Nestor J.

Czerwacki
.GQAR: Government Quality Assurance Representative. M.O.D
Certified Consultant, Ministry of Economy and Industry
Cyber Security Specialist (CHCSS 506)
Freelancer on standardization
What is the relationship between a quality manager and an
information manager?
After decades of living in 2 worlds, who know them very well, and who accompanied
the two roles to maximize the capabilities of the organization, I reached a stage where
I ask myself, is there a connection between the 2 roles.
Let's start with definitions, what is a quality manager?
A quality manager is a person in a managerial position who is qualified and
experienced in the field of quality. The main function of a quality manager is to
manage and control the quality system in an organization or company. His main role
is to develop, implement and maintain quality systems while implementing
methodologies, processes and standards.
The work of a quality manager includes a variety of tasks and responsibilities,
including:
1. Development of quality systems: defining indicators, implementing processes and
methods for measuring the quality of the organization's products or services.
2. Implementation of quality processes: establishment and implementation of
processes focused on improving the quality of products or services and reducing
malfunctions and problems.
3. Quality control: operating control and testing systems to make sure that the
products or services meet the defined quality requirements.
4. Standards management: updating and managing standards and adapting them to the
requirements of valid standards in the field of industry or service.
5. Regulation management: ensuring compliance with the regulations, laws and legal
standards applicable to the products or services.
6. Management of quality events: management
Information manager is a position in organizations related to the management,
retrieval and security of the organization's information. An information manager deals
with the technological and business information in the organization and issues related
to information security, information systems management, information retrieval and
data analysis.
The position of information manager includes a variety of tasks and responsibilities,
such as:
1. Information security: The information manager deals with the security of the
organization's technological information. This includes the design and implementation
of security systems, including computer security solutions, communication networks,
cloud information security and information access authorization management.
 Nestor J. Czerwacki
.GQAR: Government Quality Assurance Representative. M.O.D
Certified Consultant, Ministry of Economy and Industry
Cyber Security Specialist (CHCSS 506)
Freelancer on standardization
2. Information systems management: The information manager is responsible for
planning, setting up and managing the information systems in the organization. This
includes the selection and installation of appropriate infrastructure, such as database
management systems, content management systems, retrieval and backup systems,
and disaster recovery.
3. Information retrieval and data analysis: The information manager may engage in
the analysis of the data found in the information systems, using analytical methods
and tools.
This is how I see the roles, but is it possible to combine the roles into one role?
I started thinking about what the two roles have in common, I thought that:
Yes, there is a relationship between a quality manager and an information manager in
the field of industry and business. The connection is due to the fact that both roles
deal with managing and controlling processes within the organization, although each
role focuses on a specific area.
A quality manager deals with the quality processes of the organization's products or
services. He is responsible for ensuring compliance with quality standards and
instructions, performing quality controls, conducting analyzes and developing and
implementing quality systems.
An information manager, on the other hand, deals with the management of
information in the organization and its security. He is responsible for establishing and
managing the information systems, solving technological problems, securing the
information and analyzing the data. The security of the information and the control of
access privileges are a central part of the work of an information manager.
When quality processes are integrated with the information systems in the
organization, a quality manager and an information manager can work simultaneously
on the development of quality systems, quality information management and quality
information security. In addition, the analysis of the qualitative data and the
information found in the information systems may provide ideas and information.
I told myself ok, but what's in common?
There are several points in common between a quality manager and an information
manager:
1 .Management processes: both positions handle management processes within the
organization. They assist in the development of systems, controls and information
security and quality processes in order to ensure that the processes in the organization
are efficient, high quality and reach the desired results.
2 .Information quality: The quality manager takes care of the quality of the
organization's products or services, and the information manager takes care of the
quality of the information within the organization. Both positions are concerned with
 Nestor J. Czerwacki
.GQAR: Government Quality Assurance Representative. M.O.D
Certified Consultant, Ministry of Economy and Industry
Cyber Security Specialist (CHCSS 506)
Freelancer on standardization
adhering to the standard of quality and accuracy of the data, and developing systems
and processes that guarantee the reliability of the information.
3 .Information security: The information manager deals with information security
within the organization, and the quality manager may be involved in information
security processes in order to maintain the privacy, integrity and integrity of the
information related to the quality processes.
