Marval South Africa, a leader in IT governance and service management has introduced its ISO Expert education programme, an integrated management training programme, which consists of a series of ISO/IEC standard based courses that assist organisations to drive accountability from an IT business perspective.
“Marval South Africa’s model is different from other training providers in that it incorporates three vital elements: technology, training and consultancy.
“Through a combination of knowledge transfer encompassing each of these spheres using internationally recognised certifications as a basis, the programmeforms the fundamental core to holistically address ISO requirements for today’s governance, risk management and quality service management business challenges,” says Edward Carbutt, executive director of Marval South Africa.
In the programmecandidates are exposed to issues of management theory, quality management and management systems, to name but a few.
The ISO Expert Programmeincludes the following certifications:
* Quality management system – ISO 9001 – ISO9001 focuses on the adoption of a process approach when developing, implementing and improving the effectiveness of a quality management system to enhance customer satisfaction by meeting customer requirements.
An advantage of the process approach is the on-going control that it provides over the linkage between the individual processes within the system of processes, as well as over their combination and interaction – this is achieved by defining a quality management system.
* IT service management – ISO/IEC 20000 – ISO/IEC20000 focuses on creating an integrated process approach to effectively deliver managed IT services to meet the business and customer requirements.
To achieve this, the standard to which extent processes must be implemented in an IT service provider to ensure that service quality is maintained and improved. Performing the activities and processes requires people in the service desk, service support, service delivery and operations teams to be well organised and co-ordinated. Appropriate tools are also required to ensure that the processes are effective and efficient.
* Business continuity management – ISO 22301 – ISO22301 is the international standard for business continuity management and specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise.
These needs are shaped by legal, regulatory, organisational and industry requirements, the products and services, the processes employed, the size and structure of the organisation, and the requirements of its interested parties.
* Information security management – ISO/IEC 27000 – ISO/IEC270000 ensures that organisations have sufficient processes in place to deal with issues of risk to information. Like any other important business assets, information is essential to an organisation’s business and needs to be protected. Information may be transmitted by various means including, courier, electronic or verbal communication.
Whatever form information takes, or the means by which the information is transmitted, it always needs appropriate protection based on confidentiality, availability and integrity.
* Risk management – ISO 31000 – all activities of an organisation involve risk. Organisations of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives.
The effect this uncertainty has on an organisation’s objectives is “risk”. Organisations should manage risk by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria.
ISO 31000 establishes a number of principles that need to be satisfied to make risk management effective and recommends that organisations develop, implement and continuously improve a framework whose purpose is to integrate the process for managing risk into the organisation’s overall governance, strategy and planning, management, reporting processes, policies, values and culture.
“What makes the ISO Expert programmedifferent from other training courses is that we do not view ISO certifications as stand-alone, but we follow the approach of creating a top view using certifications as tools. We then relate them to areas that are appropriate and address the immediate goals and objectives to improve targeted areas in the business operations,” concludes Carbutt.