In ISO Risk (see Preventative Actions) is something that has not happened while Problems (see Corrective Actions) are something that has happened already. The “Loophole” is how its documented: in ISO it only exists if there is a paper trail. Problems that have no Vessel/Mechanism for its Capture does not “exist” or “has not happened” yet. This is not a loophole as much as a technicality of Reality. We all have problems that we have not been able to Identify, Frame, or Name. It having not been Identified, Named, Framed, or Documented, doesn’t mean the Problem doesn’t exist. It just hasn’t occurred to the Organization’s/Institution’s memory.
Thats a loophole that kinda isn’t. Its one of the constraints of reality – we really can’t know anything unless we put it on paper and think about it (see Absence of Evidence does not mean Evidence of Absence). Note that ISO allows a Company to define their own terms, ISO audits hold companies accountable to their own definitions and actions contrary to what they have defined.
I guess this is why ISO 9001:2015 has required Risk Management, because there exists problems that can happen and probably is happening but the organization has not had any mechanism to capture it.
Leave a Reply
You must be logged in to post a comment.