Both sides previous revisionPrevious revisionNext revision | Previous revision |
articles:ocap-complexity [2023/06/18 20:05] – rrandall | articles:ocap-complexity [2023/06/20 16:10] (current) – rrandall |
---|
While there is //really// nothing that a company can do to alter its complexity (without major changes in how it operates), the remaining "Risk Factors" are completely in control of the business. However, if there are changes in your organization, you should immediately notify your CB (certainly prior to the next audit activity performed by your CB). The risk level for your organization should coincide with the criteria contained in the quadrant that best describes your organization. | While there is //really// nothing that a company can do to alter its complexity (without major changes in how it operates), the remaining "Risk Factors" are completely in control of the business. However, if there are changes in your organization, you should immediately notify your CB (certainly prior to the next audit activity performed by your CB). The risk level for your organization should coincide with the criteria contained in the quadrant that best describes your organization. |
| |
| <WRAP centeralign>**AS 9104/1A, Figure 2 - Organization complexity risk level**</WRAP> |
{{ :articles:as9104-1a_organization_complexity_risk_level.png?direct&600 |AS91041A, "Figure 2 - Organization complexity risk level"}} | {{ :articles:as9104-1a_organization_complexity_risk_level.png?direct&600 |AS91041A, "Figure 2 - Organization complexity risk level"}} |
| |
<WRAP center round info 80%> | <WRAP center round info 80%> |
The AS91041A, "//Figure 2 - Organization complexity risk level//" simply expands [[https://iaf.nu/en/iaf-documents-categories/|IAF MD5 Determination of Audit Time for QMS-EMS-OHS Audits]], "//Figure QMS 1 – Relationship between Complexity and Audit Time//" by adding "Risk Levels. | The AS9104/1A, "//Figure 2 - Organization complexity risk level//" simply expands [[https://iaf.nu/en/iaf-documents-categories/|IAF MD5 Determination of Audit Time for QMS-EMS-OHS Audits]], "//Figure QMS 1 – Relationship between Complexity and Audit Time//" by adding "Risk Levels. |
</WRAP> | </WRAP> |
| |
central function (not necessarily the headquarters of the organization) at which | central function (not necessarily the headquarters of the organization) at which |
certain processes/activities are planned and controlled, and a number of sites | certain processes/activities are planned and controlled, and a number of sites |
(permanent, temporary or virtual) at which such processes/activities are fully or | (permanent, temporary, or virtual) at which such processes/activities are fully or |
partially carried out.</blockquote> | partially carried out.</blockquote> |
| |
| The remaining ambiguous descriptors (e.g., small vs. large, few vs. many) are left to the CBs to define. However, the CBs that I work with define a "large" organization as one having over 200 workers. If curious as to how your CB has made this determination, ask them. |
| |
{{page>wiki:pathforward}} | {{page>wiki:pathforward}} |