#94 – WHAT ARE THE CHALLENGES FOR CB’S TO CONDUCT RISK AUDITS? – GREG HUTCHINS

Posted on May 31, 2015 by greg

ISO 9001:2015 auditability is a key concern for all CB’s over the next five years. So, what does auditability really mean? It first starts with the quality of the risk auditors. Continue reading →

#93 – IS ISO 31000 AN ERM GUIDELINE? – GREG HUTCHINS

Posted on May 23, 2015 by greg

Maybe. But, not ERM as Enterprise Risk Management (ERM), but as ‘Enhanced Risk Management (ERM). So, what is ERM in ISO 31000?

ISO 31000 Annex A describes the ‘Attributes of Enhanced Risk Management,’ which is the ERM equivalent for ISO 31000. Continue reading →

#92 – ISO RISK ASSESSMENT TECHNIQUES – GREG HUTCHINS

Posted on May 13, 2015 by greg

Risk assessment tools can be used for quick assessments, supporting risk management, scenario analysis, function analysis, controls assessment, and statistical analyses. Risk assessments can be qualitative and/or quantitative. Continue reading →

#91 – DOES ISO 9001:2015 REQUIRE RISK MANAGEMENT? – GREG HUTCHINS

Posted on May 8, 2015 by greg

Does ISO 9001: 2015 require risk management?

No.

ISO says all that is needed to demonstrate ISO 9001:2015 compliance is a risk assessment?

But does ISO 9001:2015 imply risk management?

Yes, based on a careful read by our team of forensic risk engineers. See if the following makes sense:. Continue reading →

#90 – WHAT IS RISK BASED THINKING? – GREG HUTCHINS

Posted on April 26, 2015 by greg

RBT is a good to great concept for ISO. However, there are problems.

RBT as defined and described by ISO is difficult to operationalize or audit. How do you operationalize or audit Risk Based Thinking? What evidence, artifacts, or data is the auditor going to find based on someone’s thinking? So, how do you read someone’s thoughts? Not unless you have taken and passed Mind Reading 101 course, you can not audit Risk Based Thinking.

However, you can audit Risk Based Thinking artifacts. For this reason, we define RBT as:

Risk based, problem solving.
Risk based, decision making™

Why? Both of the above bullets are demonstrable, auditable, and offer verifiable evidence to a Certification Body of conformance.

Lesson Learned: RBT is a good concept that needs to be operationalized and be auditable based on 1. Risk based, problem solving and 2. Risk based, decision making.

Bio:

Greg Hutchins PE and CERM (503.233.101 & GregH@QualityPlusEngineering.com) is the founder of:

CERMAcademy.com
800Compete.com
QualityPlusEngineering.com
WorkingIt.com

He is the evangelist behind Future of Quality: Risk®. He is currently working on the Future of Work and machine learning projects.

He is a frequent speaker and expert on Supply Chain Risk Management and cyber security. His current books available on all platform are shown below:

CERM ® RISK INSIGHTS

Future of Quality: Risk™

Category Archives: ISO9001:2015@Risk™ – Greg Hutchins

#94 – WHAT ARE THE CHALLENGES FOR CB’S TO CONDUCT RISK AUDITS? – GREG HUTCHINS

#93 – IS ISO 31000 AN ERM GUIDELINE? – GREG HUTCHINS

#92 – ISO RISK ASSESSMENT TECHNIQUES – GREG HUTCHINS

#91 – DOES ISO 9001:2015 REQUIRE RISK MANAGEMENT? – GREG HUTCHINS

#90 – WHAT IS RISK BASED THINKING? – GREG HUTCHINS