As we begin the new year by helping clients respond to quality management challenges in their organizations, it has become increasingly clear that 2013 will be focused on data security, energy management and sustainability driven through “communication” networks. These unique functions must integrate even further to meet the complex task of driving a company’s products and services through a global supply chain.
Take for example the telecom industry, where the evolution has become known as “ICT” or information and communications technology. When you combine communication devices that disseminate big data serviced through networks to deliver healthcare, you have telemedicine. Combine public utilities utilizing data through intelligent meters to drive energy reduction and sustainable building standards and you support smart grids and smart cities.
The reality is data security and energy management are cross-relational with the “communication network” at the center of the relationship.
Quality standards are no different and this space is evolving to support integration. Today, we wrapped up work group meetings at the 2013 QuEST Forum Leadership Summit in Dallas. QuEST Forum is the governing body over TL9000, the telecom quality standard (based on ISO 9001). In the past year, the standard has evolved and is now known as the “ICT” standard because deployment over a network is no longer centered purely on “tele” communications. A communication network may be “service” centric, such as with the transportation and energy sectors.
TL 9000 certification can easily be integrated with ITIL functions, such as Service Desk. A great example of integration comes from Huawei. Utilizing eTom, ITIL and TL 9000, Huawei has developed its own compliant MSUP (Managed Service Unified Platform), which is an architecture that drives multiple functions such as customer satisfaction, organizational mapping and operation support systems.
The marketplace is driving shifts in ISO implementations as well. Organizations are now certifying to TL 9000 and ISO 14001 (the energy management standard) at the same time and further expanding their quality certifications to include information security by implementing ISO 27001.
ISO and IEC are also issuing new guidelines which “integrate” standards. For example, in January 2013 ISO and IEC announced that they have published a new International Standard giving organizations advice on how to make integrated use of information security and service management system standards.
The relationship between information security and service management is so close that many organizations already recognize the benefits of adopting both standards: ISO/IEC 27001 (information security) and ISO/IEC 20000-1 (service management).
The new ISO/IEC 27013:2012, Information technology – Security techniques – Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1, provides guidance to be used whether one standard is implemented before the other, or both standards are implemented simultaneously. Only time will tell how this guideline will influence ITIL and COBIT best practices.
“The publication of ISO/IEC 27013 arose from the recognition that combining use of both International Standards brings additional benefits. ISO/IEC 27013 gives guidance on the first steps to be taken by organizations that wish to increase efficiency, improve their information security, service management and services”, according to Jenny Dugmore, editor of the new standard.
Look for this trend to continue, with future guidelines expected as organizations chose to implement multiple, complimentary quality standards as a way to respond to business goals and regulatory pressures. BIZPHYX is now in the process of expanding its service portfolio to include ISO 27001 implementation and audits, with clients set to certify later this year. For more information on new ISO standards and guidelines, please visit the ISO news page.
We’ll be reporting on the outcome of the recent QuEST Forum Leadership Summit and what changes are coming in 2013 with the release of R5.0 of the TL 9000 Measurements Handbook. Our February edition of THE STANDARD will deal with this subject matter, as well as our March 15th TL 9000 R5.0 Measurements Handbook Delta Course. For more information or to register, visit our website.
Please contact us if your organization is considering implementing TL 9000, ISO 14001 or ISO 27001, either independently or as a suite of quality certifications. You can reach us at firstname.lastname@example.org.