Presentation is loading. Please wait.

Presentation is loading. Please wait.

By KAMARRUDIN ALI 18 April 2018

Published byMitchell Lang Modified over 6 years ago

Similar presentations

Presentation on theme: "By KAMARRUDIN ALI 18 April 2018"— Presentation transcript:

1 By KAMARRUDIN ALI 18 April 2018
ISO 9001:2015 (RISKs Element) By KAMARRUDIN ALI 18 April 2018

2 ISO 9001:2015 Risk-based thinking enables an organization to determine the factors that could cause its processes and its quality management system to deviate from the planned results, to put in place preventive controls to minimize negative effects and to make maximum use of opportunities as they arise

3 ISO 9001:2015 REQUIREMENTS ISO 9001:2015 requires for the organization to determine the risks and opportunities based on the knowledge of the organization’s context (4.1 & 4.2)

4 EXTERNAL ANALYSIS (PESTEL) (including issues from interested parties)
Template A NO. ISSUES RISK/OPPORTUNITIES FOR KCDIO 1 POLITICAL Trump’s Muslim countries ban (Opportunities) Increase international students application 2 ECONOMIC Reduced operational budget (Risk) could not renew licenses 3 SOCIAL Staffing problem ELB implementation (Risk) Student demonstration 4 TECHNOLOGY Outdated equipment (Risk) MQA accreditation withdrawal 5 ENVIRONMENT Raining season (risk) Flood at certain areas 6 LEGAL Intro of ICGPA stringent procedure in getting VAL. Not following procedures (Risk) Decreasing intake from international students due to implementation of i-CGPA and VAL procedure (Risk) accreditation withdrawal

5 INTERNAL ANALYSIS (SWOT)
Template A STRENGTH WEAKNESSES Issues 1. 2 Risk/Opportunities OPPORTUNITIES THREATS Note: As a guide to do a thorough analysis for each of the above quadrants, a normal tool used is FITCOW which is Financial, Infrastructure, Technology, Competency, Operation (Process) and work environment)

6 ISO 9001:2015 REQUIREMENTS 6.1.1 When planning for the quality management system, the organization shall consider the issues referred to in 4.1 and the requirements referred to in 4.2 and determine the risks and opportunities that need to be addressed to: a) give assurance that the quality management system can achieve its intended result(s); b) enhance desirable effects; c) prevent, or reduce, undesired effects; d) achieve improvement.

7 Identifying Risks Risks are determined to prevent or reduce undesired effects, and to give assurance that quality management system can achieve its intended results. ISO 9001 does not define specific types of risks that need to be determined and addressed Types and categories of risks are commonly used: Processes: risks of nonconforming output, process breakdown, process inefficiency, excessive variability, etc. Quality: risk of defects and non-attainment of specified requirements Suppliers: risk of defects and non-attainment of specified requirements Operation: risks to business continuity, data loss, public relations, etc.;

8 What about Opportunity?
Apart from the risks, the organization has to also identify the opportunities that may come in its way. Opportunities can be in form of adoption of new practices, launching of new products or services, opening new markets, addressing new clients, building partnerships, using new technology and other desirable and viable possibilities to address the organization’s or its customers’ needs.

9 Why Risks are considered?
Risk : Effect of uncertainties Risk Level: Likelihood x consequences Risks and opportunities can affect conformity of products and services and the ability to enhance customer satisfaction are determined and addressed

10 Step 1: Identify the Risk. Step 2: Analyze the risk
Step 1: Identify the Risk. ... Step 2: Analyze the risk. ... Step 3: Evaluate or Rank the Risk. ... Step 4: Treat the Risk. ... Step 5: Monitor and Review the risk. Managing Risks

11 Brainstorming Environmental/Horizon Scanning Interviews Past data Analysis

12 Causes of Risk Risk Consequence/Impact

13 1. Regulatory and legislative changes 2. Economic slowdown
According to a leading global provider of risk management services AON in their 2011 Global Risk Management Survey (AON, 2013) the top three risks for higher education are ranked as follows: 1. Regulatory and legislative changes 2. Economic slowdown 3. Damage to brand or reputation Online Journal of Applied Knowledge Management, Volume 2, Issue 1, 2014

