IT and Service Management

 IT and Service Management

Companies around the world, ranging from all business sectors, see DQS as their trusted partner management systems certification. Find out what we have to offer via the overview below, or contact us to see how we can be of service.

ISO 27001ISO 20000-1ISO 10002TISAX

ISO 27001

If you are interested in introducing an information security management system according to ISO/IEC 27001, the most important advantages can be summarized as follows: the consistent alignment of your company processes to the standard demonstrably leads to continuous improvement of the level of security, reduces existing risks, improves adherence to compliance demands, reduces supervisor liability, enhances employee awareness and improves customer satisfaction.
Valuable information is the treasure chest of the 21st century – and a vulnerable asset. Keep your data safe with an information security management system certified to ISO 27001.

The standard

ISO 27001 provides all the tools you need to implement an integrated information security management system (ISMS). It focuses on assessing and controlling risks to information-processing activities. The requirements are deliberately kept general; however, compliance must reflect the organization-specific situation. Throughout the standard, information security is described as a significant strategic element that ensures senior management’s attention. The preventive management system approach is based on the high-level structure (HLS) required for all ISO management system standards, making the standard easy to integrate into an existing management system.

Your benefits
  • Recognized proof of strong security risk controls
  • Systematic achievement of confidentiality, availability and information integrity
  • Strengthened security awareness of employees and executives
  • Continual improvement of security and data access controls
  • More business certainty, compliance with relevant requirements
  • Great trust and loyalty from all interested parties
The Audit

As a qualified, accredited certification body, we fully audit the effectiveness of your management system through the classic DQS certification process. We plan each certification individually, adapting it to your specific circumstances and corporate objectives. A pre-assessment can provide a starting point to identify your strengths and opportunities for improvement. During the certification audit, we verify whether you meet all the requirements of ISO 27001. The DQS certificate serves as proof of compliance. Annual monitoring ensures process stability and minimizes risks. You can recertify after three years.

DQS, with more than 30 years expertise, supports their clients in:

  • webinars
  • Seminars and training
  • Gap audits

To receive individual information about ISO 27001, please contact our office.

ISO 20000-1

Cost-effective and reliable service management needs to be at the top of your list of essential core or support processes. In addition, many services and production processes nowadays operate only on complex information technologies and IT-based supply chains.

ISO 20000-1 is the perfect navigational aid for the implementation of a service management system focused on customers’ wishes and the fulfillment of their needs. Moreover, with the current 2011 version, you can keep track of the requirements of ISO 9001.

What is our role in this? We audit your service management according to ISO 20000-1 and a DQS certificate proves your organization’s performance capability in this critical area.

Focusing on people and markets

A proper service management system is not purely based on manuals. A true service management system enables employees to apply and develop their abilities in a structured and focused manner. As an example, you can offer Service Level Agreements (SLA), for which you can take full responsibility; keeping an eye on risks, thinking innovatively and making use of opportunities. And through your stable processes for service management, you are a sought-after and reliable part of the value-added chain. Or, to put it differently: quality in service management motivates and inspires all stakeholders.

Close at hand: quality management according to ISO 9001

The 2011 revision of ISO 20000-1 focused on the practical requirements for a service management system. While the standard was originally written from an IT perspective, it is now capable of serving as a basis for the management system of service-oriented companies. In this context, a synopsis of the requirements of ISO 9001 by DQS provides an interesting insight: virtually all the requirements of the QM standard are also part of the standard for service management systems.

How it works

All at once, or step by step – the choice is yours. On the one hand, you can be fully audited and certified according to ISO 20000-1. This process follows the classic DQS auditing process; its basis is a proprietary DQS check-list based on the 2011 revision of ISO 20000-1. But DQS also has a good solution for companies that don’t want to implement a comprehensive service management system yet: we audit individual processes of your choice and issue declarations of conformity according to ISO 20000-1. Process audits already completed may be used at a later date to prepare for a comprehensive certification audit.

ISO 10002 – A guideline for successful complaint management

Justified or not – customer complaints are an unwelcome aspect of business for any organization in the manufacturing or service industry. By implementing a suitable process for handling complaints, however, you can turn a complainant into a satisfied customer. Guideline ISO 10002 provides your organization with guidance on how best to design this process – and we can offer you the corresponding audit and a Confirmation of Conformity, subject to maturity level. The aim of the Guideline is a complaint management system with beneficial effects for both parties: your products and services improve in quality through feedback, and your company image improves because you pay attention to your customers.

Give your customers a voice

Effective complaint management is characterized by being open to questions, complaints, and requests – so encourage your customers in as many different ways as possible to give you their feedback! Constructive feedback improves your organization’s ability to approach the elimination of errors in a systematic and solution-oriented way – the way of continuous improvement. At the same time, your employees realize that comprehensive customer service is the basis of sustainable business success.

In advance of any complaints, Guideline ISO 10001 offers a useful code of conduct. It elaborates at length how to implement and maintain an effective complaint management process. Find out what you can do when there is no immediate resolution. For legal conflicts, refer to ISO 10003; ISO/TS 10004 governs the monitoring and measuring of customer satisfaction.

ISO 10002: How it works

Subject to the specific conditions of your organization, you have the choice of two kinds of audits: we can either audit your complaint process as part of your quality management system according to ISO 9001, or individually in the way of a process audit. In both cases, Guideline ISO 10002 provides the framework. The central issues of this are the compliance of processes with your corporate policy, the suitability and degree of application of procedures, and options for continuous improvement.

TISAX – Information Security in the Automotive Industry

Universal recognition through mutual acceptance of joint assessments and exchange

So far, information security in the automotive industry has been strongly influenced by individual approaches – that is about to change. Service providers and suppliers must regularly prove to their customers that they meet the high-security requirements for data provided. So far, such assessments have been carried out mainly by the manufacturers themselves, which in the past repeatedly led to unnecessary multiplication. With TISAX (Trusted Information Security Assessment Exchange), there will be a joint assessment and exchange procedure in the future.

Why TISAX

Are you a supplier or service provider for the automotive industry? If so, you need only one thing to assure customers that you are keeping their information secure – participation in the TISAX Exchange. All it takes is one assessment every 3 years.

The advantages of TISAX

  • Cross-company recognition of the assessment results among all TISAX participants
  • Greater confidence in certified service providers and suppliers
  • Avoids the need for multiple checks
  • Fewer misunderstandings due to the harmonized VDA-ISA test catalog
  • Mutual recognition in the TISAX network saves time and cost
  • Only one TISAX assessment every three years

How it works – Becoming a participant

Access to TISAX is via a subscriber registration, which takes place online on the TISAX portal. Registration is the prerequisite for being able to select a TISAX accredited audit service provider. Registered participants will receive a list of accredited providers from which they can freely choose. An organization may also register several locations and have a group assessment carried out. After an assessment by DQS based on VDA-ISA, information can be provided or obtained in TISAX.

Who is behind TISAX?

TISAX uses the ISA questionnaire compiled by the German Automotive Industry Association VDA based on essential aspects of ISO / IEC 27001. Recently, the VDA developed this into a common assessment and exchange procedure called TISAX, which is operated by ENX, an association of European car manufacturers, suppliers and associations.

DQS – your partner for TISAX assessment

To receive individual information about TISAX, please contact our office.