Posts Mentioning RSS Toggle Comment Threads | Keyboard Shortcuts

  • support 9:42 pm on December 31, 2015 Permalink | Reply
    Tags: , , , , , , TL 9000 R6.0   

    The “Year Of Quality” In Review: Quality Predictions For 2016 

    As we bring the “Year of Quality” to a close, we would like to reflect on the flurry of activity that has occurred in ICT quality and quality management in general.  We’ve been finalizing our own strategic planning for the new business year and we’re fresh off of the QuEST Forum Leadership Council and Work Group Meetings in November.

     

    BIZPHYX: The Year of Quality

     

    The latest revision of ISO 9001, ISO 9001:2015 is going to set the stage for quality in general.  As you probably know, the revision was published in September and organizations have 3 years to upgrade their ISO 9001:2008 QMS to the latest revision.  In addition, ISO 14001:2015 was published and many more ISO based standards ready to update in 2016, are in the queue to align with the latest revision (AS 9100, OHSAS 18001 shifting to ISO 45001, etc.).  Just refer to the Annex SL directives with the latest revision.

    With regard to TL 9000, it too is set to upgrade in September 2016 with R6.0.  While we see alignment with ISO 9001:2015, we also know that sustainability and other ICT specific quality drivers will be in the mix.  We suggest that our ICT clients certified to ISO 9001 and TL 9000, wait until after September of 2016 before making any big decisions.  We can then suggest how to best assist with upgrades regarding both standards (in tandem).

    With regard to QuEST Forum, there is a new Executive Board for 2016 and with that change of guard will come a potential shift to new initiatives with the organization, likely with increased sustainability initiatives, benchmarking and performance data measurements.

     

    Specific standards aside, it is important that ALL organizations consider these factors in 2016:

     

    -supply chain risk due to the global supply chain

    -business globalization in general

    -network data security and transctional data security

    -risk based thinking (reflected in ISO 9001:2015)

    -sustainability initiatives and in some cases, environmental regulation

    -data management (example: tele-health and e-health companies)

    -safety in ICT (example: cell tower safety in the wireless sector)

    -electronics waste (example: auditable recycling standards like R2, which apply to applicable ICT recyclers)

    -customer churn (all telecom sectors, wireless, OTT, etc.)

    -evolving technologies and speed to market, executed with quality performance

     

    We predict that our ICT clients will have an easier time upgrading to ISO 9001:2015 than expected or feared.  However, we also predict that due to economic drivers, global environmental concerns and US regulation; companies will need to strongly consider and develop sustainability goals and address environmental challenges.

    Right now that can be done on a voluntary basis by implementing standards like ISO 14001 and when applicable R2 (electronics recyclers).

    Additionally, rampant data and identity theft, as well as surveillance concerns, will increase the potential for direct burdens on companies, not just the big players and MSPs (example: new card readers, PCI compliance).

    Also consider the rapid evolution of M2M and IoT products and services.  When and how does quality shift to outright legal responsibility?  Right now information security can be helped on a voluntary basis with an entire suite of compliance standards and techniques, including ISO 27001 (when applicable).

    The unknown will be when quality management and assurance shift to forced governmental compliance and regulation.

    Are we there yet?  Probably not in 2016, but it’s likely coming.  How to get prepared?  Recognize that quality is congruent with an organization’s responsibility to serve and protect clients, as well as be good stewards of the environment.

    Implementing a baseline quality management system is a strong first step within an organization to shift a corporate culture to perform at high levels and mitigate risk every day, in every way.  This is done though the leadership of an organization.  ISO 9001:2015 addresses these factors head on through a focus on risk based thinking and leadership (stakeholders)Concepts to ponder before the new calendar year!

    BIZPHYX will be there to assist you every step of the way in 2016.  For more information on implementing ISO 9001:2015 or TL 9000 in 2016, contact info@bizphyx.com

    Happy New Year!

     
    • Ice 5:17 pm on May 16, 2017 Permalink

      Sharp thingink! Thanks for the answer.

