Embed Size (px)
Citation preview
Overcoming Challenges Through Standardization: ISO/IEC 20000 and ISO/IEC
27001
A.T.M. Didarul Hoq ChowdhuryGrameenphone IT Ltd. , Bangladesh
GPIT Ltd.
GPIT Ltd.
• Caused by a core switch failure within RIM's infrastructure.
• Although the system is designed to failover to a back-up switch, the failover did not function as previously tested.
• A large backlog of data was generated
• knocked out e-mail, BBM, and Web service for more than 10 million customers in Europe, the Middle East, Africa, and parts of South America.
GPIT Ltd.
The report Gordon Hextall refers to recorded the following:
“This has brought savings for the NHS of £192 million and will continue to save the service almost £95 million each year as old networks are replaced.
In addition to generating cash savings, N3 is bringing benefits for the other frontline applications which simply could not function without it.”
N3 is the high-speed broadband backbone network linking the entire NHS in England, and additional sites in Scotland. It currently provides in excess of 30,000 connections serving 1.3 million employees through 63 points of presence across England and Scotland.
GPIT Ltd.
Malware have been targeting insider information from 10,000 senior executives who use the compromised Directors Desk app.
GPIT Ltd.
Changing Role of IT in last two Decades
GPIT Ltd.
GPIT Ltd.
GPIT Ltd.
f
GPIT Ltd.
Change is Inevitable. Adaptability is optional.
Bruce Wilkinson
GPIT Ltd.
Management System
• System to establish policy and objectives and to achieve those objectives.
11Internal
• A management system, including policies and framework to enable the effective management and implementation of all IT services.
• It is a natural progressive life cycle approach, Focused on Value generation, business outcomes.
• It is Applicable across verticals and size , It is Non prescriptive hence easy to tailor and adopt.
12Internal
IT Service Management System
GPIT Ltd.
The Business Benefits of ISO/IEC 20000The business benefits were clearly visible in terms of the following:
• Optimum team sizing for various IT functions and considerable improvement in operational and tactical efficiency to realize service delivery goals.
• The entire exercise is greatly contributing to meeting Go-To-Market growth strategy aimed at the highly competitive B2B segment.
• Better decision-making
• More competitiveness and cost efficiency in delivering services
• Make quality predictable and repeatable
GPIT Ltd.
• The overall management system ,based on a business risk approach ,to establish, implement, operate, monitor, review, maintain and improve information security.
17Internal
Information Security Management System
ISO/IEC 27001: Information Security Management System (ISMS)
GPIT Ltd.
The Business Benefits of ISO/IEC 27001• A structured process approach, to identify your own individual
information security issues, presently at risk in your company.
• An ISMS Certification brings confidence, that there is a systematic approach in place to manage security, assuring Confidentiality, Integrity and Availability of Information.
• Only security standard with global acceptance.
• Helps to meet regulatory compliance.
GPIT Ltd.
Transformation through IT Service Management (ISO/IEC 20000)
GPIT Ltd.
The organization “was” The organization “Now”
Technology Focus Process Focus
Fire fighting Preventive
Reactive Proactive
Users Customers
Centralized, Done in house Distributed, sourced
Isolated, silos Integrated, enterprise-wide
One off Repeatable, accountable
Ad hoc Informal processes Formal practices
IT internal perspective Business perspective
Operation Focused Service Focused
PRINCIPLES of Managed Service
GPIT Ltd.
Say What You Do – Procedures“Document”
Do What You Say – Implement“Record”
Prove It - Audits
Improve It – Continuous Improvement
Steps for Implementing the Certifications
•External CertificationPhase - 5
•Implementation and Pre AuditPhase - 4•Design and DevelopmentPhase - 3
•Awareness and AssessmentPhase - 2
•Planning and Kick offPhase - 1GPIT Ltd.
–Leadership by top management
–Project driven improvements (PMI, PRINCE)
–Service Culture
–Team work
–Customer orientation
–Make or buy
– ISO/IEC 20000/ 27001
Achieving High Quality Services
GPIT Ltd.
Gartner's Report
GPIT Ltd.
GPIT Ltd.
GPIT Ltd.
GPIT Ltd.
Questions?
GPIT Ltd.
Thank you…
GPIT Ltd.
