Forward-looking risk management

The revised ISO 9001 standard recently also addresses operational risk management.

ISO 9001:2015, risk management
© depositphotos, dtjs

 

In 2015, the International Organization for Standardization (ISO) quality standard 9001:2008 was revised, followed by the decision to develop a new version of the guideline. On September 14, 2018, the transition period for companies ends: By then, they must have the new certification ISO 9001:2015 old certificates lose their validity. The standard recently also deals with operational risk management (cf. the 7 most important changes of ISO 9001:2015). "SMEs in particular often still find it difficult to identify, analyze and evaluate potential risks and opportunities. Planning appropriate countermeasures, implementing them and monitoring them afterwards is also a major challenge for companies," explains Georg Hünnemeyer, managing director of the Hünnemeyer Consulting GmbH. "Companies should always consider risks in the system context and evaluate them based on their current project situation; here, it is important to plan for the long term and act accordingly."

Step by step

The standard was adapted, among other things, to make SMEs more aware of the topic of risk management. Up to now, SMEs in particular have focused less on risk-based thinking and action - structured systems for dealing with sources of danger are more likely to be found in large companies. Before introducing an ISO-compliant strategy, decision-makers in SMEs should sound out which instruments are necessary and useful for implementing the new approach - this step is crucial for the success of the entire project. According to Hünnemeyer, successful risk management involves identifying, analyzing, evaluating and finally controlling every risk throughout the entire process. Companies often fail at the first step because they find it difficult to weigh up the possible risks or even fail in the end. The systemic recording of risks from the perspective of systems engineering yields a holistic view of the risks in the development of business processes. This ensures that the hazards can be identified and assessed.

No fear of the costs

In many cases, companies would fear the financial outlay that could be incurred by introducing a risk management system. This is offset by the cost savings that result from avoiding failures and damage, says Hünnemeyer. A study on the introduction of the strategy in medium-sized companies confirmed this: A large proportion of the companies that have already established the system were able to create an effective early warning system for all upcoming risks and thus initiate countermeasures in good time. In this way, transparency is created and the risk status remains permanently in view. The investment and effort required to implement the strategy is distributed among the individual departments, and consequently the available resources, he said. "The systems engineering approach of capturing and describing the company as a system reduces the risk management effort while increasing the transparency of operations," Hünnemeyer knows. "Systems engineering approaches for SMEs are well established and help ensure the necessary steps in the organization and processes."

Recognize and seize opportunity

Various studies identified IT failure and cyber attacks as the greatest fears of companies. Interruptions in the logistics chain, machine failures and product recalls are other looming risks that companies fear. "SMEs should see the revision of the quality standard as an opportunity. ISO 9001:2015 helps to identify weak points in their own company and to react to them accordingly," says Hünnemeyer. "Industry 4.0 is forcing companies to adapt to increasingly complex business processes. Of course, this is accompanied by numerous dangers. Knowing these, controlling them and taking appropriate action - that's the added value that risk management offers SMEs."

Press release Hünnemeyer

(Visited 56 times, 1 visits today)

More articles on the topic

SECURITY NEWS

Bleiben Sie informiert über aktuelle Sicherheitsthemen – praxisnah und zuverlässig. Erhalten Sie exklusive Inhalte direkt in Ihren Posteingang. Verpassen Sie keine Updates.

Jetzt anmelden!
anmelden
You can unsubscribe at any time!
close-link