Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 109 views

    Qesh - DCC Tairo Worksheet

    Uploaded by

    Pia Silva Pineda
    The document outlines 9 risks related to corporate processes and ownership. The risks range from business strategy not accommodating changes to loss or damage of records. For each risk, the document identifies potential consequences, assigns consequence scores for impact and likelihood, and lists applicable legal and quality requirements. Maintaining accurate risk information helps ensure corporate processes meet necessary standards.

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd

    Qesh - DCC Tairo Worksheet

    Uploaded by

    Pia Silva Pineda
    109 views35 pages
    The document outlines 9 risks related to corporate processes and ownership. The risks range from business strategy not accommodating changes to loss or damage of records. For each risk, the document identifies potential consequences, assigns consequence scores for impact and likelihood, and lists applicable legal and quality requirements. Maintaining accurate risk information helps ensure corporate processes meet necessary standards.

    Original Title

    QESH - DCC TAIRO WORKSHEET.xlsx

    Copyright

    © © All Rights Reserved

    Available Formats

    XLSX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document outlines 9 risks related to corporate processes and ownership. The risks range from business strategy not accommodating changes to loss or damage of records. For each risk, the document identifies potential consequences, assigns consequence scores for impact and likelihood, and lists applicable legal and quality requirements. Maintaining accurate risk information helps ensure corporate processes meet necessary standards.

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Download as xlsx, pdf, or txt
    109 views35 pages

    Qesh - DCC Tairo Worksheet

    Uploaded by

    Pia Silva Pineda
    The document outlines 9 risks related to corporate processes and ownership. The risks range from business strategy not accommodating changes to loss or damage of records. For each risk, the document identifies potential consequences, assigns consequence scores for impact and likelihood, and lists applicable legal and quality requirements. Maintaining accurate risk information helps ensure corporate processes meet necessary standards.

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Download as xlsx, pdf, or txt
    of 35

    PROCESS

    OWNERSHIP
    LOCATION / PROJECT SITE : CORPORATE OFFICE
    DEPARTMENT / SECTION : QESH - DCC
    As of : DECEMBER 2017

    SOURCE
    DEPT/ AREA/ PROCESS/ PRODUCTS/
    NO ACTIVITIES/ EVENTS
    FUNCTION SERVICES

    Creation / revision of
    1 DCC procedures
    Ensuring that changes and
    current revision status of
    document are identified

    Registration and stamping of


    2 DCC documents

    Ensuring that relevant Distribution and maintenance


    3 DCC version of documents are of controlled documented
    available at point of use information

    Managing of electronic Uploading of electronic copies


    4 DCC documents of documents in file server

    ensuring that documents of


    Registration and distribution of
    5 DCC external documents are
    external documents
    identified and distributed

    1 of 35
    QF47 Rev00 15 AUG 2017
    PROCESS
    6 DCC OWNERSHIP Archival and safekeeping of
    records
    Maintenance of active and
    inactive records
    7 DCC Disposal of records

    Conducting trainings and


    8 DCC orientation of records
    management

    Centralization of all Project


    9 DCC Records

    Prepared by:

    Ma. Sofia S. Pineda


    Corporate Document Control Officer
    Name/Signature/Position

    2 of 35
    QF47 Rev00 15 AUG 2017
    PROCESS
    OWNERSHIP

    OURCE
    R/ INFRASTRUCTURE/
    OWNER/S INPUTS OUTPUTS
    NR EQUIPMENT
    Manhours,
    Documented
    Office supplies,
    Corporate Information like
    Data, external &
    Document NR Procedure,
    Internal
    Control Officer Office equipment (e.g. Reference, Records,Guideli
    Computer/laptop), Table Expertise. Etc. nes, etc.
    and Chairs
    System on
    Manhours,
    Control of
    NR Stamps, stamp
    documents and
    pad, Ink, etc
    records
    Documented
    Manhours,
    Information like
    Printer, scanner, Office supplies
    R Procedure,
    photocopier, etc. (e.g. Papers,
    Records,Guideli
    ink, etc)
    nes, etc.

    Office equipment (e.g. Manhours, Local access of


    Computer/laptop, Energy, Local documented
    NR
    scanner, server, etc.), Area Network information,
    Table and Chairs (LAN), Data, etc. electricity

    Manhours,
    Office equipment (e.g.
    External
    Computer/laptop, Guidelines,
    NR References,
    scanner, server, etc.), Records, etc.
    Data, Office
    Table and Chairs
    supplies, etc.

