https://www.youtube.com/watch?

v=wNx6mQSZUuc
4.4.1 Turtle
https://www.techiequality.com/2019/02/03/risk-management-process/
Risk Management Process | Risk related to IATF 16949, ISO 9001, ISO 14001, and ISO 45001
By TECHIEQUALITY 03/02/2019 QUALITY 4 Comments
Risk Management :
Risk Management related to IATF 16949, 9001, 14001 and 45001 will be discussed here. And also will discuss how to address
Risks and its mitigation plan.
Download Risk Register Template.
Risk Definition: Effects of Uncertainty is called Risk. An effects has two properties, Positive and Negative.
Negative effects are also called Risk and Positive Effects is called Opportunity.
All latest business standard like IATF 16949:2016, ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018 are based on Risk –
Based Thinking. Comply the standard requirement we have to identify the Risks and opportunity and need to do the
mitigation plan for those have the significant effects.
Risk Management Process:

Step-1 : Identification of Risks

Step-2 : Analysis of Risks
Step-3 : Evaluation of Risks
Step-4 : Treatment of Risk
Step-5 : Monitoring, Review and Control

Identification of Risks:
Risk Related to ISO 9001:2015 and IATF 16949:2016:
During the identification of Risks we shall consider the [1] Internal and external issues, [2] Needs and Expectations of
Interested Parties, [3] Significant effects of QMS Intended Results like Significant Objectives, Process related Significant
Effects, warranty, Field Failure, lacking of technology, Bossiness Competition, market value, Shortage of Raw materials,
outsource Process Effects to Organization etc.
Apart from the above we shall also include in its risk analysis at a minimum lessons learned from Product recalls, Product
audits, Field Return and Repairs, Scrap and rework etc.
Example of Risks: High Warranty Percentage, Lack of Technology, High Scrap, High B/D, less selling value, etc.
Identified risks are generally represented in Risk register.
Risk Related to ISO 14001:2015 and ISO 45001:2018:
While Identification of the risks related to ISO 14001, we have to consider the [1] Internal and external issues, [2] Needs and
Expectations of Interested Parties, [3] Significant environmental Impacts [4] Compliance Obligations.
When determining the risks related to ISO 45001, we have to address the risk with accounting of [1] hazards [2] OHS risks,
[3] Legal and other requirement, [4] Internal and external issues, [5] Needs and Expectations of Interested Parties.

Example of Risks: High Noise, Water Pollution, Discharge of untreated Water, Solid Waste Spilled at outside boundary of
factory etc.
Analysis of Risks:
The main goal of Risk Analysis is to calculate the risk score/ rank and categorize the different types of Risk. In this method we
have to collect the data for Probability and Impact score.
Example:
[1] High Noise at XYZ Area, let probability is 3 out of 10 scales and Impact is 5 out of 10 scales.
Risk Score = 15
51-100 High Risk
25-50 Medium Risk
<25 Low risk
In the Above example, High noise is falling under the Low Risk.
Evaluation of Risks:
The Organization will decide for Significant Risks Cut-off Value. Let we decide here 51 to 100 is the Cut-off value, then we can
surely say the above Risk [High noise] is not coming under the Significant Risk.
Here we just need to evaluate the Risk whether significant or insignificant.
Treatment of the Risks:
Mitigation plan has to be taken to bring down the significant Score to Insignificant Score
Monitoring, Review and Control:
After the implementation of the Action plan, Effectiveness of Risk needs to be done by regular monitoring of data
https://www.slideshare.net/ULDQSInc/iso-90012015-webinar-part-3-ul-dqs-inc
https://app.emaze.com/@ALWRWIRR#10