In 2018, on the eve of ICT Solutions 10th year anniversary,  as part of our plans to take ICT Solutions to a next level of business and performance, we decided to pursue a course which would lead us to obtaining the ISO 9001:2015 Quality Management Systems  certification as well as ISO 27001:2013, a certification in Information Security Management. We knew that this would be a tough and long journey, but we had a company-wide understanding that in order to reach our future business objectives, we needed as a company, to up our game.

Hard-earned results which delivered rewards with immediate effect.

The journey

The journey depended on 4 key, but equally important stakeholders. It was critical for top management to champion and be fully behind this program, which for real effectiveness needs to not just “pass the audit” but to achieve real transformation in the designated areas. Secondly a focused Quality Manager was required to own and lead the project from start to finish. This was also essential in maintaining the journey after the first round of audits.  In tandem with this, external consultants were required to provide the focused expertise on the detailed requirements, implementation and measurement. And finally, all the team at ICT Solutions needed to be on board, as most of the process changes and transformations needed to be designed and implemented by them, at all levels. All these elements fell nicely into place, and 18 months into the journey, not without a fair amount of challenges, we managed to achieve what we set out to do.

The results

“Hard-earned results which delivered rewards with immediate effect. A critical element during this journey was the structured and programmed way of practicing what we preach by using technology to implement processes which we documented across the organisation” commented ICT Solutions Quality Manager Larissa Franco. “This improved quality and efficiency which at the end, resulted in a better customer service delivery. On the Information Security front we not only improved our internal Cyber-Security posture, but the experience also enabled us to deliver innovative Information Security services to our clients. We also developed stronger and better business continuity plans, which enabled us to face the Covid situation without a hitch” she continued.

Finally through this program, we also improved the working experience of our employees. The work environment was adjusted to offer excellent working conditions, so that the team could be at its best, in a healthy environment. In this way, productivity and efficiency were maximized.

What lies ahead

The ISO certifications program is a continual process designed to ensure ongoing compliance with these international standards. Valid for three years, it requires a “surveillance audit” in years two and three. After this phase, the organization will be required to go through a “re certification audit,” which in our case will take place in October 2021 and November 2022 for ISO 9001:2015 and ISO 27001:2013, respectively.

In addition to the above timeline,  we will continue to conduct regular internal audits on each of our processes, implementing corrective actions, and measuring the ongoing effectiveness of our Quality Management System and Information Security Management System. We look forward to continuing to enhance our management systems, delivering high-quality and value to our customers.

About ISO 9001

ISO 9001:2015 is  a certification which specifies a set of requirements guiding companies  to develop and maintain a quality management system, with the objective of improving customer service, seeking continuous improvement, ensuring competitiveness and maintaining quality.

About ISO 27001

ISO 27001:2013 / IEC is the international certification for information security management. It governs the implementation of a best practice information security management system to ensure the protection of all information assets and sensitive data, the overall information security deployment and management, and the continuous monitoring and improvement of the company’s security posture.

Feel free to get in touch with our team to discuss how we can use our first-hand experience to help your business achieve ISO 9001:2015 and ISO 27001:2013 through technology adoption.