SlideShare une entreprise Scribd logo

ISO20000-1 Auditors note 【My Continuous Learning】

J
Jerimi Soma

(Remarks) This presentation is not affiliated with any company I have been associated with, either now or in the past. Additionally, no copyrights have been violated. However, I cannot guarantee the accuracy of this information, and it may be subject to updates.

Business
1  sur  7
Télécharger pour lire hors ligne
1 Jerimi (Yuko) Soma Auditors Notes for ISO20000-1 : Hypothetical Enterprise XYZ Inc. Client Name XYZ Inc. Contact Person Ms. Ichiro Tanaka (Service Manager) +81 3 1111 2222 Audit Objectives To access the implementation status and its effectiveness of the audit criteria; in view to evaluate the organization, for their potential in the growing educational market in JAPAN and other areas. Audit scope Technical Scope: - Providing platforms and applications on clouds for virtual live courses, e-learning contents for their own educational institutions for 24365 continuously. Physical Location(s): - Headquarters in the JAPAN including their office, server rooms. People: - Executive Director, BRM, Service Manager, Internal Auditor and other all employees in JAPAN Audit Criteria XYZ service management system, ISO20000-1 and intended outcomes Audit Conclusion The audit findings are listed below: Major NC: 0 item Minor NC: 1 item OFI: 4 items ・Based on the results of this audit, XYZ is recommended for certification to the ISO 20000-1:2018 by Better Life Japan Certification Corporation Positive Findings ・Top management well prepared for the SMS audit and his explanation was clear and convincing enough to the auditors. Agreed Actions ・XYZ shall respond against 1 Minor nonconformity in the next surveillance visit.
2 Jerimi (Yuko) Soma ・They closely work together for the SMS cycle’s continuous improvement. ・The Organization Process for Managing IT services were very detailed and it adequately showed their resiliency to their business. ・This entity may respond against 4 opportunities for improvement in the next surveillance visit, but these are optional for XYZ and not mandatory. AUDIT FIDINGS Ref. Number Report ing Date NC Description Correction Root Cause Analysis Corrective Action Plans(s) Revie w of CAP by Team Lead Revie w Date Verific ation of CAP by Team Lead Verific ation Date Action Item Resp. Target Date Minor NC Ref. Number #0001 2019/ SEP/2 Finding: 2 Internal Audits have not been conducted as planned for Business relationship and agreement processes even once since the last audit. Requirement of Standard: (Clause 9.2.1.b) The organization shall conduct internal audits at planned intervals to provide information whether the SMS: b) is effectively implemented and maintained. Evidence: ・Interview with Ms. Marry Suzuki (BRM) Will be reviewed in next Cycle Will be reviewed in next Cycle Will be reviewed in next Cycle 2019/JUL /10 2019/J UL/10
3 Jerimi (Yuko) Soma ・XYZ Operation Manual v1.2 page 40 “Updated Internal Audit Program 20xx” OFI Ref. Number #0002 2019/ SEP/2 Finding: Internal Audit has not conducted as planned for Continual improvement and Supply and demand processes, (it is held only once each since last year) Requirement of Standard: (Clause 9.2.1.b) The organization shall conduct internal audits at planned intervals to provide information whether the SMS: b) is effectively implemented and maintained. Evidence: ・Interview with Ms. Amy Torii(BRM) ・Interview with Mr.IchiroTanaka(Service Manager) ・XYZ Operation Manual v1.2 page 40 “Updated Internal Audit Program 20xx” Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional. OFI Ref. Number #0003 2019/ SEP/2 Finding: Internal Audit results were not documented as minutes for all process even though “Procedure for Internal Audit” said as follows. Conducting Audit: Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional.
4 Jerimi (Yuko) Soma All audit findings are documented on the Audit Report. Requirement of Standard: (Clause 9.2.2 e) The organization shall: a) plan, establish, implement and maintain an audit programme(s), including the frequency, methods, responsibilities, planning requirements and reporting, which shall take into consideration: e) retain documented information as evidence of the implementation of the audit programme(s) and the audit results. Evidence: ・XYZ Operation Manual v1.2 page 38 “Procedure for Internal Audits” OFI Ref. Number #0004 2019/ SEP/2 Finding: ・“Critical: 4 hours” in SLA was not accurate. Anyone working on weekdays and after hours and there was no exception regarding after hours and weekends was found in those documents. Requirement of Standard: (Clause 8.3.3) The organization and the customer shall agree the services to be delivered. For each service delivered, the organization Will be reviewed in the next Cycle, but correction is optional. Will be reviewed in the next Cycle, but correction is optional. Will be reviewed in the next Cycle, but correction is optional.
