Do you know your Risk Priority Numbers (RPN) for your processes?
In the ISO 9001:2013 (Committee Draft) the word risk appears 30 times, which appears to follow the revisions to the AS9100C Standard for Aerospace Quality Management.
In recent years we have published Excel workbooks with the type of risk assessments used Failure Mode Effects Analysis (FMEA), whereas the Risk Priority Number (RPN) of the impact is calculated by multiplying the Probability times the Severity times the Detection or [RPN = (P * S * D)]. These Excel tools along with recent additions to QMSCAPA, our quality management software, provide a complete tool kit for compiling the data of various aspects of risk from processes and assessing their impacts.
ISO 9001:213 indicates a requirement to determine the risks to conformity of goods and services and customer satisfaction if unintended outputs. And in Clause 4.4.2 Process Approach: Top management shall demonstrate leadership and commitment with respect to customer focus by ensuring that the risks which can affect conformity of goods and services and customer satisfaction are identified and addressed;
In Clause 6 Planning, 6.1 Actions to address risks and opportunities;
When planning for the quality management system, the organization shall consider the issues referred to in paragraph 4.2 and the requirements referred to in 4.2 and determine the risks and opportunities that need to be addressed to
a) assure the quality management system can achieve …
b) assure that the organization can consistently achieve conformity of goods and services and customer satisfaction,
c) prevent, or reduce, undesired effects, and
d) achieve continual improvement.
Here’s a great way to improve your product / service quality and its free! Click here to join our user-group and download QMSCAPA.
The organization shall plan:
a) actions to address these risks and opportunities, and b) how to integrate and implement the actions into its quality management system processes (see 4.4), and 2) evaluate the effectiveness of these actions.
Notes include, Any actions taken to address risks and opportunities shall be proportionate to the potential effects on conformity of goods and services and customer satisfaction. The organization shall undertake change in a planned and systematic manner, identifying risks and opportunities and reviewing the potential consequences of change.
In Clause 8.3 for Operational planning process …
In preparing for the realization of goods and services, the organization shall implement a process to determine the following, as appropriate,
a) requirements for the goods and services taking into consideration relevant quality objectives; b) actions to identify and address risks related to achieving conformity of goods and services to requirements;
… the risks identified and the potential impacts, …
e) the determined risks and opportunities associated with the development activities with respect to the nature of the goods and services to be developed and potential consequences of failure, …
3) the potential impact on the organization’s ability to consistently meet customer requirements and enhance customer satisfaction.
Also Clause 8.6.5 Post delivery activities …
Where applicable, the organization shall determine and meet requirements for post delivery activities associated with the nature and intended lifetime of the goods and services. The extent of post delivery activities that are required shall take account of
a) the risks associated with the goods and services …
In Clause 9.1.1 General
The organization shall determine take into consideration the determined risks and opportunities and shall:
a) determine what needs to be monitored and measured in order to:
The organization shall: a) plan, establish, implement and maintain an audit program(s), including the frequency, methods, responsibilities, planning … shall take into consideration the quality objectives, the importance of the processes concerned, the related risks, and the results of previous audits;