Featured Product
This Week in Quality Digest Live
Risk Management Features
Oliver Binz
Better internal information systems help managers tell consumer demand from inflationary pressure
Steven I. Azizi
Take these steps to protect your employees and your company
Oliver Laasch
There’s unlikely to be a point of general stability anytime soon
Gleb Tsipursky
You shouldn’t trust your gut as a decision-maker: Here’s why.
NIST examines disinfection methods that could be critical in the future if PPE supply is low

More Features

Risk Management News
ISO 21434 automotive cybersecurity and implementing design and process FMEAs
Implementing a SIOP process can smooth supply spikes while improving cash flow and increasing profitability
Does your business’ security match up with competitors?
Prior to vote, IAF seeks industry feedback to understand the level of demand from businesses and regulators.
The acquisition targets the rapidly widening gap between quality data creation and leverage
Winter 2022 release of Reliance QMS focuses on usability, mobility, and actionable insights
Designed to offer a comprehensive safety solution for fleet vehicles and workforce personnel
A cybersecurity expert lays out crucial HR practices to amplify attack readiness for modern businesses
NordLocker study discloses industries at a heightened risk of ransomware attacks, with manufacturers taking a troubling second place

More News

Quality Digest

Risk Management

What’s Risk Got to Do With It?

ISO’s high-wire act of developing the 9001:2015 standard

Published: Thursday, October 24, 2013 - 12:25

Some of the [ISO 9001: 2015] requirements are relatively clear; others are more “euphemisms,” and you don’t know how to react…
—James Lamprecht, author of ISO 9000: Preparing for Certification (CRC Press, 1992) and former member of ISO/TC 176

During an Aug, 16, 2013, interview on Quality Digest’s weekly webcast Quality Digest Live! James Lamprecht, currently a management consultant, provided insight into the latest revision of the ISO 9001 standard.

In an earlier QD article, “The Many Uncertainties of Risk as Currently Stated in ISO 9001:2015,” Lamprecht had discussed how the 2015 revision of the standard addressed risk management. During the interview QDL co-host Dirk Dusharme jumped right into that line of thought, asking, “Are you saying that although the revision does address risk management, it doesn’t go far enough?” he asked.

Lamprecht clarified. “I had two reactions to what I read,” he said. “Some of the [ISO 9001: 2015] requirements are relatively clear; others are a little broad, euphemisms actually, and you don’t know how to react.”

Demonstrating an understanding of ISO 9001 requirements and developmental processes, Lamprecht recognized the high-wire act of developing standards that provide adequate, broad-based definitions while not quashing well-documented, individual solutions. “When you issue a standard, you don’t want to be too specific or people will react to that [negatively]” he explained. “Then again, if the sentence you read is too broad and vague, you open the door to where anybody can interpret the requirement any way they want. And then [the standard] hasn’t actually achieved anything.”

QDL co-host Mike Richman probed further. “Risk can be such an amorphous concept,” he said. “What kind of language could have pushed this idea forward a little better?” Lamprecht’s careful reply illustrated the complexity of the concept of risk management as part of management standards. “If I start with the opening statement, ‘Determine the risks to conformity of goods and services and customer satisfaction if unintended outputs are delivered,’ you [might ask]: ‘What does that mean? Don’t we already have procedures that are 50 to 60 years old to make sure [we] don’t have unintended output?’” It was with good-natured humor that Lamprecht revealed ISO’s own difficulty in providing precise explanations of the exact language used.

When asked if he thought it might be better that the standard included a section devoted to risk rather than “sprinkling the term throughout,” Lamprecht responded, “Rather than trying to customize the term risk and include it in each paragraph, perhaps they could collect these ideas and create a separate paragraph.”

For those who have yet to preview the ISO 9001:2015 committee draft, Lamprecht’s “The Many Uncertainties of Risk as Currently Stated in ISO 9001:2015” gives a sneak peek into:
• ISO 9001:2015 subclause 4.4.2—Process approach
• 5.1.2—Leadership and commitment with respect to the needs and expectations of customers
• 6.1—Actions to address risks and opportunities
• 8.3—Operational planning process
• 8.5.1—Development processes
• 8.6.5—Post-delivery activities
• 9.1—Monitoring, measurement, analysis, and evaluation
• 9.2—Internal audit
• 10.2—Improvement

Keep in mind that the standard isn’t finished and won’t be released until 2015. As Denise Robitaille, a member of the U.S. TAG to ISO/TC 176, the committee responsible for updating the ISO 9000 family of standards, said, “It ain’t over till the fat lady sings.”


About The Author

Quality Digest’s picture

Quality Digest

For 40 years Quality Digest has been the go-to source for all things quality. Our newsletter, Quality Digest, shares expert commentary and relevant industry resources to assist our readers in their quest for continuous improvement. Our website includes every column and article from the newsletter since May 2009 as well as back issues of Quality Digest magazine to August 1995. We are committed to promoting a view wherein quality is not a niche, but an integral part of every phase of manufacturing and services.