terça-feira, outubro 01, 2019

Determinar riscos e oportunidades

"Risk identification is a transformation process (commonly facilitated by a risk practitioner) where experienced personnel generate a series of risks and opportunities, which are recorded in a risk register.
...
The primary process goal of risk identification is to identify both the risks to the business, which would reduce or remove the likelihood of the business reaching its objectives, and the opportunities, which could enhance business performance.
...
The risk identification process was not commenced before the business objectives (or the objectives of the activity under examination) were made explicit. (Risks are only threats to objectives. Without understanding the objectives it is not possible to undertake risk identification.)
.
Risk identificationwas not commenced until the business objectives, deliverables and success criteria were aligned. Risk identification was not commenced prior to a “map” or flow chart of the business process being prepared."

Uma abordagem em linha com a que propusemos em "Apontamentos sobre os riscos na ISO 9001:2015" e que seguimos:
"Assim, as cláusulas 4.1 e 4.2 da ISO 9001:2015 apontam para um momento anterior à definição dos objectivos alinhados com a política, influenciando-o. Enquanto que a cláusula 6.1 da ISO 9001:2015 aponta para um momento posterior à definição dos objectivos, o que pode contrariar/beneficiar o seu cumprimento"
Só não gosto do uso da palavra identificação, prefiro a palavra determinação. Os riscos e as oportunidades não são algo intrínseco, são algo que resulta de um julgamento.

Trecho inicial retirado de "Simple Tools and Techniques for Enterprise Risk Management" de Robert J. Chapman.


Sem comentários: