Here at PKP & Associates, we have been getting feedback from auditors that, with the requirements of some new ISO standards, organisations haven’t linked their context with their risk and opportunities.
The video below will take you through five key points that will help you address these requirements. This video is an extension of my other videos in this series, which you can check out below.
1. Review the Issues, Needs and Expectations (of interested parties)
Using the example of PKP & Associates, external issues that impact on us could be technological issues with our software.
Needs and expectations we may need to keep in mind are our customers requiring response within two hours to any support inquiries.
2. Determine Risks & Opportunities
An example of risks for PKP could be that the software isn't providing correct support for the client, and they may leave.
An opportunity for PKP could be to encourage all of our clients to use more of the modules in the software, leading to an increased client satisfaction for our product.
You need to document all your risks and opportunities, issues, and needs and expectations of your stakeholders in a single register.
4. Monitor and Review
The register needs to be monitored and reviewed regularly. At PKP, we review this at least at our quarterly management review meeting.
The final step is to communicate the information on this register to all staff so that they’re aware of the risk and opportunities and the controls that have been put in place.
To further link your knowledge in this area, check out my other three related videos by clicking the images below. They're 2 minute videos that will run you through the topics below.
I will be releasing a new video every Friday, so make sure you subscribe to my YouTube Channel while you are there.
Appreciate you listening.
See you next week,