Archive for the ‘Article’ Category

CFOs Preparing for Up to 30% Decline in Revenue

Tuesday, May 12th, 2020

Gartner, the world’s leading research and advisory company survey shows 51% of CFOs Are Preparing for Up to 30% Decline in Revenue This Year Due to COVID-19.

A survey of 145 CFOs and senior finance leaders on April 12, 2020 revealed 51% of respondents said they were preparing for a revenue contraction of up to 30% this year due to the coronavirus pandemic. Twenty-eight percent of respondents believe the impact to their organization’s revenue could be higher than 30%. “Most CFOs have told us they are using the most severe downside scenarios to inform their decisions right now. This is leading CFOs to consider drastic cost management actions across April and May”, said Alexander Bant, practice vice president, research, for the Gartner Finance Practice. “When CFOs were asked how these downside scenarios are impacting their ability to fund long-term growth investments,  70% of CFOs said they are now showing caution in this area.” 

For more information on the Gartner Survey visit the Gartner Newsroom.

Guidelines for Engagement

Tuesday, March 24th, 2020

Building Success through People

The term “people engagement” has been around for a couple of decades and is an often used buzzword, yet many organizations and managers are not entirely sure what it means. People engagement means much more than being present as an employee; it means making an active contribution, feeling genuinely valued and achieving quality outcomes for your organization.

Two ISO standards on people management have undergone an update to include useful steps on how the value of an employee can be enhanced, extended and nurtured. ISO 10015 has become Quality management – Guidelines for competence management and people development, and ISO 10018 is now Quality management – Guidelines for people engagement. Both International Standards present practical steps for managers and leaders to follow, adopt and measure. These standards are designed to be regularly referred to and not simply handed to employees in binders and then left to gather dust on the shelf.

Engaged organizations will have well-thought-out ways of developing their staff. Their aim is to have people there for a career, not just a job. Successful organizations often provide opportunities for staff to move to different areas within the organization to learn new skills and enhance their expertise. These important guideline documents are scheduled to be published in April 2020.

Information Security Management System Auditing

Monday, February 17th, 2020

In an age of increasing data usage and the risk of information security breaches and cyber-attacks, the benefits of an information security are clear. Not only can it help to minimize the chance of such breaches occurring, it can reduce the costs associated with keeping information safe. Many organizations do this with the help of an information security management system (ISMS). The international guidance standard for auditing an ISMS has just been updated.

ISO/IEC 27001 is one of the world’s best-known International Standards for the requirements of an ISMS, part of a series of standards designed to help organizations manage the security of their information.  One of the standards that has just been revised in that series, ISO/IEC 27007, Information technology – Security techniques – Guidelines for information security management systems auditing, provides guidelines for effective audits of ISMS to ensure they are as robust and competent as they are intended to be. It has just been revised to ensure it remains fit for purpose and align it with updates to its complementary standard, ISO 19011, Guidelines for auditing management systems.

The standard provides extensive guidance on auditing the requirements stated in ISO/IEC 27001 as well as on the competence of ISMS auditors. It is also intended to be used in conjunction with the guidance contained in ISO 19011.  You can purchase the newly revised ISO/IEC 27007 at the ANSI Web Store.

Medical Device Risk Management

Thursday, January 16th, 2020

This just revised ISO standard promotes the safety of devices and equipment used for medical purposes.  It covers the risks of injury related to the health of patients, the operator and other persons, as well as potential damage to property, equipment and the environment.

ISO 14971, Medical Devices – Application of risk management to medical devices, specifies the terminology, principles and process for managing the risks associated with medical devices, including software as a medical device (SaMD) and in vitro diagnostic (IVD) medical products. ISO 14971 helps manufacturers to identify the hazards and estimate the risks associated with a medical device, enabling them to control those risks and monitor the effectiveness of the controls they put in place.  

ISO 14971, Medical Devices – Application of risk management to medical devices can be purchased at the Techstreet Store.

Service Management Frameworks

Thursday, December 5th, 2019

Saving money, pleasing customers and getting the most out of technologies are just some of the benefits of an IT Service Management System (SMS). A new handbook provides guidance on how to get the best out of an SMS in your organization.

ISO/IEC 20000, IT Service Management – A practical guide enables the implementation of practices that are beneficial and add value to an organization in a clear and proficient manner. It is descriptive and inclusive, as it takes into account the specific needs of an organization and allows them to adapt it how they see fit.

Implementing an SMS in a structured way brings many benefits to an organization such as greater efficiencies and improved customer relations.  This new handbook shows how ISO/IEC 20000 is relevant in today’s digital environment and how it fits nicely with popular SMS methodologies such as Lean, Agile and DevOps.

