iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC TS 30105-6:2021

(Main)

Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 6: Guidelines on risk management

Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 6: Guidelines on risk management

This document provides guidance on risk management practices for the IT enabled services-business process outsourcing (ITES-BPO) service provider for the outsourced business processes. It provides guidance for planning, establishing, implementing, operating, monitoring, reviewing, maintaining and improving the risk management framework for the ITES-BPO services. This document: — covers IT enabled business processes that are outsourced; — is applicable to the service provider; — is applicable to all lifecycle processes of ITES-BPO; — is not intended to cover IT services. The guidelines in this document align to ISO 31000, elaborating the risk principles, risk management framework and risk management process from an ITES-BPO perspective.

Technologies de l'information — Processus du cycle de vie de la délocalisation du processus d'affaires des services activés par IT — Partie 6: Lignes directrices relatives au management du risque

General Information

Status
Published
Publication Date
19-Oct-2021
ICS
35.020 - Information technology (IT) in general
Technical Committee
ISO/IEC JTC 1/SC 40 - IT service management and IT governance
Drafting Committee
ISO/IEC JTC 1/SC 40/WG 3 - IT-enabled services / Business process outsourcing
Current Stage
9092 - International Standard to be revised
Completion Date
21-Jun-2024
Ref Project

Buy Standard

ISO/IEC TS 30105-6:2021 - Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 6: Guidelines on risk management Released:20. 10. 2021ISO/IEC TS 30105-6:2021 - Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 6: Guidelines on risk management Released:20. 10. 2021
PreviousNext
Technical specification
ISO/IEC TS 30105-6:2021 - Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 6: Guidelines on risk management Released:20. 10. 2021
English language
18 pages
sale 15% off
Preview
sale 15% off
Preview
ISO/IEC TS 30105-6:2021 - Information technology -- IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processesISO/IEC TS 30105-6:2021 - Information technology -- IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes
PreviousNext
Technical specification
ISO/IEC TS 30105-6:2021 - Information technology -- IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes
English language
18 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

TECHNICAL ISO/IEC TS
SPECIFICATION 30105-6
First edition
2021-10
Information technology — IT
Enabled Services-Business Process
Outsourcing (ITES-BPO) lifecycle
processes —
Part 6:
Guidelines on risk management
Reference number
ISO/IEC TS 30105-6:2021(E)
© ISO/IEC 2021

---------------------- Page: 1 ----------------------
ISO/IEC TS 30105-6:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
  © ISO/IEC 2021 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC TS 30105-6:2021(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Risk principles . .2
4.1 Outcomes . 2
4.1.1 General . 2
4.1.2 Value creation and protection . 2
4.2 Principles . 2
4.2.1 Integrated risk management . 2
4.2.2 Structured and comprehensive . 3
4.2.3 Customized . 3
4.2.4 Inclusive . 3
4.2.5 Dynamic . 3
4.2.6 Best available information . 3
4.2.7 Human and cultural factors . 4
4.2.8 Continual improvement. 4
5 Risk management framework .4
5.1 General .
...

TECHNICAL ISO/IEC TS
SPECIFICATION 30105-6
First edition
2021-10
Information technology — IT
Enabled Services-Business Process
Outsourcing (ITES-BPO) lifecycle
processes —
Part 6:
Guidelines on risk management
Reference number
ISO/IEC TS 30105-6:2021(E)
© ISO/IEC 2021

---------------------- Page: 1 ----------------------
ISO/IEC TS 30105-6:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
  © ISO/IEC 2021 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC TS 30105-6:2021(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Risk principles . .2
4.1 Outcomes . 2
4.1.1 General . 2
4.1.2 Value creation and protection . 2
4.2 Principles . 2
4.2.1 Integrated risk management . 2
4.2.2 Structured and comprehensive . 3
4.2.3 Customized . 3
4.2.4 Inclusive . 3
4.2.5 Dynamic . 3
4.2.6 Best available information . 3
4.2.7 Human and cultural factors . 4
4.2.8 Continual improvement. 4
5 Risk management framework .4
5.1 General .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 30105-3:2024(Main)
Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 3: Measurement framework (MF) and organization maturity model (OMM)

This document specifies a measurement framework (MF) and an organization maturity model (OMM). It provides the overview of how an organization can use the process reference model (PRM) in ISO/IEC 30105-1 and the process assessment model (PAM) in ISO/IEC 30105-2 to measure their capability and maturity levels. It conforms to the requirements of ISO/IEC 33003 and ISO/IEC 33004 and supports the performance assessment by providing a framework to measure and derive capability and organization maturity levels. This document is intended to be used in concurrence with the other parts of the ISO/IEC 30105 series and the assessment approach provided by ISO/IEC 33002 for assessing processes.