  • support 7:05 pm on September 30, 2015 Permalink | Reply
    Tags: ,   

    The Long Awaited ISO 9001:2015 Is Here And What It Means For ICT 

    The countdown is officially over.  The newly revised ISO 9001:2015 is status: PUBLISHED!  Over the past few years there have been many who thought we might not arrive at this moment, but it’s finally here.

    The revised standard went into effect on September 21, 2015, as well as the new ISO 14001:2015.  While there are many new concepts to grasp, you have 3 years to comply with the new requirements.

    Below is an informative and quick overview video from ISO.org that condenses some of the concepts that have changed and that we’ve all been blogging about such as “process approach” and “risk based thinking”:

     

     

    Please note that while you have 3 years to meet the new requirements, we do NOT recommend waiting until the last minute to update your QMS or EMS.  Certifying bodies will be overwhelmed and some are saying they will not accept ISO 9001:2008 after mid-2017.

    Education however is something you can do right away, which is why we’re offering complimentary courses on both ISO 9001 and ISO 27001 in November.  Click on the image below or our countdown page for class descriptions.

     

    2156271a-aec4-4499-9cb3-3fd9631507c1

     

    TL 9000 R6.0, Does ISO 9001:2015 Play A Role And What Does It Mean For ICT Quality?

     

    If you are certified to TL 9000, it is our recommendation to hold tight until TL 9000 R6.0 is released, which is scheduled for September of 2016.

    Once R6.0 is completed, then the transition will be easier for both standards to take place at once.  The timeline to meet the new requirements for TL 9000 will match with the ISO 9001:2015 timeline, so you will have plenty of time to complete both upgrades more efficiently.

    In the coming months BIZPHYX will be helping clients map out their transition plans for ISO 9001:2015 and ISO 14001:2015.  For clients, we’re offering discounted packages to help you transition your quality and environmental management systems in the most cost effective way possible.

     

    For more information, contact info@bizphyx.com or contact BIZPHYX SVP, Bob Clancy directly at bclancy@bizphyx.com.

     
  • support 1:30 am on May 18, 2015 Permalink | Reply
    Tags: , AT&T Women Entrepreneurs' Forum, Cathy Martine,   

    AT&T Women Entrepreneurs’ Forum: Where Are They Now? 

    This blast from the past is a group photo that was taken of the AT&T Women Entrepreneurs’ Forum.  It’s an alumni photo of sorts, as the 2-year program (which concluded several years ago), brings back fond memories of collaboration and sharing best practices on future trends in ICT and telecommunications.

    We often run into many of these great female technology executives at other conferences, like the upcoming WBENC National Conference in Austin and recently at DiversityNXT and the ISM National Conference in early May.  We may see a couple of these ladies at the upcoming QuEST Forum Leadership Council and Work Groups in Dallas today!

     

    AT&T Women Entrepreneurs’ Forum

    AT&T Women's  Forum Group Photo

     

    Featured in this photo in the back row (third from the left) is BIZPHYX President and CEO, Sue Clancy standing next to Cathy Martine (second from the left).  Cathy Martine who led this initiative, is President of AT&T Enterprise Business Solutions.  Also featured in the front row (second from the right) is our colleague in QuEST Forum, Betty Manetta who is President and CEO of Argent Associates, Inc.

    Miss you ladies and let’s keep driving innovation in the ICT industry!

     

    For more information on implementing ICT quality, sustainability, IT security and e-recycling standards such TL 9000, ISO 14001, ISO 27001 and R2/RIOS, contact info@bizphyx.com.

     
  • support 1:34 pm on February 27, 2015 Permalink | Reply
    Tags: ,   

    2015 “The Year of Quality”, ISO 9001 Update and New ISO Standards/Guidelines 

    In Chinese Astrology, they say that 2015 is the “Year of The Goat”.  For those of us in the realm of quality management, we’re affectionately labeling 2015 as “The Year of Quality”.  This is primarily due to the new update of ISO 9001:2015, which is projected to be published at the end of the year.

    Here’s a quick recap on where things stand, as it seems like the last 2 months have been a blur.  We went from the QuEST Forum Leadership Council and Work Group meetings straight to a flurry of year-end implementations and training projects, just as ISO announced critical new timeline updates for the new ISO 9001:2015 standard.

