ISO Risk Management & your Supply Chain

A big part of ISO9001-2015 is risk management.  Once your company is ISO9001-2015 compliant, how do you manage your supply chain?  As you might imagine, they introduce new elements of risk.

ISO guide 73 states that risk is the effect of uncertainty on objectives.  That effect may be positive, negative or a deviation from what is expected.

Some of the Risks

Assume your company is ISO compliant…

That implies that you have control of what happens within your company.  If you introduce suppliers/contractors, you face less control.  How will you manage that risk?

Depending on your approach to compliance, you should have visibility as to what is going on within your company.  How will you deal with what is happening with your suppliers?

How will you deal with cultural differences between your company and your suppliers?

How will you handle the potential loss of intellectual properties?

What if your company vision is very different from your suppliers?

How will you ensure effective collaboration?

Some Questions for your Suppliers

Are they ISO9001-2015 compliant?

What does their quality manual look like?

What is their approach to quality?

What is their plan for disaster recovery?

What is their strategy for managing risk?


ISO9001-2015 is not just about quality management, it is a mindset of product lifecycle quality and a culture that is propagated throughout your company.  Your suppliers need to have a similar mindset.

Need some help?


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s