Risk is now a common thread within ISO standards, it’s therefore of crucial importance that all systems and quality managers not only understand risk, but also adopt a risk based approach to both thinking and auditing.
The International Organization for Standardization (ISO) has this to say on Risk Based Thinking:
“Risk based thinking ensures these risks are identified, considered and controlled throughout the design and use of the quality management system”.
Risk based thinking (RBT) is one of the most profound changes to ISO quality management systems. It is a clearly-bounded methodological approach that distributes risk across the full scope of a management system as an integrated business function.
Although the function of risk based thinking is to manage risk at various critical stages, the true purpose of RBT is more than just creating a systematic, precautionary approach. Instead, you should look at risk based thinking as a form of organizational knowledge. This is important because a badly managed organizational system is immediately apparent to professionals and investors, who often look for more than just certification.