Branimir Valentic
June 28, 2016
Implementation, maintenance, training, and knowledge products for Information Security Management Systems (ISMS) according to the ISO 27001 standard.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
All required policies, procedures, and forms to implement an ISMS according to ISO 27001.
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful ISMS.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Compliance and training products for critical infrastructure organizations for the European Union’s Network and Information Systems cybersecurity directive.
All required policies, procedures, and forms to comply with the NIS 2 cybersecurity directive.
Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.
Compliance and training products for personal data protection according to the European Union’s General Data Protection Regulation.
All required policies, procedures, and forms to comply with the EU GDPR privacy regulation.
Accredited courses for individuals and privacy professionals who want the highest-quality training and certification.
Implementation, training, and knowledge products for Quality Management Systems (QMS) according to the ISO 9001 standard.
All required policies, procedures, and forms to implement a QMS according to ISO 9001.
Accredited courses for individuals and quality professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for Environmental Management Systems (EMS) according to the ISO 14001 standard.
All required policies, procedures, and forms to implement an EMS according to ISO 14001.
Accredited courses for individuals and environmental professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 14001 and the EMS using Advisera’s proprietary AI-powered knowledge base.
Implementation and training products for Occupational Health & Safety Management Systems (OHSMS) according to the ISO 45001 standard.
All required policies, procedures, and forms to implement an OHSMS according to ISO 45001.
Accredited courses for individuals and health & safety professionals who want the highest-quality training and certification.
Implementation and training products for medical device Quality Management Systems (QMS) according to the ISO 13485 standard.
All required policies, procedures, and forms to implement a medical device QMS according to ISO 13485.
Accredited courses for individuals and medical device professionals who want the highest-quality training and certification.
Compliance products for the European Union’s Medical Device Regulation.
All required policies, procedures, and forms to comply with the EU MDR.
Implementation products for Information Technology Service Management Systems (ITSMS) according to the ISO 20000 standard.
All required policies, procedures, and forms to implement an ITSMS according to ISO 20000.
Implementation products for Business Continuity Management Systems (BCMS) according to the ISO 22301 standard.
All required policies, procedures, and forms to implement a BCMS according to ISO 22301.
Implementation products for testing and calibration laboratories according to the ISO 17025 standard.
All required policies, procedures, and forms to implement ISO 17025 in a laboratory.
Implementation products for automotive Quality Management Systems (QMS) according to the IATF 16949 standard.
All required policies, procedures, and forms to implement an automotive QMS according to IATF 16949.
Implementation products for aerospace Quality Management Systems (QMS) according to the AS9100 standard.
All required policies, procedures, and forms to implement an aerospace QMS according to AS9100.
Implementation, maintenance, training, and knowledge products for consultancies.
Handle multiple ISO 27001 projects by automating repetitive tasks during ISMS implementation.
All required policies, procedures, and forms to implement various standards and regulations for your clients.
Organize company-wide cybersecurity awareness program for your client’s employees and support a successful cybersecurity program.
Accredited ISO 27001, 9001, 14001, 45001, and 13485 courses for professionals who want the highest-quality training and recognized certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Find new clients, potential partners, and collaborators and meet a community of like-minded professionals locally and globally.
Implementation, maintenance, training, and knowledge products for the IT industry.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Compliance, training, and knowledge products for essential and important organizations.
Documentation to comply with NIS 2 (cybersecurity), GDPR (privacy), ISO 27001 (cybersecurity), and ISO 22301 (business continuity).
Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for manufacturing companies.
Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for transportation & distribution companies.
Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for schools, universities, and other educational organizations.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), and GDPR (privacy).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, maintenance, training, and knowledge products for telecoms.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, maintenance, training, and knowledge products for banks, insurance companies, and other financial organizations.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for local, regional, and national government entities.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), GDPR (privacy), and NIS 2 (cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for hospitals and other health organizations.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), and GDPR (privacy).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the medical device industry.
Documentation to comply with MDR and ISO 13485 (medical device), ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), and GDPR (privacy).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the aerospace industry.
Documentation to comply with AS9100 (aerospace), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the automotive industry.
Documentation to comply with IATF 16949 (automotive), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety).
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for laboratories.
Documentation to comply with ISO 17025 (testing and calibration laboratories) and ISO 9001 (quality).