5 Jerimi (Yuko) Soma includes service level targets, workload limits and exceptions. Evidence: ・XYZ Operation Manual v1.2 page 117 “Service Level Agreement (Extract)” ・Interview with Mr. Ichiro Tanaka(Service Manager) ・Interview with Ms. Marry Suzuki(BRM) OFI Ref. Number #0005 2019/ SEP/2 Finding: None of upper management except for the Executive director involved in Management review. Requirement of Standard: (Clause 5.1) Top management shall demonstrate leadership and commitment with respect to the SMS by promoting continual improvement of the SMS and the services Evidence: ・XYZ Operation Manual v1.2 page10 “Organization Chart” ・XYZ Operation Manual v1.2 page35 “Management review record Oct. 20xx” ・XYZ Operation Manual v1.2 page 36 “Minutes” Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional.
6 Jerimi (Yuko) Soma Check List No . Clauses Items to check What to look for GAPs/Findings from Document Reviews #1 Clause 9.2.1.b The organization shall conduct internal audits at planned intervals to provide information whether the SMS: b) is effectively implemented and maintained. ・Do you have any reasons why Internal Audits have not conducted for Business relationship and agreement processes even once since last audit? ・If those are not conducted even once, do you think there are any risks for that? ・XYZ Operation Manual v1.2 page 40 “Updated Internal Audit Program 20xx” ・Interview with Ms. Marry Suzuki (BRM) ・2 Internal Audits have not conducted as planned for Business relationship and agreement processes even once since last audit. #2 Clause 9.2.1.b) The organization shall conduct internal audits at planned intervals to provide information whether the SMS: b) is effectively implemented and maintained. ・Do you have any reasons why Internal Audits have not conducted as planned for Continual improvement and Supply and demand processes? ・If those are not conducted as planned, do you think there are any risks by that? ・Interview with Ms. Marry Suzuki (BRM) ・Interview with Mr. Ichiro Tanaka(Service Manager) ・XYZ Operation Manual v1.2 page 40 “Updated Internal Audit Program 20xx” ・Internal Audit has not conducted as planned for Continual improvement and Supply and demand processes, (it is held only once each since last year) #3 Clause 9.2.2 e) The organization shall: a) plan, establish, implement and maintain an audit programme(s), including the frequency, methods, responsibilities, planning requirements and reporting, which shall take into consideration: e) retain documented information as evidence of the implementation ・Could you please show me minutes of Internal Audit results? “Procedure for Internal Audit” said as follows. Conducting Audit: All audit findings are documented on the Audit Report. ・Don’t you think “Updated Internal Audit Program” on page 40 is not enough to align your organization policies written in “Procedure for Internal Audit”? ・XYZ Operation Manual v1.2 page 38 “Procedure for Internal Audits” ・ Internal Audit results were not documented as minutes for all process even though “Procedure for Internal Audit” said as follows. Conducting Audit: All audit findings are documented on the Audit Report.
7 Jerimi (Yuko) Soma of the audit programme(s) and the audit results. ・Don’t you think there are any risks by that? #4 Clause 8.3.3 The organization and the customer shall agree the services to be delivered. For each service delivered, the organization include service level targets, workload limits and exceptions. ・Do Anyone work on weekdays and after hours for incident? ・Is “Critical: 4 hours” in SLA was in XYZ Operation Manual v1.2 page 117 accurate? ・Didn’t you try to add exception for after afterhours and weekends? ・Have you ever discussed about update this discrepancy about SLA for emergency with business units? ・If no one work for weekends, how did you maintain SLA for e-learning customers? ・Don’t you think there are any risks by that? ・XYZ Operation Manual v1.2 page 117 “Service Level Agreement (Extract)” ・Interview with Mr. Ichiro Tanaka (Service Manager) ・Interview with Ms. Marry Suzuki (BRM) ・“Critical: 4 hours” in SLA was not accurate. Anyone works on weekdays and after hours and there was no exception written regarding after those was found in that documents. #5 Clause 5.1 k) Top management shall demonstrate leadership and commitment with respect to the SMS by promoting continual improvement of the SMS and the services ・Could you please explain why those 4 people were chosen to attend Management Review after last audit? ・Don’t you think they are not enough for attending MR? ・When I refer your organization chart, I can see there are 2 Vice Provosts and 6 process owners. Don’t you think those business units require to take leadership for Service Management? ・XYZ Operation Manual v1.2 page10 “Organization Chart” ・XYZ Operation Manual v1.2 page35 “Management review record Oct. 20xx” ・XYZ Operation Manual v1.2 page 36 “Minutes” None of upper management expect for Executive director involved to Management review. of the documents

Recommandé

Executives-in-Residence Program Overview
Executives-in-Residence Program OverviewExecutives-in-Residence Program Overview
Executives-in-Residence Program OverviewBC Tech Association
 
