ISO 9000 & AUDITS WORLD CONFERENCE ABSTRACT
Integrating Risk Management into Implementation and Auditing ISO9001
Integrating the risk management standards (ISO31000 or the COSO Framework) into the implementation and auditing of ISO9001 helps build a robust business management system for an organization. More importantly, implementing the ISO9001 from a risk management perspective enables seamless incorporation of any risk-based management system standard into the ISO9001 framework. The session will examine a case study using a proactive risk management approach to design the ISO9001 framework. A proactive risk management approach introduces a flexibility into the management system allowing any organization to pursue an all hazards risk management strategy. A myriad of risks face organizations in today’s globalized economy. This requires having a common platform for managing various risks in a cost-effective non-siloed way. “Risk thinking” can be achieved by using the concepts of either the ISO31000 or COSO standards. Risk management is an important decision-making tool that organizations need to use to achieve strategic, tactical, operational, and reputational objectives. Risk management needs to be built in rather than added on to any organization’s system of management. Experience using the risk management approach when implementing the ISO9001 results in efficiencies and cost savings in running the organization. First, second, and third-party auditors who audit the ISO9001 in conjunction with other management system standards can better assess an organization’s management system if they have a better understanding of risk management principles.
Participating Organizations at the ISO 9000 World Conference
Department of Commerce
Environmental Protection Agency
Schindler Elevator Corporation