Accredited courses for individuals and quality professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
I have witnessed a situation where an IT department designed and implemented a service that they find useful and functional. And, no one else. The result was that resources were spent, service was implemented, but no one ever use it. The point is that the service was not something the customer needed, meaning – the service did not create any value in the customers’ eyes. I’m pretty sure that each of you will find similar examples.
These days, people working in IT are pretty self-confident, particularly if they are in the same company for many years. And, they think that knowing the business or customers gives them the right to know who needs which service and why it is good for them. I would say – stop before you begin with the creation of such services or process changes. It’s not IT who sets the pace – it’s the customer. But, what do they care about? What’s important for them? Let’s see the customers’ view and learn the ITIL approach to reducing the gap between customers and the IT department, i.e., IT service provider.
The fact is that it’s the customer who decides what is valuable or not (i.e. what creates value) to them. Not the IT. Maybe this statement sounds simple. But, my experience shows that, quite often, people in IT comment various situations like “How they (users) don’t understand this’”, “How come they don’t like this functionality?”, “If they would use this application, their life would be much easier.”… Honestly, from time to time I have also high expectations from my customers. I see the world with my eyes and not with the customers’ one. And, that’s wrong. To understand this thesis, let’s consider the definition of value – “The benefits delivered in proportion to the resources put into acquiring them.” From customers point of view – resources they put to acquire a service(s) are usually money they pay for the service(s). But, more important is – benefit they get. Since customer is paying for the service(s), they will decide whether the benefits gained are worth it.
To get a better understanding, imagine you booked your vacation, you just arrived at the hotel, and you start gaining impressions. Well, there could be the best-designed catalogue of that destination or sales person who is highly professional in selling tourist arrangements, but it’s you and your impressions who will decide whether you like the hotel, destination, offerings… It’s the same with IT customers and the services they use.
Read the article ITIL strategy – Framing the value of services (part I) to learn more about value.
Utility, or functionality, is what the service does. The point is that your customers need your services to do something. And, they are the only ones who know what exactly they need to do – that’s their expectations towards the IT service(s). To gain a mutual understanding (of what creates value to the customer), you should talk to them and describe the functionality as detailed as possible. And, first of all – listen to what they are saying. Don’t try to record the customer’s description in a way to support your view of the functionality. It’s the customer’s view that is important.
Utility should answer the question: “What does the service need to do?” Functionality of the service is just one half of the value description. Another one is the description of the customer’s requirements, or warranty.
Read the article Service Level Requirement (SLR) as origin of the SLA content to learn more about service level requirements.
Warranty describes how well the service is working. Namely, you can have the best service in the world (from a functionality point of view), but if it doesn’t deliver at the level the customer needs – it’s useless. And, again, it’s the customer who knows what kind of service he wants to get. Here we talk about design of the service and the parameters that describe it. These parameters are security, service continuity, availability, and capacity.
All those parameters need to be defined unambiguously and (if possible) in measurable units. In such way, you will avoid future misunderstandings. Parameters that describe warranty are usually a good foundation for the Service Level Agreement (SLA). Warranty answers the question: “How is the service delivered?” However, ITIL recommends that warranty should not be seen separately from utility, meaning design of the service has to have a tight connection with functionality. I know, it’s logical, but also many times omitted.
Read the article ITIL – Service Level Agreements: Designing frameworks to learn more about SLA.
The value that the customer expects can be achieved only when the service meets customer expectations (in the form of utility and warranty). But, there is one pitfall in this statement. What often happens is that customers are concerned about functionality and forget about characteristics of the service, i.e., warranty, until the service enters the live environment. You, as an IT service provider, should have established the IT Service Management (ITSM) structure (using ITIL will enable you to do that) and taken care about all warranty parameters right at the beginning of the service establishment. You gain because of the satisfied customer, and the customer gains because they will get value to the full extent and they will get a feeling of having professionals “on the other side” (meaning – you).
Let’s resume – a service has value when it enables someone to do exactly what he needs to do. ITIL puts high importance on understanding the customer’s requirements and demand for functionality. During the whole service lifecycle these parameters are the cornerstone of all further activities. For example, ITIL recommends not continuing with IT service implementation until all parameters that describe the service are known and agreed with the customer. And, that’s logical. Mistakes made later in the service lifecycle (e.g., just before going live) can be quite expensive, and I’m sure no one wants that.
Use our free ITIL Gap Analysis Tool to check your fit with ITIL recommendations.
You may unsubscribe at any time. For more information please see our privacy notice.