Risk analysis procedure & actions to address risks & opportunities

Purpose:

The purpose of this procedure is to define how to manage risks & opportunities.

Scope:

This procedure covers risks and opportunities of all processes of the organization.

Responsibility:

All the process owners are responsible for implementing this procedure.

Risk analysis, Risk & opportunity

Process Description:

Management of Risk:

  • Identify risk for all the processes in the organization.
  • Assign a probability rating to the identified risk; this probability is comprised of two elements: likelihood and previous occurrences. Each element is given a score from 1 (lowest risk) to 5 (highest risk). The final probability rating is the average of the elements.
  • Assign a consequence rating if the risk were to be encountered; this consequence is comprised of five elements: eventual loss of contract; negative impact on existing customers; inability to meet contract terms; any violation of statutory regulations or law; impact on company’s reputation; and estimated cost of correction. Again, each element is given a score from 1 (lowest risk) to 5 (highest risk). The final consequence rating is the average of the elements.
  • Calculate a final Risk Factor based on the equation:
  • Probability Rating x Consequence Rating = Risk Factor
  • For risks with a final Risk Factor rating equal to or greater than the threshold set in the Risk Register, decide whether to reject the subject due to the risk, or accept the risks after the development of a risk mitigation plan. The mitigation plan must be documented in the Risk Register.
  • Risks with a factor less than the risk threshold may be accepted without a mitigation plan unless otherwise directed by management.
  • Enter an estimated risk factor after mitigation in the final column of the risk register, which is an estimate of what the risk should be reduced to if the risk treatment is successful.
  • If a risk includes a potentially positive aspect, management may elect to conduct an opportunity pursuit assessment on the positive aspect, as defined below a score from 1 (lowest risk) to 5 (highest risk). The final probability rating is the average of the elements.

Risk Analysis:

Scoring criteria for Risk Register
Risk register
Risk Register
Risks & opportunities register
Risk Register

Management of Opportunity:

  • Identify the opportunity in the processes under which the opportunity most likely falls.
  • Assign a probability rating to the identified opportunity; this probability is that the organization can achieve the opportunity. It is comprised of two elements: likelihood and previous occurrences. Each element is given a score from 1 (lowest probability) to 5 (highest probability). The final probability rating is the average of the elements.
  • Assign a benefit rating to assess potential benefits if the opportunity is won. This is comprised of six elements: potential for new business; potential expansion of current business; potential improvements in the organization’s ability to satisfy regulatory or statutory requirements; potential improvements to the quality management system; potential enhancements of the company’s reputation; and estimated cost of implementation. Again, each element is given a score from 1 (lowest benefit) to 5 (highest benefit). The final benefit rating is the average of the elements.
  • Calculate a final Opportunity Factor based on the equation:
  • Probability Rating x Benefit Rating = Opportunity Factor
  • For opportunities with a final Opportunity Factor rating equal to or greater than the threshold set in the Opportunity Register, decide whether to pursue the opportunity through an “opportunity pursuit plan” or to abandon the opportunity altogether. The opportunity pursuit plan must be documented in the Opportunity Register.
  • Opportunities with a factor less than the opportunity target rating may be abandoned outright unless otherwise directed by management.
  • Enter success result, once the opportunity has been closed; this includes entries for abandoning the opportunity, failing to win the opportunity, and three grades of success.
  • If an opportunity includes a negative aspect, management may elect to conduct a risk assessment on the negative aspect, as defined above.

Opportunity Analysis:

Opportunity register, scoring criteria

Risk Analysis of all processes in the organization should be done as FMEA is done & actions are taken.

List of mandatory procedures for IATF 16949.

Leave a Comment