    3 of 35
    QF47 Rev00 15 AUG 2017
    PROCESS
    NR OWNERSHIP
    Office equipment (e.g.
    Computer/laptop,
    scanner, server, etc.),
    Manhours,
    Records,
    Knowledge,
    Knowledge,
    Records, history
    Room/Library. History
    Office equipment such as
    Electricity,
    shredder machine, Manhours,
    NR Recyclable
    Material Recovery Energy,
    materials
    Facility
    Office equipment (e.g.
    Manhours, Electricity,
    Computer/laptop,Project
    R Office supplies, Knowledge,
    or), Training room, Table
    Energy Information.
    and Chairs
    Office equipment (e.g.
    Manhours,
    Computer/laptop,
    R Office supplies, Records/Data
    scanner, server, etc.),
    Energy
    Room/Library.

    Approved by:

    Ronald M. Sorreda
    QESH Manager
    Name/Signature/Position

    4 of 35
    QF47 Rev00 15 AUG 2017
    RISK DATABASE REGISTRY
    LOCATION / PROJECT SITE : CORPORATE OFFICE
    DEPARTMENT / SECTION : QESH - DCC
    As of : DECEMBER 2017

    RISK IDENTIFICATION SEVERITY OF


    I CONSEQUENCE SCORES
    Q
    U L APPLICABLE LEGAL AND OTHER
    RISK GENERIC DESCRIPTION CONSEQUENCES/ IMPACTS E A E O
    P
    R
    E REQUIREMENTS/PRACTICES
    L G
    ID OF EVENTS RISK I A E
    R
    P
    U
    T L
    Y
    1 Conflict to client
    need/expectation; Delay on
    service; Preventing
    Business strategy does not
    opportunities on business ISO 9001 - Clause 10.3 Continual
    accommodate changing in I/E 25 20 10 20
    advancement; Loss of client's improvement
    process / system
    confidence to award the
    service

    2 Loss of significant portion of


    Concentration of services client work; Failure of practice;
    provided in an area of Loss of business development; I/E 20 20 ISO 9001 - Clause 10.3 Continual
    5 20
    advice/compliance or to a Limited in providing service. improvement
    particular industry

    3 Serious disruption to service


    Disengagement of Interested Loss of Contract requirement (Contractors
    I/E 25 20 25 20
    Parties over change strategy client fees obligation)

    Pressures on fixed overheads


    Delay on work schedule
    QF48 Rev00 15 AUG 2017 5 of 35
    RISK DATABASE REGISTRY
    4 Cost of delay; Increase of
    Disruption to provision of manpower cost without output; Contract requirement (Contractors
    poor customer satisfaction. I 25 20 20 Chec
    15
    services ked obligation)
    by:
    5 Cost to practice

    Failure to meet legislative


    I/E 25 25 20 20 Labor Code; DOLE: Workers Welfare
    requirements Lower staff morale Chec
    ked
    by:
    6 Poor customer satisfaction;
    Loss of client; Lower ISO 9001 - Clause 10.3 Continual
    Failure to meet the needs and staffs/workers morale.
    improvement; Labor Code; DOLE:
    expectation of interested I/E 25 20 20 25
    Workers Welfare; Contract requirement
    parties
    (Contractors obligation)

    7 Loss of information; Loss of


    revenue; Loss of opportunity to
    Failure to backup data and transfer knowledge; Additional I 15 20 20 20 ISO 9001 - Clause 7.5 Documented
    records man-hrs to rework. Information

    8 Poor cash-flow Chec


    ked
    Failure to collect receivables in Outstanding debts become by:
    uncollectable I 10 5 25 20 Prescribe practice
    a timely manner
    Loss of revenue

    QF48 Rev00 15 AUG 2017 6 of 35


    RISK DATABASE REGISTRY
    9 Penalties and fines Chec
    ked
    Failure to comply with by:
    APPLICABLE LEGAL AND OTHER
    regulatory, legal and policy Increased scrutiny from I/E 25 25 25 25
    REQUIREMENTS
    obligations regulators
    Reputational damage

    10 Loss of revenue/Loss of Chec


    additional income to support ked
    Failure to fully recognise by:
    the business; Failure of I 20 10 20 20 Prescribe
    Checked by: practice System Procedure
    revenue
    practice.
    11 Loss of revenue/Loss of Chec
    ked
    Failure to identify new service additional income to support by:
    the business; Failure of I/E 20 10 20 20 Prescribe
    Chec
    Checked by: practice / System Procedure
    offerings ked
    practice. by:
    12 Loss of revenue
    Failure to make or execute Failure Contract requirement (Contractors
    strategic decisions in a timely to capitalise on opportunities I 25 20 20 Chec
    25
    manner ked obligation)
    by:
    13 Cost to business;
    Questionable decision making
    Failure to manage conflict of Project/Product specification/System
    I 25 15 20 20
    interest procedure
    Serious disruption to
    service

    Loss of information;
    Failure to manage records of Hard to retrieve records; System Procedure / Standard
    14 Serious disruption to service I 15 15 20 20
    the organization/company specification
    Cause of delay

    QF48 Rev00 15 AUG 2017 7 of 35


    RISK DATABASE REGISTRY
    15 Serious disruption to service;
    Possible loss of revenue;
    Failure to monitor contract Possible failure on recognizing Contract requirement (Contractors
    I 20 20 15 20
    agreements full revenue; obligation) / System procedure

    Possible failure of
    16 Damage relationship with client
    Failure to provide through sub-standard service
    qualified/competent and or delivery
    I 25 20 25 25 ISO 9001 Clause 7.2 Competence
    appropriate training and skill
    development for workers Poor staff
    retention

    17 Poor client services Chec


    ked
    Inadequate staff numbers to by:
    Loss of clients I/E 10 15 20 25 Prescribe practice System Procedure
    provide high quality services
    Increased
    18 Increase of investment, Chec
    Increase in man-hours; loss of ked
    by:
    Increase in staff turnover and opportunity for business
    development; Loss of client's I 25 15 25 20 Prescribe practice System Procedure
    therefore loss of knowledge
    confidence; Cause of delay to
    operation

    19 Penalties and fines Chec


    Increase in Workers' ked
    E 15 25 20 20 'Labor Code; DOLE: Workers Welfare
    Compensation claims by:
    Increased scrutiny from
    20 Loss of reputation and
    supporting funds to grow and Contract requirement (Contractors
    Increased risk of fraud I/E 15 20 20 20
    sustain the business obligation) / System procedure

    QF48 Rev00 15 AUG 2017 8 of 35


    RISK DATABASE REGISTRY
    21 Significant loss of reputation Chec
    Incorrect Pricing strategy for and client fees ked
    I 15 20 15 20 Customer/Industry
    by:
    Requirements
    the services/equipment rental

    22 Technical expertise not fully Chec


    utilised ked
    Lack of cooperation between by:
    I 20 15 15 15 Prescribe practice System Procedure
    service areas Increased likelihood of claims

    Poor
    23 Cost to practice; Disruption to Chec
    client service; Possible loss of ked
    Lack of maintenance to office client; Delay works; loss of by:
    Prescribe practice System Procedure;
    premises or improper usage of confidence I 20 20 20 25
    Customer/Industry Requirements
    facilities or resources

    24 Loss of key business Chec


    intelligence, loss of clients ked
    Lack of continuity of client by: Prescribe practice System Procedure;
    Loss of key staff member I/E 15 20 25 25
    service Customer/Industry Requirements

    25 Serious disruption to service Chec


    ked
    Loss or damage to office by: Prescribe
    Possible practice System Procedure;
    premises, office equipment, I 15 20 25 25
    failure of business Loss of Customer/Industry Requirements
    company/client resources
    Asset
    26 Loss of key business
    Loss or serious impairment of intelligence, inability to service
    clients, APPLICABLE LEGAL AND OTHER
    key Personnel / Workers / I/E 25 25 25 25
    Lack of continuity of client REQUIREMENTS
    Partners
    service

    QF48 Rev00 15 AUG 2017 9 of 35


    RISK DATABASE REGISTRY
    27 Serious disruption to service Chec
    ked
    Possible by: Prescribe practice System Procedure;
    Management Override I 20 20 20 20
    failure of business Customer/Industry Requirements
    Lower subordinates Morale
    28 Significant loss of reputation Chec
    and client fees ked
    Negative comment on social by: Prescribe practice System Procedure;
    E 25 20 15 25
    media Customer/Industry Requirements

    29 Loss of client records


    Poor client service
    Security of data compromised Loss of clients I 20 10 10 25 Prescribe practice System Procedure

    30 Partnership profitability
    reduced
    Significant unexpected change Project/Product specification/System
    I/E 20 15 20 15
    in practice overheads Failure of practice procedure

    31 Cost to business

    Uninsured loss due to flood or APPLICABLE LEGAL AND OTHER


    I/E 25 25 25 25
    fire Serious disruption to service REQUIREMENTS

    Possible

    QF48 Rev00 15 AUG 2017 10 of 35


    RISK DATABASE REGISTRY

    MONITORING AND MEASUREMENT


    RECORDS GENERATED/
    PARAMETER MEANS OF FREQUENCY
    MONITORING

    Non-conformance
    No. of customer complain
    Report / Corective As Needed
    and magnitude of impacts
    Action Request

