Download as doc, pdf, or txt
Download as doc, pdf, or txt
You are on page 1of 3

xxxxxxxxxx Quality System Procedure

Doc.No. QSP – 06 Eff. Date 02/05/19

Revision 00 Pages 1 of 8

Revision History Table

Rev. Details
Rev. No. Changes Description Author
Date Page Para
00 01/02/19 All All INITIAL AUDIT

Prepared by Review By Approved by

Doc. No. QSP- 06 Eff. Date 02/05/19
Revision No. 00 Pages 2 OF 5


To establish a risk assessment process for continually improve the effectiveness of the Quality Management


This procedure applies to the whole Quality Management System processes within the organization.


Top management and the Head of Department are responsible to implement this procedure.


1. Planning for risk assessment

The Management shall continually seeking improvement on the effectiveness of the quality management system
through the use of Risk Assessment for the key processes within the QMS, in order to prevent potential non-

2. Risk Matrix

Likelihood 1 (Remote) = 2 (Rarely)= Once 3 (Sometimes) = 4 (Frequent)= Once 5 (Very frequent)

Never Happen in a year Once in a month in a week = Daily
Severity before
1 = Would not cause
dissatisfaction to
1 2 3 4 5
customers or our
2 = May cause late
2 4 6 8 10

3 = May cause our

production line stop
3 6 9 12 15
due to wrong info

4 = May cause verbal

complaint, but the
4 8 12 16 20
products still can be

5 = May cause
customer complaint /
5 10 15 20 25
customer line stop /
product return
Risk = the effect of uncertainty on an expected result which may affect the satisfaction of interested parties

Doc. No. QSP- 06 Eff. Date 02/05/19

Revision No. 00 Pages 2 OF 5
Tolerable risk Tolerable risk Not tolerable risk

1-4 = LR (Low Current control measure is effective to control the risk

5-12 = MR May propose new control measure to improve the current practices
(Medium Risk) (but not compulsory)
15-25 = HR (High Need to propose new control measure(s) to control the risk(s)

3. Recording of Risk Assessment Results

The top management should lead the other department HOD to perform the risk assessment for the departmental
processes that may affect the satisfaction of interested parties, based on the context of the organization. The top
management should brain storm the HOD or relevant personnel on the severity and likelihood of occurrence of the
potential risks in the processes.

For Low Risk and Medium Risk activities, the management may choose to propose further control method, but
not compulsory, to ensure the risks are prevented

For High Risk activities, the management shall ensure control measures or Contingency plan are in place to
ensure the risk would not happen. In the case the non-conformity happens, it shall be controlled by the Control of
Non-Conformity procedure.

The results shall be recorded in the RIRARC (Risk Identification, Risk Assessment and Risk Control) worksheet.

4. Review of the RIRARC

The top management should review the RIRARC at least annually, preferable during management review
meeting, to identify new risks or opportunities that may affect the entire business activities. Output of the review
shall be updated in the RIRARC worksheet.


1. Risk Identification, Risk Assessment and Risk Control, RIRARC worksheet- NTI/QMR/007

You might also like