BC Tech Association: Embedded Executive Program Overview
BC Tech Association: Embedded Executive Program OverviewBC Tech Association: Embedded Executive Program Overview
BC Tech Association: Embedded Executive Program OverviewSofiya Lazarova
 
Business Impact Analysis 【My Continuous Learning】
Business Impact Analysis 【My Continuous Learning】Business Impact Analysis 【My Continuous Learning】
Business Impact Analysis 【My Continuous Learning】Jerimi Soma
 
Special Consideration of Auditor for Internal Control of Bank
Special Consideration of Auditor for Internal Control of BankSpecial Consideration of Auditor for Internal Control of Bank
Special Consideration of Auditor for Internal Control of BankSayali Mahajan
 
Latest CV-Subhash Chatterjee
Latest CV-Subhash ChatterjeeLatest CV-Subhash Chatterjee
Latest CV-Subhash ChatterjeeSUBHASH CHATTERJEE
 
Verita case-studies-v2
Verita case-studies-v2Verita case-studies-v2
Verita case-studies-v2veritama
 
BCMS Audit Report【My Continuous Learning】
BCMS Audit Report【My Continuous Learning】BCMS Audit Report【My Continuous Learning】
BCMS Audit Report【My Continuous Learning】Jerimi Soma
 
desmond_resume
desmond_resumedesmond_resume
desmond_resumeDesmond D'Mello
 

Recommandé

Executives-in-Residence Program Overview
Executives-in-Residence Program OverviewExecutives-in-Residence Program Overview
Executives-in-Residence Program OverviewBC Tech Association
 
BC Tech Association: Embedded Executive Program Overview
BC Tech Association: Embedded Executive Program OverviewBC Tech Association: Embedded Executive Program Overview
BC Tech Association: Embedded Executive Program OverviewSofiya Lazarova
 
Business Impact Analysis 【My Continuous Learning】
Business Impact Analysis 【My Continuous Learning】Business Impact Analysis 【My Continuous Learning】
Business Impact Analysis 【My Continuous Learning】Jerimi Soma
 
Special Consideration of Auditor for Internal Control of Bank
Special Consideration of Auditor for Internal Control of BankSpecial Consideration of Auditor for Internal Control of Bank
Special Consideration of Auditor for Internal Control of BankSayali Mahajan
 
Latest CV-Subhash Chatterjee
Latest CV-Subhash ChatterjeeLatest CV-Subhash Chatterjee
Latest CV-Subhash ChatterjeeSUBHASH CHATTERJEE
 
Verita case-studies-v2
Verita case-studies-v2Verita case-studies-v2
Verita case-studies-v2veritama
 
BCMS Audit Report【My Continuous Learning】
BCMS Audit Report【My Continuous Learning】BCMS Audit Report【My Continuous Learning】
BCMS Audit Report【My Continuous Learning】Jerimi Soma
 
desmond_resume
desmond_resumedesmond_resume
desmond_resumeDesmond D'Mello
 
Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...
Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...
Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...MHM (Mayer Hoffman McCann P.C.)
 
Hammad Resume..
Hammad Resume.. Hammad Resume..
Hammad Resume.. Hammad Zuberi
 
Kiran Adtani_Resume
Kiran Adtani_ResumeKiran Adtani_Resume
Kiran Adtani_ResumeKiran Adtani
 
PMI-Service-Level-Agreement for all transactions
PMI-Service-Level-Agreement for all transactionsPMI-Service-Level-Agreement for all transactions
PMI-Service-Level-Agreement for all transactionsRaymondSmith96
 
62493024-Wld-Services-Review-Final-Report.ppt
62493024-Wld-Services-Review-Final-Report.ppt62493024-Wld-Services-Review-Final-Report.ppt
62493024-Wld-Services-Review-Final-Report.pptkEWQ865k
 
Deepak Mysore Nagaraj (1)
Deepak Mysore Nagaraj (1)Deepak Mysore Nagaraj (1)
Deepak Mysore Nagaraj (1).Deepak Gowda
 
Resume of Ujjal
Resume of UjjalResume of Ujjal
Resume of UjjalUjjal Kanti Dey ACA
 
Isbm construction management . taxation. project mgmt. data mgmt. market res...
Isbm construction management . taxation. project mgmt. data mgmt. market res...Isbm construction management . taxation. project mgmt. data mgmt. market res...
Isbm construction management . taxation. project mgmt. data mgmt. market res...NMIMS ASSIGNMENTS HELP
 
Resume puja bajaj
Resume puja bajajResume puja bajaj
Resume puja bajajPuja Bajaj
 
Resume puja bajaj
Resume puja bajajResume puja bajaj
Resume puja bajajPuja Bajaj
 
SGBS - sample Case Studies Aug 2015
SGBS - sample Case Studies Aug 2015SGBS - sample Case Studies Aug 2015
SGBS - sample Case Studies Aug 2015Sarvotham Pejavar
 