  • Standard
    22 pages
    English language
    sale 15% off
  • Draft
    22 pages
    English language
    sale 15% off
  • Draft
    22 pages
    English language
    sale 15% off
ISO
ISO/IEC 30105-2:2024(Main)
Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 2: Process assessment model (PAM)

This document specifies the process assessment model (PAM). It contains process definitions of the ITES-BPO lifecycle defined in ISO/IEC 30105-1 and a model suitable for assessing process capability. The outcomes in the PAM are clearly defined, observable results, aligned to the business benefits derived by the customer and service provider. A PAM consists of a set of indicators for process performance and process capability. The indicators are used as a basis for collecting the objective evidence that enables an assessor to determine ratings. The set of indicators included in this document is not intended to be an all-inclusive set, nor is it intended to be applicable in its entirety. Supersets and subsets are selected according to the context and the scope of the assessment. The PAM in this document is directed at assessment sponsors and competent assessors who wish to select a model and an associated documented assessment process for the ITES-BPO lifecycle processes, for process capability gap determination.

  • Standard
    135 pages
    English language
    sale 15% off
  • Draft
    136 pages
    English language
    sale 15% off
  • Draft
    136 pages
    English language
    sale 15% off
ISO
ISO/IEC 30105-5:2024(Main)
Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 5: Guidance

This document contains the guidance on supporting maturity improvement for service providers. It specifies the provision of assessment results that are repeatable, objective and comparable within similar contexts, and can be used for either process improvement or process capability gap determination. The framework for the conduct of assessments is designed to support the achievement of dependable assessment results. This document provides guidance on the usage of the core parts of the ISO/IEC 30105 series: ISO/IEC 30105-1, ISO/IEC 30105-2 and ISO/IEC 30105-3. This document also introduces the extended parts of the ISO/IEC 30105 series: ISO/IEC TS 30105-6, ISO/IEC TR 30105-7, ISO/IEC 30105-8 and ISO/IEC TS 30105-9.

  • Standard
    28 pages
    English language
    sale 15% off
  • Draft
    28 pages
    English language
    sale 15% off
  • Draft
    28 pages
    English language
    sale 15% off
ISO
ISO/IEC 30105-1:2024(Main)
Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 1: Process reference model (PRM)

The ISO/IEC 30105 series specifies the lifecycle process requirements performed by the IT enabled business process outsourcing service provider for the outsourced business processes. It defines the processes to plan, establish, implement, operate, monitor, review, maintain and improve its services. This document specifies the process reference model (PRM). It contains process definitions across the lifecycle described in terms of process context, purpose and outcomes, together with a framework defining relationships between the processes. The process purpose details the high-level objective of performing the process such that implementation of the process leads to tangible benefits for stakeholders. The process outcomes are clearly defined by observable results and aligned to the business benefits derived by the customer and service provider. This document: — covers IT enabled business processes that are outsourced; — is not intended to address IT processes, but includes references to them at key touchpoints for completeness; — is applicable to the service provider, not to the customer; — is applicable to all lifecycle processes of ITES-BPO; — serves as a PRM for organizations providing ITES-BPO services.

  • Standard
    29 pages
    English language
    sale 15% off
  • Draft
    29 pages
    English language
    sale 15% off
  • Draft
    29 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 20000-15:2024(Main)
Information technology — Service management — Part 15: Guidance on the application of Agile and DevOps principles in a service management system

This document provides guidance on the relationship between ISO/IEC 20000–1:2018 and two commonly used frameworks, Agile and DevOps. It can be used by any organization or person wishing to understand how Agile and DevOps can be used with ISO/IEC 20000–1, including: a) an organization that has demonstrated or intends to demonstrate conformity to the requirements specified in ISO/IEC 20000–1 and is seeking guidance on the use of Agile or DevOps to establish or improve the SMS and the services; b) an organization that already uses Agile or DevOps and is seeking guidance on how Agile or DevOps can be used to support efforts to demonstrate conformity to the requirements specified in ISO/IEC 20000–1; c) an assessor or auditor who wishes to understand the use of Agile or DevOps as a support for achieving the requirements specified in ISO/IEC 20000–1. Both approaches can be used independently or together. Depending on the context, an organization can deploy Agile frameworks only, DevOps frameworks only, use both Agile and DevOps frameworks in isolation, or use an integrated workflow with combined Agile and DevOps approaches. In any of these situations, this document can be used as guidance for the integration of Agile and DevOps practices in an SMS. The guidance in this document can assist an organization in planning and preparing for a conformity assessment against ISO/IEC 20000-1, noting that an organization can only claim conformity by fulfilling all requirements specified in ISO/IEC 20000-1.