You can purchase ISO/IEC 20000, IT Service Management at the ANSI Webstore.

World Quality Month is Here!

Sunday, November 10th, 2019

November is World Quality Month! 

It is a worldwide celebration of quality. It’s a time to showcase the advancement and valuable contributions quality professionals make in businesses, communities, and institutions.  This month allows all to shine a light on the industry and the individuals striving to provide excellence through quality.

Visit the World Quality Month Website for current and ongoing information to be posted throughout the month of November.

 

Manufacturing Day 2019!

Monday, September 23rd, 2019

Held annually on the first Friday in October, Manufacturing Day on October 4th helps show the reality of modern manufacturing careers by encouraging thousands of companies and educational institutions around the nation to open their doors to students, parents, teachers and community leaders.

Manufacturing Day addresses common misperceptions about manufacturing by giving manufacturers an opportunity to open their doors and show, in a coordinated effort, what manufacturing is – and what it isn’t. By working together during and after MFG DAY, manufacturers will begin to address the skilled labor shortage they face, connect with future generations, take charge of the public image of manufacturing, and ensure the ongoing prosperity of the whole industry!  Get Involved!!

For much more information, visit the National MFG Day National Website.  For our home state of Arizona Events and Posting of Your Event, visit the Arizona Manufacturers Month Website.

Cybersecurity Information Management Standard

Monday, August 26th, 2019

The world’s First International Standard to help organizations manage privacy information and meet regulatory requirements has just been published.

It is no surprise that laws and regulations are rapidly being put in place to reduce digital world risks and protect our digital privacy. Cybersecurity is a growing concern, with attacks against business almost doubling over the last few years and is an increasingly significant threat to global stability.  ISO/IEC 27701, Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management specifies the requirements for establishing, implementing, maintaining and continually improving a privacy-specific information security management system. In other words, a management system for protecting personal data.  As we get more connected, governments all over the world are introducing various privacy regulations, such as the European Union’s General Data Protection Regulation (GDPR), which organizations must adhere to. The new ISO standards will help businesses meet such requirements, whatever your business model delivers.

ISO/IEC 27701 Security Techniques can be purchased here from the ANSI Webstore.

Risk Assessment Techniques

Thursday, July 25th, 2019

In 2018, a revision to ISO 31000 Risk Management-Guidelines was released in a timely and appropriate fashion, considering the new risk and opportunity management requirements in global management standards. This version delivered a clearer, shorter and more concise guide that helped organizations use risk management principles to improve planning and make better decisions.

Just published – IEC 31010 Risk management,  expands its range of applications and adds more detail than ever before. It complements ISO 31000, Risk management.  IEC 31010 describes the process to be followed when assessing risk, from defining the scope to delivering a report. It introduces a wide range of techniques for identifying and understanding risk in a business or technical context.

The IEC and ISO risk management toolbox features internationally agreed standards with best practice and benchmarks on how to manage risk, as well as a risk management framework, agreed principles and processes.  The standard is useful both as part of a process to manage risk and when comparing options and opportunities so that decisions are based on a good understanding of risk.

We recommend that you take a look at this effective wide range of techniques for identifying and understanding risk in a business or technical context with IEC 31010 Risk Management. This guidance document can be purchased at the ANSI Webstore.   Let us know what you think!

Common Symptoms Risk Management Approach

Wednesday, June 26th, 2019

 

Risks are also often managed centrally through management team channels. Organizations commonly lack the insight, scope and flexibility to handle risks that occur at a grass-roots level, where the work gets done. Decisions to prevent and mitigate risk can sometimes be delayed as employees do not have the capability to assess risk, or the time to define and reduce the risk. 

 

The following are common symptoms which could highlight to you that your approach to risk management could be improved:

  1. Uncertainty – the organization struggles to collect the right, or enough information about its risks. Checks are too infrequent, must be recurring and beyond annually. The scope of information about the organizations risk is narrow.
  2. Complexity – the organization is collecting enormous amounts of information about risk to the low level weeds areas. Decision makers cannot interpret the information. Opportunities are overlooked.
  3. Ambiguity – the organization is not able to formulate the correct questions in order to understand its risk. Additional information is useless because risk is not understood or documented effectively, and is some cases not documented at all.
  4. Lack of Common Language- there are multiple interpretations of risk between individuals across the organization. Risk management is mutually exclusive or in conflict. A power struggle usually ensues between individuals with conflicting views and beliefs.
  5. Silo mentality (larger organizations) – different departments resist communicating information about risks across the organization. This typically leads to a condition of both uncertainty and not my problem mentality.

Defining, mitigating and eliminating operational risk factors requires a holistic team approach.  Get your employees at all levels involved!