1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment 1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment SilvaGraf83
 
1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment 1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment MartineMccracken314
 
Amit_Dubey_Resume[1]
Amit_Dubey_Resume[1]Amit_Dubey_Resume[1]
Amit_Dubey_Resume[1]Amit Dubey
 
Audit and investigations ii questions
Audit and investigations ii questionsAudit and investigations ii questions
Audit and investigations ii questionsallhomeworktutors
 
474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...
474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...
474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...AnkurNagwan1
 
BKD Operational Assessment
BKD Operational AssessmentBKD Operational Assessment
BKD Operational AssessmentIndiana Bureau of Motor Vehicles
 
Customer satisfaction survey august 2014 comments
Customer satisfaction survey august 2014 commentsCustomer satisfaction survey august 2014 comments
Customer satisfaction survey august 2014 commentsAngel Ann
 
Acct 503 Social Responsibility / tutorialrank.com
Acct 503 Social Responsibility / tutorialrank.comAcct 503 Social Responsibility / tutorialrank.com
Acct 503 Social Responsibility / tutorialrank.comPrescottLunt432
 
Madhusudhan_Resume
Madhusudhan_ResumeMadhusudhan_Resume
Madhusudhan_Resumemadhusudhan nimma
 
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)Jerimi Soma
 
Another ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotelAnother ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotelJerimi Soma
 

Contenu connexe

Similaire à ISO20000-1 Auditors note 【My Continuous Learning】

Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...
Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...
Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...MHM (Mayer Hoffman McCann P.C.)
 
Kiran Adtani_Resume
Kiran Adtani_ResumeKiran Adtani_Resume
Kiran Adtani_ResumeKiran Adtani
 
PMI-Service-Level-Agreement for all transactions
PMI-Service-Level-Agreement for all transactionsPMI-Service-Level-Agreement for all transactions
PMI-Service-Level-Agreement for all transactionsRaymondSmith96
 
62493024-Wld-Services-Review-Final-Report.ppt
62493024-Wld-Services-Review-Final-Report.ppt62493024-Wld-Services-Review-Final-Report.ppt
62493024-Wld-Services-Review-Final-Report.pptkEWQ865k
 
Deepak Mysore Nagaraj (1)
Deepak Mysore Nagaraj (1)Deepak Mysore Nagaraj (1)
Deepak Mysore Nagaraj (1).Deepak Gowda
 
Isbm construction management . taxation. project mgmt. data mgmt. market res...
Isbm construction management . taxation. project mgmt. data mgmt. market res...Isbm construction management . taxation. project mgmt. data mgmt. market res...
Isbm construction management . taxation. project mgmt. data mgmt. market res...NMIMS ASSIGNMENTS HELP
 
Resume puja bajaj
Resume puja bajajResume puja bajaj
Resume puja bajajPuja Bajaj
 
Resume puja bajaj
Resume puja bajajResume puja bajaj
Resume puja bajajPuja Bajaj
 
SGBS - sample Case Studies Aug 2015
SGBS - sample Case Studies Aug 2015SGBS - sample Case Studies Aug 2015
SGBS - sample Case Studies Aug 2015Sarvotham Pejavar
 
1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment 1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment SilvaGraf83
 
1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment 1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment MartineMccracken314
 
Amit_Dubey_Resume[1]
Amit_Dubey_Resume[1]Amit_Dubey_Resume[1]
Amit_Dubey_Resume[1]Amit Dubey
 
Audit and investigations ii questions
Audit and investigations ii questionsAudit and investigations ii questions
Audit and investigations ii questionsallhomeworktutors
 
474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...
474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...
474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...AnkurNagwan1
 
Customer satisfaction survey august 2014 comments
Customer satisfaction survey august 2014 commentsCustomer satisfaction survey august 2014 comments
Customer satisfaction survey august 2014 commentsAngel Ann
 
Acct 503 Social Responsibility / tutorialrank.com
Acct 503 Social Responsibility / tutorialrank.comAcct 503 Social Responsibility / tutorialrank.com
Acct 503 Social Responsibility / tutorialrank.comPrescottLunt432
 

Similaire à ISO20000-1 Auditors note 【My Continuous Learning】 (20)

Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...
Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...
Webinar Slides: Error or Change in Estimate? How to Navigate a Common Account...
 
Hammad Resume..
Hammad Resume.. Hammad Resume..
Hammad Resume..
 
