone, institutional inertia.
Second, identifying a viable alternative against which to evaluate the impact of staying the course may be difficult because often the costs and benefits are not clear until years afterwards.
Finally, clients and customers are often psychologically and materially locked into the current strategy. They, therefore, put pressure on the company and its board to stay the course. Continue reading
The US Federal government folks in the Computer Security Division (CSD) at National Institute of Standards and Technology (NIST) have been hard at work on the Cybersecurity Framework deliverables for the President’s February Executive Order 13636, on Improving Critical Infrastructure Cybersecurity. (see prior Insights post). NIST has created a web portal for the Framework at http://www.nist.gov/itl/cyberframework.cfm . The NIST CSD portal is http://csrc.nist.gov/. Continue reading
Warning: Misuse of tool may cause undesirable results!
Many organizations dislike ISO 9001, evidenced by the dwindling number of ISO 9001 certificates being issued in many parts of the world. Organizations commonly find ISO 9001 to be confusing and somewhat painful, while at the same time requiring odd documentation seemingly only understood by ISO 9001 consultants and quality auditors. Continue reading