BACKGROUND AND EXPLANATION OF REG INITIAITIVE TO SUPPORT QUALITY

STANDARDS / CERTIFICATIONS IN THE ICT SECTOR IN THE BALKANS

Background:
Last spring, the Regional Economic Growth (REG) project funded an analysis of the quality
standards and certifications found to be most critical to improving the competitiveness of the
ICT sector in the Western Balkans. The study considered the demand in EU and other target
markets, as well as the level of awareness of ICT firms in the Balkan region and availability of
service providers of specific standards. The results of the study indicated that the key
standards and certifications that are in high demand and would improve
competitiveness include ISO 27001, ISO 20000, ITIL (Foundation Version 3), CMMI
and SCRUM.
The key findings from the study are presented in the following comparative table:

Regional Market

Target Market

Organizational
standards and
best practice
frameworks

CMMI
ISO27001
ITIL / ISO20000
SCRUM / agile
methodologies
TOGAF

Current

Verification
method

Certification and selfdeclaration

Individual
certifications

Project
management
SCRUM master
ITIL master
ISTQB
Technology /
vendor specific
(Cisco, ORACLE,
Microsoft, SAP,
etc)

ISO9001
ISO27001
ITIL /
ISO20000
SCRUM /
agile
methodologies
IT Mark

Future
ISO27001,
ISO20000/ITI

ISO9001
SCRUM /
agile
methodologies

Certification and self-declaration

technology /
vendor specific
(Microsoft,
Cisco, IBM,
Oracle,
Google, etc)
PMP
ISO27001
LA
ITIL
foundation
SCRUM

ITIL
SCRUM
PMP
ISTQB
technology /
vendor specific

As a result, REG plans to introduce a support mechanism for firms and individuals to obtain
these certifications. We plan to work with Business Support Organizations (BSOs) in the
Balkan region in the ICT sector in order to also build the capacity of our partners (the BSOs)
to provide this service in the future, build their own knowledge of key certifications, and
increase the awareness and interest of their members in certification process.
Quality standards and certificates supported through this Activity:
Specific details on ICT certifications are below:
ISO/IEC 20000-1:2011 Service management system

ISO/IEC 20000-1:2011 is a service management system standard that covers the

design, transition, delivery and improvement of services that fulfill service requirements
and provide value for both a customer and service provider. ISO/IEC 20000 was
originally developed to reflect best practice guidance contained within the ITIL
framework, although it equally supports other IT service management frameworks and
approaches including Microsoft Operations Framework and components of ISACA's
COBIT framework. Companies can certify themselves based on this standard through
accredited certification bodies. This service management system can be integrated with
other management systems such as for quality (ISO9001) or information security
(ISO27001)
It is moderately recognized in target markets, while in some of the regional markets this
system is part of the regulatory requirements for providing services to the financial
sector.
ISO27001 Information Security Management System
Source:
http://www.iso.org/iso/home/standards/management-standards/iso27001.htm;
www.27000.org/iso-27001.htm
ISO27001: information security management system standard is a certifiable
standard published and managed by International Standards Organization. Main focus is
to ensure confidentiality, integrity and availability of organizational information assets
including information, systems, processes, people, equipment, etc.
It is paired with ISO27002 and a series of additional standards that serve as guiding
documents and provide the industry best practice for ensuring security and privacy of
information assets.
ISO27001 is recognized in all target markets, with a varying number of actual certificates
issued. Most certified companies are in the target markets: UK, USA and Germany.
CMMI Capability Maturity Model Integration
Source: www.sei.cmu.edu/cmmi/
Capability Maturity Model Integration (CMMI) is a process improvement training and
appraisal program and service administered and marketed by Carnegie Mellon
University. Under the CMMI methodology, processes are rated according to their maturity
levels, which are defined as: Initial, Repeatable, Defined, Quantitatively Managed,
Optimizing.
CMMI is recognized in all countries, with a varying number of actual certificates issued.
Required by many public institutions in USA or their contractors, especially for software
development, but significant number of certified companies exists as well in Germany,
Turkey, UK.
CMMI currently addresses three areas of interest:

Product and service development CMMI for Development (CMMI-DEV),

Service establishment, management, CMMI for Services (CMMI-SVC), and
Product and service acquisition CMMI for Acquisition (CMMI-ACQ).