    The New Year kicked off with the QuEST Forum Leadership Summit where new ICT quality initiatives we announced.  Then the ISO/TC 176/Sc 2/WG 24/TG 5 committee, responsible for the ISO 9001:2015 revision, began working through some important member responses to the FDIS.  Like we stated, 2015 is going to be a very busy year in the world of quality management.

     

    ISO 9001: 2015–UPDATE:

    We can report this,—it’s progressing.   In November 2014, ISO 9001 moved to the final stage of the update process, FDIS (Final Draft International Standard).  Nigel Croft, Chair of the ISO subcommittee revising ISO 9001 (ISO/TC 176/ Sc2) released a video and provided an update on the status of the FDIS stage.  He maintains that new ISO is on track for scheduled publication.   The updated version is resting on a new core concept of “risk basked thinking”, which is aimed at preventing undesirable outcomes.  Here is that video update:

     

     

    The ISO 9001:2015 revision will impact other standards and there is much complexity to the update as defined in previous articles on our blog.  For example, standards like ISO 14001 (environmental management) and ISO 27001 (information security management) will share the new alignment.  Ultimately, TL 9000, the ICT quality management standard will be updated (TL 9000 6.0) to incorporate the new changes in ISO 9001.

    Recently the ISO/TC 176/Sc 2/WG 24/TG 5 committee published their Validation Report, incorporating and scoring comments from member organizations that have the duty to provide input (both positive and negative) about the proposed revision.  In the USA, ANSI provided critical input, for the UK, BSI submitted detailed comments and other global member organizations such as SCC (Canada), AFNOR (France), DGN (Mexico) and BIS (India) all contributed to the Validation Report data.  At this point, the comments are now being reviewed by ISO and its up to the committee to acknowledge and address the input.  Right now things are fluid, as the ability to “audit” risk based focus and activity is being weighed.

     

    NEW ISO Standards and Guidelines

    The update to ISO 9001:2015 certainly hasn’t curtailed the release of new guidelines and standards.  In fact, in just the past few months, ISO has released and updated several standards and guidelines.  Here are just a few pertaining to the sectors and clients we serve:

     

    ISO 37500:2014  Outsourcing

    This standard aims to provide general guidance for outsourcing for any organization in any sector.  It provides a general vocabulary for outsourcing practitioners across all industry sectors.  It includes typical outsourcing concepts to improve the understanding of all stakeholders, by providing a set of practices that can be used to manage the outsourcing life cycle.

     

    ISO/IEC 27018:2014  Data Protection, Cloud Privacy

    This International Standard establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.

    (Microsoft just certified to this standard)

     

    ISO/IEC 27040:2015  Guide On Data Security, Storage

    This provides detailed technical guidance on how organizations can define an appropriate level of risk mitigation by employing a well-proven and consistent approach to the planning, design, documentation and implementation of data storage security.

     

    ISO/DIS 37101  Sustainable Communities, Management Systems and Guidance For Resilience and Smartness

    In our rapidly changing world, ensuring cities and communities are fit for the future is a key priority for many city leaders. Providing sustainable energy supplies, coping with environmental and climate changes, building and maintaining durable infrastructures and meeting the needs and expectations of citizens is the focus of this new standard.

     

    As you can see, nothing is slowing down in the world of quality management as it pertains to ICT, the cloud, data security and sustainability.  So stay tuned, there’s much more to come in 2015 and we are creating a resource for our clients to check in on the latest updates on the ISO 9001:2015 revision.

    For more information on ISO 9001 or implementing any of the standards above, please contact info@bizphyx.com.

     
  • support 3:44 pm on December 9, 2014 Permalink | Reply
    Tags: ISO 9001: 2015   

    Are You Ready For ISO 9001: 2015? 

    We’re fresh off of the November QuEST Forum Leadership Council and Work Groups and many tough questions were asked about the future of  TL 9000 and the ICT quality management standard.

     

    One important question being addressed is—how will the impending changes with ISO 9001: 2015 impact the TL 9000 quality system?  Quite frankly many of our clients have questions about how the changes to ISO 9001 will impact not only TL 9000, but other related quality standards like ISO 14001 and ISO 27001.

