COVID-19: Vaccinate Your Company with ISO 27001 Standard

, ,
ISO

ISO

Many companies are concerned about how this ongoing pandemic is affecting the continuity of their activities and threatening their very survival.

Most business owners are concerned with how to keep their companies afloat and are updating their current procedures to accommodate events as unfortunate as the one we are experiencing.

For companies that are already ISO certified, they already have the tools in place to combat external threats. For those who are not, it is not too late.

In this series of posts, we will attempt to explain how ISO helps companies overcome the COVID-19 crisis. In this post, we are going to shed light on the ISO 27001 standard concerned with information security.

ISO 27001: Information Security

With the invasion of cloud technologies, the ISO 27001 witnessed strong growth. With the implications of the Coronavirus Pandemic, this growth is going to become exponential.

Equipment safety, backups, information exchange, network access control, laptops and mobile communications, remote access, key management, data protection and privacy of personal information, business continuity plans – surely if in your company you are working remotely, all these elements have been placed on the table. These are some of the controls established by ISO 27001 and that companies that are already certified have implemented. Therefore, their transition to working remotely or another new way of operating has been easy for them.

In addition, with the amount of malicious information circulating through the different digital media on the Coronavirus, it is imperative to keep the information safeguarded and establish security protocols within the company.

To that end, the ISO 27001 standard allows the implementation of an information security management system as an indispensable tool to protect companies and organizations from threats and risks against information.

This standard allows companies to:

  • Identify risks
  • Manage risks
  • Minimize risks

The ISO 27001 is a standard that keeps the information of the company, customers and suppliers controlled and protected from any intrusion and possible cyber pirate or cyber-attack.

About H.A. Consultancies

We are a company with more than 20 years of experience in the implementation of ISO Standards and effective management solutions for your organization:

Quality Systems – Information Security – Software Quality – Compliance

Environmental management – Occupational Safety – Food Safety – Operational Excellence

H.A. Consultancies’ team of professionals and experts in ISO certifications will help you achieve your goals by offering you the best consulting service.

/0 Comments/by

Bahrain’s Social Insurance – Part 4: One Size Does Not Fit All

pensions

pensions

Written by:
Munther Al-Arayedh, MBA, CPA

 

In 2018, we posted a series of articles discussing Bahrain’s Social Insurance dilemma. You can get up to speed by reading these articles:

Bahrain’s Social Insurance – Part 1: How Did We Get into This Mess?

Bahrain’s Social Insurance – Part 2: How Do We Get Out of This Mess?

Bahrain’s Social Insurance – Part 3: Complete Overhaul

This issue subsided for a while and has recently re-emerged, hence we believe it was important to revisit this topic and shed some light on the measures currently under debate.

3% Suspension

One of the most sensitive measures that has spurred a lot of contempt is the suspension of the 3% annual increase in pension salaries. The reason for this increase is to maintain the salary level of the pensioner in light of economic inflation. However, the economy is never in a constant state of inflation. It rather goes through cycles of inflation and deflation. Therefore, it might have been more appropriate to set the percentage according to the current inflation/deflation rate of the economy. Accordingly, a pensioner might get an increase in his salary one year and endure a decrease the next.

Retire at 60

Another measure that caused a lot of debate was the increase of the retirement age. The retirement age is now set firmly at 60 for men and women. The earliest a male employee would be able to retire according to the new measures is at 55 years old assuming that he would accept a 30% deduction in his pension salary (6% for each year he/she retires before the age of 60). If we look into this measure with a more critical eye, an employee who has worked at the age of 30 would be able to retire at the same age as an employee who would have worked at the age of 18. Sure, the pension salary would differ, but the retirement age would be the same. That does not seem fare.

One Size Fits All

To be honest, none of the measures under discussion would actually resolve the core issue which is the fact that the very structure of our Social Insurance Organization is flawed. It follows a “One Size Fits All” strategy towards providing its services which can be beneficial to some and detrimental to many.

In our article titled “Bahrain’s Social Insurance – Part 3: Complete Overhaul” we argued that the pension benefits in Bahrain, and indeed in the GCC, are very generous. Pension salaries do not cease by the passing away of the pensioner. In fact, pension payments are still made to widows and widowers, children up to the age of 21, children in full time education to the age of 26, children unable to earn a living, daughters that are unwed, fathers that were dependant on their deceased child, mothers that are divorced or widowed, brothers to the age of 21, sisters if unwed, and even grandchildren if their father is deceased. This adds multiple new dimensions to the pension plan which would make it difficult to forecast a viable contribution rate.

On the other hand, in case the employee was given the option of selecting the benefits that he wishes to extend to his family and in return set a contribution rate for himself according to these benefits, this would take a huge load off the pension fund and possibly even the employee. A participant who is an only child for instance would not need to have the benefit of pension payments made to his brother or sister and conversely, would not need to pay the additional percentage of contribution affiliated with extending such a benefit. An employee who would like to retire at the age of 45 would probably accept paying a significantly higher contribution than an employee who does not have a problem retiring at the age of 65.

The idea we are proposing here is that the Social Insurance Organization should abandon the “One Size Fits All” policy and try to provide more tailored solutions to the public.

 

/0 Comments/by

COVID-19: Vaccinate Your Company with ISO 9001 Standard

ISO9001

ISO9001

Not too long ago, many organizations considered ISO and quality management systems as just another bureaucracy, a mandatory requirement to work with global clients, a marketing element, or merely a stamp that looked good on their documents.

However, today, amidst this raging Coronavirus Pandemic, it is these same companies that are dusting off and reviewing their Continuity Plans, Communication Plans, and work procedures or remembering how they evaluated performance indicators to have measurable elements of how this crisis will affect them.

The tools of ISO management systems are at our disposal in times of crisis and it is a good time to put them in play.

In this series of posts, we will attempt to explain how ISO helps companies overcome the COVID-19 crisis. We will start with the most famous ISO standard, the 9001.

ISO 9001: Quality Management

ISO 9001 establishes change management processes that are required in the face of any external event such as COVID-19. With ISO 9001, we will already have tools in place to plan changes, considering their purpose and consequence, the integrity of the quality management system, the availability of resources and the allocation of responsibilities.

Another important contribution that has been revealed these days is the need for a Communication Plan. ISO 9001 certified companies already have a process to determine internal and external communications that include what, when, to whom, how and who communicates and therefore helps them manage how to give information to different stakeholders.

Other important ISO 9001 tools that we can highlight are:

  • Internal and external context analysis tools.
  • Having identified the stakeholders and their needs and expectations.
  • The identification of risks and opportunities of the processes of the organization (now is a good time to review and reassess)
  • The identification of customer requirements and risks that may affect the conformity of our products and services.
  • Processes already systematized to address risks and opportunities.
  • The infrastructure management and information technology and communication necessary for the operation of processes.
  • Performance analysis and evaluation tools that will allow us to assess the impact of this crisis on our operations.
  • Improvement tools such as non-conformities and corrective actions that establish mechanisms to detect incidents in this new way of operating and be able to correct it as soon as possible.

It is clear that, for the continuity of our business, these elements are key to the change of processes that must be carried out within organizations and provides a way of quality management of each change process, even if it is only temporary.

About H.A. Consultancies

We are a company with more than 20 years of experience in the implementation of ISO Standards and effective management solutions for your organization:

Quality Systems – Information Security – Software Quality – Compliance

Environmental management – Occupational Safety – Food Safety – Operational Excellence

H.A. Consultancies’ team of professionals and experts in ISO certifications will help you achieve your goals by offering you the best consulting service.

/0 Comments/by