Metodología para la implementación de la gestión de riesgo en un sistema de gestión de calidad

The risk-based approach is one of the main changes of the new version of ISO 9001: 2015 standard, and in addition to the commitment of Senior Management, organizations are required to establish during the planning of the quality management system, actions that allow them to determine the risks and o...

Full description

Autores:
Doria Parra, Alfonso
Lopez Benavides, Leandro
Bonilla Ferrer, Marjorie
Parra Cera, Griselda
Tipo de recurso:
Fecha de publicación:
2019
Institución:
Universidad Santo Tomás
Repositorio:
Repositorio Institucional USTA
Idioma:
spa
OAI Identifier:
oai:repository.usta.edu.co:11634/42148
Acceso en línea:
https://revistas.usantotomas.edu.co/index.php/signos/article/view/5424
http://hdl.handle.net/11634/42148
Palabra clave:
impact
opportunity
residual
risk
risk management system
impacto
oportunidad
residual
riesgo
sistema de gestión de riesgo
Rights
License
http://purl.org/coar/access_right/c_abf2
Description
Summary:The risk-based approach is one of the main changes of the new version of ISO 9001: 2015 standard, and in addition to the commitment of Senior Management, organizations are required to establish during the planning of the quality management system, actions that allow them to determine the risks and opportunities, in order to: ensure that the quality management system can achieve its expected results, increase desirable effects, prevent or reduce unwanted effects and achieve continuous improvement of their processes. In this article, a generic methodology is proposed to manage the strategic and operational risks of a company based on the understanding of the context and the identification of the needs and expectations of the interested parties. Through a sequence of stages it is proposed to address the risks and opportunities of an organization, based on the identification of the sources, causes and consequences that the completion of an inherent risk may bring, followed by the assessment through a qualitative, quantitative, semi-quantitative analysis or combination of these, according to the tool you want to use. Subsequently, having assessed the risk, it is evaluated using the defined strategies to identify the critical risks and their prioritization. Finally, the risk treatment process is continued where actions are modified and/or implemented in order to control the risks completion and/or reduce the impact that could be caused if it is completed

Publicaciones similares