    No. of Non-conformance Non-conformance


    Report and magnitude of Report / Corective As Needed
    impacts Action Request

    Customer feedback
    No. of work stoppage/No. of report; Non-
    Non-conformance Report conformance Report / As Needed
    and magnitude of impacts Corective Action
    Request

    QF48 Rev00 15 AUG 2017 11 of 35


    RISK DATABASE REGISTRY
    Customer feedback
    No. of work stoppage/No. of report; Non-
    Non-conformance Report conformance Report / As Needed
    and magnitude of impacts Corrective Action
    Request
    Customer feedback
    No. of Complains of workersk
    report; Non-
    / No. of Non-conformance
    conformance Report / As Needed
    Report and magnitude of
    Corrective Action
    impacts
    Request

    No. of Complains of workersk Customer feedback


    / No. of Non-conformance report; Non-
    Report / Corrective Action conformance Report / As Needed
    Request (CAR) and Corrective Action
    magnitude of impacts Request

    No. of Non-conformance
    Non-conformance
    Report / Corrective Action
    Report / Corrective As Needed
    Request (CAR) and
    Action Request
    magnitude of impacts

    No. of Corective Action


    Corrective Action
    Request (CAR) and As Needed
    Request
    magnitude of impacts

    QF48 Rev00 15 AUG 2017 12 of 35


    RISK DATABASE REGISTRY
    No. of Complains from
    workers / No. of Non-
    Masterlist of applicable
    conformance Report / Quarterlly
    legal and other
    Corrective Action Request basis
    requirement
    (CAR) and magnitude of
    impacts

    No. of Corrective Action Corrective Action


    Request (CAR) and Request and Contract Monthly
    magnitude of impacts Review

    No. of unidetified projects List of defined projects


    As Needed
    and cost of possible revenue vs. possible projects

    No. of Non-conformance
    Report / Corrective Action S-curved / Project
    Monthly
    Request (CAR) and execution Plan
    magnitude of impacts
    No. of Complains from
    Customer feedback
    workersk / No. of Non-
    report; Non-
    conformance Report /
    conformance Report / As Needed
    Corrective Action Request
    Corective Action
    (CAR) and magnitude of
    Request
    impacts
    Non-conformance Report /
    Non-conformance
    Corrective Action Request
    Report / Corective As Needed
    (CAR) and magnitude of
    Action Request
    impacts

    QF48 Rev00 15 AUG 2017 13 of 35


    RISK DATABASE REGISTRY
    Non-conformance Report /
    Non-conformance
    Corrective Action Request
    Report / Corective As Needed
    (CAR) and magnitude of
    Action Request
    impacts

    Skills / Training records Skills Inventory Monthly

    Time and motion Man-power loading As Needed

    No. of employees Complain / Masterlist of applicable


    Quarterlly
    Corrective Action Request legal and other
    basis
    (CAR) requirement

    No. of employees Complain / Masterlist of applicable


    Quarterlly
    Corrective Action Request legal and other
    basis
    (CAR) requirement

    No. of Corrective Action Corrective Action


    As Needed
    Request (CAR) Request (CAR)

    QF48 Rev00 15 AUG 2017 14 of 35


    RISK DATABASE REGISTRY
    No. of Corrective Action Corrective Action
    As Needed
    Request (CAR) Request (CAR)

    No. of Corrective Action Corrective Action


    As Needed
    Request (CAR) Request (CAR)

    Customer feedback
    No. of Complains of
    report; Non-
    workers / No. of Non-
    conformance Report / As Needed
    conformance Report and
    Corrective Action
    magnitude of impacts
    Request

    Customer feedback
    No. of Complains of
    report; Non-
    workers / No. of Non-
    conformance Report / As Needed
    conformance Report and
    Corrective Action
    magnitude of impacts
    Request
    Customer feedback
    No. of Non-conformance
    report; Non-
    Report / Corrective Action
    conformance Report / As Needed
    Request (CAR) and
    Corrective Action
    magnitude of impacts
    Request

    Incident/Accident
    Safety Statistic Report Monthly
    Investigation Report

    QF48 Rev00 15 AUG 2017 15 of 35


    RISK DATABASE REGISTRY
    Customer feedback
    No. of Non-conformance
    report; Non-
    Report / Corrective Action
    conformance Report / As Needed
    Request (CAR) and
    Corrective Action
    magnitude of impacts
    Request
    Customer feedback
    No. of Non-conformance
    report; Non-
    Report / Corrective Action
    conformance Report / As Needed
    Request (CAR) and
    Corrective Action
    magnitude of impacts
    Request
    Customer feedback
    No. of Non-conformance
    report; Non-
    Report / Corrective Action
    conformance Report / As Needed
    Request (CAR) and
    Corrective Action
    magnitude of impacts
    Request
    Customer feedback
    No. of Non-conformance
    report; Non-
    Report / Corrective Action
    conformance Report / As Needed
    Request (CAR) and
    Corrective Action
    magnitude of impacts
    Request
    Customer feedback
    No. of Non-conformance
    report; Non-
    Report / Corrective Action
    conformance Report / As Needed
    Request (CAR) and
    Corrective Action
    magnitude of impacts
    Request