14 Samples: Common risks Food poisoning Theft Fire Flood

15 Samples: Common risks in University
Issue Risks Consequence Measure Student Enrolment unpopular programs bad information about Kulliyyah Low enrollment market research in order to introduce new and update existing study programs Improve quality work of the staff additional activities offered to students, continuous promotions Information System Data Loss due to Technical breakdown Data theft student’s dissatisfaction the University’s reputation issue financial loss Ensure staff obey the rules on the access to data Acquire appropriate software and hardware train staff periodically test the equipment periodically perform a weekly backup Ensure physical protection of workstation Ensure saving and frequent changing of passwords Do frequent updating of antivirus software avoid using unverified external data media Conduct comprehensive testing and fixing of program flaws

16 Samples: Common risks in University
Issue Risks Consequence Measure Teaching low quality of the teaching because of the teaching staff Dissatisfaction bad experience of the students loss of Kulliyyah reputation low enrollment rate hiring the highest quality teaching staff, Continuous assessment of the academic staff’s work poor teaching quality due to non-existence or non-use of contemporary devices and electronic means bad experiences of students school reputation Acquisition of the equipment continuous training of academic staff Student practical: Bad choice of organizations in terms of the activity and process and poor support bad experience of students bad experience of associated from the situation which jeopardize Kulliyyah reputation students’ awareness about the significance of the practical work and the possibilities it offers (acquiring precious experience, accumulating data for the placement) Financial process Certain programmes could not be run due to budget issue Bad reputation Accreditation withdrawal finding other sources of finance by introducing alternative short programs or courses which are in demand Misappropriation of fund Financial loss Strengthen work process Continuous reminders to staff

17 Samples: Common risks in University
Issue Risks Consequence Measure Management Bad assessment of the management in relation to type and content of the study programs High-quality teaching staff leave the Kulliyyah bad results of scientific research work because of the poor quality of the teaching staff or bad support due to lack of funds Programmes run not according to university or government requirements due to bad documentation or awareness impossibility or withdrawal of accreditation bad experience of students lower financial income jeopardized University or Kulliyyah reputation lower enrollment rate introducing or improving a quality system (e.g. ISO) in order to improve University elements in all processes and intensify the conditions for their successful implementation plan for hiring the teaching staff in accordance to the need of the Kulliyyah motivate staff towards further improvement by supporting them to visit conferences, write articles and books, participate in projects, and by awarding them according to an assessment of their work periodical review and update of documents for conducting the Kulliyyah programmes in accordance to practice and update the staff

18 Template C

19 Risk Category Type Description Strategic
Losses due to error or misjudgment in the selection of strategy or the execution of the strategy or exposure to loss resulting from a strategy that turns out to be defective or inappropriate Operations Risk arising from execution of a company's business function which focuses on the risks arising from the people, assets, systems and processes through which the University operates Finance Risk associated with the finances of the Universityy, including loan interest charges, echange rates, taxation, borrowings & credit, government grant, error in asset valuation (over or undervaluation), liabilitiies, spending beyond limit, negative cash flows or any other direct and indirect losses affecting other elemnets of the University's finances Reputation Risk of impact to the business attribute/related to the trustworthiness of the business and/or the education industry as a whole Information Risk arising from the flow of information and availability of new or existing technology to the business and the impact of it being adopted or not to the business Regulation Risk due to non-compliance or failure to adhere to sets of rutles and regulation as set out by the University, Government or legislation

20 Qualitative Measure of Consequences of Likelihood
Level Descriptor Probability Description 5 Almost certain >50% The event is expected to occur in most circumstances - will occur on an annual basis 4 Likely 31% - 50% The event will probably occur in most circumstances - will occur once in every 3 years 3 Possible 16% - 30% The event might occur at some time - will occur once in every 10 years 2 Unlikely 1% - 15% The event could occur at some time - will occur in every 20 years 1 Rare <1% The event may occur only in exceptional circumstances - will occur once in every 50 years

