» Management Systems

MSC Services Ltd - your ISO 27001, ISO 20000, ISO 9001 consultant

What is а management system?

There are many different definitions of the term "management system" referring to different aspects of an organization. Our understanding of this concept is related to the interpretation of certain international standards. The standard ISO 9000:2005 provides the following definition of the management system:: "system allowing to establish policy and objectives and these objectives to be achieved." The standard ISO 27000:2009 provides additional characteristics of the definition: "a framework of policies, procedures, guidelines and related resources to achieve the objectives of the organization".
In a broader sense, the management system should be understood as a complex of the organizational structure, resources, documented procedures and policies, processes and practices within the organization. There are different types of management systems according to the nature of managed processes. Management systems consulting services offers services related to consulting, development, implementation, and improvement of the following management systems:

Quality management system QMS - a management system allowing to manage and control an organization in terms of quality. Development, implementation and certification of QMS is based on standards:
ISO/IEC 9000:2005 - Quality management systems. Fundamentals and vocabulary
ISO/IEC 9001:2008 - Quality management. Systems. Requirements
ISO/IEC 9004:2000 - Managing for the sustained success of an organization. A quality management approach
ISO/IEC 10013:2001 - Guidelines for quality management system documentation
ISO/IEC 19011:2011 - Guidelines for quality and/or environmental management systems auditing

Information security management system iSMS - part of a comprehensive management system based on business risk approach for establishing, implementing, operating, monitoring, reviewing maintenance and improvement of information security. Development, deployment and certification of ISMS is based on and supported by the following standards:
ISO/IEC 27000:2014 - Information security management systems. Overview and vocabulary
ISO/IEC 27001:2013 - Information security managementsSystems. Requirements
ISO/IEC 27002:2013 - Code of practice for information security management
ISO/IEC 27003:2010 - Information security management system implementation guidance
ISO/IEC 27004:2009 - Information security management. Measurement
ISO/IEC 27005:2008 - information security risk management
ISO/IEC 27006:2011 - Requirements for bodies providing audit and certification of information security management systems
ISO/IEC 27007:2011 - Guidelines for information security management systems auditing
ISO/IEC TR 27008:2011 - Guidelines for auditors on information security controls

Service management system SMS - management system, directing and controlling management activities of services by the supplier. The management system is based on the library of best practices ITIL (IT infrastructure library). Development, deployment, maintenance and certification of cervice management systems is based on the following standards:
ISO/IEC 20000-1:2011 - Information Technology. Service management. Specification
ISO/IEC 20000-2:2012 - Information Technology. Service management. Code of practice
ISO/IEC 20000-3:2012 - Information Technology. Service management. Guidance on scope definition and applicability of ISO/IEC 20000-1
ISO/IEC 20000-4:2010 - Information Technology. Service management. Process reference model
ISO/IEC TR 20000-5:2013 - Information Technology. Service management. Exemplar implementation plan for ISO/IEC 20000-1
ISO/IEC 19011:2011 - Guidelines for auditing quality management systems and/or environmental management.

Business continuity management system BCMS - a management system for identifying potential loss of the business, their impact on the organization's work and provide opportunities for stability and flexibility of the organization to protect the its interests. Development, deployment and certification of BCMS is based on the following standards:
ISO 22300:2012 - Business continuity management systems. Terminology
ISO 22301:2012 - Business continuity management systems. Requirements
ISO 22313:2012 - Business continuity management systems. Guidance
BS 25999-1:2006 - Business continuity management. Code of practice
BS 25999-2:2007 - Business continuity management. Specification
ISO/IEC 19011:2011 - Guidelines for auditing quality management systems, and/or environmental management.

Integrated business management systems
Integrated business management systems are organized sets of specialized business management sub-systems, some of which are listed above. The construction of a complex integrated business management system provides security and stability of the organization.