Kiran Adtani_Resume
Kiran Adtani_ResumeKiran Adtani_Resume
Kiran Adtani_Resume
 
PMI-Service-Level-Agreement for all transactions
PMI-Service-Level-Agreement for all transactionsPMI-Service-Level-Agreement for all transactions
PMI-Service-Level-Agreement for all transactions
 
62493024-Wld-Services-Review-Final-Report.ppt
62493024-Wld-Services-Review-Final-Report.ppt62493024-Wld-Services-Review-Final-Report.ppt
62493024-Wld-Services-Review-Final-Report.ppt
 
Deepak Mysore Nagaraj (1)
Deepak Mysore Nagaraj (1)Deepak Mysore Nagaraj (1)
Deepak Mysore Nagaraj (1)
 
Resume of Ujjal
Resume of UjjalResume of Ujjal
Resume of Ujjal
 
Isbm construction management . taxation. project mgmt. data mgmt. market res...
Isbm construction management . taxation. project mgmt. data mgmt. market res...Isbm construction management . taxation. project mgmt. data mgmt. market res...
Isbm construction management . taxation. project mgmt. data mgmt. market res...
 
Resume puja bajaj
Resume puja bajajResume puja bajaj
Resume puja bajaj
 
Resume puja bajaj
Resume puja bajajResume puja bajaj
Resume puja bajaj
 
SGBS - sample Case Studies Aug 2015
SGBS - sample Case Studies Aug 2015SGBS - sample Case Studies Aug 2015
SGBS - sample Case Studies Aug 2015
 
1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment 1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment
 
1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment 1 Assessment Task – Tutorial Questions Assignment
1 Assessment Task – Tutorial Questions Assignment
 
Amit_Dubey_Resume[1]
Amit_Dubey_Resume[1]Amit_Dubey_Resume[1]
Amit_Dubey_Resume[1]
 
Audit and investigations ii questions
Audit and investigations ii questionsAudit and investigations ii questions
Audit and investigations ii questions
 
474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...
474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...
474386529-Deloitte-KPMG-and-the-IL-FS-Saga-NFRA-finds-deficiencies-in-BSR-s-a...
 
BKD Operational Assessment
BKD Operational AssessmentBKD Operational Assessment
BKD Operational Assessment
 
Customer satisfaction survey august 2014 comments
Customer satisfaction survey august 2014 commentsCustomer satisfaction survey august 2014 comments
Customer satisfaction survey august 2014 comments
 
Acct 503 Social Responsibility / tutorialrank.com
Acct 503 Social Responsibility / tutorialrank.comAcct 503 Social Responsibility / tutorialrank.com
Acct 503 Social Responsibility / tutorialrank.com
 
Madhusudhan_Resume
Madhusudhan_ResumeMadhusudhan_Resume
Madhusudhan_Resume
 

Plus de Jerimi Soma

IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)Jerimi Soma
 
Another ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotelAnother ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotelJerimi Soma
 
Japan Data Privacy Auditor Certification (Since Jan. 2021)
Japan Data Privacy Auditor Certification (Since Jan. 2021)Japan Data Privacy Auditor Certification (Since Jan. 2021)
Japan Data Privacy Auditor Certification (Since Jan. 2021)Jerimi Soma
 
ITILv3 /2011 Edition Case Study
ITILv3 /2011 Edition Case StudyITILv3 /2011 Edition Case Study
ITILv3 /2011 Edition Case StudyJerimi Soma
 
ITIL4 Managing Professtioal
ITIL4 Managing ProfesstioalITIL4 Managing Professtioal
ITIL4 Managing ProfesstioalJerimi Soma
 
JRCA ISO27017 Cloud Security Training & Exam
JRCA ISO27017 Cloud Security Training & ExamJRCA ISO27017 Cloud Security Training & Exam
JRCA ISO27017 Cloud Security Training & ExamJerimi Soma
 
ITIL v2011 Expert 6 exams
ITIL v2011 Expert 6 examsITIL v2011 Expert 6 exams
ITIL v2011 Expert 6 examsJerimi Soma
 
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025Jerimi Soma
 
ISO20000-1 Training Completion in 2022
ISO20000-1 Training Completion in 2022ISO20000-1 Training Completion in 2022
ISO20000-1 Training Completion in 2022Jerimi Soma
 
Six Sigma Black Belt
Six Sigma Black BeltSix Sigma Black Belt
Six Sigma Black BeltJerimi Soma
 
IRCA BCMS Lead Auditor Training & Exam
IRCA BCMS Lead Auditor Training & ExamIRCA BCMS Lead Auditor Training & Exam
IRCA BCMS Lead Auditor Training & ExamJerimi Soma
 
BSI ISO27001 Lead Implementer ENR-00775738
BSI ISO27001 Lead Implementer ENR-00775738BSI ISO27001 Lead Implementer ENR-00775738
BSI ISO27001 Lead Implementer ENR-00775738Jerimi Soma
 
IRCA QMS Lead Auditor 5-day training & exam
IRCA QMS Lead Auditor 5-day training & examIRCA QMS Lead Auditor 5-day training & exam
IRCA QMS Lead Auditor 5-day training & examJerimi Soma
 
