Upload
john-wachira
View
819
Download
0
Tags:
Embed Size (px)
Citation preview
ISO
and
ICT
IT OPERATIONS AND ISO
14.04.23 1
ISO
and
ICT
Importance of the ICT standards
Overview of the standards
IT standards and ISO 9001 comparison
Integration of ICT into ISO
14.04.23 2
ISO
and
ICT
14.04.23 3
ISO
and
ICT
IT best practices are important because:Enable effective governance of IT activitiesmanagement of IT is critical to the success
of enterprise strategymanagement framework is needed so
everyone knows what to do (policy, internal controls and defined practices).
Provide many benefits - including efficiency gains, less reliance on experts, fewer errors, increased trust from business partners, respect from regulators etc.
14.04.23 4
ISO
and
ICT
14.04.23 5
ISO
and
ICT
The ISO standards are structured to be integrated into any organization's existing management system
The goal of ISO standards is meeting and exceeding customers’ expectations.
The ISO standards are compatible among themselves
Benefits from ISO certification: Increasing customer expectations and confidence Documenting and measuring quality Using consistent terminology and processes Implementing continual improvement initiatives
14.04.23 6
ISO
and
ICT
Quality management system – Requirements
Introduces the Quality Management System, a model for continual improvement and customer satisfaction
Suitable for any organization looking to improve the way it is operated and managed, regardless of size or sector.
It helps bringing out the best in organization by enabling understanding of the processes for delivering products/services to the customers.
14.04.23 7
ISO
and
ICT
14.04.23 8
ISO
and
ICT
ISO27001:2005
4. Information Security Management System
4.1 General Requirements4.2 Establishing and managing
the ISMS4.2.1 Establish the ISMS4.2.2 Implement and operate
the ISMS4.2.3 Monitor and review the
ISMS4.2.4 Maintain and improve the
ISMS4.3 Documentation
Requirements4.3.1 General4.3.2 Control of documents4.3.3 Control of records
• ISO9001:2008
4. Quality Management System4.1 General Requirements
8.2.3 Monitoring and measurement of processes
8.2.4 Monitoring and measurement of products
4.2 Documentation Requirements
4.2.1 General4.2.2 Quality manual4.2.3 Control of
documents4.2.4 Control of records
14.04.23 9
ISO
and
ICT
ISO20000:20053.1 Management
responsibility
3.2 Documentation requirements
3.3 Competence, Awwareness and Training
4.1 Plan service management
4.3 Monitoring measuring and Reviewing
• ISO9001:20005. Management commitment
4.2 Documentation requirements
6.2.2 Competence, Awwareness and Training
7. Planning of product realization
8.2.2 Internal audit
8.2.3 Monitoring and measuring Processes
14.04.23 10
ISO
and
ICT
14.04.23 11
ISO
and
ICT
Standards and best practices are not a panacea
Effectiveness of standards depends on how they have been actually implemented and kept up to date.
IT best practices need to be:aligned to business requirement integrated with one another integrated with internal procedures i.e. the
existing management system of the organisation.
14.04.23 12
ISO
and
ICT
Appoint a team; with a team lead to assist in undertaking entire integration process
Determine and rope in ICT Section (SAP related) in the scope of the QMS Manual
Establish ICT procedures requiring to be documented as part of the Quality Management System (QMS)
Proceed to document the operational procedures in the established ISO templates and documentation requirements (involves establishment, documentation, implementation and maintenance activities)
Document Preventive maintenance schedules and weekly plans, maintain other plans where applicable
Training of the team--------------------------------------
13
ISO
and
ICT
14.04.23 14
ISO
and
ICT
14.04.23 15
ISO
and
ICT
14.04.23 16