ISO/IEC International Standards

Standards provide tangible and quantifiable benefits to companies.

iso01ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. ISO standards provide business and government with practical tools facilitating trade, the spread of knowledge, the contribution to innovative advances in technology, and the share of good management and conformity assessment practices.

ISO Standards are created by experts in the subject for which the standards are created for. These experts may be joined by others with relevant knowledge, such as representatives of government agencies, consumer associations and academia, and by international governmental and nongovernmental organizations.

An ISO International Standard represents a global consensus on the state of the art in the subject of that standard.

XA Systems delivers ISO standardization training to customers in the following key business practice areas:

ISO/IEC 20000 – IT Service Management: This International Standard aligns with ITIL providing guidance on the use of a Service Management System (SMS) for the planning, design, transition, delivery and improvement of the SMS and services. At a minimum this includes service management policies, objectives, plans, service management processes, process interfaces, documentation and resources. The SMS provides ongoing control, greater effectiveness, efficiency and opportunities for continual improvement of service management and of services. It enables an organization to work effectively with a shared vision.

ISO/IEC 22301 – Business Continuity Management: ISO 22301 specifies the requirements for a management system to protect against, reduce the likelihood of, and ensure your business recovers from disruptive incidents. The Standard will provide you with a framework for assessing critical suppliers and their associated risks, assessing current business practices and planning contingency measures.

ISO/IEC 27001 – Information Security: This International Standard specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. This International Standard also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in this International Standard are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

ISO/IEC 27005 – Information Security Risk Management: ISO/IEC 27005 provides guidelines for information security risk management. The Standard is a combination of the consequences that would follow from the occurrence of an unwanted event and the likelihood of the occurrence of the event. The risk analysis process outlined in the standard indicates the need to identify information assets at risk, the potential threats or threat sources, the potential vulnerabilities and the potential consequences (impacts) if risks materialize.