SCRUM and SCRUM Master

Source: https://www.scrum.org/; http://www.scrumalliance.org
SCRUM is an iterative and incremental agile software development framework for
managing software projects and product or application development. It is organized

around the concept that the development team works as a unit to reach a common goal.
SCRUM enables teams to self-organize by encouraging physical co-location or close
online collaboration of all team members and daily face to face communication among all
team members and disciplines in the project.
SCRUM is facilitated by a SCRUM Master, who is accountable for removing
impediments to the ability of the team to deliver the product goals and deliverables. The
Scrum Master ensures that the Scrum process is used as intended.
SCRUM as a framework and methodology for software development is recognized in
most of the target market, a bit lower in the Middle East countries. As a framework, it is
not certifiable for companies, but companies can declare compliance and commitment to
following the methodology. Requirements for SCRUM Master certified staff exists in the
target markets but are not mandatory.
ITIL and ITIL Expert or higher
Source: www.itil-officialsite.com/
The Information Technology Infrastructure Library (ITIL) is a set of practices for IT
service management (ITSM) that focuses on aligning IT services with the needs of
business. ITIL is the base set of best practices giving guidance for the ISO20000
standard for IT service management.
The ITIL Qualifications scheme provides a modular approach to the ITIL framework,
and is comprised of a series of qualifications focused on different aspects of ITIL Best
Practice, to various degrees of depth and detail. The levels include: Foundation,
Intermediate, Expert and Master.
ITIL is recognized in all target markets both among the users and providers of IT
services. As a best practice framework it is not certifiable but companies can declare
compliance and can implement the applicable practices and processes in their
operations. Requirements for ITIL certified staff exists in the target markets but are not
mandatory. Premium value is recognized in ITIL v3 expert or higher individual
certifications.
The purpose of the support is to enable companies from the region to become more
competitive on current target markets where they already sell or try to sell their products and
services.
Structure of Activity:
REG project plans to contact BSOs in the ICT sector in the region that are known to be
qualified to manage such a program. A tentative list of identified partners is developed, but
REG is seeking input from USAID and colleagues in the region to identify others. BSOs can
apply to be selected as an implementer for this Activity by providing training to member and
non-member companies and/or individuals. Selected BSOs have to commit to market the
Activity and manage the application process (including review and selection). REG will have
the right of final approval of the pre-selected companies and individuals.
REG will reimburse associated costs after the completion of the training and proof of
certification are provided to and approved by REG and USAID. All of the documents that will
be provided as proofs on behalf of companies will be collected on behalf of the BSOs.
Since 5 countries from the region are involved in the support program and each country has
several BSOs through which REG will be offering the support mechanisms, REG cannot
commit to tracking all eligible certification providers on a national level. The BSOs will be
expected to put together a list of qualified national and regional certification providers to be
reviewed by REG that will then be made available to all participating companies and
individuals participating in the program. Companies and individuals will be in a position to

choose between different service providers. Once the training and/or certification is
completed, a company or an individual should supply evidence (i.e., certification, bank
transaction of the company / individual payment) to the BSO that the process has been
completed. Through this process, REG will give more responsibility to the BSOs in order to
support development of this service on a sustainable basis and through local expertise.
Upon a successful certification, the BSOs will also be required to share business results that
are directly linked to certification, including sales, increased employment, etc. BSOs will
manage the funds and transfer the financial resources when and where applicable. REG will
reimburse a relevant amount of funds, after the BSO submits all proof of obtained
trainings/certificates and USAID approves. Lastly, the BSO should provide to REG a proof of
the payments towards the companies.
At the end of the year, each BSO will receive a management fee, from REG, of $800 for up to
15 companies and/or individuals certified, or $1000 for more than 20 companies and/or
individuals certified. REG will initiate these calls for applications 2 times a year, in autumn
2014 and spring 2015.
There are three supporting mechanisms that BSOs can offer to their members. Please
bear in mind that that the application process for all the trainings/certifications will be
coordinated through selected BSOs. All companies and individuals are eligible to
apply irrespective of whether they are members of BSOs.
Co-funding for Business Support Organizations (BSOs):

Cost-share of up to 35% of the costs of organizing training activities. These events

will mainly be for actual trainings, but there could possibly be a need for some
awareness events or introductory trainings. BSOs will only use this mechanism
when there is a minimum of ten companies or individuals interested to participate.
The BSO will be responsible for all the promotion, attraction of participants,
organization and logistics, and will need to provide a minimum of three candidate
service providers (from the region or beyond), from which one will be selected to
implement the training. To be approved, an activity plan and total budget (including
the co-funding requested from REG) should be submitted.
Moreover, companies and/or individuals are eligible to apply through BSOs:

Co-funding for company certification of up to $2000, following successfully

obtaining the certification. REG will support companies in acquiring ISO 27000, ISO
20000 and / or CMMI. The application process and application collection will be done
through the organizing BSOs. One company will be eligible for request support for 2
certifications, but must obtain one before they are eligible to receive support for the
second. Reimbursement will be managed by the BSO once proof that the exam
(certificate) was successfully completed is provided to the BSO.

Co-funding for individual training participation of up to $250 interested in the

training and up to $ 150 interested to take the examination for SCRUM or ITIL
(Foundation Version 3). The program is available for all individuals, it is not
necessary for them to be members of the BSOs. Reimbursement will be managed by
the BSO once proof that the exam was successfully completed is provided to the
BSO. REG will then provide reimbursement through the BSOs for groups of certified
individuals. Lastly, the BSO should provide to REG a proof of the payments towards
the companies.

Deadline: BSOs are required to send to REG the summary of the applications, together with
the applications in zip file no later than September 30 th.
Subsidy approval: All applications submitted by the BSOs will be reviewed and approved by
the REG team.