  • Technical specification
    34 pages
    English language
    sale 15% off
  • Draft
    34 pages
    English language
    sale 15% off
  • Draft
    34 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 38508:2024(Main)
Information technology — Governance of IT — Governance implications of the use of a shared digital service platform among ecosystem organizations

This document provides guidance for members of governing bodies of organizations on the effective, efficient and acceptable use of a shared digital service platform among ecosystem organizations by: — establishing a vocabulary for the governance of a shared digital service platform among ecosystem organizations; — providing a framework for understanding the implications of the use of a shared digital service platform among ecosystem organizations; — guiding governing bodies to evaluate, direct and monitor the introduction and use of a digital service platform, applying the governance principles of ISO/IEC 38500; — assuring stakeholders that, if the guidance proposed by this document is followed, they can have confidence in the organization’s use of shared digital service platform among ecosystem organizations. This document also provides guidance to those advising, informing or assisting governing bodies, including: — executive managers; — members of groups monitoring the resources within the organization; — external businesses or technical specialists, such as legal or accounting specialists, retail or industrial associations, or professional bodies; — public authorities and policy makers; — internal and external service providers (including consultants); — auditors.

  • Technical specification
    16 pages
    English language
    sale 15% off
ISO
ISO/IEC 20000-1:2018/Amd 1:2024(Amendment)
Information technology — Service management — Part 1: Service management system requirements — Amendment 1: Climate action changes
  • Standard
    1 page
    English language
    sale 15% off
  • Standard
    1 page
    French language
    sale 15% off
ISO
ISO/IEC 38500:2024(Main)
Information technology — Governance of IT for the organization

This document provides guiding principles for members of governing bodies of organizations and those that support them on the effective, efficient and acceptable use of information technology (IT) within their organizations. This document is applicable to: — the governance of the organization’s current, and future, use of IT; — the governance of IT as a domain of governance of organizations. In terms of audience, this document is applicable to: — all organizations, including public and private companies, government entities, and not-for-profit organizations; — organizations of all sizes, from the smallest to the largest, regardless of the extent of their use of IT.

  • Standard
    21 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 20000-14:2023(Main)
Information technology — Service management — Part 14: Guidance on the application of Service Integration and Management to ISO/IEC 20000-1

This document provides guidance for organizations that are establishing or improving a service management system (SMS) by incorporating a service integrator. The incorporation of a service integrator is aimed at addressing an environment that includes services sourced from multiple service providers. This document specifically focuses on Service Integration and Management (SIAM) in the context of an SMS. The intended users of this document include: — organizations that need to manage multiple service providers within a new or existing SMS according to SIAM; and — consultants and advisors that support an organization during SMS implementation or improvement, where a SIAM approach is being adopted. NOTE 1 This document is applicable for organizations implementing SIAM in conjunction with SMS. It does not limit organizations or individuals from implementing any other management and governance model for managing multivendor environments along with SMS. This document is not applicable to organizations that have only one service provider. NOTE 2 In SIAM, the term "supplier" is not used. Internal and external suppliers are both referred to as “service providers”. See 4.2 for further comparison of terminology.

  • Technical specification
    30 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 30105-9:2023(Main)
Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 9: Guidelines on extending process capability assessment for digital transformation

This document specifies the essentials of digital transformations and illustrates the key drivers for enhancing the digital transformation capabilities of the organization, while taking account of different stakeholders’ interests. It describes elements that ITES-BPO organizations can include specifically for digital transformation when implementing the lifecycle processes in the ISO/IEC 30105 series, and which can assist the organization in achieving their desired process capability levels, hereafter "maturity levels", as defined by the stakeholders. It provides guidance on process capability assessment for digital transformation for ITES-BPO organizations. Additionally, this document: — covers IT enabled business processes that are outsourced; — is not intended to address the maturity and capability of the IT processes that support ITES-BPO, but identifies the IT capabilities needed to support the achievement of specific ITES-BPO capabilities; — is applicable to the service provider, not to the customer; — is applicable to all lifecycle processes of ITES-BPO; — provides guidelines to supplement the ISO/IEC 30105-2 process assessment model, enabling assessment of process capability of ITES-BPO organizations undergoing digital transformation.

  • Technical specification
    20 pages
    English language
    sale 15% off