At IRS, we have had the TickIT certification for over ten years. TickIT was a guide for using ISO9001 in an IT environment and sat alongside the company’s ISO9001 accreditation.
Observant readers will have noticed that I’m talking about TickIT in past tense. That is because TickIT has been phased out in favour of TickIT Plus.
TickIT Plus brings in standards beyond ISO9001 that deal with aspects of Information Security, Service Management and Software Management into a set of processes housed in the Base Process Library (BPL). This means that an audit against TickIT Plus is going to look at a broader range of topics and outcomes rather than focusing solely on whether the Quality Management practices of ISO9001 have been satisfied.
Another shift in how the TickIT Plus certification is awarded comes in the form of the capability levels. With the previous scheme, you either had TickIT or you did not. This left no scope for saying how well the scheme had been implemented. This is understandable in an SME with many pressing issues. However, TickIT Plus introduces levels of capabilities from Foundation, through Bronze, Silver and Gold, to Platinum. Not only does this give potential customers a way of seeing how well your management system is performing; it gives the company itself something to aim towards and a reason to commit resources to making it happen.
The first step on the road was to get someone in-house trained up so they knew what on Earth TickIT Plus was all about. I went on the two day course provided by Develop Capability.[Maybe link http://www.developcapability.co.uk/?] The course itself was intense and could leave you with your head spinning at times but the course leader was very good at explaining away any confusion.
Once the training was complete it was my job to evangelise and proselytise the ways of TickIT Plus to the rest of the company. Admittedly, approving a more rigorous (and more expensive) audit was the first hurdle. Indeed, questions such as ‘Do we really need it?’ and ‘Will our customers be bothered if we don’t have this?’ were raised. Even with that in mind, the company committed to at least one audit to see if the process would be worth it.
The main task when taking on TickIT Plus is to create a Process Reference Model (PRM) that maps your current processes to those in the BPL. This was a great exercise as straight away we were able to see where there were any obvious gaps that needed to be filled in. After we had completed the PRM, we were ready to bring in an external auditor to run over our processes…
Yet, audits work slightly differently in TickIT Plus. We had to agree an audit schedule with our external auditor. This is to ensure that the required number of processes in the PRM will be covered.
The actual audit itself was a great experience (no, really!). Having to create the PRM and the audit schedule gave us ample opportunity to prepare and make sure we had evidence in place. I won’t say that our PRM was bulletproof, but the minor findings against it have been easy to rectify and will bring benefits to the business. We passed the audit and are now TickIT Plus Foundation certified.
Earlier I stated that two questions were raised, ‘Do we really need it?’ and ‘Will our customers care?’ Of course we don’t need to have this system of quality management in place. By the same token, we don’t technically need any management systems but everything will function more efficiently if one is in place. And whilst our customers may see the TickIT Plus logo and not recognise its significance, they will start to care if things aren’t delivered on time or to acceptable quality. TickIT Plus will help us to ensure that we meet such expectations.
Having been a veteran of 8 years’ worth of audits I really feel that this approach to auditing is leaps and bounds ahead of the old scheme. Only auditing against ISO9001 meant a really narrow scope for audits. Bringing in parts of other standards from the ISO means that a more holistic view of IT processes within the company are brought under scrutiny, this can only be a good thing. Getting rid of the old binary certification in favour of a levelled approach gives us a reason to work towards better quality management and provides guidance on how that can be achieved.
Latest posts by Ryan Wilde (see all)
- IRS Radiates Success – Achievement Of Gold IIP Award - December 29, 2015
- IRS Training Recognised For Quality At The IOP Awards 2015 - December 29, 2015
- QADRIS 1.1 Released - December 9, 2015
- IRS Achieves TickIT Plus - September 9, 2014
- Proud IRS mum over sons victory for Everton Deaf FC - January 31, 2014