Professional Documents
Culture Documents
ISO and ITIL Best Practices in IT Services and Quality Management
ISO and ITIL Best Practices in IT Services and Quality Management
Michael F. Meuser
Todays Discussion
Brief History of the International Organization for Standardization Differences between ISO 9000:2000 and ISO 9000:1994 Focus on the interrelationships of ISO and ITIL Quality Management Systems Overview of how to combine ISO and ITIL compliance efforts into a working solution which provides your customer and your company with the best practices in IT Service and Quality Management Systems Using both ISO and ITIL for continuous improvement in the goal of Total Quality Management
Todays Goal -Make our discussion today valuable in that it relates to your company or organization and you understand the value of implementing ISO and ITIL Quality Management Systems
The ISO 9000 series of Quality Standards are recognized internationally as shown below: BS ENISO 9000 - Britain and UK AS/NZS 9000 - Australia/New Zealand ANSI/ASQC/Q9000 - USA MS ISO9000 - Malaysia JISZ 9900 - Japan
A Little Story
This is a story about four people named Everybody, Somebody, Anybody, and Nobody. There was an important job to be done and Everybody was sure that Somebody would do it. Anybody could have done it, but Nobody did it. Somebody got angry about that, because it was Everybody's job. Everybody thought Anybody could do it, but Nobody realized that Everybody wouldn't do it. It ended up that Everybody blamed Somebody when Nobody did what Anybody could have done!
ISO requires "the responsibility, authority, and the interrelation of all personnel . . . shall be defined and documented" to prevent this from ever happening.
The results of a very recent Quality Systems Update from Deloitte & Touche confirmed the most important external benefits of an ISO compliant system: 83% reported improved management control 70% claimed real improvements in customer service 64% said ISO 9000 improved their ability to bid for contracts 48% increased their market share More than 280,000 ISO 9000 certifications are in force today. You can learn more at the ISO website:
www.iso.ch
ISO 9000:1994
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 Management Responsibility Quality System Contract Review Design Control Document and Data Control Purchasing Control of Customer Supplied Products Product Identification and Traceability Process Control Inspection and Testing 4.11 4.12 4.13 4.14 4.15 4.16 4.17 4.18 4.19 4.20 Control of Inspect, Measuring and Test Equip Inspection and Test Status Control of Nonconforming Product Corrective and Preventative Action Handling, Storage, Pack, Preserv & Delivery Control of Quality Records Internal Quality Audits Training Servicing Statistical Techniques
ISO 9000:2000
ISO 9000 - describes fundamentals of quality management systems and specifies the terminology for quality management systems. ISO 9001 - specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide products that meets product and applicable regulatory requirements and aims to enhance customer satisfaction. ISO 9004 - provides guidelines that consider both the effectiveness and efficiency of the quality management system. The aim of this standard is to improvement the performance of the organization and satisfaction of customers and other interested parties.
The 20 elements that form the structure of the current ISO 9000:1994 series standards are folded into a new structure with four main sections:
1. 2. 3. 4. Management responsibility Resource management Product and/or service realization Measurement, analysis and improvement
These four sections describe the four phases of a fundamental concept for the new standards referred to as the Process Model.
There are several areas within the ITIL Best Practices that interact with ISO 9000:2000
Configuration Management
The main objective of Configuration Management is to control the environment for which it was built. This would include: (when applicable) - process control, identification of product or service, traceability of product or service, documentation control, inspection and testing status, etc.
Incident Management
This practice serves as continuous tracking of: - performance to specified requirements - control of nonconforming product SW/HW, services and quality records
There are several areas within the ITIL Best Practices that interact with ISO 9000:2000 (cont.)
Problem Management
Plays a major role in the control of nonconforming products and corrective actions. Process contributes to design changes needed to have configuration items changed to a desired status and assure proper implementation.
Change Management
Very similar to problem management yet it plays a central role in process control functions and various other ITIL processes.
There are several areas within the ITIL Best Practices that interact with ISO 9000:2000 (cont.)
Availability Management
This ITIL component generates and gives rise to a higher quality of Service Level Management.
Capacity Management
Has a major contribution to the ISO 9004 stipulations in that it specifies the requirements of service needs and is defined in terms of characteristics which effect service performance.
Cost Management
The Cost Management process contributes to the ISO 9001requirements in the aspects of contract review and design inputs, outputs and changes. This ITIL process also goes beyond ISO 9000:2000 in relating to the Cost of Quality which is found in the prerequisites of the Malcolm Baldridge Award.
Contingency Planning
Many aspects of Contingency Planning relate to ISO in contract review, design control, document control, purchasing and most importantly internal quality auditing.
There are several areas within the ITIL Best Practices that interact with ISO 9000:2000
Conclusion:
If (not if but when) your company is to become ISO certified and you have these ITIL Best Practices established, this will facilitate the process many times over.
If your company is already ISO certified and are considering ITIL Best Practices, you already have a major advantage in the steps to ITIL compliance.
It is expected that in 2003 and 2004 the ITIL process framework will officially be recognized as a main contributor to become ISO-9000 certified for ITs Service Management activities. So do not waste your time and efforts in reinventing the wheel. Use the already established frameworks of ISO 9000:2000 and ITIL Best Practices.
Combining
ISO and ITIL Compliance Efforts
#1
Senior Management to embrace and understand the value of ISO and ITIL working together
Appoint champions in each of your company departments Train/certify management, champions and all involved staff Include ISO and ITIL implementation progress on the agenda of every team meeting Make ISO and ITIL part of your Corporate policy and life
Organizing yourselves shall ensure that the quality of your design, products and IT services are coordinated in all of your different functions and that you control these activities. The collection of these controlled activities is what is called a Quality Management System.
This system must meet the objectives as set forth by the Senior Management of your company, who determine Quality Policies and guide the Quality System.
The Quality System and Quality Policy is aimed at the reduction, elimination, and most importantly, the prevention of quality deficiencies. Quality deficiencies, no matter what functions are addressed, effect the bottom line which is the profitability of your company.
International Organization for Standardization Information Technology Infrastructure Library Total Quality Management
Why does your company need Total Quality Management? .........cause it leads to daily continuous improvement and...
Change in Philosophy Change in Focus Emphasizing that all employees need to be involved in solving problems. Resolving problems at the point they occur rather than just prior to installation, design/product release or start of assignment. Not just applying a band aid but actually solving the problem at the root cause. Reducing problems in the system through the use of statistical techniques that indicate consistency, predictability and the repeatability of the process.
Use of Statistics -
Change in Responsibility - Rather than as separate units, representatives of Customer Relations, Design, Engineering, Purchasing, Accounting, Marketing and Quality Assurance act together to discover the cause of the problem, not just the symptoms or the results that the problem leaves. Involve personnel early in the launch of the project. On-going Improvements - Having a process orientation where we follow a process from beginning to end, (often crossing departmental boundaries), will increase our process knowledge and lead to continuous improvement throughout your company.
President Corporate Objective Sets Quality Policy (including strategic quality goals and strategic quality direction)
Quality Policy and Strategy
Strategic Objectives
Executive Steering Committee Assures improvement in quality performance . Establishes CCG's quality system framework
Company-Wide Quality Support Programs that support the management and improvement of products, services and process quality: Methods Technologies Assessment practices Education
Feedback of Best Practices
Set quality objectives Set quality performance objectives Set customer satisfaction goals
Business Objectives
Questions?
Michael F. Meuser Advanced Best Practices State of California CalSTRS 916.229.0736 mmeuser@innercite.com