IntroductionQuality management

Quality management: Compliance with international standards

According to the available information, IBA MU is the first academic site in the Czech Republic that holds three certifications focused on quality management systems, information security management system and IT service management. As part of the Masaryk University, IBA MU has become an elite institution in the field of data processing and IT solutions not only in the academic field but also in the commercial sphere. Three acquired certifications complement each other: EN ISO 9001:2009 is a well-known standard of more general characteristics ensuring effective management of the organisation and high quality of products or services; in contrast, ISO/IEC 20000-1:2006 is a relatively new standard focusing on the quality of IT services, their reliability, availability and support for clients in case of problems; whereas, both standards are supplemented with ISO/IEC 27001:2006, which refers to information security management.

Quality Management Systems

EN ISO 9001:2009

EN ISO 9001:2009 specifies requirements for a quality management system where an organisation (1) needs to demonstrate its ability to consistently provide products that meet the customer and applicable statutory and regulatory requirements, and (2) aims to enhance customer satisfaction through effective application of the system, including processes for continual improvement of the system and the assurance of conformity to the customer and applicable statutory and regulatory requirements. All requirements of ISO 9001:2009 are generic and are intended to be applicable to all organisations, regardless of the type, size and product provided.

Information Security Management System

ISO/IEC 27001:2006

ISO/IEC 27001:2006 covers all types of organisations (e.g. commercial enterprises, government agencies, not-for-profit organisations). It specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organisation’s overall business risks. It specifies requirements for the implementation of security controls customised to the needs of individual organisations or parts thereof. ISO/IEC 27001:2006 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to the interested parties.

IT Service Management

ISO/IEC 20000-1:2006

ISO/IEC 20000-1:2006 is an IT Service Management (ITSM) standard. It specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve SMS. The requirements include the design, transition, delivery and improvement of services to fulfil the agreed service requirements.