Risk is the newest term used in management systems for this decade. In terms of functioning quality systems, all should have addressed risk prior to the term being use. Most do not consider that the purpose of the requirement in the previous standards for preventive action was to address risk.
Each process should address risk during planning and evaluation. When you think about it, most companies are addressing risk on a constant basis. When you receive a request for quote, or review a purchase order from a customer, what is the purpose of the review? To determine and act on risk. Why do you take time to determine whether a supplier is acceptable? Why do you plan your processes? What do you consider when doing this? Risks!!
In addition to the normal course of doing business, you also have the review of metric and performance which leads to risk analysis. An organization may implement a risk action or opportunity based on company performance or an objective or target which has not been achieved.
The new requirements have brought about a state of panic from many companies which is unfounded. The point is to use common sense when planning your system. Do not create documents which are non value added just to meet a requirement that you do not understand. Quality Innovations can help you understand and document these processes in order to prevent unnecessary work.