    QF48 Rev00 15 AUG 2017 16 of 35


    TAIRO WORKSHEET
    LOCATION / PROJECT SITE : CORPORATE OFFICE
    DEPARTMENT / SECTION : QESH - DCC
    As of : DECEMBER 2017

    RISK ASSESSMENT

    EVENT DESCRIPTION SEVERITY OF CONSEQUENCE


    SCORES
    DETAILED CALCULATION/ RATING
    (can be hidden)

    L Q Q
    GENERIC N I EXST U
    L O R OVERALL RISK U
    L O R
    RISK / I CONSEQUENCES/ K CTRL A
    E P E LEVEL A
    E P E
    DESCRIPTION OF RISK CAUSAL FACTORS A / E L
    G T P
    L
    G R P
    ID / E IMPACTS I I
    EVENTS E T
    A N U
    T
    A N U
    Y Y

    from new revised standard (e.g. Conflict to client


    ISO 9001:2015); Software for need/expectation; Delay
    Business strategy
    contrroling/managing Documents; on service; Preventing
    does not
    due to the un updated reference A/ I/ opportunities on
    1 accommodate 3 0.6 25 20 10 20 Blue 45 36 18 36
    used; wrong uploaded of E E business advancement;
    changing in process / documents; due to un established
    Loss of client's
    system control of documented information confidence to award the
    procedure
    service
    Disengagement of
    Due to the Loss of
    Interested Parties A/ I/
    3 cancelation/disqualification of ISO client fees 2 0.6 25 20 25 20 Blue 30 24 30 24
    over change strategy certification E E
    Pressures on fixed

    Failure to meet the Poor customer


    needs and from defined Interested parties A/ I/ satisfaction; Loss of
    6 5 0.6 25 20 20 25 Yellow 75 60 60 75
    expectation of Needs and expectation QF46 E E client; Lower
    interested parties staffs/workers morale.

    QF49 Rev00 15 AUG 2017 19 of 35


    TAIRO WORKSHEET
    EVENT DESCRIPTION
    RISK ASSESSMENT
    SEVERITY OF CONSEQUENCE
    SCORES
    DETAILED CALCULATION/ RATING
    (can be hidden)

    L Q Q
    GENERIC N I EXST U
    L O R OVERALL RISK U
    L O R
    RISK / I CONSEQUENCES/ K CTRL A
    E P E LEVEL A
    E P E
    DESCRIPTION OF RISK CAUSAL FACTORS A / E L
    G T P
    L
    G R P
    ID / E IMPACTS I I
    EVENTS E T
    A N U
    T
    A N U
    Y Y

    of the client, due to Loss of information;


    laptop/computer malfunction; Loss of revenue; Loss of
    during downtime of computer; un
    Failure to backup A/ opportunity to transfer
    7 availability of of external hard I 5 0.6 15 20 20 20 Yellow 45 60 60 60
    data and records drive; no define frequency or E knowledge; Additional
    procedure on records/data back up man-hrs to rework.
    schedule; due to not oriented.
    Penalties and fines
    Failure to comply with
    like record management, control of I/
    9 regulatory, legal and documents/records A 3 0.6 25 25 25 25 Blue 45 45 45 45
    E Increased
    policy obligations
    scrutiny from regulators
    additional income
    Reputational to
    damage
    support the business;
    Failure to fully from unnecessary reproduction of
    10 A I Failure of practice. 5 1.9 20 10 20 20 Red 190 95 190 190
    recognise revenue record/documents

    like contracts,inventory and Loss of information;


    Failure to manage updating of quality records, Hard to retrieve
    14 records of the external/internal references, due to A I records; Serious 3 1.55 15 15 20 20 Yellow 69.8 69.8 93 93
    organization/company un availability of electronic disruption to service
    management system. Cause of delay
    with client through sub-
    standard service
    Failure to provide delivery
    qualified/competent
    due to not attending continuous
    and or appropriate
    16 knowledge through A I 2 1.16 25 20 25 25 Yellow 58.2 46.6 58.2 58.2
    training and skill external/interanl trainings/seminars Poor staff retention
    development for
    workers
    Increased likelihood
    of claims; Poor

