ISO

and

ICT

IT OPERATIONS AND ISO

14.04.23 1

ISO

and

ICT

Importance of the ICT standards

Overview of the standards

IT standards and ISO 9001 comparison

Integration of ICT into ISO

14.04.23 2

ISO

and

ICT

14.04.23 3

ISO

and

ICT

IT best practices are important because:Enable effective governance of IT activitiesmanagement of IT is critical to the success

of enterprise strategymanagement framework is needed so

everyone knows what to do (policy, internal controls and defined practices).

Provide many benefits - including efficiency gains, less reliance on experts, fewer errors, increased trust from business partners, respect from regulators etc.

14.04.23 4

ISO

and

ICT

14.04.23 5

ISO

and

ICT

The ISO standards are structured to be integrated into any organization's existing management system

The goal of ISO standards is meeting and exceeding customers’ expectations.

The ISO standards are compatible among themselves

Benefits from ISO certification: Increasing customer expectations and confidence Documenting and measuring quality Using consistent terminology and processes Implementing continual improvement initiatives

14.04.23 6

ISO

and

ICT

Quality management system – Requirements

Introduces the Quality Management System, a model for continual improvement and customer satisfaction

Suitable for any organization looking to improve the way it is operated and managed, regardless of size or sector.

It helps bringing out the best in organization by enabling understanding of the processes for delivering products/services to the customers.

14.04.23 7

ISO

and

ICT

14.04.23 8

ISO

and

ICT

ISO27001:2005

4. Information Security Management System

4.1 General Requirements4.2 Establishing and managing

the ISMS4.2.1 Establish the ISMS4.2.2 Implement and operate

the ISMS4.2.3 Monitor and review the

ISMS4.2.4 Maintain and improve the

ISMS4.3 Documentation

Requirements4.3.1 General4.3.2 Control of documents4.3.3 Control of records

• ISO9001:2008

4. Quality Management System4.1 General Requirements

8.2.3 Monitoring and measurement of processes

8.2.4 Monitoring and measurement of products

4.2 Documentation Requirements

4.2.1 General4.2.2 Quality manual4.2.3 Control of

documents4.2.4 Control of records

14.04.23 9

ISO

and

ICT

ISO20000:20053.1 Management

responsibility

3.2 Documentation requirements

3.3 Competence, Awwareness and Training

4.1 Plan service management

4.3 Monitoring measuring and Reviewing

• ISO9001:20005. Management commitment

4.2 Documentation requirements

6.2.2 Competence, Awwareness and Training

7. Planning of product realization

8.2.2 Internal audit

8.2.3 Monitoring and measuring Processes

14.04.23 10

ISO

and

ICT

14.04.23 11

ISO

and

ICT

Standards and best practices are not a panacea

Effectiveness of standards depends on how they have been actually implemented and kept up to date.

IT best practices need to be:aligned to business requirement integrated with one another integrated with internal procedures i.e. the

existing management system of the organisation.

14.04.23 12

ISO

and

ICT

Appoint a team; with a team lead to assist in undertaking entire integration process

Determine and rope in ICT Section (SAP related) in the scope of the QMS Manual

Establish ICT procedures requiring to be documented as part of the Quality Management System (QMS)

Proceed to document the operational procedures in the established ISO templates and documentation requirements (involves establishment, documentation, implementation and maintenance activities)

Document Preventive maintenance schedules and weekly plans, maintain other plans where applicable

Training of the team--------------------------------------

13

ISO

and

ICT

14.04.23 14

ISO

and

ICT

14.04.23 15

ISO

and

ICT

14.04.23 16