#57 – USING ISO 31000 WITH ISO 9001:2015 – GREG HUTCHINS

Greg Hutchins pixISO 31000 risk management principles and guidelines are the preferred standard to use with ISO 9001:2015.  ISO 31000 is ERM light.  We advocate the use of ISO 31000 with ISO 9001:2015 for smaller organizations because it:

  • Is a risk management framework.  ISO 31000 has all the critical elements of a framework, including a focus on culture, risk philosophy, risk definitions, common risk approach, common risk processes, defined roles and responsibilities, importance of accountability, risk competencies, risk appetite, and risk tolerance of the organization.
  • Follows a PDCA framework that can be applied to any ISO management system standard.
  • Offers the option of a simple risk management or enhanced risk management program.  Both are useful depending on the certified  organization’s maturity and capability.
  • Follows an enterprise wide approach to risk management considering the potential impact of risks on critical management systems, processes, stakeholders, product development, outcomes,  products, and services.
  • Addresses the upside (opportunity risk) as well as the downside (consequence risk).
  • Is harmonized with other ERM standards.
  • Follows the achievement of business objectives approach based upon the risk appetite of organization.
  • Focuses on risk – controls as well as other risk treatment options and  mitigations.
  • Allows an organization to identify, prioritize, and control significant risks.
  • Is a process that is based on by a set of unified principles.
  • Is supported by a structure that is appropriate to the context of the organization, external environment, and internal environment.
  • Is supported by risk taxonomy and risk vocabulary that is appropriate to the organization.
  • Explains risk management and its application should be proportionate to the level of acceptable risk for the organization.
  • Emphasizes the objective of risk management is to ensure stakeholder and customer satisfaction.

Bio:

Greg Hutchins PE and CERM (503.233.101 & GregH@QualityPlusEngineering.com)  is the founder of:

CERMAcademy.com
800Compete.com
QualityPlusEngineering.com

WorkingIt.com

He is the evangelist behind Future of Quality: Risk®.  He is currently working on the Future of Work and machine learning projects.

He is a frequent speaker and expert on Supply Chain Risk Management and cyber security.  His current books available on all platform are shown below:

Leave a Reply

Your email address will not be published. Required fields are marked *