quarkman_at_myrealbox.com (Quarkman) wrote in message news:<6f2ab2f8.0307302033.6df18e96_at_posting.google.com>...
> "Niall Litchfield" <niall.litchfield_at_dial.pipex.com> wrote in message news:<3f28375d$0$11385$cc9e4d1f_at_news.dial.pipex.com>...
> > "quarkman" <quarkman_at_myrealbox.com> wrote in message
> > news:oprs429gkazkogxn_at_haydn...
> > > ISO-9001 isn't just a whole lot of hoolacky, you know.
> >
> > No indeed not. Its a mandate for pointless bureaucracy as well :(
> >
>
> As a former cynic myself, I know where that sentiment is coming from.
> But having been subject to ISO9001, and having then taken several
> organisations through the process in the past, I can't let that
> sweeping statement pass without comment.
>
> It doesn't have to be like that, and if it's done well, it won't be a
> heap of pointless bureacracy, but will be a bunch of self-explanatory,
> self-documenting business process that provide exactly the sort of
> audit assurances the original poster was after.
>
> Even if you don't go the full certification route, the principles
> behind ISO9001 have a lot to say to any user of a major IT system.
>
> ~QM
I've never heard of ISO9001 before, but a quick search on Google leads
me to believe that it's an interesting, but pretty daunting topic.
Can you give me any pointers on where to get started looking at
ISO9001 specifically in regards to the topic of data access, security
& administration? It seems too big a topic to help us with this audit
response, but maybe the next one.
Received on Thu Jul 31 2003 - 07:26:45 CDT
