Beyond Certification - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

Beyond Certification

Description:

THE CERTIFICATION OBSESSION. Almost a million organizations have obtained ISO 9001 certification ... 'What matters is the products/services you deliver ... – PowerPoint PPT presentation

Number of Views:104
Avg rating:3.0/5.0
Slides: 20
Provided by: A1103
Category:

less

Transcript and Presenter's Notes

Title: Beyond Certification


1
BEYOND CERTIFICATION
Chalam Peddada Fidelity Management and Research,
India
2
AGENDA
  • Certification Dilemma Details
  • Advantages of Certification
  • Issues around Certification
  • Beyond Certification Security Quality
  • Integrating Certification with Business

3
DEMYSTIFYING CERTIFICATIONS
Business knowledge makes your decision making
easier
4
THE CERTIFICATION OBSESSION
  • Almost a million organizations have obtained ISO
    9001 certification
  • About 5,600 have obtained ISO 27001 Certification
    (End of 2006)
  • India has over 40K organizations that are ISO
    9001 certified
  • 369 Indian Organizations have obtained ISO 27001
    Certification
  • India Ranked 3 for ISO 27001 after Japan (3,790)
    and UK (487)
  • ROI of Certification easier to establish when
    its a competitive differentiator
  • Assigning a Rupee (Dollar) value to benefits of
    certification hard to establish

"What's in it for me?"
5
BENEFITS OF CERTIFICATION
  • Right Size Controls Simplify things Cost
    Savings Continuity
  • Benchmark against best practices
  • Industry accepted framework designed by experts
  • Opportunity for alignment with business
  • Instills discipline

"The right certifications the right business
model more margin"
6
CERTIFICATION SURVEY BY INTERNATIONAL CHARTER
  • Improved consistency of products and services,
    resulting in higher customer satisfaction
  • Reduction in production costs through efficiency
    drives
  • Improved morale and job satisfaction of employees
  • Competitive advantage and increased sales
    opportunities 
  • Link

Certification can be the catalyst for your
organizations rejuvenation
7
CHALLENGES
  • Complacency False sense of security
  • Multiple certification regulatory drivers
  • May stifle creativity and innovation
  • Bureaucracy
  • Competitive differentiator initially Qualifier
    (for RFP) at maturity

"Right people, right time, right place"
8
DESPITE CERTIFICATIONS
  • A Major New England Based Retail Chain
  • PCI DSS SOx compliant
  • Jan 17, 2007 Announces 45 Million Cards Hacked
  • An End-End Payment Processing Solution Provider
  • June 2004 Organization obtains CISP (PCI-DSS)
    certification
  • May 2005 Company announces millions of credit
    card numbers stolen, affecting over 40 Million
    people

Certification isnt the work you put in for
audits. Its what you do between audits
9
BEYOND CERTIFICATION SECURITY AND QUALITY
What matters is the products/services you
deliver- Certification is just a conduit
10
BEYOND CERTIFICATION SECURITY AND QUALITY
  • Security Quality are not just means to an end
    they need to be an integral part of your
    deliverables
  • Certifications are immaterial, if you deliver
    products/services that are inherently risky
  • Security Quality needs to be embedded at every
    stage
  • Robust Design/Architecture
  • Secure Coding
  • Adequate Documentation
  • Access Configurations
  • Strong Authentication
  • Audit Logging
  • Defense in Depth

"A process of continuous Improvement"
11
CERTIFICATION DONE THE RIGHT WAY
  • Pick the Certification that makes most sense to
    your organization
  • Align perfectly with Business
  • Leverage certification to build process
    efficiencies
  • Certification has to be owned and sustained by
    the business
  • Case Study Leveraging Certification the right
    way BCM (Link)
  • Case Study Righting a wrong Certification
    Integration (Link)

Dont work for Certification Get Certification
to work for you
12
BEYOND CERTIFICATION MAKING QUALITY SECURITY
INTEGRAL TO THE BUSINESS
  • Focus on the spirit not letter
  • Follow an integrated approach to Certification
    and Compliance
  • Embed Quality/Security at all levels in the
    organization
  • Move to a Governance Model (Corporate, IT, Data
    Governance Models)
  • Continuous Relentless Focus on your
    Product/Services

Certification is a journey not the destination
13
  • Chalam Peddada
  • chalam.peddada_at_fmr.com

14
FIDELITY A SNAPSHOT
  • 2 Trillion Dollars or Assets Under Management or
    Custodied
  • Over 100,000 employees worldwide
  • Our funds move about 7 of the New York Stock
    Exchange everyday
  • Diversified Real Estate HR Outsourcing
    Business even about 500 Oil Wells
  • I head Information Security BCM for India 4
    Sites in 2 Locations ODCs

15
  • APPENDIX

16
ADVANTAGES OF CERTIFICATION SURVEY BY
INTERNATIONAL CHARTER
  • Improved consistency of products and services,
    resulting in higher customer satisfaction
  • Average of 45 reduction in customer complaints
    in the first year.
  •  63 of companies reported increase in repeat
    customers.
  •  37 reported increase in value of purchases.
  • Reduction in production costs through efficiency
    drives 
  • 92 of companies reported increased operational
    efficiency and reduction in waste after
    certification.
  •  53 reported decrease in product cycle times and
    on average a 60 increase in meeting delivery
    deadlines.  
  • Improved morale and job satisfaction of employees
  •  53 reported increase in the perception of the
    company in employee surveys.
  • 76 report increased transparency resulting in
    increased pro actively.  
  • Competitive advantage and increased sales
    opportunities 
  • 42 of companies reported increase in
    international sales 

Back
17
CASE STUDY 1 LEVERAGING CERTIFICATION TO
BUSINESS GROWTH
  • Problem Requirement of creating Business
    continuity capability for an engagement
  • Obvious solution
  • Create critical list of functions, people and
    data
  • Choose warm / hot site
  • Plan for transfer of people, information and
    processes
  • Create a BCP
  • Test and maintain

18
CASE STUDY 1 LEVERAGING CERTIFICATION TO
BUSINESS GROWTH
  • Opportunity to replicate part of the Business
    process instead of planning for DR
  • Look for opportunity for growing business in
    Alternate site
  • Enhanced Customer satisfaction potential growth
    opportunity
  • Final Outcome
  • Site Outages Secondary site grew to primary
    capacity in 8 months
  • Country Outage Model replicated for country
    outage with Singapore Govt pitching in with
    subsidy Global growth
  • Major win what started as a certification
    requirement became a big lever to drive Business
    growth

Back
19
CASE STUDY 2 LEVERAGING EXISTING CERTIFICATION
TO SAS 70 COMPLIANCE
  • The Initial Solution
  • Document requirements for SAS 70
  • Develop / re deploy controls
  • Maintain SAS 70 compliance
  • The Pain
  • Separate initiatives for each compliance driver
  • Duplication of effort
  • Confused employees
  • The Smart Solution
  • Leverage existing certifications
  • Combination of ISO 9001 and ISO 27001 controls to
    meet SAS 70 requirements
  • Have Quality management maintain SAS 70
    compliance
  • Benefit
  • SAS 70 compliance at no extra cost
  • Centralized records to address documentation
    requirements
  • Extension of this innovative deployment to other
    engagements

Back
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Beyond Certification" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!