4 .Data Analysis: Both roles may be involved in data analysis. The information
manager handles the analysis of the technological and business data within the
organization, and the quality manager can use the data a
to him as part of the quality improvement and management process.
5 .Function in the organization: Both positions are considered important and central in
the organization. They affect the internal processes, the products or services that are
offered and the general quality of the organization.
These are just a few examples of the common points between a quality manager and
an information manager. Of course, the exact details can vary depending on the exact
roles and organizational system.
Still, I'm missing other things of course, but the main one, in my opinion, and the
most important is a risk survey.
Risk management in quality management is a process in which the quality managers
identify, evaluate, assume and manage the risks related to the quality processes in the
organization. This process is designed to ensure that the risks are identified and given
proper treatment in order to reduce the risk of damage to the quality of the products or
services.
The management of risks in the field of quality combines the following steps:
1. Risk identification: At this stage, the risks that exist in the organization's quality
processes are identified. The managers focus on identifying possibilities for failures,
mistakes and weaknesses in the processes, and identifying potential events that may
affect the quality of the products or services.
2. Risk assessment: At this stage, the risks are assessed according to their severity, the
frequency with which they may occur and their effect on the quality of the products or
services. Based on this assessment, the degree of risk can be determined and resources
and risk treatment can be allocated accordingly.
3. Resolving risks: The resolution of risks includes actions to prevent them,
monitoring, detection and correction. Quality managers can develop process systems
and tools aimed at reducing risk, preventing recurrence and handling failure cases at
the source.
 Nestor J. Czerwacki
.GQAR: Government Quality Assurance Representative. M.O.D
Certified Consultant, Ministry of Economy and Industry
Cyber Security Specialist (CHCSS 506)
Freelancer on standardization
4. The management of the stages: the risks are managed continuously and spread
through all the stages of the quality process. They are included in the process plans
and determined as part of the organization's quality policy.
The continuous and effective management of risks in quality management helps in
improving the quality of products or services, in reducing failures and in reducing the
economic losses that may occur as a result of continuous risks.
And what is risk survey information management?
Risk survey information management refers to the process of collecting, organizing,
analyzing, and utilizing information gathered from risk surveys. Risk surveys are
conducted to assess and evaluate potential risks and hazards in various contexts, such
as workplaces, projects, or operational processes.
The purpose of risk survey information management is to effectively manage and
mitigate risks by systematically collecting relevant data, documenting observations,
and analyzing the findings. This information helps organizations make informed
decisions and implement appropriate risk control measures to minimize the likelihood
and impact of identified risks.
The key aspects of risk survey information management include:
1 .Data Collection: Gathering data and information through surveys, inspections,
observations, and assessments. This may involve using standardized risk assessment
tools, checklists, interviews, or other data collection methods.
2 .Data Organization: Structuring and organizing the collected data in a systematic
manner. This may involve categorizing risks, documenting their characteristics, and
maintaining a centralized repository for easy access and retrieval.
3 .Data Analysis: Analyzing the collected data to identify patterns, trends, and
relationships among different risk factors. This analysis helps in understanding the
severity and potential consequences of risks and prioritizing them based on their
significance.
4 .Reporting and Communication: Presenting the findings and analysis of risk surveys
in a clear and concise manner. This includes preparing reports, visualizations, and
summaries that effectively communicate the identified risks and their associated
information to relevant stakeholders.
5 .Decision Making: Utilizing the information gathered from risk surveys to support
decision-making processes. This may involve determining risk mitigation strategies,
allocating resources, and implementing control measures to address identified risks.
6 .Continuous Improvement: Incorporating feedback and lessons learned from risk
survey information management to improve future risk assessment processes. This
involves evaluating the effectiveness of risk controls and making adjustments as
necessary.
 Nestor J. Czerwacki
.GQAR: Government Quality Assurance Representative. M.O.D
Certified Consultant, Ministry of Economy and Industry
Cyber Security Specialist (CHCSS 506)
Freelancer on standardization
By effectively managing risk survey information, organizations can enhance their risk
management capabilities, proactively address potential hazards, and promote a safer
and more secure environment for their operations.
So is risk management between quality management and information management the
same?
While risk management is related to both quality management and information
management, it is not exactly the same. Risk management is a broader concept that
encompasses the identification, assessment, and mitigation of risks across various
aspects of an organization, including quality and information.