    QF49 Rev00 15 AUG 2017 20 of 35


    TAIRO WORKSHEET
    EVENT DESCRIPTION
    RISK ASSESSMENT
    SEVERITY OF CONSEQUENCE
    SCORES
    DETAILED CALCULATION/ RATING
    (can be hidden)

    L Q Q
    GENERIC N I EXST U
    L O R OVERALL RISK U
    L O R
    RISK / I CONSEQUENCES/ K CTRL A
    E P E LEVEL A
    E P E
    DESCRIPTION OF RISK CAUSAL FACTORS A / E L
    G T P
    L
    G R P
    ID / E IMPACTS I I
    EVENTS E T
    A N U
    T
    A N U
    Y Y

    Increased
    from departmental and project DC; likelihood of claims
    Lack of cooperation
    during submittals of monthly
    22 between service reports; like proper disdribution of
    A I 5 0.6 20 15 15 15 Yellow 60 45 45 45
    areas required documents Poor partner retention

    Serious disruption to
    Loss or damage to
    Due to improper usage of office service
    office premises, office
    equipment; due to un famillian on
    25 equipment, how to use the office equipment.
    A I 4 0.6 15 20 25 25 Yellow 36 48 60 60
    Possible
    company/client Un authorized use/access network failure of business Loss
    resources
    of Asset
    due to unsecured access of Local Loss of client records
    Security of data Area Network/server; due to
    29 unauthorize acess to
    A I Poor client service 4 1.85 20 10 10 25 Red 148 74 74 185
    compromised
    library/archive room Loss of clients

    PREPARED BY:

    Ma. Sofia S. Pineda


    Corporate Document Control Officer

    QF49 Rev00 15 AUG 2017 21 of 35


    TAIRO WORKSHEET
    EVENT DESCRIPTION
    RISK ASSESSMENT
    SEVERITY OF CONSEQUENCE
    SCORES
    DETAILED CALCULATION/ RATING
    (can be hidden)

    L Q Q
    GENERIC N I EXST U
    L O R OVERALL RISK U
    L O R
    RISK / I CONSEQUENCES/ K CTRL A
    E P E LEVEL A
    E P E
    DESCRIPTION OF RISK CAUSAL FACTORS A / E L
    G T P
    L
    G R P
    ID / E IMPACTS I I
    EVENTS E T
    A N U
    T
    A N U
    Y Y

    QF49 Rev00 15 AUG 2017 22 of 35


    TAIRO WORKSHEET
    C
    H
    A
    N
    G
    E
    S
    EFFECTIVENESS OF EXISTING

    DESCRIPTION OF EXISTING TREATMENTS


    N/ RATING H
    CONTROLS L
    (ADJUSTMENT
    A FACTOR)I
    C (E - NOTRAPPLICABLE;
    K 0-3-
    RANKING Average CHANGE O
    R
    E
    INEFFECTIVE;
    A
    E
    4 - EFFECTIVE)
    L
    W/O Risk APPLICABLE LEGAL M A
    LEGAL
    Rating REQUIREMENT LIKELIHO P V
    E / C I

    AVOID REDUCE SHARE / TRANSFER ACCEPT L O


    D
    U T
    C
    E
    H
    O
    EXST
    CTRL
    OD/SEVE I
    D
    C
    E
    R
    A
    P
    T
    O
    D
    RITY N
    S /
    F
    E S
    R E
    Contract with partner to V
    E
    Audit the Quality R
    Updating current Monitoring and Strict I
    ISO 9001 - Clause Management System T
    version of all Implementation of
    Blue

    Y
    33.75 10.3 Continual (TUV SUD); Part of the 4 E 4 4 4 E 0.6
    internal and Control of Documented
    improvement Company Rules and
    external references Information QP01,
    regulation to be imposed
    by the HR Department

    Contract
    Establish Internal
    requirement Establish Internal
    Blue

    27 quality audit 4 E 4 4 E E 0.6


    (Contractors quality audit system
    system
    obligation)
    ISO 9001 - Clause
    10.3 Continual
    improvement;
    Identifying the Action plan and
    Labor Code;
    Yellow

    Interested Parties Part of the requirements monitoring of needs and


    67.5 DOLE: Workers 4 E 4 4 2 E 0.6
    and ther Needts of ISO 9001:2015 expectation of thr
    Welfare; Contract
    and expectation interested parties.
    requirement
    (Contractors
    obligation)

    QF49 Rev00 15 AUG 2017 23 of 35


    TAIRO WORKSHEET
    C
    H
    A
    N
    G
    E
    S
    EFFECTIVENESS OF EXISTING

    DESCRIPTION OF EXISTING TREATMENTS


    N/ RATING H
    CONTROLS L
    (ADJUSTMENT
    A FACTOR)I
    C (E - NOTRAPPLICABLE;
    K 0-3-
    RANKING Average CHANGE O
    R
    E
    INEFFECTIVE;
    A
    E
    4 - EFFECTIVE)
    L
    W/O Risk APPLICABLE LEGAL M A
    LEGAL
    Rating REQUIREMENT LIKELIHO P V
    E / C I

