Document No.

: GSCWD-QP-ISO-001
Risk Management Revision Level : Ø
Procedure Page : Page 2 of 7

1.0 OBJECTIVE
This document aims to define the processes involved in identifying Risks and Opportunities on the Quality
Management System of GENERAL SANTOS CITY WATER DISTRICT as required by ISO 9001:2015.

2.0 SCOPE
This document covers the processes of identifying, analyzing, evaluating and monitoring of risks and
opportunities for QMS of GENERAL SANTOS CITY WATER DISTRICT.

3.0 DEFINITION OF TERMS

3.1 Risk – is often characterized by reference to potential events and consequences, or a
combination of these.
3.2 Significant Risk – Risks with an overall rating of 12 and above.
3.3 Risk Tolerance – Level of Risk that is considered acceptable.
3.4 SWOT – Strength, Weaknesses, Opportunities and Threats.
3.5 SWOT Analysis – a tool used to analyze the organization’s Strength, Weaknesses, Opportunities
and Threats.
3.6 Risk and Opportunities – Potential adverse effects (threats) and potential beneficial effects
(opportunities).

4.0 REFERENCE DOCUMENTS

4.1 Management Review Procedure
4.2 Corrective Action Procedure
4.3 Control of Nonconforming Services Procedure

5.0 RESPONSIBILITY AND AUTHORITY

5.1 Concerned Department / Division shall be responsible for:
5.1.1 Identifying, analyzing and evaluating risks and opportunities of their respective
departments.
5.1.2 Determining the need to take action to address risks and opportunities.
5.1.3 Determine, implement and monitor the implementation of actions to address risks and
opportunities.
5.2 Department / Division Heads shall be responsible for:
5.2.1 Reviewing the departments’ Risks and Opportunities.
5.2.2 Determining resources needed associated with the actions necessary to address the Risks
and Opportunities.
5.3 Top Management shall be responsible for:
5.3.1 Approving actions and resources necessary to address the risks and opportunities.
5.3.2 Ensuring that status of risks and opportunities are reported during the scheduled
Management Review.
5.4 The ISO Facilitator shall be responsible to ensure that action plans to address risks and
opportunities are integrated on the Organization’s QMS.

Registration Mark: Distribution Mark: This document is updated and controlled if it bears the red “CONTROLLED
COPY” stamp. Otherwise, please refer to the Document Control Center (DCC)
for your updated copy.
 Document No. : GSCWD-QP-ISO-001
Risk Management Revision Level : Ø
Procedure Page : Page 3 of 7

6.0 PROCEDURE DETAILS

6.1 Communication and Consultation

Process Flow In-charge Process Description Records

Start

Shall determine internal and external

stakeholders which will be consulted all
Top throughout the risk management process.
Management & SWOT Analysis
General Note: The concerned department shall Form
Determine
Manager constantly communicate and consult with the
Internal and
stakeholders during the course of performing
External Issues
risk management.
Shall determine the internal and external issues
Top relevant to the organizations strategic
Management directions.
SWOT Analysis
and
Note: SWOT analysis shall be used in Form
Department /
Division Heads determining the internal and external issues.

Top
Identification of Shall determine the Needs and Expectation of Needs and
Management
Needs and the Interested Parties that might affect the Expectation of
and
production and service provision. Interested
Expectations Department /
Parties Form
Division Heads

Registration Mark: Distribution Mark: This document is updated and controlled if it bears the red “CONTROLLED
COPY” stamp. Otherwise, please refer to the Document Control Center (DCC)
for your updated copy.
 Document No. : GSCWD-QP-ISO-001
Risk Management Revision Level : Ø
Procedure Page : Page 4 of 7

Shall determine the strategic option of the

organization based on the following guidelines
and the result of the SWOT analysis:
 Strength – Opportunities: Ask the
question, How can strengths be
employed to take advantage of the
Opportunities?
 Strength – Threats: Ask the question,
how can strength be used to counteract
Determining Top threats that tend to hinder the
Strategic Options Management attainment of objectives and the SWOT Analysis
and exploitation of Opportunities? Form
Department /  Weakness – Opportunities: Ask the
Division Heads question, How can weaknesses be
overcome to take advantage of or
exploit the opportunities?
 Weaknesses – Threats: Ask the
question, How can weaknesses be
overcome to counteract threats that
tend to hinder the attainment of the
objectives and exploitation of
opportunities?
Shall determine the risks and opportunities
relevant to the internal and external issues Risk Assessment
Determine Risk (context of the organization) and the Needs and Registry Form
Concerned
and Opportunities Department / Expectation of the Interested Parties using Risk
Division Registry Form for the assessment of risk and Opportunities
Opportunities Action Plan for all identified Action Plan
opportunities.
Shall consider the following in determining risks
and opportunities: Risk Assessment
Determine Risk Concerned  Analysis of Internal and External Issues Registry Form
and Opportunities Department /  Strategic direction of the organization
Division (Context of the Organization) Opportunities
 Needs and Expectations of interested Action Plan
parties