     

    Well mark your calendars!  Our 2015 Webinar Training Course List is LIVE!

    BIZPHYXTraining

     

    BIZPHYX is offering 4 complimentary about ISO 9001: 2015 and ISO 27001 in 2015, which should help our clients mentally and strategically prepare for these changes.

    For more information about upgrading your current ISO based quality system, contact info@bizphyx.com.

     
  • support 3:37 pm on June 2, 2014 Permalink | Reply
    Tags: ,   

    The ISO 9001:2015 Revision: How Proposed Changes Will Impact TL 9000, ISO 14001 and Other Related Standards 

    As many of our clients are aware, ISO 9001: 2008 is under revision.  ISO 9001 is one of the most widely used ISO quality standards.  The proposed revisions have worked their way through the Working Draft (WD) and Committee Draft (CD) stages and are now available as a Draft International Standard (DIS), a key milestone in the revision process.

    Since changes to ISO 9001: 2008 will impact other quality standards like TL 9000 and ISO 14001 (as examples), we like to keep to readers aware of the potential changes and impacts to their existing quality systems.  As active members in QuEST Forum the governing body over TL 9000, we can report that organizationally we’re waiting to see what changes occur with ISO 9001 before significant revisions are made to the current TL 9000 quality standard.  Since TL 9000 is the ISO based quality standard of the ICT and telecommunications industry, changes to ISO 9001 may have an impact on the standard as well.

    We felt the timing was right to provide our readers with relevant information, as well as source material on the revision process and the proposed changes, especially coming off of the recent ASQ Conference on World Quality.  Everyone is waiting to see how much of the DIS will be upheld and what we’ll have to work with in 2015.

     

    Timeline For Change:

    Like all ISO standards, ISO 9001 is reviewed every five years and is now being revised to ensure it is relevant and up-to-date.  At the DIS stage all interested parties can submit feedback that will be considered before the final draft is published by the end of 2015.  After public comments are collected, the revised standard will work its way to FDIS status (Final Draft International Standard), which is expected to take place by July 2015, with the published standard targeted for September 2015.  Once the new standard is published in September (or by the end of December 2015), there begins a 3-year transition period for implementation to the revised standard.

    Since the publication of the Draft International Standard (DIS), which is available at many sites including ISO (click here), many certifying bodies (CBs), Registrars, consultants, auditors and quality organizations have offered their opinions on the proposed changes.  Below the video, you will find links to these source materials.  While everyone has their own take on the DIS, generally here’s what we know will change and why:

     

    Why The Standard Will Change:

    It’s important that the standard remain relevant with regard to changing times, products and services and evolving economies of scale.  As a result, ISO wants to develop a more consistent foundation for the long-term (25 years) and one that will facilitate better integration among all the various quality standards.  Certainly it is ISO’s goal to increase adoption of the standard and to do so, it is necessary to address the rise of service organizations (vs. manufacturing) and the technological changes that impact the way we work in terms of telecommuting and the “virtual office”.

     

    Quick Overview Of What Will Change:

    ISO 9001 (along with ISO 14001 and ISO 27001) is under revision to the common framework.  Annex SL is the generally used shorthand for this and there is a larger push to align all future ISO management system standards under the new Annex SL model.  Revision to the common framework is intended to enhance the alignment and compatibility of standards.  Some of the proposed changes include:

     

    –An emphasis on risk based management. Risk management is in, preventive action out

    Organizational Context.  A new clause that will require the organization to define itself, determine internal and external issues relevant to its purpose and that affect its ability to achieve the outcomes in their quality management system.   It’s a new way of viewing the QMS.

    Process Approach is now embedded in requirements

    –No Management Representative or Quality Manual is required

    –Numerous terminology changes (for example “product” is now “goods and services”)

    New clause numbers in the High Level Structure

    –More leadership requirements for management as well as an emphasis on achieving “value” for the organization and its customers

    A change in structure.  There are now 10 main clauses proposed which speak to the alignment with other standards (see below):

     

    (from DNV-GL)

     

    Here’s a brief video clip from ASQ TV (the full video link is provided below with a list of source materials)

     

    Source Materials For Your Consideration:

    We’ve provided links to some of the better summaries, videos and source materials that we’ve reviewed:

     

    An intense 1-hour overview webinar (with PDF) of the process from CD to DIS from DNV-GL

    (DNV-GL Business Assurance is a global certification body headquartered in Milan, Italy.  Our CEO participated in this live webinar overview in 2013).