    AVOID REDUCE SHARE / TRANSFER ACCEPT L O


    D
    U T
    C
    E
    H
    O
    EXST
    CTRL
    OD/SEVE I
    D
    C
    E
    R
    A
    P
    T
    O
    D
    RITY N
    S /
    F
    E S
    R E
    Established Control V
    ISO 9001 - Clause Coordinate with IT E
    Yellow

    of Records and Monitoring of Records R


    56.25 7.5 Documented Department for the 4 E 4 3 3 E 0.6 I
    data back-up Management T
    Information Network system Y
    system

    APPLICABLE Monitoring of CAR issued


    LEGAL AND Established Part of the Internal to the department
    Blue

    45 4 E 4 3 2 E 0.6
    OTHER Auditing System quality Audit pertaining records
    REQUIREMENTS management

    Prescribe practice Reusing of one


    Red

    166.25 4 E 2 E E E 1.9
    System Procedure side print paper

    System
    Established
    Yellow

    Procedure /
    81.375 Incoming / Transmittal Letter 4 E 3 E 3 E 1.55
    Standard
    outgoing process
    specification

    Established Yearly
    Yellow

    ISO 9001 Clause Coordinated to the


    55.3036 inventory of Part of the training Plan 4 E 3 3 3 E 1.164
    7.2 Competence Training Department
    Training attended

    QF49 Rev00 15 AUG 2017 24 of 35


    TAIRO WORKSHEET
    C
    H
    A
    N
    G
    E
    S
    EFFECTIVENESS OF EXISTING

    DESCRIPTION OF EXISTING TREATMENTS


    N/ RATING H
    CONTROLS L
    (ADJUSTMENT
    A FACTOR)I
    C (E - NOTRAPPLICABLE;
    K 0-3-
    RANKING Average CHANGE O
    R
    E
    INEFFECTIVE;
    A
    E
    4 - EFFECTIVE)
    L
    W/O Risk APPLICABLE LEGAL M A
    LEGAL
    Rating REQUIREMENT LIKELIHO P V
    E / C I

    AVOID REDUCE SHARE / TRANSFER ACCEPT L O


    D
    U T
    C
    E
    H
    O
    EXST
    CTRL
    OD/SEVE I
    D
    C
    E
    R
    A
    P
    T
    O
    D
    RITY N
    S /
    F
    E S
    Defining specific R E
    Yellow

    V
    Prescribe practice Duties and E
    48.75 4 E 4 E E E 0.6 R
    System Procedure responsibilities of I
    T
    DC Y

    Prescribe practice
    Orientation
    Yellow

    System Procedure;
    51 Process Prior to 4 E 4 E E E 0.6
    Customer/Industry
    mobilization
    Requirements

    Estabishing
    Prescribe practice
    Red

    120.25 Autorization to 4 E 3 E E E 1.85


    System Procedure
    access

    APPROVED BY:

    Ronald M. Sorreda
    QESH Manager

    QF49 Rev00 15 AUG 2017 25 of 35


    TAIRO WORKSHEET
    C
    H
    A
    N
    G
    E
    S
    EFFECTIVENESS OF EXISTING

    DESCRIPTION OF EXISTING TREATMENTS


    N/ RATING H
    CONTROLS L
    (ADJUSTMENT
    A FACTOR)I
    C (E - NOTRAPPLICABLE;
    K 0-3-
    RANKING Average CHANGE O
    R
    E
    INEFFECTIVE;
    A
    E
    4 - EFFECTIVE)
    L
    W/O Risk APPLICABLE LEGAL M A
    LEGAL
    Rating REQUIREMENT LIKELIHO P V
    E / C I

    AVOID REDUCE SHARE / TRANSFER ACCEPT L O


    D
    U T
    C
    E
    H
    O
    EXST
    CTRL
    OD/SEVE I
    D
    C
    E
    R
    A
    P
    T
    O
    D
    RITY N
    S /
    F
    E S
    R E
    V
    E
    R
    I
    T
    Y

    QF49 Rev00 15 AUG 2017 26 of 35


    TAIRO WORKSHEET
    ADDITIONAL TREATMENTS/ IMPROVEMENTS
    CHANGE
    SHARE /
    AVOID REDUCE TRANSFER
    ACCEPT LIKELIHOO
    D/SEVERITY

