Risk Management Process | Risk related to IATF 16949, ISO 9001, ISO 14001, and ISO 45001

Risk Management :

Risk Management related to IATF 16949, 9001, 14001 and 45001 will be discussed here. And also will discuss how to address Risks and its mitigation plan.

Download Risk Register Template.

Risk Definition: Effects of Uncertainty is called Risk. An effects has two properties, Positive and Negative.
Negative effects are also called Risk and Positive Effects is called Opportunity.

All latest business standard like IATF 16949:2016, ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018 are based on Risk –Based Thinking. Comply the standard requirement we have to identify the Risks and opportunity and need to do the mitigation plan for those have the significant effects.

Risk Management Process:

  • Step-1 : Identification of Risks
  • Step-2 : Analysis of Risks
  • Step-3 : Evaluation of Risks
  • Step-4 : Treatment of Risk
  • Step-5 : Monitoring, Review and Control
risk management
Identification of Risks:
Risk Related to ISO 9001:2015 and IATF 16949:2016:

During the identification of Risks we shall consider the [1] Internal and external issues, [2] Needs and Expectations of Interested Parties, [3] Significant effects of QMS Intended Results like Significant Objectives, Process related Significant Effects, warranty, Field Failure, lacking of technology, Bossiness Competition, market value,  Shortage of Raw materials, outsource Process Effects to Organization etc.

Apart from the above we shall also include in its risk analysis at a minimum lessons learned from Product recalls, Product audits, Field Return and Repairs, Scrap and rework etc.

Example of Risks: High Warranty Percentage, Lack of Technology, High Scrap, High B/D, less selling value, etc.

Identified risks are generally represented in Risk register.

 Risk Related to ISO 14001:2015 and ISO 45001:2018:

While Identification of the risks related to ISO 14001, we have to consider the [1] Internal and external issues, [2] Needs and Expectations of Interested Parties, [3] Significant environmental Impacts [4] Compliance Obligations.

When determining the risks related to ISO 45001, we have to address the risk with accounting of [1] hazards [2] OHS risks, [3] Legal and other requirement, [4] Internal and external issues, [5] Needs and Expectations of Interested Parties.

Example of Risks: High Noise, Water Pollution, Discharge of untreated Water, Solid Waste Spilled at outside boundary of factory etc.

Analysis of Risks:

The main goal of Risk Analysis is to calculate the risk score/ rank and categorize the different types of Risk. In this method we have to collect the data for Probability and Impact score.


[1] High Noise at XYZ Area, let probability is 3 out of 10 scales and Impact is 5 out of 10 scales.

Risk Score = 15

51-100 High Risk
25-50 Medium Risk
<25 Low risk

In the Above example, High noise is falling under the Low Risk.

Evaluation of Risks:

The Organization will decide for Significant Risks Cut-off Value. Let we decide here 51 to 100 is the Cut-off value, then we can surely say the above Risk [High noise] is not coming under the Significant Risk.

Here we just need to evaluate the Risk whether significant or insignificant.

Treatment of the Risks:

Mitigation plan has to be taken to bring down the significant Score to Insignificant Score

Monitoring, Review and Control:

After the implementation of the Action plan, Effectiveness of Risk needs to be done by regular monitoring of data. 

You Could also like to read these Articles:

Thank You for reading……. Keep visiting Techiequality.Com

Leave a Reply

4 Comment threads
0 Thread replies
Most reacted comment
Hottest comment thread
0 Comment authors
Recent comment authors
newest oldest most voted
Notify of

[…] you are interested to know about Risk Management, then Click here […]


[…] Register Template Risk Management Process Download 8D Format RCA Cause & Effect Diagram Template Pareto Chart […]


[…] 8D Case Study CC Excel Template Download Risk Register Format Concept of CAPA QMS Risk management […]


[…] Risk Management Online registration of net-banking Mobile Number Portability Airtel Prepaid to Postpaid CC […]