ISO9001
ISO14001
ISO45001
ISO22000
ISO27001
AS9100
OPEX
Leadership
Categories:   All Categories
Suggested keywords
x

ISO 9001 And Actions to Address Risk and Opportunities

Super User
Font size: +
5 minutes reading time (990 words)
12166 Hits
Risk-and-opportunities

As we have mentioned before  ISO 9001:2015 is very much focused on understanding the Risks in your Quality Management System and to your organisation and obviously how you will handle them. Clause 6.1 - Actions to address risk and opportunities is really focused on helping you do this, it's also got that keyword "SHALL" in the clause which means you must do it to meet the standard.

Building On Previous Work

Clause 6.1 of the ISO 9001:2015 standard is a change to the previous standard and it is actually quite a useful change to be fair, it's all about getting you thinking about how you handle the risks that you have previously identified. Now if you have just jumped in here and you haven't been following along then you will want to go back and read the 2 clauses that Clause 6.1 references these are:

Clause 4.1 - Understanding the organisation & it's context (Context of the Organisation)

Clause 4.2 - Understanding the needs & expectations of Interested Parties

From these you will hopefully have done yoru SWOT analysis or perhaps you did push the boat out and the the full on PESTLE Analysis, irrespective you now have a list of risks that you are aware of in the business that could have an impact on yoru Quality management System and now ISO 9001 wants you to take some actions on them. The easiest way of doing this is to take each of the sections in order (Strengths, Weaknesses, Opportunities & Threats) and review each of the elements. Remember that just because soemthing is a threat to you today it doens't mean you can't turn it to an opportunity and vice versa so do all of them and not just what you percieve as a threat. Have someone play devils advocate as well.

Your Choices

It's easy to forget you have a range of choices when dealing with risks or opportunities, it's never back and white and ISO wants you to consider things with respect to  the following 4 elements

  1. How you will give assurance that your Quality Management System will achieve it's intended results.. i.e. you will do what you say
  2. That "desirable effects" i.e. the upsides will be enhanced - so more of the good stuff (think Good to Great!)
  3. Prevent or reduce undesired effects - so less of the bad stuff
  4. Achieve improvement - yep.. it's PDCA time again!

 When you are thinking about risks around say threats think about these things:

  • How can you actually Eliminate what is causing the risk
  • Is it possible to Change the likelihood of the risk coming to pass or consequence/s that occur?
  • How can you just Avoid the risk altogether
  • Can you reduce it by Sharing the risk with perhaps a partner or client?
  • Accept that it's just a risk of business so make the decision to Retain the risk by informed decision
  • Just do it anyway - Yep knowing what you know about the risk do it anyway to pursue an opportunity

 When you are looking at the upsides and your opportunities think about these:

  • Can you Adopt new practices to get the benefit
  • Should you Launch new products to grow a market?
  • Perhaps you can Open new markets altogther
  • Perhaps you can attract new customers
  • Build partnerships to spread risks at the same time as opening opportunities
  • Use new technology to give you that advantage or save on costs

Planning Actions

 The second part of ISO 9001:2015 Clause 6.1 says that you shall (i.e. you must) to create a plan to address the risks & opportunities that you have identified , you must

  1. Integrate & implement the actions into your Quality Management System processes
  2. Evaluate the Effectiveness of these items
So while it doesn't explicitly state you need a documented format for this you would be pretty hard pressed to say you have done it without any evidence and actually why wouldn't you want to do this? There are a number of ways of doing it but I like the use of a risk analysis template which is easy to use, systematic and you can track. The idea of the risk template is that you review the risks and opportunities that you have identified as they are, before you do anything. Then identify the actions you will take to reduce or improve the number and then based on those steps re-evaluate it based on those steps being complete, has it reduced the risk or improve the opportunity? great, guess what, follow through on these things and you tick the box for complying with this requirement and you have an business improvement. 
You of course should review these as part of the ISO 9001 quality management reviews, you may review high risks every 3 months, mediums every 6 and lows every year for example but you should certainly plan for that.

Grab our Free Risk Analysis Template

We have created  a simple excel template that you can use to map out your analysis of your SWOT  quickly and methodically so you can both action what you need to but also clearly demonstrate the steps you have taken to keep the auditor happy as well!

SWOT Review

Sorry we need your name
Invalid Input - Sorry we need your last name here
Sorry Can you just check your email address as well
Please let us know your preference

Ready To Start Your ISO9001 Journey?

Make a booking now and find out how we can help you Make Things, Better
Book An Appointment

Ready To Start Your ISO9001 Journey?

Make a booking now and find out how we can help you Make Things, Better
Book An Appointment
Mango Logo

Simplify ISO9001 with Mango

Stop waisting time with multiple different systems, see how Mango can manage all of your ISO9001 requirements in one fully integrated solution.

Make a booking now to see how simple it is to integrate your systems, reduce paperwork, save time and be compliant.

Mango QHSE Compliance Software made simple
Reclaim your precious time
Make your demo booking

Copyright

© Many Caps Consulting Ltd | All Rights Reserved

Tags:
Virtual Quality Management QHSE System ISO 9001 ISO
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

5 Steps to Improve the Speed of Your Organisation
How To Have Your Crucial Conversation
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, 02 November 2025

By accepting you will be accessing a service provided by a third-party external to https://www.manycaps.com/

Subscribe to Our Newsletter

To Get Regular Updates on ISO | Lean | Free Resources
Sorry we need your name
Invalid Input - Sorry we need your last name here
Sorry Can you just check your email address as well

Latest Blog Post

We Support

Trees That Count
Special Childrens Xmas Party

Proud To Be

Canterbury Trusted
EcoOnline - Platinum Partner