Risk management Part 3 – Context of the Organization

Once the organization has determined who the Pertinent Concerned Parties and what are their Pertinent Requirements, must understand the environment in which it must conduct its operations to meet these Pertinent Requirements, this environment is called the Organizational Context.

 

The Organization context, in accordance with ISO 9000:2015, is the combination of internal and external issues that can have an effect on the organization’s approach to development and achievement of its objectives. This context is also known as Business Environment, Organizational Environment or Ecosystem, and considers internal factors of the organization such as the values, culture, knowledge and performance of the organization, as well as external factors such as legal, technological, market competitiveness, cultural, social and economic environments.

 

The Organization context is currently characterised by rapid change, the globalisation of markets, limited resources and the emergence of knowledge as a major resource. The impact of quality extends beyond customer satisfaction and can also have a direct impact on the reputation of the organization. Understanding the Organizational Context is a process that determines the factors that influence the purpose, objectives and sustainability of the organization.

 

Within Risk Analysis, we must identify the external and internal issues within the organization that are relevant to its purpose and strategic direction and that affect its ability to achieve the expected results of its quality management system.

 

Here are 2 important elements:

  • Expected results in the SGC.

Refers to compliance with the Pertinent requirements of the relevant concerned parties.

  • External and internal issues that are pertinent.

These are the positive and negative, internal and external factors that must be considered by the organization due to their potential impact on compliance with the Pertinent requirements of the relevant concerned parties.

 

Although the ISO9001:2015 standard does not require the use of any specific tool for the analysis of the Organization context, the use of the SWOT Analysis, with its complement CAME, has become popular:

 

Step 1 – Determine Strengths.

They are the positive and internal factors of the organization that impact the fulfillment of the Pertinent requirements of the relevant concerned parties. The organization should take action to MAINTAIN these factors and thus reduce risks.

 

Step 2 – Determine Opportunities.

It is the positive external factors that impact on compliance with the Pertinent requirements of the relevant concerned parties. The organization should take action to EXPLOIT these factors and thus reduce risks.

 

Step 3 – Determine Weaknesses.

These are the negative and internal factors that impact on compliance with the Pertinent requirements of the relevant concerned parties. The organization should take action to CORRECT these factors and thus reduce risks.

 

Step 4 – Determine Threats.

It is the negative external factors that impact on compliance with the Pertinent requirements of the relevant concerned parties. The organization should take action to AFRONT these factors and thus reduce risks.

 

◄Part 2 – Part 4 ►

comments powered by Disqus