21 Qualitative Measure of Consequences of Impact
Level Description Example detail description 1 Insignificant No injuries, low financial loss, no risk to reputation. 2 Minor Minor First aid treatment, on-site release immediately contained, medium financial loss, some customer dissatisfaction. 3 Moderate Medical treatment required, on-site release contained with outside assistance, high financial loss and public visibility. 4 Major Major Extensive injuries, loss of production capability, invocation of disaster recovery with no detrimental effects, major financial loss. 5 Catastrophic Death, off-site with detrimental effect, huge financial loss.

22 Quantitative Measure of Consequences of Impact
Level Description Example detail description 1 Insignificant Nil – Negligible 2 Minor Under RM1 mil 3 Moderate Between RM1 mil - RM5 mil 4 Major Between RM5 mil - RM15 mil 5 Catastrophic Above RM15 mil

23 Qualitative Risk Analysis Matrix
Likelihood / Impact 1 2 3 4 5 M S H E L Time Bomb

24 Qualitative Risk Analysis Matrix

25 Qualitative Risk Analysis Matrix
Key Description E : Extreme Immediately initiate action plan to reduce exposure H : High S : Significant Develop action plan to reduce exposure M : Medium Consider if any action plan need to be develop L : Low Routine acceptance of the risk. / No action required Time Bomb *Develop action plan to reduce exposure *Are potential catastrophic risks that are not straight forward in ratings *May currently be well managed, but may potentially create significant problems to the organization in future

26 Strategy in Managing Risks
activities with a high likelihood of loss and large financial impact. The best response is to avoid the activity if cost-benefit analysis determines the cost to mitigate risk is higher than cost to bear the risk, then the best response is to accept and continually monitor the risk. activities with a high likelihood of occurring, but financial impact is small. The best response is to use management control systems to reduce the risk of potential loss activities with low probability of occurring, but with a large financial impact. The best response is to transfer a portion or all of the risk to a third party by purchasing insurance, hedging, outsourcing, or entering into partnerships.

27 Issues/Risks Status Types
Description Open New item identified and awaiting action. Closed Item closed e.g. no longer a concern, rejected, etc. In progress Item undergoing treatment/mitigation activities. Monitoring Treatment/Mitigiation activities complete and being monitored. Resolved Item resolved through treatment/mitigation actions and resolution accepted by stakeholders.

28 What’s next? Having the risks and opportunities identified, a proper plan of actions need to be laid out in order to mitigate these risks and grab the opportunities. Then, from time to time, the organization needs to assess the effectiveness of the actions taken.

29 RISKS SUMMARY (From Risk Register)
Template C RISKS SUMMARY (From Risk Register) RISK CATEGORY DESCRIPTION OF RISK RISK REGISTER NO. External Analysis Could renew licence Decreasing intake from international students due to implementation of i-CGPA and VAL procedure MQA accreditation withdrawal R1.1.1 R1.3.3 R1.3.4 2. Internal Analysis Decreasing intake from international students due to stringent procedure in getting VAL. R2.1.1 Please refer to Risk register documents

30 DESCRIPTION OF OPPORTUNITIES OPPORTUNITY REGISTER NO.
Template D OPPORTUNITY SUMMARY CATEGORY TYPE DESCRIPTION OF OPPORTUNITIES OPPORTUNITY REGISTER NO. EXTERNAL ANALYSIS INTERNAL ANALYSIS

31 PLANNING TO ADDRESS THE RISKS
Template E PLANNING TO ADDRESS THE RISKS Risks No: (From Risk Register) Strategy Initiatives Year/ Period PIC KPI Target Achieved % of Success

32 PLANNING TO ADDRESS THE OPPORTUNITIES
Template F PLANNING TO ADDRESS THE OPPORTUNITIES Opportunity No: (From Opportunity Summary) Strategy Initiatives Year/ Period PIC KPI Target Achieved % of Success

