Neven Zitek
November 26, 2013
Implementation, maintenance, training, and knowledge products for Information Security Management Systems (ISMS) according to the ISO 27001 standard.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
All required policies, procedures, and forms to implement an ISMS according to ISO 27001.
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful ISMS.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Compliance and training products for critical infrastructure organizations for the European Union’s Network and Information Systems cybersecurity directive.
All required policies, procedures, and forms to comply with the NIS 2 cybersecurity directive.
Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.
Compliance and training products for personal data protection according to the European Union’s General Data Protection Regulation.
All required policies, procedures, and forms to comply with the EU GDPR privacy regulation.
Accredited courses for individuals and privacy professionals who want the highest-quality training and certification.
Implementation, training, and knowledge products for Quality Management Systems (QMS) according to the ISO 9001 standard.
All required policies, procedures, and forms to implement a QMS according to ISO 9001.
Accredited courses for individuals and quality professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for Environmental Management Systems (EMS) according to the ISO 14001 standard.
All required policies, procedures, and forms to implement an EMS according to ISO 14001.
Accredited courses for individuals and environmental professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 14001 and the EMS using Advisera’s proprietary AI-powered knowledge base.
Implementation and training products for Occupational Health & Safety Management Systems (OHSMS) according to the ISO 45001 standard.
All required policies, procedures, and forms to implement an OHSMS according to ISO 45001.
Accredited courses for individuals and health & safety professionals who want the highest-quality training and certification.
Implementation and training products for medical device Quality Management Systems (QMS) according to the ISO 13485 standard.
All required policies, procedures, and forms to implement a medical device QMS according to ISO 13485.
Accredited courses for individuals and medical device professionals who want the highest-quality training and certification.
Compliance products for the European Union’s Medical Device Regulation.
All required policies, procedures, and forms to comply with the EU MDR.
Implementation products for Information Technology Service Management Systems (ITSMS) according to the ISO 20000 standard.
All required policies, procedures, and forms to implement an ITSMS according to ISO 20000.
Implementation products for Business Continuity Management Systems (BCMS) according to the ISO 22301 standard.
All required policies, procedures, and forms to implement a BCMS according to ISO 22301.
Implementation products for testing and calibration laboratories according to the ISO 17025 standard.
All required policies, procedures, and forms to implement ISO 17025 in a laboratory.
Implementation products for automotive Quality Management Systems (QMS) according to the IATF 16949 standard.
All required policies, procedures, and forms to implement an automotive QMS according to IATF 16949.
Implementation products for aerospace Quality Management Systems (QMS) according to the AS9100 standard.
All required policies, procedures, and forms to implement an aerospace QMS according to AS9100.
Implementation, maintenance, training, and knowledge products for consultancies.
Handle multiple ISO 27001 projects by automating repetitive tasks during ISMS implementation.
All required policies, procedures, and forms to implement various standards and regulations for your clients.
Organize company-wide cybersecurity awareness program for your client’s employees and support a successful cybersecurity program.
Accredited ISO 27001, 9001, 14001, 45001, and 13485 courses for professionals who want the highest-quality training and recognized certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Find new clients, potential partners, and collaborators and meet a community of like-minded professionals locally and globally.
Implementation, maintenance, training, and knowledge products for the IT industry.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Compliance, training, and knowledge products for essential and important organizations.
Documentation to comply with NIS 2 (cybersecurity), GDPR (privacy), ISO 27001 (cybersecurity), and ISO 22301 (business continuity).
Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for manufacturing companies.
Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for transportation & distribution companies.
Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for schools, universities, and other educational organizations.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), and GDPR (privacy).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, maintenance, training, and knowledge products for telecoms.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, maintenance, training, and knowledge products for banks, insurance companies, and other financial organizations.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for local, regional, and national government entities.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for hospitals and other health organizations.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), and GDPR (privacy).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the medical device industry.
Documentation to comply with MDR and ISO 13485 (medical device), ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), and GDPR (privacy).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the aerospace industry.
Documentation to comply with AS9100 (aerospace), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the automotive industry.
Documentation to comply with IATF 16949 (automotive), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for laboratories.
Documentation to comply with ISO 17025 (testing and calibration laboratories) and ISO 9001 (quality).