    QF49 Rev00 15 AUG 2017 27 of 35


    TAIRO WORKSHEET
    ADDITIONAL TREATMENTS/ IMPROVEMENTS
    CHANGE
    SHARE /
    AVOID REDUCE TRANSFER
    ACCEPT LIKELIHOO
    D/SEVERITY

    QF49 Rev00 15 AUG 2017 28 of 35


    TAIRO WORKSHEET
    ADDITIONAL TREATMENTS/ IMPROVEMENTS
    CHANGE
    SHARE /
    AVOID REDUCE TRANSFER
    ACCEPT LIKELIHOO
    D/SEVERITY

    QF49 Rev00 15 AUG 2017 29 of 35


    RISK SUMMARY and
    CORRESPONDING TREATMENT
    LOCATION / PROJECT SITE : CORPORATE OFFICE
    DEPARTMENT / SECTION : QESH - DCC
    As of : DECEMBER 2017

    NO. RISK RATING


    EVENT RISKS CAUSAL FACTORS
    ID (R, Y, B)

    Failure to fully
    from unnecessary reproduction of
    1 10 recognise RED
    record/documents
    revenue

    due to unsecured access of Local


    Security of data Area Network/server; due to
    2 29 RED
    compromised unauthorize acess to library/archive
    room

    Failure to
    like contracts,inventory and updating
    manage
    of quality records, external/internal
    3 14 records of the YELLOW
    references, due to un availability of
    organization/co
    electronic management system.
    mpany

    Failure to meet
    the needs and
    from defined Interested parties Needs
    4 6 expectation of YELLOW
    and expectation QF46
    interested
    parties

    30 of 35
    RISK SUMMARY and
    CORRESPONDING TREATMENT
    of the client, due to laptop/computer
    malfunction; during downtime of
    Failure to
    computer; un availability of of external
    5 7 backup data YELLOW
    hard drive; no define frequency or
    and records
    procedure on records/data back up
    schedule; due to not oriented.

    Failure to
    provide
    qualified/compe
    due to not attending continuous
    tent and or
    6 16 knowledge through external/interanl YELLOW
    appropriate
    trainings/seminars
    training and skill
    development for
    workers

    Loss or damage
    to office Due to improper usage of office
    premises, office equipment; due to un famillian on how
    7 25 YELLOW
    equipment, to use the office equipment. Un
    company/client authorized use/access network
    resources

    Lack of from departmental and project DC;


    cooperation during submittals of monthly reports;
    8 22 YELLOW
    between like proper disdribution of required
    service areas documents
    Failure to
    comply with
    like record management, control of
    9 9 regulatory, legal
    documents/records
    BLUE
    and policy
    obligations
    Business from new revised standard (e.g. ISO
    strategy does 9001:2015); Software for
    not contrroling/managing Documents;
    10 1 accommodate due to the un updated reference BLUE
    changing in used; wrong uploaded of documents;
    process / due to un established control of
    system documented information procedure

    31 of 35
    RISK SUMMARY and
    CORRESPONDING TREATMENT
    Disengagement
    of Interested
    Due to the cancelation/disqualification
    11 3 Parties over
    of ISO certification
    BLUE
    change strategy

    Prepared by:

    Signature Over Printed Name & Date

    32 of 35
    RISK SUMMARY and
    CORRESPONDING TREATMENT

    KPI's MONITORING AND MEASUREMENT


    SYSTEM PROCEDURES
    (IF ANY) PARAMETERS FREQUENCY
    30% Waste
    Daily and
    generated Waste Management
    Monthly Waste Quarterly
    Converted into Procedure
    Records
    Cash

    100%
    monitoring and
    control of IT Request Form/
    Control of Documented
    access to Document Monthly
    Information
    company Change Request
    documents and
    records.

    Document
    Change Request,
    Document
    Revision
    Registry,
    Records
    Control of Documented
    Management Monthly
    Information
    Table, Document
    Issuance and
    Retrival Form,
    Document
    Reproduction
    Form

    Corrective Action Report Minutes of


    Monthly
    (CAR) Procedure Meeting / CAR

    33 of 35
    RISK SUMMARY and
    CORRESPONDING TREATMENT
    Document /
    Control of Documented
    Records Back-up Monthly
    Information
    Report Form

    Training Plan /
    Training and
    Training Monthly
    Development Procedure
    Requisition Form

    Materials Management ESH&S Statistic


    Monthly
    Procedure Report

    Attendance /
    Internal and External
    Minutes of Monthly
    Communication Process
    Meeting

    34 of 35
    RISK SUMMARY and
    CORRESPONDING TREATMENT

    Approved by:

    Signature Over Printed Name & Date

    35 of 35

    You might also like