The IQS Risk Management module takes a high level and abstract approach at giving a flexible context through which organizations can record risk management efforts. This module focuses on business risk (as opposed to specific product or process risk which is managed through FMEAs in the IQS Product Management module). Once risks are identified and recorded, they can then be reviewed and prioritized by management and controls can be established. All management reviews can be recorded in review meetings to track management involvement with the process.
KEY BENEFITS OF USING THIS MODULE
• Provides a logical context through which to explain the organizational approach for risk management to auditors.
• Maintain a secure and centralized repository for global risk assessment results.
• Allows for flexible prioritization techniques promoting efficiency, safety and quality.
• Ensure conformance with quality standard such as ISO 9001, IATF 16949, AS 9100, ISO 13485, etc.
• Assign owners to various aspects of the business to be assessed for risk.
• Record assessments of risk and assign consistent priority logic across the board.
• Feed assessments into a risk register to assemble a quick view of the highest priority risks.
• Record plans to mitigate risks using Controls based on the results of assessments.
• Assign and track responsibility and target dates for Control implementation.
• Keep and maintain a centralized log of potential future controls.
• Establish and track management team involvement pertaining to organizational risk. This includes risk assessments and progress of mitigation plans providing evidence of who met, what was reviewed and meeting action item.
- RISK MANAGEMENT CAN BE LINKED TO ANY MODULE THAT CONTAINS EVIDENCE OF RISKS, MITIGATION ACTIONS, ETC. EXAMPLES INCLUDE: A TRAINING COURSE RESULTING FROM A RISK ASSESSMENT, A SUPPLIER RISK ASSESSMENT FOR ADDITIONAL DETAILS ON A RISK, A NONCONFORMANCE AS EVIDENCE OF OCCURRENCE AND IMPACT OF A RISK, ETC.
- CAN BE A STAND-ALONE MODULE