Presentation held by Mr.Milan Davidovic as a part of the Certification Session at the 8th SEEITA and 7th MASIT Open Days Conference, 14th-15th October, 2010
1. Integrated Management System
IMS
ICT Certification Solutions for
ISO/IEC Standards
Presenter: Milan Davidovic, NEOCOM
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
2. MASIT Certification Working Group
• Established in 2009
• Reason : Institutions on market started to ask
for different standards
• Some of standards were not accepted by
Standardization Institute of The Republic of
Macedonia
• Knowledge about certifications was not very
expansibility
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
3. MASIT Certification Working Group
• Certifications has to include all processes in
ICT institutions, not only one
• The cost of certifications are very great for the
most number of ICT companies
• Multiple certifications – more documents,
multiple audits, several control visits – COST !
• Once certified – certified forever – WRONG !!!
• Annual control visit for each certification
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
4. MASIT Certification Working Group
• ISRM TC 34 – Information and communication
technologies
• ISRM TC 2 – Electronic communications
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
5. Certifications interested for ICT
• ISO 9001:2008
• ISO/IEC 27001:2005
• ISO/IEC 20000-1:2005, ISO/IEC 20000-2:2005
• ISO 14001:2004
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
6. MKC EN ISO 9001:2009
• Identical to ISO 9001:2008
• Quality Management System
• Widely spread and accepted
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
7. MKC EN ISO/IEC 27001:2010
• Identical to ISO/IEC 27001:2005
• Designed to ensure security controls that
protect information assets
• Information Security Management System
(ISMS)
• Specifies management system that is intended
to bring information security under explicit
management control
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
8. MKC ISO/IEC 20000-1:2010
• Identical to ISO/IEC 20000-1:2005
• The first standard for IT Service management
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
9. MKC EN ISO 14001:2006
• Identical to ISO 14001:2004
• Environmental management system
(standard)
• Assist to companies in continually improving
their environmental performance complying
with legislation
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
10. Integrated Management System
(IMS)
• An Integrated Management System IMS is a
management system which integrates all
components of a business into one coherent
system so as to enable the achievement of its
purpose
• It means putting all the internal management
practices into one system but not as separate
components
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
11. Why should IMS be integrated?
• Improve internal and external communication
• Avoid duplication and gain cost savings
• Reduce risks
• Focus organization onto business goals
• Create a formalization of informal systems
• Harmonize and optimize practices
• Expose conflicting objectives
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
12. Public Available Specification (PAS) 99
• Prepared by British Standards Institution (BSI)
• No international standards for IMS
• Organizations using PAS should use as input ,
the specific requirements of management
system standards or specifications
• Help to integrate two or more standards in
IMS
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
13. PAS 99 – 6 common reqirements
• Policy
• Planning
• Implementation and Operation
• Performance Assessment
• Improvement
• Management Review
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
14. Typically integrated standards
• ISO 9001
• ISO 14001
• ISO/IEC 27001
• ISO 22000 (Food Safety)
• ISO/IEC 20000
• OHSAS 18001 (Occupational Health & Safety)
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
15. Conclusions
• Integration of management systems is an
organizationally specific proposal
• Necessary to achieve understanding of key
business process
• Benefits of using one IMS, not separate
management systems
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org
16. Thank you for your attention
Q&A
8th SEEITA – 7th SEE ICT Forum Meeting & 7th MASIT Open Days Conference
14-15 October 2010, Ohrid www.seeita.org