Implementing the ISO 9001 standard for an Information Technology company

I am working on implementing the ISO 9001 standard for an Information Technology company. They do not have any in-house manufacturing of equipment or hardware. They only offer IT services such as Managed Services, Cybersecurity, reseller or Hardware, a reseller of Software, VoIP, Access control.

What clauses will be applicable for them in ISO9001?

Answer:

ISO 9001:2015 clause 8.5 is not only about manufacturing, it is about “Production and service provision”. So, 8.5 applies to service provision. It’s like a delivery services company being ISO 9001 certified.

While implementing ISO 9001 for certification, only clauses from section 8 can be candidates for classification as non-applicable. ISO 9001:2015 is a generic standard applicable to all kinds of organizations. The company:

• Has clients and consumers – clause 8.2 is applicable.
• If the organization has its management system scope closed. If the scope details all IT services provided then Clause 8.3 may not be applicable. If the organization has a general scope that can accommodate new services in the future, then Clause 8.3 is applicable.
• Buys resources - clause 8.4 is applicable.
• IT services are provided, quality must be controlled and non-conforming services must be treated - clauses 8.5, 8.6, and 8.7 are applicable.

Inside 8.5 typical candidates for non-applicability are:

• Subclause 8.5.3 – does the company works with confidential information provided by the client? Does the company install the software at the client’s premises? If a new version of software originates problems for the client, does the company is liable? If yes to one of these questions the clause is applicable.
• Subclause 8.5.4 – preservation seems not applicable at first sight but then look into the “NOTE”. You can find there the word “transmission”. What is that about? It is about how information is transmitted and protected, preventing risks of loss, tampering, and protection of information which may include property of the customer and supplier. There are examples of this information transmitted electronically such as electronic payments, mail, electronic files, computer files, information available on websites, etc.
• Subclauses 8.5.5 and 8.5.6 – include after-sales support and new versions

Also, do you have a toolkit that is specifically for IT industry?

Answer:

No, we do not have an ISO 9001 toolkit specific to the IT industry. However, support 1on1 is provided to clients. Perhaps, in your case, this tool kit “ITIL® AND ISO 20000 DOCUMENTATION” - https://advisera.com/20000academy/ used together with this free document - “ISO/IEC 20000-1:2011 vs. ISO 9001:2015 matrix” 
- https://info.advisera.com/20000academy/free-download/iso-iec-20000-1-2011-vs-iso-9001-2015-matrix?_gl=1*ud8gcr*_ga*MTI5NjM5NjM3LjE2MjcyOTkzOTY.*_ga_4P5GYSBRB2*MTYzMTAwMDYyNi4zMS4xLjE2MzEwMDIwNTQuNjA. This document is being updated according to ISO/IEC 20000-1:2018

While considering the use of ISO 9001 for software development activities, consider this support ISO/IEC/IEEE 90003:2018 - Software engineering — Guidelines for the application of ISO 9001:2015 to computer software - https://www.iso.org/standard/74348.html

• For more information about exclusion, the right ISO wording is applicability, consider the following:
• Case study: Design and development in the software industry - https://advisera.com/9001academy/blog/2017/02/08/case-study-design-and-development-in-the-software-industry/
• What clauses can be excluded in ISO 9001:2015? - https://advisera.com/9001academy/blog/2015/07/07/what-clauses-can-be-excluded-in-iso-90012015/
• Free webinar on-demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar/
• Enroll for a free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/