    A follow-up PDF on the DIS for ISO 9001:2015 from DNV-GL.  It outlines the main changes

    (Burt Holm, Northern District Sales Manager for the USA facilitated this.  We think it’s excellent and have posted it on our Knowledge Base).

    Full video link from Mark Ames on ASQ TV

    (From the ASQ TV channel as featured during their recent Conference On World Quality).

    An overview from the NQA blog

    (NQA is a highly respected global Registrar known as National Quality Assurance)

    An overview PDF presentation from ASQ

    (ASQ is the American Society for Quality.  BIZPHYX is a member of ASQ)

    An overview from SGS on the Committee Draft (CD) stage

    (SGS is a multinational company headquartered in Geneva, Switzerland which provides inspection, verification, testing and certification services)

    We will keep our readers aware of any updates to the process as they occur here on our blog and on the BIZPHYX Knowledgebase.

     

    The most important thing you must consider is that change is coming and some believe for the better.

     

    Learn about theses changes as you see fit.  Evaluate whether or not these changes will impact your organization. Open a discussion with your quality consultant or Registrar.  There will be time once the final standard is published to revise your quality system before the transition period (3-years) is complete.  For more information on the ISO 9001: 2015 revision, contact info@bizphyx.com.

     
  • support 2:55 am on April 28, 2014 Permalink | Reply
    Tags: Data Privacy, data security, , Heartbleed, , , , R2/RIOS,   

    Data Privacy, Heartbleed and A Growing Energy Footprint: 2014 May Be A Bit Challenging For ICT Quality 

    As our readers know, we certify clients in the telecommunications and ICT industry to quality standards such as TL 9000, ISO 90001, ISO 14001 and ISO 27001.  We also help many of these clients solve their recycling and e-waste objectives by helping them obtain R2/RIOS certifications.

    Much has happened in first quarter of 2014 that impacts the ICT industry in the areas of network quality, data security, environmental sustainability and recycling.  Each of these business practices are subject to constant transformation and in some instances, are under assault.  The reality is the environment is at stake, electronics waste is piling up, spying is the “new norm” and foreign hackers are chipping away at our US data fortresses.  What is an ICT supplier to do in 2014?  Implement quality standards to mitigate these risks.

    What makes our work in ICT so interesting is that these areas often intersect, requiring more complex and thoughtful quality frameworks to be implemented within organizations.  For example, as everything moves to the cloud, not only is data security an issue (ISO 27001), there have been serious discussions about the increasing energy footprint of the digital economy and ICT in general.  This presents a bit of a quandary for suppliers who are also committed to energy reduction and sustainability practices through their EMS (ISO 14001) while shifting more of their services to the cloud.  Can you effectively balance the goals and objectives of an ISMS and an EMS simultaneously?  We believe that you can.

    If you’re sitting on the fence with regard to implementing any of these standards or if you’re considering whether it’s time to add an additional quality framework in your organization, here are some factors to consider and a Q1 update on what’s in play for these quality standards.

     

    ISO 27001:  Could the Hearbleed bug be good for Internet security?

    Q1 2014 has been plagued with numerous data hacks involving retailers like Target, Michael’s and a host of other vendors whose POS systems were compromised with very sophisticated malware.  Verizon just published a study regarding the increase in espionage hacking from Eastern Europe.  The continued revelations of Edward Snowden are the gift that keeps on giving and have forced many in ICT to examine the true value of privacy as practice of “data security”.

    These headaches have been compounded by the recent Heartbleed Bug (a flaw in OpenSSL).  It’s a bit unnerving to learn that the trusted “padlock of https” was been left essentially unlocked for quite some time.   Many articles in the past few weeks illustrate how the NSA likely knew for at least two years about this massive flaw.  The agency’s reported decision to keep the bug secret may have renewed the heated debate over the security of the Internet in general, which certainly impacts the entire ICT industry.  This recent article by re/code demonstrates how Heartbleed’s worst-case scenario has already been proven possible.  And what about the cloud?  As providers utilize or shift to IaaS, PaaS, SasS and SECasS, what are the known and unknown risks?  Is any data communication or transaction really secure?

    Some IT experts have illustrated how the Heartbleed bug may have been a real wake-up call for information and Internet security.  The breach could be viewed as a great test of vulnerability management and incident response.  What have you done in your organization to protect your company and your customers against this type of threat?  At a bare minimum, establish rules for what is allowed and not allowed on your network.  Here is a great link to an ISO 27001 Google Group thread discussing responses to Heartbleed utilizing this ISMS.

    If you don’t think ISO 27001 matters, here’s one company’s attempt at going on the offensive with positive public relations regarding their ISMS.  Snap Survey explains how client data has been unaffected by the Heartbleed bug, due to their ISO 27001 certification.  Consider implementing ISO 27001 today.

     

    ISO 14001:  Preventing pollution, eco-efficiency and life cycle thinking in the next revision?

    We can attest to the value of ISO 14001 from the clients we’ve led to certification.  Sustainability and environmental stewardship are no longer buzzwords.  All reputable brands and corporations (not just ICT organizations) are implementing environmental benchmarks and reporting processes.

    ISO recently conducted a survey of the environmental management system standard ISO 14001.  The survey was designed in part to get a better idea of what organizations see as the main benefits of ISO 14001 and what could be improved, as the standard is currently being revised.  According to the survey results, the most important issues that required more attention were:

    • reducing and controlling pollution

    • strategies for efficient use of resources and reducing waste and pollution

    • evaluating the environmental aspects related to the life cycle of products and services

    You can obtain a copy of all survey data and reports at ISO.  The standard revision is currently at draft phase and the goal is to “future proof” ISO 14001 to address all elements of environmental management, including energy efficiency and energy reduction.  Energy reduction has been the subject many technical articles with regard to the ICT industry, with some pointing out the Internet is far from green.

    The energy requirement of a growing “digital” economy (telecom, data centers) appears to be placing an increased demand on the power grid at a time where energy reduction is the preferred trend.  Potential conflict?  Perhaps.  That’s why it is very important for ICT companies to examine energy reduction and implement an EMS like ISO 14001 to set goals and objectives for environmental management.  Want some ICT best practices guidance?  AT&T and the Environmental Defense Fund (EDF) are releasing their best practices and a toolkit that other companies can use to assess performance at their own facilities.

     

    R2/RIOS:  How are you dealing with e-waste?

    This leads to the subject of e-waste and recycling. Environmental management has many tentacles.  Specific to the ICT supply chain, many of our clients who are certified to the TL 9000 (the telecommunications quality standard) are now required to address electronic waste and recycling, either in their own organizations or as a requirement of doing business as a Tier 1 supplier.  There are multiple ways to meet this objective and we’ve been writing about this on our blog since 2011.

    The two prevailing approaches are R2/RIOS and e-Stewards.  In our industry, we are assisting more clients with R2/RIOS certifications and you will soon see this as a new practice area on our website.

    In fact, a recent article from GreenBiz addresses how e-waste is now a serious problem in the developing world and another provides a quick breakdown on the current rules of recycling electronic waste.  We see this trend continuing and we know that most of our ICT clients will be forced to address this issue internally and with corporate customers in 2014 and beyond.  Consider obtaining a R2/RIOS certification as a potential solution.

    As you can see, ICT quality has many layers outside of general quality and network quality (which is well managed through TL 9000 and ISO 9001 certification).  TL 9000 is expanding to deal with network security and next generation technologies.  However, ICT quality intersects with other important business quality challenges.

    How will you deal with data security, energy management and e-waste?  Consider the additional standards we’ve outlined!

    For more information on ISO 14001, ISO 27001 and R2/RIOS ertification please contact us at info@bizphyx.com.

     
c
compose new post
j
next post/next comment
k
previous post/previous comment
r
reply
e
edit
o
show/hide comments
t
go to top
l
go to login
h
show/hide help
esc
cancel