Quality management primarily focuses on ensuring that products or services meet
established quality standards and customer expectations. It involves implementing
processes, procedures, and systems to monitor, control, and improve quality
throughout the organization. Risk management within the context of quality
management involves identifying risks that may impact the quality of products or
services, assessing their potential impact, and implementing measures to mitigate or
prevent those risks from occurring.
Information management, on the other hand, deals with the governance, control, and
utilization of information within an organization. It involves the collection,
organization, storage, retrieval, and dissemination of information to support decision-
making and achieve organizational goals. Risk management within the context of
information management focuses on identifying risks associated with data security,
privacy breaches, data integrity, and other information-related risks. It includes
implementing measures to protect information assets, ensuring data accuracy and
reliability, and managing potential risks that may affect the availability,
confidentiality, or integrity of information.
While there may be overlapping elements and interactions between risk management,
quality management, and information management, each discipline has its specific
focus and objectives. However, all three disciplines contribute to the overall
management of risks within an organization to ensure the achievement of
organizational goals, customer satisfaction, and operational excellence.
Are there common standards between quality management and information
management?
Yes, there are common standards that apply to both quality management and
information management. These standards provide frameworks and guidelines for
organizations to establish effective management systems and practices in these areas.
Two prominent standards that are widely recognized globally are:
1. ISO 9001: ISO 9001 is the international standard for quality management systems.
It sets out the criteria for a quality management system and provides a framework for
organizations to consistently meet customer requirements, enhance customer
satisfaction, and continually improve their quality performance. ISO 9001 focuses on
 Nestor J. Czerwacki
.GQAR: Government Quality Assurance Representative. M.O.D
Certified Consultant, Ministry of Economy and Industry
Cyber Security Specialist (CHCSS 506)
Freelancer on standardization
various aspects of quality management, including customer focus, leadership,
involvement of people, process approach, evidence-based decision making, and
continual improvement.
2. ISO/IEC 27001: ISO/IEC 27001 is the international standard for information
security management systems (ISMS). It provides a systematic approach for
organizations to manage information security risks and protect their valuable
information assets. ISO/IEC 27001 emphasizes the identification of information
security risks, the implementation of appropriate controls, and the establishment of a
robust management system to ensure the confidentiality, integrity, and availability of
information.
These standards share some common principles, such as a process-based approach, a
focus on continuous improvement, and the involvement of people. However, they
have specific requirements and considerations tailored to their respective domains
(quality management and information management).
It's important to note that ISO 9001 and ISO/IEC 27001 are just two examples of
widely adopted standards. There are other standards and frameworks specific to each
field that organizations may choose to implement based on their specific needs and
industry requirements.
If is it possible to combine the two roles of quality manager and information
manager?
Yes, it is possible for an organization to combine the roles of a quality manager and an
information manager. In some cases, especially in smaller organizations or those with
limited resources, the responsibilities of managing quality and information may be
assigned to a single individual or a team.
Combining these roles can have several benefits, including:
1. Alignment: Quality management and information management are interconnected
in many ways. Combining the roles can help ensure that quality considerations are
integrated into information management processes and vice versa. It promotes a
holistic approach to managing organizational processes, risks, and improvements.
2. Efficiency: Having a single person or team responsible for both quality and
information management can lead to streamlined processes, better coordination, and
improved efficiency. It reduces duplication of efforts, facilitates communication, and
allows for synergies between quality-related and information-related initiatives.
3. Cross-functional perspective: The combined role provides a broader view of the
organization's operations, risks, and opportunities. It allows for a better understanding
of how quality and information aspects intersect and impact each other, leading to
more integrated and effective management approaches.
 Nestor J. Czerwacki
.GQAR: Government Quality Assurance Representative. M.O.D
Certified Consultant, Ministry of Economy and Industry
Cyber Security Specialist (CHCSS 506)
Freelancer on standardization

However, it is important to note that the combination of roles should be based on the
size, complexity, and specific needs of the organization. In larger organizations with
more complex quality and information management requirements, separate roles may
be necessary to ensure dedicated focus and expertise in each area. Additionally, the
knowledge, skills, and qualifications required for quality management and
information management may vary, so it's essential to assess the capabilities and
competencies of the individuals or team responsible for these roles.
Ultimately, the decision to combine or separate the roles should be based on the
organization's unique circumstances, resources, and objectives.
I have had this dilemma for dozens of years working and dividing myself into
functions.
What do you think?