Applying the Eight Quality Management Principles of ISO to Business Continuity Management

Presented by:

Perry Depew, CRPDirector, Business Resiliency Solutions

Jim Brunk, CSQA, CSTEManager, Quality Assurance

Management Conference 2004April 26-28, 2004

Overview

Speaker introductions

ISO 101

The Eight ISO Quality Management Principles

Applying these Principles to a Sound Continuity Management Program

Discussion

Speaker IntroductionsJim Brunk, CSQA, CSTE

16 years experience in information technology quality assuranceCertified Software Quality AnalystCertified Software Test EngineerManages all quality assurance activities including audit activities from ISO, CMM, & NQA-1 at BVSG

Perry Depew, CRP25+ years experience in information technology, disaster recovery and business continuity. Certified Recovery PlannerHeads up our Business Continuity/Disaster Recovery Solutions Practice at BVSG

ISO 101

What does ISO stand for?“International Organization for Standardization”ISOS meaning “equal”

When did it get started?February 23, 1947

ISO 101

What does ‘international standardization’ mean?

Achieved by developing consensus

Conform to a set of guidelines or rules

ISO 101Some of the beneficiaries of this level of

standardization:High quality and allow for a broader market for competitionAssured quality of products and servicesDeveloping health, safety and environmental legislation

ISO 101

Most Popular Standards ‘Families’:ISO 9000 – Quality Management

ISO 14000 – Environment

ISO 17799 – Business Continuity Planning

ISO 101

The Mark of ISOVoluntary

Market-driven

Consensus

Worldwide

Eight Quality Management Principles

Name the 8 ISO 9000 Quality Management Principles1 Customer Focus

2 Leadership

3 People Involvement

4 Process Approach

5 Systems Approach to Management

6 Continual Improvement

7 Factual Approach to Decision-making

8 Mutually Beneficial Supplier Relationship

1. Customer FocusISO View

Understand your customer’s needs

Continuity Implications

Survival!

2. LeadershipISO View

Vision, Mission, Purpose

Continuity ImplicationsBuy in and support

3. Involvement of PeopleISO View

Greatest Asset

Continuity ImplicationsOne is not enough

4. Process ApproachISO View

Manage the process

Continuity ImplicationsOngoing, Never Ending

5. System Approach to ManagementISO View

Sum of the parts

Continuity ImplicationsDitto

6. Continual ImprovementISO ViewPrime Objective

Continuity Implications“Plans are nothing. Planning is everything”

Dwight Eisenhower

7. Factual Approach to Decision MakingISO View

Reality vs. Opinion

Continuity ImplicationsMethodology-based Planning

8. Mutually Beneficial Supplier RelationshipsISO View

Interdependencies

Continuity Implications Who can you count on?

Summary1. Standards are a good thing

2. The ISO 9000 quality management principles

3. Continuity is a program not a project

Non ISO Compliant Continuity Program

Dilbert © 2003, United Feature Syndicate, Inc

Questions

Discussion