33 Treating Risk & Opportunity Workflow
Use Template A Identify External & Internal issues, risks and opportunities (including from interested parties) Risks Opportunities List all risks in Risk Register List all opportunities in summary Use Template D Analyze Each Risk Use Template B Categorize Risk Categorize Risk (L,M,H,E,TB) Accept Avoid Transfer Reduce L = Low Medium, High, Extreme & Time Bomb List all Risks in summary Prepare & Execute Action Plans Use Template E & F Use Template C Monitor & Review

34 ISO 9001:2015 Summary ISO 9001:2015 - Risk-based thinking standard
Intent - To ensure organizations consider risks and opportunities that could affect the results of their plan. Objective Evidence: Risk & Opportunity Analysis on External and Internal Factors Risk Profile/Register Risk & Opportunity Action Plan Action Plans have been carried out

35 Thank You

Download ppt "By KAMARRUDIN ALI 18 April 2018"

Similar presentations

More than OH&S. Definitions of Risk Risk is virtually anything that threatens or limits the ability of a community or non-profit organisation to achieve.

More than OH&S. Definitions of Risk Risk is virtually anything that threatens or limits the ability of a community or non-profit organisation to achieve.
Appendix H: Risk training slides (sample). What is Risk? “ Risk is the effect of uncertainty on objectives ” AS/NZS ISO31000:2009.

Appendix H: Risk training slides (sample). What is Risk? “ Risk is the effect of uncertainty on objectives ” AS/NZS ISO31000:2009.
PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT
Planning for Change Corporate Plans

Planning for Change Corporate Plans
Risk Management Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Risk Management Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Note: See the text itself for full citations. Information Technology Project Management, Seventh Edition.

Note: See the text itself for full citations. Information Technology Project Management, Seventh Edition.
CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.

CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.
ISO General Awareness Training

ISO General Awareness Training
Project Risk Management

Project Risk Management
Irish League of Credit Unions, 2012 W E L O O K A T T H I N G S D I F F E R E N T L Y Risk Management for Credit Unions September 2013 Risk Management.

Irish League of Credit Unions, 2012 W E L O O K A T T H I N G S D I F F E R E N T L Y Risk Management for Credit Unions September 2013 Risk Management.
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.

Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
Project Risk Management Supplement. The Importance of Project Risk Management  Project risk management is the art and science of identifying, assigning,

Project Risk Management Supplement. The Importance of Project Risk Management  Project risk management is the art and science of identifying, assigning,
Chapter 11: Project Risk Management

Chapter 11: Project Risk Management
What is Risk Management - Panel Discussion Tony Whitworth Vice-President Finance & Resources.

What is Risk Management - Panel Discussion Tony Whitworth Vice-President Finance & Resources.
Basics of OHSAS Occupational Health & Safety Management System

Basics of OHSAS Occupational Health & Safety Management System
Managing Risks During Tendering and Contract Procurement Tanya Jackson, Principal Consultant.

Managing Risks During Tendering and Contract Procurement Tanya Jackson, Principal Consultant.
Introduction Time Quality Cost Project Constraints Success Introduction.

Introduction Time Quality Cost Project Constraints Success Introduction.
Risk Management Project Management Digital Media Department Unit Credit Value : 4 Essential Learning time : 120 hours.

Risk Management Project Management Digital Media Department Unit Credit Value : 4 Essential Learning time : 120 hours.
Hartley, Project Management: Integrating Strategy, Operations and Change, 3e Tilde Publishing Chapter 10 Risk Management Proactively managing the positive.

Hartley, Project Management: Integrating Strategy, Operations and Change, 3e Tilde Publishing Chapter 10 Risk Management Proactively managing the positive.
Project Management By: Dr Madhu Fernando Project Risk Management

Project Management By: Dr Madhu Fernando Project Risk Management

Similar presentations

Ads by Google