July, 2007 Newsletter Articles

IIA Global Technology Audit Guides

Jul 8, 2007 in Newsletter | 0 comments

The Institute of Internal Auditors (IIA) is producing a series of publications with guidance on information technology. Each guide is written in straightforward business language to address timely issues related to information technology management, control, or security. Click on the links below to download the free GTA Guides in PDF format. Guide 1: Information Technology Controls This guide covers technology topics, issues, and audit concerns, as well as, issues surrounding management, security, control, assurance, and risk...

Read More

IT to Deliver, Score, and Record Tests

Jul 8, 2007 in Newsletter | 0 comments

ISO 23988:2007, Information Technology – A Code of Practice for the Use of Information Technology (IT) in the Delivery of Assessments Growth in the power and capabilities of Information Technology (IT) has led to its increasing use to deliver, score, and record responses of tests and assessments in a wide range of educational and other contexts. Suitably used, IT delivery offers advantages of speed and efficiency, better feedback, and improvements in validity and reliability. However, its increased use has raised issues about the...

Read More

ISO 27006 for ISMS Certification Bodies

Jul 8, 2007 in Newsletter | 0 comments

The new standard, ISO 27006:2007 is titled, Information Technology – Security Techniques – Requirements for Bodies providing Audit and Certification of Information Security Management Systems. ISO 27006 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS) beyond the requirements within ISO 17021 and ISO 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification. The requirements in ISO...

Read More

CMMI versus ISO 9001

Jul 8, 2007 in Newsletter | 0 comments

The 2Q07 issue of the TickIT software quality journal includes the final article of a three part series exploring the relationship between ISO 9001:2000 and CMMI in terms of the benefits gained by undertaking combined surveillance audits. The first article explained that a good mapping between ISO 9001 and CMMI would be essential for the combined surveillance audits to work effectively. The first two articles developed this mapping from an ISO 9001 perspective, that is, would an organization with CMMI level 3 satisfy the requirements of ISO...

Read More

ISO 9001:2009 – Clause 8 Changes

Jul 8, 2007 in Newsletter | 0 comments

In previous newsletters, I have reviewed the proposed changes for clauses 4, 5, 6, and 7 of the draft ISO 9001:2009 standard. This month, we’ll look at the suggested changes for clause 8, Measurement, Analysis, and Improvement. Please note that only the new or changed sections are discussed below. Unaffected text has not been included. 8.2.1 Customer Satisfaction As one of the measurements indicators of the performance of the quality management system, the organization shall monitor information relating to customer perception as to...

Read More