No matter what industry you’re in, you’re probably hearing about risk management. It’s in compliance, governance, quality management—it’s everywhere. It’s also a broad-reaching topic. In quality and compliance management, we see risk as a function of operations. We’re being told to manage our risks and take action on controlling risk.

But what are we really doing with risk? Are we implementing risk-based strategies within our quality and compliance operations? Companies are so intensely focused on maintaining operational excellence within their respective areas, that many put the concept of risk management aside as a future project, one that would be completed once they’ve finished keeping in line with current compliance processes.

Is risk management so onerous that it needs to be a whole project, or can we effectively bring the risk dynamic into our daily operations? For those in quality management, there will soon be no choice: The ISO 9001 revision due out next year will include risk management as an element of the quality management system (QMS), and the concept will become a reality for many. However, risk management as a concept doesn’t need to be overwhelming, especially in the context of quality and compliance management.

 …