ICT Management Systems

ICT Management Systems
For managing in a proactive way complex systems and processes, which are always evolving and are subject to many stimuli and risks, the company may adopt management systems on the following topics:

IT Quality - ISO 9001

 A quality management system allows companies improving their work in terms of cost reduction, more efficient management of the risk, improving customer satisfaction, motivating the staff, supporting continuous improvement.
The standard ISO 9001 “represents a model to manage the organization that is based on some essential points: focus on results, focus on costumers, management of processes, and commitment on the planning activity, measuring and improving. It is a model that drives the management to invest on human resources”.

Information Security
ISO 27001

The term “Information Technology” refers to a large number of technical, organizational and procedural aspects that are concerned with the protection of hardware, software, informations and services.
In particular, about informations, the main features that must be protected are:
  • Confidentiality, which aim is to guarantee that unauthorized subjects could not have access to information, intentionally or in an accidental way.
  • Integrity: which wants to guarantee that information could not be subjects to unauthorized alterations, either accidentally or intentionally.
  • Availability: that allows to guarantee that authorized subjects could indeed access to informations every time is necessary, even when there are accidental phenomena that can be an obstacle or when there are deliberate hostile actions, which could prevent the access to informations.
A management system of information security in compliance with ISO/IEC 27001 is a tool through which the organization can prove to be able to protecting in a global manner its own information assets.

Service Management
ISO 20000

The service management or IT Service management system is the discipline specialized in the management of Information technology systems on large scale and focused on costumers prospective and on the contribution of the IT to the business.
Is well Know that suppliers of IT services can not just focus on technology, but also they have to consider the quality of their service and to focus on the relationship with costumers.
In particular the IT services are extremely changeable, in connection with the high dynamic with which the ICT sector evolves (an example are the terms hosting and housing, established in the last years). Moreover, there is often the modification of the denomination of few services (for example the service of facility management, completely forgotten, it is actually the same service now included inside the more wide and complex management of all the problematic concerning the IT system and today called full outsourcing).
The IT service is the results of any activity that make as interface between the supplier and the costumer. In particular the service is:
  • Intangible, because the service is qualified for the added value that brings to costumers rather than for its proprieties, moreover it is considered in terms of performances and not for its physical features (even if, obviously, the service could require tangible goods to use, buy, place and build).
  • Variable during the time, because of the fluctuations of the different organizational, technological and human components of the service.
  • Heterogenic, in the sense that it change from supplier to supplier, with the variation of the productive process. As well, it change from user to user in function of the background of knowledge and competences.

Business Continuity
ISO 22301

The term Business continuity refers to the capacity of the company to maintain the continuity of its own business during and after catastrophic events that could damage it.
The planning of the business and service continuity is called Business continuity plan (BCP) and it is commonly considered as a global process that identify the potential dangers, which threat the organization. It provide a structure to increase the resilience and the capacity to answer in order to defend the interests of stakeholders, productive activities, the reputation, reducing risks and consequences on the management, administrative and legal point of view.
The correct implementation of business continuity system depends from a complete and effective analysis of all the problems connected with it.
A correct business continuity is realized using innovative standards such as ISO/IEC 27031, ISO/IEC 24762 and ISO 22301 and analyzing with attention the needs in terms of safety and suggesting the best solutions to assure a system of business continuity efficient and effective.