Accredited courses for individuals and quality professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
The most known quote in the world: “Houston, we have a problem,” was spoken by Apollo 13’s Commander Jim Lovell. (Actually, he said, “Houston, we’ve had a problem,” but that’s not what we will discuss today.) This quote is one of the best examples of the distinction between ITIL terminology and everyday language. According to ITIL, what Commander Lovell wanted to report was not the problem; it was an incident. An incident is any event that causes degradation or disruption of a service, or even the potential disruption of a service. On the other hand, a problem is the root cause of the incident(s). So, when the Apollo 13 crew heard a loud bang and saw voltage and oxygen pressure drop, they experienced a series of incidents, all stemming from the same root cause – one of the oxygen tanks exploded. However, at the time, that information was unknown – therefore, the problem was unknown.
Figure 1: Clear distinction between Incident and Problem according to ITIL terminology; this time the example is not within the space flight realm, but rather IT related.
Once a problem is identified, the focus must be shifted to quick service restoration. If the service can’t be restored by normal means, such as replacement of a faulty component, any option that will restore service is acceptable, and that operation is called a Workaround. In such case, the problem (or incident) is referred to as a Known Error. So, let me go back once again to the Apollo 13 example, and explain in ITIL terms what was going on after the first Incident.
After an analysis of available data and observation by the ground crew and astronauts, the problem was identified as the explosion and loss of one of the oxygen tanks. As oxygen is used for life support, engine fuel, and electric power generation, it was obvious that the command module (where the astronauts were) was no long providing the service it was designed for. The crew was instructed to abandon the command module and move into the lunar module (the part that was supposed to land on the Moon), and use its oxygen, navigation and propulsion. That decision is, in ITIL terms, called a workaround, as it restored service (the crew was able to breathe, communicate, and navigate the spacecraft) that was previously provided by the now-faulty command module. From that point on, the missing oxygen tank was, by ITIL terminology, referred to as a known error, as it was impossible for the crew to repair or replace it.
We could go even further in exploring ITIL Service Management terminology within the Apollo 13 flight; for example, when the crew was moved to the lunar module, after some time carbon dioxide (CO2) levels began to rise, due to the fact that three astronauts were breathing in a lunar module designed for two, and CO2 filters weren’t able to remove it quickly enough from the atmosphere. Normally, would be enough to replace the filters more often (which would be called a Standard Change, as it’s a common and well-known operation), but they had used all of the filters already, and had none left for the time required to get back to Earth. NASA summoned all available personnel on the ground, and tasked them with figuring out how to fit cube-shaped filters, used in the command module, into a cylindrical socket, available in the lunar module. The result of this action was an Emergency Change (which was not exactly tested, and was loosely documented on the go), that included yet another workaround using duct tape, parts of a manual, plastic bags, and one astronaut’s sock (hopefully the clean one) – and it worked.
Within that single flight, we could describe a good portion of the ITIL best practices terminology that is in use today. As another example, astronauts were communicating with the ground crew via a single ground crew representative (CAPCOM – Capsule Communicator), which is very similar to the Service Desk role in an IT Service Management organization. On the other hand, the astronauts didn’t have a single communication representative, which is again similar to the Customer role in service management terms. The ground crew was continuously monitoring and interpreting all Events and logs coming from the spacecraft’s onboard systems, which is nothing more than Event Management and service monitoring. Therefore, when CO2 levels started to rise, that event was recorded, and even though it wasn’t at a critical level yet, it was reported as an incident, which consequently became a problem that got escalated to an emergency change, and was solved by a workaround. This chain of events is a display of good Service Management practice, as it enabled involved personnel to see, interpret, and react to events in way that led to a solution in time, in logical order, and it was resolved without service impact.
Figure 2: Service restoration by applying Workaround via Emergency Change, and resolving all related Incidents. Problem is now referred to as Known Error.
In general, what we deal with in IT organizations is not a matter of life and death, so the common approach to everyday tasks is much more casual than the one described in this space program example. However, what differentiates good Service Management from bad, is how well Service Management understands its role, its ability to predict, prevent and operate in any conditions. Clear communication with well-defined terminology that is based on good practice is just one of the success factors, whether we talk about day-to-day business, or mission-critical situations. If all personnel involved within the IT organization are able to understand, and use given terminology, they will consequently be able to share information better, avoiding common assumptions which lead to more issues, confusion and the good old blame game.
You can also check out these free whitepapers: Implementing ITIL in a telecommunications company and ITIL implementation in your IT organization and see how to solve real-life situations by applying ITIL.
You may unsubscribe at any time. For more information please see our privacy notice.