IRCA ISMS Lead Auditor Training & Exam in 2014
IRCA ISMS Lead Auditor Training & Exam in 2014IRCA ISMS Lead Auditor Training & Exam in 2014
IRCA ISMS Lead Auditor Training & Exam in 2014Jerimi Soma
 
Henry James Study
Henry James StudyHenry James Study
Henry James StudyJerimi Soma
 
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.Jerimi Soma
 
SixSigma 【Continuous Study】
SixSigma 【Continuous Study】SixSigma 【Continuous Study】
SixSigma 【Continuous Study】Jerimi Soma
 
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】Jerimi Soma
 
ISO20000-1 mapping to PCI 【Continuous Study】
ISO20000-1 mapping to PCI 【Continuous Study】ISO20000-1 mapping to PCI 【Continuous Study】
ISO20000-1 mapping to PCI 【Continuous Study】Jerimi Soma
 
Mapping Japanese FISC guideline to PCI DSS v3.2.1 【Continuous Study】
Mapping Japanese FISC guideline to PCI DSS v3.2.1 【Continuous Study】Mapping Japanese FISC guideline to PCI DSS v3.2.1 【Continuous Study】
Mapping Japanese FISC guideline to PCI DSS v3.2.1 【Continuous Study】Jerimi Soma
 

Plus de Jerimi Soma (20)

IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
 
Another ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotelAnother ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotel
 
Japan Data Privacy Auditor Certification (Since Jan. 2021)
Japan Data Privacy Auditor Certification (Since Jan. 2021)Japan Data Privacy Auditor Certification (Since Jan. 2021)
Japan Data Privacy Auditor Certification (Since Jan. 2021)
 
ITILv3 /2011 Edition Case Study
ITILv3 /2011 Edition Case StudyITILv3 /2011 Edition Case Study
ITILv3 /2011 Edition Case Study
 
ITIL4 Managing Professtioal
ITIL4 Managing ProfesstioalITIL4 Managing Professtioal
ITIL4 Managing Professtioal
 
JRCA ISO27017 Cloud Security Training & Exam
JRCA ISO27017 Cloud Security Training & ExamJRCA ISO27017 Cloud Security Training & Exam
JRCA ISO27017 Cloud Security Training & Exam
 
ITIL v2011 Expert 6 exams
ITIL v2011 Expert 6 examsITIL v2011 Expert 6 exams
ITIL v2011 Expert 6 exams
 
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025
 
ISO20000-1 Training Completion in 2022
ISO20000-1 Training Completion in 2022ISO20000-1 Training Completion in 2022
ISO20000-1 Training Completion in 2022
 
Six Sigma Black Belt
Six Sigma Black BeltSix Sigma Black Belt
Six Sigma Black Belt
 
IRCA BCMS Lead Auditor Training & Exam
IRCA BCMS Lead Auditor Training & ExamIRCA BCMS Lead Auditor Training & Exam
IRCA BCMS Lead Auditor Training & Exam
 
BSI ISO27001 Lead Implementer ENR-00775738
BSI ISO27001 Lead Implementer ENR-00775738BSI ISO27001 Lead Implementer ENR-00775738
BSI ISO27001 Lead Implementer ENR-00775738
 
IRCA QMS Lead Auditor 5-day training & exam
IRCA QMS Lead Auditor 5-day training & examIRCA QMS Lead Auditor 5-day training & exam
IRCA QMS Lead Auditor 5-day training & exam
 
IRCA ISMS Lead Auditor Training & Exam in 2014
IRCA ISMS Lead Auditor Training & Exam in 2014IRCA ISMS Lead Auditor Training & Exam in 2014
IRCA ISMS Lead Auditor Training & Exam in 2014
 
Henry James Study
Henry James StudyHenry James Study
Henry James Study
 
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
 
SixSigma 【Continuous Study】
SixSigma 【Continuous Study】SixSigma 【Continuous Study】
SixSigma 【Continuous Study】
 
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】
 
ISO20000-1 mapping to PCI 【Continuous Study】
ISO20000-1 mapping to PCI 【Continuous Study】ISO20000-1 mapping to PCI 【Continuous Study】
ISO20000-1 mapping to PCI 【Continuous Study】
 
Mapping Japanese FISC guideline to PCI DSS v3.2.1 【Continuous Study】
Mapping Japanese FISC guideline to PCI DSS v3.2.1 【Continuous Study】Mapping Japanese FISC guideline to PCI DSS v3.2.1 【Continuous Study】
Mapping Japanese FISC guideline to PCI DSS v3.2.1 【Continuous Study】
 

Dernier

Cyber Security Training in Office Environment
Cyber Security Training in Office EnvironmentCyber Security Training in Office Environment
Cyber Security Training in Office Environmentelijahj01012
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Servicecallgirls2057
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesKeppelCorporation
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFChandresh Chudasama
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!Doge Mining Website
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Americas Got Grants
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMVoces Mineras
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 

Dernier (20)

Cyber Security Training in Office Environment
Cyber Security Training in Office EnvironmentCyber Security Training in Office Environment
Cyber Security Training in Office Environment
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation Slides
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDF
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...
 
Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQM
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 

ISO20000-1 Auditors note 【My Continuous Learning】

  • 1. 1 Jerimi (Yuko) Soma Auditors Notes for ISO20000-1 : Hypothetical Enterprise XYZ Inc. Client Name XYZ Inc. Contact Person Ms. Ichiro Tanaka (Service Manager) +81 3 1111 2222 Audit Objectives To access the implementation status and its effectiveness of the audit criteria; in view to evaluate the organization, for their potential in the growing educational market in JAPAN and other areas. Audit scope Technical Scope: - Providing platforms and applications on clouds for virtual live courses, e-learning contents for their own educational institutions for 24365 continuously. Physical Location(s): - Headquarters in the JAPAN including their office, server rooms. People: - Executive Director, BRM, Service Manager, Internal Auditor and other all employees in JAPAN Audit Criteria XYZ service management system, ISO20000-1 and intended outcomes Audit Conclusion The audit findings are listed below: Major NC: 0 item Minor NC: 1 item OFI: 4 items ・Based on the results of this audit, XYZ is recommended for certification to the ISO 20000-1:2018 by Better Life Japan Certification Corporation Positive Findings ・Top management well prepared for the SMS audit and his explanation was clear and convincing enough to the auditors. Agreed Actions ・XYZ shall respond against 1 Minor nonconformity in the next surveillance visit.
  • 2. 2 Jerimi (Yuko) Soma ・They closely work together for the SMS cycle’s continuous improvement. ・The Organization Process for Managing IT services were very detailed and it adequately showed their resiliency to their business. ・This entity may respond against 4 opportunities for improvement in the next surveillance visit, but these are optional for XYZ and not mandatory. AUDIT FIDINGS Ref. Number Report ing Date NC Description Correction Root Cause Analysis Corrective Action Plans(s) Revie w of CAP by Team Lead Revie w Date Verific ation of CAP by Team Lead Verific ation Date Action Item Resp. Target Date Minor NC Ref. Number #0001 2019/ SEP/2 Finding: 2 Internal Audits have not been conducted as planned for Business relationship and agreement processes even once since the last audit. Requirement of Standard: (Clause 9.2.1.b) The organization shall conduct internal audits at planned intervals to provide information whether the SMS: b) is effectively implemented and maintained. Evidence: ・Interview with Ms. Marry Suzuki (BRM) Will be reviewed in next Cycle Will be reviewed in next Cycle Will be reviewed in next Cycle 2019/JUL /10 2019/J UL/10
  • 3. 3 Jerimi (Yuko) Soma ・XYZ Operation Manual v1.2 page 40 “Updated Internal Audit Program 20xx” OFI Ref. Number #0002 2019/ SEP/2 Finding: Internal Audit has not conducted as planned for Continual improvement and Supply and demand processes, (it is held only once each since last year) Requirement of Standard: (Clause 9.2.1.b) The organization shall conduct internal audits at planned intervals to provide information whether the SMS: b) is effectively implemented and maintained. Evidence: ・Interview with Ms. Amy Torii(BRM) ・Interview with Mr.IchiroTanaka(Service Manager) ・XYZ Operation Manual v1.2 page 40 “Updated Internal Audit Program 20xx” Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional. OFI Ref. Number #0003 2019/ SEP/2 Finding: Internal Audit results were not documented as minutes for all process even though “Procedure for Internal Audit” said as follows. Conducting Audit: Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional.
  • 4. 4 Jerimi (Yuko) Soma All audit findings are documented on the Audit Report. Requirement of Standard: (Clause 9.2.2 e) The organization shall: a) plan, establish, implement and maintain an audit programme(s), including the frequency, methods, responsibilities, planning requirements and reporting, which shall take into consideration: e) retain documented information as evidence of the implementation of the audit programme(s) and the audit results. Evidence: ・XYZ Operation Manual v1.2 page 38 “Procedure for Internal Audits” OFI Ref. Number #0004 2019/ SEP/2 Finding: ・“Critical: 4 hours” in SLA was not accurate. Anyone working on weekdays and after hours and there was no exception regarding after hours and weekends was found in those documents. Requirement of Standard: (Clause 8.3.3) The organization and the customer shall agree the services to be delivered. For each service delivered, the organization Will be reviewed in the next Cycle, but correction is optional. Will be reviewed in the next Cycle, but correction is optional. Will be reviewed in the next Cycle, but correction is optional.
