2015年9月17日星期四

有關 ISO 認證

ISO (International Organization for Standardization) 1947 年成立以來,已推出超過 19,000 種標準,可是很多人對 ISO 仍有不同的誤解。

1.      ISO 只是有關品質管理
事實:ISO 推出不同的標準如:
ISO/IEC 27001 Information Security Management System 的標準
ISO/IEC 20000 Information Technology Service Management 的標準
ISO 14001 Environmental Management System 的標準
誤解的原因可能是有關 Quality Management System(QMS) ISO 9001太過深入民心。

2.      ISO 所有的標準均有相關的認證
事實:不對。ISO/IEC 27001 有相關的認證,而 ISO/IEC 27003 (ISMS Implementation Guide) 就沒有其認證的。

現在介紹 ISO 認證可分以下兩大類。

1.      頒給組織或公司的管理系統認證 (Management System Certificate)
某公司根據一種管理系統標準 ( ISO 9001 為例) 成立、運作、及持續改善其 QMS,再申請某認證機構 (Certification Body) 進行外部審計,若能通過 ISO 9001 列出的要求,認證機構便會頒發 ISO 9001 認證給申請的公司。



2.      頒給個人專業認證 (Personal Professional Certificate)
有不同的種類,Foundation, Lead Auditor, Implementer, Consultant, Practitioner, Professional, Manager等。
頒發此類認證機構有 PECB, APMG, IRCA等。



下次再詳細跟大家介紹 ISO Personal Certificate


我們的 ISO認證課程可參考http://www.greatlearning.edu.hk/ISO.html

2015年9月11日星期五

PMP RDS 與 ISO

相信正在準備 PMP考試的朋友都有點猶疑,於今年內趕舊范圍的考試,還是等明年一月才參加新 RDS 版的 PMP 考試。給大家一點提示:新版 RDS 考試內容只增加了以下幾樣任務:

Initiating

Task 2 Identify key deliverables based on the business requirements in order to manage customer expectations and direct the achievement of project goals.

Task 7 Conduct benefit analysis with relevant stakeholders to validate project alignment with organizational strategy and expected business value.

Task 8 Inform stakeholders of the approved project charter to ensure common understanding of the key deliverables, milestones, and their roles and responsibilities.

Planning

Task 13 Develop the stakeholder management plan by analyzing needs, interests, and potential impact in order to effectively manage stakeholders' expectations and engage them in project decisions.

Executing

Task 6 Manage the flow of information by following the communications plan in order to keep stakeholders engaged and informed.

Task 7 Maintain stakeholder relationships by following the stakeholder management plan in order to receive continued support and manage expectations.

Monitoring and Controlling

Task 6 Capture, analyze, and manage lessons learned, using lessons learned management techniques in order to enable continuous improvement.

Task 7 Monitor procurement activities according to the procurement plan in order to verify compliance with project objectives.

所以大家可放心用舊課程內容來溫習,RDS內容其實只是一些小修改!但為何 PMI不等下一版 PMBOK才一次過修改考試大綱?原來 PMP 認證是有 ISO 認證的!甚麼???




大家可參考上圖 (https://www.ansica.org/wwwversion2/outside/ALLdirectoryDetails.asp?menuID=2&prgID=201&prgID1=201&orgID=106&status=4), PMP是經 ANSI ISO 17024 認證的。熟悉 ISO認證的朋友都知所有 ISO認證均須三年內續牌,而上一次 PMP RDS review也是為了 ISO續牌於 2013年進行。

明白了今次 RDS review的原因後,大家便可放心跟自己的計劃去應付 PMP考試了。下次向大家介紹 ISO個人認證。


2015年9月4日星期五

Great Learning 四項特色課程系列

看看上一篇文章的發布日期,實在有點慚愧。但回想這兩年,自己及公司團隊卻沒躲懶;單是今年內 Steve 已考取了超過二十張認證,而公司終於建立了以下四項全面及有特色的課程系列。希望以後能持續為大家分享有關 IT 及項目管理的知識與認證資訊。

1.      Project, Program, & Portfolio Management
l   Project Management Professional (PMP®)       
l   PRINCE2® Foundation and Practitioner 
l   MSP® Foundation and Practitioner (Managing Successful Programmes) 
l   MoP® Foundation and Practitioner (Management of Portfolios) 
l   P3O® Foundation and Practitioner (Project & Programme Support Offices)
l   PRINCE2 Agile™ Certification
l   APMG Agile Project Management (AgilePM®) Foundation and Practitioner
l   APMG Agile Programme Management (AgilePgM®) Foundation
l   Certified SCRUM Master
l   MoV® Foundation and Practitioner (Management of Value)
l   Stakeholder Engagement Certification

2.      IT Management & Governance
l   ITIL® Foundation
l   ITIL® Expert
l   ISO/IEC 20000 Foundation
l   ISO/IEC 20000 Practitioner
l   ISO/IEC 20000 Lead Auditor
l   Business Relationship Management Professional Foundation
l   SDI Service Desk Analyst
l   COBIT® 5 Foundation     
l   COBIT® 5 Assessor        
l   COBIT® 5 Implementation
l   ISO/IEC 38500 Governance Manager
l   Sourcing Governance Foundation  
l   Certified Outsourcing Manager

3.      IT Security & Security Management
l   CISSP®
l   CISA®
l   CISM®    
l   Certified Ethical Hacker (CEH)     
l   Certified Hacking Forensic Investigator (CHFI)
l   Certified Security Analyst (ECSA)  
l   ISO/IEC 27001 Foundation (Information Security Management System Standard)
l   ISO/IEC 27001 Lead Auditor
l   ISO 22301 Foundation (Business Continuity Management System Standard)
l   ISO 22301 Lead Auditor
l   ISO/IEC 24762 Disaster Recovery Manager
l   ISO/IEC 27005 Risk Manager
l   ISO/IEC 27002 Manager
l   Implementing the NIST Cybersecurity Framework using COBIT 5
l   Certified Lead Privacy Implementer
l   Fundamentals of Forensics Certificate

4.      ISO Courses
l   ISO 9001 Foundation Certification (Quality Management System Standard)      
l   ISO 9001 Lead Auditor Certification              
l   ISO 26000 Foundation Certification (Social Responsibility Program)   
l   ISO 26000 Lead Auditor Certification    
l   ISO 14001 Foundation Certification (Environmental Management System Standard)  
l   ISO 14001 Lead Auditor Certification
l   And many ISO Certification Self-study Packages, etc.