Registration Mark: Distribution Mark: This document is updated and controlled if it bears the red “CONTROLLED
COPY” stamp. Otherwise, please refer to the Document Control Center (DCC)
for your updated copy.
 Document No. : GSCWD-QP-ISO-001
Risk Management Revision Level : Ø
Procedure Page : Page 5 of 7

Shall assess the risks according to the following

risk criteria:
 Likelihood (Probability of Occurrence)
 Severity
 Impact to Water Service Quality
 Impact to Operation
 Impact to Reputation
Assessment of
Risk Concerned Note: Refer to Table 1 for the Risk Evaluation Risk Assessment
Department / Matrix. Registry Form
Division
Note: The risk estimate (overall score) shall be
computed by multiplying the Likelihood
(Probability of Occurrence) and the highest
Severity score among the three (3) factors –
Impact to Quality, Operation or Reputation

Note: All risks with an overall score of 12 and

above shall be considered significant.
Shall determine Action Plans to address the Risk
and Opportunities.

Note: Actions shall be categorized based on the

following options:
 Avoid the Risk
 Take the risk in order to pursue an
Establishing opportunity.
Concerned Risk Assessment
Action Plans  Eliminate the Risk Source
Department / Registry Form
 Changing the Likelihood or the
Division Consequence
Opportunities
 Sharing the risk Action Plan
 Retain the risk by informed decision –
This shall apply if rating is below 12.

Note: In addressing the Opportunities, the

organization shall take into consideration if the
action might lead to the following:

Registration Mark: Distribution Mark: This document is updated and controlled if it bears the red “CONTROLLED
COPY” stamp. Otherwise, please refer to the Document Control Center (DCC)
for your updated copy.
 Document No. : GSCWD-QP-ISO-001
Risk Management Revision Level : Ø
Procedure Page : Page 6 of 7

 Adoption of new practices

 Launching new products
 Opening new markets
 Addressing new customers
 Building partnerships
Concerned  Using new technology and other
Department /
desirable and viable possibilities to
Division address the organization’s or its
Establishing
Action Plans customer needs
Note: Action Plans shall also be based on the
identified strategic options the organization
chooses to pursue.

Risk Assessment
Concerned Shall review the necessary action plans and Registry Form
Department / determine any resources needed for the actions
Division Head to be implemented. Opportunities
Action Plan

Risk Assessment
Registry Form
Top Shall approve the action plans and shall ensure
Approval that resources are provided.
Management Opportunities
Action Plan
Shall review the effectiveness of actions taken
at least twice a year or during the Management
Review Review.
Effectiveness
Note: Risk registry shall be reviewed also in case
of any of the following would be encountered Risk Assessment
Concerned aside from the scheduled twice a year Registry Form
Department / Management Review:
Division  If a nonconformance was detected Opportunities
during audit Action Plan
 After receiving a complaint from
customer or interested parties
 Changes in the organization’s processes
 After an occurrence of an actual
emergency situation.

End

Registration Mark: Distribution Mark: This document is updated and controlled if it bears the red “CONTROLLED
COPY” stamp. Otherwise, please refer to the Document Control Center (DCC)
for your updated copy.
 Document No. : GSCWD-QP-ISO-001
Risk Management Revision Level : Ø
Procedure Page : Page 7 of 7

6.2 Reports

Reports Frequency Responsible

Twice a year or as need
Risk Registry Department
arises
Twice a year or as need
Opportunities Action Plan Department
arises
SWOT Analysis (Internal
Once a year Top Management
and External Issues)
Needs and Expectation of
Once a year Top Management
Interested Parties

7.0 PERFORMANCE INDICATORS

7.1 All Risks are reduced to an acceptable level.
7.2 Risk Registry shall be reviewed twice a year and shall be updated as necessary.

8.0 ATTACHMENTS AND FORMS

8.1 Form 1 SWOT Analysis
8.2 Form 2 Needs and Expectation of Interested Parties
8.3 Form 3 Risk Registry
8.4 Form 4 Opportunities Action Plan
8.5 Table 1 Risk Evaluation Matrix

Registration Mark: Distribution Mark: This document is updated and controlled if it bears the red “CONTROLLED
COPY” stamp. Otherwise, please refer to the Document Control Center (DCC)
for your updated copy.