Quality policy & ISO compliance

Quality, Information Security, IT Service

Quality Policy & ISO Compliance - Somnetics

Somnetics abides by the quality policies propounded by the ISO guidelines. Being an ISO 9001-2008, ISO 27001-2005 and ISO 20000:1-2011 certified organization, compliance and conformity to ISO rules is a major part of the workflow.

ISO 9001-2008

This certification is pertained to Quality Management System and aims to improve the quality of the services a products offered by the organization. The main highlights of ISO 9000 are:

  • A customer focused organization
  • Leadership
  • The involvement of people
  • Ensuring a process approach
  • A systematic approach to management
  • A factual approach to decision making
  • Mutually beneficial supplier relations
  • Continuous improvement

ISO 27001-2005

ISO 2700) deals with Information Security Management System (ISMS) and recommends policies and guidelines pertained to security of information of the organization and that of its Clients from all possible threats such as natural/environmental hazards, technical threats from piracy, malware and human. Abiding by these policies not only ensures tight information security but also smooth Business Continuity during crisis. The highlights of this certifications are:

  • Protects critical and sensitive information from malign sources such as
  • Vandalism / terrorism
  • Fire
  • Misuse
  • Theft
  • Viral attack
  • Holistic, risk-based approach to secure information and compliance
  • Demonstrate security status according to internationally accepted criteria
  • Create a market differentiation due to prestige, image and external goodwill
  • Ensure hassle free management of information, with digitized customer forms

ISO 20000:1-2011

This certification pertains to IT Service Management System, assuring best quality IT and IT Enabled services. Policies and compliances of ISO 20000 maps directly to that of CMMI Service and facilitates seamless and flawless project delivery resorting to:

  • Capacity & availability management
  • Incident resolution & prevention
  • Service system transition
  • Service continuity
  • Requirement management
  • Project planning
  • Project monitoring & control
  • Supplier agreement management
  • Measurement & analysis
  • Process & product QA
  • Configuration management
  • Service delivery

The highlights of this certifications are:

  • Closer alignment to both ISO 9001 and ISO/IEC 27001
  • Clarification of existing definitions and addition of new definitions
  • Introduction of the term Service Management System (SMS) and aligning the standard with the concept of a SMS
  • Clarification of the requirements for the governance of processes operated by other parties
  • Addition of requirements for the design and transition of new or changed services