While You Wait for ISO 9001:2015.....
As mentioned in a previous article, a major revision to ISO 9001 is the replacement of prevention action in favor of risk. There is NO requirement for standardize risk management, however each organization will need to identify and act upon risks to their operation.
Organizations might take this opportunity while waiting for release of 2015 to begin addressing risk or the "effect of uncertainty on expected results." In the 2015 revision of ISO 9001, risk is addressed as risk to your business, product(s) that the organization manufactures or distributes, and customer satisfaction.
Risk is generally thought as a negative, but risk-based thinking may help to identify positive opportunities. Organizations might consider risk to the strategic direction of the operation, external risk to customers and interested parties, internal risk to processes and products.
Some of the personnel responsible for risk include: