There are many different IT management frameworks for managing the delivery of cost-effective IT Services. Many of which only cover a specific aspect of IT, for example; information security, service management, quality, environmental, etc…
Organisations that implement these frameworks do so for different reasons. For example, one organisation may be looking to achieve certification to ISO 27001 in order to win a new contract and this is the only way to differentiate themselves from the competition. Whereas another organisation may be seeking certification to ISO 27001 because it’s suffered a string of data breaches and its management are under pressure to reassure customers and shareholders that it is taking appropriate steps to manage risk and to protect information assets – including sensitive customer data.
The order in which organisations implement frameworks, or international standards, will vary depending on their commercial drivers.
All well and good. The problem comes when trying to “sell” these to staff. Frequently, these management systems are perceived as heavy amounts of documentation without any real business benefit to the end user – the staff and management. More of an overhead, especially when the key driver comes not from an internal desire to improve, but from an external tender requirement placed on the organisation concerned. The task is given to an individual, who then spends hours writing the documents and putting them in a collated mighty tome, that then sits on the shelf, unused and unloved until the certification auditor arrives. This approach may well be more of a cost to the business than a benefit.
Importantly, you do not want hundreds and hundreds of policies, after all, management systems only require a series of seven documented procedures that are common:
- internal audit
- management review
- corrective action
- preventive action
- document control
- record control
- exception management (be these security incidents or non conforming products).
Integrate Management Systems to drive efficiency and increase effectiveness
In fact, the news from ISO is that subsequent revisions to these standards will further harmonise these management system documents, so you know these common areas will even have the same clause number from standard to standard.
Documentation Toolkits from IT Governance offer this documentation in a pre-written, templated format, along with a selection of other tools to help you save hundreds of hours.
A toolkit can accelerate your project immensely. The key benefits of a toolkit are:
- A toolkit is cheaper than one days’ consultancy
- Template documents are easy to edit and customise
- Template documents save you time on research
- Template documents save you time on procedure writing
- Makes you your own expert
- Includes an after sales support service
- Includes 12 months of automatic updates
AND, our documentation toolkits are designed to integrate with one another so when you move from one project to the next, you don’t have to start from scratch!