  • 5. 5 Jerimi (Yuko) Soma includes service level targets, workload limits and exceptions. Evidence: ・XYZ Operation Manual v1.2 page 117 “Service Level Agreement (Extract)” ・Interview with Mr. Ichiro Tanaka(Service Manager) ・Interview with Ms. Marry Suzuki(BRM) OFI Ref. Number #0005 2019/ SEP/2 Finding: None of upper management except for the Executive director involved in Management review. Requirement of Standard: (Clause 5.1) Top management shall demonstrate leadership and commitment with respect to the SMS by promoting continual improvement of the SMS and the services Evidence: ・XYZ Operation Manual v1.2 page10 “Organization Chart” ・XYZ Operation Manual v1.2 page35 “Management review record Oct. 20xx” ・XYZ Operation Manual v1.2 page 36 “Minutes” Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional. Will be reviewed in next Cycle, but correction is optional.
  • 6. 6 Jerimi (Yuko) Soma Check List No . Clauses Items to check What to look for GAPs/Findings from Document Reviews #1 Clause 9.2.1.b The organization shall conduct internal audits at planned intervals to provide information whether the SMS: b) is effectively implemented and maintained. ・Do you have any reasons why Internal Audits have not conducted for Business relationship and agreement processes even once since last audit? ・If those are not conducted even once, do you think there are any risks for that? ・XYZ Operation Manual v1.2 page 40 “Updated Internal Audit Program 20xx” ・Interview with Ms. Marry Suzuki (BRM) ・2 Internal Audits have not conducted as planned for Business relationship and agreement processes even once since last audit. #2 Clause 9.2.1.b) The organization shall conduct internal audits at planned intervals to provide information whether the SMS: b) is effectively implemented and maintained. ・Do you have any reasons why Internal Audits have not conducted as planned for Continual improvement and Supply and demand processes? ・If those are not conducted as planned, do you think there are any risks by that? ・Interview with Ms. Marry Suzuki (BRM) ・Interview with Mr. Ichiro Tanaka(Service Manager) ・XYZ Operation Manual v1.2 page 40 “Updated Internal Audit Program 20xx” ・Internal Audit has not conducted as planned for Continual improvement and Supply and demand processes, (it is held only once each since last year) #3 Clause 9.2.2 e) The organization shall: a) plan, establish, implement and maintain an audit programme(s), including the frequency, methods, responsibilities, planning requirements and reporting, which shall take into consideration: e) retain documented information as evidence of the implementation ・Could you please show me minutes of Internal Audit results? “Procedure for Internal Audit” said as follows. Conducting Audit: All audit findings are documented on the Audit Report. ・Don’t you think “Updated Internal Audit Program” on page 40 is not enough to align your organization policies written in “Procedure for Internal Audit”? ・XYZ Operation Manual v1.2 page 38 “Procedure for Internal Audits” ・ Internal Audit results were not documented as minutes for all process even though “Procedure for Internal Audit” said as follows. Conducting Audit: All audit findings are documented on the Audit Report.
  • 7. 7 Jerimi (Yuko) Soma of the audit programme(s) and the audit results. ・Don’t you think there are any risks by that? #4 Clause 8.3.3 The organization and the customer shall agree the services to be delivered. For each service delivered, the organization include service level targets, workload limits and exceptions. ・Do Anyone work on weekdays and after hours for incident? ・Is “Critical: 4 hours” in SLA was in XYZ Operation Manual v1.2 page 117 accurate? ・Didn’t you try to add exception for after afterhours and weekends? ・Have you ever discussed about update this discrepancy about SLA for emergency with business units? ・If no one work for weekends, how did you maintain SLA for e-learning customers? ・Don’t you think there are any risks by that? ・XYZ Operation Manual v1.2 page 117 “Service Level Agreement (Extract)” ・Interview with Mr. Ichiro Tanaka (Service Manager) ・Interview with Ms. Marry Suzuki (BRM) ・“Critical: 4 hours” in SLA was not accurate. Anyone works on weekdays and after hours and there was no exception written regarding after those was found in that documents. #5 Clause 5.1 k) Top management shall demonstrate leadership and commitment with respect to the SMS by promoting continual improvement of the SMS and the services ・Could you please explain why those 4 people were chosen to attend Management Review after last audit? ・Don’t you think they are not enough for attending MR? ・When I refer your organization chart, I can see there are 2 Vice Provosts and 6 process owners. Don’t you think those business units require to take leadership for Service Management? ・XYZ Operation Manual v1.2 page10 “Organization Chart” ・XYZ Operation Manual v1.2 page35 “Management review record Oct. 20xx” ・XYZ Operation Manual v1.2 page 36 “Minutes” None of upper management expect for Executive director involved to Management review. of the documents